Bitcoin Forum
September 26, 2018, 12:03:02 AM *
News: ♦♦ New info! Bitcoin Core users absolutely must upgrade to previously-announced 0.16.3 [Torrent]. All Bitcoin users should temporarily trust confirmations slightly less. More info.
 
   Home   Help Search Donate Login Register  
Pages: [1]
  Print  
Author Topic: possible Poloniex leak/hack?  (Read 101 times)
pawel7777
Legendary
*
Offline Offline

Activity: 1694
Merit: 1073


We're all gonna make it


View Profile WWW
February 10, 2018, 10:52:26 PM
Merited by manchester93 (1)
 #1

Hopefully it's nothing and the guy is just larping but someone posted a snippet of, allegedly, poloniex' log in credentials and is threatening to dump complete list tomorrow:

https://twitter.com/poloniexhack/status/962288838692474880

Let's wait and see till tomorrow whether he delivers.

Edit: if he tweets any link tomorrow, be extra cautious and inspect before clicking/downloading anything.


       █
      ██
     ██
   ██ ██
 █ ██ ██
██ ██ ██
██ ██ ██
██ ██ ██
██ ██ ██
██ ██ ██

       █
      ██
     ██
   ██ ██
 █ ██ ██
██ ██ ██
██ ██ ██
██ ██ ██
██ ██ ██
██ ██ ██
  B

          ▄▄▄▄▄▄
     ▄▄████████████▄▄
   ▄█████▀▀    ▀▀█████▄
  ████▀            ▀████
 ████                ████
▐███                  ███▌
███▌                  ▐███
▐███           ▄▄     ███▌
 ████         ▀███▄  ▐███
  ████▄         ▀███▄███
   ▀█████▄▄     ▄█████▀
     ▀▀████████████▀▀
          ▀▀▀▀▀▀
T 
.Better. Quick..

.Transparent....






             ▄████▄▄   ▄
█▄          ██████████▀▄
███        ███████████▀
▐████▄     ██████████▌
▄▄██████▄▄▄▄█████████▌
▀████████████████████
  ▀█████████████████
  ▄▄███████████████
   ▀█████████████▀
    ▄▄█████████▀
▀▀██████████▀
    ▀▀▀▀▀






▄█████████████████████████▄
███████████████████████████
███████████████▀       ████
██████████████      ▄▄▄████
██████████████    ▐████████
██████████████    ▐████████
██████████            ▐████
██████████            █████
██████████████    ▐████████
██████████████    ▐████████
██████████████    ▐████████
▀█████████████    ▐███████▀






                   ▄▄████
              ▄▄████████▌
         ▄▄█████████▀███
    ▄▄██████████▀▀ ▄███▌
▄████████████▀▀  ▄█████
▀▀▀███████▀   ▄███████▌
      ██    ▄█████████
       █  ▄██████████▌
       █  ███████████
       █ ██▀ ▀██████▌
       ██▀     ▀████
                 ▀█▌
1537920182
Hero Member
*
Offline Offline

Posts: 1537920182

View Profile Personal Message (Offline)

Ignore
1537920182
Reply with quote  #2

1537920182
Report to moderator
1537920182
Hero Member
*
Offline Offline

Posts: 1537920182

View Profile Personal Message (Offline)

Ignore
1537920182
Reply with quote  #2

1537920182
Report to moderator
Advertised sites are not endorsed by the Bitcoin Forum. They may be unsafe, untrustworthy, or illegal in your jurisdiction. Advertise here.
1537920182
Hero Member
*
Offline Offline

Posts: 1537920182

View Profile Personal Message (Offline)

Ignore
1537920182
Reply with quote  #2

1537920182
Report to moderator
1537920182
Hero Member
*
Offline Offline

Posts: 1537920182

View Profile Personal Message (Offline)

Ignore
1537920182
Reply with quote  #2

1537920182
Report to moderator
Welsh
Staff
Legendary
*
Offline Offline

Activity: 1358
Merit: 1367



View Profile
February 10, 2018, 10:55:41 PM
 #2

Regardless of whether this is true or not it would be wise for anyone to change their credentials even at the slightest risk of this being true. Also, if this is true then expect your email to get phishing links and all sorts of spam.

Also, remove any coins you have stored on the exchange.

Yuuto
Hero Member
*****
Offline Offline

Activity: 644
Merit: 501


DateCoin - The HOTTEST ICO


View Profile
February 10, 2018, 11:10:20 PM
 #3

Regardless of whether this is true or not it would be wise for anyone to change their credentials even at the slightest risk of this being true. Also, if this is true then expect your email to get phishing links and all sorts of spam.

Also, remove any coins you have stored on the exchange.

Yeah agreed. regardless of whether this is a legit hack in the system or not, you should change your password whenever this happens and regularly even if nothing happens, every half a year or a few months at a time.

Obviously the twitter account could be fake, and a troll is behind it... He could have registered multiple accounts himself and published the throwaway passwords of those.

It just doesn't look legit to me. Most likely a troll or an extortionist who wants money. It's hard to believe that all the user credentials can be stolen at one time.

ninche
Sr. Member
****
Offline Offline

Activity: 476
Merit: 252


View Profile
February 10, 2018, 11:16:58 PM
 #4

this is a big lie
even if someone knew your email and password,he still can not log in cause poloneix send a code to your email address whenever you try to sign in
pawel7777
Legendary
*
Offline Offline

Activity: 1694
Merit: 1073


We're all gonna make it


View Profile WWW
February 10, 2018, 11:25:17 PM
 #5

...It just doesn't look legit to me. ...

It's likely 99.9% bullshit. Apparently those emails/passwords are invalid (didn't check that myself though). If he was legit, he would contact Polo directly for ransom/bounty demand, then Polo would have no choice but to take immediate actions like sending mass emails asking everyone to change their passwords.

I reckon it's either a troll, or he just wants to hype it up to get people to click or download whatever he'll post tomorrow, which could be a malware.



       █
      ██
     ██
   ██ ██
 █ ██ ██
██ ██ ██
██ ██ ██
██ ██ ██
██ ██ ██
██ ██ ██

       █
      ██
     ██
   ██ ██
 █ ██ ██
██ ██ ██
██ ██ ██
██ ██ ██
██ ██ ██
██ ██ ██
  B

          ▄▄▄▄▄▄
     ▄▄████████████▄▄
   ▄█████▀▀    ▀▀█████▄
  ████▀            ▀████
 ████                ████
▐███                  ███▌
███▌                  ▐███
▐███           ▄▄     ███▌
 ████         ▀███▄  ▐███
  ████▄         ▀███▄███
   ▀█████▄▄     ▄█████▀
     ▀▀████████████▀▀
          ▀▀▀▀▀▀
T 
.Better. Quick..

.Transparent....






             ▄████▄▄   ▄
█▄          ██████████▀▄
███        ███████████▀
▐████▄     ██████████▌
▄▄██████▄▄▄▄█████████▌
▀████████████████████
  ▀█████████████████
  ▄▄███████████████
   ▀█████████████▀
    ▄▄█████████▀
▀▀██████████▀
    ▀▀▀▀▀






▄█████████████████████████▄
███████████████████████████
███████████████▀       ████
██████████████      ▄▄▄████
██████████████    ▐████████
██████████████    ▐████████
██████████            ▐████
██████████            █████
██████████████    ▐████████
██████████████    ▐████████
██████████████    ▐████████
▀█████████████    ▐███████▀






                   ▄▄████
              ▄▄████████▌
         ▄▄█████████▀███
    ▄▄██████████▀▀ ▄███▌
▄████████████▀▀  ▄█████
▀▀▀███████▀   ▄███████▌
      ██    ▄█████████
       █  ▄██████████▌
       █  ███████████
       █ ██▀ ▀██████▌
       ██▀     ▀████
                 ▀█▌
ninche
Sr. Member
****
Offline Offline

Activity: 476
Merit: 252


View Profile
February 10, 2018, 11:30:57 PM
 #6

i think he is trying to make polo members scared with such lies to withdraw their coins and make polo falls for some other competitor
peter0425
Sr. Member
****
Offline Offline

Activity: 602
Merit: 267


View Profile
February 10, 2018, 11:35:30 PM
 #7

...It just doesn't look legit to me. ...

It's likely 99.9% bullshit. Apparently those emails/passwords are invalid (didn't check that myself though). If he was legit, he would contact Polo directly for ransom/bounty demand, then Polo would have no choice but to take immediate actions like sending mass emails asking everyone to change their passwords.

I reckon it's either a troll, or he just wants to hype it up to get people to click or download whatever he'll post tomorrow, which could be a malware.



But I will still to remain cautious as @Welsh have mentioned, There's nothing wrong that being safe than sorry. We have seen this acts before and most of them are completely trolling and just wanted some clickbait to install malicious code such as Trojan / Malware to steal your password.

Lets see, I don't have a Polo account but I will follow and see how it goes.

I LOL'ed at someone who said that its legit because he did verify some of the account in the snippet. Or it could be very well another fake account of the trolls to bring credibility.
jakelyson
Legendary
*
Offline Offline

Activity: 1022
Merit: 1004



View Profile
February 10, 2018, 11:43:37 PM
 #8

Thanks for the information, I have some coins in poloniex. This saved me.

This are just username and passwords, right? If your account is 2FA protected, they cannot get into your money.

Will this start a run from poloniex?


Investing in the future development of blockchain technologies

HETA CHAlN: Join Whitelist
                               
███████▒▒▒▒▒▒▒▒▒▒███████
███████▒▒▒▒▒▒▒▒▒▒███████
███████▒▒▒▒▒▒▒▒▒▒███████
███████▒▒▒▒▒▒▒▒▒▒███████
███████▒▒▒▒▒▒▒▒▒▒███████
███████▒▒▒▒▒▒▒▒▒▒███████
████████████████████████
████████████████████████
████████████████████████
████████████████████████
███████▒▒▒▒▒▒▒▒▒▒███████
███████▒▒▒▒▒▒▒▒▒▒███████
███████▒▒▒▒▒▒▒▒▒▒███████
███████▒▒▒▒▒▒▒▒▒▒███████
███████▒▒▒▒▒▒▒▒▒▒███████
███████▒▒▒▒▒▒▒▒▒▒███████
▬▬▬▬▬          ▬▬▬▬▬
Telegram
Facebook
ANN Thread
Youtube
LinkedIn
Twitter
Medium
Reddit
Steemit
squatter
Hero Member
*****
Offline Offline

Activity: 910
Merit: 606


STOP SNITCHIN'


View Profile
February 10, 2018, 11:57:15 PM
Merited by Potato Chips (1)
 #9

...It just doesn't look legit to me. ...

It's likely 99.9% bullshit. Apparently those emails/passwords are invalid (didn't check that myself though).

Some of them apparently work and ask for 2FA -- but a good hoaxer would include real accounts on the list. Some of the accounts show up on Haveibeenpwned, so they may have just pulled from old leaks. The fact that there's a typo on the list ("gmai.com") suggests it wasn't dumped from Poloniex's database. It could have been scraped from a phishing site, but it doesn't look like a legit hack.

If he was legit, he would contact Polo directly for ransom/bounty demand, then Polo would have no choice but to take immediate actions like sending mass emails asking everyone to change their passwords.

I reckon it's either a troll, or he just wants to hype it up to get people to click or download whatever he'll post tomorrow, which could be a malware.

Looks like an FUD attempt to me.

Maum
Full Member
***
Offline Offline

Activity: 252
Merit: 105


View Profile
February 11, 2018, 02:47:28 AM
 #10

Not only because of a possible hack, it is generally not recommendable to entrust exchangers bigger funds and longer than neccessary.
But I nevertheless think, it is fake to gain many followers.
alyssa85
Legendary
*
Offline Offline

Activity: 1288
Merit: 1056


View Profile
February 11, 2018, 03:58:17 AM
 #11

this is a big lie
even if someone knew your email and password,he still can not log in cause poloneix send a code to your email address whenever you try to sign in

This. They need to crack both your Poloniex and email passwords to get in.

cpfreeplz
Hero Member
*****
Offline Offline

Activity: 910
Merit: 1033


View Profile
February 11, 2018, 04:25:32 AM
 #12

Even if it's real what does it matter? This guy wouldn't give people 24h. He would have gotten everything he possibly could have then split. This has got to be fake. When is he supposed to prove that he's legit? Glad I got everything out of that shithole anyway.
timerland
Hero Member
*****
Online Online

Activity: 896
Merit: 536


View Profile
February 11, 2018, 07:36:12 AM
 #13

Hopefully it's nothing and the guy is just larping but someone posted a snippet of, allegedly, poloniex' log in credentials and is threatening to dump complete list tomorrow:

https://twitter.com/poloniexhack/status/962288838692474880

Let's wait and see till tomorrow whether he delivers.

Edit: if he tweets any link tomorrow, be extra cautious and inspect before clicking/downloading anything.


It's BS... He obviously can't do any damage even if he's got the files, otherwise he want try to extort in public but rather try to withdraw as much funds from the system as he possibly could before they force reset everyone's password.

No hacker would ever show to the public what they've been able to achieve and basically warn poloniex about what's upcoming.

I'm guessing that either he's going to try to get greedy people to buy this so called database from him or just cause a widespread panic about poloniex and try to demand money from them. Either way, this is a poorly thought out attempt of scamming.

Change your password nonetheless, doesn't hurt to do it.

swogerino
Legendary
*
Offline Offline

Activity: 1092
Merit: 1011



View Profile
February 12, 2018, 03:55:14 PM
 #14

It looks like it is a big BS from some random dude in the internet. People who have their account at Poloniex secured with 2FA from Google Authenticator and also have their email secured with 2FA have nothing to worry about. The only people who should definitely change the password are the ones who have their Poloniex account without 2FA security and also their email is not 2FA secured. I have an account at Poloniex secured with 2FA and also my email secured with 2FA so I am not bothering changing my password.

﹏﹏﹋﹌﹌ WPP ENERGY ﹌﹌﹋﹏﹏
≈ WORLD POWER PRODUCTION ≈

████████████
██████████████████████
██████████████████████████████
██████████████████████████████████
████████████████████████████████████████
██████████████████████████████████████████
██████████████████████████████████████████████
███████████████████████████████████████████████
██████████████████████████████████████████████████
████████████████████████████████████████████████████
█████████████████████████████████████████████████████
████████████████████████████████████████████████████████
██████████████████████████████████████████████████████████
█████████████████████████████████████████████████████████
███████████████████████████████████████████████████████████
███████████████████████████████████████████████████████████
████████████████████████████████████████████████████████████
████████████████████████████████████████████████████████████
████████████████████████████████████████████████████████████
████████████████████████████████████████████████████████████
████████████████████████████████████████████████████████████
████████████████████████████████████████████████████████████
████████████████████████████████████████████████████████████
██████████████████████████████████████████████████████████
██████████████████████████████████████████████████████████
███████████████████████████████████████████████████████
██████████████████████████████████████████████████████
████████████████████████████████████████████████████
██████████████████████████████████████████████████
████████████████████████████████████████████████
██████████████████████████████████████████████
██████████████████████████████████████████
████████████████████████████████████████
██████████████████████████████████
██████████████████████████████
██████████████████████
████████████
maeusi
Sr. Member
****
Offline Offline

Activity: 462
Merit: 253


View Profile
February 12, 2018, 10:16:17 PM
 #15

But 2FA is not neccessary, if the email is secured. I didn't see any statement from Poloniex yet. Think, it is fake leak, but it is nevertheless a bad taste and I can understand prople, who withfraw their money.
Pages: [1]
  Print  
 
Jump to:  

Sponsored by , a Bitcoin-accepting VPN.
Powered by MySQL Powered by PHP Powered by SMF 1.1.19 | SMF © 2006-2009, Simple Machines Valid XHTML 1.0! Valid CSS!