Pages:
Author

Topic: Influx of Hacked Accounts (Read 3699 times)

legendary
Activity: 1778
Merit: 1043
#Free market
May 26, 2015, 01:19:56 PM
#65
I have a feeling we will be seeing a lot of hacked accounts in the near future (abandoned but high ranked accounts for example). Stay alert guys!

Yeah I've seen some old accounts just started posting again today after years of not being used Sad.

Which ones? Maybe a list should be compiled, though what Quickseller said in another thread will also be relevant that many older inactive members will be likely to return to change their passwords by the email they received from theymos.

Yes, it is probable that old users will return to change their password just for precaution, but posting nonsense from inactive accounts for years? That should ring a bell.

This, like the Mt.gox support's account... he is trolling and post useless posts around the forum  Roll Eyes. This should alert everyone that those account(s) were hacked and it is (or better they are) under the control of the 'hacker' who has attacked the forum Wink.
legendary
Activity: 3542
Merit: 1352
May 26, 2015, 01:17:13 PM
#64
I have a feeling we will be seeing a lot of hacked accounts in the near future (abandoned but high ranked accounts for example). Stay alert guys!

Yeah I've seen some old accounts just started posting again today after years of not being used Sad.

Which ones? Maybe a list should be compiled, though what Quickseller said in another thread will also be relevant that many older inactive members will be likely to return to change their passwords by the email they received from theymos.

Yes, it is probable that old users will return to change their password just for precaution, but posting nonsense from inactive accounts for years? That should ring a bell.
sr. member
Activity: 455
Merit: 251
blockchain longa, vita brevis
May 26, 2015, 01:05:10 PM
#63
I can see how many people are just going to ignore this ever even happened and are not planning to change their password. Sure, it may be hard to obtain the actual password, but it is not impossible either. I am hoping at least the most prominent users will use reason.

Exactly, a lot of users (people) don't understand how to protect after an hack their account... but they will surely cry sooner or later and say "why my account was hacked,why I can't access on my account, bla bla?". This is the funny thing, in my honest opinion theymos should send also a general PM here in the forum and say "you should change the password, because the forum was hacked... ". I know he sent an email, but a lot of users are using a random e-mail.

Yes it should definitely be in the news as a red alert.
I know already of two hero accounts being hacked, this is serious business.
legendary
Activity: 1778
Merit: 1043
#Free market
May 26, 2015, 12:59:24 PM
#62
I can see how many people are just going to ignore this ever even happened and are not planning to change their password. Sure, it may be hard to obtain the actual password, but it is not impossible either. I am hoping at least the most prominent users will use reason.

Exactly, a lot of users (people) don't understand how to protect after an hack their account... but they will surely cry sooner or later and say "why my account was hacked,why I can't access on my account, bla bla?". This is the funny thing, in my honest opinion theymos should send also a general PM here in the forum and say "you should change the password, because the forum was hacked... ". I know he sent an email, but a lot of users are using a random e-mail.
legendary
Activity: 1722
Merit: 1000
Satoshi is rolling in his grave. #bitcoin
May 26, 2015, 08:56:12 AM
#61
This is silly and a waste of time. I don't think Theymos intends to do the right thing and change all passwords to have sufficient entropy until they are reset by email, so I am going to walk away from my account and close my email previously associated with the account. The trolling and the hack was merely the straw that broke the camels back... this forum has been going downhill for a while.
Goodbye bitcointalk.

If you really care about the forum, you shouldnt just leave, that wont help make it a better place.
I find it interesting how you take such things so personally; did you experience some personal loss due to recent events  ?

Well, I thought theymos should disallow users to change email for a certain period of time.
When will this forum enable Google 2FA? I suppose this will help relieve some worries even certain users may have used relatively weak passwords.

I would like to see 2FA also, ASAP. There's just too much at stake to have such minimum security. This forum deals with a lot of trades and values, and as such should have better security imho.

cheers
sr. member
Activity: 366
Merit: 250
May 26, 2015, 04:25:28 AM
#60
This is silly and a waste of time. I don't think Theymos intends to do the right thing and change all passwords to have sufficient entropy until they are reset by email, so I am going to walk away from my account and close my email previously associated with the account. The trolling and the hack was merely the straw that broke the camels back... this forum has been going downhill for a while.

Goodbye bitcointalk.


Well, I thought theymos should disallow users to change email for a certain period of time.

That's no good for people who want to change them since they've been exposed. All those people who created fake email accounts could get socially engineered themselves so its vital people need to be able to change them.

When will this forum enable Google 2FA? I suppose this will help relieve some worries even certain users may have used relatively weak passwords.

Probably have to wait for the new forum. If it was going to be implemented it likely would have been already.
full member
Activity: 217
Merit: 100
Part-time Altcoin Developer
May 25, 2015, 11:51:49 PM
#59
This is silly and a waste of time. I don't think Theymos intends to do the right thing and change all passwords to have sufficient entropy until they are reset by email, so I am going to walk away from my account and close my email previously associated with the account. The trolling and the hack was merely the straw that broke the camels back... this forum has been going downhill for a while.

Goodbye bitcointalk.


Well, I thought theymos should disallow users to change email for a certain period of time.

When will this forum enable Google 2FA? I suppose this will help relieve some worries even certain users may have used relatively weak passwords.
legendary
Activity: 2156
Merit: 1072
Crypto is the separation of Power and State.
May 25, 2015, 10:50:27 PM
#58
I have a feeling we will be seeing a lot of hacked accounts in the near future (abandoned but high ranked accounts for example). Stay alert guys!

Agreed, also be especially careful trading with people. Even if no one gets hacked, I foresee some people scamming, and then trying to claim they were hacked to waive their liability.

Staff should give every account on the board negative default trust.

After all, BadBear didn't do a fucking thing (besides make lame excuses for him) when Vod (ab)used his authority to give me a red mark for nothing other than a "possibly hacked" account.

Now that all accounts are "possibly hacked" more than ever before, it's time for mass application of Vod's (staff/admin-approved) low standard.
legendary
Activity: 1302
Merit: 1007
May 25, 2015, 09:13:52 PM
#57
I can see how many people are just going to ignore this ever even happened and are not planning to change their password. Sure, it may be hard to obtain the actual password, but it is not impossible either. I am hoping at least the most prominent users will use reason.
legendary
Activity: 1582
Merit: 1064
May 25, 2015, 08:20:47 PM
#56
More worried about virus emails  Sad

Using a different email id for bitcointalk could be a solution.  Smiley
sr. member
Activity: 266
Merit: 250
May 25, 2015, 07:54:12 PM
#55
This is silly and a waste of time. I don't think Theymos intends to do the right thing and change all passwords to have sufficient entropy until they are reset by email, so I am going to walk away from my account and close my email previously associated with the account. The trolling and the hack was merely the straw that broke the camels back... this forum has been going downhill for a while.

Goodbye bitcointalk.
If you arent back in 6 months, i'll donate all my btc to charity
sr. member
Activity: 320
Merit: 261
Web developper
May 25, 2015, 07:15:15 PM
#54
it will be better if they could include tow factor authenticator for more security
legendary
Activity: 1820
Merit: 1001
May 25, 2015, 07:02:24 PM
#53
Well changed and updated my password and security questions. No doubt am going to get a load of spam emails to file off and block in the future. Seems like satoshi account is hacked how can theri be 3 satoshis on here unless someone changed their display name to his. So whos the real satoshi apart from profile u=3 seems lot going on and needs to be investigated.

I would at least mass force password update and to change passwords.

Original one https://bitcointalksearch.org/user/satoshi-3

Imposer one or changed to. https://bitcointalksearch.org/user/tradefortress-67058

3rd account https://bitcointalksearch.org/user/retard-25340
hero member
Activity: 672
Merit: 501
May 25, 2015, 05:49:49 PM
#52
More worried about virus emails  Sad

Simple solution: don't open them. I wouldn't click on any email I didn't like the look of especially ones that mention btc.

This is right here the best advice.

Its so funny, until a few years ago before I got into BTC, I had no care in the world. Now I have multicharacter passwords for everything, even my email.... funny how something like this can open your eyes.
sr. member
Activity: 366
Merit: 250
May 25, 2015, 05:47:35 PM
#51
More worried about virus emails  Sad

Simple solution: don't open them. I wouldn't click on any email I didn't like the look of especially ones that mention btc.
legendary
Activity: 1400
Merit: 1000
May 25, 2015, 05:45:30 PM
#50
More worried about virus emails  Sad
sr. member
Activity: 294
Merit: 250
May 25, 2015, 05:22:26 PM
#49
Partial protection before doing any business not to be scammed:
Ask for a signed message with an old posted&unedited address. (At least 1 years old.)
sr. member
Activity: 366
Merit: 250
May 25, 2015, 05:18:00 PM
#48
about 80% of accounts here have a fake email address set. People are reluctant to use real email addresses so they can stay anonymous. Only thing people can do is log in and change their password before the hacker can crack it.

Some of those 80% will still have access to the fake/throwaway email accounts, some wont. It takes 5 minutes to setup a spare email account for security / spam and it only needs to be checked 1 a year to make sure it remains active. Anyone that isn't maintaining these accounts in a password manager is irresponsible and deserves to become a newbie again.

no i mean 80% of the emails are invalid, they aren't temporary emails, they are invalid that bounce emails back. Most people just entered [email protected] or similar, the email accounts don't exist. The only authentication the forum has is password/security question, email is no good for us, even satoshi's account has an invalid email though that is likely on purpose.

Why would you need the password or anything else to accounts like [email protected] when you could just create the gmail account yourself and reset the pass? Once you had the list of obviously fake emails you could create any that used real providers.
vip
Activity: 308
Merit: 250
May 25, 2015, 05:09:31 PM
#47
When I say 80% I am underestimating. Like I said even satoshi would be locked out, if you think it's a good idea to make 80% of accounts here unrecoverable then you are a complete idiot. Don't waste your time replying to this.

It makes perfect sense for a likely compromised account to be trying to dissuade Theymos and others from good security advice.

Whether the number is 50% or 90% , they mostly are comprised of shill accounts so it will be great to purge those.

If you are going to ban 80% of accounts here including satoshi and all VIP members except 2 who used real emails you might as well delete the whole forum and start over from scratch. Even this account's email "[email protected]" had expired.
vip
Activity: 308
Merit: 250
May 25, 2015, 05:02:59 PM
#46
no i mean 80% of the emails are invalid, they aren't temporary emails, they are invalid that bounce emails back. Most people just entered [email protected] or similar, the email accounts don't exist. The only authentication the forum has is password/security question, email is no good for us, even satoshi's account has an invalid email.

I understood you the first time. Who cares if they are invalid. I clearly stated that those users who are stupid enough not to maintain a throwaway email for this exact scenario deserve to become newbies again.

What is worse : a few hero accounts being frozen where the users are forced to start over or a ton of compromised accounts trolling and scamming on this forum?

The choice is clear to me ... hopefully Theymos makes the right decision, otherwise he is choosing usability over security like apple did before fappergate.

When I say 80% I am underestimating. Like I said even satoshi would be locked out, if you think it's a good idea to make 80% of accounts here unrecoverable then you are a complete idiot. Don't waste your time replying to this.
Pages:
Jump to: