Pages:
Author

Topic: [email protected] is compromised - page 6. (Read 152314 times)

legendary
Activity: 3920
Merit: 2349
Eadem mutata resurgo
September 15, 2014, 04:05:40 AM
Looking at GMX's password recovery process, to recover an account it looks like they will either send an email to s***@v*****.com
or they will let you enter your birthdate. Perhaps somebody exploited one of these two options?
reddit formatting markdown fucked up the email address characters, but it looks like S followed by 6 stars @ V followed by 8 stars

entering birth date is rate limited to 3 attempts per 24 hrs. So probably wasn't accessed through this unless the attacker had narrowed down the range a bit

Would take 4 months max to crack the birth date.. So it's quite possible.

If somebody knew the exact calendar year, that's true. But do we really really know exactly what year he was born?

If Satoshi is only one person and not a group, just try the birth dates of

Nick Szabo, Wei Dai, David Chaum, John Nash, Adam Back, Tatsuaki Okamoto, Hal Finney, Neal King, Vladimir Oksman, Charles Bry, Michael Weber, Shinichi Mochizuki, Robert A. Hettinga, Gavin Andresen, and Ray Dillinger

and you have your Satoshi.

... it is common practice for pseudonyms to use cryptic yet significant dates, numerology or the like. 1/1/1971, 2/8/82, etc ...
sr. member
Activity: 530
Merit: 250
CryptoTalk.Org - Get Paid for every Post!
September 15, 2014, 02:55:10 AM
Looking at GMX's password recovery process, to recover an account it looks like they will either send an email to s***@v*****.com
or they will let you enter your birthdate. Perhaps somebody exploited one of these two options?
reddit formatting markdown fucked up the email address characters, but it looks like S followed by 6 stars @ V followed by 8 stars

entering birth date is rate limited to 3 attempts per 24 hrs. So probably wasn't accessed through this unless the attacker had narrowed down the range a bit

Would take 4 months max to crack the birth date.. So it's quite possible.

If somebody knew the exact calendar year, that's true. But do we really really know exactly what year he was born?

If Satoshi is only one person and not a group, just try the birth dates of

Nick Szabo, Wei Dai, David Chaum, John Nash, Adam Back, Tatsuaki Okamoto, Hal Finney, Neal King, Vladimir Oksman, Charles Bry, Michael Weber, Shinichi Mochizuki, Robert A. Hettinga, Gavin Andresen, and Ray Dillinger

and you have your Satoshi.
sr. member
Activity: 434
Merit: 250
September 15, 2014, 02:34:07 AM
There are lots of sites where you can send mail under fake e-mail address, it's simple.
AGD
legendary
Activity: 2070
Merit: 1164
Keeper of the Private Key
September 15, 2014, 01:47:43 AM
I don't believe in this "idiot hacker" story at all.

member
Activity: 109
Merit: 10
September 14, 2014, 06:52:11 PM
It would have been nice if the hacker released Satoshi's old emails foe posterity.  It's a real shame we had such an idiot hacker.
full member
Activity: 210
Merit: 100
Looking for the next big thing
sr. member
Activity: 322
Merit: 250
September 14, 2014, 06:08:21 PM
Lol. Hasn't it proved already the "hacker" was a dumb kid that got doxed? OP should update the thread with the info so people dont keep asking or something.
newbie
Activity: 2
Merit: 0
September 14, 2014, 04:21:51 PM
Looking at GMX's password recovery process, to recover an account it looks like they will either send an email to s***@v*****.com
or they will let you enter your birthdate. Perhaps somebody exploited one of these two options?
reddit formatting markdown fucked up the email address characters, but it looks like S followed by 6 stars @ V followed by 8 stars

entering birth date is rate limited to 3 attempts per 24 hrs. So probably wasn't accessed through this unless the attacker had narrowed down the range a bit
People in this thread have already said that even though it claims to limit you to 3 tries per 24 hours, it actually doesn't limit you.
legendary
Activity: 1232
Merit: 1001
mining is so 2012-2013
September 14, 2014, 03:02:02 PM
Looking at GMX's password recovery process, to recover an account it looks like they will either send an email to s***@v*****.com
or they will let you enter your birthdate. Perhaps somebody exploited one of these two options?
reddit formatting markdown fucked up the email address characters, but it looks like S followed by 6 stars @ V followed by 8 stars

entering birth date is rate limited to 3 attempts per 24 hrs. So probably wasn't accessed through this unless the attacker had narrowed down the range a bit

Would take 4 months max to crack the birth date.. So it's quite possible.

If somebody knew the exact calendar year, that's true. But do we really really know exactly what year he was born?
newbie
Activity: 62
Merit: 0
September 14, 2014, 01:55:54 PM
Looking at GMX's password recovery process, to recover an account it looks like they will either send an email to s***@v*****.com
or they will let you enter your birthdate. Perhaps somebody exploited one of these two options?
reddit formatting markdown fucked up the email address characters, but it looks like S followed by 6 stars @ V followed by 8 stars

entering birth date is rate limited to 3 attempts per 24 hrs. So probably wasn't accessed through this unless the attacker had narrowed down the range a bit

Would take 4 months max to crack the birth date.. So it's quite possible.
sr. member
Activity: 476
Merit: 250
September 14, 2014, 01:42:41 PM
Looking at GMX's password recovery process, to recover an account it looks like they will either send an email to s***@v*****.com
or they will let you enter your birthdate. Perhaps somebody exploited one of these two options?
reddit formatting markdown fucked up the email address characters, but it looks like S followed by 6 stars @ V followed by 8 stars

entering birth date is rate limited to 3 attempts per 24 hrs. So probably wasn't accessed through this unless the attacker had narrowed down the range a bit

This has already been discussed and is likely how he gained access. Think someone said it would take max a year to guess the birthdate by bruteforce.
I would think that the hacker likely changed the password reset questions once he gained access to the account. I would not be surprised if some hacker was able to exploit some kind of vulnerability at gmx (and potentially sold this information on some dark web site). 
member
Activity: 61
Merit: 10
September 14, 2014, 11:39:54 AM
Looking at GMX's password recovery process, to recover an account it looks like they will either send an email to s***@v*****.com
or they will let you enter your birthdate. Perhaps somebody exploited one of these two options?
reddit formatting markdown fucked up the email address characters, but it looks like S followed by 6 stars @ V followed by 8 stars

entering birth date is rate limited to 3 attempts per 24 hrs. So probably wasn't accessed through this unless the attacker had narrowed down the range a bit

This has already been discussed and is likely how he gained access. Think someone said it would take max a year to guess the birthdate by bruteforce.
newbie
Activity: 21
Merit: 0
September 14, 2014, 11:37:12 AM
Looking at GMX's password recovery process, to recover an account it looks like they will either send an email to s***@v*****.com
or they will let you enter your birthdate. Perhaps somebody exploited one of these two options?
reddit formatting markdown fucked up the email address characters, but it looks like S followed by 6 stars @ V followed by 8 stars

entering birth date is rate limited to 3 attempts per 24 hrs. So probably wasn't accessed through this unless the attacker had narrowed down the range a bit
legendary
Activity: 1974
Merit: 1077
^ Will code for Bitcoins
September 14, 2014, 06:08:39 AM
s******@v********.com is "[email protected]". This is general knowledge, Satoshi used the Vistomail-adress e.g. at the Cryptography-mailing-list [1] or for Bitcoin-related public announcements/postings/publications/communication [2].

1 = http://marc.info/?l=cryptography&m=122694149201952&w=2
2 = http://library.uniteddiversity.coop/Money_and_Economics/bitcoin.pdf & http://blog.dustintrammell.com/2013/11/26/i-am-not-satoshi/

Interesting comment in those emails regarding the reusing of addresses:

Quote
Address book labels for receiving addresses is confusing but I'm not sure what else to do.  Anyone using it for more than just simple purposes would need to create different receiving addresses for each payer so they could tell who's paying them.  That concept doesn't have much analogy in the real world.

Satoshi
legendary
Activity: 1232
Merit: 1011
Monero Evangelist
September 14, 2014, 05:28:38 AM
The site also reveals to anyone attempting to reset that the alternate email is  s******@v********.com
This is pretty piss-poor security, since it's obvious that s****** is satoshi and there are lists of free email providers, even ones from 5 years ago that have domains now expired or parked that could be bought and tried against the reset:
vahoo.com
...
vr9.com

The reset email shown could be set by the current hacker, if it was previously s******@g****.com it would be even more obvious what else to compromise.
s******@v********.com is "[email protected]". This is general knowledge, Satoshi used the Vistomail-adress e.g. at the Cryptography-mailing-list [1] or for Bitcoin-related public announcements/postings/publications/communication [2].

1 = http://marc.info/?l=cryptography&m=122694149201952&w=2
2 = http://library.uniteddiversity.coop/Money_and_Economics/bitcoin.pdf & http://blog.dustintrammell.com/2013/11/26/i-am-not-satoshi/
AGD
legendary
Activity: 2070
Merit: 1164
Keeper of the Private Key
September 14, 2014, 03:49:39 AM
I believe that post when he stated "I am not Dorian" is from SN. From the logs of the emails that were posted, the hacker just received access right before he sent the email to theymos. So, I believe that earlier post is legit...

Why didn't he sign that message to proof it was legit?
No one questioned if the post was legit or not. It was assumed by the community that it was.

Not true. Some people need proof before they classify a message as "legit". Satoshi would not forget to sign it if he wanted everybody to believe it was him without a doubt.
He found it important enough to break his silence after years to post this strange message, but forgot to sign it to proof it was legit? No way...

sr. member
Activity: 476
Merit: 250
September 14, 2014, 02:02:27 AM
I believe that post when he stated "I am not Dorian" is from SN. From the logs of the emails that were posted, the hacker just received access right before he sent the email to theymos. So, I believe that earlier post is legit...

Why didn't he sign that message to proof it was legit?
No one questioned if the post was legit or not. It was assumed by the community that it was.
AGD
legendary
Activity: 2070
Merit: 1164
Keeper of the Private Key
September 14, 2014, 12:55:36 AM
I believe that post when he stated "I am not Dorian" is from SN. From the logs of the emails that were posted, the hacker just received access right before he sent the email to theymos. So, I believe that earlier post is legit...

Why didn't he sign that message to proof it was legit?
Pages:
Jump to: