Bitcoin sites leaked :( - Big bitcoin members emails database - page 2.

Fahrradkette

newbie

Activity: 12

Merit: 0

Quote from: dadaas on August 18, 2014, 10:50:26 AM

I didn't notice that but you've got very good point. This definitely looks even more suspicious now when you pointed that out. But those free databases they offered in Pastebin are actually true. Probably because it is easier to hack small sites like those rather then serious sites like Bitcoin.de.

I don't know if the other databases are legit, neither do I know that the bitcoin.de-database is (not) legit.

But as far as I know: Bitcoin.de is regulated/inspected by the german Federal Financial Supervisory Authority (Bundesanstalt für Finanzdienstleistungsaufsicht(BaFin)). I do think there are many regulations about security and can't think about any way that the passwords are saved plaintext like the thread-author said.

Nuff said.

dadaas

sr. member

Activity: 490

Merit: 250

Super Smash Bros. Ultimate Available Now!

Quote from: Fahrradkette on August 18, 2014, 06:46:53 AM

Call me suspicious, but ... the same person created this post, bought the database and claiming it is legit? In a rather strange english like within the pastebin-text? (Okay, English is not my native language, but still...)

Well...I don't believe it, sorry. Sad

But hey, I think the coffee fund is a good idea!
Maybe I spend some btc on that. Grin

I didn't notice that but you've got very good point. This definitely looks even more suspicious now when you pointed that out. But those free databases they offered in Pastebin are actually true. Probably because it is easier to hack small sites like those rather then serious sites like Bitcoin.de.

Jamie_Boulder

sr. member

Activity: 378

Merit: 250

As long as you use different passwords for different forums/e-mails/accounts etc (AS YOU SHOULD) then all is well.

Fahrradkette

newbie

Activity: 12

Merit: 0

Call me suspicious, but ... the same person created this post, bought the database and claiming it is legit? In a rather strange english like within the pastebin-text? (Okay, English is not my native language, but still...)

Well...I don't believe it, sorry. Sad

But hey, I think the coffee fund is a good idea!
Maybe I spend some btc on that. Grin

bitcoin_de

member

Activity: 97

Merit: 10

Hi,

we are not so arrogant to say that we are unhackable, but here it is very likely a scam. The alleged hacker can not submit a single piece of evidence that he really has data from bitcoin.de. We have checked our system and could not detect any unauthorized access.

So if someone really wants to get rid of 10 BTC... Please donate the money to the Wikimedia Foundation https://wikimediafoundation.org/wiki/Ways_to_Give#bitcoin or to the needy coffee fund of bitcoin.de: 1Ep3PpCs76JfKMjz5vckVTckB3JkSQEjAi

Best regards,
Oliver
CEO Bitcoin.de

unexecuted

member

Activity: 175

Merit: 10

Quote from: TheTruth4 on August 18, 2014, 04:04:52 AM

What do you mean? This looks like a legit pastebin. What is going on with this post?

It is impossible to prove whether that post is legitimate, unless the bitcoin.de owners admit to the leak.
http://www.reddit.com/domain/pastebin.com/search?q=email&restrict_sr=on&sort=relevance&t=all

TheTruth4

member

Activity: 108

Merit: 10

What do you mean? This looks like a legit pastebin. What is going on with this post?

annoyingorange

member

Activity: 72

Merit: 10

Fake pastebin posts like this are common, but you really should use a password manager like keepass or 1password and generate unique random passwords for every website login.
You can make them easy to read/type such as "phi8lugh7ku9re" or near impossible to brute force like "uBw=wr,9i[RrdX"
Always have 2fa enabled for your email / dropbox / etc and if in doubt change your password.

dadaas

sr. member

Activity: 490

Merit: 250

Super Smash Bros. Ultimate Available Now!

Quote from: Aurum on August 15, 2014, 06:51:02 AM

Yes, them use md5, the auroracoin forum use the traditional forum salt that is more hard to decrypt.

but with a good pay decoder with trillion hashes decode it no can be hard.

examples (hashes get from freecoinworld):
30fca77cebf16fe3c5b5b4db4371dee4 - cinta3segi
842df9fecdc99ad5aea6deb7ab117ae0 - me4ta12345

One question, how does anybody crack those codes? Isn't it right that it takes long time to bruteforce those codes? Isn't that the whole point of hashing passwords, to make them practically uncrackable?

jbreher

legendary

Activity: 3024

Merit: 1640

lose: unfind ... loose: untight

Quote from: Aurum on August 17, 2014, 05:32:58 PM

Quote from: jbreher on August 17, 2014, 05:24:32 PM

Quote from: Aurum on August 17, 2014, 03:14:45 PM

i contact him by email and brought the 3 database... one user use the same password in email, i open the email and i see the blockchain wallet the same password, for my surprise booommmmmmm 33.78 btc in him wallet, that the btc is in my wallet now

.

It may be that I misunderstand your poor English, but I doubt it. The way this looks, you're a fucking lowlife thief.

sure i dont american, sure i dont forced know english, but iam profit. looooooool.

with your skillls in english, you have money? good to you!

bulshit people have to fucked, my teory.

Karma has a way of catching up...

Cortex7

full member

Activity: 238

Merit: 106

Quote from: Razick on August 17, 2014, 07:05:56 PM

Quote from: Cortex7 on August 17, 2014, 03:27:41 PM

Quote from: bitsmichel on August 14, 2014, 08:40:18 PM

...in most cases today passwords are not hashed in the database...

Unbelievable and lame.

No excuse for a crypto currency site!

It's so easy to add this to the PHP:

Code:

$sPassHash = hash( "sha1", $sPassword );

It's not that easy if you want to do it right. Straight sha is too fast so you should use many iterations or sha2 or whirlpool.

Thanks for the heads up!

This stack exchange comment seems pretty thourough:
http://security.stackexchange.com/questions/211/how-to-securely-hash-passwords/31846#31846

Razick

legendary

Activity: 1330

Merit: 1003

Quote from: Cortex7 on August 17, 2014, 03:27:41 PM

Quote from: bitsmichel on August 14, 2014, 08:40:18 PM

...in most cases today passwords are not hashed in the database...

Unbelievable and lame.

No excuse for a crypto currency site!

It's so easy to add this to the PHP:

Code:

$sPassHash = hash( "sha1", $sPassword );

It's not that easy if you want to do it right. Straight sha is too fast so you should use many iterations or sha2 or whirlpool.

wzb422

newbie

Activity: 57

Merit: 0

They might have got their hands on the 3 crap sites

Aurum

sr. member

Activity: 453

Merit: 250

dfgfdgfdg

If you are hacked for your fall, use paypal them can return your money, i use bitcoin and have more than 100k on them, hack it, i doubt!

Aurum

sr. member

Activity: 453

Merit: 250

dfgfdgfdg

Quote from: jbreher on August 17, 2014, 05:24:32 PM

Quote from: Aurum on August 17, 2014, 03:14:45 PM

i contact him by email and brought the 3 database... one user use the same password in email, i open the email and i see the blockchain wallet the same password, for my surprise booommmmmmm 33.78 btc in him wallet, that the btc is in my wallet now

.

It may be that I misunderstand your poor English, but I doubt it. The way this looks, you're a fucking lowlife thief.

sure i dont american, sure i dont forced know english, but iam profit. looooooool.

with your skillls in english, you have money? good to you!

bulshit people have to fucked, my teory.

jbreher

legendary

Activity: 3024

Merit: 1640

lose: unfind ... loose: untight

Quote from: Aurum on August 17, 2014, 03:14:45 PM

i contact him by email and brought the 3 database... one user use the same password in email, i open the email and i see the blockchain wallet the same password, for my surprise booommmmmmm 33.78 btc in him wallet, that the btc is in my wallet now

.

It may be that I misunderstand your poor English, but I doubt it. The way this looks, you're a fucking lowlife thief.

Kieran Bass

newbie

Activity: 17

Merit: 0

So bad for a crypto site(s) to have their site hacked like this.

Aurum

sr. member

Activity: 453

Merit: 250

dfgfdgfdg

Quote from: Cortex7 on August 17, 2014, 03:27:41 PM

Quote from: bitsmichel on August 14, 2014, 08:40:18 PM

...in most cases today passwords are not hashed in the database...

Unbelievable and lame.

No excuse for a crypto currency site!

It's so easy to add this to the PHP:

Code:

$sPassHash = hash( "sha1", $sPassword );

yeah its add more hard, but dont impossible.One tip, in one database the password is clean pure text Cheesy

Cortex7

full member

Activity: 238

Merit: 106

Quote from: bitsmichel on August 14, 2014, 08:40:18 PM

...in most cases today passwords are not hashed in the database...

Unbelievable and lame.

No excuse for a crypto currency site!

It's so easy to add this to the PHP:

Code:

$sPassHash = hash( "sha1", $sPassword );

Aurum

sr. member

Activity: 453

Merit: 250

dfgfdgfdg

Sure i dont know because him is selling the db by 10 btc if him can get more than 500 btc hacking the users, These hackers are insane. him talk me him apollogy dont are hack users. Him dont want innocent members money, and him orgasm is hack sites. For me is the best hacker until now.

Topic: Bitcoin sites leaked :( - Big bitcoin members emails database - page 2. (Read 8159 times)