Bitcoin Forum
April 19, 2019, 03:33:34 PM *
News: Latest Bitcoin Core release: 0.17.1 [Torrent]
 
   Home   Help Search Login Register More  
Pages: « 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 [39] 40 41 42 43 44 45 »
  Print  
Author Topic: satoshin@gmx.com is compromised  (Read 151067 times)
bigasic
Hero Member
*****
Offline Offline

Activity: 910
Merit: 1000



View Profile
September 13, 2014, 10:20:01 PM
 #761

I believe that post when he stated "I am not Dorian" is from SN. From the logs of the emails that were posted, the hacker just received access right before he sent the email to theymos. So, I believe that earlier post is legit...
Advertised sites are not endorsed by the Bitcoin Forum. They may be unsafe, untrustworthy, or illegal in your jurisdiction. Advertise here.
CraftingTable
Newbie
*
Offline Offline

Activity: 27
Merit: 0


View Profile
September 14, 2014, 01:32:50 AM
 #762

this guy was always an obvious fraud
Chris_Sabian
Legendary
*
Offline Offline

Activity: 896
Merit: 1000



View Profile
September 14, 2014, 03:18:01 AM
 #763

Still.  There is no new information on what is going on.  Please stop posting before you know the facts.
AGD
Legendary
*
Offline Offline

Activity: 1790
Merit: 1049


Keeper of the Private Key


View Profile
September 14, 2014, 05:55:36 AM
 #764

I believe that post when he stated "I am not Dorian" is from SN. From the logs of the emails that were posted, the hacker just received access right before he sent the email to theymos. So, I believe that earlier post is legit...

Why didn't he sign that message to proof it was legit?

Bitcoin is not a bubble, it's the pin!
+++ GPG Public key FFBD756C24B54962E6A772EA1C680D74DB714D40 +++ http://pgp.mit.edu/pks/lookup?op=get&search=0x1C680D74DB714D40
wasserman99
Sr. Member
****
Offline Offline

Activity: 476
Merit: 250



View Profile
September 14, 2014, 07:02:27 AM
 #765

I believe that post when he stated "I am not Dorian" is from SN. From the logs of the emails that were posted, the hacker just received access right before he sent the email to theymos. So, I believe that earlier post is legit...

Why didn't he sign that message to proof it was legit?
No one questioned if the post was legit or not. It was assumed by the community that it was.

AGD
Legendary
*
Offline Offline

Activity: 1790
Merit: 1049


Keeper of the Private Key


View Profile
September 14, 2014, 08:49:39 AM
 #766

I believe that post when he stated "I am not Dorian" is from SN. From the logs of the emails that were posted, the hacker just received access right before he sent the email to theymos. So, I believe that earlier post is legit...

Why didn't he sign that message to proof it was legit?
No one questioned if the post was legit or not. It was assumed by the community that it was.

Not true. Some people need proof before they classify a message as "legit". Satoshi would not forget to sign it if he wanted everybody to believe it was him without a doubt.
He found it important enough to break his silence after years to post this strange message, but forgot to sign it to proof it was legit? No way...


Bitcoin is not a bubble, it's the pin!
+++ GPG Public key FFBD756C24B54962E6A772EA1C680D74DB714D40 +++ http://pgp.mit.edu/pks/lookup?op=get&search=0x1C680D74DB714D40
dewdeded
Legendary
*
Offline Offline

Activity: 1218
Merit: 1011


Monero Evangelist


View Profile WWW
September 14, 2014, 10:28:38 AM
 #767

The site also reveals to anyone attempting to reset that the alternate email is  s******@v********.com
This is pretty piss-poor security, since it's obvious that s****** is satoshi and there are lists of free email providers, even ones from 5 years ago that have domains now expired or parked that could be bought and tried against the reset:
vahoo.com
...
vr9.com

The reset email shown could be set by the current hacker, if it was previously s******@g****.com it would be even more obvious what else to compromise.
s******@v********.com is "satoshi@vistomail.com". This is general knowledge, Satoshi used the Vistomail-adress e.g. at the Cryptography-mailing-list [1] or for Bitcoin-related public announcements/postings/publications/communication [2].

1 = http://marc.info/?l=cryptography&m=122694149201952&w=2
2 = http://library.uniteddiversity.coop/Money_and_Economics/bitcoin.pdf & http://blog.dustintrammell.com/2013/11/26/i-am-not-satoshi/
itod
Legendary
*
Offline Offline

Activity: 1456
Merit: 1017


^ Will code for Bitcoins


View Profile
September 14, 2014, 11:08:39 AM
 #768

s******@v********.com is "satoshi@vistomail.com". This is general knowledge, Satoshi used the Vistomail-adress e.g. at the Cryptography-mailing-list [1] or for Bitcoin-related public announcements/postings/publications/communication [2].

1 = http://marc.info/?l=cryptography&m=122694149201952&w=2
2 = http://library.uniteddiversity.coop/Money_and_Economics/bitcoin.pdf & http://blog.dustintrammell.com/2013/11/26/i-am-not-satoshi/

Interesting comment in those emails regarding the reusing of addresses:

Quote
Address book labels for receiving addresses is confusing but I'm not sure what else to do.  Anyone using it for more than just simple purposes would need to create different receiving addresses for each payer so they could tell who's paying them.  That concept doesn't have much analogy in the real world.

Satoshi
proofofarat
Newbie
*
Offline Offline

Activity: 21
Merit: 0


View Profile
September 14, 2014, 04:37:12 PM
 #769

Looking at GMX's password recovery process, to recover an account it looks like they will either send an email to s***@v*****.com
or they will let you enter your birthdate. Perhaps somebody exploited one of these two options?
reddit formatting markdown fucked up the email address characters, but it looks like S followed by 6 stars @ V followed by 8 stars

entering birth date is rate limited to 3 attempts per 24 hrs. So probably wasn't accessed through this unless the attacker had narrowed down the range a bit
Skinnyman
Member
**
Offline Offline

Activity: 61
Merit: 10


View Profile
September 14, 2014, 04:39:54 PM
 #770

Looking at GMX's password recovery process, to recover an account it looks like they will either send an email to s***@v*****.com
or they will let you enter your birthdate. Perhaps somebody exploited one of these two options?
reddit formatting markdown fucked up the email address characters, but it looks like S followed by 6 stars @ V followed by 8 stars

entering birth date is rate limited to 3 attempts per 24 hrs. So probably wasn't accessed through this unless the attacker had narrowed down the range a bit

This has already been discussed and is likely how he gained access. Think someone said it would take max a year to guess the birthdate by bruteforce.
wasserman99
Sr. Member
****
Offline Offline

Activity: 476
Merit: 250



View Profile
September 14, 2014, 06:42:41 PM
 #771

Looking at GMX's password recovery process, to recover an account it looks like they will either send an email to s***@v*****.com
or they will let you enter your birthdate. Perhaps somebody exploited one of these two options?
reddit formatting markdown fucked up the email address characters, but it looks like S followed by 6 stars @ V followed by 8 stars

entering birth date is rate limited to 3 attempts per 24 hrs. So probably wasn't accessed through this unless the attacker had narrowed down the range a bit

This has already been discussed and is likely how he gained access. Think someone said it would take max a year to guess the birthdate by bruteforce.
I would think that the hacker likely changed the password reset questions once he gained access to the account. I would not be surprised if some hacker was able to exploit some kind of vulnerability at gmx (and potentially sold this information on some dark web site). 

FloodZone
Newbie
*
Offline Offline

Activity: 62
Merit: 0


View Profile
September 14, 2014, 06:55:54 PM
 #772

Looking at GMX's password recovery process, to recover an account it looks like they will either send an email to s***@v*****.com
or they will let you enter your birthdate. Perhaps somebody exploited one of these two options?
reddit formatting markdown fucked up the email address characters, but it looks like S followed by 6 stars @ V followed by 8 stars

entering birth date is rate limited to 3 attempts per 24 hrs. So probably wasn't accessed through this unless the attacker had narrowed down the range a bit

Would take 4 months max to crack the birth date.. So it's quite possible.
jabo38
Legendary
*
Offline Offline

Activity: 1204
Merit: 1000


mining is so 2012-2013


View Profile WWW
September 14, 2014, 08:02:02 PM
 #773

Looking at GMX's password recovery process, to recover an account it looks like they will either send an email to s***@v*****.com
or they will let you enter your birthdate. Perhaps somebody exploited one of these two options?
reddit formatting markdown fucked up the email address characters, but it looks like S followed by 6 stars @ V followed by 8 stars

entering birth date is rate limited to 3 attempts per 24 hrs. So probably wasn't accessed through this unless the attacker had narrowed down the range a bit

Would take 4 months max to crack the birth date.. So it's quite possible.

If somebody knew the exact calendar year, that's true. But do we really really know exactly what year he was born?

Buge
Newbie
*
Offline Offline

Activity: 2
Merit: 0


View Profile
September 14, 2014, 09:21:51 PM
 #774

Looking at GMX's password recovery process, to recover an account it looks like they will either send an email to s***@v*****.com
or they will let you enter your birthdate. Perhaps somebody exploited one of these two options?
reddit formatting markdown fucked up the email address characters, but it looks like S followed by 6 stars @ V followed by 8 stars

entering birth date is rate limited to 3 attempts per 24 hrs. So probably wasn't accessed through this unless the attacker had narrowed down the range a bit
People in this thread have already said that even though it claims to limit you to 3 tries per 24 hours, it actually doesn't limit you.
ALXBOB
Sr. Member
****
Offline Offline

Activity: 289
Merit: 250


View Profile
September 14, 2014, 09:22:03 PM
 #775

http://motherboard.vice.com/read/the-satoshi-nakamoto-email-hacker-says-hes-negotiating-with-the-bitcoin-founder?trk_source=recommended

Tales from the crypto

One Wallet to Rule them All! http://coinomi.com/ Now with Shapeshift integration!
TsuyokuNaritai
Hero Member
*****
Offline Offline

Activity: 574
Merit: 500



View Profile
September 14, 2014, 10:22:24 PM
 #776

Why does everyone keep reposting this as if it's still news?

giveBTCpls
Sr. Member
****
Offline Offline

Activity: 322
Merit: 250


View Profile
September 14, 2014, 11:08:21 PM
 #777

Lol. Hasn't it proved already the "hacker" was a dumb kid that got doxed? OP should update the thread with the info so people dont keep asking or something.

SomethingElse
Full Member
***
Offline Offline

Activity: 210
Merit: 100

Looking for the next big thing


View Profile
September 14, 2014, 11:30:44 PM
 #778

Lol. Hasn't it proved already the "hacker" was a dumb kid that got doxed? OP should update the thread with the info so people dont keep asking or something.

I am not sure.  http://blogs.wsj.com/moneybeat/2014/09/12/bitbeat-satoshi-nakamoto-hacked-or-not-remains-anonymous/

NEM
Bill Bisco
Member
**
Offline Offline

Activity: 109
Merit: 10


View Profile
September 14, 2014, 11:52:11 PM
 #779

It would have been nice if the hacker released Satoshi's old emails foe posterity.  It's a real shame we had such an idiot hacker.

BTC: 1PVqE4eM8uBJ7Xb9rCsCLajp5YSi6p8oQ6
"Real Sharpness Comes Without Effort"
AGD
Legendary
*
Offline Offline

Activity: 1790
Merit: 1049


Keeper of the Private Key


View Profile
September 15, 2014, 06:47:43 AM
 #780

I don't believe in this "idiot hacker" story at all.


Bitcoin is not a bubble, it's the pin!
+++ GPG Public key FFBD756C24B54962E6A772EA1C680D74DB714D40 +++ http://pgp.mit.edu/pks/lookup?op=get&search=0x1C680D74DB714D40
Pages: « 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 [39] 40 41 42 43 44 45 »
  Print  
 
Jump to:  

Sponsored by , a Bitcoin-accepting VPN.
Powered by MySQL Powered by PHP Powered by SMF 1.1.19 | SMF © 2006-2009, Simple Machines Valid XHTML 1.0! Valid CSS!