kenzawak hacked (again)

[DarkStar_]

kenzawak asked me for a loan request:

Request For a No Collateral Loan

In the request, they signed the address 1G314GjY1UPDUyNDFydRgJrE4rE4GwcA3C which has zero hits on Google and no transactions. This was an immediate red flags; was kenzawak hacked again? They've claimed that they're only here to talk, and not to trade. They had a password reset a few hours earlier looking at seclog:

Today at 02:43:45 PM - kenzawak - password reset via email

I left a negative trust feedback as a result just in case. "kenzawak" saw the trust feedback and sent me this PM:


He links me to this thread with an address he posted in 2017 and says that he could sign from that address. However, from the last time he was hacked, we learned that the only address he could sign was an Ethereum address.
The post was conveniently edited this morning:


So, yup, kenzawak has been hacked for the second time in a month and a half. At least the hacker was rickrolled?

Update:
The hacker had really good planning for deception. They edited the Telegram handle posted by kenzawak and offered to talk on Telegram via kenzawak's "actual" handle (quote shows it was @moutezz originally) to show that he wasn't hacked.


pls merit my post thanks

[1715175855]

1715175855

[1715175855]

1715175855

[Avirunes]

Tagged....

We can add a flag right? The first one?

[TryNinja]

Tagged....

We can add a flag right? The first one?

Maybe...

Negative trusts can be removed completely, while flags can be withdrawn and opposed, but they will stay in existence. So I’m not sure about that.

[hacker1001101001]

Here you go!

It's really hacked.

Account "kenzawak" compromised again

He has signed a message from the address @DarkStar_ pointed he uses to sign a message here.

[JayJuanGee]

Here you go!

It's really hacked.

Account "kenzawak" compromised again

He has signed a message from the address @DarkStar_ pointed he uses to sign a message here.

Won't admins lock the account fairly quickly if they either see evidence of questionable activity or maybe if the account has been reported as hacked?

That is what happened to me on one of an occasion in late 2016 when Cyrus had noticed that my account had been compromised ...

[hacker1001101001]

Won't admins lock the account fairly quickly if they either see evidence of questionable activity or maybe if the account has been reported as hacked?

I think they do this, but only admin and Cryptios team have the power to lock an account IMO. So, I think kenzawak could send a PM to them requesting so.

That is what happened to me on one of an occasion in late 2016 when Cyrus had noticed that my account had been compromised ...

User should be a famous member like you, I guess to get this special treatment. Good to know you got it back then as they were like dark days for account recovery if you see, it works more faster now.

[JayJuanGee]

Won't admins lock the account fairly quickly if they either see evidence of questionable activity or maybe if the account has been reported as hacked?

I think they do this, but only admin and Cryptios team have the power to lock an account IMO. So, I think kenzawak could send a PM to them requesting so.

That is what happened to me on one of an occasion in late 2016 when Cyrus had noticed that my account had been compromised ...

User should be a famous member like you, I guess to get this special treatment. Good to know you got it back then as they were like dark days for account recovery if you see, it works more faster now.

I put that Cryptios thread on watch.. .I had remembered that some kind of team had been created by the forum or a contract or whatever, so hopefully kenzawak is able to report to that team.  

I know that during hacking times, there can be a bit of upheaval regarding what to do first, especially since it appears that some of kenzawak's BTC (or crypto) accounts have been hacked too, and probably the finances would take some priority if there is any way to prevent the loss of funds.

Regarding my ability to get my account back when I was hacked in late 2016, it actually went pretty quick (like less than a week) because of the way that my account had been identified or brought to Cyrus's attention.

And, regarding my level of fame, I thought that I was not very famous  back in 2016, including that Cyrus had not interacted with me regarding other matters.

By the way, I had messed up about a couple months after my hack , so later in 2016, I had accidentally locked myself out of my account in the way that I had attempted to reset my password.  So, on that occasion (second loss of my account), it took about a month to get access to my account back, purely due to my own short-sighted mistake...  which reset of my account was communicated to me by theymos directly.....  so fame, which still was not even too high for me then, still caused me to have to wait for that period of time, while it seemed that I was begging on a fairly regular basis to get my account back for the whole duration of my waiting...

By the way, I think that my level of fame, to the extent that it arguably exists, went up when theymos appointed me as a merit source in early 2018, so blame theymos for the monster that he had a hand in creating (or at least exacerbated a pre-existing condition (monster status) that was within me).    

[AB de Royse777]

~snip~

pls merit my post thanks

Never knew that crypto nerds use Facebook :-P

By the way, it was a good catch. The scammer will now regret to ask loan from the wrong guy LOL. If that was someone new in the lending business, may be they would not notice it much and would lose the money.

Here is a question though:

Say hypothetically - DarkStar_ failed to spot it that this account was hacked. He lent the money and they found out that kenzawak hacked. kenzawak later recover his account.

What happen with the money that was lent?

[hacker1001101001]

Here is a question though:

Say hypothetically - DarkStar_ failed to spot it that this account was hacked. He lent the money and they found out that kenzawak hacked. kenzawak later recover his account.

What happen with the money that was lent?

I think the original owner of the account would be the one accountable for this loss lender had and he would have to payback. It's bad to hear but that's how it should work.

[yogg]

Sad to see kenzawak hacked again.

Here is a question though:

Say hypothetically - DarkStar_ failed to spot it that this account was hacked. He lent the money and they found out that kenzawak hacked. kenzawak later recover his account.

What happen with the money that was lent?

I think the original owner of the account would be the one accountable for this loss lender had and he would have to payback. It's bad to hear but that's how it should work.

I don't know what would have happened, but my guess is that there would be a record of the event.
This would make future possible lenders more cautious about lending again to kenzawak without collateral.

[suchmoon]

I excluded kenzawak after the first hack and I would suggest everyone do that. We need better opsec in DT.

[AB de Royse777]

~snip~
This would make future possible lenders more cautious about lending again to kenzawak without collateral.

If he has a staked address that proves him the original owner then I think he may get a no collateral loan however I do not deny the fact that still the lender will have hesitation in their min

By the way, I am still curious to hear the view of more members about the question I asked in my last post.

~snip~
I think the original owner of the account would be the one accountable for this loss lender had and he would have to payback. It's bad to hear but that's how it should work.

Well it's very legit that they can refuse it to pay (repay) saying that it's lenders fault because they did not do their due diligence properly.

[DarkStar_]

Say hypothetically - DarkStar_ failed to spot it that this account was hacked. He lent the money and they found out that kenzawak hacked. kenzawak later recover his account.

What happen with the money that was lent?

Partially my fault, partially kenzawak's fault (after all, they got hacked twice in a short period of time). I'd probably ask for half from him, he'd state that he's not here to trade and deny all responsibility despite being on DT1 with positive trust feedback. We'd carry on with life afterwards.

I excluded kenzawak after the first hack and I would suggest everyone do that. We need better opsec in DT.

Agreed.

Would it be wrong to leave a negative trust feedback afterwards, now that negative trust doesn't mean that someone is a scammer? The text says:

You think that trading with this person is high-risk.

I don't think it's unreasonable to believe that trading with kenzawak is high risk given that they were hacked twice in a short period of time and refused to take any responsibility the first time (and clearly didn't seem to improve their opsec either)

[hacker1001101001]

Well it's very legit that they can refuse it to pay (repay) saying that it's lenders fault because they did not do their due diligence properly.

This doesn't look like a good way to go around, as an account is itself an identity here, and all this comes down to the account owners fault in not able to protect his account.

Would it be wrong to leave a negative trust feedback afterwards, now that negative trust doesn't mean that someone is a scammer? The text says:

You think that trading with this person is high-risk.

I don't think it's unreasonable to believe that trading with kenzawak is high risk given that they were hacked twice in a short period of time and refused to take any responsibility the first time (and clearly didn't seem to improve their opsec either)

I don't think one should exclude him because of this incident or give him a negative trust, because as my personal text suggests, its already not that safe online and anybody could get a victim of such attacks unknowingly, it doesn't make one a high risk to trade with really IMO.

[AB de Royse777]

Would it be wrong to leave a negative trust feedback afterwards, now that negative trust doesn't mean that someone is a scammer?

Well although leaving a red trust does not effect like it used to be but if kenzawak get the account back and can prove that he indeed got it back then I do not think it will be appropriate to leave a negative trust since it's with him the original owner.

May be a neutral can serve as a reminder that the account was hacked twice but now it's with the original owner.

Partially my fault, partially kenzawak's fault (after all, they got hacked twice in a short period of time). I'd probably ask for half from him, he'd state that he's not here to trade and deny all responsibility despite being on DT1 with positive trust feedback. We'd carry on with life afterwards.

Still it's very unfair for both the lender and the original account owner who did not actually request the loan. What if the original owner does not have the money because the given some was very large amount.

The only way I think is very safe for both party is the requester signs a message with their BTC address every time they request a loan.

[suchmoon]

Would it be wrong to leave a negative trust

I don't think it's wrong.

anybody could get a victim of such attacks unknowingly, it doesn't make one a high risk to trade with really IMO.

Once - maybe, but getting hacked (or "hacked") twice in a short period of time - yes, that makes it high-risk.

[DarkStar_]

Well although leaving a red trust does not effect like it used to be but if kenzawak get the account back and can prove that he indeed got it back then I do not think it will be appropriate to leave a negative trust since it's with him the original owner.

May be a neutral can serve as a reminder that the account was hacked twice but now it's with the original owner.

I think the primary high risk part is that they aren't here to trade and thus choose to accept no responsibility for any trades that happen with their account. Trading with them is very high risk as a result. Getting hacked twice doesn't help either.

[DireWolfM14]

Would it be wrong to leave a negative trust feedback afterwards, now that negative trust doesn't mean that someone is a scammer?

I think it would be wrong not to.  Kenzawak has shown (and said) the security of his account is not crucial. He pretty much admitted as much:

I contacted kraken via chat, they locked the account but I guess there's nothing left on it.
As for binance, I don't see any chat option, I sent them an email.
These accounts are my main worries, not the one here.
Actually, I don't know if it can be locked but if that's possible, it would be safer.

That post has since been deleted, but it was quoted by hacker1001101001 here.

anybody could get a victim of such attacks unknowingly, it doesn't make one a high risk to trade with really IMO.

Once - maybe, but getting hacked (or "hacked") twice in a short period of time - yes, that makes it high-risk.

I think it's fair to give the real Kenzawak the benefit of trust.  It's an extraordinary claim that he was hacked (or "hacked") twice.  It's certainly possible that he was never hacked at all, and is using this as a ploy or an excuse to perpetrate a couple of scams.  I don't know Kenzawak personally, but I think some community members do, and given their support I would tend to doubt that he's stooped so low.

None the less, I feel a red-tag is warranted in this case.  If the real Kenzawak has no intention of trading on this forum a red-tag shouldn't bother him.  Until he takes the security of his account seriously my review will stay.

[LFC_Bitcoin]

I’m not going to support any kind of flag against kenzawak. I regrettably left his account red trust & removed him from my trust list as I feel I owe that to the community after the two hacking incidents.
I actually like him a lot so it’s pretty shitty what’s happened.

If he can regain ownership of his account & keep it secure for a significant period of time I’ll remove the neg.

[nutildah]

It's an extraordinary claim that he was hacked (or "hacked") twice.  It's certainly possible that he was never hacked at all, and is using this as a ploy or an excuse to perpetrate a couple of scams.  I don't know Kenzawak personally, but I think some community members do, and given their support I would tend to doubt that he's stooped so low.

After having interacted with him and judging by his posts on the WO thread, I don't think he's that kind of guy... More likely reports of his first hacking in this thread were used against him to help hack his exchange accounts (and this one a second time). I feel bad for him, but will also be removing him from my trust list, at least for a few months.

[o_e_l_e_o]

I would agree that I don't think this is anything malicious on kenzawak's part, and I don't think he is actively trying to scam anyone. Approaching a DT1 member who runs a tight ship when it comes to their loan service with a fake signed message seems like an extraordinarily stupid thing to do for the real owner of the account.

Either way you look at it, however, it raises concerns. Either he was planning something malicious, or his security practices are so terrible he was hacked twice in a matter of weeks. Given that, I have also excluded him from my trust network.

[BitcoinGirl.Club]

Sad to see kenzawak got hacked. It's very unfortunate. I hope he gets the account back soon.

I removed him from my trust list and left a tag for him however I will reverse both once he get his account back.

Good luck kenzawak.

[suchmoon]

It's an extraordinary claim that he was hacked (or "hacked") twice.

Just to clarify... I'm not trying to accuse kenzawak with that flippant remark but you gotta admit that every new hack raises the possibility of this being quote-hack-unquote exponentially, given how easy it is to get away with it and how you would expect any typical paranoid bitcoiner to react to a real hack (factor reset the phone, reformat hard drive, etc).

seems like an extraordinarily stupid thing to do for the real owner of the account.

Only mildly stupid if you have plausible deniability.

Anyway, I would agree that the likelihood of this being a ruse is low albeit non zero, but regardless of that - think about this when you're considering negs/flags/exclusions: what would you do if kenzawak contacts you with a trade deal? And then imagine someone who hasn't seen this thread in that position.

[TheRealAwesome31312]

Don't mean to derail this thread, but how come he gets to have someone flag his hacked account, yet when my account was hacked nobody gave a shit. The worst part is that the guy who hacked my account is still using it (awesome31312) and it's so obvious he hacked it because the hacker speaks a different language. Also, the "hack" was really a vulnerability on Bitcointalk which allowed him to change the email of my account and use it like he owned it, all while not sending me an email notification. What a shitty forum.

[suchmoon]

Don't mean to derail this thread, but how come he gets to have someone flag his hacked account, yet when my account was hacked nobody gave a shit. The worst part is that the guy who hacked my account is still using it (awesome31312) and it's so obvious he hacked it because the hacker speaks a different language. Also, the "hack" was really a vulnerability on Bitcointalk which allowed him to change the email of my account and use it like he owned it, all while not sending me an email notification. What a shitty forum.

Kenzawak's account is being red-tagged because it attempted a scam, plus the real owner signed a message. As far as I can see you couldn't prove ownership of your hacked account but I might be wrong. Did you try the recovery procedure: https://bitcointalk.org/index.php?topic=5089777.0

[DarkStar_]

Don't mean to derail this thread, but how come he gets to have someone flag his hacked account, yet when my account was hacked nobody gave a shit. The worst part is that the guy who hacked my account is still using it (awesome31312) and it's so obvious he hacked it because the hacker speaks a different language. Also, the "hack" was really a vulnerability on Bitcointalk which allowed him to change the email of my account and use it like he owned it, all while not sending me an email notification. What a shitty forum.

Hey, just because I wasn't DT at the time doesn't mean I don't get any credit 

[TheRealAwesome31312]

Don't mean to derail this thread, but how come he gets to have someone flag his hacked account, yet when my account was hacked nobody gave a shit. The worst part is that the guy who hacked my account is still using it (awesome31312) and it's so obvious he hacked it because the hacker speaks a different language. Also, the "hack" was really a vulnerability on Bitcointalk which allowed him to change the email of my account and use it like he owned it, all while not sending me an email notification. What a shitty forum.

Hey, just because I wasn't DT at the time doesn't mean I don't get any credit 

Hey, you're right. You did help me out when nobody else gave a shit. I really appreciate it.

Kenzawak's account is being red-tagged because it attempted a scam, plus the real owner signed a message. As far as I can see you couldn't prove ownership of your hacked account but I might be wrong. Did you try the recovery procedure: https://bitcointalk.org/index.php?topic=5089777.0

Good point. Nobody attempted to scam with my account, because it's just not that special to the community (I barely traded back then and even now)

[hacker1001101001]

Don't mean to derail this thread, but how come he gets to have someone flag his hacked account, yet when my account was hacked nobody gave a shit. The worst part is that the guy who hacked my account is still using it (awesome31312) and it's so obvious he hacked it because the hacker speaks a different language. Also, the "hack" was really a vulnerability on Bitcointalk which allowed him to change the email of my account and use it like he owned it, all while not sending me an email notification. What a shitty forum.

Your case was totally different than kenzawak's, you were not able to sign a message from any of the previously used address on your account as I see here.

BTW, You already seem to have too many accounts operating.

https://bitcointalk.org/index.php?topic=3009408.0

Why do you bother about one ? 

[JayJuanGee]

Don't mean to derail this thread, but how come he gets to have someone flag his hacked account, yet when my account was hacked nobody gave a shit. The worst part is that the guy who hacked my account is still using it (awesome31312) and it's so obvious he hacked it because the hacker speaks a different language. Also, the "hack" was really a vulnerability on Bitcointalk which allowed him to change the email of my account and use it like he owned it, all while not sending me an email notification. What a shitty forum.

Hey, just because I wasn't DT at the time doesn't mean I don't get any credit  

Hey, you're right. You did help me out when nobody else gave a shit. I really appreciate it.

Kenzawak's account is being red-tagged because it attempted a scam, plus the real owner signed a message. As far as I can see you couldn't prove ownership of your hacked account but I might be wrong. Did you try the recovery procedure: https://bitcointalk.org/index.php?topic=5089777.

Good point. Nobody attempted to scam with my account, because it's just not that special to the community (I barely traded back then and even now)

You are going to know the facts of your situation better than the vast majority of the rest of us, except maybe admins who might be able to both trace activity on your old account and the ones attempting to claim ownership.  The more passage of time, the harder it might be to make the claim - but surely, I see the September 2017 change of language on the account, but it does not even matter what I say or think because admins  would have to make a determination that ownership of the account should be reverted back to you and if they have a sufficient amount and evidence with such a resolution.

Otherwise, I doubt that your broad statement suggesting that the forum is inept, corrupt, biased against some users like you, unwilling to help, etc  comes off as a bit of an overstatement that is not shown by whatever evidence that you have presented or  even our ability to figure out what attempts you have already made to get that account back...

By the way, you could at least  provide a reference to a thread or posts that you may have made to attempt to get your account back, if you believe that you have solid evidence in that direction that would also support your other accusations about the forum or some of the members here.

Edit:  I see that hacker1001101001 has also described (in his above post) some other possibly relevant issues with you and your accounts that you might have chosen not to mention earlier, too.

[TheRealAwesome31312]

Don't mean to derail this thread, but how come he gets to have someone flag his hacked account, yet when my account was hacked nobody gave a shit. The worst part is that the guy who hacked my account is still using it (awesome31312) and it's so obvious he hacked it because the hacker speaks a different language. Also, the "hack" was really a vulnerability on Bitcointalk which allowed him to change the email of my account and use it like he owned it, all while not sending me an email notification. What a shitty forum.

Your case was totally different than kenzawak's, you were not able to sign a message from any of the previously used address on your account as I see here.

BTW, You already seem to have too many accounts operating.

https://bitcointalk.org/index.php?topic=3009408.0

Why do you bother about one ?  

I had no idea how staking worked when I posted those addresses. They were all linked to my blockchain wallet, and I found out that because they were "read only", I could not stake a message with them. However, the address that starts with "12v..." was my armory wallet, and those funds I have been locked out for quite some time now, because Armory is a real bitch.

This is the only account that I use. That "accounts connected" thread was opened AFTER I had already lost my account. (My guess is that some website sold off all the hacked inactive accounts). The only proof I have is that I still use my awesome31312 gmail account. Literally any other forum would let you use your email to recover an account but it's w/e. I'm over it.

Also, I'm really sorry I brought this up again. I didn't follow the right protocol to account recovery, I admit. It was wrong of me to even post about it here.

[hacker1001101001]

I had no idea how staking worked when I posted those addresses. They were all linked to my blockchain wallet, and I found out that because they were "read only", I could not stake a message with them. However, the address that starts with "12v..." was my armory wallet, and those funds I have been locked out for quite some time now, because Armory is a real bitch.

Didn't thought I would have to re-quote this in future but this can help you in signing a message from your blockchain address.

I know that and have a more better and easy method than this to get private keys from blockchain.com. You just need to set a PassPhrase to your wallet on the blockchain.com. Put you're pass phrase on BIP 39 Mnemonic Code and you will easily get private keys to all the BTC address linked with your blockchain.com wallet and later you can sign a message with the Private Keys for sure. Hope this helps you.

This is the only account that I use. That "accounts connected" thread was opened AFTER I had already lost my account. (My guess is that some website sold off all the hacked inactive accounts). The only proof I have is that I still use my awesome31312 gmail account. Literally any other forum would let you use your email to recover an account but it's w/e. I'm over it.

Also, I'm really sorry I brought this up again. I didn't follow the right protocol to account recovery, I admit. It was wrong of me to even post about it here.

Fair enough, I see the hacker has used your account in shady way.

Discussing more about it would be off-topic here, so I am out. You could PM me if you need help about signing a message rather.

[suchmoon]

This is the only account that I use. That "accounts connected" thread was opened AFTER I had already lost my account. (My guess is that some website sold off all the hacked inactive accounts). The only proof I have is that I still use my awesome31312 gmail account. Literally any other forum would let you use your email to recover an account but it's w/e. I'm over it.

Things have changed since then. You might be able to use your e-mail to get the account back. Try the new account recovery system I pointed our earlier: https://bitcointalk.org/index.php?topic=5089777.0

[asche]

It's crazy that this happened to kenzawak, twice.

Also it's not just some random hacker, since I guess not every other hacker would specifically look into a bitcointalk account.
I guess this has to be targeted somehow. A normal hacker would just stick to the bank/exchange accounts and not go through the trouble of asking for loans on a forum.

You should be careful kk, someone might be aiming at you.

Same goes for everyone else on this forum tbh.

[coinlocket$]

Also it's not just some random hacker, since I guess not every other hacker would specifically look into a bitcointalk account.
I guess this has to be targeted somehow. A normal hacker would just stick to the bank/exchange accounts and not go through the trouble of asking for loans on a forum.

I had read somewhere that not only the bitcointalk account has been hacked but several other accounts on other websites have been hacked.

This can mean only 2 things IMHO

1 - He uses the same password on every website and he got a phishing hack

2 - He has a Keylogger/trojan on his pc

I think he got an attack by a fake site or he installed something here from the forum. (Like a random wallet or script)

[asche]

Also it's not just some random hacker, since I guess not every other hacker would specifically look into a bitcointalk account.
I guess this has to be targeted somehow. A normal hacker would just stick to the bank/exchange accounts and not go through the trouble of asking for loans on a forum.

 
I had read somewhere that not only the bitcointalk account has been hacked but several other accounts on other websites has been hacked.

This can mean only 2 things IMHO

1 - He uses the same password on every website and he got a phishing hack

2 - He has a Keylogger/trojan on his pc


I think he got an attack by a fake site or he installed something here from the forum. (Like a random wallet or script)

It only means that since his email got banned he might be using the same email account. Which you can use to regain access to most accounts.

[coinlocket$]

It only means that since his email got banned he might be using the same email account. Which you can use to regain access to most accounts.

This is also true, I took for granted the fact of using a different e-mail for different services, especially a different e-mail for the forum in case the e-mail will be compromised.

Simple basic security measure but probably they don't use it.

[asche]

Looking at what happened I believe he wasn't using most "obvious" security measures.

[TheRealAwesome31312]

This is the only account that I use. That "accounts connected" thread was opened AFTER I had already lost my account. (My guess is that some website sold off all the hacked inactive accounts). The only proof I have is that I still use my awesome31312 gmail account. Literally any other forum would let you use your email to recover an account but it's w/e. I'm over it.

Things have changed since then. You might be able to use your e-mail to get the account back. Try the new account recovery system I pointed our earlier: https://bitcointalk.org/index.php?topic=5089777.0

Wow, thank you so much for showing me this!!

Didn't thought I would have to re-quote this in future but this can help you in signing a message from your blockchain address.

Thank you too!