Hacked BitcoinTalk Data Finally Surfaces On Dark Net

Labumi

hero member

Activity: 756

Merit: 500

Quote from: Jeremycoin on September 10, 2016, 08:13:58 AM

Quote from: west man4 on September 09, 2016, 11:24:22 PM

My account was hacked but i can not get an email to get it back, they changed the email account? Cry

Have no staked address that can sign a message from.
So what are my options here?

My account is west man!

Please someone help because the ones I have pm'd are not responding anymore.

This is probably the main problem of Bitcointalk account security, people can easily change their email without any notification/permission from the old email. I think this should be fixed because in my opinion email is the last way for the users to recover their account. Because usually, people will have a good security on their email address and most of email services will require the users to have a very strong password and even with 2FA.

That is certainly true. This is a big problem for all users of the account bitcointalk, however I think if indeed it happens is definitely Admin Bitcointalk have an effective way of doing our account recovery affected by the hacking. Because I see that every single thing we do in the forums always on record by the system

Jeremycoin

legendary

Activity: 1022

Merit: 1003

𝓗𝓞𝓓𝓛

Quote from: west man4 on September 09, 2016, 11:24:22 PM

My account was hacked but i can not get an email to get it back, they changed the email account? Cry

Have no staked address that can sign a message from.
So what are my options here?

My account is west man!

Please someone help because the ones I have pm'd are not responding anymore.

This is probably the main problem of Bitcointalk account security, people can easily change their email without any notification/permission from the old email. I think this should be fixed because in my opinion email is the last way for the users to recover their account. Because usually, people will have a good security on their email address and most of email services will require the users to have a very strong password and even with 2FA.

jackg

copper member

Activity: 2856

Merit: 3071

https://bit.ly/387FXHi lightning theory

Quote from: ihanaihana on September 10, 2016, 06:26:42 AM

Quote from: jackg on September 10, 2016, 06:21:40 AM

Quote from: west man4 on September 09, 2016, 11:24:22 PM

My account was hacked but i can not get an email to get it back, they changed the email account? Cry

Have no staked address that can sign a message from.
So what are my options here?

My account is west man!

Please someone help because the ones I have pm'd are not responding anymore.

There isn't a way to recover it.
Admins state they only accept signed messages of staked addresses.
You may be able to recover it some other way such as proving ownership of the IP you reach this forum by (but that's unlikely)!

It is illogical to unable to recover the account, there is secondary password. Other sites or forums have password recover, and can't change the email by entering the password, there must be a confirmation of old email confirmation to modify the new email.

Yes, the secondary password is a staked address!
I doubt any other method of recovering the account have been out in place. As buying and selling of accounts is fully accepted here.

ihanaihana

member

Activity: 86

Merit: 10

Quote from: jackg on September 10, 2016, 06:21:40 AM

Quote from: west man4 on September 09, 2016, 11:24:22 PM

My account was hacked but i can not get an email to get it back, they changed the email account? Cry

Have no staked address that can sign a message from.
So what are my options here?

My account is west man!

Please someone help because the ones I have pm'd are not responding anymore.

There isn't a way to recover it.
Admins state they only accept signed messages of staked addresses.
You may be able to recover it some other way such as proving ownership of the IP you reach this forum by (but that's unlikely)!

It is illogical to unable to recover the account, there is secondary password. Other sites or forums have password recover, and can't change the email by entering the password, there must be a confirmation of old email confirmation to modify the new email.

jackg

copper member

Activity: 2856

Merit: 3071

https://bit.ly/387FXHi lightning theory

Quote from: west man4 on September 09, 2016, 11:24:22 PM

My account was hacked but i can not get an email to get it back, they changed the email account? Cry

Have no staked address that can sign a message from.
So what are my options here?

My account is west man!

Please someone help because the ones I have pm'd are not responding anymore.

There isn't a way to recover it.
Admins state they only accept signed messages of staked addresses.
You may be able to recover it some other way such as proving ownership of the IP you reach this forum by (but that's unlikely)!

wavespump

hero member

Activity: 728

Merit: 500

Is this news legit or fake? If the database was really leaked, theymos would announce it. He announced it in 2015 hack, so he is transparent about all hack cases. No need to hide if the forum is hacked.

beeframen

newbie

Activity: 24

Merit: 0

Quote from: west man4 on September 09, 2016, 11:24:22 PM

My account was hacked but i can not get an email to get it back, they changed the email account? Cry

Have no staked address that can sign a message from.
So what are my options here?

My account is west man!

Please someone help because the ones I have pm'd are not responding anymore.

What rank dude? Senior or hero member? I think you are so unlucky. Hackers only want to hack high rank accounts. Very dangerous.

pandalion98

sr. member

Activity: 504

Merit: 250

Quote from: west man4 on September 09, 2016, 11:24:22 PM

My account was hacked but i can not get an email to get it back, they changed the email account? Cry

Have no staked address that can sign a message from.
So what are my options here?

My account is west man!

Please someone help because the ones I have pm'd are not responding anymore.

My account is satoshi! They disabled my account! It got stolen!
I have no staked address so I can't sign message. I PM'd theymos but he won't reply.
My account is satoshi!

See my point? Unfortunately, if you can't positively identify yourself as an owner of an account, you can't have it back basically.
I suggest you take this as a lesson learned the hard way. Stake a proof, be it an address or PGP signature or whatever. Keep them safe.

hajimasan

hero member

Activity: 882

Merit: 500

Quote from: Wind_FURY on September 05, 2016, 11:04:45 PM

This just out in the news. What are the implications of this as a regular user of BCT? Should we be worried about this?

http://themerkle.com/hacked-bitcointalk-user-data-finally-surfaces-on-dark-net/

"Just a few days ago, the data stolen from the BitcoinTalk.org hack in 2015 was posted for sale on dark net. A hacker going by DoubleFlag, is selling BitcoinTalk.org’s database. The same hacker is said to be responsible for the 68 million emails and hashed passwords from Dropbox that went for sale on dark net not too long ago.

BitcoinTalk.org was originally hacked in May of 2015, but the data wasn’t posted until a few days ago. DoubleFlag seems to have been the first one able to get his hands on it, and no one after him for that matter. The stolen data was only accessible by using data breach notification sites like Hacked-DB and LeakedSource."

earlier i thought that the news of Ddoss attack on the bitcointalk.org forum is a fake news but today half hour ago during reply a post i see a heading news by this forum .

" News : Due to DDoS attacks, there may be periodic
downtime."

now i will suggest everyone they should change there password .

west man4

newbie

Activity: 21

Merit: 0

My account was hacked but i can not get an email to get it back, they changed the email account? Cry

Have no staked address that can sign a message from.
So what are my options here?

My account is west man!

Please someone help because the ones I have pm'd are not responding anymore.

BitcoinHunt3r

legendary

Activity: 2954

Merit: 1155

Leading Crypto Sports Betting & Casino Platform

Quote from: bitcapitalist on September 09, 2016, 07:27:10 AM

Change your password and make sure you don't use it with another service, that's all.

ya it is better to keep our account secured by ourself, change our password periodically is good advice , and dont forget to use 2fa on every account if that is possible to do

shinratensei_

legendary

Activity: 3332

Merit: 1034

Leading Crypto Sports Betting & Casino Platform

Quote from: MONKEYJUNK on September 09, 2016, 05:20:44 AM

Quote from: mjsbuddha on September 05, 2016, 11:06:46 PM

'To break it down, there are 469,540 passwords that have been encrypted with SHA-256, and 44,868 passwords encrypted wit SMF encryption.'

Incorrect.

So it's a fake article?
Should we change the password or not?

It will be very helpful if the forum implement a 2FA or something like that...

It's not a fake article, i believe is real according to in may 2015 bitcoin talk is ever getting hacked and their some database was stolen and if you wanna visiting in another sub forum in here you will see there are a people is selling the account is from the hacked database.

Youresioure

full member

Activity: 162

Merit: 100

Reich mir die Hand

I wasn't here that time so I'm not worried about it, but since you're advised to change your log in data regularly and if there's such a security event, with extra caution, I think everyone with at least basic caution's changed their data already.

jackg

copper member

Activity: 2856

Merit: 3071

https://bit.ly/387FXHi lightning theory

Quote from: Sharma on September 09, 2016, 07:29:44 AM

Quote from: MONKEYJUNK on September 09, 2016, 05:20:44 AM

Quote from: mjsbuddha on September 05, 2016, 11:06:46 PM

'To break it down, there are 469,540 passwords that have been encrypted with SHA-256, and 44,868 passwords encrypted wit SMF encryption.'

Incorrect.

So it's a fake article?
Should we change the password or not?

It will be very helpful if the forum implement a 2FA or something like that...

If we were required to change password,the forum admin or staff should have intimidated this to us through general notice.Since there is no such announcement,I Dont think we should worry although keep changing password periodically is a good practice

Or just try to strengthen current ones.
It's hard to reverse the hashed passwords anyway. And I'm also informed that the usernames and emails are also hashed, making it extremely difficult.
You are probably correct, if there was any serious threat, It'd be reported in the message section (the part that states the "latest stable version of bitcoin core"

Sharma

legendary

Activity: 1092

Merit: 1000

GATCOIN : The New Currency Of Digital Marketing

Quote from: MONKEYJUNK on September 09, 2016, 05:20:44 AM

Quote from: mjsbuddha on September 05, 2016, 11:06:46 PM

'To break it down, there are 469,540 passwords that have been encrypted with SHA-256, and 44,868 passwords encrypted wit SMF encryption.'

Incorrect.

So it's a fake article?
Should we change the password or not?

It will be very helpful if the forum implement a 2FA or something like that...

If we were required to change password,the forum admin or staff should have intimidated this to us through general notice.Since there is no such announcement,I Dont think we should worry although keep changing password periodically is a good practice

bitcapitalist

member

Activity: 110

Merit: 10

Change your password and make sure you don't use it with another service, that's all.

Pattberry

sr. member

Activity: 448

Merit: 250

Quote from: posi on September 05, 2016, 11:53:22 PM

Something must be done to put an end this hacking things going around the corner.

are you kidding me,how would you do that,hacking attempts are a part and parcel in this virtual world, you either take good care of what you do online and be careful on what all sites you share the same username and password,i dont expect the admin over here to take care of security very much,they are just running this forum as it is,i understand how difficult of a task it is to maintain these kind of traffic in here.But you could always improve the security of this site.

MONKEYJUNK

sr. member

Activity: 434

Merit: 250

Quote from: mjsbuddha on September 05, 2016, 11:06:46 PM

'To break it down, there are 469,540 passwords that have been encrypted with SHA-256, and 44,868 passwords encrypted wit SMF encryption.'

Incorrect.

So it's a fake article?
Should we change the password or not?

It will be very helpful if the forum implement a 2FA or something like that...

pandalion98

sr. member

Activity: 504

Merit: 250

Quote from: jackg on September 06, 2016, 03:56:56 PM

~snip~

Instead of qustioning if satoshi is one of the effeted members, maybe try to find if the admins were breached of this issue? Even though they will change teir passwords often (probably) it cannot be ruled out that their passwords are also being sold here.

If you pay attention to this:

Quote from: theymos on September 06, 2016, 02:52:07 AM

Quote from: mjsbuddha on September 06, 2016, 02:46:09 AM

What year did you change the hashing algorithm? From what I saw in the database some users who didn't logon after 2012 were not in it.

July 2012.

He last logged in in december 2010! Definitely before that time so he's not on that database.

As far as I know, Satoshi's account is disabled until someone can positively identify themselves as Satoshi (PGP/GPG, etc.). Until then, no one can use that account.

abayan

sr. member

Activity: 686

Merit: 260

Quote from: Zadicar on September 09, 2016, 04:41:47 AM

Quote from: ethereumhunter on September 07, 2016, 04:26:56 AM

i can not imagine how to do that, cracked password is far beyond from my imagination and i can not figure out how to do that. i hope that bitcointalk will be fine and will be ok, for the forum and for the member especially. and i hope nothing will be happen with bitcoin community and we should not be worried.

Cracking passwords would be difficult for the hackers since it was encrypted ,same as others said that you would need a super computer to crack it. I guess its up to you if you change your password as of now since its a little bit worrying for us that our account could possibly be compromised and possibly get by someone.

I agree im also read this news a day ago then im starting to change my password in all over my most visited websites and some of impotant website just to play safe. But if it really true then i should worry about it. Sad

Topic: Hacked BitcoinTalk Data Finally Surfaces On Dark Net (Read 2849 times)