Pages:
Author

Topic: ■■■My 2013 legendary account was hacked :( help me to find how and to recover it - page 3. (Read 1907 times)

member
Activity: 124
Merit: 11
Can maybe a mod send a message to an admin addressing my situation? That would be greatly appreciated, if possible.
member
Activity: 124
Merit: 11
member
Activity: 124
Merit: 11
Hi mate!

I have tagged your account for being hacked
Once you solve this problem, and restore access to your account, pm me so that I can remove the tag

Thank you, but the account is blocked and the hacker have no way to use it, so please remove the tag, it is not needed.

Still no response....I wonder why, after the first contact I was hoping it would had been resolved soon...
member
Activity: 317
Merit: 13
★Adconity.com★
Hi mate!

I have tagged your account for being hacked
Once you solve this problem, and restore access to your account, pm me so that I can remove the tag
member
Activity: 124
Merit: 11
Still no response, so i sent a second message to both Theymos and Cyrus

....UP!!!
member
Activity: 124
Merit: 11
What additional info did he request?

If I was still in control of the email originally linked to the account, and I answered that I am, two times.

Cannot imagine why he didn't answered since then Sad
global moderator
Activity: 3990
Merit: 2717
Join the world-leading crypto sportsbook NOW!
What additional info did he request?
member
Activity: 124
Merit: 11
Almost a month passed, still I didn't understood how I was hacked, and getting a response from Cyrus and then nothing for 2 weeks is even more frustrating than no response  Cry
member
Activity: 124
Merit: 11
Still no answer from Cyrus, so I up this thread
member
Activity: 124
Merit: 11
Seems to me that chrome autofill check the url, I am not 100% sure I used it (maybe 90%), but seems strange to me that I login in a phishing site, because I can't find it in my chronology.


Meanwhile Cyrus responded and asked for some additional info that I gave, but I got no response since that a couple of days ago, so.... UP!
staff
Activity: 3304
Merit: 4115
I always thought that autofills key the passwords to hostname or domain name contained in the canonical URL. They are not tricked by phishing sites where the domain name is mistyped or simply looks the same visually to the real site.
That depends on the type of autofill used. Sometimes autofill features just save the password, and ask you if you want to input your saved password on the site. Another example, Keepass has a auto complete feature which will auto complete your password by finding certain strings of text and inputting your your username/password that way. This doesn't check whether the URL is correct unless, you've specifically specified that in Keepass.

I'm unfamiliar with chrome/firefox auto fill but, I know that they have an option to automatically fill in credit cards, and other information which isn't specifically related to a certain URL.

When I went to a known site and I saved the password, both username and password would be autocopiled and in yellow background. I think this function will only work for known urls, I am pretty sure I used it, and I can't find any phishing link in my chronology (but searching is difficult because of mobile, I could have missed it).

Still, I'm wondering if I changed the password after the 2015 hack. I think I did so but I'm not 100% sure...
I'm guessing you are using your browsers autofill feature then.

If it 100% checks the URL then you may be alright to use auto fill. Although, I would check this to be sure for the future as I mentioned above not all auto fill features work like that.
donator
Activity: 1617
Merit: 1012
Think You for the hint, i reviewed my chronology but I can't find anything suspicious... also, Google autofill shouldn't work on a phishing site....or not?
I think I login from the login button...because it seemed like I was logged out. I think I was not redirected, but I am not 100% sure
If it autofills your password and username then yes. It's just like you typing it in. The way phishing sites work is that they make their site look identical to their target site and only have a different url and database. When you log in they'll see what you've tried to log in with, and will then try and use it on the actual site. I didn't even know autofill was a thing on modern browsers, but I would recommend taking that off right away.

I always thought that autofills key the passwords to hostname or domain name contained in the canonical URL. They are not tricked by phishing sites where the domain name is mistyped or simply looks the same visually to the real site.
member
Activity: 124
Merit: 11
Really, i don't know why email confirmation is not required to a password change, considering how much this forum is prone to hack attacks.

Still no answers from Cyrus, UP!
member
Activity: 124
Merit: 11
Some rules to avoid the hack

-Download untrusted wallets in a virtual machine
-Use a virgin email to the forum account
-Save the website on bookmarks
-Always check


On the Admin side, they could require email verification for password change.
That would be great
legendary
Activity: 2576
Merit: 1517
#1 VIP Crypto Casino
Some rules to avoid the hack

-Download untrusted wallets in a virtual machine
-Use a virgin email to the forum account
-Save the website on bookmarks
-Always check
member
Activity: 124
Merit: 11
Many days passed, still I didn't manage to understand how I was hacked, still no response from Cyrus.

Bump
member
Activity: 124
Merit: 11
Think You for the hint, i reviewed my chronology but I can't find anything suspicious... also, Google autofill shouldn't work on a phishing site....or not?
I think I login from the login button...because it seemed like I was logged out. I think I was not redirected, but I am not 100% sure
If it autofills your password and username then yes. It's just like you typing it in. The way phishing sites work is that they make their site look identical to their target site and only have a different url and database. When you log in they'll see what you've tried to log in with, and will then try and use it on the actual site. I didn't even know autofill was a thing on modern browsers, but I would recommend taking that off right away.

When I went to a known site and I saved the password, both username and password would be autocopiled and in yellow background. I think this function will only work for known urls, I am pretty sure I used it, and I can't find any phishing link in my chronology (but searching is difficult because of mobile, I could have missed it).

Still, I'm wondering if I changed the password after the 2015 hack. I think I did so but I'm not 100% sure...
staff
Activity: 3304
Merit: 4115
Think You for the hint, i reviewed my chronology but I can't find anything suspicious... also, Google autofill shouldn't work on a phishing site....or not?
I think I login from the login button...because it seemed like I was logged out. I think I was not redirected, but I am not 100% sure
If it autofills your password and username then yes. It's just like you typing it in. The way phishing sites work is that they make their site look identical to their target site and only have a different url and database. When you log in they'll see what you've tried to log in with, and will then try and use it on the actual site. I didn't even know autofill was a thing on modern browsers, but I would recommend taking that off right away.
member
Activity: 124
Merit: 11
The day before the hack I noticed I logged out and so logged in using Google automatic compile.
I am pretty sure I did not login to any phishing site, and I use goggle chrome autocompile for passwords.
you mean Google Autofill/Autocomplete password?
did you re-log intentionally (open login page from bookmark) or were you re-directed to login page?
if the latter happened, you could be logging into a phishing site Undecided happened to me a few weeks ago
but luckily I noticed the wrong url, so I just closed the page and reopened the forum from my bookmark
can you remember the time you logging in and check your browser history to make sure you were on the real login page at that time
just in case there is a way to trick autocomplete to work with fake login page

Quote
May 08, 2018, 10:06:56 AM - erre - password reset via email
Quote
This user's password was reset recently.
This user's email address was changed recently.

Think You for the hint, i reviewed my chronology but I can't find anything suspicious... also, Google autofill shouldn't work on a phishing site....or not?
I think I login from the login button...because it seemed like I was logged out. I think I was not redirected, but I am not 100% sure
hero member
Activity: 1232
Merit: 738
Mixing reinvented for your privacy | chipmixer.com
The day before the hack I noticed I logged out and so logged in using Google automatic compile.
I am pretty sure I did not login to any phishing site, and I use goggle chrome autocompile for passwords.
you mean Google Autofill/Autocomplete password?
did you re-log intentionally (open login page from bookmark) or were you re-directed to login page?
if the latter happened, you could be logging into a phishing site Undecided happened to me a few weeks ago
but luckily I noticed the wrong url, so I just closed the page and reopened the forum from my bookmark
can you remember the time you logging in and check your browser history to make sure you were on the real login page at that time
just in case there is a way to trick autocomplete to work with fake login page

Quote
May 08, 2018, 10:06:56 AM - erre - password reset via email
Quote
This user's password was reset recently.
This user's email address was changed recently.
Pages:
Jump to: