Influx of Hacked Accounts | Bitcointalksearch.org

redsn0w

legendary

Activity: 1778

Merit: 1042

#Free market

Quote from: dothebeats on May 26, 2015, 02:17:13 PM

Quote from: hilariousandco on May 25, 2015, 03:36:28 PM

Quote from: hedgy73 on May 25, 2015, 02:51:57 PM

Quote from: marcotheminer on May 25, 2015, 02:06:03 PM

I have a feeling we will be seeing a lot of hacked accounts in the near future (abandoned but high ranked accounts for example). Stay alert guys!

Yeah I've seen some old accounts just started posting again today after years of not being used Sad

.

Which ones? Maybe a list should be compiled, though what Quickseller said in another thread will also be relevant that many older inactive members will be likely to return to change their passwords by the email they received from theymos.

Yes, it is probable that old users will return to change their password just for precaution, but posting nonsense from inactive accounts for years? That should ring a bell.

This, like the Mt.gox support's account... he is trolling and post useless posts around the forum Roll Eyes

. This should alert everyone that those account(s) were hacked and it is (or better they are) under the control of the 'hacker' who has attacked the forum Wink

.

dothebeats

legendary

Activity: 3542

Merit: 1352

Cashback 15%

Quote from: hilariousandco on May 25, 2015, 03:36:28 PM

Quote from: hedgy73 on May 25, 2015, 02:51:57 PM

Quote from: marcotheminer on May 25, 2015, 02:06:03 PM

I have a feeling we will be seeing a lot of hacked accounts in the near future (abandoned but high ranked accounts for example). Stay alert guys!

Yeah I've seen some old accounts just started posting again today after years of not being used Sad

.

Which ones? Maybe a list should be compiled, though what Quickseller said in another thread will also be relevant that many older inactive members will be likely to return to change their passwords by the email they received from theymos.

Yes, it is probable that old users will return to change their password just for precaution, but posting nonsense from inactive accounts for years? That should ring a bell.

alch1mista

sr. member

Activity: 455

Merit: 251

blockchain longa, vita brevis

Quote from: redsn0w on May 26, 2015, 01:59:24 PM

Quote from: btcton on May 25, 2015, 10:13:52 PM

I can see how many people are just going to ignore this ever even happened and are not planning to change their password. Sure, it may be hard to obtain the actual password, but it is not impossible either. I am hoping at least the most prominent users will use reason.

Exactly, a lot of users (people) don't understand how to protect after an hack their account... but they will surely cry sooner or later and say "why my account was hacked,why I can't access on my account, bla bla?". This is the funny thing, in my honest opinion theymos should send also a general PM here in the forum and say "you should change the password, because the forum was hacked... ". I know he sent an email, but a lot of users are using a random e-mail.

Yes it should definitely be in the news as a red alert.
I know already of two hero accounts being hacked, this is serious business.

redsn0w

legendary

Activity: 1778

Merit: 1042

#Free market

Quote from: btcton on May 25, 2015, 10:13:52 PM

I can see how many people are just going to ignore this ever even happened and are not planning to change their password. Sure, it may be hard to obtain the actual password, but it is not impossible either. I am hoping at least the most prominent users will use reason.

Exactly, a lot of users (people) don't understand how to protect after an hack their account... but they will surely cry sooner or later and say "why my account was hacked,why I can't access on my account, bla bla?". This is the funny thing, in my honest opinion theymos should send also a general PM here in the forum and say "you should change the password, because the forum was hacked... ". I know he sent an email, but a lot of users are using a random e-mail.

ajareselde

legendary

Activity: 1722

Merit: 1000

Satoshi is rolling in his grave. #bitcoin

Quote from: ?? on ??

This is silly and a waste of time. I don't think Theymos intends to do the right thing and change all passwords to have sufficient entropy until they are reset by email, so I am going to walk away from my account and close my email previously associated with the account. The trolling and the hack was merely the straw that broke the camels back... this forum has been going downhill for a while.
Goodbye bitcointalk.

If you really care about the forum, you shouldnt just leave, that wont help make it a better place.
I find it interesting how you take such things so personally; did you experience some personal loss due to recent events ?

Quote from: liie888coins on May 26, 2015, 12:51:49 AM

Well, I thought theymos should disallow users to change email for a certain period of time.
When will this forum enable Google 2FA? I suppose this will help relieve some worries even certain users may have used relatively weak passwords.

I would like to see 2FA also, ASAP. There's just too much at stake to have such minimum security. This forum deals with a lot of trades and values, and as such should have better security imho.

cheers

Gervais

sr. member

Activity: 366

Merit: 250

Quote from: liie888coins on May 26, 2015, 12:51:49 AM

Quote from: ?? on ??

This is silly and a waste of time. I don't think Theymos intends to do the right thing and change all passwords to have sufficient entropy until they are reset by email, so I am going to walk away from my account and close my email previously associated with the account. The trolling and the hack was merely the straw that broke the camels back... this forum has been going downhill for a while.

Goodbye bitcointalk.

Well, I thought theymos should disallow users to change email for a certain period of time.

That's no good for people who want to change them since they've been exposed. All those people who created fake email accounts could get socially engineered themselves so its vital people need to be able to change them.

Quote from: liie888coins on May 26, 2015, 12:51:49 AM

When will this forum enable Google 2FA? I suppose this will help relieve some worries even certain users may have used relatively weak passwords.

Probably have to wait for the new forum. If it was going to be implemented it likely would have been already.

liie888coins

full member

Activity: 217

Merit: 100

Part-time Altcoin Developer

Quote from: ?? on ??

This is silly and a waste of time. I don't think Theymos intends to do the right thing and change all passwords to have sufficient entropy until they are reset by email, so I am going to walk away from my account and close my email previously associated with the account. The trolling and the hack was merely the straw that broke the camels back... this forum has been going downhill for a while.

Goodbye bitcointalk.

Well, I thought theymos should disallow users to change email for a certain period of time.

When will this forum enable Google 2FA? I suppose this will help relieve some worries even certain users may have used relatively weak passwords.

iCEBREAKER

legendary

Activity: 2156

Merit: 1072

Crypto is the separation of Power and State.

Quote from: SaltySpitoon on May 25, 2015, 02:08:22 PM

Quote from: marcotheminer on May 25, 2015, 02:06:03 PM

I have a feeling we will be seeing a lot of hacked accounts in the near future (abandoned but high ranked accounts for example). Stay alert guys!

Agreed, also be especially careful trading with people. Even if no one gets hacked, I foresee some people scamming, and then trying to claim they were hacked to waive their liability.

Staff should give every account on the board negative default trust.

After all, BadBear didn't do a fucking thing (besides make lame excuses for him) when Vod (ab)used his authority to give me a red mark for nothing other than a "possibly hacked" account.

Now that all accounts are "possibly hacked" more than ever before, it's time for mass application of Vod's (staff/admin-approved) low standard.

btcton

legendary

Activity: 1288

Merit: 1007

I can see how many people are just going to ignore this ever even happened and are not planning to change their password. Sure, it may be hard to obtain the actual password, but it is not impossible either. I am hoping at least the most prominent users will use reason.

botany

legendary

Activity: 1582

Merit: 1064

Quote from: MsCollec on May 25, 2015, 06:45:30 PM

More worried about virus emails Sad

Using a different email id for bitcointalk could be a solution.

tarsua

sr. member

Activity: 266

Merit: 250

Quote from: ?? on ??

This is silly and a waste of time. I don't think Theymos intends to do the right thing and change all passwords to have sufficient entropy until they are reset by email, so I am going to walk away from my account and close my email previously associated with the account. The trolling and the hack was merely the straw that broke the camels back... this forum has been going downhill for a while.

Goodbye bitcointalk.

If you arent back in 6 months, i'll donate all my btc to charity

Redones

sr. member

Activity: 320

Merit: 261

Web developper

it will be better if they could include tow factor authenticator for more security

crazyearner

legendary

Activity: 1820

Merit: 1001

Well changed and updated my password and security questions. No doubt am going to get a load of spam emails to file off and block in the future. Seems like satoshi account is hacked how can theri be 3 satoshis on here unless someone changed their display name to his. So whos the real satoshi apart from profile u=3 seems lot going on and needs to be investigated.

I would at least mass force password update and to change passwords.

Original one https://bitcointalksearch.org/user/satoshi-3

Imposer one or changed to. https://bitcointalksearch.org/user/tradefortress-67058

3rd account https://bitcointalksearch.org/user/retard-25340

BrewCrewFan

hero member

Activity: 672

Merit: 501

Quote from: Gervais on May 25, 2015, 06:47:35 PM

Quote from: MsCollec on May 25, 2015, 06:45:30 PM

More worried about virus emails Sad

Simple solution: don't open them. I wouldn't click on any email I didn't like the look of especially ones that mention btc.

This is right here the best advice.

Its so funny, until a few years ago before I got into BTC, I had no care in the world. Now I have multicharacter passwords for everything, even my email.... funny how something like this can open your eyes.

Gervais

sr. member

Activity: 366

Merit: 250

Quote from: MsCollec on May 25, 2015, 06:45:30 PM

More worried about virus emails Sad

Simple solution: don't open them. I wouldn't click on any email I didn't like the look of especially ones that mention btc.

MsCollec

legendary

Activity: 1400

Merit: 1000

More worried about virus emails Sad

AltcoinInvestor

sr. member

Activity: 294

Merit: 250

Partial protection before doing any business not to be scammed:
Ask for a signed message with an old posted&unedited address. (At least 1 years old.)

Gervais

sr. member

Activity: 366

Merit: 250

Quote from: Mt.Gox Support on May 25, 2015, 05:55:33 PM

Quote from: ?? on ??

Quote from: Mt.Gox Support on May 25, 2015, 05:50:06 PM

about 80% of accounts here have a fake email address set. People are reluctant to use real email addresses so they can stay anonymous. Only thing people can do is log in and change their password before the hacker can crack it.

Some of those 80% will still have access to the fake/throwaway email accounts, some wont. It takes 5 minutes to setup a spare email account for security / spam and it only needs to be checked 1 a year to make sure it remains active. Anyone that isn't maintaining these accounts in a password manager is irresponsible and deserves to become a newbie again.

no i mean 80% of the emails are invalid, they aren't temporary emails, they are invalid that bounce emails back. Most people just entered [email protected] or similar, the email accounts don't exist. The only authentication the forum has is password/security question, email is no good for us, even satoshi's account has an invalid email though that is likely on purpose.

Why would you need the password or anything else to accounts like [email protected] when you could just create the gmail account yourself and reset the pass? Once you had the list of obviously fake emails you could create any that used real providers.

Mt.Gox Support

vip

Activity: 308

Merit: 250

Quote from: ?? on ??

Quote from: Mt.Gox Support on May 25, 2015, 06:02:59 PM

When I say 80% I am underestimating. Like I said even satoshi would be locked out, if you think it's a good idea to make 80% of accounts here unrecoverable then you are a complete idiot. Don't waste your time replying to this.

It makes perfect sense for a likely compromised account to be trying to dissuade Theymos and others from good security advice.

Whether the number is 50% or 90% , they mostly are comprised of shill accounts so it will be great to purge those.

If you are going to ban 80% of accounts here including satoshi and all VIP members except 2 who used real emails you might as well delete the whole forum and start over from scratch. Even this account's email "[email protected]" had expired.

Mt.Gox Support

vip

Activity: 308

Merit: 250

Quote from: ?? on ??

Quote from: Mt.Gox Support on May 25, 2015, 05:55:33 PM

no i mean 80% of the emails are invalid, they aren't temporary emails, they are invalid that bounce emails back. Most people just entered [email protected] or similar, the email accounts don't exist. The only authentication the forum has is password/security question, email is no good for us, even satoshi's account has an invalid email.

I understood you the first time. Who cares if they are invalid. I clearly stated that those users who are stupid enough not to maintain a throwaway email for this exact scenario deserve to become newbies again.

What is worse : a few hero accounts being frozen where the users are forced to start over or a ton of compromised accounts trolling and scamming on this forum?

The choice is clear to me ... hopefully Theymos makes the right decision, otherwise he is choosing usability over security like apple did before fappergate.

When I say 80% I am underestimating. Like I said even satoshi would be locked out, if you think it's a good idea to make 80% of accounts here unrecoverable then you are a complete idiot. Don't waste your time replying to this.

Topic: Influx of Hacked Accounts (Read 3650 times)