BitcoinTalk server was compromised

[BitCoinDream]

As some of you already know, BitcoinTalk server was compromised through Social Engineering and the attacker got access to the DataBase, partially or completely. The most dangerous part of the incident is that the DataBase dump is available in the public domain. If you are intersted in the details of the attack, check the post by the BitcoinTalk admin: https://bitcointalk.org/index.php?topic=1067985.0.


As an immediate measure, it is highly recommended to...

1. Change your password.

2. Not to have trade with a trusted forum member without verifying his identity.


We have already noticed that a few old accounts have suddenly become active in the forum.

[Fernandez]

Not to have trade with a trusted forum member without verifying his identity.

This always applies, and goes for any escrow too. They should always give a signed message.

[thebitcoinquiz.com]

The most dangerous part of the incident is that the DataBase dump is available in the public domain.

In the public domain? But where?
I failed to fined any such database dump(or a mention that the dump is available to everyone).  The link you provided also doesn't talk of the dump being available in public? Would you like to throw some more light upon it?

[vennali]

The most dangerous part of the incident is that the DataBase dump is available in the public domain.

In the public domain? But where?
I failed to fined any such database dump(or a mention that the dump is available to everyone).  The link you provided also doesn't talk of the dump being available in public? Would you like to throw some more light upon it?

I don't think the data was dumped out in the public, theymost only said "He then proceeded to try to acquire a dump of the forum's database before I noticed this at around 1:08 and shut down the server" 

[pandher]

Compromises have become a joke now, get that millionaire board up already

[Rotten Egg]

The most dangerous part of the incident is that the DataBase dump is available in the public domain.

In the public domain? But where?
I failed to fined any such database dump(or a mention that the dump is available to everyone).  The link you provided also doesn't talk of the dump being available in public? Would you like to throw some more light upon it?

I don't think the data was dumped out in the public, theymost only said "He then proceeded to try to acquire a dump of the forum's database before I noticed this at around 1:08 and shut down the server" 

Nopes. It seems that the data is out in the public: http://satoshibox.com/5568fdd512fb6d98558b462d

And we are already witnessing adverse effects of that...

Example 1: https://bitcointalk.org/index.php?topic=1074180.0

Example 2: https://bitcointalk.org/index.php?topic=1074232.0

[escrow.ms]

Nopes. It seems that the data is out in the public: http://satoshibox.com/5568fdd512fb6d98558b462d

If you seriously believe that it's the real dump not a fake file, please pay 0.2 BTC and download it then spread links here and there.
It's a fake file which is being used by some new scamming accounts.

[Rotten Egg]

Nopes. It seems that the data is out in the public: http://satoshibox.com/5568fdd512fb6d98558b462d

If you seriously believe that it's the real dump not a fake file, please pay 0.2 BTC and download it then spread links here and there.
It's a fake file which is being used by some new scamming accounts.

I have nothing to do with the forum database. So, I'm not going to waste around Rs. 2965. But, if it is fake, how the account hacks are happening ? Few old accounts like Mt. Gox support got active in the forum recently after almost 2 years of non-activity.

[escrow.ms]

I have nothing to do with the forum database. So, I'm not going to waste around Rs. 2965. But, if it is fake, how the account hacks are happening ? Few old accounts like Mt. Gox support got active in the forum recently after almost 2 years of non-activity.

Those account were not related to recent database hack, you can check both threads. As for Activity they might came back here to change passwords as theymos did mass mailing to warn all users about hacking. But it's possible that some accounts will get hacked or got hacked.

[maheshmahi]

Theymos has already warned all of them.
But the group "the hole seekers" who hacked bitcointalk tweeted that they will not gonna stop this.

[Amitabh S]

https://www.cryptocoinsnews.com/bitcoin-mining-figure-joshua-zipkin-responsible-bitcointalk-hack/

"Is Bitcoin Mining Figure Joshua Zipkin Responsible for the Bitcointalk Hack?"

The circumstantial evidence presented is very strong that he is responsible for the attack.

Probably he hired someone.