Pages:
Author

Topic: Lets talk Bitcointalk - page 2. (Read 381 times)

Vod
legendary
Activity: 3668
Merit: 3010
Licking my boob since 1970
July 25, 2018, 04:38:05 AM
#5
It is your responsibility to read forum rules after you register here. Do you want them to mail you requirements on how to use this forum safely ?

The forum does not require email validation either.  :/
legendary
Activity: 1288
Merit: 1926
฿ear ride on the rainbow slide
July 25, 2018, 03:59:37 AM
#4
Hello everyone,

I'm making this post to make everyone aware of an alt-coin that goes by TedChain as it is a scam, Several days ago it came to my attention that my Bitcointalk account had been compromised.
To my surprise the person who took-over the account is claiming to have a 'gaming platform' coin that goes by 'TedChain', I immediately reached out to the 'dev's and posted on their thread but was ignored.

I proceed by contacting them via Telegram to which they admitted that the account isn't theirs and claimed it was simply a "misunderstanding" but offered to buy it from me,
Seeing as they had decent community feedback i offered to sell it to them for $100 USD. For a company who claims to have a 'revolutionary' coin, They wasted my time and are now claiming to not have any money and that they're waiting to make money off the crowd-sale scheduled for July 17th.

I can't understand how you claim to have your account "hacked" and then offer to sell it to the "hacker".

Surely you can see the issue with that. 

You are willing to sell your account for a $100 to someone you are accusing of being a scammer.
newbie
Activity: 40
Merit: 0
July 25, 2018, 02:41:36 AM
#3
It is your responsibility to read forum rules after you register here. Do you want them to mail you requirements on how to use this forum safely ?
sr. member
Activity: 742
Merit: 395
I am alive but in hibernation.
July 25, 2018, 12:56:06 AM
#2
On May 19th my Bitcointalk account was compromised via bruteforce, However it wasn't until July 9th 2018 that i found out as i'm not very active on the forum.
What surprised me about this situation wasn't that i was hacked but rather how EASY Bitcointalk made it for the "hacker", I'll elaborate.

Why does Bitcointalk offer NO security when it comes to its users accounts?

Since the beginning of the internet websites have always required the account-holder to verify ANY major changes to an account ie; password change, email etc.
Apparently Bitcointalk doesn't seem to require any verification of account changes, I mean sure we have the option to lock the account within 15-days of the changes happening
but that doesn't do much in my case or in the case of any casual member of the forum who doesn't realize until weeks after the fact.

See: https://gyazo.com/5a2dd6d9504e4af5acd5e0450edd0869

Your account recovery process is trash, Why?

I contacted Theymos on July 9th explaining what happened and how the hacker was attempting to scam the community via an ICO crowdsale, Received no response so i then reached out to Cyrus and still have not heard from either of the forum admins 2+ weeks later.

I'm aware i'm not the only one whom this has happened and it isn't as if my account was Hero/Legend status but when someone is attempting to scam your community and you as an admin are given weeks heads-up notice and don't even bother to read the message, Its concerning for the forum overall. I'm a member of several larger internet boards and they don't really seem to have this problem so what are the admins of Bitcointalk doing?

Recovery Method?

So in order to recover a stolen account we must supply admins with Bitcoin Address or PGP Key related to the account, EXCEPT none of which was REQUIRED upon signing up.
Why not make it clear to members that they MUST supply a wallet address or PGP key and/or store it somewhere as backup incase they're compromised?

In my case i used hundreds of different wallet addresses and never PGP signed my account that i recall.

With all the posts about accounts being compromised you'd think that there would be an urgency of sort to assist users of the community, Instead the entire procedure and account safety features seem rather moot.




OP  , you can put a good heading for this topic .

Anyways , look like that forum policy  makes hacking favorable.  Instead of asking user to confirm the change email in the current email , they are changing  the email and asking the original user to lock its own account.

No body knows how much time recovery takes.

Admins, should not allow change of email and passwords until it is confirmed on original/current email associated with the account.
newbie
Activity: 22
Merit: 0
July 24, 2018, 06:43:56 PM
#1
On May 19th my Bitcointalk account was compromised via bruteforce, However it wasn't until July 9th 2018 that i found out as i'm not very active on the forum.
What surprised me about this situation wasn't that i was hacked but rather how EASY Bitcointalk made it for the "hacker", I'll elaborate.

Why does Bitcointalk offer NO security when it comes to its users accounts?

Since the beginning of the internet websites have always required the account-holder to verify ANY major changes to an account ie; password change, email etc.
Apparently Bitcointalk doesn't seem to require any verification of account changes, I mean sure we have the option to lock the account within 15-days of the changes happening
but that doesn't do much in my case or in the case of any casual member of the forum who doesn't realize until weeks after the fact.

See: https://gyazo.com/5a2dd6d9504e4af5acd5e0450edd0869

Your account recovery process is trash, Why?

I contacted Theymos on July 9th explaining what happened and how the hacker was attempting to scam the community via an ICO crowdsale, Received no response so i then reached out to Cyrus and still have not heard from either of the forum admins 2+ weeks later.

I'm aware i'm not the only one whom this has happened and it isn't as if my account was Hero/Legend status but when someone is attempting to scam your community and you as an admin are given weeks heads-up notice and don't even bother to read the message, Its concerning for the forum overall. I'm a member of several larger internet boards and they don't really seem to have this problem so what are the admins of Bitcointalk doing?

Recovery Method?

So in order to recover a stolen account we must supply admins with Bitcoin Address or PGP Key related to the account, EXCEPT none of which was REQUIRED upon signing up.
Why not make it clear to members that they MUST supply a wallet address or PGP key and/or store it somewhere as backup incase they're compromised?

In my case i used hundreds of different wallet addresses and never PGP signed my account that i recall.

With all the posts about accounts being compromised you'd think that there would be an urgency of sort to assist users of the community, Instead the entire procedure and account safety features seem rather moot.


Pages:
Jump to: