Bitcoin Forum
August 23, 2019, 05:47:29 AM *
News: Latest Bitcoin Core release: 0.18.0 [Torrent] (New!)
 
   Home   Help Search Login Register More  
Pages: [1]
  Print  
Author Topic: Lookout for Impostors...  (Read 1136 times)
hennessyhemp
Hero Member
*****
Offline Offline

Activity: 511
Merit: 500


Hempire Loading...


View Profile WWW
July 12, 2013, 11:02:21 PM
Last edit: July 13, 2013, 01:54:34 AM by hennessyhemp
 #1

So I logged in today to discover my email had been changed and a slew of messages and posts made on Wednesday the 10th (two days ago) had been posted in my name.  It doesn't appear anyone was scammed using my name...though apparently I now have 15 or so ignores...which I didn't have Tuesday.  Just a friendly heads up...use escrow for trades and verify it is in fact the person you are attempting to speak to.  It sounds like this guy was trying to buy forum accounts...which is odd since he obviously hacked mine indicating he really doesn't need it.  Anyhow, password 2.0 should keep them at bay till Moore's law is again proven right...then I'll have to upgrade again.

Please add more BTC here (my son will apprecciate it when he's older): 14WsxbeRcgsSYZyNSRJqEAmB1MKAzHhsCT
Advertised sites are not endorsed by the Bitcoin Forum. They may be unsafe, untrustworthy, or illegal in your jurisdiction. Advertise here.
1566539249
Hero Member
*
Offline Offline

Posts: 1566539249

View Profile Personal Message (Offline)

Ignore
1566539249
Reply with quote  #2

1566539249
Report to moderator
Kouye
Sr. Member
****
Offline Offline

Activity: 336
Merit: 250


Cuddling, censored, unicorn-shaped troll.


View Profile
July 13, 2013, 12:42:51 AM
 #2

That's about as clear and understandable as all the posts you've committed lately.  Smiley

[OVER] RIDDLES 2nd edition --- this was claimed. Look out for 3rd edition!
I won't ever ask for a loan nor offer any escrow service. If I do, please consider my account as hacked.
hennessyhemp
Hero Member
*****
Offline Offline

Activity: 511
Merit: 500


Hempire Loading...


View Profile WWW
July 13, 2013, 01:52:07 AM
 #3

Yep...pretty easy to discern my posts from the impostor...but still don't like anyone soiling my name.

Please add more BTC here (my son will apprecciate it when he's older): 14WsxbeRcgsSYZyNSRJqEAmB1MKAzHhsCT
Dabs
Staff
Legendary
*
Offline Offline

Activity: 2422
Merit: 1160


The Concierge of Crypto


View Profile
July 13, 2013, 03:54:44 PM
 #4

Is your password shorter than 20 characters? Does it have both letters and numbers, uppercase and lower case? Was it randomly generated or is it something you made up?

Escrow Service (Services) - GPG ID: 32AD7565, OTC ID: Dabs
All messages concerning escrow or with bitcoin addresses are GPG signed. Please verify.
CompTIA A+, Microsoft Certified Professional, MCSA: Windows 10; Windows Server 2012, MCSE: Cloud Platform and Infrastructure; Productivity; Messaging
whiskers75
Hero Member
*****
Offline Offline

Activity: 658
Merit: 500


Doesn't use these forums that often.


View Profile
July 14, 2013, 05:55:08 PM
 #5

Ah, so that's why you've been acting so trollish. Smiley

Elastic.pw Elastic - The Decentralized Supercomputer
ELASTIC ANNOUNCEMENT THREAD | ELASTIC SLACK | ELASTIC FORUM
QuestionAuthority
Legendary
*
Offline Offline

Activity: 2086
Merit: 1375


You lead and I'll watch you walk away.


View Profile
July 14, 2013, 10:26:20 PM
 #6

Are you absolutely certain you weren't just really high and made those posts yourself?

hennessyhemp
Hero Member
*****
Offline Offline

Activity: 511
Merit: 500


Hempire Loading...


View Profile WWW
July 16, 2013, 01:47:57 AM
 #7

My new password is much stronger.  Though I am curious if he found away around that, as he didn't bother changing the password, so it wasn't very hard getting it back.  He did change my email though...which sucks because I just placed a Lealana order.  I was afraid he'd tried to change my address on the order to his, since he clearly knew I had ordered them according to one of the posts.  Very unsettling to log in and see a bunch of people suddenly mad at you for something some prick did in your name.  

Whatever...I am connectable back to the real me, and the real me did not log in on the tenth...the servers have records of whoever did.

Definitely wishing I could apply two-form factor authentication to my profile for the future.

Please add more BTC here (my son will apprecciate it when he's older): 14WsxbeRcgsSYZyNSRJqEAmB1MKAzHhsCT
Dabs
Staff
Legendary
*
Offline Offline

Activity: 2422
Merit: 1160


The Concierge of Crypto


View Profile
July 16, 2013, 03:11:52 AM
 #8

My new password is much stronger.

How much stronger? Length? Character set? Numbers? Letters? Upper Case? Lower Case? Randomly generated or the name of your dog?

Escrow Service (Services) - GPG ID: 32AD7565, OTC ID: Dabs
All messages concerning escrow or with bitcoin addresses are GPG signed. Please verify.
CompTIA A+, Microsoft Certified Professional, MCSA: Windows 10; Windows Server 2012, MCSE: Cloud Platform and Infrastructure; Productivity; Messaging
hennessyhemp
Hero Member
*****
Offline Offline

Activity: 511
Merit: 500


Hempire Loading...


View Profile WWW
July 16, 2013, 03:31:42 AM
 #9

Actually it's simply dog.  Thought I'd trick him by going the opposite route.

Please add more BTC here (my son will apprecciate it when he's older): 14WsxbeRcgsSYZyNSRJqEAmB1MKAzHhsCT
TradeFortress 🏕
VIP
Legendary
*
Offline Offline

Activity: 1176
Merit: 1023


View Profile
July 16, 2013, 04:45:04 AM
 #10

dog actually wouldn't be a bad password - nobody will try it as it's less than 6 characters.
jackjack
Legendary
*
Offline Offline

Activity: 1134
Merit: 1023


May Bitcoin be touched by his Noodly Appendage


View Profile
July 16, 2013, 08:15:52 AM
 #11

A dictionary would

Own address: 19QkqAza7BHFTuoz9N8UQkryP4E9jHo4N3 - Pywallet support: 1AQDfx22pKGgXnUZFL1e4UKos3QqvRzNh5 - Bitcointalk++ script support: 1Pxeccscj1ygseTdSV1qUqQCanp2B2NMM2
Pywallet: instructions. Encrypted wallet support, export/import keys/addresses, backup wallets, export/import CSV data from/into wallet, merge wallets, delete/import addresses and transactions, recover altcoins sent to bitcoin addresses, sign/verify messages and files with Bitcoin addresses, recover deleted wallets, etc.
TradeFortress 🏕
VIP
Legendary
*
Offline Offline

Activity: 1176
Merit: 1023


View Profile
July 16, 2013, 09:07:52 AM
 #12

A dictionary would
Dictionary attacks don't try 3 letter passwords when the "min password" is 6. Security by obscurity (not defending it).
Dabs
Staff
Legendary
*
Offline Offline

Activity: 2422
Merit: 1160


The Concierge of Crypto


View Profile
July 16, 2013, 03:22:03 PM
 #13

Someone will brute force it, and it will start with 1 character.

I used to have a hotmail account. It had a 4 character password. "xcvb" or some keyboard pattern. Then microsoft decided to change the minimum to 6... I never changed it (grandfathered).

But ... ...

Escrow Service (Services) - GPG ID: 32AD7565, OTC ID: Dabs
All messages concerning escrow or with bitcoin addresses are GPG signed. Please verify.
CompTIA A+, Microsoft Certified Professional, MCSA: Windows 10; Windows Server 2012, MCSE: Cloud Platform and Infrastructure; Productivity; Messaging
Raoul Duke
aka psy
Legendary
*
Offline Offline

Activity: 1456
Merit: 1000



View Profile
July 16, 2013, 03:33:12 PM
 #14

Dude, cut it. Sick of reading of your alleged account loss to an hacker. No, I don't believe you.

hennessyhemp
Hero Member
*****
Offline Offline

Activity: 511
Merit: 500


Hempire Loading...


View Profile WWW
July 16, 2013, 03:59:35 PM
Last edit: July 16, 2013, 04:26:22 PM by hennessyhemp
 #15

Believe what you will.  I have done nothing but try to better the community until the day this asshole decided to piss on a bunch of threads in my name.  Perhaps you established better passwords and have never had to experience this, but it is quite possibly one of the most unsettling feelings I've ever had, to log in and see someone else had stolen my identity for a day.  I don't even really understand his (I assume it was a dude) intent, because there was nothing really gained from the hack from what I can tell, just making me look bad, which if that was his mission, he was apparently successful at, as is evidenced by comments like yours Psy.

I honestly didn't think a very secure password was necessary...thinking, it's just a silly forum account...who cares.  Clearly I do now.

Even now, with this thread...I am attempting to better the community because if you had a weak password, and thought as I thought, my advice is to upgrade it so you don't have to experience this kind of annoyance.  I wish people were just better all around and this was wholly unnecessary.

Please add more BTC here (my son will apprecciate it when he's older): 14WsxbeRcgsSYZyNSRJqEAmB1MKAzHhsCT
Dabs
Staff
Legendary
*
Offline Offline

Activity: 2422
Merit: 1160


The Concierge of Crypto


View Profile
July 16, 2013, 04:49:55 PM
 #16

hennessyhemp, maybe it's better you change the password now to 50 characters. then make a new one. forget the old one. start a new life, so to speak.

Escrow Service (Services) - GPG ID: 32AD7565, OTC ID: Dabs
All messages concerning escrow or with bitcoin addresses are GPG signed. Please verify.
CompTIA A+, Microsoft Certified Professional, MCSA: Windows 10; Windows Server 2012, MCSE: Cloud Platform and Infrastructure; Productivity; Messaging
hennessyhemp
Hero Member
*****
Offline Offline

Activity: 511
Merit: 500


Hempire Loading...


View Profile WWW
July 16, 2013, 05:35:35 PM
 #17

I don't know that I would remember a 50 character password.  I am much more interested in adding two form authentication.  Perhaps making a signature that is traceable only to me like John K does with his escrows would be helpful, seems like that would be much more difficult to fake. 

He seemed interested in talking to you a lot though Dabs according to the post history...perhaps you know him elsewhere.

I wonder if he was clever enough to have masked his IP, or if the servers would have that on file.  I don't know enough technical shit to know how to look that up...but it would have obviously been a different IP on the 10th than any of the days I logged in.

Start a new life...definitely my intention with bitcoin and crypto...hoping to make enough to start a real life hemp farm...legally.  May also try to grow some medicinal/recreational female varieties.  Cool

Please add more BTC here (my son will apprecciate it when he's older): 14WsxbeRcgsSYZyNSRJqEAmB1MKAzHhsCT
the joint
Legendary
*
Offline Offline

Activity: 1806
Merit: 1010



View Profile
July 16, 2013, 06:34:01 PM
 #18

I can vouch for Hennessy, his account was hacked.

hennessyhemp
Hero Member
*****
Offline Offline

Activity: 511
Merit: 500


Hempire Loading...


View Profile WWW
July 16, 2013, 07:34:53 PM
 #19

Thanks Joint!  This whole ordeal has me seriously wondering how the majority of America runs around with a card attached to a 4 character pin.  50 characters?  The majority of Americans would wind up on an endless tech support call attempting to get a password reset...probably while speaking to an Indian fellow/gal.

Please add more BTC here (my son will apprecciate it when he's older): 14WsxbeRcgsSYZyNSRJqEAmB1MKAzHhsCT
hennessyhemp
Hero Member
*****
Offline Offline

Activity: 511
Merit: 500


Hempire Loading...


View Profile WWW
July 16, 2013, 08:39:38 PM
 #20

Or if ATM's are secure because of password lockout after multiple attempts...perhaps forum accounts could have something similar?  If it locked up after a couple attempts, wouldn't that stop this guy in his tracks?  I highly doubt he guessed my password, pretty sure it would have had to have been some sort of password list or program that tries thousands of passwords. 

Can that be prevented?  Two form authy or multiple attempt lockout seem like two very viable options for curbing this kind of activity.

Then again, I have no idea how this happened, so it's all speculation...anyone else ever have this happen to them?

Please add more BTC here (my son will apprecciate it when he's older): 14WsxbeRcgsSYZyNSRJqEAmB1MKAzHhsCT
Pages: [1]
  Print  
 
Jump to:  

Sponsored by , a Bitcoin-accepting VPN.
Powered by MySQL Powered by PHP Powered by SMF 1.1.19 | SMF © 2006-2009, Simple Machines Valid XHTML 1.0! Valid CSS!