Bitcoin Forum
September 20, 2019, 01:12:51 PM *
News: If you like a topic and you see an orange "bump" link, click it. More info.
 
   Home   Help Search Login Register More  
Pages: [1]
  Print  
Author Topic: Someone trying to GUESS? my pasword on bitcointalk[possible attack?]  (Read 454 times)
s1lverbox
Legendary
*
Offline Offline

Activity: 1960
Merit: 1021


View Profile
January 04, 2014, 11:19:15 AM
Last edit: January 04, 2014, 06:58:48 PM by s1lverbox
 #1

Hi i did open my mozilla client to check emails and was flooded by more than 100 emails from bitcointalk that password has been forgot.



Photos of my mozilla:




and one message:



and now to check who trying to get access: http://217.174.254.150.ipaddress.com/
which is proxy. so someone trying to guess or get access to my account.

Anyone have same issue?
Advertised sites are not endorsed by the Bitcoin Forum. They may be unsafe, untrustworthy, or illegal in your jurisdiction. Advertise here.
1568985171
Hero Member
*
Offline Offline

Posts: 1568985171

View Profile Personal Message (Offline)

Ignore
1568985171
Reply with quote  #2

1568985171
Report to moderator
1568985171
Hero Member
*
Offline Offline

Posts: 1568985171

View Profile Personal Message (Offline)

Ignore
1568985171
Reply with quote  #2

1568985171
Report to moderator
jackjack
Legendary
*
Offline Offline

Activity: 1134
Merit: 1025


May Bitcoin be touched by his Noodly Appendage


View Profile
January 04, 2014, 11:43:40 AM
 #2

The forum doesn't block images but you must put the image URL and imgur.com/xxx isn't the image URL
Put i.imgur.com instead

Own address: 19QkqAza7BHFTuoz9N8UQkryP4E9jHo4N3 - Pywallet support: 1AQDfx22pKGgXnUZFL1e4UKos3QqvRzNh5 - Bitcointalk++ script support: 1Pxeccscj1ygseTdSV1qUqQCanp2B2NMM2
Pywallet: instructions. Encrypted wallet support, export/import keys/addresses, backup wallets, export/import CSV data from/into wallet, merge wallets, delete/import addresses and transactions, recover altcoins sent to bitcoin addresses, sign/verify messages and files with Bitcoin addresses, recover deleted wallets, etc.
s1lverbox
Legendary
*
Offline Offline

Activity: 1960
Merit: 1021


View Profile
January 04, 2014, 11:54:59 AM
 #3

The forum doesn't block images but you must put the image URL and imgur.com/xxx isn't the image URL
Put i.imgur.com instead

Thanks for advice.
jackjack
Legendary
*
Offline Offline

Activity: 1134
Merit: 1025


May Bitcoin be touched by his Noodly Appendage


View Profile
January 04, 2014, 11:57:35 AM
 #4

Hmm maybe the guy thinks he has access to your mail account... I'd change the pass.
If it continues spamming you should ask theymos to do something. Maybe banning that IP or limiting the number of passworg-forgotten requests per hour.

Own address: 19QkqAza7BHFTuoz9N8UQkryP4E9jHo4N3 - Pywallet support: 1AQDfx22pKGgXnUZFL1e4UKos3QqvRzNh5 - Bitcointalk++ script support: 1Pxeccscj1ygseTdSV1qUqQCanp2B2NMM2
Pywallet: instructions. Encrypted wallet support, export/import keys/addresses, backup wallets, export/import CSV data from/into wallet, merge wallets, delete/import addresses and transactions, recover altcoins sent to bitcoin addresses, sign/verify messages and files with Bitcoin addresses, recover deleted wallets, etc.
s1lverbox
Legendary
*
Offline Offline

Activity: 1960
Merit: 1021


View Profile
January 04, 2014, 12:05:50 PM
 #5

Hmm maybe the guy thinks he has access to your mail account... I'd change the pass.
If it continues spamming you should ask theymos to do something. Maybe banning that IP or limiting the number of passworg-forgotten requests per hour.

I thought that forum have this feature about flooding with login attempts. but obviously not. Plus the fact that even if Ip will be banned -its only proxy service.
Password already changed for very flippin difficult.

Plus 2 way authentication.
jameschase
Newbie
*
Offline Offline

Activity: 47
Merit: 0


View Profile
January 04, 2014, 04:19:39 PM
 #6

Hmm maybe the guy thinks he has access to your mail account... I'd change the pass.

I know next to nothing about this thingies, but maybe it's the exact think this nasty man wants? So he can capture that data, while now he can't? (Because for evample s1lverbox set to be logged in forever, so he doesn't have to type his pass while logging)
jackjack
Legendary
*
Offline Offline

Activity: 1134
Merit: 1025


May Bitcoin be touched by his Noodly Appendage


View Profile
January 04, 2014, 05:33:48 PM
 #7

Hmm maybe the guy thinks he has access to your mail account... I'd change the pass.

I know next to nothing about this thingies, but maybe it's the exact think this nasty man wants? So he can capture that data, while now he can't? (Because for evample s1lverbox set to be logged in forever, so he doesn't have to type his pass while logging)

Sorry, I meant the mail pass

Own address: 19QkqAza7BHFTuoz9N8UQkryP4E9jHo4N3 - Pywallet support: 1AQDfx22pKGgXnUZFL1e4UKos3QqvRzNh5 - Bitcointalk++ script support: 1Pxeccscj1ygseTdSV1qUqQCanp2B2NMM2
Pywallet: instructions. Encrypted wallet support, export/import keys/addresses, backup wallets, export/import CSV data from/into wallet, merge wallets, delete/import addresses and transactions, recover altcoins sent to bitcoin addresses, sign/verify messages and files with Bitcoin addresses, recover deleted wallets, etc.
DeboraMeeks
Hero Member
*****
Offline Offline

Activity: 588
Merit: 500


View Profile
January 04, 2014, 06:25:36 PM
 #8

Well what is his goal with this ? it looks like that persons just spamming your inbox as using the "forgot my password" function just sends an e-mail and not refreshing the pass (unless you click) and if that person had access to your e-mail it wouldn't require more than one.
Is this some kind of DDOS attack? and doesn't the website have some limitations on it?
s1lverbox
Legendary
*
Offline Offline

Activity: 1960
Merit: 1021


View Profile
January 04, 2014, 06:57:22 PM
 #9

Well what is his goal with this ? it looks like that persons just spamming your inbox as using the "forgot my password" function just sends an e-mail and not refreshing the pass (unless you click) and if that person had access to your e-mail it wouldn't require more than one.
Is this some kind of DDOS attack? and doesn't the website have some limitations on it?

What i done at the beggining, i posted image with link to reset the password. Maybe someone tried to get image like and just type letter by letter and number by number in to search bar.
Once i realised link is visible i changed password at forum, secured my email with 2 authentication code and deleted image from post.

I dont know.
Im not good in any of these hacking stuff but once you got within 2-3 hours more than 140 attempts to reset your password you asking yourselve questions.

Obviously bitcointalk have no limitation in such thing like login or resetting password.

If that would be DDOS attack its quite weird.

Pages: [1]
  Print  
 
Jump to:  

Sponsored by , a Bitcoin-accepting VPN.
Powered by MySQL Powered by PHP Powered by SMF 1.1.19 | SMF © 2006-2009, Simple Machines Valid XHTML 1.0! Valid CSS!