Bitcoin Forum
October 17, 2017, 07:03:13 PM *
News: Latest stable version of Bitcoin Core: 0.15.0.1  [Torrent]. (New!)
 
   Home   Help Search Donate Login Register  
Pages: [1]
  Print  
Author Topic: Strange mass F2pool pool address change request  (Read 568 times)
anonymousx
Full Member
***
Offline Offline

Activity: 238


View Profile
December 01, 2015, 10:56:49 PM
 #1

If you didn't notice, two of my email accounts and a friend of mine also received payout address change on F2pool mining pool, keep in mind that one of the accounts I didn't use and have 0 balance.

each payout address was different, I wouldn't share the ones I got just yet, I accepted the change just to see the payout addresses than I reverted back to mine and changed account password.

Here is my security measures:
Keystrokes encrypted - works on some keyloggers
Passwords encrypted in Lastpass
Unique username and passwords for the account I don't use
Avast AV
SpyShelter
I don't download crap and if I do I use isolated VM
I am so paranoid that I have F2A enabled on every possible account that supports it.

How someone was able to get into F2pool even the account I never used for mining which have 0 balance and change my address and my friend as well who lives 5 countries away.

Did you get the change request too?

If so start changing your passwords if you use the same at F2pool, I suspect someone have F2pool DB.
Advertised sites are not endorsed by the Bitcoin Forum. They may be unsafe, untrustworthy, or illegal in your jurisdiction. Advertise here.
1508266993
Hero Member
*
Offline Offline

Posts: 1508266993

View Profile Personal Message (Offline)

Ignore
1508266993
Reply with quote  #2

1508266993
Report to moderator
anonymousx
Full Member
***
Offline Offline

Activity: 238


View Profile
December 01, 2015, 11:43:03 PM
 #2

UPDATE:
we are both in https://www.longtermpaying.com/ I used my emails there aswell, it's the only site.
I guess he tested my password and email on F2pool and succeed.

Site closed and users got stolen and now he is hacking their accounts, on which forum should I warn users to change their passwords?
Quickseller
Legendary
*
Offline Offline

Activity: 1190

#PathOfTotality


View Profile WWW
December 02, 2015, 04:01:36 AM
 #3

It is generally (always) a good idea to not reuse passwords across multiple sites, especially if you are using the same email/username as well. There are a number of instances in which sites have been hacked and the DB containing the (either hashed or plaintext) passwords have been leaked, plus there is the risk that the owner (or other insider) is acting maliciously and will attempt to hack your accounts at other sites.

anonymousx
Full Member
***
Offline Offline

Activity: 238


View Profile
December 02, 2015, 08:45:10 PM
 #4

It is generally (always) a good idea to not reuse passwords across multiple sites, especially if you are using the same email/username as well. There are a number of instances in which sites have been hacked and the DB containing the (either hashed or plaintext) passwords have been leaked, plus there is the risk that the owner (or other insider) is acting maliciously and will attempt to hack your accounts at other sites.

Thanks for advice, I took it lightly before by being lazy, but that's the only weak thing I had, my other sites and emails are F2A and different passwords.
Pages: [1]
  Print  
 
Jump to:  

Sponsored by , a Bitcoin-accepting VPN.
Powered by MySQL Powered by PHP Powered by SMF 1.1.19 | SMF © 2006-2009, Simple Machines Valid XHTML 1.0! Valid CSS!