hilariousandco
Global Moderator
Legendary
Offline
Activity: 3976
Merit: 2713
Join the world-leading crypto sportsbook NOW!
|
|
January 08, 2015, 09:18:13 AM |
|
Wasn't that guessing the dob exploit allegedly used to gain access to satoshis gmx account? It is interesting how many people are losing their accounts here via their email, especially when most don't have their address publicly displayed.
|
|
|
|
Parazyd
|
|
January 08, 2015, 09:21:46 AM |
|
Wasn't that guessing the dob exploit allegedly used to gain access to satoshis gmx account? It is interesting how many people are losing their accounts here via their email, especially when most don't have their address publicly displayed.
Probably because the majority of members here use either gmx or gmail. And it's probably username@one-of-those.comSo it's not that hard to guess. Note to self: Start an email server.
|
|
|
|
Blazr
|
|
January 08, 2015, 09:23:10 AM |
|
Molecular, aren't you from Germany? So is Akka IIRC... Maybe some German Bitcoin website was hacked.
|
|
|
|
MadZ
|
|
January 08, 2015, 09:23:17 AM |
|
I can confirm account Akka was hacked (I informed theymos right away, thanks for acting, theymos), I bet he had a gmx-address registered with the forum.
My gmx account has been repeatedly taken over (about 6-8 times) since around Dec 16th.
How did the hacker know your email address associated with your account? Was it publicly known prior? I'm assuming he got it from the mtgox leak back in 2011 (or was it 2012?). It's very likely someone using gox in 2011 also has a btctalk account... and a valuable one at that That's what I'd do if I had that exploit and was a black hat: take all gmx addresses from that leak and attack those dudes... there might be some bitcoins to be had. I don't think Akka would be on the old mtgox leak, he signed up on bitcointalk in June 2012, the leak was way before that. I heard a suspicious rumor that it was somehow possible in some cases to reset the password of GMX accounts by using the persons date of birth only. I haven't checked it out because I don't have an account there, but it might be a good idea to look into it. Regardless everyone should stop using GMX, they're obviously very incompetent. Akka revealed his email in this post, they probably got it from there. Machst du mit? Wenn ja: In welcher Stadt bis du? Wärst du bereit das ganze (wenn ja mit wie viel BTC etwa?) mit zu finanzieren? Wäre es OK wenn ich deinen Kontakt an andere aus deiner Stadt weitergebe, damit ich möglichst einen einzigen Ansprechpartner pro Stadt habe wenn es an die Verteilung geht? (Als Nebeneffekt entstehen so vielleicht sogar ein paar lokale Bitcoin Communitys). Falls du das nur liest und nicht im Forum bist, scheibe mir eine Mail: Ak-ka@gmx.net
|
|
|
|
molecular
Donator
Legendary
Offline
Activity: 2772
Merit: 1019
|
|
January 08, 2015, 09:25:54 AM |
|
I heard a suspicious rumor that it was somehow possible in some cases to reset the password of GMX accounts by using the persons date of birth only. I haven't checked it out because I don't have an account there, but it might be a good idea to look into it. Regardless everyone should stop using GMX, they're obviously very incompetent.
This whole story stinks. I don't belive in this "random dumb script kid hacks Satoshi Nakamotos email account" story at all. There is someone simply trying to let us think Satoshi is still alive.
As far as I can see, you only need to know date of birth to reset a gmx email account password. Maybe he used the same DOB as in the p2pfoundation profile? Or maybe the kid found some way to automate it bypassing the CAPTCHA. I just checked out the password reset procedure on gmx.de. It's possible to use the phone-number or alternate email address to reset pw. Nothing about date of birth. When I tried to regain control of my gmx account in December, I called. They asked date of birth, but it wasn't enough. I had to email scans of my ID, which they only checked casually (I know because I called right afterwards and the guy said (paraphrasing): "ah, I see it's still valid, so that's ok, I'll send you reset-link"). So that's a possibility, although I doubt the exploit involveds a phone call. Also noteworthy: after my account has been taken over (as said this happened 6-8 times in the last 3 weeks) and I regained access, website displayed many (100s, sometimes 1000s of failed login attempts). I'm not sure if imap/pop login failures count here (I have multiple imap clients polling frequently, so if pw is changed, they will fail login).
|
PGP key molecular F9B70769 fingerprint 9CDD C0D3 20F8 279F 6BE0 3F39 FC49 2362 F9B7 0769
|
|
|
molecular
Donator
Legendary
Offline
Activity: 2772
Merit: 1019
|
|
January 08, 2015, 09:27:14 AM |
|
Note to self: Start an email server.
+1 I ran one in the 90s. Gave up at some point when it got harder to send emails via smtp around 2005 or so. I'm reconsidering this now.
|
PGP key molecular F9B70769 fingerprint 9CDD C0D3 20F8 279F 6BE0 3F39 FC49 2362 F9B7 0769
|
|
|
molecular
Donator
Legendary
Offline
Activity: 2772
Merit: 1019
|
|
January 08, 2015, 09:28:42 AM |
|
Molecular, aren't you from Germany? So is Akka IIRC... Maybe some German Bitcoin website was hacked.
Also ThomasV who also lost his gmx address is from germany. gmx is a german email provider, so this is probably the cause for the amount of germans affected.
|
PGP key molecular F9B70769 fingerprint 9CDD C0D3 20F8 279F 6BE0 3F39 FC49 2362 F9B7 0769
|
|
|
fronti
Legendary
Offline
Activity: 2912
Merit: 1309
|
|
January 08, 2015, 10:02:24 AM |
|
I know akka personaly and will give him a call that he can clearify the situation
|
If you like to give me a tip: bc1q8ht32j5hj42us5qfptvu08ug9zeqgvxuhwznzk
"Bankraub ist eine Unternehmung von Dilettanten. Wahre Profis gründen eine Bank." Bertolt Brecht
|
|
|
redsn0w
Legendary
Offline
Activity: 1778
Merit: 1043
#Free market
|
|
January 08, 2015, 10:17:17 AM |
|
Nice catch quickSeller , now is all resolved or not ?
|
|
|
|
molecular
Donator
Legendary
Offline
Activity: 2772
Merit: 1019
|
|
January 08, 2015, 10:34:09 AM |
|
Nice catch quickSeller , now is all resolved or not ? except that the gaping pw reset vulnerability at gmx obviously still exists
|
PGP key molecular F9B70769 fingerprint 9CDD C0D3 20F8 279F 6BE0 3F39 FC49 2362 F9B7 0769
|
|
|
molecular
Donator
Legendary
Offline
Activity: 2772
Merit: 1019
|
|
January 08, 2015, 10:40:31 AM |
|
I know akka personaly and will give him a call that he can clearify the situation
sehr gut, danke!
|
PGP key molecular F9B70769 fingerprint 9CDD C0D3 20F8 279F 6BE0 3F39 FC49 2362 F9B7 0769
|
|
|
redsn0w
Legendary
Offline
Activity: 1778
Merit: 1043
#Free market
|
|
January 08, 2015, 10:46:23 AM |
|
Nice catch quickSeller , now is all resolved or not ? except that the gaping pw reset vulnerability at gmx obviously still exists Oh that's bad , now I think no one will use gmx anymore. They are very incompetent.
|
|
|
|
Akkahacked
Newbie
Offline
Activity: 3
Merit: 0
|
|
January 08, 2015, 11:13:41 AM |
|
Thanks for the heads-up quickSeller.
My gmx account has indeed been hacked, or rather exploited, the password had been changed. With this the password of my BTCtalk account had been changed.
So gmx mail seems not to be save (i will formate my PC and change all my PWs anyway, just to be sure).
I apologize to all people that have been troubled by the hack and hope that no damage has been caused to anyone due to this.
|
|
|
|
freedomno1
Legendary
Offline
Activity: 1806
Merit: 1090
Learning the troll avoidance button :)
|
|
January 08, 2015, 12:05:13 PM |
|
Thanks for the heads-up quickSeller.
My gmx account has indeed been hacked, or rather exploited, the password had been changed. With this the password of my BTCtalk account had been changed.
So gmx mail seems not to be save (i will formate my PC and change all my PWs anyway, just to be sure).
I apologize to all people that have been troubled by the hack and hope that no damage has been caused to anyone due to this.
Just good to hear that your account is getting recovered before any real damage could be done Nice to see this getting neatly resolved.
|
Believing in Bitcoins and it's ability to change the world
|
|
|
molecular
Donator
Legendary
Offline
Activity: 2772
Merit: 1019
|
|
January 08, 2015, 12:50:32 PM Last edit: January 08, 2015, 01:20:56 PM by molecular |
|
Thanks for the heads-up quickSeller.
My gmx account has indeed been hacked, or rather exploited, the password had been changed. With this the password of my BTCtalk account had been changed.
So gmx mail seems not to be save (i will formate my PC and change all my PWs anyway, just to be sure).
I apologize to all people that have been troubled by the hack and hope that no damage has been caused to anyone due to this.
Good to see you have been reached. Hope you can sort things out and get your original account back. No need to apologize, it's not your fault. GMX is to blame. and: No damage is not correct, at least not if we talk about the gmx exploit, not just the Akka takeover. I for one spent countless hours migrating away from gmx and worrying about the next takeover. It's quite possible the attacker got some of my accounts where I used the gmx mail. He surely tried many and tried to steal coins from me. I have no doubt the 'hackers' made money off of this gmx exploit (WHICH STILL WORKS, I'm getting my pw changed every 2 days), even if it's just steam accounts. (See comments by binary32 here). Attacker tried to get my paypal, blockchain.info, bitcoin.de, bitstamp and numerous other accounts (I saw some pw reset emails, seems I interrupted his 'work'). Wouldn't be surprised if he had been successful with some of the other targets. Also, ThomasV has lost his twitter account to this gmx exploit. He also lost other accounts but luckily was able to get them back. Satoshi email hack was also likely due to the gmx exploit.
|
PGP key molecular F9B70769 fingerprint 9CDD C0D3 20F8 279F 6BE0 3F39 FC49 2362 F9B7 0769
|
|
|
molecular
Donator
Legendary
Offline
Activity: 2772
Merit: 1019
|
|
January 08, 2015, 02:12:11 PM |
|
here... someone selling a legendary bitcointalk account
|
PGP key molecular F9B70769 fingerprint 9CDD C0D3 20F8 279F 6BE0 3F39 FC49 2362 F9B7 0769
|
|
|
|
molecular
Donator
Legendary
Offline
Activity: 2772
Merit: 1019
|
|
January 08, 2015, 02:35:57 PM |
|
data matches. is spekulatius confirmed to have been taken?
|
PGP key molecular F9B70769 fingerprint 9CDD C0D3 20F8 279F 6BE0 3F39 FC49 2362 F9B7 0769
|
|
|
Quickseller (OP)
Copper Member
Legendary
Offline
Activity: 2982
Merit: 2371
|
|
January 08, 2015, 02:40:44 PM |
|
data matches. is spekulatius confirmed to have been taken? spoderman offered to sell it to me very shortly after its password was reset via email (see PM dump on page two of this thread) even though it hadn't posted in months. Someone also logged in to it yesterday but made no posts. He refused to confirm that he was able to confirm ownership which leads me to believe that he cannot do so.
|
|
|
|
redsn0w
Legendary
Offline
Activity: 1778
Merit: 1043
#Free market
|
|
January 08, 2015, 02:47:59 PM |
|
data matches. is spekulatius confirmed to have been taken? spoderman offered to sell it to me very shortly after its password was reset via email (see PM dump on page two of this thread) even though it hadn't posted in months. Someone also logged in to it yesterday but made no posts. He refused to confirm that he was able to confirm ownership which leads me to believe that he cannot do so. His last post was done the 07th of october , what do you think ? Is it an hacked account (after sold it to another person)? Or just coincidences ?
|
|
|
|
|