|
rizzlarolla (OP)
|
 |
March 14, 2017, 07:32:06 PM |
|
Have you noticed the growing number of hacked accounts reported? The hacker is asking fubly for bitcoin to return his account, saying he bought the account for twice the price he is asking from fubly, here https://bitcointalk.org/index.php?topic=1702720.0Where else have i seen that happen recently, oh yes, GreenBits account here, https://bitcointalk.org/index.php?topic=1785972.40Or ashapasa's account, turned into a slave account alongside nine other hacked accounts i identified here. (all wearing same sig, getting paid?) https://bitcointalk.org/index.php?topic=1821083.msg18157257#msg18157257One of those accounts is getting fake credibility here, https://bitcointalk.org/index.php?topic=1823355.msg18174976#msg18174976I even had a hacked account, JohnybBigs, troll me, giving trust to Lauda and Timelord2067 to endear itself to those members, hell, even the OP of that thread is probably hacked here https://bitcointalk.org/index.php?topic=1733765Thousands of accounts appear to have been hacked recently. Admin will know the true figure, i assume. You can see for yourselves. Click on this member, https://bitcointalk.org/index.php?action=profile;u=9011 see the last active march 1st 2017. Then click on u=9012, 9013, 9014,..... Try any u=number under 100000. More explanation here, https://bitcointalk.org/index.php?topic=1702409.msg17974610#msg17974610This hack has been anticipated for a while now, do admin have a planned response? Are admin doing anything about this problem? |
|
|
|
|
|
|
|
|
|
Transactions must be included in a block to be properly completed. When you send a transaction, it is broadcast to miners. Miners can then optionally include it in their next blocks. Miners will be more inclined to include your transaction if it has a higher transaction fee.
|
|
|
Advertised sites are not endorsed by the Bitcoin Forum. They may be unsafe, untrustworthy, or illegal in your jurisdiction.
|
|
|
|
|
|
|
|
0xfff
|
|
March 14, 2017, 07:42:44 PM |
|
This is a very serious issue. Admins should tell us how these people get hacked.
|
|
|
|
|
hilariousandco
Global Moderator
Legendary
 Online
Activity: 3794
Merit: 2606
Join the world-leading crypto sportsbook NOW!
|
|
March 14, 2017, 07:47:28 PM |
|
As far as I'm aware people are getting their accounts hacked because they didn't change their account passwords after the data breach and unfortunately there's not much that can be done about it if they don't. There will be several forms of 2-factor auth on the new forum so helpfully that will prevent future issues if people use it.
|
|
|
|
|
rizzlarolla (OP)
|
|
March 14, 2017, 07:56:12 PM |
|
As far as I'm aware people are getting their accounts hacked because they didn't change their account passwords after the data breach and unfortunately there's not much that can be done about it if they don't. There will be several forms of 2-factor auth on the new forum so helpfully that will prevent future issues if people use it.
Obviously, dormant or unused accounts will likely not have changed their passwords. That is why i ask "This hack has been anticipated for a while now, do admin have a planned response?" The standard answer, nothing can be done. There is plenty that could be done, even at this late stage. Do you have any figures or guesstimates on hacked account numbers? |
|
|
|
|
hilariousandco
Global Moderator
Legendary
Online
Activity: 3794
Merit: 2606
Join the world-leading crypto sportsbook NOW!
|
|
March 14, 2017, 08:07:46 PM |
|
I have no idea how many accounts have been compromised but I don't think it's as bad as you're claiming. I suppose certain accounts could be locked but people weep like widows when their accounts are auto locked as a precautionary measure when someone tries to reset the password via the security question and they cry even more when they have to wait for it to be restored. Also, if the account hasn't posted an address or they can no longer sign a message from one then they're screwed that way and they would then blame the forum for that so we're damned if we do and damned if we don't.
|
|
|
|
NOP@SSWORD
Member
 Offline
Activity: 64
Merit: 10
|
|
March 14, 2017, 08:12:08 PM
Last edit: March 14, 2017, 08:29:13 PM by NOP@SSWORD |
|
Some of those dormants accounts could have been reactivated by real owners who happen to have heard the recent news and getting interested in bitcoin again. Edit: Most of those accounts are newbies. What are the benefits of hacking newbies? |
|
|
|
|
Lauda
Legendary
Offline
Activity: 2674
Merit: 2965
Terminated.
|
|
March 14, 2017, 08:33:50 PM |
|
I have no idea how many accounts have been compromised but I don't think it's as bad as you're claiming.
I've noticed a surge of dormant accounts joining in Bitmixer, all of them shitposting and most of them having the same/similar posting patterns (e.g. inactive since X month, start posting after Y date). I think the OP is at least somewhat correct with his statement. Some of those dormants accounts could have been reactivated by real owners who happen to have heard the recent news and getting interested in bitcoin again.
Doubtful that account farmers activate only when there is Bitcoin news around.  |
"The Times 03/Jan/2009 Chancellor on brink of second bailout for banks" 😼 Bitcoin Core ( onion) |
|
|
NOP@SSWORD
Member
Offline
Activity: 64
Merit: 10
|
|
March 14, 2017, 08:56:36 PM |
|
I have no idea how many accounts have been compromised but I don't think it's as bad as you're claiming.
I've noticed a surge of dormant accounts joining in Bitmixer, all of them shitposting and most of them having the same/similar posting patterns (e.g. inactive since X month, start posting after Y date). I think the OP is at least somewhat correct with his statement. Some of those dormants accounts could have been reactivated by real owners who happen to have heard the recent news and getting interested in bitcoin again.
Doubtful that account farmers activate only when there is Bitcoin news around. I mean the bitcoin price is enough to motivate them to posts again. |
|
|
|
|
|
rizzlarolla (OP)
|
|
March 14, 2017, 10:14:49 PM
Last edit: March 14, 2017, 10:48:04 PM by rizzlarolla |
|
Some of those dormants accounts could have been reactivated by real owners who happen to have heard the recent news and getting interested in bitcoin again. Edit: Most of those accounts are newbies. What are the benefits of hacking newbies? No. real owners do not log in in rota. When hacking, you take what you get? Did you read this thread from op, https://bitcointalk.org/index.php?topic=1702409.msg17974610#msg17974610Then did you spend more than 5 minutes looking into this? Added - I'll bring the link here for clarity, https://bitcointalk.org/index.php?action=profile;u=9000 jakeroxs 0 post November 24, 2016, 08:47:41 AM https://bitcointalk.org/index.php?action=profile;u=9003 Micro333 0 post February 19, 2017, 01:18:36 PM https://bitcointalk.org/index.php?action=profile;u=9005 Qrr 2 post February 19, 2017, 01:28:59 PM https://bitcointalk.org/index.php?action=profile;u=9009 Trance555 0 post February 19, 2017, 01:28:07 PM https://bitcointalk.org/index.php?action=profile;u=9011 twadsworth 0 post February 19, 2017, 01:16:27 PM https://bitcointalk.org/index.php?action=profile;u=9012 FictionWobbles333 0 post February 19, 2017, 01:27:05 PM https://bitcointalk.org/index.php?action=profile;u=9013 MoodFool333 0 post February 19, 2017, 01:28:08 PM https://bitcointalk.org/index.php?action=profile;u=9014 marish 0 post February 19, 2017, 01:38:06 PM https://bitcointalk.org/index.php?action=profile;u=9015 BlackRunner111 0 post February 19, 2017, 01:15:55 PM https://bitcointalk.org/index.php?action=profile;u=9016 jhallsworth 0 post February 19, 2017, 01:28:12 PM https://bitcointalk.org/index.php?action=profile;u=9020 carter 0 post February 19, 2017, 01:20:13 PM Funny how the price drove 10 of 20 consecutive, really old accounts, who have never posted in years, to all log in on Feb 19, all at 1 o'clock, then not since, don't you think? You will find many, many more Feb 19 hacked accounts, if you have the time to look. Did you see https://bitcointalk.org/index.php?action=profile;u=9183A nice moving avatar, that will have some value. I hope you give me some credit for my account analysis. I have studied many more than you. many orders of magnitude. Try 9119, 9142, 9158, 9163, 9171, 9190, 9194. You will either have to do more study or take my word for it. Hundreds of thousands of accounts have recently been hacked. Until we hear otherwise from admin. |
|
|
|
|
NOP@SSWORD
Member
Offline
Activity: 64
Merit: 10
|
|
March 15, 2017, 12:35:00 AM
Last edit: March 15, 2017, 02:04:55 AM by NOP@SSWORD |
|
Some of those dormants accounts could have been reactivated by real owners who happen to have heard the recent news and getting interested in bitcoin again. Edit: Most of those accounts are newbies. What are the benefits of hacking newbies? No. real owners do not log in in rota. When hacking, you take what you get? Did you read this thread from op, https://bitcointalk.org/index.php?topic=1702409.msg17974610#msg17974610Then did you spend more than 5 minutes looking into this? Added - I'll bring the link here for clarity, https://bitcointalk.org/index.php?action=profile;u=9000 jakeroxs 0 post November 24, 2016, 08:47:41 AM https://bitcointalk.org/index.php?action=profile;u=9003 Micro333 0 post February 19, 2017, 01:18:36 PM https://bitcointalk.org/index.php?action=profile;u=9005 Qrr 2 post February 19, 2017, 01:28:59 PM https://bitcointalk.org/index.php?action=profile;u=9009 Trance555 0 post February 19, 2017, 01:28:07 PM https://bitcointalk.org/index.php?action=profile;u=9011 twadsworth 0 post February 19, 2017, 01:16:27 PM https://bitcointalk.org/index.php?action=profile;u=9012 FictionWobbles333 0 post February 19, 2017, 01:27:05 PM https://bitcointalk.org/index.php?action=profile;u=9013 MoodFool333 0 post February 19, 2017, 01:28:08 PM https://bitcointalk.org/index.php?action=profile;u=9014 marish 0 post February 19, 2017, 01:38:06 PM https://bitcointalk.org/index.php?action=profile;u=9015 BlackRunner111 0 post February 19, 2017, 01:15:55 PM https://bitcointalk.org/index.php?action=profile;u=9016 jhallsworth 0 post February 19, 2017, 01:28:12 PM https://bitcointalk.org/index.php?action=profile;u=9020 carter 0 post February 19, 2017, 01:20:13 PM Funny how the price drove 10 of 20 consecutive, really old accounts, who have never posted in years, to all log in on Feb 19, all at 1 o'clock, then not since, don't you think? You will find many, many more Feb 19 hacked accounts, if you have the time to look. Did you see https://bitcointalk.org/index.php?action=profile;u=9183A nice moving avatar, that will have some value. I hope you give me some credit for my account analysis. I have studied many more than you. many orders of magnitude. Try 9119, 9142, 9158, 9163, 9171, 9190, 9194. You will either have to do more study or take my word for it. Hundreds of thousands of accounts have recently been hacked. Until we hear otherwise from admin. In your example above seems it is own by one owner, I think he is checking his accounts. Look at the pattern of 3 numbers after the word and the "worth" word added at the end. It is not coincidence. Micro333 Trance555 FictionWobbles333 MoodFool333 BlackRunner111 twadsworth jhallsworth |
|
|
|
|
|
BTCBLOGGER
|
|
March 15, 2017, 01:56:28 AM
Last edit: March 15, 2017, 02:43:32 PM by BTCBLOGGER |
|
I remember there was an incident happened when a Ponzi mining site cloudminr leaked its data [username, password] for btc at that time many accounts were hacked and I'm able to restore few of them and the grtthegreat was the one of them. someone is trying to sell it but before that i logged into that account and helped him to get his account back at that time I also takeover some accounts but no one claimed that back from me. I still have those accounts and waiting for their owners to get them back. https://bitcointalk.org/index.php?topic=1120107.msg11864925#msg11864925https://bitcointalk.org/index.php?topic=1120052.msg11864392#msg11864392can i sell them if no one claims them back?  |
|
|
|
|
|
DomainMagnate
|
|
March 15, 2017, 11:09:25 AM |
|
As far as I'm aware people are getting their accounts hacked because they didn't change their account passwords after the data breach and unfortunately there's not much that can be done about it if they don't. There will be several forms of 2-factor auth on the new forum so helpfully that will prevent future issues if people use it.
The feature that displays message "This user has recently changed his password" prevents me and many like me to change password periodically for safety purpose. This message keeps people away from trading with such users. I hope this feature is not available in new forum. |
|
|
|
|
minifrij
Legendary
Offline
Activity: 2324
Merit: 1267
In Memory of Zepher
|
|
March 15, 2017, 11:15:59 AM |
|
The feature that displays message "This user has recently changed his password" prevents me and many like me to change password periodically for safety purpose.
This message keeps people away from trading with such users.
I hope this feature is not available in new forum.
It doesn't stop you doing anything. So long as you can sign a message from an old staked address there is no reason why you shouldn't be able to change your password. |
|
|
|
|
BitHodler
Legendary
Offline
Activity: 1526
Merit: 1179
|
|
March 15, 2017, 02:09:12 PM |
|
The feature that displays message "This user has recently changed his password" prevents me and many like me to change password periodically for safety purpose.
This message keeps people away from trading with such users.
I hope this feature is not available in new forum.
It doesn't stop you doing anything. So long as you can sign a message from an old staked address there is no reason why you shouldn't be able to change your password. In cases of hacked accounts, a signed message from an old staked address is more than enough, that's right. But in case of account sales, nowadays accounts get sold with the private keys connected to the staked address. From there it will be very difficult to know whether or not you're really dealing with the person you are supposed to deal with. Especially when the account has been kept active in the exact same manner it was before the sale. |
BSV is not the real Bcash. Bcash is the real Bcash.
|
|
|
erpbridge
Legendary
Offline
Activity: 954
Merit: 1000
|
|
March 15, 2017, 10:33:07 PM |
|
As far as I'm aware people are getting their accounts hacked because they didn't change their account passwords after the data breach and unfortunately there's not much that can be done about it if they don't. There will be several forms of 2-factor auth on the new forum so helpfully that will prevent future issues if people use it.
Was this because of the cloudfare breach or the breach that happened last year ? I remember seeing a list of accounts that was hacked last year, was there another one after that ? |
|
|
|
|
minifrij
Legendary
Offline
Activity: 2324
Merit: 1267
In Memory of Zepher
|
|
March 15, 2017, 10:57:15 PM |
|
But in case of account sales, nowadays accounts get sold with the private keys connected to the staked address.
From there it will be very difficult to know whether or not you're really dealing with the person you are supposed to deal with. Especially when the account has been kept active in the exact same manner it was before the sale.
That's a problem with the forum's policy on account sales. There is little else you can do other than ask for some other information only the original owner would know (E.G a dox). This relies on the previous owner being something other than an account farmer though, which could prove to be difficult. Was this because of the cloudfare breach or the breach that happened last year ? I remember seeing a list of accounts that was hacked last year, was there another one after that ?
No. The breach on Bitcointalk happened in May 2015 IIRC, and was a result of an internal problem with the hosting provider. I don't believe that Bitcointalk has ever used Cloudflare. |
|
|
|
|
achow101
Staff
Legendary
Offline
Activity: 3374
Merit: 6531
Just writing some code
|
|
March 16, 2017, 12:09:02 AM |
|
It's possible that someone got their hands on the old hacked database from May 2015 and decided to actually attempt to get into accounts with info that they gathered from that database.
Another possibility is that some site Bitcoin related was hacked and people got their hands on their databases and are checking to see if there are reused passwords to get into bitcointalk accounts. For example, recently a database dump from 2014 of btc-e's database reached HaveIBeenPwned so it is likely that that database was floating around publicly for a bit of time beforehand and is still available. So people might be using that to match accounts on btc-e to accounts on the forum and then trying passwords to see if there is any reuse.
Unfortunately the forum can't really do much. If the admins lock accounts which have not changed their passwords and then send password reset emails to all of those accounts, a lot of people will be locked out because emails aren't validated and a lot are either invalid, or just point back to bitcointalk.
|
|
|
|
|
rizzlarolla (OP)
|
|
March 18, 2017, 01:17:19 PM |
|
Most of those accounts are newbies. What are the benefits of hacking newbies?
Take a look at this thread where these newbie hacked accounts are used for trust farming/false trading. https://bitcointalk.org/index.php?topic=1793966.msg18067586#msg18067586No. real owners do not log in in rota https://bitcointalk.org/index.php?action=profile;u=9000 jakeroxs 0 post November 24, 2016, 08:47:41 AM https://bitcointalk.org/index.php?action=profile;u=9003 Micro333 0 post February 19, 2017, 01:18:36 PM https://bitcointalk.org/index.php?action=profile;u=9005 Qrr 2 post February 19, 2017, 01:28:59 PM https://bitcointalk.org/index.php?action=profile;u=9009 Trance555 0 post February 19, 2017, 01:28:07 PM https://bitcointalk.org/index.php?action=profile;u=9011 twadsworth 0 post February 19, 2017, 01:16:27 PM https://bitcointalk.org/index.php?action=profile;u=9012 FictionWobbles333 0 post February 19, 2017, 01:27:05 PM https://bitcointalk.org/index.php?action=profile;u=9013 MoodFool333 0 post February 19, 2017, 01:28:08 PM https://bitcointalk.org/index.php?action=profile;u=9014 marish 0 post February 19, 2017, 01:38:06 PM https://bitcointalk.org/index.php?action=profile;u=9015 BlackRunner111 0 post February 19, 2017, 01:15:55 PM https://bitcointalk.org/index.php?action=profile;u=9016 jhallsworth 0 post February 19, 2017, 01:28:12 PM https://bitcointalk.org/index.php?action=profile;u=9020 carter 0 post February 19, 2017, 01:20:13 PM Hundreds of thousands of accounts have recently been hacked. Until we hear otherwise from admin. In your example above seems it is own by one owner, I think he is checking his accounts. Look at the pattern of 3 numbers after the word and the "worth" word added at the end. It is not coincidence. Micro333 Trance555 FictionWobbles333 MoodFool333 BlackRunner111 twadsworth jhallsworth I agree this example does possibly show a bunch of farmed accounts, However they are still hacked. If you continue clicking through u=# from 9020, you will keep finding time rota Feb 19 log-in accounts. What of " https://bitcointalk.org/index.php?action=profile;u=9183 A nice moving avatar" is he no hacked, just "the farmer checking in"? Did you read/understand this previous link https://bitcointalk.org/index.php?topic=1702409.msg17974610#msg17974610All Feb 19 accounts (shown here) "reactivated" within 25 minutes.
(there is a shed load of other feb 19 "reactivations" elsewhere, look at u=2000 - 2020 @11.00am, or u=3000 onward @11.30am, or u=4000 onward @11.45am, or u=7000 onward @ 12.00pm, or u=8000 onward @1.15pm for example, a clear timeline pattern) - edited for more clarity.
Can you see the connection to all these other accounts log-in in time rota? (you will have to do some clicking) ---------------- It's possible that someone got their hands on the old hacked database from May 2015 and decided to actually attempt to get into accounts with info that they gathered from that database.
Another possibility is that some site Bitcoin related was hacked and people got their hands on their databases and are checking to see if there are reused passwords to get into bitcointalk accounts. For example, recently a database dump from 2014 of btc-e's database reached HaveIBeenPwned so it is likely that that database was floating around publicly for a bit of time beforehand and is still available. So people might be using that to match accounts on btc-e to accounts on the forum and then trying passwords to see if there is any reuse.
Unfortunately the forum can't really do much. If the admins lock accounts which have not changed their passwords and then send password reset emails to all of those accounts, a lot of people will be locked out because emails aren't validated and a lot are either invalid, or just point back to bitcointalk.
Either someone has "got their hands on the old hacked database from May 2015 and decided to actually attempt to get into accounts " or it is an inside job. "Another possibility is that some site Bitcoin related was hacked.." that is highly unlikely to account for the mass "systemic hack" we are seeing here. "Unfortunately the forum can't really do much" Same as hilarious said. Several hundred thousand accounts "systemically hacked" - admin do not even respond. |
|
|
|
|
hilariousandco
Global Moderator
Legendary
Online
Activity: 3794
Merit: 2606
Join the world-leading crypto sportsbook NOW!
|
|
March 18, 2017, 01:43:01 PM |
|
That boomin guy is the latest (caught) alt of MariusTi aka steamproject aka tberty aka Dorkslayz etc etc who uses an army of dozens of alts to fake vouch or spam bump his threads of torrent invites (and he's probably had around a 100 banned). He either has a massive stockpile of them or buys them from account sellers but I'm more inclined to believe that he has just farmed/created them himself as there's a lot that were just used to make one or two posts to bump/vouch for his thread then discarded, though some of the older ones recently came back to life and started selling the torrent invites when a lot of his other accounts got found out and banned. This behaviour with him has been going on for years with him and not just on this forum either as he's been banned from numerous forums and never learns. |
|
|
|
|
rizzlarolla (OP)
|
|
March 18, 2017, 03:26:34 PM
Last edit: March 18, 2017, 04:26:56 PM by rizzlarolla |
|
That boomin guy is the latest (caught) alt of MariusTi aka steamproject aka tberty aka Dorkslayz etc etc who uses an army of dozens of alts to fake vouch or spam bump his threads of torrent invites (and he's probably had around a 100 banned). He either has a massive stockpile of them or buys them from account sellers but I'm more inclined to believe that he has just farmed/created them himself as there's a lot that were just used to make one or two posts to bump/vouch for his thread then discarded, though some of the older ones recently came back to life and started selling the torrent invites when a lot of his other accounts got found out and banned. This behaviour with him has been going on for years with him and not just on this forum either as he's been banned from numerous forums and never learns. So you basically just agree that hacking (old) newbie accounts do have benefits for scammer's, and illustrating those benefits to scammer's. Steamproject ran his thread nearly 2 years on bct. What exactly was he supposed to "learn" from that? If he "just farmed/created them himself" he must have been around since July 31, 2010, 07:44:15 PM https://bitcointalk.org/index.php?action=profile;u=657 Weather or not Steamproject farmed those accounts himself or hacked them or bought them is a different topic, probably known alts thread. The fact remains that hundred's of thousands of accounts are "hacked" by someone. bct members are left in the dark over the scale of this, while mods say there is nothing that can be done, admin haven't even responded. ------added before any reply after 1 reply i just spotted next page, sorry!------ I have no idea how many accounts have been compromised but I don't think it's as bad as you're claiming. I suppose certain accounts could be locked but people weep like widows when their accounts are auto locked as a precautionary measure when someone tries to reset the password via the security question and they cry even more when they have to wait for it to be restored. Also, if the account hasn't posted an address or they can no longer sign a message from one then they're screwed that way and they would then blame the forum for that so we're damned if we do and damned if we don't.
I should respond here too. You have no idea how many accounts have been compromised, Yet somehow "auto conclude" i'm wrong? You compare "auto locked" accounts with "systemically hacked" account's, but they are not hacked in the same way. (afaik) Security question accounts are by default "locked out" till staff action, while systemically (password) hacked accounts are by default "allowed in" until staff action? You go on about those "auto locked" members weeping like widows, when many have clear proof but still have to wait for months for any action to be taken, then use the damnation of your (staff/admin) inaction's on restoring those few "auto locked" accounts as reason why you can't do anything about 100,000's of completely differently identifiable "systemically (password) hacked" accounts. Correct? |
|
|
|
|
|
