Ridicuss
|
|
July 11, 2013, 04:51:51 PM |
|
I fell for it. Lost my old account. retard...
|
Man, I wish I could change my avatar!
|
|
|
Ridicuss
|
|
July 11, 2013, 05:11:31 PM |
|
if this helps, i got two Today at 02:15:57 PM BTC-E Trade Bot / Earn .1 btc a week haasBB8 Today at 11:34:18 AM BTC-E Trade Bot / Earn .1 btc a week dirtscienceDirtscience was my hijacked account. Sorry for the stupidity guys.
|
Man, I wish I could change my avatar!
|
|
|
hennessyhemp
|
|
July 13, 2013, 06:10:48 AM |
|
I can tell you I did not enter my Bitcointalk information on any website other than bitcointalk so I am fairly certain it was not phished out of me...I had a weak password...so I am guessing brute-force...but I really don't know much about how a hacker comes to steal my account...I just know it definitely happened July 10th, 2013, and I have updated my password so it is much stronger now.
I am a legitimate user with a real life connection to me. The impostor only posed as me and tried to pump my account (presumably for scamming) and apparently tried to buy other accounts from another user. Definitely posted like 50 messages in an hour to try to get my account higher...which didn't work, as another member kept popping up on his threads alerting users he was posting like crazy. I discovered this whole fiasco on the 7/12/2013. Password has been updated...but this is crazy...guy was fairly smart and very capable, it's rather unnerving.
|
Please add more BTC here (my son will apprecciate it when he's older): 14WsxbeRcgsSYZyNSRJqEAmB1MKAzHhsCT
|
|
|
LoWang
|
|
July 13, 2013, 06:56:11 AM |
|
Allright, so I believe this started by luring the credentials from somebody and then using it to hijack more accounts through the phishing PMs (it is funny that the word phishing is in the address itself:). BruteForce attack is out of the question because that would assume somebody hacked into the site and got the password hash database (which I hope is not true) Badbear you said "the ban (which we can do) is really just reactionary to stop further damage" and yet you did not do this at least. That translates to me as you don't really care even if this could have prevented a lot more account hijacks... I believe you have not ever worked at an IT company Let's hope this will serve like a security education for those who fall for it without causing too much damage or money loss...
|
|
|
|
dexX7
Legendary
Offline
Activity: 1106
Merit: 1026
|
|
July 13, 2013, 05:50:46 PM |
|
I fell for it. Lost my old account. retard...
Which one was that? In case of account compromisation, those accounts should be banned/tagged or there should be a sticky somewhere on this board, so nobody gets tricked into believing it is a legit member.There is an trust issue though. Who do you believe? A newbie who claims he or she is user x? Hm.. Badbear, what would you need to stop it?
|
|
|
|
BadBear
v2.0
Legendary
Offline
Activity: 1652
Merit: 1128
|
|
July 13, 2013, 07:11:07 PM |
|
I fell for it. Lost my old account. retard...
Which one was that? In case of account compromisation, those accounts should be banned/tagged or there should be a sticky somewhere on this board, so nobody gets tricked into believing it is a legit member.There is an trust issue though. Who do you believe? A newbie who claims he or she is user x? Hm.. Badbear, what would you need to stop it? We need to be given access to the information we need in order to do something about it. Theymos declined, so I can only assume the help of the moderators is not needed or wanted when it comes to these situations. Edit: So make sure to contact him directly with all inquiries, complaints, reports or otherwise .
|
|
|
|
binaryFate (OP)
Legendary
Offline
Activity: 1512
Merit: 1012
Still wild and free
|
|
July 13, 2013, 11:13:53 PM |
|
One solution is to enable an optional 2 factors authentication: https://bitcointalk.org/index.php?topic=178568.0Nowadays, any website that handles something serious proposes it. And this forum is definitely something of that level, it deserves it.
|
Monero's privacy and therefore fungibility are MUCH stronger than Bitcoin's. This makes Monero a better candidate to deserve the term "digital cash".
|
|
|
Ridicuss
|
|
July 14, 2013, 03:38:50 PM |
|
I fell for it. Lost my old account. retard...
Which one was that? In case of account compromisation, those accounts should be banned/tagged or there should be a sticky somewhere on this board, so nobody gets tricked into believing it is a legit member.There is an trust issue though. Who do you believe? A newbie who claims he or she is user x? Hm.. Badbear, what would you need to stop it? We need to be given access to the information we need in order to do something about it. Theymos declined, so I can only assume the help of the moderators is not needed or wanted when it comes to these situations. Edit: So make sure to contact him directly with all inquiries, complaints, reports or otherwise . I did contact theymos about the dirtscience account. I heard nothing back, but I can see the hijacker has not posted anymore form the 10th on, I'm guessing its banned. I do have a way to prove I was the original owner but it would require getting a vendor here involved. I have already squared away my problems with the vendor myself. If dirtscience is still active and you want to trust go ahead.. If you dont want to ban it. Not my problem anymore.
|
Man, I wish I could change my avatar!
|
|
|
|
hennessyhemp
|
|
July 16, 2013, 03:27:11 AM |
|
One solution is to enable an optional 2 factors authentication: https://bitcointalk.org/index.php?topic=178568.0Nowadays, any website that handles something serious proposes it. And this forum is definitely something of that level, it deserves it. Yes...wholeheartedly agree 2 form authy!...it really sucks to attempt to build a rep, and log in to discover someone found a way to piss on it in your absence. In my case if you do any simple googling...you'll find I am connected to me in real life, so finding out a hacker used my account and posted all kinds of non-sense all over this forum was particularly unsettling...2 form would have probably worked pretty well even if he had gotten my weak password.
|
Please add more BTC here (my son will apprecciate it when he's older): 14WsxbeRcgsSYZyNSRJqEAmB1MKAzHhsCT
|
|
|
pontiacg5
|
|
July 16, 2013, 01:56:37 PM |
|
One solution is to enable an optional 2 factors authentication: https://bitcointalk.org/index.php?topic=178568.0Nowadays, any website that handles something serious proposes it. And this forum is definitely something of that level, it deserves it. Yes...wholeheartedly agree 2 form authy!...it really sucks to attempt to build a rep, and log in to discover someone found a way to piss on it in your absence. In my case if you do any simple googling...you'll find I am connected to me in real life, so finding out a hacker used my account and posted all kinds of non-sense all over this forum was particularly unsettling...2 form would have probably worked pretty well even if he had gotten my weak password. I imagine all that extra security doesn't come free. Would you be willing to pay extra for a forum membership just for that extra security? For all the guys in this thread there sure are a whole lot absent. No money ever goes solely through this site anyway, not like some exchange or anything... I'd be more ashamed that I fell for the trap and that it was exposed for all to see on the net. Hopefully you learned your lesson. Blaming the forum is just wrong though.
|
Please DO NOT send me private messages asking for help setting up GPU miners. I will not respond!!!
|
|
|
binaryFate (OP)
Legendary
Offline
Activity: 1512
Merit: 1012
Still wild and free
|
|
July 16, 2013, 02:27:09 PM |
|
One solution is to enable an optional 2 factors authentication: https://bitcointalk.org/index.php?topic=178568.0Nowadays, any website that handles something serious proposes it. And this forum is definitely something of that level, it deserves it. Yes...wholeheartedly agree 2 form authy!...it really sucks to attempt to build a rep, and log in to discover someone found a way to piss on it in your absence. In my case if you do any simple googling...you'll find I am connected to me in real life, so finding out a hacker used my account and posted all kinds of non-sense all over this forum was particularly unsettling...2 form would have probably worked pretty well even if he had gotten my weak password. I imagine all that extra security doesn't come free. Would you be willing to pay extra for a forum membership just for that extra security? For all the guys in this thread there sure are a whole lot absent. No money ever goes solely through this site anyway, not like some exchange or anything... I'd be more ashamed that I fell for the trap and that it was exposed for all to see on the net. Hopefully you learned your lesson. Blaming the forum is just wrong though. I strongly disagree. You have 2 factor authentications on all websites that are handling bitcoins and bitcoin-related assets. You have 2FA on your conventional bank websites too. Pretty much everywhere where it is critical. This forum is falling into this category, there are large auctions going on, funding campains, many things for which trust and reputation are keys. What matters really is not the name of it, just a "forum" so you might think there's nothing critical, no what really matters is what is going on here. And this place remains a central one in the BTC world.As for the money, I agree it's not free. There is as we speak more than 600BTC of donations made to the forum that are supposed to be used for improvements, but this amount is just standing useless at the moment. 1% of it would be enough for a 2FA. Money is not a problem.
|
Monero's privacy and therefore fungibility are MUCH stronger than Bitcoin's. This makes Monero a better candidate to deserve the term "digital cash".
|
|
|
tysat
Legendary
Offline
Activity: 966
Merit: 1004
Keep it real
|
|
July 16, 2013, 02:30:42 PM |
|
I strongly disagree. You have 2 factor authentications on all websites that are handling bitcoins and bitcoin-related assets. You have 2FA on your conventional bank websites too. Pretty much everywhere where it is critical. This forum is falling into this category, there are large auctions going on, funding campains, many things for which trust and reputation are keys. What matters really is not the name of it, just a "forum" so you might think there's nothing critical, no what really matters is what is going on here. And this place remains a central one in the BTC world.
As for the money, I agree it's not free. There is as we speak more than 600BTC of donations made to the forum that are supposed to be used for improvements, but this amount is just standing useless at the moment. 1% of it would be enough for a 2FA. Money is not a problem.
600 0BTC! 2FA could definitely be afforded by the forum.
|
|
|
|
hennessyhemp
|
|
July 16, 2013, 03:52:33 PM Last edit: July 16, 2013, 04:05:46 PM by hennessyhemp |
|
Make no mistake, I don't blame the forum...clearly, my password was weak. I blame the hacker, and myself for not securing my account better. I'm just saying if two form authentication became available, I'd turn it on immediately.
Also I'm not ashamed that a hacker hacked my shit. It was weak, and this site in particular is a hacker breeding ground, lesson learned. I really didn't expect anyone to try to steal my account for any reason...but clearly I should always assume that.
|
Please add more BTC here (my son will apprecciate it when he's older): 14WsxbeRcgsSYZyNSRJqEAmB1MKAzHhsCT
|
|
|
Ridicuss
|
|
July 16, 2013, 04:22:03 PM |
|
I don't blame the forum either. I was the idiot in a hurry and quickly logged back in on the phishing site. But because the dirtscience account had no reputation anyway it was really no big deal. Just could have caused me some trouble with a seller here. Again my fault.
|
Man, I wish I could change my avatar!
|
|
|
melon
|
|
July 18, 2013, 01:35:50 AM |
|
got this too but just ignored it-don't rember sender
|
Once was a man his name was Jed..had a lot of hair but it wasn't on his head !
|
|
|
paveq
Newbie
Offline
Activity: 4
Merit: 0
|
|
July 29, 2013, 09:07:07 PM |
|
Should we just delete or report unsolisticated and spammy private messages? Since I started posting to the forum a day ago, I've received two PM's from people I don't know advertising this btce-bot service. I've never posted to a thread related to btce-bot.
|
|
|
|
BadBear
v2.0
Legendary
Offline
Activity: 1652
Merit: 1128
|
|
July 29, 2013, 11:51:12 PM |
|
Report them, they're phishers.
|
|
|
|
pedrog
Legendary
Offline
Activity: 2786
Merit: 1031
|
|
July 30, 2013, 12:08:13 AM |
|
Should we just delete or report unsolisticated and spammy private messages? Since I started posting to the forum a day ago, I've received two PM's from people I don't know advertising this btce-bot service. I've never posted to a thread related to btce-bot. Got it too. Report them, they're phishers.
Just did, never remember to do that, thanks.
|
|
|
|
Swordsoffreedom
Legendary
Online
Activity: 2884
Merit: 1115
Leading Crypto Sports Betting & Casino Platform
|
|
August 22, 2013, 10:15:06 AM |
|
I've adjusted the limits to make spamming more difficult. Activity | Min. seconds between post actions | Max PM recipients | PMs per hour | 0 | 360 | 3 | 5 | 16 | 74 | 5 | 30 | 30 | 60 | 5 | 60 | 60 | 30 | 5 | 60 | 100 | 12 | 10 | 120 | 200 | 10 | 15 | 120 | 300 | 8 | 20 | 120 |
Shouldn't this be its own post somewhere or did I miss it ?
|
..Stake.com.. | | | ▄████████████████████████████████████▄ ██ ▄▄▄▄▄▄▄▄▄▄ ▄▄▄▄▄▄▄▄▄▄ ██ ▄████▄ ██ ▀▀▀▀▀▀▀▀▀▀ ██████████ ▀▀▀▀▀▀▀▀▀▀ ██ ██████ ██ ██████████ ██ ██ ██████████ ██ ▀██▀ ██ ██ ██ ██████ ██ ██ ██ ██ ██ ██ ██████ ██ █████ ███ ██████ ██ ████▄ ██ ██ █████ ███ ████ ████ █████ ███ ████████ ██ ████ ████ ██████████ ████ ████ ████▀ ██ ██████████ ▄▄▄▄▄▄▄▄▄▄ ██████████ ██ ██ ▀▀▀▀▀▀▀▀▀▀ ██ ▀█████████▀ ▄████████████▄ ▀█████████▀ ▄▄▄▄▄▄▄▄▄▄▄▄███ ██ ██ ███▄▄▄▄▄▄▄▄▄▄▄▄ ██████████████████████████████████████████ | | | | | | ▄▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▄ █ ▄▀▄ █▀▀█▀▄▄ █ █▀█ █ ▐ ▐▌ █ ▄██▄ █ ▌ █ █ ▄██████▄ █ ▌ ▐▌ █ ██████████ █ ▐ █ █ ▐██████████▌ █ ▐ ▐▌ █ ▀▀██████▀▀ █ ▌ █ █ ▄▄▄██▄▄▄ █ ▌▐▌ █ █▐ █ █ █▐▐▌ █ █▐█ ▀▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▀█ | | | | | | ▄▄█████████▄▄ ▄██▀▀▀▀█████▀▀▀▀██▄ ▄█▀ ▐█▌ ▀█▄ ██ ▐█▌ ██ ████▄ ▄█████▄ ▄████ ████████▄███████████▄████████ ███▀ █████████████ ▀███ ██ ███████████ ██ ▀█▄ █████████ ▄█▀ ▀█▄ ▄██▀▀▀▀▀▀▀██▄ ▄▄▄█▀ ▀███████ ███████▀ ▀█████▄ ▄█████▀ ▀▀▀███▄▄▄███▀▀▀ | | | ..PLAY NOW.. |
|
|
|
|