[SCAM] Ongoing attempt - Phishing link send around in PM, copy of the forum

[binaryFate]

I got this link by PM, from user hiddenoreo:
http://bitcointalk.org.uk/index.phptopic=252907.0.htm

The phishing is well done, luckily I found strange to be unloged in one tab and not in the other, and didn't type my credentials.
bitcointalk.org.uk instead of bitcointalk.org, no https (even though the link text was saying https).

Be careful!


EDIT: The message was the following:

Hello,
Welcome to the BTC-E Trading Bot. If your interested in the trial version or purchasing the full thing please visit the sales thread: htpps://bitcointalk.org.uk/index.phptopic=252907.0.htm

Also, if you would like to earn a nice .1 btc a week for adding the signature please visit the thread and tell Acnee I sent you!

Thanks!

BE CAREFUL WHEN GOING ON THE PHISHING LINK!

[1714915361]

1714915361

[1714915361]

1714915361

[1714915361]

1714915361

[1714915361]

1714915361

[1714915361]

1714915361

[Silv0r]

I can confirm this. The User Runescape sent me the same Message. Same URL of bitcointalk.org.uk!! Don't login on this fake phising site!!

[matt4054]

Same here, link to hxxp://bitcointalk.org.uk/index.phptopic=252907.0.htm, actual link to http://... (not https), and facade link as htpps://bitcointalk.org.uk/index.phptopic=252907.0.htm (sic). Weird scam attempt. I didn't click...

[MJGrae]

I got this too, absolute bullocks. if you go to http://bitcointalk.org.uk/ you can see that they didn't even bother to make a home page for it. The only "real" page of the website is the fake thread the user Runescap sends out with users impersonating respected members of this forum.

[binaryFate]

Having the fake John K. adding "thanks for the download" in the fake discussion, totally out of nowhere, is the weirdest part 

[Silv0r]

Having the fake John K. adding "thanks for the download" in the fake discussion, totally out of nowhere, is the weirdest part 

Yep. Thought of it too. "John K? Whaat? No way. Oh let's look at the site and URL"

[nottm28]

I can confirm this. The User Runescape sent me the same Message. Same URL of bitcointalk.org.uk!! Don't login on this fake phising site!!

me too +1 - deleted the message

[Maged]

Phishing links should be banned

They are. With extreme prejudice.

[Maged]

But OP was not banned for posting a phishing link

Alerting us and everyone else to the matter is an obvious exception.

[LoWang]

Admins: are those two users already banned from the forum?

[daggerismo]

Hello,
Welcome to the BTC-E Trading Bot. If your interested in the trial version or purchasing the full thing please visit the sales thread: http://bitcointalk.org/index.phptopic=252907.0.htm

Also, if you would like to earn a nice .1 btc a week for adding the signature please visit the thread and tell Acnee I sent you!

Thanks!



now i received this from user https://bitcointalk.org/index.php?action=profile;u=132826

[Lethos]

I had a very similar thing appear in my PM just recently (already reported to mods). No way I'd click on that link after reading this thread.

Hello,
Welcome to the BTC-E Trading Bot. If your interested in the trial version or purchasing the full thing please visit the sales site: xxxx://www.btce-bot.me

Also, if you would like to earn a nice .1 btc a week for adding the signature please visit the thread and tell Acnee I sent you!

Thanks!

*Modified link to prevent anyone think it's a good idea to click it.

These message appears to be coming from multiple accounts.
Bought accounts, compromised or just created exactly for this purpose?

[ktbken]

FYI
I have just received a second email this time with the .uk extension masked for the address of the forum

[binaryFate]

If they phish one account, they can right away use this account to send more messages. Devil!

[greyhawk]

Another phisher. Go-go-gadget moderator options - ban user.

[crumbs]

if this helps, i got two
   Today at 02:15:57 PM   BTC-E Trade Bot / Earn .1 btc a week   haasBB8   
   Today at 11:34:18 AM   BTC-E Trade Bot / Earn .1 btc a week   dirtscience

[2112]

Another one for the administrators to delete.

...

The private message I received didn't contain any phishing attempts, just a normal HTTP link to sorry://www.btce-bot.me.

[Arcas]

Interestingly enough, my phisher spent a lot of time in that stupid Buy Bitcointalk Accounts thread.

[Arcas]

It seems we all have different attackers, are these accounts all puppets, or are they legitimate users that got tricked into giving away their passwords?

[pontiacg5]

It seems we all have different attackers, are these accounts all puppets, or are they legitimate users that got tricked into giving away their passwords?

Do you not know the definition of Phishing? Perhaps you should google it.

[Lethos]

Hello,
Welcome to the BTC-E Trading Bot. If your interested in the trial version or purchasing the full thing please visit the sales site: xxxx://www.btce-bot.me

Also, if you would like to earn a nice .1 btc a week for adding the signature please visit the thread and tell Acnee I sent you!

Thanks!

Just got my 2nd message, identical, just from someone else.
Can the Mods chime in if they are taking action to curb this behaviour?

[dexX7]

Most likely the same. Just look at their posting style. Very short comments and almost everytime something like "that's great" or so. This goes on for weeks now..

[BadBear]

Just got my 2nd message, identical, just from someone else.
Can the Mods chime in if they are taking action to curb this behaviour?

We try, but we can't really do anything about it, nor do we have enough information about it to act on it if we could. We can't see reported pms, and we can't do anything about the sent pms, so the damage has been done and the ban (which we can do) is really just reactionary to stop further damage.

It is spam and probably annoying to those who get them, and leads to more spam so I do ban them when I see enough corroboration to assume it's true, though that's bound to lead to mistakes and drama eventually. Oh well, such is life.

[Lethos]

Just got my 2nd message, identical, just from someone else.
Can the Mods chime in if they are taking action to curb this behaviour?

We try, but we can't really do anything about it, nor do we have enough information about it to act on it if we could. We can't see reported pms, and we can't do anything about the sent pms, so the damage has been done and the ban (which we can do) is really just reactionary to stop further damage.

It is spam and probably annoying to those who get them, and leads to more spam so I do ban them when I see enough corroboration to assume it's true, though that's bound to lead to mistakes and drama eventually. Oh well, such is life.

Thanks Badbear, I understand you have limits to what you can do, as long as you know about it and do what you can that is all I was after.

[escrow.ms]

Just got my 2nd message, identical, just from someone else.
Can the Mods chime in if they are taking action to curb this behaviour?

We try, but we can't really do anything about it, nor do we have enough information about it to act on it if we could. We can't see reported pms, and we can't do anything about the sent pms, so the damage has been done and the ban (which we can do) is really just reactionary to stop further damage.

It is spam and probably annoying to those who get them, and leads to more spam so I do ban them when I see enough corroboration to assume it's true, though that's bound to lead to mistakes and drama eventually. Oh well, such is life.

There should be a ban group image, so people can see that guy is banned.
Currently you can not find if someone is banned or not.

[theymos]

I've adjusted the limits to make spamming more difficult.

Activity	Min. seconds between post actions	Max PM recipients	PMs per hour
0	360	3	5
16	74	5	30
30	60	5	60
60	30	5	60
100	12	10	120
200	10	15	120
300	8	20	120

[Lethos]

I've adjusted the limits to make spamming more difficult.

Activity	Min. seconds between post actions	Max PM recipients	PMs per hour
0	360	3	5
16	74	5	30
30	60	5	60
60	30	5	60
100	12	10	120
200	10	15	120
300	8	20	120

Hopefully this helps Theymos, thank you.
Is there a system in place to keep track if they regularly try to exceed the cap for their "activity"?

[LoWang]

BadBear I really don't know what is so complicated on this... Several people have reported these two names, so this is not enough for you to act? Also look at their ratings. I don't think these negative numbers are a coincidence. Why not just ban them and send them a PM asking if they are sending these messages or not and their pcs are hacked or something. "Damage has been done" means you don't care anymore? Not everybody is so smart not to fall for this phishing and I think that security should be a priority here more then on any other forum!

[Maged]

BadBear I really don't know what is so complicated on this... Several people have reported these two names, so this is not enough for you to act?

Sadly, no.

Fortunately, there's enough public info available in this case for us to determine that they are an alt of someone who is banned, therefore we might be able to ban them for ban evasion. 

[BadBear]

BadBear I really don't know what is so complicated on this... Several people have reported these two names, so this is not enough for you to act? Also look at their ratings. I don't think these negative numbers are a coincidence. Why not just ban them and send them a PM asking if they are sending these messages or not and their pcs are hacked or something. "Damage has been done" means you don't care anymore? Not everybody is so smart not to fall for this phishing and I think that security should be a priority here more then on any other forum!

Just ban them and send them a pm asking if they actually send the phishing messages or if they've been hacked? Are you high? They're already intentionally deceiving people with their phishing links, I doubt they'll feel any moral qualms about lying to me, if they don't just ignore me.

And how do you twist "the damage has been done and I literally lack the ability to do anything about it" into I don't care?

[🏰 TradeFortress 🏰]

I've adjusted the limits to make spamming more difficult.

Activity	Min. seconds between post actions	Max PM recipients	PMs per hour
0	360	3	5
16	74	5	30
30	60	5	60
60	30	5	60
100	12	10	120
200	10	15	120
300	8	20	120

This does not help much. They can use phished accounts to spam.

[theymos]

This does not help much. They can use phished accounts to spam.

It's much more expensive for them to obtain phished accounts than it is for me to ban them.

[Hollowinfinity]

It's much more expensive for them to obtain phished accounts than it is for me to ban them.

People will just use the old DB dump instead of PM's.

[jwest411]

I clicked the link and logged in like a pro, but realized this quick and changed my password on the real site. I use different passwords everywhere and have 2 step. I should be good right?

[n4ru]

Bot site could be distributing the worm through it's "trial" program.

Reminds me of those 4chan worms that work by getting idiots to save an image as a .vbs and run it.

[Arcas]

I clicked the link and logged in like a pro, but realized this quick and changed my password on the real site. I use different passwords everywhere and have 2 step. I should be good right?

Yes. I made the same stupid mistake when I brainlessly tried to log in without asking myself why I got logged out.

I did get logged off a few times today on the real forum, probably the phisher trying to log into my account and getting locked out.

[CoinsForTech]

I've adjusted the limits to make spamming more difficult.

Activity	Min. seconds between post actions	Max PM recipients	PMs per hour
0	360	3	5
16	74	5	30
30	60	5	60
60	30	5	60
100	12	10	120
200	10	15	120
300	8	20	120

This does not help much. They can use phished accounts to spam.

Also does not help while account trading is still allowed.

[jackjack]

I've adjusted the limits to make spamming more difficult.

Activity	Min. seconds between post actions	Max PM recipients	PMs per hour
0	360	3	5
16	74	5	30
30	60	5	60
60	30	5	60
100	12	10	120
200	10	15	120
300	8	20	120

Hope this will help

[pedrog]

I got the PM from another account:

Hello,
Anouncing to the BTC-E Trading Bot. If your interested in the trial version or purchasing the full thing please visit the sales site: http://phishing

Also, if you would like to earn a nice .1 btc a week for adding the signature please visit the thread and tell Acnee I sent you!

Thanks!

I clicked the link and logged in like a pro, but realized this quick and changed my password on the real site. I use different passwords everywhere and have 2 step. I should be good right?

I always log:

User: Go
Pass: Fuckyourself

At least they can get a laugh when going through the records.

[kjj]

I've adjusted the limits to make spamming more difficult.

Activity	Min. seconds between post actions	Max PM recipients	PMs per hour
0	360	3	5
16	74	5	30
30	60	5	60
60	30	5	60
100	12	10	120
200	10	15	120
300	8	20	120

I don't suppose you can reduce the limits based on ignores?  I'd reduce the number of PMs per hour by the number of ignores the user has earned.  Of course, it would be less harsh to reduce their effective activity by the number of ignores.

[Ridicuss]

I fell for it. Lost my old account. retard...

[Ridicuss]

if this helps, i got two
   Today at 02:15:57 PM   BTC-E Trade Bot / Earn .1 btc a week   haasBB8   
   Today at 11:34:18 AM   BTC-E Trade Bot / Earn .1 btc a week   dirtscience

Dirtscience was my hijacked account. Sorry for the stupidity guys.

[hennessyhemp]

I can tell you I did not enter my Bitcointalk information on any website other than bitcointalk so I am fairly certain it was not phished out of me...I had a weak password...so I am guessing brute-force...but I really don't know much about how a hacker comes to steal my account...I just know it definitely happened July 10th, 2013, and I have updated my password so it is much stronger now.

I am a legitimate user with a real life connection to me.  The impostor only posed as me and tried to pump my account (presumably for scamming) and apparently tried to buy other accounts from another user.  Definitely posted like 50 messages in an hour to try to get my account higher...which didn't work, as another member kept popping up on his threads alerting users he was posting like crazy.  I discovered this whole fiasco on the 7/12/2013.  Password has been updated...but this is crazy...guy was fairly smart and very capable, it's rather unnerving. 

[LoWang]

Allright, so I believe this started by luring the credentials from somebody and then using it to hijack more accounts through the phishing PMs (it is funny that the word phishing is in the address itself:). BruteForce attack is out of the question because that would assume somebody hacked into the site and got the password hash database (which I hope is not true)
Badbear you said "the ban (which we can do) is really just reactionary to stop further damage" and yet you did not do this at least. That translates to me as you don't really care even if this could have prevented a lot more account hijacks... I believe you have not ever worked at an IT company Let's hope this will serve like a security education for those who fall for it without causing too much damage or money loss...

[dexX7]

I fell for it. Lost my old account. retard...

Which one was that?

In case of account compromisation, those accounts should be banned/tagged or there should be a sticky somewhere on this board, so nobody gets tricked into believing it is a legit member.

There is an trust issue though. Who do you believe? A newbie who claims he or she is user x? Hm..

Badbear, what would you need to stop it?

[BadBear]

I fell for it. Lost my old account. retard...

Which one was that?

In case of account compromisation, those accounts should be banned/tagged or there should be a sticky somewhere on this board, so nobody gets tricked into believing it is a legit member.

There is an trust issue though. Who do you believe? A newbie who claims he or she is user x? Hm..

Badbear, what would you need to stop it?

We need to be given access to the information we need in order to do something about it. Theymos declined, so I can only assume the help of the moderators is not needed or wanted when it comes to these situations.

Edit: So make sure to contact him directly with all inquiries, complaints, reports or otherwise .

[binaryFate]

One solution is to enable an optional 2 factors authentication:
https://bitcointalk.org/index.php?topic=178568.0

Nowadays, any website that handles something serious proposes it. And this forum is definitely something of that level, it deserves it.

[Ridicuss]

I fell for it. Lost my old account. retard...

Which one was that?

In case of account compromisation, those accounts should be banned/tagged or there should be a sticky somewhere on this board, so nobody gets tricked into believing it is a legit member.

There is an trust issue though. Who do you believe? A newbie who claims he or she is user x? Hm..

Badbear, what would you need to stop it?

We need to be given access to the information we need in order to do something about it. Theymos declined, so I can only assume the help of the moderators is not needed or wanted when it comes to these situations.

Edit: So make sure to contact him directly with all inquiries, complaints, reports or otherwise .

I did contact theymos about the dirtscience account. I heard nothing back, but I can see the hijacker has not posted anymore form the 10th on, I'm guessing its banned. I do have a way to prove I was the original owner but it would require getting a vendor here involved. I have already squared away my problems with the vendor myself. If dirtscience is still active and you want to trust go ahead.. If you dont want to ban it. Not my problem anymore.

[whiskers75]

Do you know what's funny about this?

If you take that link, and make it legit, like so: https://bitcointalk.org/index.php?topic=252907.0.html (not phishing)
It leads to a thread titled: "The lost Bitcoins... a question of curiosity" about lost coins.

[hennessyhemp]

One solution is to enable an optional 2 factors authentication:
https://bitcointalk.org/index.php?topic=178568.0

Nowadays, any website that handles something serious proposes it. And this forum is definitely something of that level, it deserves it.

Yes...wholeheartedly agree 2 form authy!...it really sucks to attempt to build a rep, and log in to discover someone found a way to piss on it in your absence.  In my case if you do any simple googling...you'll find I am connected to me in real life, so finding out a hacker used my account and posted all kinds of non-sense all over this forum was particularly unsettling...2 form would have probably worked pretty well even if he had gotten my weak password.

[pontiacg5]

One solution is to enable an optional 2 factors authentication:
https://bitcointalk.org/index.php?topic=178568.0

Nowadays, any website that handles something serious proposes it. And this forum is definitely something of that level, it deserves it.

Yes...wholeheartedly agree 2 form authy!...it really sucks to attempt to build a rep, and log in to discover someone found a way to piss on it in your absence.  In my case if you do any simple googling...you'll find I am connected to me in real life, so finding out a hacker used my account and posted all kinds of non-sense all over this forum was particularly unsettling...2 form would have probably worked pretty well even if he had gotten my weak password.

I imagine all that extra security doesn't come free. Would you be willing to pay extra for a forum membership just for that extra security? For all the guys in this thread there sure are a whole lot absent. No money ever goes solely through this site anyway, not like some exchange or anything...

I'd be more ashamed that I fell for the trap and that it was exposed for all to see on the net. Hopefully you learned your lesson. Blaming the forum is just wrong though.

[binaryFate]

One solution is to enable an optional 2 factors authentication:
https://bitcointalk.org/index.php?topic=178568.0

Nowadays, any website that handles something serious proposes it. And this forum is definitely something of that level, it deserves it.

Yes...wholeheartedly agree 2 form authy!...it really sucks to attempt to build a rep, and log in to discover someone found a way to piss on it in your absence.  In my case if you do any simple googling...you'll find I am connected to me in real life, so finding out a hacker used my account and posted all kinds of non-sense all over this forum was particularly unsettling...2 form would have probably worked pretty well even if he had gotten my weak password.

I imagine all that extra security doesn't come free. Would you be willing to pay extra for a forum membership just for that extra security? For all the guys in this thread there sure are a whole lot absent. No money ever goes solely through this site anyway, not like some exchange or anything...

I'd be more ashamed that I fell for the trap and that it was exposed for all to see on the net. Hopefully you learned your lesson. Blaming the forum is just wrong though.

I strongly disagree. You have 2 factor authentications on all websites that are handling bitcoins and bitcoin-related assets. You have 2FA on your conventional bank websites too. Pretty much everywhere where it is critical.
This forum is falling into this category, there are large auctions going on, funding campains, many things for which trust and reputation are keys. What matters really is not the name of it, just a "forum" so you might think there's nothing critical, no what really matters is what is going on here. And this place remains a central one in the BTC world.

As for the money, I agree it's not free. There is as we speak more than 600BTC of donations made to the forum that are supposed to be used for improvements, but this amount is just standing useless at the moment. 1% of it would be enough for a 2FA. Money is not a problem.

[tysat]

I strongly disagree. You have 2 factor authentications on all websites that are handling bitcoins and bitcoin-related assets. You have 2FA on your conventional bank websites too. Pretty much everywhere where it is critical.
This forum is falling into this category, there are large auctions going on, funding campains, many things for which trust and reputation are keys. What matters really is not the name of it, just a "forum" so you might think there's nothing critical, no what really matters is what is going on here. And this place remains a central one in the BTC world.

As for the money, I agree it's not free. There is as we speak more than 600BTC of donations made to the forum that are supposed to be used for improvements, but this amount is just standing useless at the moment. 1% of it would be enough for a 2FA. Money is not a problem.

6000BTC!  2FA could definitely be afforded by the forum.

[hennessyhemp]

Make no mistake, I don't blame the forum...clearly, my password was weak.  I blame the hacker, and myself for not securing my account better.  I'm just saying if two form authentication became available, I'd turn it on immediately.

Also I'm not ashamed that a hacker hacked my shit.  It was weak, and this site in particular is a hacker breeding ground, lesson learned.  I really didn't expect anyone to try to steal my account for any reason...but clearly I should always assume that.

[Ridicuss]

I don't blame the forum either. I was the idiot in a hurry and quickly logged back in on the phishing site. But because the dirtscience account had no reputation anyway it was really no big deal. Just could have caused me some trouble with a seller here. Again my fault.

[melon]

got this too but just ignored it-don't rember sender

[paveq]

Should we just delete or report unsolisticated and spammy private messages? Since I started posting to the forum a day ago, I've received two PM's from people I don't know advertising this btce-bot service.  I've never posted to a thread related to btce-bot.

[BadBear]

Report them, they're phishers.

[pedrog]

Should we just delete or report unsolisticated and spammy private messages? Since I started posting to the forum a day ago, I've received two PM's from people I don't know advertising this btce-bot service.  I've never posted to a thread related to btce-bot.

Got it too.

Report them, they're phishers.

Just did, never remember to do that, thanks.

[Swordsoffreedom]

I've adjusted the limits to make spamming more difficult.

Activity	Min. seconds between post actions	Max PM recipients	PMs per hour
0	360	3	5
16	74	5	30
30	60	5	60
60	30	5	60
100	12	10	120
200	10	15	120
300	8	20	120

Shouldn't this be its own post somewhere or did I miss it ?

[Darktongue]

Wheb I used to trol digital point.  The thing the skiddies used to do was make a legitimate looking website. They ranged from services to free wordpress themes.  Most of the time it was some kind of fourm.  In the case of DP they would posy threads saying.  Hey I'll pay you a dollar if you sign up and make 10 posts.

Lot's of newbs and long term members got screwed.

[HeroC]

I've adjusted the limits to make spamming more difficult.

Activity	Min. seconds between post actions	Max PM recipients	PMs per hour
0	360	3	5
16	74	5	30
30	60	5	60
60	30	5	60
100	12	10	120
200	10	15	120
300	8	20	120

MUCH better, thanks!

[kuzetsa]

I've adjusted the limits to make spamming more difficult.

Activity	Min. seconds between post actions	Max PM recipients	PMs per hour
0	360	3	5
16	74	5	30
30	60	5	60
60	30	5	60
100	12	10	120
200	10	15	120
300	8	20	120

so at 300+ posts (err, activity)  the throttle doesn't get relaxed any further. That's cool I guess.

Those tier thresholds don't seem to match up to the current forum ranks though, is this intentional? Is it really different thresholds than the forum ranks which don't themselves seem to do anything other than add little stars under your name?

Just curious, because it seems as though I might (with my current activity level) be un-throttled, despite not being at the highest rank.

[BadBear]

Why does the rank matter? If you've managed to get 300 activity you probably aren't a spammer, and don't want to risk being banned.

[kuzetsa]

Why does the rank matter? If you've managed to get 300 activity you probably aren't a spammer, and don't want to risk being banned.

Sometimes I edit a post only to spot an error and go back in and edit a second time. I was mostly just asking to figure out if "forum rank" tiers calculation is handled separately from the "post throttling" tiers calculation, and mostly only because it seemed strange that the tiers don't match up. ( and I notice that you didn't answer my question, but instead just made a mention of banning in a way which I felt was vaguely threatening and perhaps directed at me or something. not sure.)

[tysat]

Why does the rank matter? If you've managed to get 300 activity you probably aren't a spammer, and don't want to risk being banned.

Sometimes I edit a post only to spot an error and go back in and edit a second time. I was mostly just asking to figure out if "forum rank" tiers calculation is handled separately from the "post throttling" tiers calculation, and mostly only because it seemed strange that the tiers don't match up. ( and I notice that you didn't answer my question, but instead just made a mention of banning in a way which I felt was vaguely threatening and perhaps directed at me or something. not sure.)

You suggested that you needed the time between posts to go lower than 8 seconds, only a spammer would need it lower than 8 seconds... hence the mention of banning spammers.

[kuzetsa]

Why does the rank matter? If you've managed to get 300 activity you probably aren't a spammer, and don't want to risk being banned.

Sometimes I edit a post only to spot an error and go back in and edit a second time. I was mostly just asking to figure out if "forum rank" tiers calculation is handled separately from the "post throttling" tiers calculation, and mostly only because it seemed strange that the tiers don't match up. ( and I notice that you didn't answer my question, but instead just made a mention of banning in a way which I felt was vaguely threatening and perhaps directed at me or something. not sure.)

You suggested that you needed the time between posts to go lower than 8 seconds, only a spammer would need it lower than 8 seconds... hence the mention of banning spammers.

Literal. Adjective. > Exactly as stated; read or understood without additional interpretation; according to the letter or verbal expression; real; not figurative or metaphorical.

No, I literally did not "suggest" any such thing. Non-literal "between the lines" isn't my style. When I said "that's cool I guess" I literally meant "cool" in the sense of "good". Please don't put words in my mouth.

[Xona]

Apparently the main link was modified so can't really tell how close the name is to this forum's name but apparently it's done quite well. You obviously were quite careful -and the continious login function this forum has make it suspicious when you are asked to login again-

[monnecon]

Hopefully I can get up to 30 activities quickly, 74 seconds is still painful for me

[Sonny]

Hopefully I can get up to 30 activities quickly, 74 seconds is still painful for me

You have made 49 posts now in total, so you just need to make a post after 09:40 UTC, Sept 30 and you will get 42 activity and a positing limit of 48 seconds.