Topic: Community Thread - How BitcoinTalk Accounts Are Hacked? (Read 243 times)

Fantastic, thank you.

Just to help and post the reference "TryNinja" was looking for (in case he/she had difficulty in finding it):

I had the same thread some weeks ago:
https://bitcointalksearch.org/topic/m.41322921

You realize a number of eye balls are looking at you now?(!) 

I can not wait to see the outcome. More or less all of us actually worried about the account security and the time it takes to recover.

Users are not just nicknames in the computer world. They "consist" at least of:
 - themselves (the real persons who sleep, eat etc);
 - their devices (PCs, phones, laptops, tablets, smart TVs smart toasters etc);
 - ways to connect their devices to bitcointalk.org server or any-other-Internet-server (routers, WiFis, DNS etc);
 - public Internet-services related to themselves and bitcointalk.org or any-other-Internet-service.

And almost any of these can be vulnerable.

Themselves. Root of evil in most cases. Here we've got:
 - weak passwords (only lazybones didn't mention the weak passwords);
 - passwords we use for different services (for example, identical password for facebook and for bitcointalk.org, so if facebook account gets hacked, it's highly possible that bitcointalk.org gets hacked too);
 - many fine human qualities like stupidity, nonchalance, curiosity and inattention: passwords written on piece of paper and then sticked to monitors to be shown on youtube-video; "indifference" to URLs of sites where people plan to work with money (phishing, yes); irrepressible aspiration to read messages from tax service that tax service never sends; desire to tell everyone that you're Satoshi Nakamoto engaged in crypto currency - in other words, everything that can be described as "security ignorance".
(I'm sure I didn't mention them all.)

Their devices. Here we've got:
 - poorly protected operation systems: because you need to use Qubes OS but continue to use outdated and unconfigured Windows HP - or because you start everything with "root" privileges (it's better to include in "Themselves" paragraph though);
 - viruses, malwares, keyloggers and other "gifts" for antivirus-free machines (and for users who like to download the super-files from cool site letshackeverythingdotcom);
 - spy sly scripts, applications and browser extensions (which - of course! - they received from the same letshackeverythingdotcom).
(I'm sure I didn't mention them all.)

Methods and devices to connect. Here we've got:
 - our IPs;
 - leaky cheap routers;
 - sincere third-party workers who come to configure our leaky cheap routers;
 - curious neighbors (or curious neighbors' children) who decided to check if they're good hackers or not;
 - public WiFi's, which curious neighbors and their curious children use to check if they at least can "listen" to something that doesn't have a password;
 - poorly protected devices connected to home networks.
(I'm sure I didn't mention them all.)

Public Internet-services. Here we've got:
 - weak passwords for public Internet-services (e-mail, for example);
 - poor protection when you can use better protection (when someone doesn't use the 2fA, right);
 - autologin and "remember my password" - especially when you log in from device using by a bunch of people;
 - trivial security questions in social media or e-mails (for example, someone sets a question "the name of my dear kitty" for his/her social media account - when everybody knows everything about that kitty from his/her posts).
(I'm sure I didn't mention them all.)

We're surrounded, folks.

I couldn't find the post. But I'll try better tomorrow.

IIRC, the PM was from ~1 month ago and theymos said that he would try to code it in a few weeks. So it should be out soon. So it will definitely be available in the current forum software (SMF), and not only when the new software comes out.

The problem with the current system is that there is too many PM's and just theymos and Cyrus to check, verify the messages, deal with the members and recover the accounts. And they probably have a lot to do other than spend their day recovering hacked/lost accounts.

How long will it take to be implemented? I hope that this system will work when the new bitcointalk forum has been launched. Sending PM thru theymos and Cyrus really eats a lot of time.

I'm pretty sure this is already being worked on.

Give me a few minutes and I will find the PM someone received from theymos where he says that he is developing a system to automatically prove you own an account with your staked address.

What is important to note is that many accounts have not been hacked. They are only frozen by some hacking attempt or by an attempt to change the email. As the process of defrosting the account or recovering it is manual and takes a lot of time.

Perhaps more important than 2fa, it would be automatization of the account recovery process. Using a signature from a BTC or pgp address. I think the forum should have an option to directly configure in the profile your BTC addresses and pgp that could never be changed. And only the admin could visualize them in an account recovery situation. Bitmex uses a similar system.

I think because of phishing sites like Bitcointalk.to

if you are not careful, you will believe that the domain Bitcointalk.to is the same with Bitcointalk.org but they are different!

Reuse of credentials is likely the most common reason, combined with the lack of 2FA offered on the forum. There are many database breaches (I believe BitcoinTalk also had one in 2015) from many notable sites that people may have had an account on. They would have used the same credentials on BitcoinTalk, and a hacker would have gone through the list of leaked account info and tried it against BitcoinTalk.

I am very curious because recently I've seen a massive amount of threads regarding hacked accounts. I've seen different ranks being hacked despite their years of experience in the forum. I was just thinking maybe there are several factors or some stuff that made these people be vulnerable to being scammed or hacked. Meaning that these factors will make those years of experience useless.

I want to see how different users got hacked, then we can differentiate the pattern and procedure these hackers do.
This could be a serious problem so I would greatly appreciate any help from users who were hacked or know someone who was hacked.
It would be great if you guys can share with us your experience then I would edit this first post and quote those experiences. I also suggest make the "experience part" as short and as simple as possible too.

Thanks!

EDIT:
Here are some of community replies.