Pages:
Author

Topic: Akka - Default trust account no longer hacked! (Read 6483 times)

hero member
Activity: 812
Merit: 587
Space Lord
January 14, 2015, 04:22:57 PM
#97
molecular: Check them all again, and change when needed. You shouldn't be lazy in a situation like this Wink

how to find which sites I used the email-address on, though?

sift through 14270 emails (I copied to local)?

look in my head? (done that)

I hope there is a way to lock/deactivate the gmx account and keep others from registering that particular address for at least some time.


You could filter the emails, Google your email or your username.
donator
Activity: 2772
Merit: 1019
molecular: Check them all again, and change when needed. You shouldn't be lazy in a situation like this Wink

how to find which sites I used the email-address on, though?

sift through 14270 emails (I copied to local)?

look in my head? (done that)

I hope there is a way to lock/deactivate the gmx account and keep others from registering that particular address for at least some time.
hero member
Activity: 812
Merit: 587
Space Lord
molecular: Check them all again, and change when needed. You shouldn't be lazy in a situation like this Wink
donator
Activity: 2772
Merit: 1019
my gmx pw got changed again.

I think it's a different person.

he took my twitter (forgot to change email), got it back.

he requested password reset on bitstamp with IP: 198.237.119.18, but didn't log in probably because of lack 2nd factor.

he posted this on twitter:

https://twitter.com/cotta3/status/555443222793572354



I should really close the gmx account, but I'm afraid because maybe I missed to change email on some important account...
qwk
donator
Activity: 3542
Merit: 3413
Shitcoin Minimalist
What I recommend using is [username]@bitcointalk.org, since the forum does not offer email services it would not be possible to hack/create that email address (although you would be somewhat out of luck if you forgot your password)
In the (unlikely) event of successful DNS poisoning, an attacker might be able to forge an MX record for bitcointalk.org and point it at his own mail server.
It's difficult to estimate the likelihood of such an attack, but I personally would consider that more likely than an attack against a professional mail provider.
i thought GMX was a professional mail provider.

This would also prevent any kind of social engineering attack, like using your security question to reset your password.
Yes, GMX is a professional mail provider. That's why I would consider DNS poisoning against them highly unlikely.
If there's really an issue there, it's almost certainly something else.

I just wanted to point out that using [email protected] to counter password attacks against the forum is probably not such a good idea after all.
hero member
Activity: 812
Merit: 587
Space Lord
What I recommend using is [username]@bitcointalk.org, since the forum does not offer email services it would not be possible to hack/create that email address (although you would be somewhat out of luck if you forgot your password)
In the (unlikely) event of successful DNS poisoning, an attacker might be able to forge an MX record for bitcointalk.org and point it at his own mail server.
It's difficult to estimate the likelihood of such an attack, but I personally would consider that more likely than an attack against a professional mail provider.
i thought GMX was a professional mail provider.

This would also prevent any kind of social engineering attack, like using your security question to reset your password.

Epochtalk is coming soon, and there will be two-factor authentication.
It's gonna make us feel super-safe Cheesy
copper member
Activity: 2996
Merit: 2374
What I recommend using is [username]@bitcointalk.org, since the forum does not offer email services it would not be possible to hack/create that email address (although you would be somewhat out of luck if you forgot your password)
In the (unlikely) event of successful DNS poisoning, an attacker might be able to forge an MX record for bitcointalk.org and point it at his own mail server.
It's difficult to estimate the likelihood of such an attack, but I personally would consider that more likely than an attack against a professional mail provider.
i thought GMX was a professional mail provider.

This would also prevent any kind of social engineering attack, like using your security question to reset your password.
qwk
donator
Activity: 3542
Merit: 3413
Shitcoin Minimalist
What I recommend using is [username]@bitcointalk.org, since the forum does not offer email services it would not be possible to hack/create that email address (although you would be somewhat out of luck if you forgot your password)
In the (unlikely) event of successful DNS poisoning, an attacker might be able to forge an MX record for bitcointalk.org and point it at his own mail server.
It's difficult to estimate the likelihood of such an attack, but I personally would consider that more likely than an attack against a professional mail provider.
hero member
Activity: 908
Merit: 657
I banned him and removed him from my trust list.

The real Akka should email me.

Shouldn't Akka be re-added to your trust list now that he has regained access to his account? I would've assumed he has PMed you by now, but perhaps he hasn't noticed he was removed since his trust ratings still look the same on his end.

It's honestly not so important for me to be readded, beeing a trusted User it's kinda nice, but that's already it for me. But I still appear as Akka in his list. I that means I'm somehow untrusted in his list, Yes it would be nice if that could be fixed.

You should PM him, he only removed you because your account was hacked. Since you have regained access to your account and properly secured it, he should have no problems re-adding you, or at least removing you from his distrust list if that is all you care about.
legendary
Activity: 1232
Merit: 1001
I banned him and removed him from my trust list.

The real Akka should email me.

Shouldn't Akka be re-added to your trust list now that he has regained access to his account? I would've assumed he has PMed you by now, but perhaps he hasn't noticed he was removed since his trust ratings still look the same on his end.

It's honestly not so important for me to be readded, beeing a trusted User it's kinda nice, but that's already it for me. But I still appear as Akka in his list. I that means I'm somehow untrusted in his list, Yes it would be nice if that could be fixed.
hero member
Activity: 908
Merit: 657
I banned him and removed him from my trust list.

The real Akka should email me.

Shouldn't Akka be re-added to your trust list now that he has regained access to his account? I would've assumed he has PMed you by now, but perhaps he hasn't noticed he was removed since his trust ratings still look the same on his end.
copper member
Activity: 2996
Merit: 2374
That may work, however the most secure email would be one that cannot possibly exist (IDK why the forum does not allow the option of simply not having an email at all). What I recommend using is [username]@bitcointalk.org, since the forum does not offer email services it would not be possible to hack/create that email address (although you would be somewhat out of luck if you forgot your password)

Couldn't theymos or possibly BadBear create those emails and steal the accounts? Grin
If they wanted to do this they would simply reset the password to an email they control themselves. Or they could just change the password by editing the DB.
global moderator
Activity: 3990
Merit: 2717
Join the world-leading crypto sportsbook NOW!
Ok, changed it to a yahoo.de account. Hope thats secure enough Roll Eyes

Depends how secure you made it. Hope you didn't use some of the basic security questions that are easily guessable.

That may work, however the most secure email would be one that cannot possibly exist (IDK why the forum does not allow the option of simply not having an email at all). What I recommend using is [username]@bitcointalk.org, since the forum does not offer email services it would not be possible to hack/create that email address (although you would be somewhat out of luck if you forgot your password)

Couldn't theymos or possibly BadBear create those emails and steal the accounts? Grin
copper member
Activity: 2996
Merit: 2374
I figured I should post there here. Per the message I received from Spekulatius the hacker used the below email and IP address

Quote
-snip-
The attacker used the email [email protected] and the IP 73.166.140.216.
-snip-


I received the same PM , however welcome back @Spekulatius.  ( I hope you're not coming to use again  GMX or web.de). I simple gmail address with the 2FA it's the better solution and obviously secure .

Ok, changed it to a yahoo.de account. Hope thats secure enough Roll Eyes

Feels good to be back
That may work, however the most secure email would be one that cannot possibly exist (IDK why the forum does not allow the option of simply not having an email at all). What I recommend using is [username]@bitcointalk.org, since the forum does not offer email services it would not be possible to hack/create that email address (although you would be somewhat out of luck if you forgot your password)
legendary
Activity: 1022
Merit: 1000
I figured I should post there here. Per the message I received from Spekulatius the hacker used the below email and IP address

Quote
-snip-
The attacker used the email [email protected] and the IP 73.166.140.216.
-snip-


I received the same PM , however welcome back @Spekulatius.  ( I hope you're not coming to use again  GMX or web.de). I simple gmail address with the 2FA it's the better solution and obviously secure .

Ok, changed it to a yahoo.de account. Hope thats secure enough Roll Eyes

Feels good to be back
sr. member
Activity: 474
Merit: 500
(...)
I received the same PM , however welcome back @Spekulatius.  ( I hope you're not coming to use again  GMX or web.de). I simple gmail address with the 2FA it's the better solution and obviously secure .
It is better when you have your own Mailserver Wink For example with autoban (Try it out on my Server if you want, try 2 times to login - then you get banned for 1 Year: [email protected])
Best regards

It locks you out for a year after only 2 failed attempts?! How are you able to login when you are drunk?  Grin
Yes it does.
I can remove the ban manually Wink
Because i dont need to login with my password Wink
You can test it if you want - its my server, i allow it to test it.
Best regards
Christian
hero member
Activity: 882
Merit: 1006
(...)
I received the same PM , however welcome back @Spekulatius.  ( I hope you're not coming to use again  GMX or web.de). I simple gmail address with the 2FA it's the better solution and obviously secure .
It is better when you have your own Mailserver Wink For example with autoban (Try it out on my Server if you want, try 2 times to login - then you get banned for 1 Year: [email protected])
Best regards

It locks you out for a year after only 2 failed attempts?! How are you able to login when you are drunk?  Grin
sr. member
Activity: 474
Merit: 500
(...)
I received the same PM , however welcome back @Spekulatius.  ( I hope you're not coming to use again  GMX or web.de). I simple gmail address with the 2FA it's the better solution and obviously secure .
It is better when you have your own Mailserver Wink For example with autoban (Try it out on my Server if you want, try 2 times to login - then you get banned for 1 Year: [email protected])
Best regards
legendary
Activity: 1778
Merit: 1043
#Free market
I figured I should post there here. Per the message I received from Spekulatius the hacker used the below email and IP address

Quote
-snip-
The attacker used the email [email protected] and the IP 73.166.140.216.
-snip-


I received the same PM , however welcome back @Spekulatius.  ( I hope you're not coming to use again  GMX or web.de). I simple gmail address with the 2FA it's the better solution and obviously secure .
copper member
Activity: 2996
Merit: 2374
My account is with web.de, which belongs, i think, to gmx. Is it safe if I have changed my password or should I move to another provider?
I am glad that you got your account back. Theymos really should give a warning to people not to use GMX and et el email addresses for their forum accounts.



I figured I should post there here. Per the message I received from Spekulatius the hacker used the below email and IP address

Quote
-snip-
The attacker used the email [email protected] and the IP 73.166.140.216.
-snip-
Pages:
Jump to: