Bitcoin Forum
July 17, 2019, 07:37:53 AM *
News: Latest Bitcoin Core release: 0.18.0 [Torrent] (New!)
 
   Home   Help Search Login Register More  
Pages: [1]
  Print  
Author Topic: Another account hacked (Sr.Member). Ways he could have gained access to it?  (Read 294 times)
chencho777
Member
**
Offline Offline

Activity: 101
Merit: 10


View Profile
October 11, 2017, 07:07:41 PM
 #1

My 4 year-old Sr.Member account with an activity over 400 was hacked today. On https://bitcointalk.org/seclog.php it just says "password changed". Now if I try to recover my password, I don't receive the recovery email so I guess he changed it, too. The hacker also changed my profile signature to take advantage of signature campaigns.

I already sent a PM to Cyrus with a signed message with a bitcoin address I had associated with that account. Not sure how long this could take, though.

However, I can't figure out how the hacker managed to change my password and associated email.  I guess he stole the bitcointalk cookie/session using javascript code from a malicious site. But in order to change the password and email you need to know the old password, so he obtained it somehow.

I usually have my password stored in Google Chrome. I rarely write it. Could the hacker have obtained it from Chrome itself? I thought it was secure enough, but now I have serious doubts about it.

I ask in order to secure my other accounts at other forums and change passwords accordingly. Any hint would be appreciated.

Thanks in advance.
1563349073
Hero Member
*
Offline Offline

Posts: 1563349073

View Profile Personal Message (Offline)

Ignore
1563349073
Reply with quote  #2

1563349073
Report to moderator
1563349073
Hero Member
*
Offline Offline

Posts: 1563349073

View Profile Personal Message (Offline)

Ignore
1563349073
Reply with quote  #2

1563349073
Report to moderator
No Gods or Kings. Only Bitcoin
Advertised sites are not endorsed by the Bitcoin Forum. They may be unsafe, untrustworthy, or illegal in your jurisdiction. Advertise here.
hilariousandco
Below Average Member
Global Moderator
Legendary
*
Offline Offline

Activity: 2058
Merit: 1614


1 merit = 1 hug


View Profile WWW
October 11, 2017, 07:51:51 PM
 #2

If you post the signed message I can lock it but not restore access to you. If you haven't changed your password since the forum hack then that's likely how it will have been stolen. If not maybe you reused the pass on a different website that was compromised or fell for a phishing attempt.

chencho777
Member
**
Offline Offline

Activity: 101
Merit: 10


View Profile
October 12, 2017, 12:11:05 AM
 #3

I'm 99% sure I changed the password after the hack, but I might also have reused it somewhere else. My fault.

I'm sending you a PM with my signed message and reference for the bitcoin address associated. I don't feel comfortable posting it here (maybe I'm a bit paranoid), but if it's a must I will do it. I just don't want the hacker to take advantage of it somehow.

Thanks for your help.
de_xt
Hero Member
*****
Offline Offline

Activity: 602
Merit: 531


Account hacked from Oct 11th to Nov 1st 2017


View Profile
November 01, 2017, 02:51:59 PM
 #4

Hello, I just wanted to confirm that my account has been recovered.  I would like to give a BIG *thank you* to the forum staff who helped me recover my account.

I feel a bit sorry for the Turkish guy who probably bought my hacked account and has been posting since Oct 11th to take advantage of signature campaigns. He probably had been scammed as well. Well, that's a risk of buying a hacked account instead of creating your own one.

Thanks to the changes introduced by theymos it should be now much harder for the scammers to sell hacked accounts.

Thanks again.


         ▄███████████████▄
       ▄██▀             ▀██▄
    ▄▄██▀                 ▀██▄▄
█████▀▀       ▄▀▀▀▀▀▀▀▄▄    ▀▀█████
██          ▄▀ ▄▄▄▀▀▀▀▄▀█▄▄      ██
▐█▌       ▄▀ ▄▀ ▄▄▄▀▀▀▄▀▀▀███   ▐█▌
 ██      ▄▀▄▀▄▀▀▄▄▄▀▀▀▀▀█ ▄█▀   ██
 ▐█▌    █▄▀▄▀▄█▀▀▀ ▀█▀ ▄▀▄▀█   ▐█▌
  ██    █▄▀▄▀▄▄█▀ ▄▀ ▄▀▄▀▄▀█   ██
  ▐█▌ ▀▄█████▀▄▄▀▀▄▄▀▄▀▄▀▄▀█  ▐█▌
   ██▌▀████▀██▄▄▀▀▄▄▀▄▀▄▀▄█▀ ▐██
    ██▌▀█▀▀█▄▀▀▄▀▀▄▄▀▄█▄▄█▀ ▐██
     ██▌ ▀  ▀███▄▄▄█████▀  ▐██
      ██▄      ▀▀▀▀▀      ▄██
       ▀██▄             ▄██▀
         ▀██▄         ▄██▀
           ▀██▄     ▄██▀
             ▀███▄███▀
               ▀███▀
.DeepOnion.
★ ★ ★ ★ ★  .❱❱❱ JOIN AIRDROP NOW!.
TOR INTEGRATED & SECURED
★  Your Anonymity Guaranteed
★  Your Assets Secured by TOR
★  Guard Your Privacy!
|Bitcointalk
Reddit
Telegram
|                        ▄▄▀▄▄▀▄▄▀▄▀▀
                    ▄▄██▀█▀▄▀▀▀
                  ▄██▄█▄██▀
                ▄██████▀
              ▄██████▀
  ▄█▄▄▄▄▄▄▄▄▄██████▀
██████▀▀▀▀▀██████▀
 ▀█████  ▄███████
  ████████████▀██
  ██▀███████▀  ██
  ██ ▀████▀    ██
  ██   ▀▀      ██
  ▀█████████████▀
Pages: [1]
  Print  
 
Jump to:  

Sponsored by , a Bitcoin-accepting VPN.
Powered by MySQL Powered by PHP Powered by SMF 1.1.19 | SMF © 2006-2009, Simple Machines Valid XHTML 1.0! Valid CSS!