Pages:
Author

Topic: unlocking/restoration of my account - page 2. (Read 466 times)

legendary
Activity: 2772
Merit: 3284
July 06, 2019, 09:45:39 PM
#4
What wallet are you using?
newbie
Activity: 11
Merit: 1
July 06, 2019, 09:16:25 PM
#3
Moving this over here - as we were starting to flood DarkStar's thread and that was not my intention.

Request For a No Collateral Loan
Required BTC Amount: 0.05
Estimated Loan Duration: 3 weeks
BTC Address: 1LCfBebASQovgECYnSkBvNstkjRV9EnUWx

Code:
-----BEGIN BITCOIN SIGNED MESSAGE-----
Requesting for a 3 weeks 0.05 BTC no collateral loan
Today is July 06 2019
-----BEGIN SIGNATURE-----
H7uiV/lOxpyEsVZoD3nZkygu+TrrwHXgYVNuJRIznZWZYtmzKjjJWP+RwecMBVVMoL/lnOdC6XT9UBsFjRJHYZE=
-----END BITCOIN SIGNED MESSAGE-----

Denied, sorry.


not sure why this is has my name --- I never made this post and it does not show in my post history. that address is also not my btc address

I definitely saw it from you. Change your passwords - I think your account has been hacked

yes it appears I was hacked - why, I dont freakin know or how.  I did not see the forum email telling me first my pw was changed and that my email address was changed but I saw the email of you quoting me - which is what drew me here. In the email that said my account info was changed - there was a link to lock the account and I then had to email to    [email protected]

I am currently locked out but so should they be. I just hope they didnt cause too much mayhem in their short time on my account. luckily I had not yet gone to bed.

image of the emails I received, showing I still have control of the email account at least.

https://ibb.co/MkM0JLk


edit... this really pisses me off - I have worked hard to get the few merit and trust rating I have. I strive to keep all my posts on the up and up and I detest scammers.


another edit.... how does the post that is quoted above not show in my forum posts list? I dont see any way to delete them - and tbh I dont know if they can nor have I ever tried to delete from this history. I do know that if I post something it has told me it takes 24 hours before I can delete my post if I recall - so I am even more confused...

this image shows my last few posts and the scam post quoted above is not in that list. note: the times are wrong because I have not set up the times in this account yet. Really hoping that I do not have to use this account and that my other one can be unlocked.

https://ibb.co/0qbgh64

another edit... The ip address that did this appears to be a Paris France IP address.

185.94.189.187 IP Address Information
ISP   M247 Ltd
Usage Type   Data Center/Web Hosting/Transit
Domain Name   m247.com
Country   
City   Paris, Ile-de-France

final edit, then I am going to bed and hope to hear from forum staff on getting my account back.

It is my hope that once I get back into original account that I can use https://bitcointalk.org/myips.php and verify that the ip address above is the one that was logged into my account and verify that it was no way at all possibly me.

btw @DarkStar - I hope once I get the account back that you will remove that negative trust - I saw it when viewing the account to check the posts once I got locked out.


I hope you end up getting your account back! You are always allowed to delete your own posts (outside of Auctions), and I don't believe that Lending has the 24 hour wait requirement like some other sections has. Shoot me a PM once you are in control again and I'll delete my negative feedback. Take a look at this thread if you haven't already


As do I! Ahh, if so, I have never seen it but then I have only ever tried to delete once maybe twice and it gave me the 24 hour notice each time - I did follow that link and sent the email - just waiting for a reply.

still waiting to hear back from forum staff on the unlocking/restoring of my account. should be soon its been about 18 hours.


Please understand I was piecing time stamp timeline together.
Stryfe, can you sign a message proving you have control of the account on a previously used public payment address?.
lets go back  say 30 days?possibly post an image or 2 of bct pswd/email change email?
This will put me at ease, I've seen genuine interaction from you and want make sure its the same person.

again DS i appologize and i will delete (or you can)
meanwhile ill poke around on things like 1LCfBebASQovgECYnSkBvNstkjRV9EnUWx and mentioned IP
*edit whenever you get it back stryfe thanks.

I have never done a signed message so I will have to see how to do it,  but I can do so as I have only ever used one BTC address on the forums.

as for the images of the bct pswd/email change emails - that is posted above but here is the link again as well https://ibb.co/MkM0JLk

I cannot figure out how to sign a transaction using the wallet I have used on these forums.

also - no one but
I know you dont need the loan lol .05??? xD
You need to do a systems check.
look for keyloggers, haveibeenpwned and other resources
I would triple quadruple check your mining securities
2fa on a different device other then active phone ect.
2fa and access code  fort knox it. Primarily seek out where you where penetrated and patch it up asap.

the part about a loan was in reference to you saying that something didnt add up - just emphasizing I am not scamming or attempting to scam.

system was checked - my network itself was not affected - I believe I know how it was done - there was a post about a site offering a bonus for signing up (very small amount) I figured it was bullshit but went ahead and signed up to show it as such, and it was - the funds given as a "bonus" were not withdrawable unless you either deposited more funds or played roulette with "bonus" funds and managed to win. I was pretty sure that I signed up with a different password than what I used for the forums but it might be entirely possible that I used the same one, I had been up nearly a full day by that time. The post with the site was removed shortly after I posted the falseness of the OP - but that was mere minutes before my account was compromised.

I went ahead and changed my password for damn near everything that requires one - even though nearly everything other than the forums requires 2FA so even with the password they would not be able to affect those accounts.

Anyways that is my guess at the "how"

I appreciate your advice though and still kick myself for using that password twice and for also not thinking of it until tonight.

well I was going to try and import my wallet into Electrum but it wont accept my private key - I can set wallet up as view only but then I cant sign a transaction. still working on it though.

and @DarkStar_ - I removed my posts from the other thread and moved them into here. Sorry bout flooding it over there.
hero member
Activity: 1438
Merit: 513
July 06, 2019, 09:00:41 PM
#2
I know you dont need the loan lol .05??? xD
You need to do a systems check.
look for keyloggers, haveibeenpwned and other resources
I would triple quadruple check your mining securities
2fa on a different device other then active phone ect.
2fa and access code  fort knox it. Primarily seek out where you where penetrated and patch it up asap.
newbie
Activity: 11
Merit: 1
July 06, 2019, 05:26:58 PM
#1
early this morning, somehow my account was compromised and someone with an IP address in Paris, France (based on email from bitcointalk.org email) and changed my password and email address and also posted for an unsecured loan in this thread https://bitcointalksearch.org/topic/m.51724618 - Luckily I was online when it happened and attempted to first change my password but they had done so and locked me out - I got the email from the forums stating I could lock the account thru the link they sent - So, I did. I have changed my email password and the password for pretty much every other site I use.

I sent an email to  [email protected] as instructed - just waiting to get a response.

anyone able to provide a rough ETA? It has been about 18 hours so far. I would like to get in the account and check https://bitcointalk.org/myips.php to verify the ip address.

I have sent an email to the ISP that provides service to the user of the ip address I got via forum email and they are also "investigating" so they said at least - not sure how far that will go.

I would hate to have to start over on a new account

my original account is: https://bitcointalksearch.org/user/moparminingllc-1478835

I was online and saw something pop up on the "Show new replies to your posts" (I have a 15 second refresh set up on that page in a separate window) - at the point of all of this I had been logged into the forum for over 43 days without logging out) - I clicked it, saw no post by me - went to my "show last posts of this user" and saw that the post was not there, So I posted the:

"not sure why this is has my name --- I never made this post and it does not show in my post history. that address is also not my btc address"

When I went back to my profile to attempt a password change, I was then notified that my password was wrong - when I attempted to reset it, it said my email was not found - I went to my email and saw the two emails from the forums - I used the provided link to lock the account and emailed the provided address referenced in the email.

I believe they derived/obtained my password somehow and were on the account at the same time I was and then changed it while we were both on - it is quite possible to be logged in from multiple locations - I have an active window on at least 2 pcs in my house and one at my job -without ever logging out of the other pcs.

I believe had I not been online at the same time, it would be a completely different situation. They may have tried to post more scams or pulled some other shenanigans.

I did not make the post asking for the loan - it is shown to have a Paris France IP address whereas I am in Florida, USA

I am still unsure how they obtained my password but I am glad I was online when it occurred but I assure @WhyFhy I was not trying to scam anyone and I sure as hell do not need a .05 BTC loan



Email was changed afterwards. This is the rough timeline from what I understand:
1. Stryfe was hacked. Hacker keeps the same information so that Stryfe is unaware of the hack
2. 'Stryfe' posts a loan request
3. I deny the loan request
4. Hacker deletes loan request, trying to hide their tracks
5. Stryfe receives an notification of some sort when I quoted them and comes to this thread wondering what it was about
6. Hacker realizes that Stryfe realizes that the hacker has access to his account and changes the account information
7. Stryfe locks the account

This pretty much hits on the head - if my first description was unclear (note all the edits to that post) it is because I had already been up 18 hours and was also trying to figure out what happened while also changing all the pw's to every account I have.
Pages:
Jump to: