Hundreds of thousand of bitcointalk accounts hacked

[Iranus]

Most of those accounts are newbies. What are the benefits of hacking newbies?

Take a look at this thread where these newbie hacked accounts are used for trust farming/false trading.
https://bitcointalk.org/index.php?topic=1793966.msg18067586#msg18067586

That boomin guy is the latest (caught) alt of MariusTi aka steamproject aka tberty aka Dorkslayz etc etc who uses an army of dozens of alts to fake vouch or spam bump his threads of torrent invites (and he's probably had around a 100 banned). He either has a massive stockpile of them or buys them from account sellers but I'm more inclined to believe that he has just farmed/created them himself as there's a lot that were just used to make one or two posts to bump/vouch for his thread then discarded, though some of the older ones recently came back to life and started selling the torrent invites when a lot of his other accounts got found out and banned. This behaviour with him has been going on for years with him and not just on this forum either as he's been banned from numerous forums and never learns.

So you basically just agree that hacking (old) newbie accounts do have benefits for scammer's, and illustrating those benefits to scammer's.

Steamproject ran his thread nearly 2 years on bct. What exactly was he supposed to "learn" from that?
If he "just farmed/created them himself" he must have been around since July 31, 2010, 07:44:15 PM https://bitcointalk.org/index.php?action=profile;u=657

Weather or not Steamproject farmed those accounts himself or hacked them or bought them is a different topic, probably known alts thread.
The fact remains that hundred's of thousands of accounts are "hacked" by someone.
bct members are left in the dark over the scale of this, while mods say there is nothing that can be done, admin haven't even responded.

Nearly all of these accounts probably are hacked, but one of the key problems is that the forum is very hands-off so they're faced with the dilemma of finding out how to prove that these accounts are hacked without intruding on people's privacy.  It must be pretty difficult.

I suppose the main problem is the security breach from a while ago, which people are now exploiting because these dormant users never managed to change their passwords as they haven't been on this forum for a long time.

[1713496907]

1713496907

[1713496907]

1713496907

[rizzlarolla]

Nearly all of these accounts probably are hacked, but one of the key problems is that the forum is very hands-off so they're faced with the dilemma of finding out how to prove that these accounts are hacked without intruding on people's privacy.  It must be pretty difficult.

I suppose the main problem is the security breach from a while ago, which people are now exploiting because these dormant users never managed to change their passwords as they haven't been on this forum for a long time.

You agree on my figures (roughly) but you understand the dilemma facing admin?

It's quite easy to prove really, once you understand the relationship between uid#/reactivation time, and other things.
The inaccuracy rate would be tiny. Admin could easily do this.

Just like my 500+ list of (obvious to me and admin) farmed accounts where the inaccuracy rate is zero, as far as i know.
But admin refuse to acknowledge that either, which is great for you as you are a farmed "Alphabet account". 1 of several hundred alphabet accounts.
https://bitcointalk.org/index.php?topic=1670807.0

Your opinion is manufactured and worthless.

[hilariousandco]

Most of those accounts are newbies. What are the benefits of hacking newbies?

Take a look at this thread where these newbie hacked accounts are used for trust farming/false trading.
https://bitcointalk.org/index.php?topic=1793966.msg18067586#msg18067586

That boomin guy is the latest (caught) alt of MariusTi aka steamproject aka tberty aka Dorkslayz etc etc who uses an army of dozens of alts to fake vouch or spam bump his threads of torrent invites (and he's probably had around a 100 banned). He either has a massive stockpile of them or buys them from account sellers but I'm more inclined to believe that he has just farmed/created them himself as there's a lot that were just used to make one or two posts to bump/vouch for his thread then discarded, though some of the older ones recently came back to life and started selling the torrent invites when a lot of his other accounts got found out and banned. This behaviour with him has been going on for years with him and not just on this forum either as he's been banned from numerous forums and never learns.

So you basically just agree that hacking (old) newbie accounts do have benefits for scammer's, and illustrating those benefits to scammer's.

I'm not sure what the benefits of hacking a zero or one post newbie account are, but he has or had a very large stockpile of newbie accounts he created himself to do his shilling. See these ones:

https://bitcointalk.org/index.php?action=profile;u=895304  kusmaki
https://bitcointalk.org/index.php?action=profile;u=895247 gherghina
https://bitcointalk.org/index.php?action=profile;u=393051     alpitvraj
https://bitcointalk.org/index.php?action=profile;u=889079 paraneens
https://bitcointalk.org/index.php?action=profile;u=886523     Belvoir
https://bitcointalk.org/index.php?action=profile;u=918902     chanway
https://bitcointalk.org/index.php?action=profile;u=794655 arnold447
https://bitcointalk.org/index.php?action=profile;u=225107 clappen
https://bitcointalk.org/index.php?action=profile;u=213095 iceker
https://bitcointalk.org/index.php?action=profile;u=187976     Lala
https://bitcointalk.org/index.php?action=profile;u=412652     Brucee
https://bitcointalk.org/index.php?action=profile;u=501113 apostolis21
https://bitcointalk.org/index.php?action=profile;u=500285     mario23
https://bitcointalk.org/index.php?action=profile;u=406115 Gotcha007
https://bitcointalk.org/index.php?action=profile;u=503564     Tigarete
https://bitcointalk.org/index.php?action=profile;u=505675     vikingur
https://bitcointalk.org/index.php?action=profile;u=507216 AmericanTH
https://bitcointalk.org/index.php?action=profile;u=507493     petrov
https://bitcointalk.org/index.php?action=profile;u=507854     frenchois
https://bitcointalk.org/index.php?action=profile;u=508604 Deutch87
https://bitcointalk.org/index.php?action=profile;u=508979 PierreAllan
https://bitcointalk.org/index.php?action=profile;u=509715     igorenko
https://bitcointalk.org/index.php?action=profile;u=539438     pascqul
https://bitcointalk.org/index.php?action=profile;u=539792     cats2dogs
https://bitcointalk.org/index.php?action=profile;u=539970     scultz23
https://bitcointalk.org/index.php?action=profile;u=542073     btyanoneal
https://bitcointalk.org/index.php?action=profile;u=544562 billkanty
https://bitcointalk.org/index.php?action=profile;u=543385     chenzu
https://bitcointalk.org/index.php?action=profile;u=542662 barbugeala
https://bitcointalk.org/index.php?action=profile;u=548576 doitch2
https://bitcointalk.org/index.php?action=profile;u=549093 harryson2
https://bitcointalk.org/index.php?action=profile;u=553241 bigarmny
https://bitcointalk.org/index.php?action=profile;u=553521 Moris2pane
https://bitcointalk.org/index.php?action=profile;u=660431     mariutzko
https://bitcointalk.org/index.php?action=profile;u=662643     gasparpop
https://bitcointalk.org/index.php?action=profile;u=794655     arnold447
https://bitcointalk.org/index.php?action=profile;u=793362     gigarsfree
https://bitcointalk.org/index.php?action=profile;u=773056 poponautu

Most were just used once to make a bump of his thread then discarded but once he had his main accounts banned some of them suddenly returned back to life and he started selling with those ones.

Steamproject ran his thread nearly 2 years on bct. What exactly was he supposed to "learn" from that?

He wasn't caught until recently and it was his inability to not follow the marketplace rules repeatedly that kept getting him into trouble. When he gets banned for the behaviour he just comes back on more alts and does the same and seems to have done this on multiple forums.

I have no idea how many accounts have been compromised but I don't think it's as bad as you're claiming. I suppose certain accounts could be locked but people weep like widows when their accounts are auto locked as a precautionary measure when someone tries to reset the password via the security question and they cry even more when they have to wait for it to be restored. Also, if the account hasn't posted an address or they can no longer sign a message from one then they're screwed that way and they would then blame the forum for that so we're damned if we do and damned if we don't.

I should respond here too.
You have no idea how many accounts have been compromised, Yet somehow "auto conclude" i'm wrong?

I'm not sure where you get the figure of 'hundreds of thousands' of accounts have been hacked from as it seems exaggerated but if you can provide evidence of that then I'll happily admit I'm wrong but the exact figure seems beside the point.

You compare "auto locked" accounts with "systemically hacked" account's, but they are not hacked in the same way. (afaik)
Security question accounts are by default "locked out" till staff action, while systemically (password) hacked accounts are by default "allowed in" until staff action?

I'm not saying they are hacked in the same way but the outcome is still the same and staff can't win. How can we do anything about accounts that are not yet hacked? People were told to change their account passwords and if they didn't for whatever reason then their accounts are at risk but if they had a very strong password then they'd very likely be fine. What are you suggesting we do? Lock all accounts that haven't changed their passwords since the hack or if they haven't posted after x amount of time? If certain accounts are locked as a precautionary measure then what happens when the original owner can't prove that it belongs to him? Then he cries at the forum for unnecessarily doing this to his account. I'm not sure what you would like the admins to do but if you've got a foolproof plan I'd love to hear it.

You go on about those "auto locked" members weeping like widows, when many have clear proof but still have to wait for months for any action to be taken, then use the damnation of your (staff/admin) inaction's on restoring those few "auto locked" accounts as reason why you can't do anything about 100,000's of completely differently identifiable "systemically (password) hacked" accounts. Correct?

If it takes months to restore accounts now then what do you expect when there's (in your words) hundreds of thousands to restore? Only admins can restore accounts and there's nothing that regular staff can do about it. Yeah, there should be another admin or two to deal with account recoveries and finding alts or whether but that's something only theymos can act on.

[rizzlarolla]

Hilarious, thanks for the reply. I dropped the quote, it was getting to long. I will try to answer the most relevant points best i can.
(thanks for the list, but i think that has run it's course here, it has little more to add here beyond my using to show 0 post hacked accounts being utilised to scam?)

Are admin even interested in doing anything, no response here? (or elsewhere)
Is it unreasonable to expect a response on this subject?


1 The problem
Upward of 100,000 accounts hacked, no admin response, mods say nothing can be done.
Why does it take months to restore accounts, even when "proven" through official guidelines?
Without any admin action, the hacker has the upper hand by default of present ownership, where as real (hacked) account owners need to "prove" themselves.

2 Why do anything about it
I admit i do not know the true figure of hacked accounts, and agree the exact figure is beside the point, but the figure is massive.
I was hoping admin would at least try to clarify. I'm happy to edit the title down to 100,000 hacked accounts if admin assure me that is much more accurate.

3 admin/mod workload
Weather admin lock hacked accounts or leave them in the hackers control, staff workload should not be affected.
Any real account holder who finds they are either hacked or locked will have to report to admin to regain control.
That will not translate into 100,000's of cases to deal with, only a (very) small % of accounts will genuinely be reclaimed.

Many of these hacked accounts are years old, have been dormant for "years", or have never posted.
Almost none of these would be genuinely reclaimed, and certainly not all at the same time. But these cases where real people reclaim their accounts will occur either way.
Therefore, if these accounts were locked by admin, only the hacker would lose, in most cases.
(many thousand of hacked accounts will not need moderating, therefore making time other saving for mods/admin?)

If the "real" owner cannot "prove" they own the account, then it is lost. That is true weather admin have locked their account or their account is hacked.
In those cases, isn't it clearly better no one has the account, rather than the hacker keeps them all by default.
Admin could, considering this problem, be more lenient in allowing "other reasonable" evidence's of ownership, if they wish to facilitate faster repatriation.

4 how to stop it.
From what i have seen, which is very limited, the hacked accounts are easily identifiable. Admin should find identifying the vast majority of these hacked accounts no problem.
I have previously explained how to find them. A programme could easily be written by admin.
When dealing with (even) 100,000 accounts as we are surely seeing here, (awaiting confirmation) they are not "individually" controlled. they necessarily act en mass.
That rather helpfully means they leave an activity trail en mass, and can be identified, beyond reasonable doubt in almost all cases, en mass.

Without going into every detail, i can assure you that simply saving snapshots of user base activity would create evidence that could be refered to any time in the future.
The evidence is the u=#/last active time. (please ask if you need more info, but admin should be able to answer questions equally well)
(It would be at least nearly as accurate as my "farmed account" detection accuracy, which is about 100% accurate as far as i am aware)

Admin must download all member info NOW, (if not done already) then periodically from now. (just as i asked admin to do, but declined, to help me find farmed accounts)
This snap shot will be a safety bank of info. If admin are not even doing this, or do not now do it immediately, they are being negligent, or simply don't care, imo.

It would be nice if a link was added by admin to view some spreadsheets of at least "some thousands" of early accounts for members to view and understand.
I don't want to dos the forum collecting such info without permission, not if i don't have too!

[NLNico]

It's possible that someone got their hands on the old hacked database from May 2015 and decided to actually attempt to get into accounts with info that they gathered from that database.

This.



A lot of the 2010-2012 accounts do seem to be compromised. In 2012 the site was changed to use a much stronger hashing method for passwords. In 2015 the site was hacked and the database (with password hashes) was leaked. It would make sense that the hashes from early accounts are easily brute-force-able.

At this point I would assume that the 2013+ accounts are unrelated though and probably hacked due to re-using passwords on other sites.



Overall, I do assume most of those old accounts are newbie accounts (most even by spambots) where the owner didn't login after 2012 (as that would update the password hash.) Basically the potential damage is very limited. He might be able to sell those accounts though. I don't think admins can do too much against it. But if there is a very clear pattern (like all accounts logins from same IP), obvious accounts could just be frozen IMO.

[Lauda]

Three examples which I've found today (looks like I will have to flush out the trash from Bitmixer earlier this week):
https://bitcointalk.org/index.php?action=profile;u=149006;sa=showPosts;start=40 duuuuude
https://bitcointalk.org/index.php?action=profile;u=84987;sa=showPosts;start=40 Gufeng
https://bitcointalk.org/index.php?action=profile;u=217246;sa=showPosts;start=40 ajeef
It is absolutely disgusting that nothing is seriously being done against this.

[rizzlarolla]

It's possible that someone got their hands on the old hacked database from May 2015 and decided to actually attempt to get into accounts with info that they gathered from that database.

This.

A lot of the 2010-2012 accounts do seem to be compromised. In 2012 the site was changed to use a much stronger hashing method for passwords. In 2015 the site was hacked and the database (with password hashes) was leaked. It would make sense that the hashes from early accounts are easily brute-force-able.
At this point I would assume that the 2013+ accounts are unrelated though and probably hacked due to re-using passwords on other sites.

I estimate around 30%, or 30,000 early accounts, under u=100,000, are hacked.
You know the forum was hacked in 2015, yet assume 2013+ accounts are not related? I don't understand this. Anyway, whoever is responsible for hacking multiple thousands of accounts is not as important as weather admin are taking any action against the hacker/s.

Overall, I do assume most of those old accounts are newbie accounts (most even by spambots) where the owner didn't login after 2012 (as that would update the password hash.) Basically the potential damage is very limited. He might be able to sell those accounts though. I don't think admins can do too much against it. But if there is a very clear pattern (like all accounts logins from same IP), obvious accounts could just be frozen IMO.

Most accounts on the forum are newbie. Most accounts have never been used. So by law of averages, the hacker will hack a fairly equal % of those.
Many accounts after 2012 are also hacked. Lauda's list below are 2013 and 2014 accounts. Lauda's previous list was longer and more diverse.

I have already provided an example of brand new hacked accounts (old accounts, but never posted) being used to farm reputation/trust, and previously used accounts trying to get into paid campaign's.

How can 100,000 accounts be hacked, Mods can't do anything, admin don't respond, and you say "potential damage is very limited - he could sell those accounts"?
There is a clear pattern, which could be automated not freezing 1 account at a time. No hacker will just use the same ip.
I have explained what can be done. If admin (or yourself) don't understand, they could ask for more details.

------------

Three examples which I've found today (looks like I will have to flush out the trash from Bitmixer earlier this week):
https://bitcointalk.org/index.php?action=profile;u=149006;sa=showPosts;start=40 duuuuude
https://bitcointalk.org/index.php?action=profile;u=84987;sa=showPosts;start=40 Gufeng
https://bitcointalk.org/index.php?action=profile;u=217246;sa=showPosts;start=40 ajeef

All 3 accounts "reactivate" March 18, 2017. All with previous post history ending a year or 2 years ago - "dormant"
All 3 accounts post in time rota, making 94 shitposts between them, minutes apart, spread over 4 post session's on march 18,

It is absolutely disgusting that nothing is seriously being done against this.

I've tried to give admin time to respond here, even that is too much bother for them?

All that needs doing NOW is as i explained to hilarious, "Without going into every detail, i can assure you that simply saving snapshots of user base activity would create evidence that could be refered to any time in the future."

That would take minutes of work for admin, and would preserve all the needed evidence for any future action. To fail to do this is to allow the hacker to slowly cover his tracks, to allow all easy to use evidence to disappear. For admin not to do that simple task would be negligent, even complicit?

[NLNico]

I estimate around 30%, or 30,000 early accounts, under u=100,000, are hacked.
You know the forum was hacked in 2015, yet assume 2013+ accounts are not related? I don't understand this.

By stealing the DB, you cannot actually get the passwords, just the password hashes. In 2012 the method of password hashing was changed. So anyone who logged in after that (or registered after that), would have their password hashed in a very secure way. I am too lazy to do the math, but basically the password hashes before that are very easy to crack and after that would take an insane amount of computer calculation.

Most accounts on the forum are newbie. Most accounts have never been used.

My point is that the real accounts who were active, still logged in after 2012 automatically causing the password hash to be changed to the much more secure method. That is why I believe most hacked account will be accounts with 0-low posts (former spam bots and other newbies), that never logged in after 2010 - (begin)2012 again. Therefor the damage is relatively limited, but could be used for selling / signature campaigns / maybe somewhat fake reputation / etc, so I do agree it is worth investigating for theymos. Note that the forum already keeps logs and theymos added extra logging methods too, like when the user changes a password: https://bitcointalk.org/seclog.php so IMO he can still do plenty of analyzing.

Many accounts after 2012 are also hacked. Lauda's list below are 2013 and 2014 accounts. Lauda's previous list was longer and more diverse.

Hacked accounts have always been happening here for many years. Mostly because people re-use passwords on all sites. This means that if a hacker hacks any bitcoin sites (even faucet sites with ton of users), he could use those passwords on this forum. Bitcointalk also always have been the target of phishing attacks, so another way to get hacked.

As of now, I don't have very clear proof that 1) hacked newbies accounts from 2010-2012 and 2) hacked accounts after that - are related.

[Lauda]

Three examples which I've found today (looks like I will have to flush out the trash from Bitmixer earlier this week):
https://bitcointalk.org/index.php?action=profile;u=149006;sa=showPosts;start=40 duuuuude
https://bitcointalk.org/index.php?action=profile;u=84987;sa=showPosts;start=40 Gufeng
https://bitcointalk.org/index.php?action=profile;u=217246;sa=showPosts;start=40 ajeef

All 3 accounts "reactivate" March 18, 2017. All with previous post history ending a year or 2 years ago - "dormant"
All 3 accounts post in time rota, making 94 shitposts between them, minutes apart, spread over 4 post session's on march 18, ]

Similar pattern as can be observed in the previous list of accounts that I've provided.

I've tried to give admin time to respond here, even that is too much bother for them?

Looks like nobody really gives a damn about this forum nor the infestation of parasites.

Many accounts after 2012 are also hacked. Lauda's list below are 2013 and 2014 accounts. Lauda's previous list was longer and more diverse.

Hacked accounts have always been happening here for many years. Mostly because people re-use passwords on all sites. This means that if a hacker hacks any bitcoin sites (even faucet sites with ton of users), he could use those passwords on this forum. Bitcointalk also always have been the target of phishing attacks, so another way to get hacked.

There is most definitely a surge of hacked accounts in different stages of dormancy. I wonder whether a bot is posting or an 'army' of paid humans is being used to shitpost from all of them.

[rizzlarolla]

snip

Thanks for clarifying Nico.
I don't have any real problem with your assessment. You have helped answer possibilities of who and why. I shall bear it in mind.
I do see some evidence that accounts under u=100,000 are more affected than accounts over u=100,000.

That does not mitigate admin from taking simple action's to counter this. (if they think mass hacked accounts is a bad thing)

Let me try to show here how clear this is to detect, and therefore how easy to counter it could be.
Let's just look at (some of) 1 day - Feb 19 2017. Lets look at the activity of the first 20 accounts from various round numbers as a sample, so

u=1000 - u=1020
https://bitcointalk.org/index.php?action=profile;u=1003  cookie                  0 post  March 07, 2017, 05:54:51 AM (was feb 19, 12.03pm)
God damn, that was feb 19 last i looked, now mar 7
(1002, 1004, 1005, 6, 7, 8, 9, 11, 12, 13, 14, 15, 18, and 1020 "do not exist", so not much to hack there)

u=2000 - u=2020
https://bitcointalk.org/index.php?action=profile;u=2003  McKyle025           0 post    March 07, 2017, 04:07:31 AM (was feb 19, 12.03pm)
https://bitcointalk.org/index.php?action=profile;u=2004  marktaylor142      0 post   March 07, 2017, 09:16:18 AM (was feb 19, 12.05pm)      
https://bitcointalk.org/index.php?action=profile;u=2005  kavindave26         0 post   March 07, 2017, 08:01:11 AM (was feb 19, 12.58pm)
https://bitcointalk.org/index.php?action=profile;u=2008  celina111             0 post    March 07, 2017, 06:55:41 AM (was feb 19, 12.18pm)
https://bitcointalk.org/index.php?action=profile;u=2011  reverselockup23    0 post    March 07, 2017, 10:31:53 AM (was feb 19, 12.45pm)
https://bitcointalk.org/index.php?action=profile;u=2012  nadav001              0 post    March 07, 2017, 07:48:42 AM (was feb 19, 12.07pm)
https://bitcointalk.org/index.php?action=profile;u=2017  aranaahmed1         0 post   March 07, 2017, 08:21:32 AM (was feb 19, 12.05pm)
Ok, these were all feb 19 as well, now all mar 7 also. This is exactly why admin need to save "snapshots" of activity of all accounts as i described.
(2001, 2002, 6, 13, and 2014 "do not exist")

u=3000 - u-3020
https://bitcointalk.org/index.php?action=profile;u=3000  Rai                      12 post  February 19, 2017, 12:19:35 PM (last post 2011)
https://bitcointalk.org/index.php?action=profile;u=3003  v-tim                    3 post   February 19, 2017, 12:33:30 PM (last post 2011)
https://bitcointalk.org/index.php?action=profile;u=3011  tyler123                0 post   February 19, 2017, 12:19:50 PM
https://bitcointalk.org/index.php?action=profile;u=3019  ngatyeu87             0 post   March 01, 2017, 02:43:47 AM     (was feb 19, 12.30pm)
So most of these are still feb 19. 1 changed, again showing how the evidence is slowly dispersed.
(3002, 5, 6, 7, 8, 9, 10, 14, 15, and 2016 "do not exist")

u=4000 - u=4020
https://bitcointalk.org/index.php?action=profile;u=4011  brynfrlin                 0 post   February 19, 2017, 12:28:49 PM
https://bitcointalk.org/index.php?action=profile;u=4014  aq8586                  0 post   February 19, 2017, 12:53:54 PM
https://bitcointalk.org/index.php?action=profile;u=4017  menoskedos           0 post   February 19, 2017, 12:47:28 PM
https://bitcointalk.org/index.php?action=profile;u=4018  qaz22                    0 post   March 01, 2017, 08:05:16 AM     (was feb 19, 12.46pm)
Most still show feb 19. 1 change to march 1 same as above list.
(4001, 4, 5, 7, 8, 10, 16, 19, 4020 "do not exist")

Lets skip 5000 accounts to this list i quoted on previous page,

u=9000 - u=9020
https://bitcointalk.org/index.php?action=profile;u=9003  Micro333              0 post    February 19, 2017, 01:18:36 PM
https://bitcointalk.org/index.php?action=profile;u=9005  Qrr                       2 post    February 19, 2017, 01:28:59 PM
https://bitcointalk.org/index.php?action=profile;u=9009  Trance555             0 post    February 19, 2017, 01:28:07 PM
https://bitcointalk.org/index.php?action=profile;u=9011  twadsworth            0 post   February 19, 2017, 01:16:27 PM
https://bitcointalk.org/index.php?action=profile;u=9012  FictionWobbles333  0 post   February 19, 2017, 01:27:05 PM
https://bitcointalk.org/index.php?action=profile;u=9013  MoodFool333          0 post   February 19, 2017, 01:28:08 PM
https://bitcointalk.org/index.php?action=profile;u=9014  marish                   0 post   February 19, 2017, 01:38:06 PM
https://bitcointalk.org/index.php?action=profile;u=9015  BlackRunner111      0 post   February 19, 2017, 01:15:55 PM
https://bitcointalk.org/index.php?action=profile;u=9016  jhallsworth             0 post    February 19, 2017, 01:28:12 PM
https://bitcointalk.org/index.php?action=profile;u=9020  carter                     0 post   February 19, 2017, 01:20:13 PM
I think these are still correct.

And on to u=11000 - u=11020
https://bitcointalk.org/index.php?action=profile;u=11003  breakbank4            0 post   March 01, 2017, 06:27:51 AM    (was feb 19, 2.08pm)
https://bitcointalk.org/index.php?action=profile;u=11007  yashrajskio            0 post   February 28, 2017, 10:27:43 PM (was feb 19, 2.08pm)
https://bitcointalk.org/index.php?action=profile;u=11008  ronanlepp              0 post   February 19, 2017, 02:07:35 PM
https://bitcointalk.org/index.php?action=profile;u=11010  jacktralia               0 post   February 19, 2017, 01:53:45 PM
https://bitcointalk.org/index.php?action=profile;u=11014  ameldajones          0 post   February 19, 2017, 02:07:52 PM
https://bitcointalk.org/index.php?action=profile;u=11019  slotcar101             0 post   February 19, 2017, 01:59:50 PM
Couple changed. 1 mar 1st again. Dispersing the evidence. But as i had it recorded, it can never be lost - as theymos can easily do.

See how the time frame goes from around 12pm - around 2pm over 11000 accounts, short work!
theymos could confirm my "was feb 19" time and date is accurate, if he saved the correct info, and if he could be bothered.
So regardless of weather it is 100,000 accounts or "just" 10's of thousands, i hope it is clear how easy it is to spot.

This carries on on different dates, 27 January 2017 for example,

u=25,000 - u= 25020
https://bitcointalk.org/index.php?action=profile;u=25005  inertiatic          0 post   January 27, 2017, 05:50:53 AM
https://bitcointalk.org/index.php?action=profile;u=25007  Jepp                0 post   January 27, 2017, 06:10:37 AM
https://bitcointalk.org/index.php?action=profile;u=25008  bottommaster   0 post   January 27, 2017, 06:11:44 AM
https://bitcointalk.org/index.php?action=profile;u=25014  basseffekt        0 post   January 27, 2017, 05:51:37 AM
https://bitcointalk.org/index.php?action=profile;u=25017  badinstincts     0 post   January 27, 2017, 05:52:50 AM
https://bitcointalk.org/index.php?action=profile;u=25018  pero991          6 post   January 27, 2017, 05:59:17 AM (last post 2011)
https://bitcointalk.org/index.php?action=profile;u=25019  dragoon1001   0 post   January 27, 2017, 05:42:25 AM
https://bitcointalk.org/index.php?action=profile;u=25020  MrMaple          1 post   January 27, 2017, 05:58:58 AM (last post 2011)

And the list goes on and on. The time rota being totally obvious.

So after looking at 140 accounts, minus around 40accounts "do not exist", so 100 possible accounts to hack, 42 are hacked here.
That equates to around 40% of all early accounts being hacked. (early accounts in this sample)
All clear as day.

No reason for mods to spout "there is nothing we can do". (i presume admin are saying the same to themselves)
theymos must save the data as previously instructed by me (take him a few minutes) or forever be complicit in this.

[Chris!]

Looks like nobody really gives a damn about this forum nor the infestation of parasites.

I think the problem isn't that no one cares, it's that the people that do care aren't listened to/taken seriously/not important enough to listen to.

When is this new forum coming out? I guess it doesn't really matter what the date is at this point because it's been a WIP for so long that the date will most likely be pushed again. Q2 2019 is my guess.

[rizzlarolla]

Looks like nobody really gives a damn about this forum nor the infestation of parasites.

I think the problem isn't that no one cares, it's that the people that do care aren't listened to/taken seriously/not important enough to listen to.

So,the people that do care aren't listened to/taken seriously/not important enough to be listen to, (members)
by those who are in position to act seriously, but don't care, and wont listen to or communicate with people less important than themselves. (admin)

That is how i read Lauda's post too, between the lines. "nobody (who can do anything about it) really gives a damn about this forum"
(at some point my view will turn from admin not giving a damn to instigating or being complicit in this)

[Lauda]

That is how i read Lauda's post too, between the lines. "nobody (who can do anything about it) really gives a damn about this forum"

You've correctly interpreted my post!
Just take a look at the post difference between 2015 and 2017:
https://bitcointalk.org/index.php?action=profile;u=159728;sa=showPosts;start=20 Jaccee
Sold, hacked, farmed? Seems to be a daily thing in my campaign nowadays.
In this case the post quality isn't bad. However, the forum is at the point where I've even stopped reporting the worst offenders knowing that they wouldn't get punished or would just get an absurdly short *warning ban* (i.e. I'd waste my time). After this they usually continue their routine. The best I can do is keep this trash out of Bitmixer && other SMAS campaigns.

[Chris!]

It looks like we may have a step in the right direction here:

https://bitcointalk.org/index.php?topic=1842839.0

Maybe someone saw your post and did something about it. Maybe it was a plan the whole time. Who knows since I can't seem to find an announcement of any sort.

Check out his trust profile.

Holy crap! Look how many brand new accounts from 2011-2013 are "waking up" this is insane!
https://bitcointalk.org/seclog.php

[freedomno1]

Are admin doing anything about this problem?

It depends on if the password was changed or not if someone has access to the stake address from this thread they probably could recover without a ransom if you send a signed signature. Assuming they were around to post in 2015 onwards.
https://bitcointalk.org/index.php?topic=996318.0

At some point though I presume the new forum will activate cough cough and the issue will resolve been away long enough some progress must have been made in the last year ^^.

[ABitNut]

It's possible that someone got their hands on the old hacked database from May 2015 and decided to actually attempt to get into accounts with info that they gathered from that database.

This.



A lot of the 2010-2012 accounts do seem to be compromised. In 2012 the site was changed to use a much stronger hashing method for passwords. In 2015 the site was hacked and the database (with password hashes) was leaked. It would make sense that the hashes from early accounts are easily brute-force-able.

At this point I would assume that the 2013+ accounts are unrelated though and probably hacked due to re-using passwords on other sites.



Overall, I do assume most of those old accounts are newbie accounts (most even by spambots) where the owner didn't login after 2012 (as that would update the password hash.) Basically the potential damage is very limited. He might be able to sell those accounts though. I don't think admins can do too much against it. But if there is a very clear pattern (like all accounts logins from same IP), obvious accounts could just be frozen IMO.

Achow was spot on. The database stolen in 2015 has been made available for sale and that means the data is now spreading more.

[Chris!]

In ONE day there were 237 accounts that "woke up". The whole hundreds of thousands of hacked accounts has become far too real at this point. Assuming this has been happening for 1 year that would be 86,505 accounts hacked (minus the 5 legitimate 'wake ups'). It looks like the vast majority of them wake up then have their password reset or they have their password recent via email then wake up. A lot of these are newbies or brand new members.

See the seclog on March 28th:

Code:

March 28, 2017, 11:54:07 PM - jimmydvd - woke up
March 28, 2017, 11:52:14 PM - DELTA9 - woke up
March 28, 2017, 11:43:39 PM - uralZURA - password reset via email
March 28, 2017, 11:33:03 PM - opello - password changed
March 28, 2017, 11:32:53 PM - opello - password changed
March 28, 2017, 11:32:02 PM - opello - woke up
March 28, 2017, 11:31:44 PM - fynxms - woke up
March 28, 2017, 11:31:39 PM - fynxms - password reset via email
March 28, 2017, 11:21:43 PM - Jgguy - woke up
March 28, 2017, 11:17:50 PM - valk-it - woke up
March 28, 2017, 10:26:01 PM - bigbox - woke up
March 28, 2017, 10:24:36 PM - PleaseGreeny - password reset via email
March 28, 2017, 10:14:48 PM - nthman - woke up
March 28, 2017, 09:46:23 PM - qzectbumo - woke up
March 28, 2017, 09:37:34 PM - hijax - password changed
March 28, 2017, 09:37:13 PM - nibbknot - password changed
March 28, 2017, 09:36:02 PM - hijax - woke up
March 28, 2017, 09:34:33 PM - racminer - password reset via email
March 28, 2017, 09:32:35 PM - warning - woke up
March 28, 2017, 09:31:26 PM - Hano - woke up
March 28, 2017, 09:27:27 PM - Rolihlahla - woke up
March 28, 2017, 09:20:04 PM - bajing - password changed
March 28, 2017, 09:13:05 PM - zongelf - woke up
March 28, 2017, 09:07:30 PM - Redtschorn - password changed
March 28, 2017, 08:58:44 PM - Redtschorn - woke up
March 28, 2017, 08:55:07 PM - Venkat - woke up
March 28, 2017, 08:24:59 PM - jayek001 - woke up
March 28, 2017, 08:23:58 PM - European Central Bank - password changed
March 28, 2017, 07:51:09 PM - mOomOo - password reset via email
March 28, 2017, 07:29:08 PM - tylenool - password changed
March 28, 2017, 07:27:51 PM - tylenool - woke up
March 28, 2017, 07:23:32 PM - sinistral - password changed
March 28, 2017, 07:19:54 PM - sinistral - woke up
March 28, 2017, 07:19:21 PM - predprocessing - password reset via email
March 28, 2017, 07:18:50 PM - warhawk187 - woke up
March 28, 2017, 07:16:45 PM - warhawk187 - password reset via email
March 28, 2017, 06:51:17 PM - KroniK907 - woke up
March 28, 2017, 06:46:25 PM - FlamingFingers - password reset via email
March 28, 2017, 06:32:19 PM - randomlygenerated - woke up
March 28, 2017, 06:29:07 PM - psterryl - woke up
March 28, 2017, 06:21:47 PM - FlamingFingers - password changed
March 28, 2017, 06:12:53 PM - Steve D - woke up
March 28, 2017, 06:12:29 PM - coryfklein - password changed
March 28, 2017, 06:11:27 PM - coryfklein - woke up
March 28, 2017, 06:08:42 PM - HadiLePanda - password changed
March 28, 2017, 06:05:50 PM - HadiLePanda - woke up
March 28, 2017, 06:02:48 PM - tbtb12 - woke up
March 28, 2017, 06:01:14 PM - tbtb12 - password reset via email
March 28, 2017, 05:55:52 PM - Gleb Gamow - password reset via email
March 28, 2017, 05:53:47 PM - giga4less - password reset via email
March 28, 2017, 05:37:15 PM - nemgun - password reset via email
March 28, 2017, 05:15:21 PM - Freeman87 - password reset via email
March 28, 2017, 05:14:15 PM - bubislav - woke up
March 28, 2017, 05:14:10 PM - bubislav - password reset via email
March 28, 2017, 05:13:14 PM - thepiwo - woke up
March 28, 2017, 05:06:37 PM - cianuro - password reset via email
March 28, 2017, 04:57:30 PM - PLEBdevs - woke up
March 28, 2017, 04:51:52 PM - dondraper - password reset via email
March 28, 2017, 04:50:50 PM - rgujja - woke up
March 28, 2017, 04:50:37 PM - rgujja - password reset via email
March 28, 2017, 04:50:13 PM - GriTBitS - woke up
March 28, 2017, 04:49:37 PM - newbeecrypto - password reset via email
March 28, 2017, 04:46:00 PM - pixelpowered - password changed
March 28, 2017, 04:29:03 PM - CompNsci - woke up
March 28, 2017, 04:15:27 PM - BlockChains - woke up
March 28, 2017, 04:14:05 PM - BlockChains - password reset via email
March 28, 2017, 04:13:39 PM - michael_phelps - password changed
March 28, 2017, 04:07:15 PM - bitcrushpool - password changed
March 28, 2017, 04:07:14 PM - crypto-official - woke up
March 28, 2017, 04:02:33 PM - Scalefreak - woke up
March 28, 2017, 03:58:19 PM - baksbet - password reset via email
March 28, 2017, 03:55:31 PM - jlh - password changed
March 28, 2017, 03:54:34 PM - thinkloop - woke up
March 28, 2017, 03:53:09 PM - ALXBOB - woke up
March 28, 2017, 03:45:43 PM - jlh - woke up
March 28, 2017, 03:42:58 PM - Gleb Gamow - password changed
March 28, 2017, 03:37:28 PM - lovro2000 - woke up
March 28, 2017, 03:32:35 PM - CypherrX - woke up
March 28, 2017, 03:29:09 PM - bitcrushpool - woke up
March 28, 2017, 03:28:46 PM - dipsao - woke up
March 28, 2017, 03:28:39 PM - dipsao - password reset via email
March 28, 2017, 03:24:57 PM - douzevache - woke up
March 28, 2017, 03:22:46 PM - MrVuuu - password reset via email
March 28, 2017, 03:13:20 PM - pouyaye - woke up
March 28, 2017, 03:04:37 PM - sk8ermarc - woke up
March 28, 2017, 03:04:19 PM - sk8ermarc - password reset via email
March 28, 2017, 02:52:04 PM - paulogomesfx - woke up
March 28, 2017, 02:41:55 PM - pacojones - woke up
March 28, 2017, 02:35:02 PM - nskythe - woke up
March 28, 2017, 02:33:35 PM - BitTaler - woke up
March 28, 2017, 02:32:35 PM - mackncheesiest - password changed
March 28, 2017, 02:31:29 PM - mackncheesiest - woke up
March 28, 2017, 02:28:52 PM - gmoscetti - password changed
March 28, 2017, 02:27:51 PM - gmoscetti - woke up
March 28, 2017, 02:18:38 PM - ziggy2000 - woke up
March 28, 2017, 02:12:56 PM - JonhyDread - password changed
March 28, 2017, 02:11:55 PM - JonhyDread - woke up
March 28, 2017, 02:03:43 PM - adriank1410 - password reset via email
March 28, 2017, 01:56:38 PM - adriank1410 - woke up
March 28, 2017, 01:51:28 PM - paptee - password reset via email
March 28, 2017, 01:50:20 PM - a10129 - woke up
March 28, 2017, 01:49:53 PM - oli123123 - password changed
March 28, 2017, 01:49:35 PM - pmtrade - woke up
March 28, 2017, 01:42:11 PM - senseless - password reset via email
March 28, 2017, 01:38:39 PM - musicand - password changed
March 28, 2017, 01:38:30 PM - 197a25a7 - woke up
March 28, 2017, 01:37:28 PM - musicand - woke up
March 28, 2017, 01:18:20 PM - marioumarios400 - password changed
March 28, 2017, 01:13:09 PM - Domchi - password changed
March 28, 2017, 01:09:54 PM - btcnath - password changed
March 28, 2017, 01:07:28 PM - btcnath - woke up
March 28, 2017, 01:06:58 PM - savage2k - woke up
March 28, 2017, 01:06:10 PM - Coin_win - password changed
March 28, 2017, 01:01:17 PM - Next_Robby - password changed
March 28, 2017, 01:00:30 PM - soundjack - woke up
March 28, 2017, 12:46:51 PM - tapman - woke up
March 28, 2017, 12:46:47 PM - tapman - password reset via email
March 28, 2017, 12:46:30 PM - schap - woke up
March 28, 2017, 12:46:22 PM - ellentk - password changed
March 28, 2017, 12:43:52 PM - buysellcryptocoin - woke up
March 28, 2017, 12:43:30 PM - ellentk - woke up
March 28, 2017, 12:35:59 PM - schap - password reset via email
March 28, 2017, 12:33:24 PM - musings23 - password changed
March 28, 2017, 12:31:39 PM - Blazin - password reset via email
March 28, 2017, 12:30:52 PM - AntiMicrosoft - password changed
March 28, 2017, 12:28:02 PM - sargue - password changed
March 28, 2017, 12:27:49 PM - bitvote - woke up
March 28, 2017, 12:26:20 PM - sargue - woke up
March 28, 2017, 12:25:53 PM - musings23 - woke up
March 28, 2017, 12:25:49 PM - musings23 - password reset via email
March 28, 2017, 12:23:38 PM - shr00m3ry - woke up
March 28, 2017, 12:23:26 PM - shr00m3ry - password reset via email
March 28, 2017, 12:23:17 PM - sengak - woke up
March 28, 2017, 12:23:01 PM - sengak - password reset via email
March 28, 2017, 11:59:17 AM - aleksei - password changed
March 28, 2017, 11:56:04 AM - Alexander1 - woke up
March 28, 2017, 11:55:59 AM - deemdior - password reset via email
March 28, 2017, 11:55:28 AM - Alexander1 - password reset via email
March 28, 2017, 11:54:37 AM - JackieAss - password reset via email
March 28, 2017, 11:42:43 AM - vijayjaga - woke up
March 28, 2017, 11:38:57 AM - tommorris - password changed
March 28, 2017, 11:34:54 AM - NetTime - password reset via email
March 28, 2017, 11:32:22 AM - Spiff637 - woke up
March 28, 2017, 11:31:03 AM - tommorris - woke up
March 28, 2017, 11:19:44 AM - colour - password changed
March 28, 2017, 11:18:46 AM - zoltan81 - woke up
March 28, 2017, 11:15:26 AM - colour - woke up
March 28, 2017, 11:09:42 AM - palilo - woke up
March 28, 2017, 10:57:10 AM - Newtoon - woke up
March 28, 2017, 10:57:09 AM - cybernixon - woke up
March 28, 2017, 10:56:59 AM - Newtoon - password reset via email
March 28, 2017, 10:56:00 AM - sparcv - password changed
March 28, 2017, 10:54:23 AM - sparcv - woke up
March 28, 2017, 10:54:06 AM - irv - woke up
March 28, 2017, 10:47:03 AM - larraboj - password reset via email
March 28, 2017, 10:44:38 AM - kcgreene - woke up
March 28, 2017, 10:44:18 AM - larraboj - password reset via email
March 28, 2017, 10:40:36 AM - irv - password reset via secret question
March 28, 2017, 10:36:51 AM - QuestionQuest - woke up
March 28, 2017, 10:34:39 AM - digitaleagle - password changed
March 28, 2017, 10:34:07 AM - johnemos - woke up
March 28, 2017, 10:23:11 AM - digitaleagle - woke up
March 28, 2017, 10:23:04 AM - digitaleagle - password reset via email
March 28, 2017, 10:17:28 AM - shnizle - woke up
March 28, 2017, 10:10:41 AM - qrs - password changed
March 28, 2017, 10:09:52 AM - shnizle - password reset via email
March 28, 2017, 10:09:10 AM - JRob - password changed
March 28, 2017, 10:06:09 AM - milospinkfloyd - woke up
March 28, 2017, 10:05:48 AM - Atrax - password reset via email
March 28, 2017, 10:00:27 AM - dechimp - password changed
March 28, 2017, 09:58:49 AM - dechimp - woke up
March 28, 2017, 09:54:19 AM - Hotrod77 - woke up
March 28, 2017, 09:54:15 AM - Hotrod77 - password reset via email
March 28, 2017, 09:52:46 AM - bloodeye - password changed
March 28, 2017, 09:47:13 AM - Lagyo - woke up
March 28, 2017, 09:43:26 AM - Gordonium - password changed
March 28, 2017, 09:38:07 AM - lethalrocks - password changed
March 28, 2017, 09:37:11 AM - lethalrocks - woke up
March 28, 2017, 09:31:54 AM - Wizzard - password changed
March 28, 2017, 09:31:14 AM - ardew - woke up
March 28, 2017, 09:31:09 AM - ardew - password reset via email
March 28, 2017, 09:30:55 AM - Wizzard - woke up
March 28, 2017, 09:30:33 AM - Nistap - password reset via email
March 28, 2017, 09:25:14 AM - denaje - password changed
March 28, 2017, 09:24:36 AM - Nescafe - password changed
March 28, 2017, 09:24:30 AM - denaje - woke up
March 28, 2017, 09:24:17 AM - anastis - password changed
March 28, 2017, 09:22:59 AM - anastis - woke up
March 28, 2017, 09:22:58 AM - Nescafe - woke up
March 28, 2017, 09:21:47 AM - Nortelfish - password reset via email
March 28, 2017, 09:19:27 AM - supcrygae - password reset via email
March 28, 2017, 09:16:40 AM - kugutsumen - password changed
March 28, 2017, 09:16:01 AM - kugutsumen - woke up
March 28, 2017, 09:13:06 AM - ebucha - password changed
March 28, 2017, 09:07:18 AM - rickidy9 - password changed
March 28, 2017, 09:04:12 AM - saturnv - woke up
March 28, 2017, 09:02:42 AM - Quanttek - password changed
March 28, 2017, 09:01:16 AM - Quanttek - woke up
March 28, 2017, 08:56:29 AM - mtw34 - password changed
March 28, 2017, 08:55:07 AM - EncryptoTel - woke up
March 28, 2017, 08:55:06 AM - mariolakas - woke up
March 28, 2017, 08:51:32 AM - mellonril - password changed
March 28, 2017, 08:45:43 AM - newtronic - password changed
March 28, 2017, 08:43:53 AM - gurghet - woke up
March 28, 2017, 08:43:44 AM - newtronic - woke up
March 28, 2017, 08:41:20 AM - Snail2 - woke up
March 28, 2017, 08:36:29 AM - chong_kee - password changed
March 28, 2017, 08:35:23 AM - balst - woke up
March 28, 2017, 08:35:03 AM - balst - password reset via email
March 28, 2017, 08:32:16 AM - cconrad0825 - password changed
March 28, 2017, 08:28:39 AM - olybeast - password reset via email
March 28, 2017, 08:26:14 AM - Brama Tafel - woke up
March 28, 2017, 08:25:26 AM - G.I.WINSTON - password changed
March 28, 2017, 08:24:44 AM - Tommazoe - password changed
March 28, 2017, 08:23:56 AM - Fundamentals Of - password reset via email
March 28, 2017, 08:23:47 AM - Tommazoe - woke up
March 28, 2017, 08:15:48 AM - fturco - password changed
March 28, 2017, 08:15:18 AM - bgminer - woke up
March 28, 2017, 08:14:43 AM - fturco - woke up
March 28, 2017, 08:14:09 AM - RyuBlade94 - password reset via email
March 28, 2017, 08:08:57 AM - papa_lazzarou - password reset via email
March 28, 2017, 08:08:05 AM - slowdays - password reset via email
March 28, 2017, 08:07:42 AM - ajh103 - woke up
March 28, 2017, 08:07:38 AM - ajh103 - password reset via email
March 28, 2017, 08:05:43 AM - RyuBlade94 - woke up
March 28, 2017, 08:02:58 AM - stefanz99 - woke up
March 28, 2017, 07:47:06 AM - boogieman14 - woke up
March 28, 2017, 07:36:55 AM - Abcmsaj - woke up
March 28, 2017, 07:35:39 AM - Abcmsaj - password reset via email
March 28, 2017, 07:33:51 AM - Superbibi - password changed
March 28, 2017, 07:32:49 AM - Superbibi - woke up
March 28, 2017, 07:31:33 AM - fuadiansyah - woke up
March 28, 2017, 07:31:11 AM - WarrenRj - woke up
March 28, 2017, 07:30:26 AM - SunSlav - password changed
March 28, 2017, 07:30:23 AM - dnaleor - password reset via email
March 28, 2017, 07:29:11 AM - dolly77 - woke up
March 28, 2017, 07:28:54 AM - dolly77 - password reset via email
March 28, 2017, 07:27:41 AM - SunSlav - password changed
March 28, 2017, 07:25:46 AM - thephez - password changed
March 28, 2017, 07:25:32 AM - Beijideluotuo - woke up
March 28, 2017, 07:24:04 AM - thephez - woke up
March 28, 2017, 07:23:26 AM - 5oksuuhm - password reset via email
March 28, 2017, 07:18:00 AM - Mr.nors - password reset via email
March 28, 2017, 07:17:13 AM - TSE - password changed
March 28, 2017, 07:10:40 AM - FirstAfricanCoin - woke up
March 28, 2017, 07:10:29 AM - FirstAfricanCoin - password reset via email
March 28, 2017, 07:10:28 AM - Cluster2k - password changed
March 28, 2017, 06:56:35 AM - Showtime2017 - password changed
March 28, 2017, 06:52:41 AM - laiguozheshijie - woke up
March 28, 2017, 06:46:47 AM - mememiner - woke up
March 28, 2017, 06:37:57 AM - etnguyen03 - password changed
March 28, 2017, 06:33:36 AM - sixtysix - woke up
March 28, 2017, 06:30:11 AM - sesam - password changed
March 28, 2017, 06:27:33 AM - Soylent - password reset via email
March 28, 2017, 06:24:41 AM - RobB1 - password changed
March 28, 2017, 06:13:53 AM - qbitbit - password changed
March 28, 2017, 06:12:48 AM - juanthree - woke up
March 28, 2017, 06:12:42 AM - qbitbit - woke up
March 28, 2017, 06:10:56 AM - RobB1 - woke up
March 28, 2017, 06:09:15 AM - Sk1llS - password changed
March 28, 2017, 06:06:55 AM - herda - woke up
March 28, 2017, 05:51:59 AM - baldomero - password reset via email
March 28, 2017, 05:47:18 AM - gielbier - password changed
March 28, 2017, 05:45:07 AM - HA5h - woke up
March 28, 2017, 05:44:54 AM - HA5h - password reset via email
March 28, 2017, 05:38:21 AM - earnandenjoy - woke up
March 28, 2017, 05:37:15 AM - Rion - woke up
March 28, 2017, 05:36:56 AM - steolo - woke up
March 28, 2017, 05:35:25 AM - jiflkid06 - password reset via email
March 28, 2017, 05:30:06 AM - Crazybear-Coins - password reset via email
March 28, 2017, 05:24:50 AM - alcalinebattery89 - password reset via email
March 28, 2017, 05:23:47 AM - r!chb - password reset via email
March 28, 2017, 05:18:54 AM - cheipol - password changed
March 28, 2017, 05:18:08 AM - cheipol - woke up
March 28, 2017, 05:12:27 AM - canadian1969 - password changed
March 28, 2017, 05:10:24 AM - swanny - woke up
March 28, 2017, 05:09:33 AM - sunnysingh - password changed
March 28, 2017, 05:09:19 AM - canadian1969 - woke up
March 28, 2017, 05:09:13 AM - nolispui - password changed
March 28, 2017, 05:09:10 AM - WARLOCKZA - password reset via email
March 28, 2017, 05:06:52 AM - sunnysingh - woke up
March 28, 2017, 05:06:28 AM - Wintervenom - woke up
March 28, 2017, 05:05:09 AM - Kasmetski - password changed
March 28, 2017, 05:02:31 AM - wvd_vegt - password changed
March 28, 2017, 05:01:15 AM - Lazerballz - password reset via email
March 28, 2017, 04:59:18 AM - adrianlzt - password changed
March 28, 2017, 04:59:02 AM - Jleagle - password changed
March 28, 2017, 04:58:40 AM - wvd_vegt - woke up
March 28, 2017, 04:57:51 AM - Jleagle - woke up
March 28, 2017, 04:57:45 AM - adrianlzt - woke up
March 28, 2017, 04:56:54 AM - traumschiff - password changed
March 28, 2017, 04:50:05 AM - legus - password reset via email
March 28, 2017, 04:39:36 AM - d3nz - password reset via email
March 28, 2017, 04:37:23 AM - Lazerballz - woke up
March 28, 2017, 04:36:56 AM - timoddk - woke up
March 28, 2017, 04:34:18 AM - Swain - password changed
March 28, 2017, 04:31:23 AM - Boobas007 - password reset via email
March 28, 2017, 04:30:00 AM - SparxNet - password changed
March 28, 2017, 04:29:31 AM - SparxNet - password changed
March 28, 2017, 04:28:29 AM - MikeyFlawless - woke up
March 28, 2017, 04:27:01 AM - SparxNet - password changed
March 28, 2017, 04:26:15 AM - cheaty - woke up
March 28, 2017, 04:26:12 AM - An7hrax - password changed
March 28, 2017, 04:25:59 AM - cheaty - password reset via email
March 28, 2017, 04:25:52 AM - SparxNet - woke up
March 28, 2017, 04:24:30 AM - An7hrax - woke up
March 28, 2017, 04:24:05 AM - Cablekevin - woke up
March 28, 2017, 04:20:22 AM - arthurpayne - woke up
March 28, 2017, 04:10:42 AM - Mineroftruth - woke up
March 28, 2017, 04:10:27 AM - duubo - woke up
March 28, 2017, 04:09:53 AM - 7im - password changed
March 28, 2017, 04:09:46 AM - Strumi - password changed
March 28, 2017, 04:09:00 AM - 7im - woke up
March 28, 2017, 04:08:22 AM - Strumi - woke up
March 28, 2017, 04:01:15 AM - onthefrynge - woke up
March 28, 2017, 03:58:57 AM - Cablekevin - password reset via email
March 28, 2017, 03:57:59 AM - TheFox21 - password changed
March 28, 2017, 03:57:12 AM - rlbewick - woke up
March 28, 2017, 03:56:10 AM - TheFox21 - woke up
March 28, 2017, 03:56:00 AM - Swain - woke up
March 28, 2017, 03:53:07 AM - lapaka - woke up
March 28, 2017, 03:51:35 AM - diefightdie - password changed
March 28, 2017, 03:51:03 AM - diefightdie - woke up
March 28, 2017, 03:49:23 AM - 0btc - password changed
March 28, 2017, 03:47:57 AM - Daddyhughes111 - password changed
March 28, 2017, 03:47:44 AM - ejntaylor - password changed
March 28, 2017, 03:47:23 AM - cedriclv - password reset via email
March 28, 2017, 03:44:28 AM - Oreios - password reset via email
March 28, 2017, 03:44:14 AM - whysthatso - woke up
March 28, 2017, 03:44:06 AM - Daddyhughes111 - woke up
March 28, 2017, 03:42:10 AM - ejntaylor - woke up
March 28, 2017, 03:41:52 AM - gordonsross - woke up
March 28, 2017, 03:41:43 AM - gordonsross - password reset via email
March 28, 2017, 03:38:25 AM - juloee - password reset via email
March 28, 2017, 03:37:01 AM - Picop88 - password reset via email
March 28, 2017, 03:34:25 AM - talweg - password reset via email
March 28, 2017, 03:32:26 AM - chuim - password changed
March 28, 2017, 03:32:00 AM - larraboj - woke up
March 28, 2017, 03:31:43 AM - larraboj - password reset via email
March 28, 2017, 03:30:56 AM - chuim - woke up
March 28, 2017, 03:29:10 AM - doc_lenny - woke up
March 28, 2017, 03:29:04 AM - doc_lenny - password reset via email
March 28, 2017, 03:25:32 AM - orkaa - password changed
March 28, 2017, 03:25:30 AM - d0tc0m - password changed
March 28, 2017, 03:24:50 AM - d0tc0m - woke up
March 28, 2017, 03:24:42 AM - orkaa - woke up
March 28, 2017, 03:24:39 AM - iuc - woke up
March 28, 2017, 03:22:54 AM - S-888 - password changed
March 28, 2017, 03:20:27 AM - S-888 - woke up
March 28, 2017, 03:17:10 AM - lusvirkap - password changed
March 28, 2017, 03:16:55 AM - DiskMiner - woke up
March 28, 2017, 03:16:50 AM - Griffnut - password reset via email
March 28, 2017, 03:14:47 AM - KoningSilk - woke up
March 28, 2017, 03:09:44 AM - FrederickGeek8 - woke up
March 28, 2017, 02:56:55 AM - level6 - password changed
March 28, 2017, 02:55:56 AM - formmailer - password changed
March 28, 2017, 02:55:13 AM - lusvirkap - woke up
March 28, 2017, 02:54:06 AM - qdos - password changed
March 28, 2017, 02:53:23 AM - formmailer - woke up
March 28, 2017, 02:53:01 AM - qdos - woke up
March 28, 2017, 02:47:06 AM - Barth42 - woke up
March 28, 2017, 02:46:55 AM - Barth42 - password reset via email
March 28, 2017, 02:46:49 AM - nick_tsai810 - password changed
March 28, 2017, 02:46:40 AM - pbackx - password changed
March 28, 2017, 02:45:53 AM - pbackx - woke up
March 28, 2017, 02:45:44 AM - nick_tsai810 - woke up
March 28, 2017, 02:44:22 AM - wabbit42 - woke up
March 28, 2017, 02:44:17 AM - wabbit42 - password reset via email
March 28, 2017, 02:41:08 AM - Magicoin - woke up
March 28, 2017, 02:40:59 AM - Magicoin - password reset via email
March 28, 2017, 02:39:41 AM - grin - password reset via email
March 28, 2017, 02:39:12 AM - gutsy_btc - password reset via email
March 28, 2017, 02:37:35 AM - Blasülz - woke up
March 28, 2017, 02:35:05 AM - benoliver999 - password changed
March 28, 2017, 02:34:10 AM - benoliver999 - woke up
March 28, 2017, 02:34:09 AM - btcnewb1 - woke up
March 28, 2017, 02:31:40 AM - Stollentroll - password changed
March 28, 2017, 02:28:47 AM - Stollentroll - woke up
March 28, 2017, 02:27:52 AM - aleksei - woke up
March 28, 2017, 02:26:20 AM - neildotwilliams - woke up
March 28, 2017, 02:26:14 AM - neildotwilliams - password reset via email
March 28, 2017, 02:24:49 AM - isaac12345 - password reset via email
March 28, 2017, 02:24:05 AM - joshuasherlock - password changed
March 28, 2017, 02:22:57 AM - Olsenius - password reset via secret question
March 28, 2017, 02:21:32 AM - Olsenius - woke up
March 28, 2017, 02:20:46 AM - joshuasherlock - woke up
March 28, 2017, 02:18:45 AM - pmp0925 - password changed
March 28, 2017, 02:14:24 AM - daerdah - password changed
March 28, 2017, 02:14:03 AM - CaffeinatedTech - password changed
March 28, 2017, 02:13:09 AM - CaffeinatedTech - woke up
March 28, 2017, 02:12:20 AM - daerdah - woke up
March 28, 2017, 02:11:05 AM - coinlave.com - password changed
March 28, 2017, 02:08:45 AM - WindGlider - password changed
March 28, 2017, 02:08:27 AM - bexxem - woke up
March 28, 2017, 02:07:21 AM - WolfMaster852 - woke up
March 28, 2017, 02:07:18 AM - WolfMaster852 - password reset via email
March 28, 2017, 02:05:27 AM - powersync - woke up
March 28, 2017, 02:03:36 AM - dinda22 - password reset via email
March 28, 2017, 02:03:18 AM - Foodle - password changed
March 28, 2017, 02:00:12 AM - fendy05 - woke up
March 28, 2017, 01:59:29 AM - for5november - password changed
March 28, 2017, 01:59:09 AM - eric_harris_76 - password changed
March 28, 2017, 01:58:50 AM - Foodle - woke up
March 28, 2017, 01:58:43 AM - gnarly - woke up
March 28, 2017, 01:58:27 AM - gnarly - password reset via email
March 28, 2017, 01:57:44 AM - for5november - woke up
March 28, 2017, 01:54:12 AM - eric_harris_76 - woke up
March 28, 2017, 01:53:48 AM - padde - woke up
March 28, 2017, 01:51:39 AM - itsacezon - woke up
March 28, 2017, 01:51:13 AM - ipodpowa - woke up
March 28, 2017, 01:51:06 AM - itsacezon - password reset via email
March 28, 2017, 01:46:42 AM - debtandtrust - woke up
March 28, 2017, 01:40:00 AM - fallunder - woke up
March 28, 2017, 01:38:56 AM - ongle - password changed
March 28, 2017, 01:37:05 AM - ongle - woke up
March 28, 2017, 01:35:53 AM - AngelLox - password changed
March 28, 2017, 01:35:39 AM - MrT - password changed
March 28, 2017, 01:35:39 AM - 4Byte2Bit1 - password changed
March 28, 2017, 01:34:08 AM - rfugger - woke up
March 28, 2017, 01:33:10 AM - jdo - woke up
March 28, 2017, 01:32:53 AM - 4Byte2Bit1 - woke up
March 28, 2017, 01:32:29 AM - WARLOCKZA - woke up
March 28, 2017, 01:32:29 AM - schmooby - password changed
March 28, 2017, 01:31:55 AM - futz.co - password changed
March 28, 2017, 01:31:03 AM - schmooby - woke up
March 28, 2017, 01:30:47 AM - martorix - woke up
March 28, 2017, 01:26:45 AM - olrosseel - woke up
March 28, 2017, 01:24:43 AM - cbbcbail - woke up
March 28, 2017, 01:20:33 AM - haiyanksa - password reset via email
March 28, 2017, 01:19:48 AM - tswestendorp - password changed
March 28, 2017, 01:19:06 AM - tswestendorp - woke up
March 28, 2017, 01:18:52 AM - grin - woke up
March 28, 2017, 01:16:17 AM - robbyoconnor - password changed
March 28, 2017, 01:15:42 AM - robbyoconnor - woke up
March 28, 2017, 01:11:05 AM - Vic_II - woke up
March 28, 2017, 01:09:11 AM - gatestone - password changed
March 28, 2017, 01:08:23 AM - haiyanksa - password changed
March 28, 2017, 01:04:17 AM - Briggs - woke up
March 28, 2017, 01:04:00 AM - gatestone - woke up
March 28, 2017, 12:59:55 AM - onnz423 - password changed
March 28, 2017, 12:57:35 AM - MORA - password changed
March 28, 2017, 12:54:34 AM - debtandtrust - password reset via email
March 28, 2017, 12:54:12 AM - nyeates - password changed
March 28, 2017, 12:53:44 AM - friendlyguitar - woke up
March 28, 2017, 12:53:40 AM - friendlyguitar - password reset via email
March 28, 2017, 12:52:57 AM - standard - woke up
March 28, 2017, 12:51:38 AM - standard - password reset via email
March 28, 2017, 12:48:33 AM - chrisgward - password changed
March 28, 2017, 12:47:42 AM - chrisgward - woke up
March 28, 2017, 12:47:04 AM - dvide - password changed
March 28, 2017, 12:46:54 AM - satoshcode - password changed
March 28, 2017, 12:46:22 AM - bitconexfoier - woke up
March 28, 2017, 12:46:11 AM - bitconexfoier - password reset via email
March 28, 2017, 12:45:34 AM - dvide - woke up
March 28, 2017, 12:41:34 AM - smallaxe - woke up
March 28, 2017, 12:41:23 AM - smallaxe - password reset via email
March 28, 2017, 12:39:51 AM - Bagus23 - password changed
March 28, 2017, 12:37:34 AM - scooby - woke up
March 28, 2017, 12:37:20 AM - scooby - password reset via email
March 28, 2017, 12:35:06 AM - Novus - password changed
March 28, 2017, 12:34:45 AM - joko - woke up
March 28, 2017, 12:34:32 AM - joko - password reset via email
March 28, 2017, 12:34:05 AM - nyeates - woke up
March 28, 2017, 12:32:27 AM - Novus - woke up
March 28, 2017, 12:29:09 AM - franzl - woke up
March 28, 2017, 12:28:43 AM - franzl - password reset via email
March 28, 2017, 12:28:00 AM - ratty - password changed
March 28, 2017, 12:27:11 AM - ratty - woke up
March 28, 2017, 12:24:59 AM - janhajk - password changed
March 28, 2017, 12:24:56 AM - duncnguyen - woke up
March 28, 2017, 12:23:25 AM - janhajk - woke up
March 28, 2017, 12:23:11 AM - BitRod - woke up
March 28, 2017, 12:22:41 AM - misadventure - password changed
March 28, 2017, 12:22:11 AM - royce - password reset via email
March 28, 2017, 12:21:36 AM - misadventure - woke up
March 28, 2017, 12:18:52 AM - voiplabs - password changed
March 28, 2017, 12:05:29 AM - c909 - woke up
March 28, 2017, 12:03:39 AM - TheMinersCoin - woke up

[Nemo1024]

Just got this alert from my http://haveibeenpwnd.com/ subscription!

You've been pwned!

You signed up for notifications when your account was pwned in a data breach and unfortunately, it's happened. Here's what's known about the breach:

Email found:   --------------
Breach:   Bitcoin Talk
Date of breach:   22 May 2015
Number of accounts:   501,407
Compromised data:   Dates of birth, Email addresses, Genders, IP addresses, Passwords, Security questions and answers, Usernames, Website activity
Description:   In May 2015, the Bitcoin forum Bitcoin Talk was hacked and over 500k unique email addresses were exposed. The attack led to the exposure of a raft of personal data including usernames, email and IP addresses, genders, birth dates, security questions and MD5 hashes of their answers plus hashes of the passwords themselves.

[dacueba]

It looks like we may have a step in the right direction here:

https://bitcointalk.org/index.php?topic=1842839.0

Maybe someone saw your post and did something about it. Maybe it was a plan the whole time. Who knows since I can't seem to find an announcement of any sort.

Check out his trust profile.

Holy crap! Look how many brand new accounts from 2011-2013 are "waking up" this is insane!
https://bitcointalk.org/seclog.php

How long will the message appear in the trust page?

And I assume the wake up will appear in the security log, right?

[Chris!]

It looks like we may have a step in the right direction here:

https://bitcointalk.org/index.php?topic=1842839.0

Maybe someone saw your post and did something about it. Maybe it was a plan the whole time. Who knows since I can't seem to find an announcement of any sort.

Check out his trust profile.

Holy crap! Look how many brand new accounts from 2011-2013 are "waking up" this is insane!
https://bitcointalk.org/seclog.php

How long will the message appear in the trust page?

And I assume the wake up will appear in the security log, right?

I'm assuming 30 days like the changed email/password alerts but I can't find too much information on it. Yes it's in the seclog.