IMPORTANT ★ Your password may have been stolen!!!

[Slark]

@riorondon1234 the way you construct your post is way too confusing for me to understand.
You are copying fragments of people's posts without proper quotation mark, so I have no idea which part is your own and which one is something others wrote.

@adaseb it is standard business practice, if company's system was breached/infected and there is no definitive proof, they will be denying that fact as long as they could.

[riorondon1234]

@riorondon1234 the way you construct your post is way too confusing for me to understand.
You are copying fragments of people's posts without proper quotation mark, so I have no idea which part is your own and which one is something others wrote.

@adaseb it is standard business practice, if company's system was breached/infected and there is no definitive proof, they will be denying that fact as long as they could.

Hi .... slarkier ... yes .... try to adapt to such a style of my new writing on forum .... i am learning and creating at the same time .... see, i adapt names and words in my sentences for some higher purposes ....  you will understand it maybe after i understand what i am writing .... lol .... ah, quotations are for me limitation, maybe, or i need  some more freedom for my constructions of the posts .... yeah, to keep minimum reputation sites will deny their leaks or failures to protect users, so long as they find it lucrative ... however, we have to improve our general position online, as users, .... owners are to earn and we are to play ... but, we need some technical and moral protections and recourse if owners are too intrusive or aggressive ....!

[d0flaming0]

@riorondon1234 the way you construct your post is way too confusing for me to understand.
You are copying fragments of people's posts without proper quotation mark, so I have no idea which part is your own and which one is something others wrote.

@adaseb it is standard business practice, if company's system was breached/infected and there is no definitive proof, they will be denying that fact as long as they could.

Hi .... slarkier ... yes .... try to adapt to such a style of my new writing on forum .... i am learning and creating at the same time .... see, i adapt names and words in my sentences for some higher purposes ....  you will understand it maybe after i understand what i am writing .... lol .... ah, quotations are for me limitation, maybe, or i need  some more freedom for my constructions of the posts .... yeah, to keep minimum reputation sites will deny their leaks or failures to protect users, so long as they find it lucrative ... however, we have to improve our general position online, as users, .... owners are to earn and we are to play ... but, we need some technical and moral protections and recourse if owners are too intrusive or aggressive ....!

Ooops it may be his own style but you know, quote is also necessary here and it is very useful form of communication its because it will highlight the posts of somebody you wanted to share your ideas like agree or disagree and give some advices.

Anyway its not a big deal on how you construct your post, but if it can be change make it clearer so readers would also understand and read it easily.

[riorondon1234]

@riorondon1234 the way you construct your post is way too confusing for me to understand.
You are copying fragments of people's posts without proper quotation mark, so I have no idea which part is your own and which one is something others wrote.

@adaseb it is standard business practice, if company's system was breached/infected and there is no definitive proof, they will be denying that fact as long as they could.

Hi .... slarkier ... yes .... try to adapt to such a style of my new writing on forum .... i am learning and creating at the same time .... see, i adapt names and words in my sentences for some higher purposes ....  you will understand it maybe after i understand what i am writing .... lol .... ah, quotations are for me limitation, maybe, or i need  some more freedom for my constructions of the posts .... yeah, to keep minimum reputation sites will deny their leaks or failures to protect users, so long as they find it lucrative ... however, we have to improve our general position online, as users, .... owners are to earn and we are to play ... but, we need some technical and moral protections and recourse if owners are too intrusive or aggressive ....!

Ooops it may be his own style but you know, quote is also necessary here and it is very useful form of communication its because it will highlight the posts of somebody you wanted to share your ideas like agree or disagree and give some advices.

Anyway its not a big deal on how you construct your post, but if it can be change make it clearer so readers would also understand and read it easily.

thanks for your observation and suggestions, but, you are right and i am correct, i use quotes often, sometimes i correct them for syntax and spelling, sometimes i delete emoticons from them, yeah, i can not create under pressure or limitations of the quotes, though they are useful, we are forum, not university, we need lot of exploring and experiments, this is a new virtual sphere, if you leave it to the reals, haha, they will steal even your faucets .. lol .. last faucet they stole from me is on pocketdice .... 4 hours ago, 4100 sts per 10 min, ... how ... they put your withdrawal on manual and you can not use faucet .... must cancel wd and go back to lose your winning of 0.001 btc per 7 days ... fees are 30% .. haha ... bitsler bans you on chat and steal your faucet rights ... lol .. thanks anyway ... see you

[Naokia980]

=== disclaimer before I go into detail : this case has nothing to do with Safedice ===

As a dice site owner (SAFEDICE.COM), recently I noticed on my log that there were many failed sign in attempts ( thousand of them ). Those failed attempts were using a username that does not exists on our database. However, there were also many correct attempts, probably around 20% of them.

This is not a brute force attack, since each trial use a different combination of username and password. Not to mention that brute force attack will be rejected by our server. the attacker seems to have a list of username and password, this make it difficult for me to differentiate between an attack and normal login. I have a strong suspicion that the list was acquired from another bitcoin site.

To all of you concerned with the safety of your account, whether its on SafeDice or another site, please always use 2FA and different password for each site.

I have just created a tool for SafeDice users to check if there was suspicious login attempt on their account. You can type /amisafe in the chat room, the server will reply you with the result. For those of you just want to check your username, you can just sign up and check immediately.

Again I strongly encourage everyone in bitcoin community to use 2FA whenever possible, and if there is any other bitcoin site owner has information about this please share this information.

OMG..."The hackers will likely be able to steal large amounts of bitcoins for sure. This should be publicly announced in the forum!"

I agree with that statement. Do quickly something about this common issue. I already changed password+email combination. Anyway thanks for info!

[eternalgloom]

I've also been getting some notifications of people trying to access my account on Crypto-games via the password recovery...
Just changed my passwords to be sure and will enable 2FA.

[nethan1btc]

This is just getting ridiculsous. Bitsler should come out and say whether they were hacked or not. If they avoid it and people get their BTC stolen from Bitsler or other websites where they used the same passwords people will be pissed off.

Going to make an account on Safedice.com and see if my account is there. Thanks for the tool to search our usernames.

You can always open a thread in scam accusation if you think they are cheating players with excuses of some hacks. Baryom(bitsler admin) looks like trusted member but anything can happen so lets find out the truth.

Of course we can open a thread for scam accusations for suspected cheating players who might done hacking just to win for the gamblig game. The bitsler admin should be promt in supporting the concerns being raised by those affected players by those attackers, and profit loss has been happening already. Everybody shoul support in the forum and must report all of this issue so that this must be addressed diectly to the site admins and immediate action will be implemented. This is a serious concern that need attention and we must help each other for the benefit of everyone.

[emberbekas]

Maybe people needs to read it again!

EDIT : These username/password combinations are not leaked, they are stolen. Only a player knows the password of his/her account and no one else(including staff because all passwords are encrypted), unless if these scam scripts/sites that steal a players information are being used, then the list will keep on growing

Bitsler is a site that gets its popularity quickly and it's no wonder if there are some people who of course do not like it.

[riorondon1234]

Maybe people needs to read it again!

EDIT : These username/password combinations are not leaked, they are stolen. Only a player knows the password of his/her account and no one else(including staff because all passwords are encrypted), unless if these scam scripts/sites that steal a players information are being used, then the list will keep on growing

Bitsler is a site that gets its popularity quickly and it's no wonder if there are some people who of course do not like it.

Bitsler has elements of scum and scam! They do not spam, they ban! When they ban you they steal your faucet money! They ban you, they do not ignore you! Why? Ask them! Can you ignore them? No! Why? Ask them! You can ban them by banning yourself from visiting that site! We are angry and we spam to fight that scum and scam so that we can reach super-grand slam! Only scum will tell you that you spam! They are adults from real life and owners of the sites! We are kids from virtual life and users on the sites! They will treat us as clients (customers and consumers)! But, we are online users! They say chat is their private property. We say chat is our universal right! For them chat is privilege, for us chat is right! What to do? I see only exit in implementing our users money and creating our users sites. If we leave the real adults owners to dominate our virtual sphere they will turn to perfidious and morbid predators. Simply, we have to protect and defend our virtual culture against intrusion and aggression from real culture! Thanks!
 

[d0flaming0]

I've also been getting some notifications of people trying to access my account on Crypto-games via the password recovery...
Just changed my passwords to be sure and will enable 2FA.

This is also one of my problems even in different sites and accounts, I always receive from my support email that my account has been log-in from another browser which has different IP as I am using right now.

I'm just wondering how could it happen since I'm using 2FA when its possible, maybe its just a bug or just my support email just have a problem.

[Naokia980]

I've also been getting some notifications of people trying to access my account on Crypto-games via the password recovery...
Just changed my passwords to be sure and will enable 2FA.

This is also one of my problems even in different sites and accounts, I always receive from my support email that my account has been log-in from another browser which has different IP as I am using right now.

I'm just wondering how could it happen since I'm using 2FA when its possible, maybe its just a bug or just my support email just have a problem.

Without 2FA it is impossible to enter account. Mail notifications is another lay of security if you dont welcome "unknown guests". Just my two cent: Till next time change mail password and dont use same password for other accounts.

[KenR]

I've also been getting some notifications of people trying to access my account on Crypto-games via the password recovery...
Just changed my passwords to be sure and will enable 2FA.

This is also one of my problems even in different sites and accounts, I always receive from my support email that my account has been log-in from another browser which has different IP as I am using right now.

I'm just wondering how could it happen since I'm using 2FA when its possible, maybe its just a bug or just my support email just have a problem.

Without 2FA it is impossible to enter account. Mail notifications is another lay of security if you dont welcome "unknown guests". Just my two cent: Till next time change mail password and dont use same password for other accounts.

2FA becomes helpless if your email id is hacked and that's what the hackers are doing these days with phishing links.I'd not even consider email authenticate as a safe 2fa measure.Phone Verification gives an extra protective layer,something off the internet and resistant to all possible attacks.

[BTCevo]

I've also been getting some notifications of people trying to access my account on Crypto-games via the password recovery...
Just changed my passwords to be sure and will enable 2FA.

This is also one of my problems even in different sites and accounts, I always receive from my support email that my account has been log-in from another browser which has different IP as I am using right now.

I'm just wondering how could it happen since I'm using 2FA when its possible, maybe its just a bug or just my support email just have a problem.

If I understand this well, let us assume that they steal our passwords but when it comes to login our account, this is the possible thing that happens. First if the site has email protection then they can't login through this because it need some verification. Second if you already put 2FA then they can' login it because the only one that have 2FA verification is you yourselves

So my point here is they only get your id and password well but if they do not have any access to our security, let me called it the second layer or even third layer, I do not think that they can get into out account hack it

[milewilda]

I've also been getting some notifications of people trying to access my account on Crypto-games via the password recovery...
Just changed my passwords to be sure and will enable 2FA.

This is also one of my problems even in different sites and accounts, I always receive from my support email that my account has been log-in from another browser which has different IP as I am using right now.

I'm just wondering how could it happen since I'm using 2FA when its possible, maybe its just a bug or just my support email just have a problem.

If I understand this well, let us assume that they steal our passwords but when it comes to login our account, this is the possible thing that happens. First if the site has email protection then they can't login through this because it need some verification. Second if you already put 2FA then they can' login it because the only one that have 2FA verification is you yourselves

So my point here is they only get your id and password well but if they do not have any access to our security, let me called it the second layer or even third layer, I do not think that they can get into out account hack it

This is the main purpose of 2fa or extra layers of security because even the site know our log-in information but they dont have access on the second one then theres no point of being getting hacked.Ive been thinking if a certain gambling site could able to disable to 2fa?To fully gain access on the account,oh i forgot you still need to log-in again when you do try to change the settings of 2fa.

[LuanX3]

Good thing I put 2fa on all of my accounts. This isn't good news for crypto gamblers and other users who use the same usernames and passwords over and over again, totally a great threat to us all. Well, everybody should really take precaution on their accounts, 2fa might be your last layer of protection, so do a little work on it guys.

[EdenHazard]

I've also been getting some notifications of people trying to access my account on Crypto-games via the password recovery...
Just changed my passwords to be sure and will enable 2FA.

seems like not only safedice , crypto-games etc login attempts . i got notification on my email too about someone trying to access my account. and i found thousands email/username & password list leaked on darkweb they claiming it was bitcointalk database when the website got hacked back in 2015 ago.

i think that is the reason why there a lot of failed login attempt, they are targeting bitcoin sites as they have a username&password list that come from hacked bitcointalk database.

[KenR]

i think that is the reason why there a lot of failed login attempt, they are targeting bitcoin sites as they have a username&password list that come from hacked bitcointalk database.

The list doesn't have the password. They've the encrypted hash.Remember : The password stored in the databases is never plain text,it's hashed so you can never retrieve it back in the original form.Definitely also depends on the type of encryption used.If you try to decode from the encrypted hash using one of the online tools,only common password like "password","123456789" can be retrieved back.That's why it's always safe to use a complicated password.

[numanoid]

~snip~

Mate, calm down, actually what the heck happened to you? You got ban from bitsler and you are saying they steal your faucets? AFAIK, they never ban their members if they didn't broke any their rules.
2FA and email notification are important things which should be implemented in any gambling sites, and i agree with you if those options should be optional too (There are some people who don't want verify from their email each time they login (include me))
By the way, why do you have a lot of facebook accounts? lol.

[adaseb]

Can anybody who has gotten their user/pass leaked, can you comment where you used that specific pass. This is assuming you used a unique password for all your sites.

I am trying to boil down where the hack could of came from. So far Bitsler admin is denying it saying they salt their information.

[BTCevo]

Can anybody who has gotten their user/pass leaked, can you comment where you used that specific pass. This is assuming you used a unique password for all your sites.

I am trying to boil down where the hack could of came from. So far Bitsler admin is denying it saying they salt their information.

i do not know if poloneix is included into the thing that you mentioned or not. Everytime i checked my email, i have this kind of problems, poloniex always sending me "people keep trying to login into my account using different ip" and i never allowed it, so i think it will be okay as long as you never clicked on that link. And about bitsler, it might never be hacked as i know and Baryom already explained everything right?