Pages:
Author

Topic: Someone had access to my account last month - Please beware! - page 3. (Read 1345 times)

legendary
Activity: 3290
Merit: 16489
Thick-Skinned Gang Leader and Golden Feather 2021
Quoting for images:
.
.
.
These three person are involved into this trading, two of them are from India & last one is from (Vietnam/Indonesia):




First guy, the actual legendster or the hacker or bounty manager came to sell his account and offered the account to (2nd & 3rd guy, or other team member- they are reseller team)
2nd & 3rd guy are reseller and middleman as well, they have a huge team member.
I bought the ID from the reseller team on May without email address they refused to give email address:




Then I tried to contact with the 1st guy and offered money for BTC/ETH address, but he disagreed to sell, He need huge money otherwise don't want to give BTC/ETH address.




Then last monday 1st guy suddenly started dancing and texted the reseller team and wanted back his account but don't want to pay back, but I disagreed to give.

I gave all evidence with old password too, forum moderator can verify the old password, from May to "September 13, 2021" that account was in under my control and now he recovered the account without giving me back 500 usdt.

Video link of the chat: https://drive.google.com/file/d/1Vs0mFlQp0Zoz7rpqEilCs3Jwzd9E9vhS/view?usp=sharing
newbie
Activity: 4
Merit: 0
.
.
.
These three person are involved into this trading, two of them are from India & last one is from (Vietnam/Indonesia):
https://i.ibb.co/VBX5pj7/Capture-2021-09-15-10-31-12.png
https://i.ibb.co/4407KFB/Capture-2021-09-15-12-27-52.png
https://i.ibb.co/4sMBCmN/Capture-2021-09-15-12-27-15.png

First guy, the actual legendster or the hacker or bounty manager came to sell his account and offered the account to (2nd & 3rd guy, or other team member- they are reseller team)
2nd & 3rd guy are reseller and middleman as well, they have a huge team member.
I bought the ID from the reseller team on May without email address they refused to give email address:
https://i.ibb.co/b3mqw0p/20210915-121142.jpg
https://i.ibb.co/3yCs5h2/20210915-121138.jpg


Then I tried to contact with the 1st guy and offered money for BTC/ETH address, but he disagreed to sell, He need huge money otherwise don't want to give BTC/ETH address.
https://i.ibb.co/JdNRxPJ/Capture-2021-09-15-10-12-57.png
https://i.ibb.co/XSRrKHr/Capture-2021-09-15-10-14-49.png
https://i.ibb.co/F3rn83V/Capture-2021-09-15-10-18-47.png

Then last monday 1st guy suddenly started dancing and texted the reseller team and wanted back his account but don't want to pay back, but I disagreed to give.

I gave all evidence with old password too, forum moderator can verify the old password, from May to "September 13, 2021" that account was in under my control and now he recovered the account without giving me back 500 usdt.

Video link of the chat: https://drive.google.com/file/d/1Vs0mFlQp0Zoz7rpqEilCs3Jwzd9E9vhS/view?usp=sharing
legendary
Activity: 3290
Merit: 16489
Thick-Skinned Gang Leader and Golden Feather 2021
I will send telegram chat photo.
Can you send a signed message that proves you bought the account? I don't trust screenshots, they can be doctored.

his account is more worth around 0.05 BTC or more (worth 2300 USDT right now).
What do you base that number on?

He scammed me 500 usdt and took the account back again last monday. I also have the old password, forum moderator can verify that.
No, forum moderators can't see your password.
There's a flaw in your story: legendster's email address was never changed.
Why would you buy an account and not use it for 4 months?
newbie
Activity: 4
Merit: 0
Hi! I bought legendster ID from him last May,
He sold the ID to me for 500+ usdt
What's going on here? lol

If he sell his account only for 500 USDT, he's stupid enough since his account is more worth around 0.05 BTC or more (worth 2300 USDT right now). Even you've send the Telegram chat I doubt other people would trust it (include me)


@legendster I hope you could sign a messages of your Greenwallet address as you said previously, otherwise this case will be more complicated.

He scammed me 500 usdt and took the account back again last monday. I also have the old password, forum moderator can verify that.
legendary
Activity: 1834
Merit: 1208
Hi! I bought legendster ID from him last May,
He sold the ID to me for 500+ usdt
What's going on here? lol

If he sell his account only for 500 USDT, he's stupid enough since his account is more worth around 0.05 BTC or more (worth 2300 USDT right now). Even you've send the Telegram chat I doubt other people would trust it (include me)


@legendster I hope you could sign a messages of your Greenwallet address as you said previously, otherwise this case will be more complicated.
newbie
Activity: 4
Merit: 0
Hi! I bought legendster ID from him last May,
He sold the ID to me for 500+ usdt and now recovered his ID.
This person is liar and totally fake. please stay away from him.

I will send telegram chat photo.
legendary
Activity: 1834
Merit: 1208
This guy is a hacker. Please give negative trust to this account. I am the  owner of this account and he changed email address signature affiliate code and Bitcoin wallet address today.
The thing is screenshot aren't 100% verifiable to proof of your ownership, you need to sign a messages (but you said the address you used are from exchange) tagging without verifiable proof isn't correct.

Now no one will be able to hack my email like legendster without authentication code.  Cool
If the hacker has access of your phone (which the same phone you get the 2FA code) you can still get hacked.
newbie
Activity: 6
Merit: 0
After spending a lot of time now feeling better, Successfully I've secured everything with a strong password, Smiley
I also set google authentication app to secure my email.  Cool
Now no one will be able to hack my email like legendster without authentication code.  Cool
This guy is a hacker. Please give negative trust to this account. I am the  owner of this account and he changed email address signature affiliate code and Bitcoin wallet address today.
full member
Activity: 630
Merit: 102
After spending a lot of time now feeling better, Successfully I've secured everything with a strong password, Smiley
I also set google authentication app to secure my email.  Cool
Now no one will be able to hack my email like legendster without authentication code.  Cool
full member
Activity: 630
Merit: 102

I'm afraid that it will ask verification code when I will change it?




Even how many security levels that you put into your account or even your email address if you didn't care about it, it's useless.  As long as you've used an email address that's not associated with your personal and daily use account, then, you'll be fine.  If you're the only one who knows your password and your email address used, you're safe from a possible scam or being a compromised account.

Threat your account as you valuable stuff and avoid it sharing with anyone.
I'm on this rank now but I never change my password even at once or email the address because I know that I'm the only one who uses it 'till now.

I suspected that this was probably a cause of sharing an account or might use it as collateral in exchange for something valuable than this, IMO, and CMIIW.

I just used a random email like abcd@example,com, even it does not exist.

I haven't shared it with anyone publicly, but maybe forums staff knows that.
when I randomly go to report on other's posts and it warned me that email is revealed to the forum staff, then I stopped reporting their post cause I don't want to reveal the address.

legendary
Activity: 2492
Merit: 1232
legendster's account has been hacked Huh! I am so much scared to see it. legendster is a very reputed and skilled person on our Indian board.
When I joined the forum, I was not very careful about email Sad, I have created my account with a random email address, will I have a problem? What do I have to do now? please suggest me.
Even how many security levels that you put into your account or even your email address if you didn't care about it, it's useless.  As long as you've used an email address that's not associated with your personal and daily use account, then, you'll be fine.  If you're the only one who knows your password and your email address used, you're safe from a possible scam or being a compromised account.

Threat your account as you valuable stuff and avoid it sharing with anyone.
I'm on this rank now but I never change my password even at once or email the address because I know that I'm the only one who uses it 'till now.

I suspected that this was probably a cause of sharing an account or might use it as collateral in exchange for something valuable than this, IMO, and CMIIW.
legendary
Activity: 3290
Merit: 16489
Thick-Skinned Gang Leader and Golden Feather 2021
I have created my account with a random email address, will I have a problem? What do I have to do now?
Change it Smiley
full member
Activity: 630
Merit: 102
legendster's account has been hacked Huh! I am so much scared to see it. legendster is a very reputed and skilled person on our Indian board.
When I joined the forum, I was not very careful about email Sad, I have created my account with a random email address, will I have a problem? What do I have to do now? please suggest me.
legendary
Activity: 1568
Merit: 6660
bitcoincleanup.com / bitmixlist.org
That is what boggles my mind that someone got in DESPITE 2FA being active on ALL my accounts.

Which 2FA method?

Google has several different options for 2FA, there is one where you open the Gmail app on your mobile phone, another uses Google authenticator, and I believe there is also an SMS verification also. So which one were you using at the time of the hack?
legendary
Activity: 3290
Merit: 16489
Thick-Skinned Gang Leader and Golden Feather 2021
a throwaway e-mail address.
That means someone might be able to access that email address. Yopmail users for instance have had their account compromised that way.

Changing the password raises red flags, while quietly using the account might result in a successful PM scam.
Further reading here.
legendary
Activity: 3528
Merit: 7005
Top Crypto Casino
I am suspecting the hacker got access to my Firefox sync account as well which would enable him to get passwords of different accounts.
Wait, you stored your passwords in the cloud? Shocked Why on earth would you do that? Cloud storage is a terrible idea for passwords.
I'm a complete idiot when it comes to tech, and even I know not to do that.  I'm not trying to rub salt in any wounds here, legendster, but damn.  I use Firefox, but don't use the sync function.

And I'm not even sure why e-mail is required on this forum.  I get that some people want the 2FA security, but for me it's just another piece of data that can be hacked, and personally I don't care to enter anything but a throwaway e-mail address.

He reset the password today. The bigger question is - like LoyceV mentioned - how did the "hacker" access the account without resetting the password, and why did the presumably real legendster needed to reset it if...
Why didn't the hacker reset the password is the better question.  And if legendster did indeed get hacked and the hacker didn't change it, I understand why legendster would change it--unless I'm missing something obvious.  I'm assuming the hacker got access to it from the Firefox data in which it was stored and presumably still has it.  No idea why a hacker wouldn't change a password on an account they just hacked, but hey....I'm not a hacker.
legendary
Activity: 3290
Merit: 16489
Thick-Skinned Gang Leader and Golden Feather 2021
I am suspecting the hacker got access to my Firefox sync account as well which would enable him to get passwords of different accounts.
Wait, you stored your passwords in the cloud? Shocked Why on earth would you do that? Cloud storage is a terrible idea for passwords. I don't even dare use the same account on more than one device, because each device increases the risk of getting compromised, let alone give each device access to everything!
hero member
Activity: 1778
Merit: 764
www.V.systems
I remembered when I saw your topic Hiring Telegram Managers and I contacted you via Telegram.

It is since late of May and you almost inactive since May. What happened recent weeks?

If you scroll back into my posts you'll see I've been increasingly inactive on Bitcointalk since late 2019.

I've been focusing my energy on my work on Telegram and Discord.



I need to change the staked address as that one is compromised during the April hack that I mentioned above.

you should definitely confirm ownership of the account by signing a message on one of your oldest addresses used here on the forum. I guess not all of them is compromised and only you have access to them.

Your oldest (used 11 April 2013) 1C5voy2et9odzmocDxirb4S6GrTJ6MeqsW here
Or 3JHJKATezUpeGs9JeobzY7U2Fo6iybZ6yL which you used (in 2018) to apply in signature campaigns. here, here, here

I already have a strong password. Always did.

the reason is that it must be determined that you are the original owner of the account. But obviously is not enough strong.

The MeqsW wallet was from some third party exchange / platform. I don't even remember where.

I have access to the later ones as those would be from my Greenwallet wallet account. I'll have to install the desktop app and find a way to sign from there. Will do that later today or whenever I find some time.

The password itself was a strong alpha numeric 26 character pw with special characters and all..

I am suspecting the hacker got access to my Firefox sync account as well which would enable him to get passwords of different accounts. Of course I've reset that pw along with all the old important passwords. (and still resetting the unimportant ones)



Suspicion confirmed.
Is there anything in your PM or outbox? Of course that could have been deleted so you can't know for sure.

No posts were made: loyce.club/archive/members/9/93844.html.

I just checked BPIP and indeed there was a password reset last month. I don't know how this happened.
Actually, the reset was today, a month ago it was only "changed":
Code:
8/18/2021 2:27:22 PM password changed
9/13/2021 3:53:45 PM password reset via email

I assume you're the one who reset it, but doesn't that mean the attacker must have entered your old password in order to change it?
Any chance you can sign a message from an old staked address?

Yes I was the one who reset it and the one before was 'changed'.

Which implies the hacker must have had my BTT password from the April email breach (which would have given him access to Firefox sync where I store a bulk of my passwords) and he simply tried to log in and changed the pw last month.

There have been a number of attempts since April to log into my exchange accounts but since I reset them no one has gotten in but I did get a bunch of emails from Binance and other exchanges where there were some failed attempts to log in.

And no, nothing in the outbox.

And yes I can sign from some of the old addresses but they won't mean anything as the hacker would have access to them as well.



You are quite lucky that the hacker didn't completely lock you out of your account by changing your email address after the password change or use it to scam unsuspecting members.

Try to keep your email address very secure. 2FA should be a must. Once your email address is compromised. Every account linked to it including exchange accounts could easily be accessed by the hacker through password resets.

That is what boggles my mind that someone got in DESPITE 2FA being active on ALL my accounts.

And google defaults to the new way of 2fa where you get a notification screen where you have to approve that you're signing in from a new device - I didn't get any of that when the hacker got into my email in April.

I was only notified when my DDIM tokens were being unstaked and I got that notification on Telegram. But It was already around 50 minutes late.

PS: I was stupid enough to have saved my master priv key sheet in the drafts of my email around Feb when I was doing a PC OS upgrade. And didn't care enough to delete it later. Because in the back of my mind I knew no one could bypass my 2fa. I was wrong.


After the hack, I did make a post on Linkedin and perhaps Twitter, seeking advice from security experts.



[moderator's note: consecutive posts merged]
copper member
Activity: 2156
Merit: 983
Part of AOBT - English Translator to Indonesia
Suspicion confirmed.



bu i think the attacker using some IP guard like VPN or proxy because my account that im using right now is one victim and i regain on 2020

for now i think is good to change your email first and then change the password

maybe the reason my account got hacked is because i have same password and account

 you must not do what im doing
full member
Activity: 1134
Merit: 140
If anyone is still not aware, this story was created to scam Maidak - https://bitcointalksearch.org/topic/wtf-maidak-5359785
Pages:
Jump to: