My email address has been available for years via MtGox, lol.
re: changing PW, I haven't changed some passwords in years... but then I use different password for every location
aha,
17030,Darkhosis,[email protected],$1$TYhI6vSw$9e15nmZd0xlCrVAwR8aqj1
Topic: Bitcoin sites leaked :( - Big bitcoin members emails database - page 4. (Read 8207 times)
As of now it seems that this is just scam in the case of bitcoin.de. This is not the first attempt of this kind. The person trying to make money out of this wasn't able to provide any proof that this data is indeed what he claims it is.
Best regards
Oliver
Best regards
Oliver
This is good to know, it would be good to hear from the other sites, though I suspect this is a hoax/scam. As others have noted freebitco.in has a lot of users, but I'm not sure what the value of the passwords would be since they are tied to btc addresses not anything useful.
Screw passwords, why can't we use our keys to log in yet?
Soooo is it a legit hack, or someone trying to spread virus using a false hack cleam?
I don't open archives like that. In fact I don't even visited the addres cause the pastebin site is a bitch and keeps giving me unsolvable captchas.
I don't open archives like that. In fact I don't even visited the addres cause the pastebin site is a bitch and keeps giving me unsolvable captchas.
unhappy its legit
Soooo is it a legit hack, or someone trying to spread virus using a false hack cleam?
I don't open archives like that. In fact I don't even visited the addres cause the pastebin site is a bitch and keeps giving me unsolvable captchas.
I don't open archives like that. In fact I don't even visited the addres cause the pastebin site is a bitch and keeps giving me unsolvable captchas.
guys get your head out of the sand..
simple solution is to change your password regularly and then it wont matter if someone has your md5 hash. if you are worried about it more because you use the same email and password for all sites. CHANGE THEM ALL
even to me its more likely that "aurum" owns the aururacoin forum and give away sites and and has dumped his databases as the free 'tempter' to try getting people to hand him funds.
so just change your passwords regularly and dont use the same password on every site, as standard security procedure. and move on with your lives
simple solution is to change your password regularly and then it wont matter if someone has your md5 hash. if you are worried about it more because you use the same email and password for all sites. CHANGE THEM ALL
even to me its more likely that "aurum" owns the aururacoin forum and give away sites and and has dumped his databases as the free 'tempter' to try getting people to hand him funds.
so just change your passwords regularly and dont use the same password on every site, as standard security procedure. and move on with your lives
Lol you are crazy? the auroracoin owner is there: https://bitcointalksearch.org/topic/annaur-auroracoin-a-cryptocurrency-for-iceland-446062 in the hacker database its show the admin email as [email protected] the same username of this post, so you can know i am dont the owner.
http://pastebin.com/KaWsDgdq
Bitcoin.de are on him pack. That sucks.
Are we need to always make new password?
Bitcoin.de are on him pack. That sucks.
Are we need to always make new password?
Yes, because in most cases today passwords are not hashed in the database. Companies do not take security seriously - that's why hacking pays off.
I agree, there is no excuse for not hashing passwords. It's really easy to do.
Here's some free PHP code for anyone who wants to hash passwords. This is not the best way to do it in the newer versions of PHP but I'm stuck with 5.4.
Code:
/*
* Copyright 2014 Jayson Strickland.
* The right to use, modify and distribute this code is hereby granted provided this notice is left in tact.
* You may not claim authorship, but aside from this notice, no attribution is required if this code is used
* as part of a larger program.
*/
class Hash
{
function hash_password($password, $cost, $salt = null)
{
// define result array
$result = array();
if ($salt == null)
{
// generate a new salt
$result['salt'] = substr(hash('sha256', uniqid('', true) . mt_rand(0, mt_getrandmax())), 0, 32);
$salt = $result['salt'];
}
// create an initial hash
$result['hash'] = hash('whirlpool', $salt . $password);
// apply Whirlpool for 1/2 of specified rounds
for ($i = 0; $i <= ($cost / 2) - 1; $i++)
{
$result['hash'] = hash('whirlpool', $salt . $result['hash']);
}
// apply sha-256 for 1/2 of specified rounds
for ($i = 0; $i <= $cost / 2; $i++)
{
$result['hash'] = hash('sha512', $salt . $result['hash']);
}
// return an array containing the salt and final hash
return $result;
}
}
It's one of the basic rule for all the newcomers out there, "CHANGE THE PASSWORD REGULARLY"
I tried to change ALL my passwords at once. It took about 2 weeks.
How many account do you have then? This way it looks like you have over 20k accounts
Not that many, about a hundred.
Well anyway it took you quite a time to change every password. I thought you had even more accounts when you did that for 2 weeks
It's one of the basic rule for all the newcomers out there, "CHANGE THE PASSWORD REGULARLY"
I tried to change ALL my passwords at once. It took about 2 weeks.
How many account do you have then? This way it looks like you have over 20k accounts
Not that many, about a hundred.
Well anyway it took you quite a time to change every password. I thought you had even more accounts when you did that for 2 weeks
It's one of the basic rule for all the newcomers out there, "CHANGE THE PASSWORD REGULARLY"
I tried to change ALL my passwords at once. It took about 2 weeks.
How many account do you have then? This way it looks like you have over 20k accounts
Not that many, about a hundred.
It's one of the basic rule for all the newcomers out there, "CHANGE THE PASSWORD REGULARLY"
I tried to change ALL my passwords at once. It took about 2 weeks.
How many account do you have then? This way it looks like you have over 20k accounts
Not that many, about a hundred.
They might have got their hands on the 3 crap sites, but nearly no way they got access to bitcoin.de (i think)
and also there were no news about a bitcoin.de hack. maybe just scam.
It's one of the basic rule for all the newcomers out there, "CHANGE THE PASSWORD REGULARLY"
I tried to change ALL my passwords at once. It took about 2 weeks.
How many account do you have then? This way it looks like you have over 20k accounts
It's one of the basic rule for all the newcomers out there, "CHANGE THE PASSWORD REGULARLY"
I tried to change ALL my passwords at once. It took about 2 weeks.
As of now it seems that this is just scam in the case of bitcoin.de. This is not the first attempt of this kind. The person trying to make money out of this wasn't able to provide any proof that this data is indeed what he claims it is.
Best regards
Oliver
Best regards
Oliver
This is good to know, it would be good to hear from the other sites, though I suspect this is a hoax/scam. As others have noted freebitco.in has a lot of users, but I'm not sure what the value of the passwords would be since they are tied to btc addresses not anything useful.
As of now it seems that this is just scam in the case of bitcoin.de. This is not the first attempt of this kind. The person trying to make money out of this wasn't able to provide any proof that this data is indeed what he claims it is.
Best regards
Oliver
Best regards
Oliver
This is good to know, it would be good to hear from the other sites, though I suspect this is a hoax/scam. As others have noted freebitco.in has a lot of users, but I'm not sure what the value of the passwords would be since they are tied to btc addresses not anything useful.
http://pastebin.com/KaWsDgdq
Bitcoin.de are on him pack. That sucks.
Are we need to always make new password?
Bitcoin.de are on him pack. That sucks.
Are we need to always make new password?
Yes, we are, with that information
Thanks for the news. I think it is good for this to happen so people are aware that they need to take the extra steps to be safe. Big ups to all of those who are more technologically inclined taking the time to warn others. 
guys get your head out of the sand..
simple solution is to change your password regularly and then it wont matter if someone has your md5 hash. if you are worried about it more because you use the same email and password for all sites. CHANGE THEM ALL
even to me its more likely that "aurum" owns the aururacoin forum and give away sites and and has dumped his databases as the free 'tempter' to try getting people to hand him funds.
so just change your passwords regularly and dont use the same password on every site, as standard security procedure. and move on with your lives
simple solution is to change your password regularly and then it wont matter if someone has your md5 hash. if you are worried about it more because you use the same email and password for all sites. CHANGE THEM ALL
even to me its more likely that "aurum" owns the aururacoin forum and give away sites and and has dumped his databases as the free 'tempter' to try getting people to hand him funds.
so just change your passwords regularly and dont use the same password on every site, as standard security procedure. and move on with your lives
As of now it seems that this is just scam in the case of bitcoin.de. This is not the first attempt of this kind. The person trying to make money out of this wasn't able to provide any proof that this data is indeed what he claims it is.
Best regards
Oliver
Best regards
Oliver
Jump to: