Another account hacked (Sr.Member). Ways he could have gained access to it?

[chencho777]

My 4 year-old Sr.Member account with an activity over 400 was hacked today. On https://bitcointalk.org/seclog.php it just says "password changed". Now if I try to recover my password, I don't receive the recovery email so I guess he changed it, too. The hacker also changed my profile signature to take advantage of signature campaigns.

I already sent a PM to Cyrus with a signed message with a bitcoin address I had associated with that account. Not sure how long this could take, though.

However, I can't figure out how the hacker managed to change my password and associated email.  I guess he stole the bitcointalk cookie/session using javascript code from a malicious site. But in order to change the password and email you need to know the old password, so he obtained it somehow.

I usually have my password stored in Google Chrome. I rarely write it. Could the hacker have obtained it from Chrome itself? I thought it was secure enough, but now I have serious doubts about it.

I ask in order to secure my other accounts at other forums and change passwords accordingly. Any hint would be appreciated.

Thanks in advance.

[hilariousandco]

If you post the signed message I can lock it but not restore access to you. If you haven't changed your password since the forum hack then that's likely how it will have been stolen. If not maybe you reused the pass on a different website that was compromised or fell for a phishing attempt.

[chencho777]

I'm 99% sure I changed the password after the hack, but I might also have reused it somewhere else. My fault.

I'm sending you a PM with my signed message and reference for the bitcoin address associated. I don't feel comfortable posting it here (maybe I'm a bit paranoid), but if it's a must I will do it. I just don't want the hacker to take advantage of it somehow.

Thanks for your help.

[de_xt]

Hello, I just wanted to confirm that my account has been recovered.  I would like to give a BIG *thank you* to the forum staff who helped me recover my account.

I feel a bit sorry for the Turkish guy who probably bought my hacked account and has been posting since Oct 11th to take advantage of signature campaigns. He probably had been scammed as well. Well, that's a risk of buying a hacked account instead of creating your own one.

Thanks to the changes introduced by theymos it should be now much harder for the scammers to sell hacked accounts.

Thanks again.