Bitcoin Forum
February 18, 2020, 06:47:36 AM *
News: Latest Bitcoin Core release: 0.19.0.1 [Torrent]
 
   Home   Help Search Login Register More  
Pages: [1] 2 »  All
  Print  
Author Topic: Bitcointalk Not-Hacking Attempt from Turkey  (Read 403 times)
dkbit98
Hero Member
*****
Offline Offline

Activity: 686
Merit: 722


First 100% Liquid Stablecoin Backed by Gold


View Profile WWW
January 24, 2020, 08:14:48 AM
Last edit: January 24, 2020, 03:27:22 PM by dkbit98
Merited by CucakRowo (3), DdmrDdmr (2), Daniel91 (1), marlboroza (1), iasenko (1)
 #1

Today I checked my email as I normally do every day and I found 3 new emails directing me to reset my Bitcointalk password.
This has all been done from a single IP address: 46.221.6.183 located in Turkey.

My question is:
Can anyone activate password reset for any account with simple log-in attempt and is this a good reason to blacklist this IP address and ban it from forum as evil?





Newbie Tip:
Never click any email links and don't trust any email you receive.


PS
46.221.6.183 You are an idiot!



How Scammer tried to Hack my Bitcointalk and how to Protect yourself?
https://bitcointalk.org/index.php?topic=5173531

Advertised sites are not endorsed by the Bitcoin Forum. They may be unsafe, untrustworthy, or illegal in your jurisdiction. Advertise here.
1582008456
Hero Member
*
Offline Offline

Posts: 1582008456

View Profile Personal Message (Offline)

Ignore
1582008456
Reply with quote  #2

1582008456
Report to moderator
1582008456
Hero Member
*
Offline Offline

Posts: 1582008456

View Profile Personal Message (Offline)

Ignore
1582008456
Reply with quote  #2

1582008456
Report to moderator
1582008456
Hero Member
*
Offline Offline

Posts: 1582008456

View Profile Personal Message (Offline)

Ignore
1582008456
Reply with quote  #2

1582008456
Report to moderator
Blacknavy
Legendary
*
Offline Offline

Activity: 994
Merit: 1113



View Profile WWW
January 24, 2020, 08:58:53 AM
 #2

Don't click and activate two-factor authentication for your e-mail.

dkbit98
Hero Member
*****
Offline Offline

Activity: 686
Merit: 722


First 100% Liquid Stablecoin Backed by Gold


View Profile WWW
January 24, 2020, 09:14:43 AM
 #3

Don't click and activate two-factor authentication for your e-mail.

Yeah, as I said my first post:
Never click any email links and don't trust any email you receive.

I would like to invite people to examine my received and sent trust feedback and you will find the answer who tried this stupid hack.

Jet Cash
Legendary
*
Offline Offline

Activity: 1526
Merit: 1865


https://fittotalk.com/english-talk/


View Profile WWW
January 24, 2020, 09:26:14 AM
 #4

>..<

Looks as if you are doing a good job here - keep up the good work.

btw, I added you to my trust list.

The Fit to Talk English project is peaking at over 1,000 views in a four hour period - are you one of those guests.
If English is not your first language, then we can help you with your posting on Bitcoin Talk.
- PM me to join if you aren't a member. If you are a member, then we would love you to help other members.
ETFbitcoin
Legendary
*
Offline Offline

Activity: 1918
Merit: 2202

Use SegWit and enjoy lower fees.


View Profile WWW
January 24, 2020, 09:37:39 AM
 #5

Your email address was leaked, you might want to use different email address.

As for your question, i'd have to disagree since CloudFlare do the job better than manual IP ban.

dkbit98
Hero Member
*****
Offline Offline

Activity: 686
Merit: 722


First 100% Liquid Stablecoin Backed by Gold


View Profile WWW
January 24, 2020, 09:50:40 AM
 #6

Your email address was leaked, you might want to use different email address.

As for your question, i'd have to disagree since CloudFlare do the job better than manual IP ban.

I would also disagree with you as it is enough to just enter 'username' and ask for password reset.
And this should be changed/removed to improve forum security.


forumalacali
Full Member
***
Offline Offline

Activity: 280
Merit: 192



View Profile
January 24, 2020, 09:54:18 AM
 #7

be careful man somebody is seriously loaded

vodafone is mobile phone operatör  Sad obviously a direct attack from turkey maybe mobile phone

change passwords,
no clicks,
get exchange and forum mails separate
CucakRowo
Hero Member
*****
Offline Offline

Activity: 644
Merit: 504


Indonesia Is Beauty. https://youtu.be/ojQbArbuN4E


View Profile WWW
January 24, 2020, 10:17:53 AM
 #8

I think we are on the right path. Someone (cr**ook) who has multiple accounts on this forum is very worried about our investigation senor. He tried to stop us by trying to hack your account. This blatant activities will not stop our efforts.

forumalacali
Full Member
***
Offline Offline

Activity: 280
Merit: 192



View Profile
January 24, 2020, 10:35:47 AM
 #9

guys , there is a problem !!!!

These shared locations common areas,can be a zombie line. More than 10000 people per hour pass through the street in this place. Maybe more...

These are tourism areas, more than enough free wifi points available...

this is a zombie attack if the timing between two mail is 7 hours




TryNinja
Legendary
*
Offline Offline

Activity: 1288
Merit: 1824



View Profile
January 24, 2020, 10:47:57 AM
Merited by marlboroza (1)
 #10

There was no hack attempt. Don’t worry about these emails. As explained, all someone did was put your username in the « Recovery password » screen, sending you the email. There is 0 things he can do with that. Even if you click the link, you will be one changing the password, and not him. He is the one who needs the link (which is on your email).

If you do the same with « theymos », is his account at risk? No.

AakZaki
Hero Member
*****
Offline Offline

Activity: 784
Merit: 680



View Profile WWW
January 24, 2020, 11:15:35 AM
 #11

It looks like your account will be fine if the password change link is not given to the IP owner.

It's just that there are idiots trying to change your password and enter your username so you get the link in your email.

Unless the forget password feature doesn't use a username, but using email might be difficult for idiots trying to change someone else's password.

▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒
▒▒▒▒▒▒▒▒██████████████████████▒▒▒
▒▒▒▒▒▒▒█████████████████████▒▒▒█▌
▒▒▒▒▒▒▐███████████████████▒▒▒██
▒▒▒▒▒▒███▀▒▒▒▒▒▒▒▒▒██████▒▒▒██
▒▒▒▒▒███▒▒▒▒▒▒▒▒▒▐█████▒▒▒███
▒▒▒▒██▒▒▒▒▒▒▒▒▒▒██████▒▒▒██▌
▒▒▒█▀▒▒▒▒▒▒▒▒▒▒█████▒▒▒███
▒▒▒▒▒▒▒▒▒▒▒▒▒████▒▒▒▒███
▒▒▒▒▒▒▒▒▒▒▒▒▒████▒▒▒████
▒▒▒▒▒▒▒▒▒▒▒▄███▒▒▒█████
▒▒▒▒▒▒▒▒▒▒████▒▒▒█████
▒▒▒▒▒▒▒▒▒███▒▒▒█████▒▒▒▒▒▒▒▒▒▒▒▒
▒▒▒▒▒▒▒▐███▒▒▒█████▒▒▒▒▒▒▒▒▒▒▒██
▒▒▒▒▒▒███▒▒▒██████▒▒▒▒▒▒▒▒▒▒███
▒▒▒▒▒██▒▒▒▒██████▒▒▒▒▒▒▒▒▒████
▒▒▒▒██▒▒▒████████████████████
▒▒▒▒▒▒█████████████████████
▒▒▒▒▒█████████████████████
r           ▄
           ██▄
           ████▄
█████████████████▄
▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄
 ▀█████▀▀▀▀▀▀▀▀▀▀▀
   ▀███
     ▀█
           ▄
           ██▄
           ████▄
█████████████████▄
▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄
 ▀█████▀▀▀▀▀▀▀▀▀▀▀
   ▀███
     ▀█
hilariousetc
Legendary
*
Offline Offline

Activity: 1498
Merit: 2366


https://bitcoin.watfordfc.com


View Profile WWW
January 24, 2020, 11:17:42 AM
Merited by marlboroza (1), morvillz7z (1)
 #12

Woah there, be careful when using the word 'Turkey' or 'Turkish' here as you might get accused of racism. Any use of that word that is included or associated with anything bad or negative will be taken by a lot of the Turks here as a smear against the entire country/peoples of Turkey regardless of facts. *braces for attack*.

Your email address was leaked, you might want to use different email address.

As for your question, i'd have to disagree since CloudFlare do the job better than manual IP ban.

I would also disagree with you as it is enough to just enter 'username' and ask for password reset.
And this should be changed/removed to improve forum security.



Yeah, all you need is the username, or I believe the secret question if you have that set up. I wouldn't worry about mere emails as there's nothing they can do unless they have access to that so make sure it's as secure as possible.

guys , there is a problem !!!!

These shared locations common areas,can be a zombie line. More than 10000 people per hour pass through the street in this place. Maybe more...


Well they'd be pretty stupid to use their own IP to try hack, but there's nothing you can do about people using public wifi without blocking them but that would be unfair to all the others who use that connection innocently.

NeuroticFish
Legendary
*
Offline Offline

Activity: 2128
Merit: 1467


First 100% Liquid Stablecoin Backed by Gold


View Profile
January 24, 2020, 11:22:12 AM
 #13

I agree with @TryNinja. Unless your address mail account is unsafe, this cannot be really called hack attempt.

What I'd add it's that it may have been something else:
1. Somebody wants to somehow warn/scare you.
2. Somebody wants even more drama related to Turkish users of this forum.

But maybe I am thinking (way) too far...


PS. According to @hilariousetc, I may not thinking too far after all.  Grin


Edit: correction for clearness (address -> mail account)

dkbit98
Hero Member
*****
Offline Offline

Activity: 686
Merit: 722


First 100% Liquid Stablecoin Backed by Gold


View Profile WWW
January 24, 2020, 11:22:56 AM
 #14

Well they'd be pretty stupid to use their own IP to try hack

Yes, I think think he is very stupid, as I exposed him for cheating and I am 100% sure he is from Turkey.
This is ongoing investigation, and I will do my best to expose him further.

Evil IPs are used all the time in Bitcointalk - so it is not a new concept, and this is evil IP.
He needs to pay if he wants to use this IP again


I agree with @TryNinja. Unless your address is unsafe, this cannot be really called hack attempt.

What address are you talking about?

When someone tries to reset your password 3 times from same IP address I call that a (stupid) hack attempt.


forumalacali
Full Member
***
Offline Offline

Activity: 280
Merit: 192



View Profile
January 24, 2020, 11:27:10 AM
 #15


Well they'd be pretty stupid to use their own IP to try hack, but there's nothing you can do about people using public wifi without blocking them but that would be unfair to all the others who use that connection innocently.

Quote
These are tourism areas, more than enough free wifi points available...

Of course, nobody can prevent this. It is a good service to offer free service to the guests coming to the country. Everyone including me has already explained to the friend.

No need to worry as long as he maintains his email address...

NeuroticFish
Legendary
*
Offline Offline

Activity: 2128
Merit: 1467


First 100% Liquid Stablecoin Backed by Gold


View Profile
January 24, 2020, 11:31:11 AM
 #16

What address are you talking about?

When someone tries to reset your password 3 times from same IP address I call that a (stupid) hack attempt.

I corrected with better wording. I was referring to your mail address/mail account. Without access to that one the so-called hacker can't do anything.
That's why I think that he may have been actually trying to trigger this kind of reaction, hence the rest of that post of mine.

dkbit98
Hero Member
*****
Offline Offline

Activity: 686
Merit: 722


First 100% Liquid Stablecoin Backed by Gold


View Profile WWW
January 24, 2020, 11:36:23 AM
 #17

It should be mentioned that this is not the first time something like this happened.
Here is one example of fake bitcointalk login page with turkish .tr origin address:

How Scammer tried to Hack my Bitcointalk and how to Protect yourself?
https://bitcointalk.org/index.php?topic=5173531

Lucius
Legendary
*
Offline Offline

Activity: 1694
Merit: 1522


⚔ Fortis Fortuna Adiuvat ⚔


View Profile WWW
January 24, 2020, 11:42:11 AM
 #18

There was no hack attempt. Don’t worry about these emails. As explained, all someone did was put your username in the « Recovery password » screen, sending you the email. There is 0 things he can do with that.

When someone tries to reset your password 3 times from same IP address I call that a (stupid) hack attempt.

Read the answer from TryNinja, someone just teases you and wants to scare you, there is no real danger in the sense that someone can hack your account. To do this, he/she would first have to hack your email or your forum password, and even if someone has managed to do something like that if you have a signed BTC address access, the account will be returned to you.

One user is also have hacked account from Turkey (but this time really hacked) : https://bitcointalk.org/index.php?topic=5217251.0

Also, IP from Turkey does not mean that it is really about someone from that country, it can be VPN/proxy IP.

Rizzrack
Copper Member
Member
**
Offline Offline

Activity: 68
Merit: 53



View Profile
January 24, 2020, 11:45:13 AM
 #19

When you forget your password there are 2 options:
     - Use username/email to receive a password recovery link (if email is not compromised there is nothing to worry about... on the other hand you would not know if email is compromised until it's too late... but let's be optimistic here...all's good)
     - Use the secret question option and if you get the answer right your account will be blocked and you will be email-ing us to unlock it

Use a very strong secret question... or don't set up one at all !
TBH if your email is compromised I would assume the forum account might not be in top 3 worst worries at that time

I agree with NeuroticFish on the first part ... someone is trying to scare/warn/troll you.
Regarding the IP ... wouldn't take it at face value. VPN, Tor, Proxy.... chances are even the "hacker" didn't know what IP he was using Smiley)

I would propose to use ONLY email in the password recovery tho. Seems safer and harder for account farmers !

P.S. Changed thread title for my post. May want to consider doing the same...
dkbit98
Hero Member
*****
Offline Offline

Activity: 686
Merit: 722


First 100% Liquid Stablecoin Backed by Gold


View Profile WWW
January 24, 2020, 11:47:21 AM
Last edit: January 24, 2020, 12:32:48 PM by dkbit98
 #20

Read the answer from TryNinja, someone just teases you and wants to scare you, there is no real danger in the sense that someone can hack your account.
I know, I am not retarded.

Also, IP from Turkey does not mean that it is really about someone from that country, it can be VPN/proxy IP.
Not the case here.
This user stupid moron is 100% from turkey.


Pages: [1] 2 »  All
  Print  
 
Jump to:  

Sponsored by , a Bitcoin-accepting VPN.
Powered by MySQL Powered by PHP Powered by SMF 1.1.19 | SMF © 2006-2009, Simple Machines Valid XHTML 1.0! Valid CSS!