Ridiculous to send signed message to recover hacked account.

[aTriz]

Your points are invalid. I personally am grateful for this feature as it prevents people from just saying "Help, my account was hacked, please change password and email".

I recently was placed in a situation where there was someone pretending the be the original owner of my account. The only thing that blocked him from taking my account was the fact that I could sign a message from a staked address.


Sorry for your loss, but that's the reason why we have a thread for staking your address. For your next account do that and you will be 100% secure.

[1713444021]

1713444021

[1713444021]

1713444021

[1713444021]

1713444021

[Dorkie]

Your points are invalid. I personally am grateful for this feature as it prevents people from just saying "Help, my account was hacked, please change password and email".

I recently was placed in a situation where there was someone pretending the be the original owner of my account. The only thing that blocked him from taking my account was the fact that I could sign a message from a staked address.


Sorry for your loss, but that's the reason why we have a thread for staking your address. For your next account do that and you will be 100% secure.

Now what if the hacker cannot change the email?

Yes, of course he can still ask to change password, in which the request will be sent to your email, not his.

You need to understand people from their perspective.

Not everyone who register for an account in this forum will instantaneously know he should stake his address.

Expecting everyone to know this instantaneously right after registration is like expecting an impossible feat from you.

[Aventhe]

@Dorkie this is very unfortunate, but what can you do.

Do you by any chance have sent a PM to anyone on this forum a Bitcoin address you can currently sign a message with? That might help your case if that person could then be contacted to quote your PM.

Now you know the importance of staking addresses... Unfortunately you have had to learn the hard way.

[Dorkie]

@Dorkie this is very unfortunate, but what can you do.

Do you by any chance have sent a PM to anyone on this forum a Bitcoin address you can currently sign a message with? That might help your case if that person could then be contacted to quote your PM.

Now you know the importance of staking addresses... Unfortunately you have had to learn the hard way.

No I did not stake any address. I was not aware of this until I got hacked. At first, I stumbled upon many comments that their accounts got hacked and I thought this wouldn't happen to me, but now it did.

Staking address is a solution, but I disagree it is the one and only solution. I am not saying it is stupid, nonsense, useless, etc. I am just saying fully dependent on just a single solution without regard to other alternatives is ridiculous. How would things turn out differently for everyone if the system makes sure the email registered with an account will never be changed? The hacker would have to hack Yahoo! or Google or Hotmail, which definitely have way much higher security measures than this forum.

[Dorkie]

I know my signature was changed to displaying the Genesis Vision bounty link after it got hacked, after October 10th.
Before the hack, my signature was displaying the Bible's Matthew 6:19-21 verse.
So if the admin really care, he can easily look into the signature portion of the investigation.

In fact I wrote down 2 verses in my signature and another personal statement about bitcoin and ethereum, in total 2 verses and 1 statement (consider it 3 sets of line).
I spaced each line enough so that my signature only show 1 line while the other 2 remain hidden from view.

This feature, not a single member here can ever know, except the hacker that has now changed my signature to a bounty link, I myself (since I was the original owner), and the admin, assuming every changes to the signature is recorded.

Edit:
In fact there is absolutely no need for a staked address, assuming changes to the signature is recorded, as the admin will be able to easily validate my statement. If yes, that means I am the real owner. Otherwise, I must be one hell of a superb hacker myself for being able to know or see thru all the hidden lines of a signature of another member.

Edit #2:
Similarly, if every changes to the email setting is also recorded, then I can also easily tell the admin what's the original email address before the hack.
I can also tell the admin what's contained in that hacked account's PM, although I say I cannot remember everything in it.

[Dorkie]

I am beginning to see.
This whole thing with over 1000+ hacked accounts is an elaborate scam.
Some members said this scam is perpetrated by just 1 to 2 persons.
Very shameless and sinful entities (Theymos and Cyrus).

Shit, this bitcointalk forum is no longer credible to me.

[RichardBTC]

Why cant the bitcointalk forum use the same ways to protect accounts as any other forum? Im not fighting the current system with signing a bitcoin trans but is there any particular reason why f2a is not used? Also why has there all of a sudden been an increase in the number of accounts hacked? Status for the airdrops?

[Dorkie]

Why cant the bitcointalk forum use the same ways to protect accounts as any other forum? Im not fighting the current system with signing a bitcoin trans but is there any particular reason why f2a is not used?

From what I just found, bitcointalk account hacking is an elaborate inside job scam.
And shockingly, such hacking operation is actually ongoing since more than 3 years ago.

[FuckThemHackers]

My account was hacked recently too. Luckily, since I have been here for years, I have BTC addresses in several threads, some of them locked (so the hacker could never edit them). And I could sign any of them.

I already sent proof to Cyrus a couple of days ago and now im waiting. I have objectively speaking all proof needed to prove the account "manselr" is me, so if the admins are legit (and I don't have a reason to think they aren't) they will recover my account (hopefully it doesn't take ages, because verifying the signed message takes 2 minutes to be honest). I will just wait, but im sure I will get it back.

[Dorkie]

My account was hacked recently too. Luckily, since I have been here for years, I have BTC addresses in several threads, some of them locked (so the hacker could never edit them). And I could sign any of them.

I already sent proof to Cyrus a couple of days ago and now im waiting. I have objectively speaking all proof needed to prove the account "manselr" is me, so if the admins are legit (and I don't have a reason to think they aren't) they will recover my account (hopefully it doesn't take ages, because verifying the signed message takes 2 minutes to be honest). I will just wait, but im sure I will get it back.

Good luck to you.

At the current rate it's unlikely to be recovered. If you check the other threads in Meta even accounts with signed messages aren't getting restored or at best they have to wait weeks/months. Accounts could be restored by doing a bit of investigation on IPs etc but it's not foolproof and the forum currently doesn't have the manpower to do even that unfortunately.

On the new forum at least there will be multiple 2FA options to secure your account but I know that doesn't help you right now.

[Dorkie]

Okay, so I see this sshole Turkish hacker changed my password on October 11th from https://bitcointalk.org/seclog.php.
Fucking bad luck.
My computer got struck by lightning and had to go for repair just 1 day before.

I hope someone will lock that Dorky account down and make it unusable.

But I have a big hunch that someone will say, "Hey Dorky, I am never gonna fucking help you unless you send a signed bitcoin message. Because we accept Bitcoin only here. Fuck your email confirmation solution. Fuck your explanation about using the same email for both that hacked account and this. Fuck your explanation about Dorky's hidden signature before the hack. Fuck you, and fuck you hard. I fucking repeat myself, if you don't send me a signed bitcoin message, you are 100% guaranteed fucked."

Hey, man. Relax. The world was still doing fine before the blockchain existed. The world will still do fine if blockchain goes extinct. Your demand for just one and only solution for validation is outright ridiculous, man. And you even know it. But something tells me you have hidden vested interest in enforcing signed bitcoin messages. I never meet a man/woman/team that is honest in his/her/its business would be as rigid and inflexible as you.

[FuckThemHackers]

My account was hacked recently too. Luckily, since I have been here for years, I have BTC addresses in several threads, some of them locked (so the hacker could never edit them). And I could sign any of them.

I already sent proof to Cyrus a couple of days ago and now im waiting. I have objectively speaking all proof needed to prove the account "manselr" is me, so if the admins are legit (and I don't have a reason to think they aren't) they will recover my account (hopefully it doesn't take ages, because verifying the signed message takes 2 minutes to be honest). I will just wait, but im sure I will get it back.

Good luck to you.

At the current rate it's unlikely to be recovered. If you check the other threads in Meta even accounts with signed messages aren't getting restored or at best they have to wait weeks/months. Accounts could be restored by doing a bit of investigation on IPs etc but it's not foolproof and the forum currently doesn't have the manpower to do even that unfortunately.

On the new forum at least there will be multiple 2FA options to secure your account but I know that doesn't help you right now.

I have enough cryptographic proof for manselr being my account that not restoring it would be like claiming 2+2 isn't 4, so I will just wait. If by november I still don't have my account restored then I will need an explanation for it because that would be nonsense.