Bitcoin Forum
November 18, 2019, 11:40:19 PM *
News: 10th anniversary art contest
 
   Home   Help Search Login Register More  
Pages: [1]
  Print  
Author Topic: Hacked and Changed Email addresses Account using Yopmail accounts  (Read 214 times)
Swenna
Full Member
***
Offline Offline

Activity: 364
Merit: 106



View Profile WWW
July 15, 2018, 03:17:31 PM
Last edit: July 15, 2018, 03:41:38 PM by Swenna
Merited by Jon lang (2), kitty94 (1)
 #1

After being away for a few days in the forum, it was a surprise to receive an e-mail from the forum. However, this e-mail, which I received today, and which I just read an hour ago was very serious and alarming. It had stated in the e-mail that my account's e-mail and my password was accessed and was changed by someone from a certain IP address. I panicked and tried to log in to my account, which of course, I can no longer access. I thought that maybe I have mistyped my password but I didn't. I tried using the "Forgot Password" setting but it didn't work, it stated that there's no account associated with my email address.



I searched for any related threads that may help me regain my account but to my dismay, the only thing I found was by means of contacting the admin, which of course, will take some time. I was losing hope, then, and so I reread the e-mail sent to me and saw the link from which I can lock my account. I was on the verge of doing so, when I decided to check the "new" e-mail that was used to change my email address. It lead me to a yopmail account , which I found out is accessible to anyone. And since it is accessible to everyone, I decided to use it to recover my account.


How did I recover my account?

1. I logged into my account using the "forgot password" setting. Then, a recovery link was sent to the "yopmail account" which can be used to change the password of your account.
2. After changing the password of my account, I also changed my email address, and added a new security question for additional security.
3. Afterwards, I deleted all the forum's messages in the yopmail account so as to prevent the hacker from undoing my change password nor locking my account.

I also found similar threads regarding hacks and email address change using yopmail account. I even found one, which was hacked using the same IP address.

https://bitcointalk.org/index.php?topic=4678021.0   >> This one was hacked using the same IP address used in hacking my account.


https://bitcointalk.org/index.php?topic=4542446.0   >> In this thread, the account was also hacked by means of changing the email address with a temporary yopmail account.

Furthermore, I also used a google authenticator so as to help me in securing my email address.

1574120419
Hero Member
*
Offline Offline

Posts: 1574120419

View Profile Personal Message (Offline)

Ignore
1574120419
Reply with quote  #2

1574120419
Report to moderator
The Bitcoin Forum is turning 10 years old! Join the community in sharing and exploring the notable posts made over the years.
1574120419
Hero Member
*
Offline Offline

Posts: 1574120419

View Profile Personal Message (Offline)

Ignore
1574120419
Reply with quote  #2

1574120419
Report to moderator
mdayonliner
Sr. Member
****
Offline Offline

Activity: 490
Merit: 364


I always respected forum rules even private ones


View Profile WWW
July 15, 2018, 03:31:55 PM
 #2

1. I logged into my account using the "forgot password" setting. Then, a recovery link was sent to the "yopmail account" which can be used to change the password of your account.
2. After changing the password of my account, I also changed my email address, and added a new security question for additional security.
3. Afterwards, I deleted all the forum's messages in the yopmail account so as to prevent the hacker from undoing my change password nor locking my account.
Just quoting for reference. This could be a masterpiece for those who lost their accounts and the hacker used yopmail account.

I could not stand the lies against me anymore. I can not prove them wrong too. It's better I live in peace.
So, I am willingly locking mdayonliner. Thank you BitcoinTalk. Be addictive, be a Bitcoiner.
krishnaverma
Member
**
Offline Offline

Activity: 462
Merit: 58

★Bitvest.io★ Play Plinko or Invest!


View Profile
July 15, 2018, 03:47:05 PM
 #3

This is quite unusual. I am leaving a comment here and will check for bug related to this information. Will update this thread and inform the admin if I find anything useful. Op, are you sure that there is no fault of yours in this hack like clicking any link in your mail box or so ?

Also, it is strongly recommended that you remove the security question completely from your account. Can anyone with similar hack conform if he was also using a security question in the account ?

▬▬▬▬▬▬▬▬▬▬▬▬▬▬▬▬▬▬▬▬▬▬▬▬▬▬▬▬▬ ★ ★ ★ ★ ★ ▬▬▬▬▬▬▬▬▬▬▬▬▬▬▬▬▬▬▬▬▬▬▬▬▬▬▬▬▬
PLINKO    |7| SLOTS     (+) ROULETTE    ▼ BIT SPINBITVESTPLAY or INVEST ║ ✔ Rainbot  ✔ Happy Hours  ✔ Faucet
▬▬▬▬▬▬▬▬▬▬▬▬▬▬▬▬▬▬▬▬▬▬▬▬▬▬▬▬▬ ★ ★ ★ ★ ★ ▬▬▬▬▬▬▬▬▬▬▬▬▬▬▬▬▬▬▬▬▬▬▬▬▬▬▬▬▬
Swenna
Full Member
***
Offline Offline

Activity: 364
Merit: 106



View Profile WWW
July 15, 2018, 03:52:04 PM
 #4

Op, are you sure that there is no fault of yours in this hack like clicking any link in your mail box or so ?

Also, it is strongly recommended that you remove the security question completely from your account. Can anyone with similar hack conform if he was also using a security question in the account ?

Yes, I am sure that I did not click any link related or associated with the forum as I have been away for almost a week. With regards to the security question, as far as I can remember, I did put a security question before as I have a friend whose account was also hacked (but is not using yopmail).

peter0425
Sr. Member
****
Offline Offline

Activity: 1008
Merit: 294


★777Coin.com★ Fun BTC Casino!


View Profile
July 15, 2018, 04:02:37 PM
 #5

After being away for a few days in the forum, it was a surprise to receive an e-mail from the forum. However, this e-mail, which I received today, and which I just read an hour ago was very serious and alarming. It had stated in the e-mail that my account's e-mail and my password was accessed and was changed by someone from a certain IP address. I panicked and tried to log in to my account, which of course, I can no longer access. I thought that maybe I have mistyped my password but I didn't. I tried using the "Forgot Password" setting but it didn't work, it stated that there's no account associated with my email address.



I searched for any related threads that may help me regain my account but to my dismay, the only thing I found was by means of contacting the admin, which of course, will take some time. I was losing hope, then, and so I reread the e-mail sent to me and saw the link from which I can lock my account. I was on the verge of doing so, when I decided to check the "new" e-mail that was used to change my email address. It lead me to a yopmail account , which I found out is accessible to anyone. And since it is accessible to everyone, I decided to use it to recover my account.


How did I recover my account?

1. I logged into my account using the "forgot password" setting. Then, a recovery link was sent to the "yopmail account" which can be used to change the password of your account.
2. After changing the password of my account, I also changed my email address, and added a new security question for additional security.
3. Afterwards, I deleted all the forum's messages in the yopmail account so as to prevent the hacker from undoing my change password nor locking my account.

I also found similar threads regarding hacks and email address change using yopmail account. I even found one, which was hacked using the same IP address.

https://bitcointalk.org/index.php?topic=4678021.0   >> This one was hacked using the same IP address used in hacking my account.


https://bitcointalk.org/index.php?topic=4542446.0   >> In this thread, the account was also hacked by means of changing the email address with a temporary yopmail account.

Furthermore, I also used a google authenticator so as to help me in securing my email address.

Hi Swenna,

YES. This is the exact method I used to recover my account. About 4 weeks ago, it was hacked, and fortunately, I didn't clicked the link to blocked my account so the hacker/s login everyday. So I review the email I received and I found out that he/she uses yopmail as the new email so I created the same email yopmail address and change everything very quick. Good for us the hackers didn't change the email to someone secure. Sadly though the hacker/s spend all my remaining merits but its all good at least we were able to recover our accounts.

Thirdspace
Hero Member
*****
Offline Offline

Activity: 1162
Merit: 719


Mixing reinvented for your privacy | chipmixer.com


View Profile
July 15, 2018, 11:17:38 PM
 #6

2. After changing the password of my account, I also changed my email address, and added a new security question for additional security.
I suggest NOT using/adding security question on your btcointalk account
If I'm not mistaken, if you used it to recover your account you will end up with locked account instead
please cmiiw, I vaguely remember this fact Undecided

Just quoting for reference. This could be a masterpiece for those who lost their accounts and the hacker used yopmail account.
It's a good thing OP reacts swiftly recovering his account instead of locking it
another user vyg_new chose to lock his account and now he has to wait for admin to unlock and recover it for him

mdayonliner
Sr. Member
****
Offline Offline

Activity: 490
Merit: 364


I always respected forum rules even private ones


View Profile WWW
July 15, 2018, 11:22:15 PM
 #7

another user vyg_new chose to lock his account and now he has to wait for admin to unlock and recover it for him
I know but we did not have this idea in mind until OP posted it here today. I wish we would know this before. Lots of members could save both of their time and account. I feel guilty that I suggested vyg_new and some others to do the same (lock the account for security). I hope they understand it.

I could not stand the lies against me anymore. I can not prove them wrong too. It's better I live in peace.
So, I am willingly locking mdayonliner. Thank you BitcoinTalk. Be addictive, be a Bitcoiner.
coinlocket$
Hero Member
*****
Online Online

Activity: 728
Merit: 1121


One of the world's leading Bitcoin-powered casinos


View Profile WWW
July 15, 2018, 11:25:14 PM
 #8

Nice recover OP.
Noob question time. IF we use a virgin new email do we reduce the chance to be hacked?

mdayonliner
Sr. Member
****
Offline Offline

Activity: 490
Merit: 364


I always respected forum rules even private ones


View Profile WWW
July 15, 2018, 11:29:01 PM
 #9

Nice recover OP.
Noob question time. IF we use a virgin new email do we reduce the chance to be hacked?
Does not matter.
Always user very strong password for both email and BitcoinTalk account. This site helps me a lot: https://passwordsgenerator.net

For your email account - if it supports 2FA then you must use the 2FA. It's better not to talk about BitcoinTalk security info (2FA or any other method, they all got buried under topic creation/suggestion/conversation only, no practical steps yet unfortunately)

I could not stand the lies against me anymore. I can not prove them wrong too. It's better I live in peace.
So, I am willingly locking mdayonliner. Thank you BitcoinTalk. Be addictive, be a Bitcoiner.
coinlocket$
Hero Member
*****
Online Online

Activity: 728
Merit: 1121


One of the world's leading Bitcoin-powered casinos


View Profile WWW
July 15, 2018, 11:31:19 PM
 #10

~
Always user very strong password for both email and BitcoinTalk account. This site helps me a lot: https://passwordsgenerator.net

For your email account - if it supports 2FA then you must use the 2FA.


Yeah but if noone knows my mail, how can they change it to a new one?

mdayonliner
Sr. Member
****
Offline Offline

Activity: 490
Merit: 364


I always respected forum rules even private ones


View Profile WWW
July 15, 2018, 11:33:23 PM
 #11

Yeah but if noone knows my mail, how can they change it to a new one?
Everyone knows my email: mdayonliner@gmail.com
Can you crack it? (LOL)
The worse someone can do is to flood my inbox with spam and that's all!
Like I said, it does not matter whether it's known or unknown email.

I could not stand the lies against me anymore. I can not prove them wrong too. It's better I live in peace.
So, I am willingly locking mdayonliner. Thank you BitcoinTalk. Be addictive, be a Bitcoiner.
Thirdspace
Hero Member
*****
Offline Offline

Activity: 1162
Merit: 719


Mixing reinvented for your privacy | chipmixer.com


View Profile
July 15, 2018, 11:58:09 PM
 #12

Yeah but if noone knows my mail, how can they change it to a new one?
they just need to gain access (bruteforce, phishing, etc) to your forum account and change it
I think there is no email confirmation sent to your old email address to confirm email change Undecided
so, a strong forum password is a must in this case
and of course a strong password on your email address too,
in case they know your email address and decide to hack it first to be able to gain access to your forum account (by using forgot password feature)

jenia2
Jr. Member
*
Offline Offline

Activity: 70
Merit: 1


View Profile
July 16, 2018, 12:53:42 AM
 #13

lucky you. i got panic after seeing my account got hacked, using the same yopmail email. and locked it right away. quite sure the useless mods will take forever to recover it
nakedbitcoins
Sr. Member
****
Offline Offline

Activity: 300
Merit: 250


Nakedbitcoins.com !


View Profile WWW
July 16, 2018, 01:02:12 AM
 #14

Yes, I should have just changed my email address ( obviously, its another account ) but this just happened me to but I did the "lock out".

How long does it typically take ? I contacted  theymos about it.

peter0425
Sr. Member
****
Offline Offline

Activity: 1008
Merit: 294


★777Coin.com★ Fun BTC Casino!


View Profile
July 16, 2018, 04:38:55 AM
Last edit: August 17, 2018, 11:39:19 PM by peter0425
 #15

Yes, I should have just changed my email address ( obviously, its another account ) but this just happened me to but I did the "lock out".

How long does it typically take ? I contacted  theymos about it.
If you lock out your account, this method won't work. My account was in the possession of the hackers for the last 3 weeks, fortunately he didn't change the yopmail that's why I was lucky.

As for how long? Nobody knows, but looking at some old post, might take 6 months to a year.

Initially, I didn't want to share this steps because I don't want the hackers to know it and hope that others can "discover" the method how to outsmart the hacker. Hahahaha. However, since Swenna has spill the beans (for sure the intention is good), maybe it can help others recover back their account (don't immediately lock it).

Swenna
Full Member
***
Offline Offline

Activity: 364
Merit: 106



View Profile WWW
July 16, 2018, 12:59:06 PM
 #16

Initially, I didn't want to share this steps because I don't want the hackers to know it and hope that others can "discover" the method how to outsmart the hacker. Hahahaha.

I was actully quite hesitant about posting this, too. However, when I saw that there were other accounts that were hacked uaing the same procedures (and one with the same IP address used in mine) I decided to post it so I can help others and to spread awareness, too. One can never be too careful. It's a lesson well learned.

Pages: [1]
  Print  
 
Jump to:  

Sponsored by , a Bitcoin-accepting VPN.
Powered by MySQL Powered by PHP Powered by SMF 1.1.19 | SMF © 2006-2009, Simple Machines Valid XHTML 1.0! Valid CSS!