Bitcoin Forum
December 14, 2024, 07:40:50 AM *
News: Latest Bitcoin Core release: 28.0 [Torrent]
 
   Home   Help Search Login Register More  
Pages: [1]
  Print  
Author Topic: Account Recently Compromised  (Read 919 times)
jeffthebaker (OP)
Legendary
*
Offline Offline

Activity: 1526
Merit: 1034


View Profile
January 01, 2017, 11:24:24 PM
 #1

The other day, someone appears to have gained access to my account. I had been recently inactive on the forums, and only found out after being sent an email notification for a PM conversation I did not take part in. Luckily- not much damage was done. My account was used to shill for Yobit and a couple of shitcoins. I've deleted the posts, changed my password, and implemented a security question. What others steps can I take to make sure no harm has come of this? Is there any way to check for deleted outboxes/inboxes? My address was never staked in the official thread but I've posted it numerous times throughout the year, should I sign a message and publish it somewhere so it is known the account is still safe?

On a similar note, several of my Bitcoin related accounts have been accessed or attempted to be accessed by a malicious third party over the last several months. My Yobit and Poloniex accounts were accessed, but thankfully no harm came of it (bless email confirmations on withdrawals). I did, however, have .15~ stolen from my Nitrogensports account. Other accounts which I have not touched in years, such as my coinurl account, have also been accessed. In addition, my League of Legends account (on a different username/email but same password) was compromised, as was my Spotify account. Is it likely these malicious attacks were acted upon in conjunction with one another, or coincidental? The busted password (I now use a beefier one) was a random string of 10 letters/numbers, which doesn't seem too insecure to me. Currently in the process of getting my Spotify account recovered, and I fear that some day something important of mine could be compromised. What cyber security steps should I be taking to further ensure my security?

Also, sorry if some poor sap bought my account from a thief, that's a huge price to pay.

Thank you!
Bytecoiner419
Hero Member
*****
Offline Offline

Activity: 638
Merit: 516


I ❤ the bitcoin community


View Profile WWW
January 02, 2017, 01:46:17 AM
 #2

With all that stuff taken, i think you have a keylogger sending all your info to someone.

Clean computer and dont do bitcoin related stuff on it anymore.

I would get a new computer.

▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄
🏆BitcoinsBest.Com🏆 👉 Buy Ad Space, LIVE BTC Casino & Crypto Articles 🌟
jeffthebaker (OP)
Legendary
*
Offline Offline

Activity: 1526
Merit: 1034


View Profile
January 02, 2017, 02:28:18 AM
 #3

With all that stuff taken, i think you have a keylogger sending all your info to someone.

Clean computer and dont do bitcoin related stuff on it anymore.

I would get a new computer.

I thought that might be the issue at first but that doesn't explain why some things were/weren't hacked. I've logged into my Bitcoin wallet and bank account and neither have been touched. At the same time I hadn't logged in to coinurl for years and hadn't logged into league for a few months. My Spotify account was only logged in to on my phone. Part of this took place while I was at University, where I was on a laptop rather than my desktop. My trading accounts were saved because withdrawals didn't go through due to them not confirming it via email, why would they not access my email accounts as well?

Like they've stolen $100 or so from me but haven't touched the thousands I have lying around, doesn't make sense. Is there another possible explanation?
Mastsetad
Sr. Member
****
Offline Offline

Activity: 672
Merit: 250



View Profile
January 02, 2017, 07:29:54 AM
 #4

Maybe you have used the same password for multiple websites and someone has got your email and tried the combination anywhere possible and that is why they could access some of your accounts? Are you using the same password in multiple places? If yes, then keep different passwords for different accounts in different websites or services, if you are afraid of forgetting them then just note them down somewhere in case you forget one.
Velkro
Legendary
*
Offline Offline

Activity: 2296
Merit: 1014



View Profile
January 02, 2017, 11:09:33 AM
 #5

Maybe you have used the same password for multiple websites
This one, your email could be compromised. Im betting on keylogger tho.
Its so easy to get targeted if you are involved in bitcoin. Many people want you to try/install some stuff Wink, dont fall for that.
0x0010
Member
**
Offline Offline

Activity: 112
Merit: 10

female ;)


View Profile WWW
January 02, 2017, 11:15:37 AM
 #6

I can almost guarantee it's not a keylogger. Leaked databases most likely.

I was able to find a btc-e email: huIim**z***29@*****.*** which led to z****a***am@*****.***

The second email led to an MPGH entry with the PW: po**7*** & a few other databases.

I assume they were able to connect the dots and login to other accounts by seeing what you joined by checking your recent posts.

Can't confirm this is what happened, but eh it's a possibility.

keybase.io/0x0010
beerlover
Legendary
*
Offline Offline

Activity: 3094
Merit: 1191



View Profile
January 02, 2017, 07:06:44 PM
 #7

With all that stuff taken, i think you have a keylogger sending all your info to someone.

Clean computer and dont do bitcoin related stuff on it anymore.

I would get a new computer.
New computer just for keylogger ? Just formatting hard drives and reinstalling the OS is more than enough. Still not sure about OP's problem is due to keylogger. Anyway reinstalling the OS and running latest updated antivirus are recommended to OP.

.
.DuelbitsSPORTS.
▄▄▄███████▄▄▄
▄▄█████████████████▄▄
▄██████████████████████▄
██████████████████████████
███████████████████████████
██████████████████████████████
██████████████████████████████
█████████████████████████████
███████████████████████████
█████████████████████████
▀████████████████████████
▀▀███████████████████
██████████████████████████████
██
██
██
██

██
██
██
██

██
██
██
████████▄▄▄▄██▄▄▄██
███▄█▀▄▄▀███▄█████
█████████████▀▀▀██
██▀ ▀██████████████████
███▄███████████████████
███████████████████████
███████████████████████
███████████████████████
███████████████████████
███████████████████████
▀█████████████████████▀
▀▀███████████████▀▀
▀▀▀▀█▀▀▀▀
OFFICIAL EUROPEAN
BETTING PARTNER OF
ASTON VILLA FC
██
██
██
██

██
██
██
██

██
██
██
10%   CASHBACK   
          100%   MULTICHARGER   
minifrij
Legendary
*
Offline Offline

Activity: 2352
Merit: 1268


In Memory of Zepher


View Profile WWW
January 02, 2017, 10:15:05 PM
 #8

This sounds like it was due to the hack that happened here. In May 2015 the forum's database was leaked which gave away your email and password hash. This leak has seemingly become more public now, so I expect that your account was targeted due to it's high rank and lack of recent activity.
If you had the same password for the rest of your accounts it would explain why those got hacked, even if the emails/usernames were different. I would suggest that you make sure all of the passwords to services you care about are different (perhaps using a password manager to help) to prevent something like this happening again.

My address was never staked in the official thread but I've posted it numerous times throughout the year, should I sign a message and publish it somewhere so it is known the account is still safe?
Provided you can show an unedited/quoted post containing the address in the event of something like this happening in the future and sign a message from said address it does not matter where you post it. However, I would suggest that you post it in the official thread regardless for archival purposes (if nothing else).
jeffthebaker (OP)
Legendary
*
Offline Offline

Activity: 1526
Merit: 1034


View Profile
January 04, 2017, 12:46:29 AM
 #9

I can almost guarantee it's not a keylogger. Leaked databases most likely.

I was able to find a btc-e email: huIim**z***29@*****.*** which led to z****a***am@*****.***

The second email led to an MPGH entry with the PW: po**7*** & a few other databases.

I assume they were able to connect the dots and login to other accounts by seeing what you joined by checking your recent posts.

Can't confirm this is what happened, but eh it's a possibility.

This is scary. However the password listed (although one I sometimes use) is not the one that was used in (I believe) any of the compromises. I'm assuming then that my info is up on other dstabases then, as well. Also, I've never logged into or even heard of MPGH before. Does this mean someone is using my identity on perhaps many platforms? I suppose at any rate I should not be using those emails or passwords anymore.
0x0010
Member
**
Offline Offline

Activity: 112
Merit: 10

female ;)


View Profile WWW
January 04, 2017, 04:30:35 AM
 #10

I can almost guarantee it's not a keylogger. Leaked databases most likely.

I was able to find a btc-e email: huIim**z***29@*****.*** which led to z****a***am@*****.***

The second email led to an MPGH entry with the PW: po**7*** & a few other databases.

I assume they were able to connect the dots and login to other accounts by seeing what you joined by checking your recent posts.

Can't confirm this is what happened, but eh it's a possibility.

This is scary. However the password listed (although one I sometimes use) is not the one that was used in (I believe) any of the compromises. I'm assuming then that my info is up on other dstabases then, as well. Also, I've never logged into or even heard of MPGH before. Does this mean someone is using my identity on perhaps many platforms? I suppose at any rate I should not be using those emails or passwords anymore.

Yes, lots of databases. I didn't list them all. If you didn't sign up on MPGH yourself, it is possible that someone else is using your identity on other sites, are you sure you never logged in? The leak happened years ago, so you might not recall.

keybase.io/0x0010
jeffthebaker (OP)
Legendary
*
Offline Offline

Activity: 1526
Merit: 1034


View Profile
January 04, 2017, 04:48:44 AM
 #11

I can almost guarantee it's not a keylogger. Leaked databases most likely.

I was able to find a btc-e email: huIim**z***29@*****.*** which led to z****a***am@*****.***

The second email led to an MPGH entry with the PW: po**7*** & a few other databases.

I assume they were able to connect the dots and login to other accounts by seeing what you joined by checking your recent posts.

Can't confirm this is what happened, but eh it's a possibility.

This is scary. However the password listed (although one I sometimes use) is not the one that was used in (I believe) any of the compromises. I'm assuming then that my info is up on other dstabases then, as well. Also, I've never logged into or even heard of MPGH before. Does this mean someone is using my identity on perhaps many platforms? I suppose at any rate I should not be using those emails or passwords anymore.

Yes, lots of databases. I didn't list them all. If you didn't sign up on MPGH yourself, it is possible that someone else is using your identity on other sites, are you sure you never logged in? The leak happened years ago, so you might not recall.

100% certain I've never participated on that site. I suppose that has to mean someone was using my email. That doesn't make sense to me though, why not just set up your own email for free to use?
Pages: [1]
  Print  
 
Jump to:  

Powered by MySQL Powered by PHP Powered by SMF 1.1.19 | SMF © 2006-2009, Simple Machines Valid XHTML 1.0! Valid CSS!