btcfaucet (OP)
Full Member
 Offline
Activity: 166
Merit: 100
Bitcoin Faucet
|
 |
October 04, 2012, 03:35:17 PM |
|
I wish I had read the post about bitmarket.eu before I started selling there. I've seen people bringing up the same problems a year ago and apparently the situation is still the same.
Incredibly annoying.
|
|
|
|
|
|
hamdi
|
|
October 05, 2012, 01:38:38 AM |
|
could you point out which problems?
i read this forum a lot, but seems i missed out on this
|
|
|
|
|
|
monstrs
|
|
October 05, 2012, 11:15:53 AM |
|
i had some problems with bitmarket. Mostly scm buyers. But today apparently i got cracked account. No answer from admin till that. Lost more than 3 btc. Cant think what to do.
|
|
|
|
|
|
monstrs
|
|
October 05, 2012, 11:20:43 AM |
|
can anybody know thread or admin for bitmarket here in bitcoin talk?
|
|
|
|
|
|
monstrs
|
|
October 05, 2012, 11:49:32 AM |
|
bitmarket admin has answered me even today, but not after this situation. I just cant understand if it was done from my pc, or someone just cracked my account.
|
|
|
|
|
|
teknohog
|
|
October 05, 2012, 12:05:08 PM |
|
I lost 1 BTC today from Bitmarket.eu. Somebody had changed the withdrawal address. There should be an email confirmation for the change of address, so it was something deeper than simply getting my password.
So far I have good experience from Bitmarket, they have always replied to my issues. But this does not look good.
|
|
|
|
|
monstrs
|
|
October 05, 2012, 12:26:29 PM |
|
did you lost exact 1btc? My account has been cleaned emty.
|
|
|
|
|
|
teknohog
|
|
October 05, 2012, 01:01:23 PM |
|
did you lost exact 1btc? My account has been cleaned emty.
Yes, well, I only had 1 BTC there. The thief even left the withdrawal address: 1GRBm7iQMGsgWjHPSTcGBMTzQwhTWyPZMh It looks a bit odd, because the attack was done somehow "from the inside" (because of the email confirmation that would have happened normally), but they did not manage to cancel a pending transaction. Leaving the withdrawal address is also a little amateurish, though it does not really help me. On the plus side, this is why I only keep a minimum of BTC available on such exchanges at a time. |
|
|
|
|
monstrs
|
|
October 05, 2012, 01:41:06 PM |
|
Did admin answered you recently? Your case seems very odd.
|
|
|
|
|
|
teknohog
|
|
October 05, 2012, 05:35:26 PM |
|
Did admin answered you recently? Your case seems very odd.
No, it's been several hours since my email now. I would also expect some general notice, given that there have been multiple victims on the same day. |
|
|
|
|
monstrs
|
|
October 05, 2012, 05:48:58 PM |
|
Is there any bitmarket admin in this forum?
|
|
|
|
|
|
monstrs
|
|
October 06, 2012, 08:16:12 AM |
|
still no answer from admins  Long friday night?  |
|
|
|
|
|
M4v3R
|
|
October 06, 2012, 01:53:58 PM |
|
Hello,
I am aware of the issue, and will respond to affected people briefly. It seems that someone took one of dumped password list from recent leaks from Yahoo, LinkedIn and others and compromised several Bitmarket accounts that reused these passwords. I'll get back to you when I have more information.
Edit: Withdrawals are processed manually until we're sure that everyone's funds are safe.
|
|
|
|
|
kthxbye
Newbie
Offline
Activity: 2
Merit: 0
|
|
October 06, 2012, 01:57:13 PM |
|
I have only good experiences with Bitmarket.eu, but am getting a bit more hesitant to use it after reading this. I've completed > 5 transactions with no problems whatsoever!
|
|
|
|
|
|
monstrs
|
|
October 06, 2012, 04:40:10 PM |
|
Hello,
I am aware of the issue, and will respond to affected people briefly. It seems that someone took one of dumped password list from recent leaks from Yahoo, LinkedIn and others and compromised several Bitmarket accounts that reused these passwords. I'll get back to you when I have more information.
Edit: Withdrawals are processed manually until we're sure that everyone's funds are safe.
So There must be some chance to get coins back? details about my transaction sent to your pm I did not confirmed any of this transaction, nor do i have placed offer. The damn crack has even changed my country and putted away donation to get every last coin i had in that moment. Please update us with information. Also it would be great if there was oficial bitmarket thread. |
|
|
|
|
|
M4v3R
|
|
October 06, 2012, 06:59:32 PM |
|
The attacker used TOR (anonymous) network, so even though I have the IPs, their not traceable. Only a few users were affected, since most people have unique passwords for their accounts.
Unfortunately there isn't a way to get the coins back, because attacker managed to withdraw them before I was notified about this. The withdrawal lock is in place to secure any further frauds, because I have no way to know if anyone's else account is compromised. I could force a password reset on everyone, but that would be highly annoying to everyone that have good password practices.
|
|
|
|
|
|
monstrs
|
|
October 07, 2012, 05:17:38 AM |
|
The attacker used TOR (anonymous) network, so even though I have the IPs, their not traceable. Only a few users were affected, since most people have unique passwords for their accounts.
Unfortunately there isn't a way to get the coins back, because attacker managed to withdraw them before I was notified about this. The withdrawal lock is in place to secure any further frauds, because I have no way to know if anyone's else account is compromised. I could force a password reset on everyone, but that would be highly annoying to everyone that have good password practices.
So what you are saying, that it can happen any time, and you can do nothing? How we can trust the service? |
|
|
|
|
|
M4v3R
|
|
October 07, 2012, 05:34:30 AM |
|
It can happen only if Bitmarket user re-uses his password on different sites, and those sites get compromised. Recently there were few big leaks - LinkedIn, Last.fm, Yahoo all got hacked and there were few million username/password pairs floating on the Internet.
You can trust the service, but you have to play secure - use a strong (random, long), unique (not used elsewhere) password. Then it's not possible for anyone to crack your account.
These rules do not apply only to BitMarket.eu. If you used this password on another site, there's a possibility that you will get hacked on other services. So please change it not only here, but everywhere you used it.
|
|
|
|
|
|
monstrs
|
|
October 07, 2012, 11:09:34 AM |
|
It can happen only if Bitmarket user re-uses his password on different sites, and those sites get compromised. Recently there were few big leaks - LinkedIn, Last.fm, Yahoo all got hacked and there were few million username/password pairs floating on the Internet.
You can trust the service, but you have to play secure - use a strong (random, long), unique (not used elsewhere) password. Then it's not possible for anyone to crack your account.
These rules do not apply only to BitMarket.eu. If you used this password on another site, there's a possibility that you will get hacked on other services. So please change it not only here, but everywhere you used it.
ok, i understand. Another thing, what i noticed today. Why i cant see anything in bitmarket/funds page, it just opens emty? Is it safe to send BTC to bitmarket walet? |
|
|
|
|
|
teknohog
|
|
October 07, 2012, 02:35:51 PM |
|
Just to clarify one thing: there was no email confirmation for the change of withdrawal address, because I had left it empty. This is apparently a feature -- people are expected to enter one initially, when they register. (Some exchanges force you to enter one upon registration, it might be a good policy to adopt here as well.) Anyway, if your withdrawal address is empty, do enter one now.
|
|
|
|
|
