Someone Loan using My Account - page 2.

Stalker22

legendary

Activity: 1484

Merit: 1355

Quote from: CryptoHFs on July 22, 2023, 03:19:08 PM

Hey shasan I spoke to you 3rd of July and my comment is 8th of July not only that when people mentioned what you said I stated that if I need a loan I will request it through my alt. So in both cases there's no point at all I am seeing in your question.

I literally just requested today a loan from CC to be received on my alt Tongue

if you have a valid point let me know.

Also timelord didn't solve a mystery it's me who writing everywhere both of the accounts are mine Cool

Edit: lol, even me telling you both are mine in the DMs

The point is that it does not make much sense to claim with one of your accounts that you will not ask for a loan on this forum while, at the same time, asking for a loan with your alt account. Did you inform LoyceV of that fact when you asked him for a neutral tag?

CryptoHFs

member

Activity: 182

Merit: 35

STRAIGHT FORWARD

Quote from: CryptoHFs on July 11, 2023, 06:04:14 PM

Quote from: DireWolfM14 on July 11, 2023, 05:52:48 PM

Lol, this is such a joke. What happens if three years from now one of you guys decides you need a loan? What if you want LoyceV to remove the tag, but he's no longer active? What if LoyceV takes a break from the forum, and drops off of DT? By this logic a lender is supposed to go digging through years worth of reviews, possibly untrusted reviews to look for a possible entry by LoyceV saying you won't ever take out a loan. What if you do take a loan from some unsuspecting lender and decide you don't have to pay it because look, "back in 2023 LoyceV left a tag saying I would never take out a loan." Couldn't this be used as an excuse to scam a lender?

Quote from: zasad@ on July 10, 2023, 09:01:49 AM

CYBER_COWBOY

2023-07-10

Reference

This user confirmed he never wants to take a loan. If his account asks for it, it's not him.

Quote from: Peanutswar on July 09, 2023, 07:02:22 AM

lovesmayfamilis

2023-07-08

Reference

This user confirmed she never wants to take a loan. If her account asks for it, it's not her.

Quote from: https://bitcointalk.org/index.php?action=trust;u=459836

CryptoHFs

2023-07-08

Reference

This user confirmed he never wants to take a loan. If his account asks for it, it's not him.

Not to mention, out of these 5 request, one (I suspect) is a sockpuppet of a loan defaulter, lending board troll, and alt farmer that's been spamming and trolling the lending board for over a year, using multiple alts in an attempt to get an unsecured loan. And, another just literally asked for a loan last week, lol. You couldn't make this shit up.

Nothing good will come of these tags, and if you have asked LoyceV to tag you, I have a suggestion: SECURE YOUR FUCKING ACCOUNT! Take some personal responsibility for your own safety and security, and that of the forum. If you fear some one is after your precious and valuable account, change your password.

Another thing I noticed about this thread, shasan's notable absence. @shasan, with all due respect, to what extent are you responsible for this tragedy? Sure, Peanutswar didn't secure his account, but what efforts did you take to make sure the loan you were issuing was going to the same person that built that account?

Well, I did it to support the idea. If I ever need a loan in the future I will be requesting it from my alt.

This account btc address is compromised, banned before for a week, most likely I will stop using it.

Hey shasan I spoke to you 3rd of July and my comment is 8th of July not only that when people mentioned what you said I stated that if I need a loan I will request it through my alt. So in both cases there's no point at all I am seeing in your question.

I literally just requested today a loan from CC to be received on my alt Tongue

if you have a valid point let me know.

Also timelord didn't solve a mystery it's me who writing everywhere both of the accounts are mine Cool

Edit: lol, even me telling you both are mine in the DMs

shasan

copper member

Activity: 2128

Merit: 1241

Need a Bounty Manager? t.me/shasan32

Quote from: CryptoHFs on July 08, 2023, 09:34:10 AM

Let's make the forum clean.. give me that tag!

I have just found from your neutral trust that you will never take a loan from the forum. And also came to know that you are the Alt of thepeterson u=3557808 which has been mentioned by Timelord2o67 Are you really alt of that person and you do not want to take a loan? If yes, then how I got this message:

LoyceV

legendary

Activity: 3290

Merit: 16489

Thick-Skinned Gang Leader and Golden Feather 2021

Quote from: Igebotz on July 13, 2023, 05:36:00 AM

Changing password and email occasionally has always been a good security practice what changed now?

People realized it was stupid in the first place Wink

Read the NCSC:

Quote from: Coin_trader on July 13, 2023, 12:24:40 PM

What about a notification on trust page once user login recently using different country IP address?

You'd see that notification on me. It wouldn't mean anything. Besides, an attacker could easily avoid it by using a VPN based on local boards used by the user.
If you're worried about it, you can make myips.php the default page when you open a new tab.

robelneo

legendary

Activity: 3192

Merit: 1198

Bons.io Telegram Casino

Quote from: Igebotz on July 15, 2023, 09:36:12 AM

Quote from: robelneo on July 15, 2023, 09:10:49 AM

This incident is very unfortunate for OP I hope Shasan will consider implementing a waiting period of say 48 hours or more for a loan that is higher than $500 and put a neutral tag first like " This user is going to take a loan will grant in the next 48 hours" while waiting for the neutral tag to expire and just change it when the loan is granted.
This is just a suggestion it's still up to Shasan and other lenders to implement it.

It would make no difference and would negatively impact those who desperately need a loan. The only way to avoid this is to request a signed message from a staked address and validate it before issuing a loan..

I definitely support this, it's a good option if Shasan will ask for a signed message from a staked address, nevertheless, it's still an option to consider to protect lenders and those asking for loans as not all loans are emergency loans, in case there is a hack the real user will notice the tag.
Anyway, it's just a suggestion for reference.

Poker Player

legendary

Activity: 1372

Merit: 2013

Quote from: FatFork on July 10, 2023, 01:43:36 AM

After going through the entire thread, I still don't understand what really happened.

I found it hard to understand what happened too. I had to read the whole thread carefully, and some posts to reread, because I find it quite shocking. The essential difference I see here is that in other cases, when an account has been hacked, the hacker took full control, but in this case he enters the account, asks for a loan and lets the person who created it handle it normally.

Quote from: FatFork on July 12, 2023, 04:02:51 AM

I have a sneaky suspicion that this might become more frequent in the future. Neither Peanutswar nor Woodie seem to have any idea (or they're not willing to share) how this happened, and mdgabrielzim remains silent about it.

This is the worst of all.

In my case I think I will never ask for a loan in Bitcointalk, and I don't think a neutral tag is even necessary. Nor will I put anything in my profile.

If any lender gives a loan to this account, Poker Player, without requesting a signed message from the following address, I won't be accountable:

Quote from: Evilish on December 30, 2020, 01:59:01 PM

Quote from: Poker Player on December 30, 2020, 01:53:02 PM

Message: This is Poker player from bitcointalk. December30th 2020.

Address: 3MqbAyRieHuKH9VzKNQnvBBUwZ4dXrwSrb

Signature: INQEACt2vlczkMOZmn0JrQgig/wavq4fQfa1PKwHbaHpfqk6ffucbSR7BuoR3qc2GmE4OgOs7graZIHiTfDkXds=

Quoted and verified.

Igebotz

staff

Activity: 1316

Merit: 1610

The Naija & BSFL Sherrif 📛

Quote from: robelneo on July 15, 2023, 09:10:49 AM

This incident is very unfortunate for OP I hope Shasan will consider implementing a waiting period of say 48 hours or more for a loan that is higher than $500 and put a neutral tag first like " This user is going to take a loan will grant in the next 48 hours" while waiting for the neutral tag to expire and just change it when the loan is granted.
This is just a suggestion it's still up to Shasan and other lenders to implement it.

It would make no difference and would negatively impact those who desperately need a loan. The only way to avoid this is to request a signed message from a staked address and validate it before issuing a loan..

robelneo

legendary

Activity: 3192

Merit: 1198

Bons.io Telegram Casino

This incident is very unfortunate for OP I hope Shasan will consider implementing a waiting period of say 48 hours or more for a loan that is higher than $500 and put a neutral tag first like " This user is going to take a loan will grant in the next 48 hours" while waiting for the neutral tag to expire and just change it when the loan is granted.
This is just a suggestion it's still up to Shasan and other lenders to implement it.

Renampun

sr. member

Activity: 2044

Merit: 329

★Bitvest.io★ Play Plinko or Invest!

sorry for OP.

it's really unimaginable for me if I have to pay a debt that I never made. but I'm still really curious about why something like this could happen (I might missing something), this is a valuable lesson that can be used as an example by everyone. by the way, I also applied for a loan from Shasan but I really did. don't get discouraged OP, repay slowly so it doesn't burden you because your account already has a high rank.

Coin_trader

copper member

Activity: 2758

Merit: 1163

Leading Crypto Sports Betting & Casino Platform

Quote from: lovesmayfamilis on July 14, 2023, 08:41:07 AM

Quote from: Coin_trader on July 13, 2023, 12:24:40 PM

What about a notification on trust page once user login recently using different country IP address? Like the notification when password and email change? This might help us to determine that user is potentially under hack publicly.

It looks like you didn't read the posts above. What about someone who uses TOR or a VPN? Have you read about the features of their work? Why then does the forum carry the idea of anonymity if we are always tied to one IP address?
I previously asked about the idea of binding a user's IP address to protect against cheating, but later I realized that this is a bad idea. The forum is sometimes accessed from mobile phones, and unfortunately, some allow other people's Wi-Fi networks. This will also entail a change in addresses, not to mention the fact that those who use proxy servers do not always know what country they are writing from.

It's just a notification if someone use other country IP and it doesn't exposed the actual IP of the user that breaks the anonymity of his forum account. How is this different on email change, recently woke up and change password notification?

It's like a warning that a user use a different IP from it's normal country. No one cares to see your trust setting if you are not asking for a loan or doing out of normal activity.

Edit:

I already have a glimpse of what you are talking above. I get now your point @lovesmayfamilis.

lovesmayfamilis

legendary

Activity: 2072

Merit: 4265

✿♥‿♥✿

Quote from: Coin_trader on July 13, 2023, 12:24:40 PM

What about a notification on trust page once user login recently using different country IP address? Like the notification when password and email change? This might help us to determine that user is potentially under hack publicly.

It looks like you didn't read the posts above. What about someone who uses TOR or a VPN? Have you read about the features of their work? Why then does the forum carry the idea of anonymity if we are always tied to one IP address?
I previously asked about the idea of binding a user's IP address to protect against cheating, but later I realized that this is a bad idea. The forum is sometimes accessed from mobile phones, and unfortunately, some allow other people's Wi-Fi networks. This will also entail a change in addresses, not to mention the fact that those who use proxy servers do not always know what country they are writing from.

xLays

sr. member

Activity: 1596

Merit: 358

https://shuffle.com?r=nba

If it's really true that Peanutswar didn't request the loan from the lender and the hacker actually benefited from the loan, maybe we can request the lender not to charge interest to Peanutswar. Since both parties have negligence IMO. (Not sure about the negligence lmao) Just peace of ~~advice~~ suggestion.

cryptoaddictchie

legendary

Activity: 2058

Merit: 1315

Quote from: Coin_trader on July 13, 2023, 12:24:40 PM

What about a notification on trust page once user login recently using different country IP address? Like the notification when password and email change?

This is nice idea but probably wont be approved for certain reason like what if the user are just doing travelling and more of a vacation? I think thats a possibility that he might uses different IPs and keeps using forum to post or sign in. But thats a very rare case I guess and it will still favors the majority. Anywat is that possible to implement on a trial version?

Coin_trader

copper member

Activity: 2758

Merit: 1163

Leading Crypto Sports Betting & Casino Platform

Quote from: cryptoaddictchie on July 13, 2023, 10:30:24 AM

Quote from: Coin_trader on July 12, 2023, 01:12:35 PM

This loan incident is really scary since the hacker manage to have access on an active account from high rank user. This means that the method of hacking is very tricky AF.

Scammers upgrading their means of activity. This incirent will serve as fair warning to all who offered loans services. They will be tight and secure when it comes to users reputation. Aside from LoyceV, suggestion, what else can we do to avoid scheme like what happened on OP? I really want to figured out how they been able to make the hack possible. Hoping someone could point out terms in detail related to this case so everyone must be alerted but I am thinking on social activities of OP probably.

I think a signed message using the original wallet address is the only way to avoid this kind of incident. It’s very hard to avoid potential hack since mistake can always occur when we are vulnerable while taking a loan can strictly moderated with proper loan requirements. DS usually don’t allow loan using new wallet address without any signed message.

I think Lenders should cooperate since this issue is for them too and not only for OP to not happened again in the future.

What about a notification on trust page once user login recently using different country IP address? Like the notification when password and email change? This might help us to determine that user is potentially under hack publicly.

cryptoaddictchie

legendary

Activity: 2058

Merit: 1315

Quote from: Coin_trader on July 12, 2023, 01:12:35 PM

This loan incident is really scary since the hacker manage to have access on an active account from high rank user. This means that the method of hacking is very tricky AF.

Scammers upgrading their means of activity. This incirent will serve as fair warning to all who offered loans services. They will be tight and secure when it comes to users reputation. Aside from LoyceV, suggestion, what else can we do to avoid scheme like what happened on OP? I really want to figured out how they been able to make the hack possible. Hoping someone could point out terms in detail related to this case so everyone must be alerted but I am thinking on social activities of OP probably.

lovesmayfamilis

legendary

Activity: 2072

Merit: 4265

✿♥‿♥✿

Quote from: DireWolfM14 on July 12, 2023, 12:56:08 PM

I'd be curious to know what commonality @Peanutswar, @mdgabrielzim, and @Woodie have had in their browsing history. If they all clicked on a phishing link, or if they all downloaded some software, or if they all participated in an off-site give-away that asked for forum details. It would seem they all fell into the same trap.

Interesting. Yes, you yourself are tormented with guesses. This is precisely what will happen to others who do not understand what could happen. There was no password change, and the hacker and the user were posting on the forum simultaneously if you check the sessions of the IP addresses. The statement regarding the security of your account is very true, and this is precisely what works with the LoyceV offer as an additional tool. All the tricks with Linux and complex passwords, including following other people's links and working only with your network, may not work if social engineering specialists exist.
In addition, it may be worth writing in several languages so that someone understands the statement that some people do not need loans. Absolutely. Roll Eyes

Igebotz

staff

Activity: 1316

Merit: 1610

The Naija & BSFL Sherrif 📛

Quote from: LoyceV on July 12, 2023, 04:15:41 PM

Quote from: Igebotz on July 12, 2023, 04:08:24 PM

Always check your post history and make it a habit to change your password and email address on a regular basis.

That makes no sense. I have hundreds of passwords on hundreds of websites. Especially the sites that require the user to frequently change their password make users use weak passwords, or reuse them. Or they just enter all known passwords on any site until one of them gets accepted.
Either way, it doesn't improve security unless your password is already compromised, in which case case you're too late already.

Changing password and email occasionally has always been a good security practice what changed now?

Using Google or a third party password suggestions sites is a bad practice and anything closer to username or DOB too.

Woodie

hero member

Activity: 1792

Merit: 871

Rollbit.com ⚔️Crypto Futures

Quote from: DireWolfM14 on July 12, 2023, 12:56:08 PM

I'd be curious to know what commonality @Peanutswar, @mdgabrielzim, and @Woodie have had in their browsing history. If they all clicked on a phishing link, or if they all downloaded some software, or if they all participated in an off-site give-away that asked for forum details. It would seem they all fell into the same trap.

I thought it was some of the new crypto platforms I have interacted with in the last couple of months, but unfortunately, I have ruled them out on the basis of other two accounts not being participants of service reviews or thread discussion!

I have also looked at Peanutswar and mdgabrielzim post history to try and find common ground of where this exploit might have originated from and honestly, we are three different people.

But my wild guess would be that, we all haven't changed passwords for a very long time and possibly **just assuming** maybe someone had access of the forums database and just started to act on this..and the fact that account sales might not be lucrative anymore, our accounts couldn't be sold but instead went for the loans for easy money...
And lastly, this hacker chose his/her victims based on any history of a user getting a loan and didn't use any other account that has never applied for one as this could raise suspicion ...it's my only logical explanation.

Quote from: LoyceV on July 12, 2023, 04:06:32 PM

Quote from: Woodie on July 12, 2023, 11:26:20 AM

Unusual ip I found via bitcointalk.org/myips.php based on the deleted post date and time thanks to the loyce club archives.

Code:

Singapore 84.17.39.166

The loan I did not apply for as can be seen below

The myips.php page only goes back 30 days. That means you couldn't have found this IP just now.

I got that ip using myips.php page when I discovered this compromise months back not that I checked for this yesterday its also saved incase I get a hit when i search for it!
Btw, I have been doing my own investigation to see how much damage was done on my side and everything seems intact, no social media account login attempts, bank accounts login attemps just cant find this guy.

CYBER_COWBOY

member

Activity: 196

Merit: 42

Don't talk the talk, if you can't walk the walk.

Quote from: CryptoHFs on July 12, 2023, 01:02:25 PM

Why don't the forum set a warning when a different ip login as they do for password/ email change and waking up this will make the other party try to verify the account owner first.
!warning this account used a new ip to login date ****
In that case even if someone trying to fake a hack it won't work Tongue

You ever heard about a service called VPN? Roll Eyes

LoyceV

legendary

Activity: 3290

Merit: 16489

Thick-Skinned Gang Leader and Golden Feather 2021

Quote from: Igebotz on July 12, 2023, 04:08:24 PM

Always check your post history and make it a habit to change your password and email address on a regular basis.

That makes no sense. I have hundreds of passwords on hundreds of websites. Especially the sites that require the user to frequently change their password make users use weak passwords, or reuse them. Or they just enter all known passwords on any site until one of them gets accepted.
Either way, it doesn't improve security unless your password is already compromised, in which case case you're too late already.

Topic: Someone Loan using My Account - page 2. (Read 2486 times)