Pages:
Author

Topic: Showing I merited 3 people 2 days ago but I never even visited those threads.. (Read 939 times)

legendary
Activity: 3598
Merit: 2386
Viva Ut Vivas
FYI. To verify that I am still in control of my account.

https://www.blockchain.com/btc/address/1ELWAR1qFQbfmpMhcsTaBniFRLewrYqGo2

---
July 20, 2018
---
G66OM3cEsEwaosWnMALZoy1+5KhsaEqAMeWjNv/MiYI1QC+lyyNFmOYVOl63JI0ocoBMsAKKCh3xQJ4Mk3k1AR4=
jr. member
Activity: 103
Merit: 3
Elvar, may I ask, if you can add the other accounts which were involved? It's likely there are more accounts connected and if you include them into your entry post this could help for future references and investigations. I can have a look into it, if I find something suspicious.

Thanks  Smiley
member
Activity: 330
Merit: 23
I'm not going to do reversals on mere abuse.
Oh yeah finally our great "theymos" heard my poem Wink . I think we can take as " I'm going to do reversals on large scale Merit abuses" is it valid for the ANN underworld freaks too? ,who do Merit business more oftenly.

No, you should probably not interpret it as that. This was reversed because theymos was able to verify that the account was compromised.
Reversals of Merit abuse look fine at the first glance and while I read that I thought first this could be a good idea. But it's obvious that a Merit reversal of abusers will lead to nothing because all the sMerit will be given back to the same cheater and it's possible for him to spent these sMerits again, a never ending story and only more work for admins.

And thanks to OP, now we know that we have to be careful. I'm just wondering the hackers got access but OP didn't enter his login data on this phishing site. Fortunately the hackers didn't change your password.
hero member
Activity: 1659
Merit: 687
LoyceV on the road. Or couch.
Ok, I found it in my browser history.

https://bitcointalk. to /index.php?topic=1638278.0

Did a google search to find out how to do animated gifs on bitcointalk
Add the phishing site to your hosts file, and reroute it to localhost. That prevents this in the future:
I have added this line to /etc/hosts
Code:
127.0.0.1       bitcointalk.to
Now my computer can't access that phishing site anymore.
legendary
Activity: 3598
Merit: 2386
Viva Ut Vivas
Ok, I found it in my browser history.

https://bitcointalk. to /index.php?topic=1638278.0

Did a google search to find out how to do animated gifs on bitcointalk.


Damn, sneaky bastards.

Thanks to ibminer for suggesting I check my browser history.

Sorry for causing any trouble for anyone due to my mistake.

Merits all around.


Still scrubbing and locking down my computer anyway...wake up call I suppose.
full member
Activity: 196
Merit: 174
I'm not going to do reversals on mere abuse.
Oh yeah finally our great "theymos" heard my poem Wink . I think we can take as " I'm going to do reversals on large scale Merit abuses" is it valid for the ANN underworld freaks too? ,who do Merit business more oftenly.

No, you should probably not interpret it as that. This was reversed because theymos was able to verify that the account was compromised.
Okey my mistake. But I think theymos will spell it out sooner than we think Wink isn't that great if it happens?
legendary
Activity: 3654
Merit: 8909
https://bpip.org
I'm not going to do reversals on mere abuse.
Oh yeah finally our great "theymos" heard my poem Wink . I think we can take as " I'm going to do reversals on large scale Merit abuses" is it valid for the ANN underworld freaks too? ,who do Merit business more oftenly.

No, you should probably not interpret it as that. This was reversed because theymos was able to verify that the account was compromised.
full member
Activity: 196
Merit: 174
I'm not going to do reversals on mere abuse.
Oh yeah finally our great "theymos" heard my poem Wink . I think we can take as " I'm going to do reversals on large scale Merit abuses" is it valid for the ANN underworld freaks too? ,who do Merit business more oftenly.
legendary
Activity: 3598
Merit: 2386
Viva Ut Vivas
Thanks for looking into this. I'm just glad that's all the hacker did.

Now I get to spend the day scrubbing my computer for anything suspicious.  

Fortunately I lock my keys up in cold cold storage plus they need to know which numbers I added/deleted.
legendary
Activity: 3654
Merit: 8909
https://bpip.org
I'm not going to do reversals on mere abuse.

Fair enough, we're gonna have to use this quote instead of "merit is not moderated".
administrator
Activity: 5222
Merit: 13032
Is this being accepted as a hack or potential bug in the merit system? I assume IP records would indicate whether the account was compromised?

His account was compromised.

Oh boy... brace yourselves for 500 new threads about merit abuse.

I'm not going to do reversals on mere abuse.
legendary
Activity: 3654
Merit: 8909
https://bpip.org
Since it was a large amount and a clear-cut case, I deleted those merit sends.

Oh boy... brace yourselves for 500 new threads about merit abuse.

legendary
Activity: 1789
Merit: 2535
Goonies never say die.
Is this being accepted as a hack or potential bug in the merit system? I assume IP records would indicate whether the account was compromised?
legendary
Activity: 3290
Merit: 16489
Thick-Skinned Gang Leader and Golden Feather 2021
Since it was a large amount and a clear-cut case, I deleted those merit sends.
From your first post about Merit:
While we will not be directly moderating this
I'm glad to see you've drawn a line and made an exception!

Now all that's needed is a picture of the Merit thief's face when he sees it's gone again Cheesy
administrator
Activity: 5222
Merit: 13032
Since it was a large amount and a clear-cut case, I deleted those merit sends.
full member
Activity: 196
Merit: 174
I suspect those merits have been sold, we have a new kind of merit-trading-hacking activity around here.
I remembered a poem of "Emily Dickinson" which I learned for literature at school and I made few changes for that (just for fun).

"I'm Merit abuser! Who are you?
Are you - Merit abuser too -?
Then there's a pair of us!
Don't tell! They'd ban us - you know!
"

Actually they don't Cheesy

Merit abuse isn't moderated by the forum.
legendary
Activity: 3346
Merit: 3130
I know, I may have been hacked but...

I checked my merits sent and on July 17 it shows 3 different merits given of 50 merits each for threads I have never visited.

Very odd that someone would hack my account just to merit someone.

I have since changed my password but I would have figured a hacker would do some more interesting things with a Legendary account than merit some people.

Or is this a random bug.


Ummm... seems pretty similar than this case https://bitcointalksearch.org/topic/edit-my-hacked-account-was-used-for-merit-abuse-by-this-user-bgpsq-4642710

I don`t know, but maybe this is a new way of merit trading, maybe you should red tag those that steal merits from you. They`ve been already tagged by the pharmacist and suchmoon.
I suspect those merits have been sold, we have a new kind of merit-trading-hacking activity around here.
hero member
Activity: 784
Merit: 1416
Just did a scan of my computer so I'm not seeing any virus or anything along those lines. I use antivirus but also do a scan with a secondary program periodically.

I'm curious about who I would talk to about checking the IPs I've logged in as over the past week. Should all be the same country if it was me.

Do you remember if at the time the merits where assigned you were logged in the forum or online at all doing something else?

My computer was online and connected but I wasn't posting on bitcointalk. But was likely still logged in at the time. I don't recall if the next morning I had to re-log in.

I don't click on links to go to bitcointalk. I have been using the site for 8 years, I know the address. I just type in the URL.

Without going into too many technical details, i was just asking because i thought would be possible just by visiting a link "make you assign merit to somebody" through an exploit, but i verified and is not possible. So i guess somebody took control of your account.
legendary
Activity: 3598
Merit: 2386
Viva Ut Vivas

I always type in websites before I log in. Bitcointalk is always up for me. But thinking about it I did have to log in again several days ago.
Why you even bother to type the "Bitcointalk" in the search bar? I just simply bookmarked the boards where I normally read and post. Then tick the "show bookmarks bar". I only logging with those bookmarked links and problem solved, no phishing links at all Cheesy

Ya, usually I just go to the address bar and type bitc and it has bitcointalk at the top.

The reality though is I usually have about 20 tabs open at once and bitcointalk is usually one of them. So I rarely need to actually go to the site.
full member
Activity: 196
Merit: 174

I always type in websites before I log in. Bitcointalk is always up for me. But thinking about it I did have to log in again several days ago.
Why you even bother to type the "Bitcointalk" in the search bar? I just simply bookmarked the boards where I normally read and post. Then tick the "show bookmarks bar". I only logging with those bookmarked links and problem solved, no phishing links at all Cheesy
Pages:
Jump to: