When (or was) the Bitcointalk database hacked? Was it in 2016 ?

[sandy-is-fine]

I'm suddenly getting a number of spam PM's from full & legendary members that have not been active since 2016/2017.  Seems to always be 2016/17.  Looking at their feedback it's always 2016 and before with "just woke up" and changed email.  I also notice a lot of scammers have their last feedback in 2016/17 as well before returning to posting.  Since there are so many of these accounts could they have been hacked then sold?

https://bitcointalk.org/index.php?action=profile;u=221888
I am NOT, repeat NOT accusing this guy https://bitcointalk.org/index.php?action=profile;u=221888 of being a scammer but it is just one of a number of spam PM's trying to sell me something I have been getting recently that seem to be in that same group with similar last post and feedback dates and change of account. When I look at the feedback  it's always around 2016/2017 and usually no posts since then or sometimes just 1 or 2 over 3-4 years.

Here's another (this guy IS a scammer): https://bitcointalk.org/index.php?action=trust;u=877816

[jackg]

I have a feeling it was before I got here so early 2015 but I think there was one in 2013 too.

I changed my email a while ago just in case too (while = ~4 years).

[icopress]

The first mention of this is dated 2011... Although bitcointalk hacks were mostly entertainment in nature, there were some when hackers pursued malicious goals (for example, one of the hacks may have been linked to the Silk Road). Also in those years, a forum for hackers could seem like a tidbit, given that the concentration of tech-savvy people on the forum was much higher than now.

If you want to see the full history of forum hacks read xtraelv's historical thread.

On September 3, an attacker used a 0-day exploit in SMF to gain administrative access to the forum. This went unnoticed until September 9, when he inserted some annoying JavaScript into all pages. The forum was at this point shut down.

Passwords: It is not known for sure that the attacker copied any password hashes, but it should be assumed that he did.

[The Sceptical Chymist]

Huh.  I wonder what the hell is going on with that.  It sounds bizarre--I haven't gotten any PMs or spam e-mails originating from bitcointalk myself, so I wonder if there are other members experiencing the same thing you are.  I doubt you're the sole target.

Since there are so many of these accounts could they have been hacked then sold?

It's certainly possible.  And as far as when that hack occurred, I could swear it was 2017 though I could be way off on that.  It could well have been 2016, and I think there were multiple hacks of forum data over the years.  I do know 2017 was the year that attracted a lot of new members, and I've seen accounts from that year suddenly come to life again within the past year.

I changed my email a while ago just in case too (while = ~4 years).

So did I not too long ago.  It's a real e-mail account but not my primary one, and that's probably what everyone here ought to do.  There's no telling when the next hack is going to be or how much information hackers are going to steal.

[khaled0111]

The hack happened in 2015, precisely on May the 22nd.

On May 22 at 00:56 UTC, an attacker gained root access to the forum's server. He then proceeded to try to acquire a dump of the forum's database before I noticed this at around 1:08 and shut down the server. In the intervening time, it seems that he was able to collect some or all of the "members" table.

There have been other hacks before this one but I believe they weren't as severe as it. The hacker/s compromised the forum's server and got full access to its database.

[CryptoYar]

Can't say anything about 2016, but once in Oct 2013 the forum was hacked, and the deface video is still available on Youtube

Update: It's unfortunately worse than I thought. There's a good chance that the attacker(s) could have executed arbitrary PHP code and therefore could have accessed the database, but I'm not sure yet how difficult this would be. I'm sending out a mass mailing to all Forum users about this.

And according to the Softpedia, hackers stole 150,000 emails and hashed passwords with this hack.

A hacker has contacted me claiming that he’s selling 150,000 emails and hashed passwords stolen from Bitcointalk.org, the Bitcoin discussion forum that was recently hacked and defaced. He's asking BTC 25 for a copy of the data.

[Softpedia] [Reddit]

[Lucius]

Spam on PM is something that can be easily solved by reporting such unsolicited messages using the "report to admin" option, and if that user has harassed more users and admins get more reports, they will surely get one nice ban.

I personally have not received any such PM this year, which just means that the targets are chosen very carefully. On the other hand BTT accounts can be purchased on this forum and in many other places, and as far as I can see the price for Hero/Legendary is around $350 - $500. Yet some newbie who buys such an account is still just a newbie, and it is not difficult to detect.