satoshin@gmx.com is compromised - page 6.

marcus_of_augustus

legendary

Activity: 3920

Merit: 2349

Eadem mutata resurgo

Quote from: UsernameBitcoin on September 15, 2014, 02:55:10 AM

Quote from: jabo38 on September 14, 2014, 03:02:02 PM

Quote from: FloodZone on September 14, 2014, 01:55:54 PM

Quote from: proofofarat on September 14, 2014, 11:37:12 AM

Looking at GMX's password recovery process, to recover an account it looks like they will either send an email to s***@v*****.com
or they will let you enter your birthdate. Perhaps somebody exploited one of these two options?
reddit formatting markdown fucked up the email address characters, but it looks like S followed by 6 stars @ V followed by 8 stars

entering birth date is rate limited to 3 attempts per 24 hrs. So probably wasn't accessed through this unless the attacker had narrowed down the range a bit

Would take 4 months max to crack the birth date.. So it's quite possible.

If somebody knew the exact calendar year, that's true. But do we really really know exactly what year he was born?

If Satoshi is only one person and not a group, just try the birth dates of

Nick Szabo, Wei Dai, David Chaum, John Nash, Adam Back, Tatsuaki Okamoto, Hal Finney, Neal King, Vladimir Oksman, Charles Bry, Michael Weber, Shinichi Mochizuki, Robert A. Hettinga, Gavin Andresen, and Ray Dillinger

and you have your Satoshi.

... it is common practice for pseudonyms to use cryptic yet significant dates, numerology or the like. 1/1/1971, 2/8/82, etc ...

UsernameBitcoin

sr. member

Activity: 530

Merit: 250

CryptoTalk.Org - Get Paid for every Post!

Quote from: jabo38 on September 14, 2014, 03:02:02 PM

Quote from: FloodZone on September 14, 2014, 01:55:54 PM

Quote from: proofofarat on September 14, 2014, 11:37:12 AM

Looking at GMX's password recovery process, to recover an account it looks like they will either send an email to s***@v*****.com
or they will let you enter your birthdate. Perhaps somebody exploited one of these two options?
reddit formatting markdown fucked up the email address characters, but it looks like S followed by 6 stars @ V followed by 8 stars

entering birth date is rate limited to 3 attempts per 24 hrs. So probably wasn't accessed through this unless the attacker had narrowed down the range a bit

Would take 4 months max to crack the birth date.. So it's quite possible.

If somebody knew the exact calendar year, that's true. But do we really really know exactly what year he was born?

If Satoshi is only one person and not a group, just try the birth dates of

Nick Szabo, Wei Dai, David Chaum, John Nash, Adam Back, Tatsuaki Okamoto, Hal Finney, Neal King, Vladimir Oksman, Charles Bry, Michael Weber, Shinichi Mochizuki, Robert A. Hettinga, Gavin Andresen, and Ray Dillinger

and you have your Satoshi.

DubFX

sr. member

Activity: 434

Merit: 250

There are lots of sites where you can send mail under fake e-mail address, it's simple.

AGD

legendary

Activity: 2070

Merit: 1164

Keeper of the Private Key

I don't believe in this "idiot hacker" story at all.

Bill Bisco

member

Activity: 109

Merit: 10

It would have been nice if the hacker released Satoshi's old emails foe posterity. It's a real shame we had such an idiot hacker.

SomethingElse

full member

Activity: 210

Merit: 100

Looking for the next big thing

Quote from: giveBTCpls on September 14, 2014, 06:08:21 PM

Quote from: TsuyokuNaritai on September 14, 2014, 05:22:24 PM

Quote from: ALXBOB on September 14, 2014, 04:22:03 PM

http://motherboard.vice.com/read/the-satoshi-nakamoto-email-hacker-says-hes-negotiating-with-the-bitcoin-founder?trk_source=recommended

Why does everyone keep reposting this as if it's still news?

Lol. Hasn't it proved already the "hacker" was a dumb kid that got doxed? OP should update the thread with the info so people dont keep asking or something.

I am not sure. http://blogs.wsj.com/moneybeat/2014/09/12/bitbeat-satoshi-nakamoto-hacked-or-not-remains-anonymous/

giveBTCpls

sr. member

Activity: 322

Merit: 250

Quote from: TsuyokuNaritai on September 14, 2014, 05:22:24 PM

Quote from: ALXBOB on September 14, 2014, 04:22:03 PM

http://motherboard.vice.com/read/the-satoshi-nakamoto-email-hacker-says-hes-negotiating-with-the-bitcoin-founder?trk_source=recommended

Why does everyone keep reposting this as if it's still news?

Lol. Hasn't it proved already the "hacker" was a dumb kid that got doxed? OP should update the thread with the info so people dont keep asking or something.

TsuyokuNaritai

hero member

Activity: 574

Merit: 500

Quote from: ALXBOB on September 14, 2014, 04:22:03 PM

http://motherboard.vice.com/read/the-satoshi-nakamoto-email-hacker-says-hes-negotiating-with-the-bitcoin-founder?trk_source=recommended

Why does everyone keep reposting this as if it's still news?

ALXBOB

sr. member

Activity: 289

Merit: 251

http://motherboard.vice.com/read/the-satoshi-nakamoto-email-hacker-says-hes-negotiating-with-the-bitcoin-founder?trk_source=recommended

Buge

newbie

Activity: 2

Merit: 0

Quote from: proofofarat on September 14, 2014, 11:37:12 AM

Looking at GMX's password recovery process, to recover an account it looks like they will either send an email to s***@v*****.com
or they will let you enter your birthdate. Perhaps somebody exploited one of these two options?
reddit formatting markdown fucked up the email address characters, but it looks like S followed by 6 stars @ V followed by 8 stars

entering birth date is rate limited to 3 attempts per 24 hrs. So probably wasn't accessed through this unless the attacker had narrowed down the range a bit

People in this thread have already said that even though it claims to limit you to 3 tries per 24 hours, it actually doesn't limit you.

jabo38

legendary

Activity: 1232

Merit: 1001

mining is so 2012-2013

Quote from: FloodZone on September 14, 2014, 01:55:54 PM

Quote from: proofofarat on September 14, 2014, 11:37:12 AM

Looking at GMX's password recovery process, to recover an account it looks like they will either send an email to s***@v*****.com
or they will let you enter your birthdate. Perhaps somebody exploited one of these two options?
reddit formatting markdown fucked up the email address characters, but it looks like S followed by 6 stars @ V followed by 8 stars

entering birth date is rate limited to 3 attempts per 24 hrs. So probably wasn't accessed through this unless the attacker had narrowed down the range a bit

Would take 4 months max to crack the birth date.. So it's quite possible.

If somebody knew the exact calendar year, that's true. But do we really really know exactly what year he was born?

FloodZone

newbie

Activity: 62

Merit: 0

Quote from: proofofarat on September 14, 2014, 11:37:12 AM

Looking at GMX's password recovery process, to recover an account it looks like they will either send an email to s***@v*****.com
or they will let you enter your birthdate. Perhaps somebody exploited one of these two options?
reddit formatting markdown fucked up the email address characters, but it looks like S followed by 6 stars @ V followed by 8 stars

entering birth date is rate limited to 3 attempts per 24 hrs. So probably wasn't accessed through this unless the attacker had narrowed down the range a bit

Would take 4 months max to crack the birth date.. So it's quite possible.

wasserman99

sr. member

Activity: 476

Merit: 250

Quote from: Skinnyman on September 14, 2014, 11:39:54 AM

Quote from: proofofarat on September 14, 2014, 11:37:12 AM

Looking at GMX's password recovery process, to recover an account it looks like they will either send an email to s***@v*****.com
or they will let you enter your birthdate. Perhaps somebody exploited one of these two options?
reddit formatting markdown fucked up the email address characters, but it looks like S followed by 6 stars @ V followed by 8 stars

entering birth date is rate limited to 3 attempts per 24 hrs. So probably wasn't accessed through this unless the attacker had narrowed down the range a bit

This has already been discussed and is likely how he gained access. Think someone said it would take max a year to guess the birthdate by bruteforce.

I would think that the hacker likely changed the password reset questions once he gained access to the account. I would not be surprised if some hacker was able to exploit some kind of vulnerability at gmx (and potentially sold this information on some dark web site).

Skinnyman

member

Activity: 61

Merit: 10

Quote from: proofofarat on September 14, 2014, 11:37:12 AM

Looking at GMX's password recovery process, to recover an account it looks like they will either send an email to s***@v*****.com
or they will let you enter your birthdate. Perhaps somebody exploited one of these two options?
reddit formatting markdown fucked up the email address characters, but it looks like S followed by 6 stars @ V followed by 8 stars

entering birth date is rate limited to 3 attempts per 24 hrs. So probably wasn't accessed through this unless the attacker had narrowed down the range a bit

This has already been discussed and is likely how he gained access. Think someone said it would take max a year to guess the birthdate by bruteforce.

proofofarat

newbie

Activity: 21

Merit: 0

Looking at GMX's password recovery process, to recover an account it looks like they will either send an email to s***@v*****.com
or they will let you enter your birthdate. Perhaps somebody exploited one of these two options?
reddit formatting markdown fucked up the email address characters, but it looks like S followed by 6 stars @ V followed by 8 stars

entering birth date is rate limited to 3 attempts per 24 hrs. So probably wasn't accessed through this unless the attacker had narrowed down the range a bit

itod

legendary

Activity: 1974

Merit: 1077

^ Will code for Bitcoins

Quote from: dewdeded on September 14, 2014, 05:28:38 AM

s******@v********.com is "[email protected]". This is general knowledge, Satoshi used the Vistomail-adress e.g. at the Cryptography-mailing-list [1] or for Bitcoin-related public announcements/postings/publications/communication [2].

1 = http://marc.info/?l=cryptography&m=122694149201952&w=2
2 = http://library.uniteddiversity.coop/Money_and_Economics/bitcoin.pdf & http://blog.dustintrammell.com/2013/11/26/i-am-not-satoshi/

Interesting comment in those emails regarding the reusing of addresses:

Quote

Address book labels for receiving addresses is confusing but I'm not sure what else to do. Anyone using it for more than just simple purposes would need to create different receiving addresses for each payer so they could tell who's paying them. That concept doesn't have much analogy in the real world.

Satoshi

dewdeded

legendary

Activity: 1232

Merit: 1011

Monero Evangelist

Quote from: deepceleron on September 10, 2014, 09:05:23 AM

The site also reveals to anyone attempting to reset that the alternate email is s******@v********.com
This is pretty piss-poor security, since it's obvious that s****** is satoshi and there are lists of free email providers, even ones from 5 years ago that have domains now expired or parked that could be bought and tried against the reset:
vahoo.com
...
vr9.com

The reset email shown could be set by the current hacker, if it was previously s******@g****.com it would be even more obvious what else to compromise.

s******@v********.com is "[email protected]". This is general knowledge, Satoshi used the Vistomail-adress e.g. at the Cryptography-mailing-list [1] or for Bitcoin-related public announcements/postings/publications/communication [2].

1 = http://marc.info/?l=cryptography&m=122694149201952&w=2
2 = http://library.uniteddiversity.coop/Money_and_Economics/bitcoin.pdf & http://blog.dustintrammell.com/2013/11/26/i-am-not-satoshi/

AGD

legendary

Activity: 2070

Merit: 1164

Keeper of the Private Key

Quote from: wasserman99 on September 14, 2014, 02:02:27 AM

Quote from: AGD on September 14, 2014, 12:55:36 AM

Quote from: bigasic on September 13, 2014, 05:20:01 PM

I believe that post when he stated "I am not Dorian" is from SN. From the logs of the emails that were posted, the hacker just received access right before he sent the email to theymos. So, I believe that earlier post is legit...

Why didn't he sign that message to proof it was legit?

No one questioned if the post was legit or not. It was assumed by the community that it was.

Not true. Some people need proof before they classify a message as "legit". Satoshi would not forget to sign it if he wanted everybody to believe it was him without a doubt.
He found it important enough to break his silence after years to post this strange message, but forgot to sign it to proof it was legit? No way...

wasserman99

sr. member

Activity: 476

Merit: 250

Quote from: AGD on September 14, 2014, 12:55:36 AM

Quote from: bigasic on September 13, 2014, 05:20:01 PM

I believe that post when he stated "I am not Dorian" is from SN. From the logs of the emails that were posted, the hacker just received access right before he sent the email to theymos. So, I believe that earlier post is legit...

Why didn't he sign that message to proof it was legit?

No one questioned if the post was legit or not. It was assumed by the community that it was.

AGD

legendary

Activity: 2070

Merit: 1164

Keeper of the Private Key

Quote from: bigasic on September 13, 2014, 05:20:01 PM

I believe that post when he stated "I am not Dorian" is from SN. From the logs of the emails that were posted, the hacker just received access right before he sent the email to theymos. So, I believe that earlier post is legit...

Why didn't he sign that message to proof it was legit?

Topic: [email protected] is compromised - page 6. (Read 152305 times)