Bitcoin Forum
August 19, 2019, 06:05:58 PM *
News: Latest Bitcoin Core release: 0.18.0 [Torrent] (New!)
 
   Home   Help Search Login Register More  
Pages: [1]
  Print  
Author Topic: mass password reminder requests occuring right now  (Read 623 times)
digit
Legendary
*
Offline Offline

Activity: 1643
Merit: 1006



View Profile
March 22, 2016, 09:23:59 PM
 #1

So whats going here? Shocked

https://bitcointalk.org/index.php?action=who



someone is mass requesting password reminders over the last hour?  Is any steps being taken to block this person and compromised accounts?

BTC:1DigitwteXwFcRAaWpVDRp6eKqzC6y9tgm ■ ŁTC:LKMcEHoFWHAUoRscqW1cwjhLgFrk7MgCWU ■ BLK:BR4WG59FjQYiQNVR3Ftn9EYgs4kJE1YLUK ■
1566237958
Hero Member
*
Offline Offline

Posts: 1566237958

View Profile Personal Message (Offline)

Ignore
1566237958
Reply with quote  #2

1566237958
Report to moderator
Advertised sites are not endorsed by the Bitcoin Forum. They may be unsafe, untrustworthy, or illegal in your jurisdiction. Advertise here.
1566237958
Hero Member
*
Offline Offline

Posts: 1566237958

View Profile Personal Message (Offline)

Ignore
1566237958
Reply with quote  #2

1566237958
Report to moderator
1566237958
Hero Member
*
Offline Offline

Posts: 1566237958

View Profile Personal Message (Offline)

Ignore
1566237958
Reply with quote  #2

1566237958
Report to moderator
--Encrypted--
Copper Member
Legendary
*
Offline Offline

Activity: 924
Merit: 1003

hee-ho.


View Profile
March 22, 2016, 09:26:03 PM
 #2

probably just some guy hoping that the password reset emails will get to the email accounts that they created. some users use invalid email accounts that can be created easily (@gmail, @yahoo, etc)

"You cannot now believe that you will ever feel better. But this is not true. You are sure to be happy again. Knowing this, truly believing it will make you less miserable now."
- Abraham Lincoln #GettingOverIt
shorena
Copper Member
Legendary
*
Offline Offline

Activity: 1484
Merit: 1319


No I dont escrow anymore.


View Profile WWW
March 22, 2016, 09:29:25 PM
 #3

Looks like a brute-force attack. Maybe theymos did not limit the number of requests.
SebastianJu
Legendary
*
Offline Offline

Activity: 2422
Merit: 1042


Legendary Escrow Service - Tip Jar in Profile


View Profile WWW
March 22, 2016, 09:57:06 PM
 #4

I was told reporting such post like the OP wrote is the fastest way to inform moderators and staff. I mentioned what it is about.

It might be that ip-bans doesn't work here. I know that hackers mostly would use a big list of free proxies or such to achieve such tasks.

Please ALWAYS contact me through bitcointalk pm before sending someone coins.
n691309
Legendary
*
Offline Offline

Activity: 1540
Merit: 1001



View Profile
March 22, 2016, 10:03:53 PM
 #5

It's not the first time, i have seen this many time in the past (past months) maybe it's a brute force, I doubt users requests so often to reset their password.
Cyrus
Ninja
Administrator
Legendary
*
Online Online

Activity: 2338
Merit: 1123



View Profile
March 22, 2016, 10:35:52 PM
 #6

I've informed theymos about it.

Freddynic159
Sr. Member
****
Offline Offline

Activity: 252
Merit: 250



View Profile
March 22, 2016, 10:49:01 PM
 #7

One solution would be to place a captcha on the form of password reminder to stop the massive requests.
FruitsBasket
Legendary
*
Offline Offline

Activity: 1078
Merit: 1003


View Profile
March 22, 2016, 10:51:14 PM
 #8

One solution would be to place a captcha on the form of password reminder to stop the massive requests.
That is a partly solution, because the could pay a captcha service to solve these captcha's automatically.
Freddynic159
Sr. Member
****
Offline Offline

Activity: 252
Merit: 250



View Profile
March 22, 2016, 10:59:11 PM
 #9

One solution would be to place a captcha on the form of password reminder to stop the massive requests.
That is a partly solution, because the could pay a captcha service to solve these captcha's automatically.

Yes, but they could already be doing business even without need to offer a service to complete captchas.
Zeke2345
Member
**
Offline Offline

Activity: 98
Merit: 10

★YoBit.Net★ 350+ Coins Exchange & Dice


View Profile
March 22, 2016, 11:06:02 PM
 #10

This kind of stuff would make me really nervous if I was doing a lot of business here.
Almost thinking about changing my password more often but I see there are drawbacks to that as well.
Good thing they do not know my grandmas dogs name of his favorite sex toy or I would have been hacked by now. Lips sealed

██████████    YoBit.net - Cryptocurrency Exchange - Over 350 coins
█████████    <<  ● $$$ - $$$ - $$$ - $$$ - $$$ - $$$ - $$$   >>
██████████    <<  ● Play DICE! Win 1-5 btc just for 5 mins!  >>
SebastianJu
Legendary
*
Offline Offline

Activity: 2422
Merit: 1042


Legendary Escrow Service - Tip Jar in Profile


View Profile WWW
March 23, 2016, 01:14:16 AM
 #11

Thanks Cyrus...

I think it will be hard to block this. This is obviously done by a script or bot so anything that could be done to prevent that can be circumvented. Captcha, IP, Timeouts... a bot does not need to care.

The only thing that is stupid by the hacker is that he is noticeable. Though even then, what could theymos do? Block account access? The hacker already got access by owning or accessing the account email. Don't know how this could be dealt with.

Besides that... I fear it is effective. I always wondered why it happens so often that accounts get hacked. Phising sites are rather seldom though maybe this attempt here works better.

Please ALWAYS contact me through bitcointalk pm before sending someone coins.
theymos
Administrator
Legendary
*
Offline Offline

Activity: 3486
Merit: 6042


View Profile
March 23, 2016, 03:39:28 AM
 #12

It looks like he was trying to spam a bunch of people. Annoying. There was already a rate limit per IP, but he was using multiple IPs. I added a CAPTCHA to that page. I also invalidated all of the reset codes that were generated just to be safe.

There wasn't any burst of actually-reset accounts. I don't see any possible security problems here. In particular, I long ago strengthened the way that reset codes are generated. It's not possible for attackers to guess or brute-force reset codes.

1NXYoJ5xU91Jp83XfVMHwwTUyZFK64BoAD
digit
Legendary
*
Offline Offline

Activity: 1643
Merit: 1006



View Profile
March 23, 2016, 03:56:25 AM
 #13

It looks like he was trying to spam a bunch of people. Annoying. There was already a rate limit per IP, but he was using multiple IPs. I added a CAPTCHA to that page. I also invalidated all of the reset codes that were generated just to be safe.

There wasn't any burst of actually-reset accounts. I don't see any possible security problems here. In particular, I long ago strengthened the way that reset codes are generated. It's not possible for attackers to guess or brute-force reset codes.

thanks, good to know forum is secure, it was random i happened to look at that page earlier and saw all that and had me wondering what the hell was happening Cheesy


BTC:1DigitwteXwFcRAaWpVDRp6eKqzC6y9tgm ■ ŁTC:LKMcEHoFWHAUoRscqW1cwjhLgFrk7MgCWU ■ BLK:BR4WG59FjQYiQNVR3Ftn9EYgs4kJE1YLUK ■
Pages: [1]
  Print  
 
Jump to:  

Sponsored by , a Bitcoin-accepting VPN.
Powered by MySQL Powered by PHP Powered by SMF 1.1.19 | SMF © 2006-2009, Simple Machines Valid XHTML 1.0! Valid CSS!