[FUD] What is with the hacked accounts epidemic ?

[Spoetnik]

So what is with the hacked accounts epidemic ?

Does anyone else find it fishy how sooooooo many NOOBS are showing up claiming they been hacked ?

I find it odd how i have not seen one of them mention what their password was or how strong it was etc.
I highly suspect the majority of them are bought accounts doing a charge back of sorts.
There is just way too many *NOOB* accounts popping up all mentioning how their account was "hacked"

..then sold 

[dillpicklechips]

So what is with the hacked accounts epidemic ?

Does anyone else find it fishy how sooooooo many NOOBS are showing up claiming they been hacked ?

I find it odd how i have not seen one of them mention what their password was or how strong it was etc.

Some of those accounts (if not all) are from users wayback 2015 who had left the forum before the database hack since it is announced to change your passwords and also emails due to that incident. So maybe they had catch up with the growing popularity of Bitcoin and decided to be back but they found their accounts been hacked.

I find it odd how i have not seen one of them mention what their password was or how strong it was etc.

Well normally if it is hacked then there's no need to state whether their password is strong or weak since it is hacked then it proves that either it is weak or the hacker used a method to break it or know it. The normal reaction is to recover and have it back rather than to focus on how powerful the password is.

I highly suspect the majority of them are bought accounts doing a charge back of sorts.

Possible but those who bought the account can post their conversation with him and the seller for proof. A proof to prove their innocence (whether he knows that it might be hacked or not) not to prove that they do own those and put the seller to be at fault rather than he.

[Spoetnik]

Nope..
I have seen that said a bunch of times as the main excuse and i ain't havin' it.

I was here then guys and during the other hacks like in 2013.
Passwords were advised to be changed as a precaution.. it's standard practice.

And there was never any reports over the years of a guy having his account hacked over the forum getting hacked.
Password won't matter ?
Actually yeah it does.

I challenge you stupid fucking scammy ass lying pricks to hack mine.
See how far you get..
Guess what ?
I have the same fucking password i had 2 forum hacks ago.
So if you dumb cunts can hack my account then do it.

You are lying little bullshitters.. the most obvious explanation is people are showing up and creating accounts then selling them / buying them etc then doing a charge back and profiting from it.

Hack my account assholes i fucking i dare you.
Or STFU with the stupid excuse.

And i swear honestly i never changed my password since i registered here in 2013.
But i do have the email account in my control.. so i can anytime i want.
>>I'll be waiting for the big hack to come  

[dillpicklechips]

Nope..
I have seen that said a bunch of times as the main excuse and i ain't havin' it.

I was here then guys and during the other hacks like in 2013.
Passwords were advised to be changed as a precaution.. it's standard practice.

And there was never any reports over the years of a guy having his account hacked over the forum getting hacked.
Password won't matter ?
Actually yeah it does.

I challenge you stupid fucking scammy ass lying pricks to hack mine.
See how far you get..
Guess what ?
I have the same fucking password i had 2 forum hacks ago.
So if you dumb cunts can hack my account then do it.

You are lying little bullshitters.. the most obvious explanation is people are showing up and creating accounts then selling them / buying them etc then doing a charge back and profiting from it.

Hack my account assholes i fucking i dare you.
Or STFU with the stupid excuse.

And i swear honestly i never changed my password since i registered here in 2013.
But i do have the email account in my control.. so i can anytime i want.
>>I'll be waiting for the big hack to come  

Lol.

I didn't said passwords are not important but rather a natural reaction to focus more on the hacked-account-issue rather than debate how strong it was and how hackers manage to hack it which is in this case has no relevance to recover the said account. Normal people just used simple passwords that is alphanumeric less than 15 characters but yours seems monstrous which you are implying.  

[dothebeats1]

Haven't changed mine since the last hack (2015) but it took two years for mine to get hacked, and the password I use is just an anagram of what my real name is (so yeah I fucked up on that part). Even my first alt account that I first used to send PMs to theymos and Cyrus is also hacked (?) since I can't open it today.

Should 2FA be enabled or nah? Or does SMF support 2FA services?

[Wendigo]

I don't think this ancient forum software has any 2FA capabilities 

[hilariousetc]

I challenge you stupid fucking scammy ass lying pricks to hack mine.
See how far you get..
Guess what ?
I have the same fucking password i had 2 forum hacks ago.
So if you dumb cunts can hack my account then do it.

You are lying little bullshitters.. the most obvious explanation is people are showing up and creating accounts then selling them / buying them etc then doing a charge back and profiting from it.

Hack my account assholes i fucking i dare you.
Or STFU with the stupid excuse.

And i swear honestly i never changed my password since i registered here in 2013.
But i do have the email account in my control.. so i can anytime i want.
>>I'll be waiting for the big hack to come  

Well this isn't advisable (if true) but if you have a ridiculously strong password then you'll likely be safe. It's the ones with weak/bog standard passwords that get bruteforced eventually and as time goes on the more people return to the forum and realise their password has been changed so they enquire about getting it back hence all the threads. Some people are just idiots and log onto phishing sites as well etc.

[Quickseller]

The passwords to everyone's account have been public in hashed format since 2015. It takes some amount of work to figure out what each accounts password is so it is possible that someone recently took the time to figure out what many passwords are to accounts whose passwords have not been changed since the hack.

[OgNasty]

I don't think people are "hacking" these accounts.  I think they're being taken over using malicious MITM links, where users are clicking and then entering their username/password information on a fake site, essentially giving away their login.

I think the only way to combat this problem is to change the hover color of off-site links to red, warning users they're going off-site.  As opposed to the current green highlight when they stay on-site.  This would give unsuspecting users a fighting chance against the issue.

[hilariousandco]

I don't think people are "hacking" these accounts.  I think they're being taken over using malicious MITM links, where users are clicking and then entering their username/password information on a fake site, essentially giving away their login.

Some of them are being hacked in this way but others are exactly how Quickseller described above. You can tell because they're all old accounts that haven't posted since 2015 or earlier.

I think the only way to combat this problem is to change the hover color of off-site links to red, warning users they're going off-site.  As opposed to the current green highlight when they stay on-site.  This would give unsuspecting users a fighting chance against the issue.

I've suggested theymos implement a redirect notice/landing page that tells you when you're going off site and to check the url carefully etc. Will stop a lot of these attacks.

[dothebeats1]

I've suggested theymos implement a redirect notice/landing page that tells you when you're going off site and to check the url carefully etc. Will stop a lot of these attacks.

This is a great idea for lazy people in the forums. A prompt could appear like when you try to watch or unwatch a topic here. Something like: "Warning: you are leaving bitcointalk etc etc." would be nice.


Anyways, my account is still hacked. Waiting for theymos or Cyrus to reply on my messages in regards to that. I just hope the hacker wouldn't go out asking for loans or anything that might ruin the reputation of the said account.

[Scoremaster]

So what is with the hacked accounts epidemic ?

Does anyone else find it fishy how sooooooo many NOOBS are showing up claiming they been hacked ?

I find it odd how i have not seen one of them mention what their password was or how strong it was etc.
I highly suspect the majority of them are bought accounts doing a charge back of sorts.
There is just way too many *NOOB* accounts popping up all mentioning how their account was "hacked"

..then sold 

Doesn't seem my account was hacked. I didn't log in for awhile. I dunno.

Though I am still a lowbie account hehe. Wish I had logged in and posted for awhile, I am missing on on sig campaigns.

[BitHodler]

The passwords to everyone's account have been public in hashed format since 2015. It takes some amount of work to figure out what each accounts password is so it is possible that someone recently took the time to figure out what many passwords are to accounts whose passwords have not been changed since the hack.

Not sure how difficult it is for theymos to implement, but can't he just reset the passwords from users that didn't log in their accounts since last year for example?

It would directly lead to far lower numbers of accounts getting 'hacked' that way. I am actually surprised that something like that hasn't been done yet.

It's basically on a daily basis that I see accounts pop up with a massive gap in their post history joining, or trying to join signature campaigns. If nothing gets done, it will only get worse.

[Quickseller]

The passwords to everyone's account have been public in hashed format since 2015. It takes some amount of work to figure out what each accounts password is so it is possible that someone recently took the time to figure out what many passwords are to accounts whose passwords have not been changed since the hack.

Not sure how difficult it is for theymos to implement, but can't he just reset the passwords from users that didn't log in their accounts since last year for example?

Reset the passwords to what? Many accounts do not have valid email addresses associated with them, and those that do may have the same passwords associated with their accounts.

[The Sceptical Chymist]

I don't think this ancient forum software has any 2FA capabilities.

Well we should be getting a new forum any year now, and I'm sure all those donations are being well spent on security features.   [ /s].

I don't buy 90% of shit newbies say anyway,  so spoetnik is probably correct that they're pulling off some kind of scam or they're buying accounts.  What else is new.

[Spoetnik]

I don't think people are "hacking" these accounts.  I think they're being taken over using malicious MITM links, where users are clicking and then entering their username/password information on a fake site, essentially giving away their login.

I think the only way to combat this problem is to change the hover color of off-site links to red, warning users they're going off-site.  As opposed to the current green highlight when they stay on-site.  This would give unsuspecting users a fighting chance against the issue.

Plausible.. i seen guys hacked at Cryptsy by visiting a malicious site years ago.
It stole their cookie session login etc.

QuickSeller that is bullshit and i don't buy it.
No claim was ever made by staff here that hashed passwords were stolen.
And even if they were i highly doubt anyone is reversing them.

I think the vast majority are bullshitting.

I said not one guy i seen mentioned what his password was.
yeah that is a red flag.
Not one guy showed up to say hey mine was like fort knox.
As matter of fact i never seen one guy bring up the issue at all.
They seem to all be noob accounts then they post almost using a formula or template.

Unless the passwords are stored on theymos's servers in plain text i call bullshit on most of you.
Most are probably involved in chargeback type shenanigans.

This reeks and if you all don't believe me then look at how many are showing up and read them..
Notice any similarities ?

And yeah my password is tough i just said so..
Why should that matter if all these people are being hacked ?
If they are being hacked then it wouldn't matter what the password is then right ?
THAT was my point.

i have 0 worries.
No one is going to be hacking my account.
I encourage users to try though LOL

Oh and lets not forget the context here..
This place is about nothing more than NOOBS showing up and launching scams or joining SIG campaigns or account farming or trading shitcoins for profits.
We are not dealing with reputable people  
They are all shady sleazy losers trying anything they can to scam and collect BTC dust.

yeah.. some.
I get it.
I am saying i bet MOST are full of shit.
Not all but a huge amount of them doing this.

@The Pharmacist
Any day year decade now !
And i just get a feeling they are full of shit reading their posts.
I bet many buy an account and then have the original owner try and take it back after selling it.
See Muddafudda for an example.

Or theymos is not telling us about some magical new super hack that happened LOL 

Oh and and.. why doesn't the site block users if they are brute forcing passwords ?
Does that happen here ? If not why ?
No site in this day & age should let users sit there and try and bruteforce the password.
2fa would be nice too.. better get donating guys

[hilariousandco]

QuickSeller that is bullshit and i don't buy it.
No claim was ever made by staff here that hashed passwords were stolen.
And even if they were i highly doubt anyone is reversing them.

QS is right. The hashed passwords were leaked and they're still available for anyone who wants them. Spend time cracking them and you'll get into many of them with weak passwords.

[minifrij]

I think the only way to combat this problem is to change the hover color of off-site links to red, warning users they're going off-site.  As opposed to the current green highlight when they stay on-site.  This would give unsuspecting users a fighting chance against the issue.

I disagree. If idiots don't check the URL then they won't check if the link colour is red. It would also be semi-scare mongering; not every link not on the domain bitcointalk.org is dangerous. Colouring them in red makes it seem as such.

The best way to go about it would be something similar to what hilariousandco suggested:

I've suggested theymos implement a redirect notice/landing page that tells you when you're going off site and to check the url carefully etc. Will stop a lot of these attacks.

but doing this would take away resources from a forum that has already had to have it's functionality cut back to run properly.

QuickSeller that is bullshit and i don't buy it.
No claim was ever made by staff here that hashed passwords were stolen.

cough.

And even if they were i highly doubt anyone is reversing them.

Why? If people bruteforce Minecraft accounts, why wouldn't they with accounts that could make them hundreds-millions of dollars?

Not one guy showed up to say hey mine was like fort knox.
As matter of fact i never seen one guy bring up the issue at all.

This guy was pretty adamant that it wasn't his fault, if he would fit into either of those.

They seem to all be noob accounts

Because they make new accounts, since their old ones have been hacked.

then they post almost using a formula or template.

Because there is a template to follow (sorta). There aren't many ways you can jazz up 'My account has been hacked can I have my password reset'.

Unless the passwords are stored on theymos's servers in plain text i call bullshit on most of you.

They were hashed using 7500 rounds of sha256crypt, but if the password is weak then this will be broken eventually.

Most are probably involved in chargeback type shenanigans.

I don't know about most, but some most certainly.

And yeah my password is tough i just said so..
Why should that matter if all these people are being hacked ?
If they are being hacked then it wouldn't matter what the password is then right ?
THAT was my point.

It makes a few million years of a difference what the password is. Do you have any idea what you're talking about?

i have 0 worries.
No one is going to be hacking my account.

Good. I should hope not.

Oh and and.. why doesn't the site block users if they are brute forcing passwords ?
Does that happen here ? If not why ?

Because they don't use the site. They get a 'random' string of characters and hash it with 7500 rounds until the hashes match.* If they do, then that string is most likely the password. You don't need to even be connected to the internet to do that.

*It's not quite that simple, but it's essentially how it works.

No site in this day & age should let users sit there and try and bruteforce the password.

theymos told people to change their passwords to something strong. There is nothing more that he can do without an upgrade to the forum software.

[Quickseller]

QuickSeller that is bullshit and i don't buy it.
No claim was ever made by staff here that hashed passwords were stolen.
And even if they were i highly doubt anyone is reversing them.

Well I guess technically the claim was made by an admin, and the claim was more that they were leaked, not stolen, but I guess they would have to be first stolen to be leaked.

QuickSeller that is bullshit and i don't buy it.
No claim was ever made by staff here that hashed passwords were stolen.
And even if they were i highly doubt anyone is reversing them.

QS is right. The hashed passwords were leaked and they're still available for anyone who wants them. Spend time cracking them and you'll get into many of them with weak passwords.

It is possible that hackers are getting more advanced as to which accounts have had their passwords changed. For example, they could crawl through the security log and related archives and use automation to check which accounts have had their passwords changed since the hack, and only put effort into trying to crack accounts who do not show up on that list. Or they could check for probable alts, and see if all the passwords were similar and if so, they might try to hack related email addresses. Or they could search for likely fake email addresses (either on the domain side, or the account side) using some criteria to check for likely randomness, create an email address and hack accordingly.

[OgNasty]

I think the only way to combat this problem is to change the hover color of off-site links to red, warning users they're going off-site.  As opposed to the current green highlight when they stay on-site.  This would give unsuspecting users a fighting chance against the issue.

I disagree. If idiots don't check the URL then they won't check if the link colour is red. It would also be semi-scare mongering; not every link not on the domain bitcointalk.org is dangerous. Colouring them in red makes it seem as such.

The best way to go about it would be something similar to what hilariousandco suggested:

I've suggested theymos implement a redirect notice/landing page that tells you when you're going off site and to check the url carefully etc. Will stop a lot of these attacks.

but doing this would take away resources from a forum that has already had to have it's functionality cut back to run properly.

Seems we disagree about what is more important, functionality or appearance.  Honestly, I agree that people should be aware of things like the URL they're clicking.  Having the forum check automatically would be a nice feature in my opinion.  If "idiots" don't understand the red link and are scared off by it, I'd say that's better than them being hacked.  However, from an advertising driven business perspective I can understand the reason we don't have a "semi-scare mongering" protection in place.  It also sends you down the slippery slope of protecting users from scams, which has already been labeled an impossible task.  That is why I think the only answer here is to educate users, but so often they are insulted and belittled instead.