It just because of leaked happens the forum database May 2011 was hacked and that's the reason why those account are being activated again i recommend to everyone that those account who created 2011 or below are change your password immediately before its to late its better to become a secured now than late.
The leaked forum database is significantly newer than May 2011 (IIRC it was some time in 2015), it has simply only recently been released to the public. If you haven't already since that time, and you still have access to your account, I would highly suggest that you change your password to something secure that is not used on any other website if nothing else. 
Topic: Ancient Bitcoin Talk accounts logging in (Read 2312 times)
Feels spooky. Ancient Bitcointalk accounts are starting to log in. Do you think this is connected to a forum breach?
Here's some samples:
Logged in recently, but no new posts
https://bitcointalksearch.org/user/madhatter-11
https://bitcointalksearch.org/user/smoketoomuch-13
https://bitcointalksearch.org/user/rix-27
https://bitcointalksearch.org/user/livingsoulnation-32
https://bitcointalksearch.org/user/bluesky-34
https://bitcointalksearch.org/user/cdecker-49
Logged in recently and posted something
https://bitcointalksearch.org/user/nandnor-6
Here's some samples:
Logged in recently, but no new posts
https://bitcointalksearch.org/user/madhatter-11
https://bitcointalksearch.org/user/smoketoomuch-13
https://bitcointalksearch.org/user/rix-27
https://bitcointalksearch.org/user/livingsoulnation-32
https://bitcointalksearch.org/user/bluesky-34
https://bitcointalksearch.org/user/cdecker-49
Logged in recently and posted something
https://bitcointalksearch.org/user/nandnor-6
I'm sure theymos could check the IPs of the recent activities. I'd say that this is an easy case to solve for an admin.
Do you think this is connected to a forum breach?
A few days ago, someone tried to use the data from the forum breach to try extract money from me. The guy was particularly unintelligent and made some pretty cringe-worthy mistakes, which probably means the data from the forum breach has just reached a wide circulation. (I'm guessing)
http://security.stackexchange.com/q/96121/70515
tl;dr Only the gullible reads the message. They're the kind of people that the scammers would try to exploit. This effectively creates a sort of low-pass filter.
How about an email verification system for those who are logging back after a long time? This might not help for those who lost their email account but still it can stop this problem to some extent I guess.
It just because of leaked happens the forum database May 2011 was hacked and that's the reason why those account are being activated again i recommend to everyone that those account who created 2011 or below are change your password immediately before its to late its better to become a secured now than late. And i visited Auction thread before and saw lots of old account are requesting for loans.
Do you think this is connected to a forum breach?
A few days ago, someone tried to use the data from the forum breach to try extract money from me. The guy was particularly unintelligent and made some pretty cringe-worthy mistakes, which probably means the data from the forum breach has just reached a wide circulation. (I'm guessing)
The forum breach/leak that everyone is talking about happened a year ago so why suddenly everyone is talking about it and since then we were asked to change our passwords so everything should be okay (unless those users never changed their passwords)
Looking at the UID of the users and their current ranks , I'd say they were inactive for long long time , they probably left the forums .
Looking at the UID of the users and their current ranks , I'd say they were inactive for long long time , they probably left the forums .
Yes. It happened a year ago but the database was sold only recently if I read the news right. Maybe the buyer have found out how to crack those passwords. I know Theymos encrypted them well but decryption solutions can be found if the person doing it is motivated enough. That is why we are getting new updates in encryption software because they are solved and decrypted sooner or later.
Hacked? Sold to users by the hackers? Or sold by the original owners?
Thoses old accounts are valuable and shouldn't imo been sold... Ofc since there is a rule about it, let's see the admins reaction
How much is worth old account with 5 post on it even if it is 6 years old? Does it really that valuable?Thoses old accounts are valuable and shouldn't imo been sold... Ofc since there is a rule about it, let's see the admins reaction
it is.. many people would like to have in possession a very old account with 2 digits ID, in the other hand here is an example of what could be done with an old account with a high rank
stincks too much...
I saw in digital good section lots of users selling old accounts with low UID number.. I think these accounts are probably hacked and now being sold... so all those people who selling these accounts are may be hackers or have some connections to hackers.
You know thr trouble has been done, and the only thing we can do is stop them from FUD or SPAM. you some also do SCAM and that is then different than SPAM obviously
Hacked? Sold to users by the hackers? Or sold by the original owners?
Thoses old accounts are valuable and shouldn't imo been sold... Ofc since there is a rule about it, let's see the admins reaction
How much is worth old account with 5 post on it even if it is 6 years old? Does it really that valuable? Thoses old accounts are valuable and shouldn't imo been sold... Ofc since there is a rule about it, let's see the admins reaction
Hacked? Sold to users by the hackers? Or sold by the original owners?
Thoses old accounts are valuable and shouldn't imo been sold... Ofc since there is a rule about it, let's see the admins reaction
I doubt if they were hacked.I think someone created them and left for account farming but didn't get time to make posts.Is there any sign of recent password changes in their activity log?I am approached by one member who claims to have lots of newbies account created in 2013Thoses old accounts are valuable and shouldn't imo been sold... Ofc since there is a rule about it, let's see the admins reaction
Talk about being created only a few days after Satoshi founded the forum.
Hacked? Sold to users by the hackers? Or sold by the original owners?
Thoses old accounts are valuable and shouldn't imo been sold... Ofc since there is a rule about it, let's see the admins reaction
I doubt if they were hacked.I think someone created them and left for account farming but didn't get time to make posts.Is there any sign of recent password changes in their activity log?I am approached by one member who claims to have lots of newbies account created in 2013 Thoses old accounts are valuable and shouldn't imo been sold... Ofc since there is a rule about it, let's see the admins reaction
Feels spooky. Ancient Bitcointalk accounts are starting to log in. Do you think this is connected to a forum breach?
There's nothing spooky about it. If their passwords have not been changed since the data breach in 2015, then there's always a chance that they will get compromised.I thought https://bitcointa.lk/ was the new forum. What's that supposed to be?
No, that website has nothing to do with BTCT except that it stole all of the data created by its users. If you log in there, there's a decent chance that your account will be compromised.maybe its just admins ? 
No. maybe its just admins ?
Nah, I don't think admins would use other people's account. That would be unethical. 
maybe its just admins ?
i don't think negative. i only think that account want to be actively again than before and want to make contribution for this forum and want to comeback. i don't know if that account was bought from someone.
I thought https://bitcointa.lk/ was the new forum. What's that supposed to be?
Someone else made it. It's apparently not moderated so you can find deleted posts there.
There's more info here > https://bitcointalksearch.org/topic/bitcointalk-the-bitcointalk-community-with-a-2014-forum-software-515932
Change your passwords, that is the best thing you can do. Personally I would love to see some additional security features such as 2fa implemented somehow. There should be enough funds for forum development to introduce this right?
I think that 2fa will be implemented in the new forum, but I can't be too sure on that. Anyways, this is most definitely in connection to the data breach, does this warrant a negative trust from DT members seeing as those account are hacked?New forum software, Epochtalk.
I thought https://bitcointa.lk/ was the new forum. What's that supposed to be?
Change your passwords, that is the best thing you can do. Personally I would love to see some additional security features such as 2fa implemented somehow. There should be enough funds for forum development to introduce this right?
I think that 2fa will be implemented in the new forum, but I can't be too sure on that. Anyways, this is most definitely in connection to the data breach, does this warrant a negative trust from DT members seeing as those account are hacked?New forum software, Epochtalk.
Change your passwords, that is the best thing you can do. Personally I would love to see some additional security features such as 2fa implemented somehow. There should be enough funds for forum development to introduce this right?
I think that 2fa will be implemented in the new forum, but I can't be too sure on that. Anyways, this is most definitely in connection to the data breach, does this warrant a negative trust from DT members seeing as those account are hacked?Change your passwords, that is the best thing you can do. Personally I would love to see some additional security features such as 2fa implemented somehow. There should be enough funds for forum development to introduce this right?
I think that 2fa will be implemented in the new forum, but I can't be too sure on that. Anyways, this is most definitely in connection to the data breach, does this warrant a negative trust from DT members seeing as those account are hacked?
The accounts could have been sold off, since the original users are now inactive on the forum. If there was a security breach as suspected, newer accounts will also be hacked and their owners will be crying foul on "Meta" right now.
So my question is:
When will we see Satoshi's account being used soon?
It will have a lot pm's in the inbox and possibly the private keys.
Then that person who has possession of that account would of hit the jackpot and we might start to see a mass of coins moving from that wallet.
The markets will reflect that. Whether it be a good thing or a bad thing we just have to wait and see.
When will we see Satoshi's account being used soon?
It will have a lot pm's in the inbox and possibly the private keys.
Then that person who has possession of that account would of hit the jackpot and we might start to see a mass of coins moving from that wallet.
The markets will reflect that. Whether it be a good thing or a bad thing we just have to wait and see.
It won't get used anytime soon since the account itself was locked by the admin. They need to positively identify themselves, using a PGP-signed message or any other mean, to claim the account.
And no, I don't think anyone with a working brain would store private keys in a forum inbox.
Were password hashes at the time salted?
The new password hashing scheme was implemented in July 2012. Accounts that never logged in after then still have the old hashes, which are IIRC one round of SHA-1, salted with the username. Strong passwords could survive, but it's certainly much easier to crack the old hashes than the new hashes.
When will we see Satoshi's account being used soon?
You won't, since I locked his account long ago. The password hashes leaked in 2015 aren't even his original hashes.
So my question is:
When will we see Satoshi's account being used soon?
It will have a lot pm's in the inbox and possibly the private keys.
Then that person who has possession of that account would of hit the jackpot and we might start to see a mass of coins moving from that wallet.
The markets will reflect that. Whether it be a good thing or a bad thing we just have to wait and see.
When will we see Satoshi's account being used soon?
It will have a lot pm's in the inbox and possibly the private keys.
Then that person who has possession of that account would of hit the jackpot and we might start to see a mass of coins moving from that wallet.
The markets will reflect that. Whether it be a good thing or a bad thing we just have to wait and see.
The forum breach/leak that everyone is talking about happened a year ago so why suddenly everyone is talking about it and since then we were asked to change our passwords so everything should be okay (unless those users never changed their passwords)
Looking at the UID of the users and their current ranks , I'd say they were inactive for long long time , they probably left the forums .
Were password hashes at the time salted?Looking at the UID of the users and their current ranks , I'd say they were inactive for long long time , they probably left the forums .
Apparently so. theymos posted about it here.
The forum breach/leak that everyone is talking about happened a year ago so why suddenly everyone is talking about it and since then we were asked to change our passwords so everything should be okay (unless those users never changed their passwords)
Looking at the UID of the users and their current ranks , I'd say they were inactive for long long time , they probably left the forums .
Were password hashes at the time salted? Looking at the UID of the users and their current ranks , I'd say they were inactive for long long time , they probably left the forums .
I'm starting to think nothing can be done about them. There's simply not enough evidence to prove that they're hacked and get tagged. I guess it shouldn't hurt too much unless they start scamming people. It's a shame that there are some DT users on that bunch though (but again, not enough proof).
You can politely ask the person(s) that added them to DT to require proof of ID or they will be removed.. With private keys often sold with accounts, it could be a problem but still worth the effort to inquire.
I'm starting to think nothing can be done about them because there's simply not enough evidence to prove that they're hacked and get tagged. I guess it shouldn't hurt too much unless they start scamming people. It's a shame that there are some DT users on that bunch though (but again, not enough proof).
Most of those accounts haven't been very active since the accounts were created. It is more than likely that their passwords were not changed since they created it and if it was a weak password, it would easily be extracted with a rainbow table.
Change your passwords, that is the best thing you can do. Personally I would love to see some additional security features such as 2fa implemented somehow. There should be enough funds for forum development to introduce this right?
Change your passwords, that is the best thing you can do. Personally I would love to see some additional security features such as 2fa implemented somehow. There should be enough funds for forum development to introduce this right?
This just doesn't seems right. Obviously hacked/bought accounts 
Hacked? Sold to users by the hackers? Or sold by the original owners?
Thoses old accounts are valuable and shouldn't imo been sold... Ofc since there is a rule about it, let's see the admins reaction
Thoses old accounts are valuable and shouldn't imo been sold... Ofc since there is a rule about it, let's see the admins reaction
Unfortunately, one can not deny a given phenomenon.
How to struggle with this?
How to struggle with this?
These accounts should be frozen or completely disabled in order to prevent people from selling these accounts and maybe even using them for scamming purposes.
Otherwise we'll see much more of these low ID number accounts come to life and get sold. Nothing will be lost when these accounts get disabled or even completely removed.
Otherwise we'll see much more of these low ID number accounts come to life and get sold. Nothing will be lost when these accounts get disabled or even completely removed.
well one owner of those opened a thread here:
https://bitcointalksearch.org/topic/collectors-account-oldest-regular-account-feedback-adjustment-1609612
he basically explains that he bought the account as a collectors item. i guess it would be hard to find out if this is true and also if the account was hacked before or not, but this should not matter. since selling account is allowed and you should always be careful when you deal with other users here.
https://bitcointalksearch.org/topic/collectors-account-oldest-regular-account-feedback-adjustment-1609612
he basically explains that he bought the account as a collectors item. i guess it would be hard to find out if this is true and also if the account was hacked before or not, but this should not matter. since selling account is allowed and you should always be careful when you deal with other users here.
The forum breach/leak that everyone is talking about happened a year ago so why suddenly everyone is talking about it and since then we were asked to change our passwords so everything should be okay (unless those users never changed their passwords)
Looking at the UID of the users and their current ranks , I'd say they were inactive for long long time , they probably left the forums .
Looking at the UID of the users and their current ranks , I'd say they were inactive for long long time , they probably left the forums .
I could say with 100% certainty that it is related to recent leaks it's just too obvious.
One thing we can do is to track them and tag them so everyone know who are they.
One thing we can do is to track them and tag them so everyone know who are they.
Feels spooky. Ancient Bitcointalk accounts are starting to log in. Do you think this is connected to a forum breach?
Here's some samples:
Logged in recently, but no new posts
https://bitcointalksearch.org/user/madhatter-11
https://bitcointalksearch.org/user/smoketoomuch-13
https://bitcointalksearch.org/user/rix-27
https://bitcointalksearch.org/user/livingsoulnation-32
https://bitcointalksearch.org/user/bluesky-34
https://bitcointalksearch.org/user/cdecker-49
Logged in recently and posted something
https://bitcointalksearch.org/user/nandnor-6
Here's some samples:
Logged in recently, but no new posts
https://bitcointalksearch.org/user/madhatter-11
https://bitcointalksearch.org/user/smoketoomuch-13
https://bitcointalksearch.org/user/rix-27
https://bitcointalksearch.org/user/livingsoulnation-32
https://bitcointalksearch.org/user/bluesky-34
https://bitcointalksearch.org/user/cdecker-49
Logged in recently and posted something
https://bitcointalksearch.org/user/nandnor-6
Jump to: