Bitcoin Forum
May 20, 2018, 08:42:41 PM *
News: Latest stable version of Bitcoin Core: 0.16.0  [Torrent]. (New!)
 
   Home   Help Search Donate Login Register  
Pages: [1]
  Print  
Author Topic: Who is fuzzing blockchain.info users? [HACK ATTEMP]  (Read 1120 times)
btctalk
Full Member
***
Offline Offline

Activity: 135
Merit: 100



View Profile WWW
September 25, 2013, 06:48:32 AM
 #1

I had this in mind a while ago but I guess someone finally did this.

Today I received an email saying:

Quote
Authorize log-in attempt

An attempt to login to your blockchain.info wallet was made from an unknown browser. Please confirm the following details are correct:

Time: 2013-09-25 03:16:43
IP Address: 23.29.121.166 (United States)
User Agent: Python-urllib/2.7

It's a while that I haven't used my blockchain.info wallet in any forms (chrome plugin, mobile app, etc)
As the Python-urllib says, it's a script doing this login from a probably proxy with the specified ip.

something fishy is going on in shirt! secure your accounts Wink

Persian Blockchain Consultation Group: http://shiryakhat.net
Super Bitcoiner Club http://superbitcoiner.com
Persian Bitcoin Community - http://btctalk.com - http://fb.com/IranBitcoin
1526848961
Hero Member
*
Offline Offline

Posts: 1526848961

View Profile Personal Message (Offline)

Ignore
1526848961
Reply with quote  #2

1526848961
Report to moderator
1526848961
Hero Member
*
Offline Offline

Posts: 1526848961

View Profile Personal Message (Offline)

Ignore
1526848961
Reply with quote  #2

1526848961
Report to moderator
Advertised sites are not endorsed by the Bitcoin Forum. They may be unsafe, untrustworthy, or illegal in your jurisdiction. Advertise here.
1526848961
Hero Member
*
Offline Offline

Posts: 1526848961

View Profile Personal Message (Offline)

Ignore
1526848961
Reply with quote  #2

1526848961
Report to moderator
1526848961
Hero Member
*
Offline Offline

Posts: 1526848961

View Profile Personal Message (Offline)

Ignore
1526848961
Reply with quote  #2

1526848961
Report to moderator
pajak666
Hero Member
*****
Offline Offline

Activity: 497
Merit: 500



View Profile
September 25, 2013, 10:13:13 AM
 #2

my friend has 0.56 btc stolen from his account today
with this transaction
https://blockchain.info/pl/tx/79adb6e96a6a34017bbd02b4e521ec2a052e219a376210bfc04cf4598cd3c40a
bitcoin44me
Full Member
***
Offline Offline

Activity: 252
Merit: 100


MARKETPLACE FOR PAID ADVICE LIVE BROADCASTS


View Profile
September 25, 2013, 11:08:35 AM
 #3

That could be a bot, or anyone in the world. Just do not click on the link and remove it from your mailbox.

btctalk
Full Member
***
Offline Offline

Activity: 135
Merit: 100



View Profile WWW
September 27, 2013, 10:45:08 PM
 #4

That could be a bot, or anyone in the world. Just do not click on the link and remove it from your mailbox.

either it's a bot or anyone it is trying to login in my account. and the useragent shows that it's by python so it's probably a large scale hack attempt.


I got another one last night too

Quote
Time: 2013-09-27 07:09:21
IP Address: 96.44.189.101 (United States)
User Agent: Python-urllib/2.7

Persian Blockchain Consultation Group: http://shiryakhat.net
Super Bitcoiner Club http://superbitcoiner.com
Persian Bitcoin Community - http://btctalk.com - http://fb.com/IranBitcoin
DobZombie
Hero Member
*****
Offline Offline

Activity: 756
Merit: 500


TheBitcoinMuseum.com


View Profile
September 28, 2013, 02:08:11 PM
 #5

me too!

Quote
Time: 2013-09-28 13:00:14
IP Address: 74.120.13.132 (Anonymous Proxy)
User Agent: Python-urllib/2.7

The Bitcoin Museum is back under my control, but I still need to go through all the code. DO NOT PURCHASE ANYTHING FROM IT

The Biggest Collection of Bitcoin Memorabilia The Bitcoin Museum
Series 2 BitcoinNerd 1g Silver coin thread!
Discount Jewellery! Noella Jean Jewellery



Buy premium Champanges, Spirits & Wines in Australia! My Bitmit Items

Tip Me if you Hate Justin Bieber 1DobZomBiE2gngvy6zDFKY5b76yvDbqRra
marcovaldo
Sr. Member
****
Offline Offline

Activity: 336
Merit: 250



View Profile
September 28, 2013, 02:22:33 PM
 #6

That could be a bot, or anyone in the world. Just do not click on the link and remove it from your mailbox.

either it's a bot or anyone it is trying to login in my account. and the useragent shows that it's by python so it's probably a large scale hack attempt.


I got another one last night too

Quote
Time: 2013-09-27 07:09:21
IP Address: 96.44.189.101 (United States)
User Agent: Python-urllib/2.7


It does not matter at all, unless your email is compromised and they can click on the link ....

BITEX
            ███     ███     ███
              ███     ███     ███
                ███     ███     ███
                  ███     ███     ███
                    ███     ███     ███
                      ███     ███     ███
                        ███     ███     ███
                          ███     ███     ███
                            ███     ███     ███
                              ███     ███     ███
                            ███     ███     ███
                          ███     ███     ███
                        ███     ███     ███
                      ███     ███     ███
                    ███     ███     ███
                  ███     ███     ███
                ███     ███     ███
              ███     ███     ███
            ███     ███     ███

The First Locally-Embedded, Yet Global, Crypto-Bank
TELEGRAM    FACEBOOK   TWITTER    YOUTUBE    LINE

                  ███     ███     ███
                ███     ███     ███
              ███     ███     ███
            ███     ███     ███
          ███     ███     ███
        ███     ███     ███
      ███     ███     ███
    ███     ███     ███
  ███     ███     ███
███     ███     ███
  ███     ███     ███
    ███     ███     ███
      ███     ███     ███
        ███     ███     ███
          ███     ███     ███
            ███     ███     ███
              ███     ███     ███
               ███     ███     ███
                 ███     ███     ███

WHITEPAPER | ANN
JOIN WHITELIST NOW!
vm1990
Legendary
*
Offline Offline

Activity: 1288
Merit: 1000


bloginhell.me


View Profile WWW
September 28, 2013, 02:40:01 PM
 #7

this has been going on for a while. someone will be trying top brute force accounts, people with simple passwords like 12345 are pretty screwed or if you password is in a dictionary.. pretty easy to think of a slightly complex password but the hacker only has to get access to 1 or 2 accounts with BTC in them to make it worth his time..

simple rules are
dont be stupid and use a password like Dave or Bob (you use these kinds of passwords then you deserve to get your money taken)
make sure emails arnt scam emails and that you log into the correct site not a clone

▄▄▄▄▄▄
▄▄▄▄
▄▄
▄▄▄▄▄▄
▄▄▄▄
▄▄
▄▄▄▄▄▄
▄▄▄▄
▄▄
.JOIN THE CLUB !
 Bitcointalk.club
▄▄▄▄▄▄
▄▄▄▄
▄▄
BLOG:  www.bloginhell.me        BTC: 192tyaiwWxJ2UhSxUCbQW4JuA3Le5CEhWH                 Free 5GB Storage Cloud.Bloginhell.me 
Pages: [1]
  Print  
 
Jump to:  

Sponsored by , a Bitcoin-accepting VPN.
Powered by MySQL Powered by PHP Powered by SMF 1.1.19 | SMF © 2006-2009, Simple Machines Valid XHTML 1.0! Valid CSS!