digit (OP)
Legendary
 Offline
Activity: 1672
Merit: 1010
|
 |
March 22, 2016, 09:23:59 PM |
|
So whats going here?  https://bitcointalk.org/index.php?action=who someone is mass requesting password reminders over the last hour? Is any steps being taken to block this person and compromised accounts? |
|
|
|
|
|
|
|
|
|
|
|
Advertised sites are not endorsed by the Bitcoin Forum. They may be unsafe, untrustworthy, or illegal in your jurisdiction.
|
|
|
|
|
--Encrypted--
Copper Member
Legendary
Offline
Activity: 924
Merit: 1007
hee-ho.
|
|
March 22, 2016, 09:26:03 PM |
|
probably just some guy hoping that the password reset emails will get to the email accounts that they created. some users use invalid email accounts that can be created easily (@gmail, @yahoo, etc)
|
|
|
|
|
shorena
Copper Member
Legendary
Offline
Activity: 1498
Merit: 1499
No I dont escrow anymore.
|
|
March 22, 2016, 09:29:25 PM |
|
Looks like a brute-force attack. Maybe theymos did not limit the number of requests.
|
Im not really here, its just your imagination.
|
|
|
SebastianJu
Legendary
Offline
Activity: 2674
Merit: 1082
Legendary Escrow Service - Tip Jar in Profile
|
|
March 22, 2016, 09:57:06 PM |
|
I was told reporting such post like the OP wrote is the fastest way to inform moderators and staff. I mentioned what it is about.
It might be that ip-bans doesn't work here. I know that hackers mostly would use a big list of free proxies or such to achieve such tasks.
|
Please ALWAYS contact me through bitcointalk pm before sending someone coins.
|
|
|
n691309
Legendary
Offline
Activity: 1526
Merit: 1001
|
|
March 22, 2016, 10:03:53 PM |
|
It's not the first time, i have seen this many time in the past (past months) maybe it's a brute force, I doubt users requests so often to reset their password.
|
|
|
|
|
Cyrus
Ninja
Administrator
Legendary
 Online
Activity: 3766
Merit: 2949
|
|
March 22, 2016, 10:35:52 PM |
|
I've informed theymos about it.
|
|
|
|
|
|
FruitsBasket
Legendary
Offline
Activity: 1232
Merit: 1017
|
|
March 22, 2016, 10:51:14 PM |
|
That is a partly solution, because the could pay a captcha service to solve these captcha's automatically. |
fck@dt-alwayzz_newbz
|
|
|
|
Freddynic159
|
|
March 22, 2016, 10:59:11 PM |
|
That is a partly solution, because the could pay a captcha service to solve these captcha's automatically. Yes, but they could already be doing business even without need to offer a service to complete captchas. |
|
|
|
|
Zeke2345
Member
Offline
Activity: 98
Merit: 10
★YoBit.Net★ 350+ Coins Exchange & Dice
|
|
March 22, 2016, 11:06:02 PM |
|
This kind of stuff would make me really nervous if I was doing a lot of business here. Almost thinking about changing my password more often but I see there are drawbacks to that as well. Good thing they do not know my grandmas dogs name of his favorite sex toy or I would have been hacked by now.  |
|
|
|
SebastianJu
Legendary
Offline
Activity: 2674
Merit: 1082
Legendary Escrow Service - Tip Jar in Profile
|
|
March 23, 2016, 01:14:16 AM |
|
Thanks Cyrus...
I think it will be hard to block this. This is obviously done by a script or bot so anything that could be done to prevent that can be circumvented. Captcha, IP, Timeouts... a bot does not need to care.
The only thing that is stupid by the hacker is that he is noticeable. Though even then, what could theymos do? Block account access? The hacker already got access by owning or accessing the account email. Don't know how this could be dealt with.
Besides that... I fear it is effective. I always wondered why it happens so often that accounts get hacked. Phising sites are rather seldom though maybe this attempt here works better.
|
Please ALWAYS contact me through bitcointalk pm before sending someone coins.
|
|
|
theymos
Administrator
Legendary
Offline
Activity: 5194
Merit: 12972
|
|
March 23, 2016, 03:39:28 AM |
|
It looks like he was trying to spam a bunch of people. Annoying. There was already a rate limit per IP, but he was using multiple IPs. I added a CAPTCHA to that page. I also invalidated all of the reset codes that were generated just to be safe.
There wasn't any burst of actually-reset accounts. I don't see any possible security problems here. In particular, I long ago strengthened the way that reset codes are generated. It's not possible for attackers to guess or brute-force reset codes.
|
1NXYoJ5xU91Jp83XfVMHwwTUyZFK64BoAD
|
|
|
digit (OP)
Legendary
Offline
Activity: 1672
Merit: 1010
|
|
March 23, 2016, 03:56:25 AM |
|
It looks like he was trying to spam a bunch of people. Annoying. There was already a rate limit per IP, but he was using multiple IPs. I added a CAPTCHA to that page. I also invalidated all of the reset codes that were generated just to be safe.
There wasn't any burst of actually-reset accounts. I don't see any possible security problems here. In particular, I long ago strengthened the way that reset codes are generated. It's not possible for attackers to guess or brute-force reset codes.
thanks, good to know forum is secure, it was random i happened to look at that page earlier and saw all that and had me wondering what the hell was happening  |
|
|
|
|
