Hacked BitcoinTalk.org Forum Database Goes for Sale on Dark Web

[superiorus]

Read the news here: https://www.hackread.com/hacked-bitcointalk-forum-database-on-dark-web/

[achow101]

Read the news here: https://www.hackread.com/hacked-bitcointalk-forum-database-on-dark-web/

The article is inaccurate, and we already knew that this database was floating around somewhere. That's why it was advised to change your email after the site recovered and Theymos sent out a mass mail informing people to do so.

Furthermore, this quote

The database file has 514,408 accounts, each account has a username, email address, personal text number, gender, date of birth, website title and URL, location and password.

is misleading. All of that except for password and email address are optional, can be anything, and are publicly viewable on the forum already. The only thing to note here is the password and email address, if the email address was private and a legitimate email address (as many are not). There also isn't a "personal text number". The personal text is the little bit of text you can set under your avatar. It isn't a phone number.

[tmfp]

We are pleased to announce that only 44,869 (9%) of users on Bitcointalk.org used MD5 hashing with a unique salt for passwords. Of those, we have cracked 30,389 or 68%. The remaining 91% of user passwords were hashed with "sha256crypt" and it would take us about a year to crack an estimated 60-70% of them. This method of password storage is far superior to nearly every website we've seen thus far.

https://www.leakedsource.com/blog/bitcointalkbtce


And from the same article, off topic but interesting re: the Btc-e hack of 2014

Btc-E.com had 568,355 users hacked in October of 2014. Btc-E.com data contains usernames, emails, passwords, ip addresses, register dates, languages and some internal data such as how many coins the user had.
They used some unknown password hashing method which currently makes their passwords completely uncrackable although that may change. 

[Quickseller]

The hacked forum DB (more specifically the member's table) has apparently been for sale for a long time now, and has apparently been sold a couple of times as well. A few people have wrecked a decent amount of havoc by both trolling and scamming smallish amounts using information from the hacked DB.

[awesome31312]

I saw the listing as it went live, and they were incredibly cheap accounts too. I'm very scared for my account

Change your passwords everyone.

[The Sceptical Chymist]

I saw the listing as it went live, and they were incredibly cheap accounts too. I'm very scared for my account

Change your passwords everyone.

Well you should not have to worry if you change your password, right?  I just changed mine now. 

I don't think that if I got hacked, they could do much with my account.  It's the green-trusted hero and legendary members who have to watch out.

[awesome31312]

I saw the listing as it went live, and they were incredibly cheap accounts too. I'm very scared for my account

Change your passwords everyone.

Well you should not have to worry if you change your password, right?  I just changed mine now. 

I don't think that if I got hacked, they could do much with my account.  It's the green-trusted hero and legendary members who have to watch out.

They could also be either farmed accounts or really old inactive accounts that were part of the early hacks, who didn't change their passwords when the database was compromised. We should be good since Theymos hasn't issued any serious warnings about it (yet).

[Sundark]

Can we get a confirmation from the staff that forum was not hacked again today?
It is mildly unsettling seeing that old leaked database appeared just now. There is no connection between today's DDoS and that hacked database??

[BitHodler]

I think the guys selling the data base are using the current DDOS attack as a cheap way to get people to think bitcointalk is hacked again, to get more interest in the older data base they have been selling several times already.

[criptix]

The hacked forum DB (more specifically the member's table) has apparently been for sale for a long time now, and has apparently been sold a couple of times as well. A few people have wrecked a decent amount of havoc by both trolling and scamming smallish amounts using information from the hacked DB.

This.

If i remember correct there were offers to sell the db dump just 1 or 2 weeks after the hack.

[icanscript]

I'm guessing staff have already bought this to check what was sold on.

But I think BitHodler was correct and that is the real story.

I think the guys selling the data base are using the current DDOS attack as a cheap way to get people to think bitcointalk is hacked again, to get more interest in the older data base they have been selling several times already.