Some mo-fo is tryin' to hack my ass.

[The Sceptical Chymist]

Man, I hope it's not the gas station guy across the street from me.  That's not paranoid, is it?

Damn, it's already at a severe stage I guess.  

For the record, I wrote that for a reason--the guy who owns that gas station is from Bangladesh and I'm pretty sure he can see my wi-fi signal from across the street (not that that has anything to do with this, but my brain is scrambled).  I might have even asked him if he knew about bitcoin before.  Again, no relevance.

Nullius, I actually read your post and I thank you for posting that.  I never visited that pwned site, but I'mma check it out soon as I down my last 40 ounce, know what I'm sayin'?  Been a rough week.

[nullius]

xkcd 2176, “How Hacking Works”.  This made an appearance in some places, when the xkcd forums were pwned.

Nullius, I actually read your post and I thank you for posting that.  I never visited that pwned site, but I'mma check it out soon as I down my last 40 ounce, know what I'm sayin'?  Been a rough week.

You’re welcome.  HTH.

Have I Been Pwned? is sufficiently “notable” to have a Wikipedia page:

https://en.wikipedia.org/wiki/Have_I_Been_Pwned%3F

It is also a popular tag on security.SE.

HIBP simply offers you a way to check if your data are already floating around in an underground world that most people don’t know exists.  Sites get compromised every day.  Blackhats sometimes offer the information for sale, or just share it for the lulz.  To the public, ignorance is bliss—until they personally suffer from criminal usages of their information.

Sometimes, HIBP has “interesting” challenges.  See how its operator, Troy Hunt, decided to handle the mess when Ashley Madison and Adult Friend Finder (see updates at the bottom) were hacked:

https://www.troyhunt.com/heres-how-im-going-to-handle-ashley/



Most people do not understand why I am so strict about security and privacy.  They are naïve.

[cryptoaddictchie]

Its not just forum but anything youve exposed your email with is gonna be swarming with emailed about changing your password or updating any information now.

My airdrop email has too many change password attempt and phishing links. As expected as it dumps online through different drops.

Maybe one of your friends before are trying to phish you now. Wondering even they managed to got hack an account. Forum will be notified of changes, and how does they think they can earn money from it unless they can profesionally imitate the user writing habits. A typical hacker usually change password and every information so if this does happened then will have a clue that The Pharmacist has now a second user. Also if he tried to request a bitcoin address change on your signature campaign.

[The Sceptical Chymist]

Its not just forum but anything youve exposed your email with is gonna be swarming with emailed about changing your password or updating any information now.

Waitaminute.  I admit I haven't read this entire thread, but my understanding of the situation is that someone simply tried a few times to log into my account, but that doesn't mean they know my forum e-mail address (unless they saw when I absentmindedly posted a screenshot of my profile in a post a while back).  And if they did see that post, they sure as hell waited a long time to get to the haxxoring.

Maybe one of your friends before are trying to phish you now.

Ain't got none of those 'cept my right hand I call Daisy and whoever it is that's behind all the voices in my head.

[Smartvirus]

The e-mail account I use on this forum I generally don't use for much else, but I happened to check it just a little while ago and got three e-mails from bitcointalk stating that someone had used the "forgot password" function for my account, and all three attempts were over the course of about an hour.

It seems this hack attempts is whats making the rounds at the moment on the forum. One needs to be very careful on all fronts these days from being aware of the activities that goes on in there mails and the series of unsolicited pm especially, one that bares links and requires some feedback.
On the email, I think this quote from a while ago agrees just fine with your choice on what email to be linked with my account on forum.

Needless to say, personally, I feel it's important that you use an active but not an extremely official email on your accounts of the forum.

Play safe by protecting your official email that is affiliated with your life's worth and documents by keeping it put of harms way and still, get to protect your account on a yt active mail where your sure to be cautious on dealing.

I'm not crazy, right?  That means someone is trying to get into my account, right?  What I don't understand is why that person would try to do that if they don't know what my e-mail is.

And after giving it a little thought, I have exposed a few e-mail addresses to members of the forum in the past, whether through deals or by becoming acquaintances with those members.  I'm wondering if one of those people thought I used whatever e-mail they had as my forum e-mail....and that's a frightening thought.

Yeah, they possibly shouldn't know and have limited options to come up with an email address to brute force except, you had deals that ought to have led to email exposure and that's a risk for sure.
This gives me the idea that, one has got to own probably a separate mail address for working deals from the forum/Web at large.

This stresses on why the forums default system works or activates hidden emails and these should serve as caution to those whom have left there's exposed.

So if you should happen to see my account start posting in the Russian section or if my English deteriorates to brain-vegetable bounty hunter quality, just know that I got hacked and neg my account to high hell until I get it back.  

Lol,,, apparently its a way to go to prevent the account from causing any damage before a possible recovery! Althogh, its some risk still as, some DT might neg tag and no longer be active on the forum. This would make permanent the tag although, the a reference to the case and further positive tags after recovery would cast a shadow on it.

I really hope this doesn't turn out to be the case for you @The Pharmacist.

Yeah, to think of it. Account changing hands often lives a trace to follow. Like;
* Change of mail address
* Password reset via email
* Post quality decline
* Frequented board to make comments
* Local Board participation
Etc...

It's disgusting how these guys feel the need to be reputable or own a ranked up account and don't see the need to work for it. Safe means only guys and don't let your rep be messed u by these cunts.

[BitcoinGirl.Club]

No idea, but surely they hate you so much that you are ignored.

A** holes 🤣
To be honest after the hack I have changed my email address and this email address has been never used to any other service. If any day I receive any such email then it will be confirmed that bitcointalk data has been leaked. So f*** off fuckers. You catch me, I alert the entire forum 😉

[m2017]

No idea, but surely they hate you so much that you are ignored.

A** holes 🤣
To be honest after the hack I have changed my email address and this email address has been never used to any other service. If any day I receive any such email then it will be confirmed that bitcointalk data has been leaked. So f*** off fuckers. You catch me, I alert the entire forum 😉

Are you using something like 2fa or google authenticator to secure your e-mail?

A typical hacker usually change password and every information so if this does happened then will have a clue that The Pharmacist has now a second user. Also if he tried to request a bitcoin address change on your signature campaign.

A change bitcoin address will be immediately noticed and aroused suspicion. Let's say the hacker even manages to do this and get the reward for the past week on your signature campaign. But as usual, users of stolen accounts immediately report it on bitcointalk, and in combination with the changed bitcoin address, this doesn't leave the hacker with a great chance of further use of the stolen account. Subsequently, the account will be returned to the owner or painted red for theft, which makes the account almost useless.

[BitcoinGirl.Club]

Are you using something like 2fa or google authenticator to secure your e-mail?

No I am not but I have a very strong password generated using password generator which is saved in a txt file. I have backup of the text file since there are no way for me to remember the password. It's too hard. Not bothered to have 2fa enable. This could be an extra layer of security though.

Subsequently, the account will be returned to the owner or painted red for theft, which makes the account almost useless.

If the original owner can prove it using the bitcoin address he used in past then it does not take long to recover the account. Once it is recovered then everyone removes their red paints. That's what I had when I lost my account and got back after contacting the recovery team.

[Falconer]

I've used forum account email on various services before, but with your incident I'm starting to worry that my email might leak. Frankly I've blocked most email from services I never even knew about, it's probably true that I should consider replacing them sometime in the future because the more spam emails that come in, the more likely this email is to leak to multiple parties.

The Pharmacist, I hope you can be more careful with the people around you because who knows they will stalk you from a distance. Lol
But I'm sure, your reputation can't be matched by any user so even if the hack is successful, forum members will recognize it and will lock it in a cage.

[The Sceptical Chymist]

This gives me the idea that, one has got to own probably a separate mail address for working deals from the forum/Web at large.

Yeah, there are so many free e-mail providers that all you really need is some time and patience to create a bunch of throwaway ones for use in different situations where the other party (like this forum) doesn't absolutely need to know your e-mail addy or don't make it optional to give it out for whatever security functions they have.

It's disgusting how these guys feel the need to be reputable or own a ranked up account and don't see the need to work for it. Safe means only guys and don't let your rep be messed u by these cunts.

Who knows what clown tried to hack my account and for what purpose?  It could have been anyone for any reason, though I'm still puzzled as to why that clown chose me since I'm just an average guy on bitcointalk with the exception of having a high rank.  Weird.

OK, I think this thread has served its purpose and I'm going to lock it up now.  Thanks to y'all for lending me your ears.