ihsotas
Newbie
 Offline
Activity: 28
Merit: 0
|
 |
May 27, 2013, 04:37:36 AM |
|
Funny. @octal is a friend of mine, was at BTC2013.
Twitter has 2FA now -- really unforgivable for a visible frontman of the BTC world.
|
|
|
|
|
tvbcof
Legendary
Offline
Activity: 4592
Merit: 1276
|
|
May 27, 2013, 04:44:47 AM |
|
Funny. @octal is a friend of mine, was at BTC2013.
Twitter has 2FA now -- really unforgivable for a visible frontman of the BTC world.
I should be more clear that the attacker who had control of Jon's account was communicating with @octal. Hey attacker? Tell us if Jon's Yahoo! password was some permutation of 'liberty', 'rand', 'atlas', etc and I'll send you a few bucks. |
sig spam anywhere and self-moderated threads on the pol&soc board are for losers.
|
|
|
ihsotas
Newbie
Offline
Activity: 28
Merit: 0
|
|
May 27, 2013, 04:48:31 AM |
|
Funny. @octal is a friend of mine, was at BTC2013.
Twitter has 2FA now -- really unforgivable for a visible frontman of the BTC world.
I should be more clear that the attacker who had control of Jon's account was communicating with @octal. Hey attacker? Tell us if Jon's Yahoo! password was some permutation of 'liberty', 'rand', 'atlas', etc and I'll send you a few bucks. Right. @octal was just asking the hacker a bunch of questions through twitter, and that was one of the responses. You can still see the questions on @octal's account, but @jonmatonis has been purged to 0 tweets and just a handful of followers. It's surprising how much schadenfreude there's been around this. I don't know much about Matonis, but is seems like a lot of people had very little respect for him. |
|
|
|
|
tvbcof
Legendary
Offline
Activity: 4592
Merit: 1276
|
|
May 27, 2013, 05:04:12 AM |
|
...
It's surprising how much schadenfreude there's been around this. I don't know much about Matonis, but is seems like a lot of people had very little respect for him.
I'd derive amusement about something like this no matter who it happened to. Even if it were myself! No harm, no foul. OTOH, it becomes a bit criminal depending on what that binary does. I assume that the attacker would stay out of the kitchen if he (most likely 'he') cannot stand the heat, and I'll enjoy it even more if he get's caught. --- FWIW, this is IMO yet another somewhat valuable illustration of just how difficult it can be to maintain control of one's data these days, and that really needs to be a factor in being realistic about crypto-currency design. |
sig spam anywhere and self-moderated threads on the pol&soc board are for losers.
|
|
|
|
|
Stunna
Legendary
Offline
Activity: 3192
Merit: 1278
Primedice.com, Stake.com
|
|
May 27, 2013, 06:13:35 AM
Last edit: May 27, 2013, 06:24:01 AM by Stunna |
|
Well.. this certainly must be a very embarrassing situation for him, poor guy. Most people are smart enough to immediately realize he has been hacked though.
EDIT: They appeared to have deleted his account..
|
|
|
|
ihsotas
Newbie
Offline
Activity: 28
Merit: 0
|
|
May 27, 2013, 06:31:01 AM |
|
Well.. this certainly must be a very embarrassing situation for him, poor guy. Most people are smart enough to immediately realize he has been hacked though.
EDIT: They appeared to have deleted his account..
Twitter usually deactivates or locks out compromised accounts if the victim can prove their identity; that doesn't seem to be the case here. The hacker is still tweeting under @jonmatonis. As I write this, there are two tweets: Jon Matonis @jonmatonis 1h Good luck getting your Twitter back now Jon. Shouldn't have ignored me, GG. Jon Matonis @jonmatonis 1h @octal He got his other stuff back... |
|
|
|
|
Stunna
Legendary
Offline
Activity: 3192
Merit: 1278
Primedice.com, Stake.com
|
|
May 27, 2013, 06:33:11 AM |
|
Well.. this certainly must be a very embarrassing situation for him, poor guy. Most people are smart enough to immediately realize he has been hacked though.
EDIT: They appeared to have deleted his account..
Twitter usually deactivates or locks out compromised accounts if the victim can prove their identity; that doesn't seem to be the case here. The hacker is still tweeting under @jonmatonis. As I write this, there are two tweets: Jon Matonis @jonmatonis 1h Good luck getting your Twitter back now Jon. Shouldn't have ignored me, GG. Jon Matonis @jonmatonis 1h @octal He got his other stuff back... Ah, very true my mistake. It seems they managed to steal his twitter handle though. At least they no longer have access to his followers. |
|
|
|
|
|
Vycid
Sr. Member
Offline
Activity: 336
Merit: 250
♫ the AM bear who cares ♫
|
|
May 27, 2013, 12:04:12 PM |
|
Offtopic sort of but I find it neccessary to be said:
Anyone having Facebook, Twitter, MySpace, Google+ or similar account or is using any of services provided by (major) corporations or other service providers who are heavily backed
by the system and is involved with cryptocoins at the same time is an idiot, period.
Jon has done a lot for the progression of Bitcoin over the past years. Not a nice thing to say mate! He is working on disruptive technology threatening established (monetary) systems and uses Twitter. Oh, please. Bitcoin is not currently a threat to any established monetary system. Don't be delusional. He's a guy who didn't take appropriate steps to secure his accounts, they got hacked, and now someone else has control of them. This happens to celebrities all the time. |
|
|
|
bg002h
Donator
Legendary
Offline
Activity: 1463
Merit: 1047
I outlived my lifetime membership:)
|
|
May 27, 2013, 03:44:13 PM |
|
Offtopic sort of but I find it neccessary to be said:
Anyone having Facebook, Twitter, MySpace, Google+ or similar account or is using any of services provided by (major) corporations or other service providers who are heavily backed
by the system and is involved with cryptocoins at the same time is an idiot, period.
You really think so? What sets crypto apart? Is it just the ease of fraud? |
|
|
|
tvbcof
Legendary
Offline
Activity: 4592
Merit: 1276
|
|
May 27, 2013, 06:54:17 PM |
|
The fun continues into Monday. For posterity: ----- Jon Matonis @jonmatonis 33m Exploit I used to compromise Mr. Matonis's Yahoo, leading to all his accounts being jacked: http://goo.gl/TAfzA Enjoy. ----- Now all of Jon's tweets are back, but he is down to zero followers and followings. I'm kinda wondering if Jon either has control, or is leaving control in the hands of the attacker to gain information. But I have no idea how Twitter and it's support structures work. As always, it would likely be monumentally stupid to simply execute the downloaded program (which, like the one yesterday, I have a copy of if anyone wants it.) |
sig spam anywhere and self-moderated threads on the pol&soc board are for losers.
|
|
|
charleshoskinson
Legendary
Offline
Activity: 1134
Merit: 1008
CEO of IOHK
|
|
May 27, 2013, 06:57:15 PM |
|
This is very sad. Jon Matonis is a wonderful guy and I really hope that this incident can be resolved soon.
|
The revolution begins with the mind and ends with the heart. Knowledge for all, accessible to all and shared by all
|
|
|
ihsotas
Newbie
Offline
Activity: 28
Merit: 0
|
|
May 27, 2013, 09:07:00 PM |
|
Offtopic sort of but I find it neccessary to be said:
Anyone having Facebook, Twitter, MySpace, Google+ or similar account or is using any of services provided by (major) corporations or other service providers who are heavily backed
by the system and is involved with cryptocoins at the same time is an idiot, period.
Jon has done a lot for the progression of Bitcoin over the past years. Not a nice thing to say mate! He is working on disruptive technology threatening established (monetary) systems and uses Twitter. Oh, please. Bitcoin is not currently a threat to any established monetary system. Don't be delusional. He's a guy who didn't take appropriate steps to secure his accounts, they got hacked, and now someone else has control of them. This happens to celebrities all the time. Well said. Anyone who uses Twitter and doesn't even bother to active two factor auth deserves to get hacked, hard. If you're a columnist, you should be especially cautious. |
|
|
|
|
octal
Newbie
Offline
Activity: 6
Merit: 0
|
|
May 30, 2013, 03:43:04 AM |
|
I don't think Twitter's new 2FA is actually all that beneficial.
Long random-string passwords, either with a password manager or in a secure client, and your twitter email address being a secret/unpublished "secure" email address, rather than something like your main yahoo (mm, XSS) and itself with 2FA or equivalent security, is probably twitter account best practice.
Email accounts are the skeleton key to the Internet.
|
|
|
|
|
|
nimda
|
|
May 30, 2013, 03:53:10 AM |
|
I also have a copy of Yahoo Exploit.exe if someone wants it. It's a 1,030,693 byte file.
|
|
|
|
|
Kluge
Donator
Legendary
Offline
Activity: 1218
Merit: 1015
|
|
May 30, 2013, 04:06:26 AM |
|
I also have a copy of Yahoo Exploit.exe if someone wants it. It's a 1,030,693 byte file.
Should probably be sent to Yahoo if not already. |
|
|
|
|
|
|
|
