theymos, somebody embedded a sig ... UPDATE !!!

[Gleb Gamow]

Okay, I give! Why can't I now log in with the Gleb account but it's showing that I'm logged in?

The online status lingers for a while even after going offline - that's just how it is.

Yes, this is Bruno.

EDIT: I see that the Gleb account is no longer online. I'll now log off Al and try to log on Gleb.

True statement.

I'll accept that, with theymos was looking into it. He emailed me and let me know that my PW was randomized and to have me change it again which I did, hence now able to log in.

Thank you, theymos.

[1715169192]

1715169192

[1715169192]

1715169192

[1715169192]

1715169192

[Gleb Gamow]

theymos replaced all the PMs that were sent from my account, the latter ones being by me personally and should be obvious which ones they are. I still don't see the ones that were sent to me in my In Box, but that may not be important I guess.

[theymos]

It seems to me that someone guessed Gleb's password using the password hashes stolen in 2015, since Gleb didn't change his password since then. The Glebonator account may be due to the attacker trying a new password-cracking attack against accounts in alphabetical order, or due to specifically targeting Gleb and incorrectly believing that that account belonged to him, or because Glebonator is the attacker.

I still don't see the ones that were sent to me in my In Box, but that may not be important I guess.

I restored those as well now.

[anonymoustroll420]

It seems to me that someone guessed Gleb's password using the password hashes stolen in 2015, since Gleb didn't change his password since then. The Glebonator account may be due to the attacker trying a new password-cracking attack against accounts in alphabetical order, or due to specifically targeting Gleb and incorrectly believing that that account belonged to him, or because Glebonator is the attacker.

I still don't see the ones that were sent to me in my In Box, but that may not be important I guess.

I restored those as well now.

It's resolved, awesome.

Gleb, it may be a good idea to post a signed message here from a Bitcoin address that you once posted (the address that used to be on your profile perhaps?) stating that its you and you're in control along with todays date, so that people know it's really you in the hot seat.

[ImHash]

You should stop calling out scammers with their scam projects and why do you still have the sig on?

[Quickseller]

Wow I thought for sure this was another troll thread.

Maybe Glebonator should be banned/locked since it is almost certain to be hacked, or is possibly the hacker.

[freedomno1]

Nice defense there Gleb I guess the hacker does have a bunch of old password hashes from 2015
Just goes to show people are still attempting to break into them

[muleroaa]

Glad you got it fixed Gleb. Almost actually thought Qtum succeeded in 'hacking' your account

I had my (original) account broken in to a little while after the hack in 2015 and got notified on my e-mail about PM's that I wasn't sending. That was scary. I managed to change the password but I forgot it. I wanted to restore the account by answering my secret question, which in turn locked my account.

It seems to me that someone guessed Gleb's password using the password hashes stolen in 2015, since Gleb didn't change his password since then. The Glebonator account may be due to the attacker trying a new password-cracking attack against accounts in alphabetical order, or due to specifically targeting Gleb and incorrectly believing that that account belonged to him, or because Glebonator is the attacker.

I still don't see the ones that were sent to me in my In Box, but that may not be important I guess.

I restored those as well now.

Theymos, I have made this topic about my locked account: https://bitcointalk.org/index.php?topic=1803387.msg17966365#msg17966365

I know this isn't the place to ask, but I have staked my BTC address and signed a message, I have sent a few PM's over the last year but my account (madjules007) is still locked. Do you have any chance to unlock it for me?

[Gleb Gamow]

You should stop calling out scammers with their scam projects and why do you still have the sig on?

Removing the sig in a couple minutes. Left it there along with the added comment for sound reasoning from a sound mind, or something like that.

It seems to me that someone guessed Gleb's password using the password hashes stolen in 2015, since Gleb didn't change his password since then. The Glebonator account may be due to the attacker trying a new password-cracking attack against accounts in alphabetical order, or due to specifically targeting Gleb and incorrectly believing that that account belonged to him, or because Glebonator is the attacker.

I still don't see the ones that were sent to me in my In Box, but that may not be important I guess.

I restored those as well now.

I'm leaning heavily toward the Glebonator user account having something to do with this.

I was mistaken. The Gleb account password wasn't changed since its inception. I think I looked at my computer logs incorrectly via clicking a different user account that has the strong password. I guess I have to change the PWs on all my 87 accounts (running gag; really somewhere north of a dozen account, almost all declared, of which one of the non-declared immediately comes to mind, created to fuck with some nefarious actor a year or two ago - not the user account nibbknot).

[nibbknot]

You should stop calling out scammers with their scam projects and why do you still have the sig on?

Removing the sig in a couple minutes. Left it there along with the added comment for sound reasoning from a sound mind, or something like that.

It seems to me that someone guessed Gleb's password using the password hashes stolen in 2015, since Gleb didn't change his password since then. The Glebonator account may be due to the attacker trying a new password-cracking attack against accounts in alphabetical order, or due to specifically targeting Gleb and incorrectly believing that that account belonged to him, or because Glebonator is the attacker.

I still don't see the ones that were sent to me in my In Box, but that may not be important I guess.

I restored those as well now.

I'm leaning heavily toward the Glebonator user account having something to do with this.

I was mistaken. The Gleb account password wasn't changed since its inception. I think I looked at my computer logs incorrectly via clicking a different user account that has the strong password. I guess I have to change the PWs on all my 87 accounts (running gag; really somewhere north of a dozen account, almost all declared, of which one of the non-declared immediately comes to mind, created to fuck with some nefarious actor a year or two ago - not the user account nibbknot).

It's about time you got rid of that stupid sig.

Gleb's da man! 

[Vod]

since Gleb didn't change his password since then.

Shame on you Gleb, for making more work for Theymos!!   

Glad you got your account back.  Down with hackers!

[Gleb Gamow]

since Gleb didn't change his password since then.

Shame on you Gleb, for making more work for Theymos!!   

Glad you got your account back.  Down with hackers!

I didn't really lose it, but did loose control. I blame the Vodonator.

[22naru]

since Gleb didn't change his password since then.

Shame on you Gleb, for making more work for Theymos!!   

Glad you got your account back.  Down with hackers!

I didn't really lose it, but did loose control. I blame the Vodonator.

hey so you didnt change your pws after the attak and you got hacked... but what about Qtum? is the hacker who try it to use your account to get extra stuff or you still blame Qtum team ?

[Gleb Gamow]

Now how the hell did the hacker get my newly created PW that was much stronger than the first one?

Hi <redacted>,
Someone just used your password to try to sign in to your Google Account <redacted>@gmail.com.
Details:
Thursday, March 30, 2017 10:41 PM (GMT)
Google stopped this sign-in attempt, but you should review your recently used devices:

I guess I have to change it again.

Bruno

PS: THIS ISN'T AN APRIL FOOLS PRANK LIKE MY OTHER THREAD IN META.

PPS: PW changed.

Here's were the attack came from:

I live in Bullhead City, AZ, outside Vegas across the Colorado River, but I don't use Firefox. 98.6% Chrome; rest IE; very seldom Tor.

Maybe theymos could make a connection with this IP address: 76.164.227.178

[Glebonator]

It seems to me that someone guessed Gleb's password using the password hashes stolen in 2015, since Gleb didn't change his password since then. The Glebonator account may be due to the attacker trying a new password-cracking attack against accounts in alphabetical order, or due to specifically targeting Gleb and incorrectly believing that that account belonged to him, or because Glebonator is the attacker.

I still don't see the ones that were sent to me in my In Box, but that may not be important I guess.

I restored those as well now.

I'm not attacker. I can confirm my first old password and number of password changes.

And I can confirm, that this photo from my old post is mine!

Some little CAPT for info boards in my university. EcuaMobi, please, make russian version of this page http://captcoin.com/

[Glebonator]

-----BEGIN BITCOIN SIGNED MESSAGE-----
Glebonator is my account. I didn't hack Gleb Gamow account. The current date is July 10th, 2018.
-----BEGIN SIGNATURE-----
1EVgSc168eBe2R6LJnS4L2fKkywjPk9UZ

Code:

  "address": "1EVgSc168eBe2R6LJnS4L2fKkywjPk9UZ",
  "message": "July 10th, 2018. I, Glebonator am in control of this wallet. My account isn't compromised. Please, don't associate me with Gleb Gamow",
  "signature": "G79lpMaPA3AQHo0FII4LoWQz2H59/TohlUsAu2PA8Ip2fpD/fC5aDLIjZiGk1DsZJS8dnfapF7OIbzwUxuY0yy0="

-----END BITCOIN SIGNED MESSAGE-----

My bitcoin address is contained in the link to non-existent site, sorry about that.

He yпycтитe вpeмя Джeкпoтa! A в oбычныe чacы 1к, coвceм нe дypнo! http://pinktussy.co/

[Glebonator]

theymos, Gleb Gamow, any feedback please.

[mazdafunsun]

Most likely someone has found your password. Change it NOW! You may also have to log out and log back in after changing the PW to ensure the hacker isn't still logged in.

If they got my password, then there's more serious problems because the one I used for this account is an uber good one - many characters with symbols et al. No way they could've hacked it.

Just want to point out that, brute force password hacking is not the only way to get your password and I believe that "guessing" your password is the hardest way to do it.
In most cases passwords are leaked all over the web and then hackers try to use it in different webs.
Thus it is smart to use different passwords for different places.

[erikoy]

Most likely someone has found your password. Change it NOW! You may also have to log out and log back in after changing the PW to ensure the hacker isn't still logged in.

If they got my password, then there's more serious problems because the one I used for this account is an uber good one - many characters with symbols et al. No way they could've hacked it.

An admin needs to review my recent IP history et al. to see where the attack came from.

Lol maybe hackers do not need to hack your password just to access your account. Reminders that this is not a blockchain where you only alone can access your account. Meaning to say that they had a tool that can bypass any account of BCT. Besides, it was also been done in those timw where all of the BTC forum being hijack by someone and compromises users and password. So it could be possible that the forum nownis being hijack again.

[Glebonator]

OMG, mazdafunsun, erikoy, it's off topic.

Much time has passed, but "grandfather" Gleb Gamow and "man with spray of paint" hilariousandco didn't answer me.