[SCAM] Ongoing attempt - Phishing link send around in PM, copy of the forum - page 2.

hennessyhemp

hero member

Activity: 511

Merit: 500

Hempire Loading...

Quote from: binaryFate on July 13, 2013, 06:13:53 PM

One solution is to enable an optional 2 factors authentication:
https://bitcointalksearch.org/topic/can-bitcointalkorg-get-2-factor-authentication-178568

Nowadays, any website that handles something serious proposes it. And this forum is definitely something of that level, it deserves it.

Yes...wholeheartedly agree 2 form authy!...it really sucks to attempt to build a rep, and log in to discover someone found a way to piss on it in your absence. In my case if you do any simple googling...you'll find I am connected to me in real life, so finding out a hacker used my account and posted all kinds of non-sense all over this forum was particularly unsettling...2 form would have probably worked pretty well even if he had gotten my weak password.

whiskers75

hero member

Activity: 658

Merit: 502

Doesn't use these forums that often.

Do you know what's funny about this?

If you take that link, and make it legit, like so: https://bitcointalk.org/index.php?topic=252907.0.html (not phishing)
It leads to a thread titled: "The lost Bitcoins... a question of curiosity" about lost coins.

Cheesy

Ridicuss

sr. member

Activity: 336

Merit: 250

Quote from: BadBear on July 13, 2013, 02:11:07 PM

Quote from: dexX7 on July 13, 2013, 12:50:46 PM

Quote from: Ridicuss on July 11, 2013, 11:51:51 AM

I fell for it. Lost my old account. retard...

Which one was that?

In case of account compromisation, those accounts should be banned/tagged or there should be a sticky somewhere on this board, so nobody gets tricked into believing it is a legit member.

There is an trust issue though. Who do you believe? A newbie who claims he or she is user x? Hm..

Badbear, what would you need to stop it?

We need to be given access to the information we need in order to do something about it. Theymos declined, so I can only assume the help of the moderators is not needed or wanted when it comes to these situations.

Edit: So make sure to contact him directly with all inquiries, complaints, reports or otherwise Wink

.

I did contact theymos about the dirtscience account. I heard nothing back, but I can see the hijacker has not posted anymore form the 10th on, I'm guessing its banned. I do have a way to prove I was the original owner but it would require getting a vendor here involved. I have already squared away my problems with the vendor myself. If dirtscience is still active and you want to trust go ahead.. If you dont want to ban it. Not my problem anymore.

binaryFate

legendary

Activity: 1512

Merit: 1012

Still wild and free

One solution is to enable an optional 2 factors authentication:
https://bitcointalksearch.org/topic/can-bitcointalkorg-get-2-factor-authentication-178568

Nowadays, any website that handles something serious proposes it. And this forum is definitely something of that level, it deserves it.

BadBear

legendary

Activity: 1652

Merit: 1128

Quote from: dexX7 on July 13, 2013, 12:50:46 PM

Quote from: Ridicuss on July 11, 2013, 11:51:51 AM

I fell for it. Lost my old account. retard...

Which one was that?

In case of account compromisation, those accounts should be banned/tagged or there should be a sticky somewhere on this board, so nobody gets tricked into believing it is a legit member.

There is an trust issue though. Who do you believe? A newbie who claims he or she is user x? Hm..

Badbear, what would you need to stop it?

We need to be given access to the information we need in order to do something about it. Theymos declined, so I can only assume the help of the moderators is not needed or wanted when it comes to these situations.

Edit: So make sure to contact him directly with all inquiries, complaints, reports or otherwise Wink

.

dexX7

legendary

Activity: 1106

Merit: 1026

Quote from: Ridicuss on July 11, 2013, 11:51:51 AM

I fell for it. Lost my old account. retard...

Which one was that?

In case of account compromisation, those accounts should be banned/tagged or there should be a sticky somewhere on this board, so nobody gets tricked into believing it is a legit member.

There is an trust issue though. Who do you believe? A newbie who claims he or she is user x? Hm..

Badbear, what would you need to stop it?

LoWang

full member

Activity: 147

Merit: 100

Allright, so I believe this started by luring the credentials from somebody and then using it to hijack more accounts through the phishing PMs (it is funny that the word phishing is in the address itself:). BruteForce attack is out of the question because that would assume somebody hacked into the site and got the password hash database (which I hope is not true)
Badbear you said "the ban (which we can do) is really just reactionary to stop further damage" and yet you did not do this at least. That translates to me as you don't really care even if this could have prevented a lot more account hijacks... I believe you have not ever worked at an IT company Wink

Let's hope this will serve like a security education for those who fall for it without causing too much damage or money loss...

hennessyhemp

hero member

Activity: 511

Merit: 500

Hempire Loading...

I can tell you I did not enter my Bitcointalk information on any website other than bitcointalk so I am fairly certain it was not phished out of me...I had a weak password...so I am guessing brute-force...but I really don't know much about how a hacker comes to steal my account...I just know it definitely happened July 10th, 2013, and I have updated my password so it is much stronger now.

I am a legitimate user with a real life connection to me. The impostor only posed as me and tried to pump my account (presumably for scamming) and apparently tried to buy other accounts from another user. Definitely posted like 50 messages in an hour to try to get my account higher...which didn't work, as another member kept popping up on his threads alerting users he was posting like crazy. I discovered this whole fiasco on the 7/12/2013. Password has been updated...but this is crazy...guy was fairly smart and very capable, it's rather unnerving.

Ridicuss

sr. member

Activity: 336

Merit: 250

Quote from: crumbs on July 10, 2013, 02:15:56 PM

if this helps, i got two

Today at 02:15:57 PM BTC-E Trade Bot / Earn .1 btc a week haasBB8
Today at 11:34:18 AM BTC-E Trade Bot / Earn .1 btc a week dirtscience

Dirtscience was my hijacked account. Sorry for the stupidity guys.

Ridicuss

sr. member

Activity: 336

Merit: 250

I fell for it. Lost my old account. retard...

kjj

legendary

Activity: 1302

Merit: 1026

pedrog

legendary

Activity: 2786

Merit: 1031

I got the PM from another account:

Quote from: jwest411 on July 10, 2013, 08:37:43 PM

I clicked the link and logged in like a pro, but realized this quick and changed my password on the real site. I use different passwords everywhere and have 2 step. I should be good right?

I always log:

User: Go
Pass: Fuckyourself

At least they can get a laugh when going through the records.

jackjack

legendary

Activity: 1176

Merit: 1280

May Bitcoin be touched by his Noodly Appendage

CoinsForTech

hero member

Activity: 698

Merit: 500

5% Bitcoin Discount - All Orders

Arcas

hero member

Activity: 1036

Merit: 524

Quote from: jwest411 on July 10, 2013, 08:37:43 PM

I clicked the link and logged in like a pro, but realized this quick and changed my password on the real site. I use different passwords everywhere and have 2 step. I should be good right?

Yes. I made the same stupid mistake when I brainlessly tried to log in without asking myself why I got logged out.

I did get logged off a few times today on the real forum, probably the phisher trying to log into my account and getting locked out.

n4ru

sr. member

Activity: 350

Merit: 250

Bot site could be distributing the worm through it's "trial" program.

Reminds me of those 4chan worms that work by getting idiots to save an image as a .vbs and run it.

jwest411

member

Activity: 107

Merit: 10

I clicked the link and logged in like a pro, but realized this quick and changed my password on the real site. I use different passwords everywhere and have 2 step. I should be good right?

Hollowinfinity

newbie

Activity: 42

Merit: 0

Quote from: theymos on July 10, 2013, 08:12:37 PM

It's much more expensive for them to obtain phished accounts than it is for me to ban them.

People will just use the old DB dump instead of PM's.

theymos

administrator

Activity: 5222

Merit: 13032

Quote from: 🏰 TradeFortress 🏰 on July 10, 2013, 07:00:18 PM

This does not help much. They can use phished accounts to spam.

It's much more expensive for them to obtain phished accounts than it is for me to ban them.

🏰 TradeFortress 🏰

vip

Activity: 1316

Merit: 1043

👻

Topic: [SCAM] Ongoing attempt - Phishing link send around in PM, copy of the forum - page 2. (Read 10556 times)