Pages:
Author

Topic: weird pm received - page 4. (Read 1116 times)

staff
Activity: 3304
Merit: 4115
July 07, 2022, 03:58:10 AM
#16
Before jumping to conclusions and screaming “hack!”, has anyone even considered a potentially innocent explanation?  I have a pessimistic view of human nature, but the paranoia in this thread is off the charts.
Yeah, I haven't ruled out that. However, the things that stand out to me is the comment about letting them know how you've secured your account, and the fact they claimed to have frozen accounts. The latter being a outright lie. That's not exactly good, if you're looking to do some white hat work.

Although, that might have been a way of trying to convince the user. I'm not going to get my pitchfork out, but I do believe users should be cautious dealing with this user in further message exchanges. Not that I distrust them entirely, but at the very least advise caution.

On a side note, I don't like that anyone can find out if a user has a security question or not. I'm not a fan of security questions in the first place, but probing like that just opens up those accounts for further attack. I kind of wish that the security question field popped up regardless of if a user has set one or not. If someone tries to guess the security question of one of these users, it simply just gives a non match, rather than indicating they don't have one set up.
copper member
Activity: 630
Merit: 2614
If you don’t do PGP, you don’t do crypto!
July 07, 2022, 03:48:42 AM
#15
Before jumping to conclusions and screaming “hack!”, has anyone even considered a potentially innocent explanation?  I have a pessimistic view of human nature, but the paranoia in this thread is off the charts.

This is good advice, in my opinion:

The better people know the account owner, the better they know the answer!

Recommended action to take is to remove security question at all.

The forum officially agrees with newalias about that, and with me.  Read the warning that the forum gives you, when you set up the ridiculously stupid insecurity misfeature of a so-called “secret question”:


Duh.  Why does theymos even allow this?

I spot-checked this user’s post history.  At a glance, it looks normal to me.  I also noticed that he just received a red tag from someone in DT (fortunately outside my trust network; my trust network is infinitely superior to DT).

Now, this could be a bizarre beginning for a social engineering attack.  And the PM also seems to indicate that newalias is probing something, somehow.

I will reach out to him, and politely ask just what he is trying to do.  Meanwhile, I will add a neutral tag linking to this post—to be updated or removed, if or as appropriate.  I request that someone in DT should do likewise.

Maybe, just maybe, this could simply be a very clumsy attempt at whitehat protection of the forum, from someone who needs to see the late Dan Kaminsky’s White Hat Hacker Flowchart:

staff
Activity: 3304
Merit: 4115
July 07, 2022, 03:06:50 AM
#14
Likely, by asking you to get back to them how you secured your account after removing it, is likely a way to get more information. They've already claimed that they've frozen accounts, which isn't really possible, unless they had some kind of database access, which would mean they'd be able to remove the security questions themselves if they really wanted too.

In other words, this user isn't to be trusted, and no reply is warranted. If they have information about security, they can contact theymos. Other than that, them finding out who has a security question, and who doesn't is fairly simple as LoyceV alluded to above.

I suspect, a further attack would've been launched if you replied to them. Smells of social engineering, where they attempt to gain your trust by offering you some semi valid advice, and then looking to exploit that further down the line. 
legendary
Activity: 3556
Merit: 7011
Top Crypto Casino
July 07, 2022, 02:42:52 AM
#13
so it's probably just an unsolicited piece of advice.
I don't know if we read the same PM, because it totally looks like some kind of phishing attempt to me--and a bad one at that, despite all the technical garbledegoo.

I haven't received any PMs like that, but I just started a thread in Reputation about being alerted via e-mail about someone trying to reset my password or some such thing.  And not that it matters, but I recently got a PM from some guy who wanted to pay me for a review of some app.  The devil was on my shoulder and I wanted to string him along for a bit, but I lost motivation after his second reply.  I'm wondering if other DT members got that same PM, because I'm pretty sure I wasn't singled out for that one.
copper member
Activity: 2940
Merit: 1280
https://linktr.ee/crwthopia
July 07, 2022, 02:34:34 AM
#12
Do you think that newalias tried to check every DT member who has security questions? Then PM-ed them accordingly? I don't have a security question for this so that's probably why I didn't receive a PM.

Attempting to answer the security questions will automatically lock your account, because they were leaked with the rest of the DB back in 2015.
Members after that time when it was leaked are safe? Is that correct?
legendary
Activity: 1568
Merit: 6660
bitcoincleanup.com / bitmixlist.org
July 07, 2022, 02:11:21 AM
#11
I also received this PM. Probably, according to the one who poisoned these PMs, he sent such letters to all DT, and not necessarily whether they have control questions or not.


I haven't received that PM. So maybe the list he's using to determine DT users is not accurate.

Quote
If I'm not mistaken, having a security question hasn't been important for a long time, or does it still matter?

Attempting to answer the security questions will automatically lock your account, because they were leaked with the rest of the DB back in 2015.
legendary
Activity: 3290
Merit: 16489
Thick-Skinned Gang Leader and Golden Feather 2021
July 07, 2022, 01:45:28 AM
#10
There's a recommendation that security questions are quite weak for keeping accounts safe
I usually enter random gibberish to those questions (but keep the random data, just in case). Dumb questions like the name of your first pet make social engineering very easy. SMS account recovery is also a big security risk.
I disable all of this whenever I can, including Bitcointalk. I'm not sure what newalias' angle is here, he seems to know that security questions can only lock an account, so it's in no way a security risk for DefaultTrust.

No PM for me, I feel left out Sad Maybe that's because trying to restore my account through security questions shows:
Code:
Sorry, there is no secret question set for this member.
legendary
Activity: 2072
Merit: 4265
✿♥‿♥✿
July 07, 2022, 01:31:39 AM
#9
I also received this PM. Probably, according to the one who poisoned these PMs, he sent such letters to all DT, and not necessarily whether they have control questions or not.

If I'm not mistaken, having a security question hasn't been important for a long time, or does it still matter?
sr. member
Activity: 2296
Merit: 470
Telegram: @jperryC
July 07, 2022, 01:26:05 AM
#8
Received the same thing from this user, not quite sure what's the goal of this guy. Trying a petty attempt to disable the user's security question so probably he could get easy link to change the password of the account? I think he sends all the DT user a personal message.

legendary
Activity: 1428
Merit: 1166
🤩Finally Married🤩
July 07, 2022, 01:05:08 AM
#7
I am an inactive user here,...
First I thought this user was the one who hacked my google account just recently (already changed my password few days ago) so I checked the email regarding this...
So it seems it wasn't just me.



So I did check the pm out and the security question is disabled. So I am not sure why this person sent me the pm.

It implies he knows that I have a security question setup. Like I said my security question was in a disabled status.


@efs I reported it to admin.


note no password change has been made by me  and my btc address is this:


https://www.blockchain.com/btc/address/1JdC6Xg3ajT3rge3FgPNSYYFpmf53Vbtje


someone please quote this.

I have it quoted somewhere else but just in case.

legendary
Activity: 4326
Merit: 8950
'The right to privacy matters'
July 06, 2022, 11:31:01 PM
#6
There's a recommendation that security questions are quite weak for keeping accounts safe (it's why most places have multiple and why a lot got replaced with multifactor authentication).

I had a brief skim through the seclog and haven't found much over the past week of many resets actually being done so it's probably just an unsolicited piece of advice.


Okay I had disabled the question a while back. but I guess it was showing as active to admin as this account had red type saying to delete it.

my alt had nothing.

as I said password was not altered.  I will keep an eye out for issues with this account.

and

a1 Hashrate LLC2022

 https://bitcointalksearch.org/user/a1-hashrate-llc2022-3482040


  Summary - a1 Hashrate LLC2022   Picture/Text
Name:   a1 Hashrate LLC2022
Posts:   82
Activity:   42
Merit:   60
Position:   Jr. Member
Date Registered:   June 05, 2022, 04:38:14 PM
Last Active:   Today at 04:31:21 AM


is my current alt.


Please note I always have an active alt to protect the main account.
copper member
Activity: 2856
Merit: 3071
https://bit.ly/387FXHi lightning theory
July 06, 2022, 11:26:13 PM
#5
There's a recommendation that security questions are quite weak for keeping accounts safe (it's why most places have multiple and why a lot got replaced with multifactor authentication).

I had a brief skim through the seclog and haven't found much over the past week of many resets actually being done so it's probably just an unsolicited piece of advice.
legendary
Activity: 4326
Merit: 8950
'The right to privacy matters'
July 06, 2022, 11:22:35 PM
#4
So I did check the pm out and the security question is disabled. So I am not sure why this person sent me the pm.

It implies he knows that I have a security question setup. Like I said my security question was in a disabled status.


@efs I reported it to admin.


note no password change has been made by me  and my btc address is this:


https://www.blockchain.com/btc/address/1JdC6Xg3ajT3rge3FgPNSYYFpmf53Vbtje


someone please quote this.

I have it quoted somewhere else but just in case.
EFS
staff
Activity: 3934
Merit: 2224
Crypto Swap Exchange
July 06, 2022, 11:20:45 PM
#3
You are not the only one. Just "Report to Admin" the PM and they will take care of this.
member
Activity: 112
Merit: 83
July 06, 2022, 11:13:50 PM
#2
quoted with my alt. edit quote is below:

here it is anyone else get this?

Hi there,

you are member of DefaultTrust. Therefore, the security of your account is crucial.

However, you have a security question in place, what often means lower entropy than a secure password and maybe being easier to guess. Simplest thing I have seen in DefaultTrust was "1+1" with answer "2" was correct - I have frozen it for security. Easy questions ask for an age (try 0-99) or a birth year (try 1940-2022) or lower case initials (try aa-zz). Many questions ask for a city or a make of first car - brute force can help. And there are loads of questions for names of wife, birth names, pet names and so on. These are things that may be shared even in a post or require only your real name! The better people know the account owner, the better they know the answer!

Recommended action to take is to remove security question at all. Please get back to me stating how you improved account security. If I do not get a reply, I need to inform board administration for our all safety.

I started with whole DefaultTrust as I think the base of community should be secured first. Later, I will go for more users. Captcha is useless as I use some trick I will only discuss with theymos.

Thank you!
legendary
Activity: 4326
Merit: 8950
'The right to privacy matters'
July 06, 2022, 11:12:16 PM
#1
here it is anyone else get this?

Hi there,

you are member of DefaultTrust. Therefore, the security of your account is crucial.

However, you have a security question in place, what often means lower entropy than a secure password and maybe being easier to guess. Simplest thing I have seen in DefaultTrust was "1+1" with answer "2" was correct - I have frozen it for security. Easy questions ask for an age (try 0-99) or a birth year (try 1940-2022) or lower case initials (try aa-zz). Many questions ask for a city or a make of first car - brute force can help. And there are loads of questions for names of wife, birth names, pet names and so on. These are things that may be shared even in a post or require only your real name! The better people know the account owner, the better they know the answer!

Recommended action to take is to remove security question at all. Please get back to me stating how you improved account security. If I do not get a reply, I need to inform board administration for our all safety.

I started with whole DefaultTrust as I think the base of community should be secured first. Later, I will go for more users. Captcha is useless as I use some trick I will only discuss with theymos.

Thank you!

I will quote this with my alt as I am concerned this is a hack attempt .
Pages:
Jump to: