Bitcointalk Not-Hacking Attempt from Turkey

[dkbit98]

Today I checked my email as I normally do every day and I found 3 new emails directing me to reset my Bitcointalk password.
This has all been done from a single IP address: 46.221.6.183 located in Turkey.

My question is:
Can anyone activate password reset for any account with simple log-in attempt and is this a good reason to blacklist this IP address and ban it from forum as evil?





Newbie Tip:
Never click any email links and don't trust any email you receive.

PS
46.221.6.183 You are an idiot!



How Scammer tried to Hack my Bitcointalk and how to Protect yourself?
https://bitcointalk.org/index.php?topic=5173531

[Blacknavy]

Don't click and activate two-factor authentication for your e-mail.

[dkbit98]

Don't click and activate two-factor authentication for your e-mail.

Yeah, as I said my first post:

Never click any email links and don't trust any email you receive.

I would like to invite people to examine my received and sent trust feedback and you will find the answer who tried this stupid hack.

[Jet Cash]

>..<

Looks as if you are doing a good job here - keep up the good work.

btw, I added you to my trust list.

[dkbit98]

Your email address was leaked, you might want to use different email address.

As for your question, i'd have to disagree since CloudFlare do the job better than manual IP ban.

I would also disagree with you as it is enough to just enter 'username' and ask for password reset.
And this should be changed/removed to improve forum security.

[forumalacali]

be careful man somebody is seriously loaded

vodafone is mobile phone operatör  obviously a direct attack from turkey maybe mobile phone

change passwords,
no clicks,
get exchange and forum mails separate

[CucakRowo]

I think we are on the right path. Someone (cr**ook) who has multiple accounts on this forum is very worried about our investigation senor. He tried to stop us by trying to hack your account. This blatant activities will not stop our efforts.

[forumalacali]

guys , there is a problem !!!!

These shared locations common areas,can be a zombie line. More than 10000 people per hour pass through the street in this place. Maybe more...

These are tourism areas, more than enough free wifi points available...

this is a zombie attack if the timing between two mail is 7 hours

[TryNinja]

There was no hack attempt. Don’t worry about these emails. As explained, all someone did was put your username in the « Recovery password » screen, sending you the email. There is 0 things he can do with that. Even if you click the link, you will be one changing the password, and not him. He is the one who needs the link (which is on your email).

If you do the same with « theymos », is his account at risk? No.

[AakZaki]

It looks like your account will be fine if the password change link is not given to the IP owner.

It's just that there are idiots trying to change your password and enter your username so you get the link in your email.

Unless the forget password feature doesn't use a username, but using email might be difficult for idiots trying to change someone else's password.

[hilariousetc]

Woah there, be careful when using the word 'Turkey' or 'Turkish' here as you might get accused of racism. Any use of that word that is included or associated with anything bad or negative will be taken by a lot of the Turks here as a smear against the entire country/peoples of Turkey regardless of facts. *braces for attack*.

Your email address was leaked, you might want to use different email address.

As for your question, i'd have to disagree since CloudFlare do the job better than manual IP ban.

I would also disagree with you as it is enough to just enter 'username' and ask for password reset.
And this should be changed/removed to improve forum security.

Yeah, all you need is the username, or I believe the secret question if you have that set up. I wouldn't worry about mere emails as there's nothing they can do unless they have access to that so make sure it's as secure as possible.

guys , there is a problem !!!!

These shared locations common areas,can be a zombie line. More than 10000 people per hour pass through the street in this place. Maybe more...

Well they'd be pretty stupid to use their own IP to try hack, but there's nothing you can do about people using public wifi without blocking them but that would be unfair to all the others who use that connection innocently.

[NeuroticFish]

I agree with @TryNinja. Unless your address mail account is unsafe, this cannot be really called hack attempt.

What I'd add it's that it may have been something else:
1. Somebody wants to somehow warn/scare you.
2. Somebody wants even more drama related to Turkish users of this forum.

But maybe I am thinking (way) too far...


PS. According to @hilariousetc, I may not thinking too far after all.  


Edit: correction for clearness (address -> mail account)

[dkbit98]

Well they'd be pretty stupid to use their own IP to try hack

Yes, I think think he is very stupid, as I exposed him for cheating and I am 100% sure he is from Turkey.
This is ongoing investigation, and I will do my best to expose him further.

Evil IPs are used all the time in Bitcointalk - so it is not a new concept, and this is evil IP.
He needs to pay if he wants to use this IP again

I agree with @TryNinja. Unless your address is unsafe, this cannot be really called hack attempt.

What address are you talking about?

When someone tries to reset your password 3 times from same IP address I call that a (stupid) hack attempt.

[forumalacali]

Well they'd be pretty stupid to use their own IP to try hack, but there's nothing you can do about people using public wifi without blocking them but that would be unfair to all the others who use that connection innocently.

These are tourism areas, more than enough free wifi points available...

Of course, nobody can prevent this. It is a good service to offer free service to the guests coming to the country. Everyone including me has already explained to the friend.

No need to worry as long as he maintains his email address...

[NeuroticFish]

What address are you talking about?

When someone tries to reset your password 3 times from same IP address I call that a (stupid) hack attempt.

I corrected with better wording. I was referring to your mail address/mail account. Without access to that one the so-called hacker can't do anything.
That's why I think that he may have been actually trying to trigger this kind of reaction, hence the rest of that post of mine.

[dkbit98]

It should be mentioned that this is not the first time something like this happened.
Here is one example of fake bitcointalk login page with turkish .tr origin address:

How Scammer tried to Hack my Bitcointalk and how to Protect yourself?
https://bitcointalk.org/index.php?topic=5173531

[Lucius]

There was no hack attempt. Don’t worry about these emails. As explained, all someone did was put your username in the « Recovery password » screen, sending you the email. There is 0 things he can do with that.

When someone tries to reset your password 3 times from same IP address I call that a (stupid) hack attempt.

Read the answer from TryNinja, someone just teases you and wants to scare you, there is no real danger in the sense that someone can hack your account. To do this, he/she would first have to hack your email or your forum password, and even if someone has managed to do something like that if you have a signed BTC address access, the account will be returned to you.

One user is also have hacked account from Turkey (but this time really hacked) : https://bitcointalk.org/index.php?topic=5217251.0

Also, IP from Turkey does not mean that it is really about someone from that country, it can be VPN/proxy IP.

[Rizzrack]

When you forget your password there are 2 options:
     - Use username/email to receive a password recovery link (if email is not compromised there is nothing to worry about... on the other hand you would not know if email is compromised until it's too late... but let's be optimistic here...all's good)
     - Use the secret question option and if you get the answer right your account will be blocked and you will be email-ing us to unlock it

Use a very strong secret question... or don't set up one at all !
TBH if your email is compromised I would assume the forum account might not be in top 3 worst worries at that time

I agree with NeuroticFish on the first part ... someone is trying to scare/warn/troll you.
Regarding the IP ... wouldn't take it at face value. VPN, Tor, Proxy.... chances are even the "hacker" didn't know what IP he was using )

I would propose to use ONLY email in the password recovery tho. Seems safer and harder for account farmers !

P.S. Changed thread title for my post. May want to consider doing the same...

[dkbit98]

Read the answer from TryNinja, someone just teases you and wants to scare you, there is no real danger in the sense that someone can hack your account.

I know, I am not retarded.

Also, IP from Turkey does not mean that it is really about someone from that country, it can be VPN/proxy IP.

Not the case here.
This user stupid moron is 100% from turkey.

[Dickiy]

because here there are already many who provide a complete solution I will only give a few strong password suggestions with a combination of uppercase letters, numbers and symbols and enable protection of phone number or authentication for your e-mail and use GMAIL with no other e-mail because GMAIL is more secure