Author

Topic: The hacker/s who hacked Bo Shen gained access to Ethereum forums (Read 812 times)

sr. member
Activity: 420
Merit: 250
http://www.leocoinapp.com/
i still think ETH is good platform,just imagine other coins with so much attacks,etc...all may die,but eth keep go forward...Wink good ETH,but still too expensive!
hero member
Activity: 658
Merit: 500
Ethereum is a coin that has refused to die even though many want it dead... maybe it's time to accept the fact that this coin has every intention of remaining at number 2.

Nobody remember Number 2, Number one is always the story. I just hope Ethereum will not go the normal Altcoin fad way
hero member
Activity: 724
Merit: 500
Lol fuck eth
full member
Activity: 238
Merit: 100
MERCATOX
Ethereum is a coin that has refused to die even though many want it dead... maybe it's time to accept the fact that this coin has every intention of remaining at number 2.
legendary
Activity: 1960
Merit: 1176
@FAILCommunity
well, they always say that alts test things that bitcoin doesn't dare to. ethereum is testing out being the world's most chaotic crypto scenario perfectly.

LM f*cking AO. Cheesy Cheesy Cheesy Nice trolling! Smiley
legendary
Activity: 1288
Merit: 1087
well, they always say that alts test things that bitcoin doesn't dare to. ethereum is testing out being the world's most chaotic crypto scenario perfectly.
hero member
Activity: 2996
Merit: 536
Leading Crypto Sports Betting & Casino Platform
Another drama from will be coming, what about that, hack in a row? totally make no sense. So the hacker was gaining the backdoor for accessing ethereum blog database? And the hacker will sell it through the dark net. looks like this was already planting. Glad to see whats happening soon.  Shocked
jr. member
Activity: 36
Merit: 2
Ouch, more drama coming
sr. member
Activity: 420
Merit: 250
http://www.leocoinapp.com/
WTH,keep problems with ETH...never ending story
legendary
Activity: 1960
Merit: 1176
@FAILCommunity
Quote
On December 16, we were made aware that someone had recently gained unauthorized access to a database from forum.ethereum.org. We immediately launched a thorough investigation to determine the origin, nature, and scope of this incident. Here is what we know:

The information that was recently accessed is a database backup from April 2016 and contained information about 16.5k forum users.
The leaked information includes
Messages, both public and private
IP-addresses
Username and email addresses
Profile information
Hashed passwords
~13k bcrypt hashes (salted)
~1.5k WordPress-hashes (salted)
~2k accounts without passwords (used federated login)
The attacker self-disclosed that they are the same person/persons who recently hacked Bo Shen.
The attacker used social engineering to gain access to a mobile phone number that allowed them to gain access to other accounts, one of which had access to an old database backup from the forum.
We are taking the following steps:

Forum users whose information may have been compromised by the leak will be receiving an email with additional information.
We have closed the unauthorized access points involved in the leak.
We are enforcing stricter security guidelines internally such as removing the recovery phone numbers from accounts and using encryption for sensitive data.
Adding the leaked emails to https://haveibeenpwned.com to help notify affected users
Resetting all forum passwords
If you were affected by the attack we recommend you do the following:

Ensure that your passwords are not reused between services. If you have reused your forum.ethereum.org password elsewhere, change it in those places.
Additionally, we recommend this excellent blog post by Kraken that provides useful information about how to protect against these types of attacks.

We deeply regret that this incident occurred and are working diligently internally, as well as with external partners to address the incident.

Questions can be directed to [email protected].

Source: https://blog.ethereum.org/2016/12/19/security-alert-12192016-ethereum-org-forums-database-compromised/
Jump to: