Bitcoin Forum
August 19, 2019, 01:17:17 PM *
News: Latest Bitcoin Core release: 0.18.0 [Torrent] (New!)
 
   Home   Help Search Login Register More  
Pages: [1]
  Print  
Author Topic: Attempted account hack?  (Read 1315 times)
bitcoinminer
Sr. Member
****
Offline Offline

Activity: 322
Merit: 252



View Profile
April 25, 2013, 12:24:02 AM
 #1

For the second time now, someone has tried to reset my password on my account.

This time, it came from IP address 63.118.235.5, which traces to the domain "mail.wholesystems.com".

Any idea if there is someone from that domain involved in BitCoin?

Admin, last time you moved this message elsewhere - I think if we can have some of the other threads I've seen in here, a discussion about someone potentially trying to compromise an account is worthy of a discussion.

Be fearful when others are greedy, and greedy when others are fearful.

-Warren Buffett
Advertised sites are not endorsed by the Bitcoin Forum. They may be unsafe, untrustworthy, or illegal in your jurisdiction. Advertise here.
tysat
Legendary
*
Offline Offline

Activity: 966
Merit: 1001


Keep it real


View Profile
April 25, 2013, 01:04:33 AM
 #2

I'd suggest PMing theymos, he has access to the IP logs.
bitcoinminer
Sr. Member
****
Offline Offline

Activity: 322
Merit: 252



View Profile
April 25, 2013, 01:31:49 AM
 #3

Well the IP is listed in the message as being where it came from... what do you suggest?

Be fearful when others are greedy, and greedy when others are fearful.

-Warren Buffett
Kluge
Donator
Legendary
*
Offline Offline

Activity: 1218
Merit: 1011



View Profile
April 25, 2013, 01:37:48 AM
 #4

Well the IP is listed in the message as being where it came from... what do you suggest?
Theymos can check to see if that IP address has attempted to reset others', or if that IP address is associated with any accounts. If there are multiple instances of it, he can at least IP ban the person - which isn't really a solution worth cheering about, but there really aren't any decent solutions to this outside of ensuring your password is very secure both here and with your email service.
myrkul
Hero Member
*****
Offline Offline

Activity: 532
Merit: 500


FIAT LIBERTAS RVAT CAELVM


View Profile WWW
April 25, 2013, 04:00:22 AM
 #5

Well the IP is listed in the message as being where it came from... what do you suggest?
Theymos can check to see if that IP address has attempted to reset others', or if that IP address is associated with any accounts. If there are multiple instances of it, he can at least IP ban the person - which isn't really a solution worth cheering about, but there really aren't any decent solutions to this outside of ensuring your password is very secure both here and with your email service.
And with your back-up email service, if you use Gmail or another web-based email provider.

And lie on the security questions. Just remember your lies.

BTC1MYRkuLv4XPBa6bGnYAronz55grPAGcxja
Need Dispute resolution? Public Key ID: 0x11D341CF
No person has the right to initiate force, threat of force, or fraud against another person or their property. VIM VI REPELLERE LICET
John (John K.)
Global Troll-buster and
Legendary
*
Offline Offline

Activity: 1260
Merit: 1090


Will read PM's. Have more time lately


View Profile
April 25, 2013, 04:02:00 AM
 #6

I've seen hacking attempts on my IRC handle too.

My BTC Tip Jar: 1Pgvfy19uwtYe5o9dg3zZsAjgCPt3XZqz9 , GPG ID: B3AAEEB0 ,OTC ID: johnthedong
Escrow service is available on a case by case basis! (PM Me to verify I'm the escrow!)

bitcoinminer
Sr. Member
****
Offline Offline

Activity: 322
Merit: 252



View Profile
April 25, 2013, 04:09:31 AM
 #7

Is there a way to lock my account to a static IP address?

Be fearful when others are greedy, and greedy when others are fearful.

-Warren Buffett
theymos
Administrator
Legendary
*
Offline Offline

Activity: 3486
Merit: 6042


View Profile
April 25, 2013, 01:38:31 PM
 #8

I will look into it later. Maybe I'll add an option to disable password resets for your account.

And lie on the security questions. Just remember your lies.

Adding a security question is optional. I don't recommend using them (on any site).

Is there a way to lock my account to a static IP address?

That'd be too much trouble. Everyone changes IPs eventually.

1NXYoJ5xU91Jp83XfVMHwwTUyZFK64BoAD
myrkul
Hero Member
*****
Offline Offline

Activity: 532
Merit: 500


FIAT LIBERTAS RVAT CAELVM


View Profile WWW
April 25, 2013, 02:11:57 PM
 #9

And lie on the security questions. Just remember your lies.

Adding a security question is optional. I don't recommend using them (on any site).
Well, it's optional here. But not on every site. On those you do have to use them, so long as you lie, and remember the lie (mother's maiden name is actually the name of your first dog, or whatever) then that reduces the security vulnerability that they introduce.

How many famous people have had their accounts hacked because the attacker could just look up the answers to those questions?

BTC1MYRkuLv4XPBa6bGnYAronz55grPAGcxja
Need Dispute resolution? Public Key ID: 0x11D341CF
No person has the right to initiate force, threat of force, or fraud against another person or their property. VIM VI REPELLERE LICET
theymos
Administrator
Legendary
*
Offline Offline

Activity: 3486
Merit: 6042


View Profile
April 25, 2013, 06:15:41 PM
 #10

Yeah, "security questions" are totally insecure. For sites that require them, I just pick a random question and generate another password.

1NXYoJ5xU91Jp83XfVMHwwTUyZFK64BoAD
myrkul
Hero Member
*****
Offline Offline

Activity: 532
Merit: 500


FIAT LIBERTAS RVAT CAELVM


View Profile WWW
April 25, 2013, 06:28:12 PM
 #11

Yeah, "security questions" are totally insecure. For sites that require them, I just pick a random question and generate another password.
That's a great idea!

Mother's maiden name? D3r(83ckd8#22-H/  Cheesy

BTC1MYRkuLv4XPBa6bGnYAronz55grPAGcxja
Need Dispute resolution? Public Key ID: 0x11D341CF
No person has the right to initiate force, threat of force, or fraud against another person or their property. VIM VI REPELLERE LICET
wachtwoord
Legendary
*
Offline Offline

Activity: 1960
Merit: 1032


View Profile
April 25, 2013, 06:31:44 PM
 #12

Yeah, "security questions" are totally insecure. For sites that require them, I just pick a random question and generate another password.
That's a great idea!

Mother's maiden name? D3r(83ckd8#22-H/  Cheesy

Yeah I always just jam my keyboard on those. These are also stored as plain text often.
bitcoinminer
Sr. Member
****
Offline Offline

Activity: 322
Merit: 252



View Profile
April 25, 2013, 06:48:01 PM
 #13

Maybe we could require that someone has to request a password reset based on not only the username, but the email address associated with it as well?

Be fearful when others are greedy, and greedy when others are fearful.

-Warren Buffett
Birdy
Sr. Member
****
Offline Offline

Activity: 364
Merit: 250



View Profile
April 25, 2013, 10:04:12 PM
 #14

Yeah, "security questions" are totally insecure. For sites that require them, I just pick a random question and generate another password.

Hehe, I do that, too ^^
theymos
Administrator
Legendary
*
Offline Offline

Activity: 3486
Merit: 6042


View Profile
April 26, 2013, 12:15:40 AM
 #15

For the second time now, someone has tried to reset my password on my account.

This time, it came from IP address 63.118.235.5, which traces to the domain "mail.wholesystems.com".

Any idea if there is someone from that domain involved in BitCoin?

Admin, last time you moved this message elsewhere - I think if we can have some of the other threads I've seen in here, a discussion about someone potentially trying to compromise an account is worthy of a discussion.

I think that he only tried this on you. He may have actually thought that he owned your account. He was trying passwords on a similar-looking account.

1NXYoJ5xU91Jp83XfVMHwwTUyZFK64BoAD
bitcoinminer
Sr. Member
****
Offline Offline

Activity: 322
Merit: 252



View Profile
April 26, 2013, 03:12:32 AM
 #16

For the second time now, someone has tried to reset my password on my account.

This time, it came from IP address 63.118.235.5, which traces to the domain "mail.wholesystems.com".

Any idea if there is someone from that domain involved in BitCoin?

Admin, last time you moved this message elsewhere - I think if we can have some of the other threads I've seen in here, a discussion about someone potentially trying to compromise an account is worthy of a discussion.

I think that he only tried this on you. He may have actually thought that he owned your account. He was trying passwords on a similar-looking account.

OK.  I guess I'll just have to wait and see... it was just that this was the second time in about a month someone tried to "recover" my account.

Be fearful when others are greedy, and greedy when others are fearful.

-Warren Buffett
repentance
Hero Member
*****
Offline Offline

Activity: 868
Merit: 1000


View Profile
April 26, 2013, 09:19:56 AM
 #17

And lie on the security questions. Just remember your lies.

I always give nonsense answers on security questions.  You can put "polka dots" down for you mother's maiden name for all the system cares and "dragon football aluminium" for your favourite movie.

All I can say is that this is Bitcoin. I don't believe it until I see six confirmations.
myrkul
Hero Member
*****
Offline Offline

Activity: 532
Merit: 500


FIAT LIBERTAS RVAT CAELVM


View Profile WWW
April 26, 2013, 04:18:16 PM
 #18

And lie on the security questions. Just remember your lies.

I always give nonsense answers on security questions.  You can put "polka dots" down for you mother's maiden name for all the system cares and "dragon football aluminium" for your favourite movie.
Exactly. As long as you remember that your favorite movie was dragon football aluminum, you're good. Which is why I like Theymos' "just generate another password" idea. because then you don't have to remember. The password generator does that. Smiley

BTC1MYRkuLv4XPBa6bGnYAronz55grPAGcxja
Need Dispute resolution? Public Key ID: 0x11D341CF
No person has the right to initiate force, threat of force, or fraud against another person or their property. VIM VI REPELLERE LICET
Pages: [1]
  Print  
 
Jump to:  

Sponsored by , a Bitcoin-accepting VPN.
Powered by MySQL Powered by PHP Powered by SMF 1.1.19 | SMF © 2006-2009, Simple Machines Valid XHTML 1.0! Valid CSS!