I guess the password changes which were done yesterday (when the forum cane online for a few hours) were reverted back, cause I changed my password yesterday but I had to use my previous password to login today. Idk why was it done.
Also, is it just me or the forum looks plain to everyone? Like I am not able to identify what has changed by the layout looks a bit flat.
Topic: About the recent server compromise - page 10. (Read 15385 times)
Unfortunatly this seems to be a reoccuring issue. Again, good job in minimising the damage done. Keep us up to date on the situation regarding how they obtained the information needed to gain access.
It is possible the attacker is selling the stolen email address database to spammers to make quick bucks.
ahh, I really don't wanna start any drama. maybe it was just spam in "wrong time" and it is not related at all. just reporting..
This doesn't look like the average email spam hack to me.
Glad that it's back, but as previously said it's fairly unacceptable that a forum with such a security aura can still be compromised by attackers.
When will the new forum be happening? It's been in speculation for at least a year, if not longer now. It cannot take this long to code a forum software.
When will the new forum be happening? It's been in speculation for at least a year, if not longer now. It cannot take this long to code a forum software.
Yeah, DDOS you out of digital existence.
Do you think that they would bother? Surely to take down as many people as it would be worth here it would take more resources than what the attacker could get back. 
uhh already received spam also + many unsuccessful attempts to mail login:(
anyway, thanks for bring the forum up.
anyway, thanks for bring the forum up.
What spam did you get? Has anyone else had attempts to compromise their email?
something like "buy iphone with btc" or "some viagra with btc" and similar..
I dunno, if it is related, but I had this acc for years and I never received similar mails until yesterday. coming from some non-sense yahoo addresses.
It is possible the attacker is selling the stolen email address database to spammers to make quick bucks.
Not very much worth it if the reason of the attacker is just to get emails list, it must be sonething else and it might be the attacker is looking for private datas
It is possible the attacker is selling the stolen email address database to spammers to make quick bucks.
ahh, I really don't wanna start any drama. maybe it was just spam in "wrong time" and it is not related at all. just reporting..
Thanks for the info theymos, i'll have a crack at tracking his email and ip although im sure the email is fake and he used a proxy
Can they do anything with our IP addresses?
Yeah, DDOS you out of digital existence. Which is why I don't think the forum should have added a "Skype username" box on people's profiles. Its just asking for revenge DDOSing.
uhh already received spam also + many unsuccessful attempts to mail login:(
anyway, thanks for bring the forum up.
anyway, thanks for bring the forum up.
What spam did you get? Has anyone else had attempts to compromise their email?
something like "buy iphone with btc" or "some viagra with btc" and similar..
I dunno, if it is related, but I had this acc for years and I never received similar mails until yesterday. coming from some non-sense yahoo addresses.
It is possible the attacker is selling the stolen email address database to spammers to make quick bucks.
Can they do anything with our IP addresses?
ahh depends if you had public one (unique, reachable from outside) or some NAT IP which is covering subnets of ISP..
uhh already received spam also + many unsuccessful attempts to mail login:(
anyway, thanks for bring the forum up.
anyway, thanks for bring the forum up.
What spam did you get? Has anyone else had attempts to compromise their email?
something like "buy iphone with btc" or "some viagra with btc" and similar..
I dunno, if it is related, but I had this acc for years and I never received similar mails until yesterday. coming from some non-sense yahoo addresses.
Interesting compromise. I am amazed this can still happen. Good luck to anyone looking for the attacker(s).
Have you not changed the email you linked to this site mate? I have & I've deleted the other account.
wtf you are talking about? mail addresses are already leaked, so even you will change the mail here, you will get spam..
There wasn't much else on there any way but I'd rather be safe than sorry.
Can they do anything with our IP addresses?
i have changed my password to make sure my account is safe. this shows that you must never use a password in more than 1 place.
uhh already received spam also + many unsuccessful attempts to mail login:(
anyway, thanks for bring the forum up.
anyway, thanks for bring the forum up.
What spam did you get? Has anyone else had attempts to compromise their email?
NO I Have Not received any Spam from this. Fortunately, I signed up with a unique cloaked email address so If I got one it would show (Cloaked in my in-box)
Thanks theymos for the hardwork. I changed my password but not my email ID as I'm not sure if I should do it as the pwd used on this forum wasn't used anywhere else fortunately. I've not received any phishing email except this one yesterday:
You are receiving this message because your email address is associated
with an account on bitcointalk.org.
-----BEGIN PGP SIGNATURE-----
iF4EAREIAAYFAlVhiGI..........................
I hope the above message is genuine.
You are receiving this message because your email address is associated
with an account on bitcointalk.org.
-----BEGIN PGP SIGNATURE-----
iF4EAREIAAYFAlVhiGI..........................
I hope the above message is genuine.
It is.
Signed on 2015-05-24 04:14 by [email protected] (Key ID: 0xDAB591E7).
The signature is valid and the certificate's validity is fully trusted.
What is theymos's GPG key? Is it published somewhere official? I received the signed email but I can't find a verified source with the key.
All PGP keys are hosted on public keyservers. They're also hosted on the forum's servers, though you shouldn't rely on that solely. https://bitcointalk.org/theymos.asc, https://bitcointalk.org/BadBear.asc
https://pgp.mit.edu/pks/lookup?search=theymos&op=index
For the record.
Code:
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
Confirming Badbear is Badbear, and not Goodbear or other variations of bears.
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v2
iQEcBAEBAgAGBQJVY0O5AAoJEKAjO3S1eXxPH40H/jvkkJhKUVxKB6a1whLFE08p
jIJi3qw1WkZPFkM9QWwNXNq+8p8bZxiC+0mIskITUiZBwLqgHgyogFf5FjWNnhSy
lhhmLLh6L+LxXtXg+6kITn2nEPiP+wiZRXkRWwzqRd5mh8c3I1hMMfnYa9DarQG3
hC+TjJXwHKvdYXL5FjcGv4HXGX0QMhXUzwodF05SWXJmH6v8uG3vn6QFej4XRVPd
kWWHh61GlzUAZix0EOxd/cvElgJW6Y8sWl/gH5qBnqhnHDTVnS4/cnQVLjgScyGF
QXVoLZG71Mjkgq+PFX8GRqatKIt/vzMvhBYz7DKKDM8NNzbLRRVexlb2MnpeTx8=
=QK2I
-----END PGP SIGNATURE-----
global moderator
Activity: 4018
Merit: 2728
Join the world-leading crypto sportsbook NOW!
uhh already received spam also + many unsuccessful attempts to mail login:(
anyway, thanks for bring the forum up.
anyway, thanks for bring the forum up.
What spam did you get? Has anyone else had attempts to compromise their email?
Have you not changed the email you linked to this site mate? I have & I've deleted the other account.
wtf you are talking about? mail addresses are already leaked, so even you will change the mail here, you will get spam..
Received my first spam email last night. 
Have you not changed the email you linked to this site mate?I have & I've deleted the other account.
Never use an email that you have banking details, card details etc in.
theymos, thank you for you hard work. Let's hope we will not have to deal this in the future.
until the new forum is set(one can think that the forum will have some instrument against those kind of attack, maybe a better privacy, better ISP, that don't leak your root credentials...), i do think it will happen again, this isn't the first time after all
Jump to: