Bitcoin Forum
August 17, 2019, 11:59:15 AM *
News: Latest Bitcoin Core release: 0.18.0 [Torrent] (New!)
 
   Home   Help Search Login Register More  
Pages: « 1 [2]  All
  Print  
Author Topic: generalt account hacked  (Read 644 times)
Dorkie
Member
**
Offline Offline

Activity: 364
Merit: 13


View Profile
October 14, 2017, 06:07:14 AM
 #21

I have no choice but to suspect the requirement to sign message with a bitcoin address is a way of tracking who is the owner of which bitcoin address, very much like what many exchanges are doing when they require submission of ID, driving license, etc for KYC/AML excuses/nonsense.

So if a user never posted his bitcoin address here (because he never sell anything here), that means he can NEVER recover his account?
How ridiculous.

I am a recent victim of an account hack.

Edit:
By right the system should be able to trace the change of IP addresses used before and after an account hack.
1566043155
Hero Member
*
Offline Offline

Posts: 1566043155

View Profile Personal Message (Offline)

Ignore
1566043155
Reply with quote  #2

1566043155
Report to moderator
1566043155
Hero Member
*
Offline Offline

Posts: 1566043155

View Profile Personal Message (Offline)

Ignore
1566043155
Reply with quote  #2

1566043155
Report to moderator
PLAY NOW
Advertised sites are not endorsed by the Bitcoin Forum. They may be unsafe, untrustworthy, or illegal in your jurisdiction. Advertise here.
1566043155
Hero Member
*
Offline Offline

Posts: 1566043155

View Profile Personal Message (Offline)

Ignore
1566043155
Reply with quote  #2

1566043155
Report to moderator
1566043155
Hero Member
*
Offline Offline

Posts: 1566043155

View Profile Personal Message (Offline)

Ignore
1566043155
Reply with quote  #2

1566043155
Report to moderator
coolcoinz
Hero Member
*****
Offline Offline

Activity: 1078
Merit: 632



View Profile
October 14, 2017, 10:17:13 AM
 #22

I have no choice but to suspect the requirement to sign message with a bitcoin address is a way of tracking who is the owner of which bitcoin address, very much like what many exchanges are doing when they require submission of ID, driving license, etc for KYC/AML excuses/nonsense.

So if a user never posted his bitcoin address here (because he never sell anything here), that means he can NEVER recover his account?
How ridiculous.

I am a recent victim of an account hack.

Edit:
By right the system should be able to trace the change of IP addresses used before and after an account hack.
At least make the hacker's attempt not worth it. Follow your hacked account and if it joins any campaign or giveaway make sure people know it's hacked and not allow him in.
I think there should be a thread with a list of all the hacked accounts that would work like SMAS, so that people can check accounts before sending them any money.

real_generalt
Newbie
*
Offline Offline

Activity: 14
Merit: 0


View Profile
October 14, 2017, 05:27:16 PM
 #23

I have no choice but to suspect the requirement to sign message with a bitcoin address is a way of tracking who is the owner of which bitcoin address, very much like what many exchanges are doing when they require submission of ID, driving license, etc for KYC/AML excuses/nonsense.

So if a user never posted his bitcoin address here (because he never sell anything here), that means he can NEVER recover his account?
How ridiculous.

I am a recent victim of an account hack.

Edit:
By right the system should be able to trace the change of IP addresses used before and after an account hack.

I think the system can but the problem would be the resources (time being a resource) required to manually track all that information to try to confirm the identity of a person.  Since there are so many scammers out there I can only imagine that they must get quite a few hacked account messages every day.  I'm guessing that this is not their full time job so it is not like they can spend 8 hours a day dedicated to maintaining this forum.  I believe at one point I saw a post about stake addresses and of course it wouldn't hurt to put a BTC address out there somewhere you can refer to just in case.

1GENERALrtBAjEv2Ps5cmEW1FADnXh1bCZ
Dorkie
Member
**
Offline Offline

Activity: 364
Merit: 13


View Profile
October 14, 2017, 05:30:58 PM
 #24

Have you guys ever thought that all the hacking was actually an inside job?

In other words, whatever verification you use (stacking bitcoin address, 2 factor authentication, etc) is actually useless.
pixie85
Sr. Member
****
Offline Offline

Activity: 994
Merit: 275


View Profile
October 14, 2017, 06:05:22 PM
 #25

I have no choice but to suspect the requirement to sign message with a bitcoin address is a way of tracking who is the owner of which bitcoin address, very much like what many exchanges are doing when they require submission of ID, driving license, etc for KYC/AML excuses/nonsense.

So if a user never posted his bitcoin address here (because he never sell anything here), that means he can NEVER recover his account?
How ridiculous.

I am a recent victim of an account hack.

Edit:
By right the system should be able to trace the change of IP addresses used before and after an account hack.
This won't work because many people are using VPNs, so their IP is changing with every login. I know that some people don't, but it's only one of many things an admin should verify before blocking the account or giving it back to someone.
I'd rather have my account locked than watch a hacker make money off it, so Theymos or Cyrus should at the very least block the accounts that people are claiming to be stolen. That is of course if these accounts have recently undergo a password and email change.

Dorkie
Member
**
Offline Offline

Activity: 364
Merit: 13


View Profile
October 14, 2017, 06:15:04 PM
 #26

This won't work because many people are using VPNs, so their IP is changing with every login. I know that some people don't, but it's only one of many things an admin should verify before blocking the account or giving it back to someone.
I'd rather have my account locked than watch a hacker make money off it, so Theymos or Cyrus should at the very least block the accounts that people are claiming to be stolen. That is of course if these accounts have recently undergo a password and email change.

Indeed, that is a good temporary fix.
I would suggest that the system not allow any change to the email address at all.
This will make sure no control of any account is possible.
I still can't see any vulnerability in making the email immutable.
In fact, I see it as a very good solution.
real_generalt
Newbie
*
Offline Offline

Activity: 14
Merit: 0


View Profile
October 14, 2017, 11:17:28 PM
 #27

This won't work because many people are using VPNs, so their IP is changing with every login. I know that some people don't, but it's only one of many things an admin should verify before blocking the account or giving it back to someone.
I'd rather have my account locked than watch a hacker make money off it, so Theymos or Cyrus should at the very least block the accounts that people are claiming to be stolen. That is of course if these accounts have recently undergo a password and email change.

Indeed, that is a good temporary fix.
I would suggest that the system not allow any change to the email address at all.
This will make sure no control of any account is possible.
I still can't see any vulnerability in making the email immutable.
In fact, I see it as a very good solution.

Perhaps a system that sends an email to the original email address with a link that gives the original owner a certain amount of time to click it to change the email back to the original.  So if you did change it just ignore the email but if you didn't change it then you click the link and it reverts is back to the original email and forces a password change.
Dorkie
Member
**
Offline Offline

Activity: 364
Merit: 13


View Profile
October 15, 2017, 01:00:24 AM
 #28

Perhaps a system that sends an email to the original email address with a link that gives the original owner a certain amount of time to click it to change the email back to the original.  So if you did change it just ignore the email but if you didn't change it then you click the link and it reverts is back to the original email and forces a password change.

Yes, another good solution.
Simple solutions that work.
And yet the bitcointalk insiders are squeezing their brains, thinking superman hard, trying to come up with some super revolutionary method to solve the problem.
The insiders are working 3 to 4 years long trying to come up with the most novel way of account security in the hopes that they will win a Nobel prize.
generalt
Legendary
*
Offline Offline

Activity: 977
Merit: 1007


View Profile
October 17, 2017, 02:00:55 AM
 #29

I got my account back!!!   Thank you everybody for all your help in this matter.

-----BEGIN BITCOIN SIGNED MESSAGE-----
This is generalt and today is October 16th.  This message is to verify that I do have my account back.  Thank you all!
-----BEGIN SIGNATURE-----
1GENERAL7QdpxHezWzoToWGXpDX4XuLcR2
HMPcgKVShxs+F6Wokt43Z34xHOlZ/sdM1aMkL4LNYBOeVgmCED+fGSgvmKDR4E5HvuunZ2g71RjIee9xkZK0YOQ=
-----END BITCOIN SIGNED MESSAGE-----

I feel whole again!  Cheesy

BTC: 1GENERALrtBAjEv2Ps5cmEW1FADnXh1bCZ
real_generalt
Newbie
*
Offline Offline

Activity: 14
Merit: 0


View Profile
October 17, 2017, 02:04:52 AM
 #30


-----BEGIN BITCOIN SIGNED MESSAGE-----
This is generalt and today is October 16th.  This message is to verify that I do have my account back.  Thank you all!
-----BEGIN SIGNATURE-----
1GENERAL7QdpxHezWzoToWGXpDX4XuLcR2
HMPcgKVShxs+F6Wokt43Z34xHOlZ/sdM1aMkL4LNYBOeVgmCED+fGSgvmKDR4E5HvuunZ2g71RjIee9xkZK0YOQ=
-----END BITCOIN SIGNED MESSAGE-----
generalt
Legendary
*
Offline Offline

Activity: 977
Merit: 1007


View Profile
October 17, 2017, 02:16:24 AM
 #31

Also taking this opportunity to post a stake address 1GENERALrtBAjEv2Ps5cmEW1FADnXh1bCZ


BTC: 1GENERALrtBAjEv2Ps5cmEW1FADnXh1bCZ
philipma1957
Legendary
*
Offline Offline

Activity: 2562
Merit: 1858



View Profile
October 17, 2017, 02:38:17 AM
 #32

Also taking this opportunity to post a stake address 1GENERALrtBAjEv2Ps5cmEW1FADnXh1bCZ



I will quote  and I have done multiple sales with you . I also have met with you in person more then once.

I will lift the neg trust I posted

This is my really long term address

 1JdC6Xg3ajT3rge3FgPNSYYFpmf53Vbtje

this is my secondary account

judypug1956

I truly fear  getting hacked on this site.

I am glad it was fixed.

I see BTC as the super highway and alt coins as taxis and trucks needed to move transactions.
Lauda
GrumpyKitty
Legendary
*
Offline Offline

Activity: 2310
Merit: 2102


Modern Liberalism is a Mental Disorder


View Profile
October 17, 2017, 05:16:23 AM
 #33

I got my account back!!!   Thank you everybody for all your help in this matter.

-----BEGIN BITCOIN SIGNED MESSAGE-----
This is generalt and today is October 16th.  This message is to verify that I do have my account back.  Thank you all!
-----BEGIN SIGNATURE-----
1GENERAL7QdpxHezWzoToWGXpDX4XuLcR2
HMPcgKVShxs+F6Wokt43Z34xHOlZ/sdM1aMkL4LNYBOeVgmCED+fGSgvmKDR4E5HvuunZ2g71RjIee9xkZK0YOQ=
-----END BITCOIN SIGNED MESSAGE-----

I feel whole again!  Cheesy
Quoted and verified.

Also taking this opportunity to post a stake address 1GENERALrtBAjEv2Ps5cmEW1FADnXh1bCZ
Quoted.

1JdC6Xg3ajT3rge3FgPNSYYFpmf53Vbtje

this is my secondary account

judypug1956
Quoted. You should probably sign a message with it, but in this thread: https://bitcointalk.org/index.php?topic=996318.0.

OP, you should lock this thread now.

████████████████████████████
████████▀▀ █▀ █▀ ▀██████████
█████████▄ ▄▄▄▄▄▄███████████
██████████▀     ▀  ▀████████
███████▀ ▀  ▄█▀▀▀█▀▀████████
██████▄      █▄  ▀▀  ▀██████
██████         ▄▄█▄ ▄ ▀█████
█████ ▄         ▀▀ ▄ ▀ █████
██████▌          █▀█▀ ▐█████
███████  ▄▌         ▄ ██████
████████▄█         ▄████████
█████████▀     ▄▄ ▄█████████
████████████████████████████
.JACKMATE'S...........
.
MAJESTIC..
████████████████████████
███████████████████████
████████████████████████
████████████████████████
████████████████████████
████████████████████████
████████████████████████
████████████████████████
████████████████████████
████████████████████████
████████████████████████
████████████████████████
████████████████████████
.
..WIN 1 BITCOIN ON EVERY PREMIER LEAGUE MATCHDAY..
████████████████████████████████
████████████▀█▀ ▀█▀█▀███████████
███████████▄ ▄▄▄▄▄▄▄████████████
███████████▀▀▄▄▄▄▄▄▄▄███████████
█████████▀▄ ██▀▄▄▄ ▀ ▄▀█████████
███████▀ ▀█████▄▄▄█▄▄▄██████████
███████▀▄████████▀  ▀█ █▐███████
███████ ▀█████████▄█▀▀██ ███████
████████ ███▀██████ ▄ ██ ███████
████████▌▐▀▄ ██████████ ▄███████
█████████▄██▌▐█████▀██ █████████
████████████▄▀▀▀▀▀▄ ▀▄██████████
████████████████████████████████
.
.JOIN US - IT'S FREE! .
Pages: « 1 [2]  All
  Print  
 
Jump to:  

Sponsored by , a Bitcoin-accepting VPN.
Powered by MySQL Powered by PHP Powered by SMF 1.1.19 | SMF © 2006-2009, Simple Machines Valid XHTML 1.0! Valid CSS!