Pages:
Author

Topic: What is going on??? - page 3. (Read 1799 times)

legendary
Activity: 1848
Merit: 1982
Payment Gateway Allows Recurring Payments
January 23, 2024, 05:04:03 AM
#73
So the issue seems to be infostealer malware targeting Bitcointalk users.
How do they get infected? If it's targeted attacks, they must know how to get the user to install the malware.

There may be something that these users all have in common:

- Peanutswar
- tjtonmoy
- ryzaadit
- yhiaali3

I don't think it has to do with altcoinstalks b/c it happened to Peanutswar before the account teleport option was a thing, and I'm not sure they are all members of that forum...

Could be any number of things. It could even be somebody buying stolen login credentials from the malware service subscribers.
I don't think it has anything to do with the AltcoinTalk forum, I personally used a completely different password from my BitcoinTalk account.

I guess that my problem started after downloading a crack for a video format converter program. Although the site from which I downloaded the file is usually reliable, it may have contained a Trojan.

No one sent me a link or a suspicious email. I downloaded the file personally at my own risk. It was a big mistake for which I unfortunately paid dearly.
legendary
Activity: 3010
Merit: 8114
January 23, 2024, 04:39:43 AM
#72
So the issue seems to be infostealer malware targeting Bitcointalk users.
How do they get infected? If it's targeted attacks, they must know how to get the user to install the malware.

https://socradar.io/what-is-stealer-as-a-service/
Quote
Stealer as a Service Distributing Methods

When deploying a stealer as a service model, a major challenge for threat actors is to lead the victim to download the stealer malware. Threat actors can distribute stealer malware through a variety of attack vectors. To deliver the malware to the victims, threat actors frequently use browser extensions, exploited websites, malicious attachments, and Google ads. Some of the most common methods of infection include:

Infected legitimate app: Threat actors infect legitimate apps with malware. Stealer malware is often embedded in YouTube video reviews of popular games, mining software, or NFT (Non-Fungible Token) files on private forums, cheats for popular video games, social media giveaways, and lottery URLs.

Spam: Threat actors generally send stealers via email, often impersonating trusted organizations. The stealer can be attached to the email directly, or the recipients can be tempted to click on a malicious URL.

Compromised system: Stealer malware is sometimes distributed remotely after threat actors gain access to the target system.

Malicious advertising: Victims are redirected to a fake site to download malware by clicking on the malicious ads. In some cases, simply viewing the malicious ads can be enough to initiate the download of a stealer.

Cracked software: Combining stealer malware with cracked software is a distribution method commonly preferred by threat actors.

There may be something that these users all have in common:

- Peanutswar
- tjtonmoy
- ryzaadit
- yhiaali3

I don't think it has to do with altcoinstalks b/c it happened to Peanutswar before the account teleport option was a thing, and I'm not sure they are all members of that forum...

Could be any number of things. It could even be somebody buying stolen login credentials from the malware service subscribers.
legendary
Activity: 3290
Merit: 16489
Thick-Skinned Gang Leader and Golden Feather 2021
January 23, 2024, 03:38:24 AM
#71
So the issue seems to be infostealer malware targeting Bitcointalk users.
How do they get infected? If it's targeted attacks, they must know how to get the user to install the malware.
legendary
Activity: 1848
Merit: 1982
Payment Gateway Allows Recurring Payments
January 23, 2024, 02:15:46 AM
#70
My device has already been infected with a virus, and I have formatted and erased all of the disks, and I am now in the process of changing the passwords for all my accounts.
Thank you

So the issue seems to be infostealer malware targeting Bitcointalk users. But not only that, whoever is paying for it (its a Malware-as-a-Service subscriber) knows how to apply for loans on Bitcointalk and do so in such a manner that does not arouse suspicion. Very sophisticated, and somewhat of a new phenomenon on the forum (going back to the case of Peanutswar who seems to be the first victim).

Yes, definitely, this is a new and literal way to steal by requesting a loan after hacking the account and not changing anything. If it were not for the notification that came to me via the Telegram bot, I would not have known that my account had been hacked and that someone was submitting a loan request through my account. It is likely that the hacker is a member of Bitcoin Talk and knows how to use the forum well.

Fortunately, Shasan has great experience in loans and acted very professionally, otherwise I would have been exposed to a difficult situation, either repaying a loan that I did not obtain or obtaining negative trust.

It is also good that two-factor protection has been added in the forum to increase security, now I have changed the password and enabled two-factor protection.
legendary
Activity: 3010
Merit: 8114
January 23, 2024, 01:18:35 AM
#69
My device has already been infected with a virus, and I have formatted and erased all of the disks, and I am now in the process of changing the passwords for all my accounts.
Thank you

So the issue seems to be infostealer malware targeting Bitcointalk users. But not only that, whoever is paying for it (its a Malware-as-a-Service subscriber) knows how to apply for loans on Bitcointalk and do so in such a manner that does not arouse suspicion. Very sophisticated, and somewhat of a new phenomenon on the forum (going back to the case of Peanutswar who seems to be the first victim).
legendary
Activity: 1848
Merit: 1982
Payment Gateway Allows Recurring Payments
January 22, 2024, 11:23:31 PM
#68
Yes, the hacker did not change anything, he is using my login information.
Now you have changed the password and activated two-factor protection
It is good that two-factor protection has been added to the forum
Thank you

Can you confirm that you used your Bitcointalk password on Altcoinstalks?

I am not judging you. Just trying to find the root of the problem.

If it was a different password, I recommend running a virus scan on your computer.
No, it's completely different. I use a unique password for each of my accounts

My device has already been infected with a virus, and I have formatted and erased all of the disks, and I am now in the process of changing the passwords for all my accounts.
Thank you
member
Activity: 238
Merit: 68
The forum of keyboard warriors & crypto pro's!
January 22, 2024, 10:46:44 PM
#67
Sorry for off-topic but the I took time to catch a trust abuser at the same time.

Quote


So little Nut's can maybe come up with proofs before accusing other people? And be honest what you believe or think is totally irrelevant same a what I believe or think.
And I talk about proof's not the nonsense shit you accused me of first time even tho we NEVER interact Are you human enough to do that?

Why did you get so angry so you had to give me feedback when I discussed with the mega liar Alterra57? When I asked him for proof's for he's totally sick lies about me he instant locked the thread and started insult me instead  and you supported it very strange. Can be read here: https://bitcointalksearch.org/topic/m.63492761
That thread was fast to lock and disappear when asking for proof's came up to the table. Why was you so fast to back him up and change my message you quoted?

Just a normal question: I wonder who is in need of money the most. You or Me. Who do you think? You or Me?



Now back to topic

It's terrible that people need to loan money in first place from strangers online. That's not what a forum should offer but Sashan obvious is a good guy and offer it any many cunts take advance of it and I think it's many alt accounts that doing this shit. I can only speak from what I think, but my voice matter's as much as all others here.

But lets be honest (this maybe will be laughed at since it a sensitive subject, and a few rep-members don't like to talk about that)  But who cares? This is a free to speech forum right?
How hard is it for a REP-member to create an ALT just throw it with merits and pretend it's somebody "new"?? I am not saying this is the case, but it's not hard at all if you being here long time enough and know people and if you are a merit source you are home and can do whatever you want, and it's so easy to blame a new user and just switch focus, bet be realistic how will a new member rank up compare to a already know member that can get 100 merits in 10 days if he/she wish.

I think it's something strange at this place, something very strange but I don't throw mud at someone personal I just saying what I am seeing and think.  Smiley
And as fast you open your mouth and share opinions you shall be overflooded with Feedback like: "troll" "idiot" "loser" "scammer" "multi account". and bl.a bl.a bl.a
It's sad people don't know what other opinions and constructive criticism here is.

Yes maybe I am an idiot in your eyes but you know what I am isn't? You! and I am so happy for that.
And yes, if you got life exp you can see things and a path after six months.

Best regards
BabyBandit

legendary
Activity: 3010
Merit: 8114
January 22, 2024, 10:23:05 PM
#66
Yes, the hacker did not change anything, he is using my login information.
Now you have changed the password and activated two-factor protection
It is good that two-factor protection has been added to the forum
Thank you

Can you confirm that you used your Bitcointalk password on Altcoinstalks?

I am not judging you. Just trying to find the root of the problem.

If it was a different password, I recommend running a virus scan on your computer.
legendary
Activity: 1848
Merit: 1982
Payment Gateway Allows Recurring Payments
January 22, 2024, 10:19:41 PM
#65
Another hacking issue without changing email and/or passord.
Loan amount: 450 USDT
Loan purpose: personal
Loan repay amount: 500 USDT
Loan Repay date: 1 months
Type of collateral: none
USDT (TRC20) address: TJVpMT2vovtMdn3ewRXY4R99gGSxGLQyno

I can accept if you can sign the message via bc1qcgz7decp44zu8d26gjceuef0myz6j3ccljp5dm

Thank you shasan for asking to sign a message first
In fact, I did not submit any loan application, my Wallet has the address:
bc1qcgz7decp44zu8d26gjceuef0myz6j3ccljp5dm

It has been hacked and proven in this topic:
https://bitcointalksearch.org/topic/--5480462

The application post may have been deleted because when I click on the quote, the application does not appear. I am sure that my account may have been hacked.

Unfortunately, my computer was hacked and my Electreum wallet was stolen. It appears that my Bitcoin account was hacked as well. This is a screenshot of my account showing the IP addresses and access dates:




I am from Syria and all other addresses belong to the hacker.

I assure you that I did not submit any loan application at all, and I did not take any loan during my time on the forum.
Please decline any loan application submitted until I resolve the account hacking issue.
Yes, the hacker did not change anything, he is using my login information.
Now you have changed the password and activated two-factor protection
It is good that two-factor protection has been added to the forum
Thank you
copper member
Activity: 2422
Merit: 1313
Playbet.io - Crypto Casino and Sportsbook
January 22, 2024, 10:10:07 PM
#64
Another hacking issue without changing email and/or passord.
Loan amount: 450 USDT
Loan purpose: personal
Loan repay amount: 500 USDT
Loan Repay date: 1 months
Type of collateral: none
USDT (TRC20) address: TJVpMT2vovtMdn3ewRXY4R99gGSxGLQyno

I can accept if you can sign the message via bc1qcgz7decp44zu8d26gjceuef0myz6j3ccljp5dm

Thank you shasan for asking to sign a message first
In fact, I did not submit any loan application, my Wallet has the address:
bc1qcgz7decp44zu8d26gjceuef0myz6j3ccljp5dm

It has been hacked and proven in this topic:
https://bitcointalksearch.org/topic/--5480462

The application post may have been deleted because when I click on the quote, the application does not appear. I am sure that my account may have been hacked.

Unfortunately, my computer was hacked and my Electreum wallet was stolen. It appears that my Bitcoin account was hacked as well. This is a screenshot of my account showing the IP addresses and access dates:




I am from Syria and all other addresses belong to the hacker.

I assure you that I did not submit any loan application at all, and I did not take any loan during my time on the forum.
Please decline any loan application submitted until I resolve the account hacking issue.
hero member
Activity: 882
Merit: 800
January 12, 2024, 05:58:36 AM
#63
If the hack happened for using the same password and teleporting the account then only the admin/moderators of that site may know the password.
I read the word "teleporting" several times, and it turns out to be something offered by a shitcoin forum. Are people dumb enough to share their password with them for extra "perks"? If so, that's not even a hack, it's just giving it away.

It's only foolish people that will sign up another website and use same password or having a regular password they do use, I have also teleported my account but there no hack or someone using my account to go collect loan and claims it was a hack or something similar. It is unwise for someone to go teleport their account and still use the same password as the previous place and again, for Shasan he doesn't accept loan immediately. For few times I have applied for loans it took me almost about 18hrs to 24hrs before accepting my loans and as then the real account owner might have come online to noticed the evil going on his account then he could call for cancellation.

I think have also told him to always request for a signed a massage from the wallet the used in their current campaign because I believe he wouldn't release any loan if that person is not in campaign so, even though they come claiming is not them with the sign messages it could be very tough for them to apply loan, except that hacker have access the bitcoin wallet as well. And note one thing, when someone also complained about this then you should know that is a lie, after all the discussion going on here you think we could be so loss about our phrase key and private keys after regularly involving in discussion that says not your key not your coin.
hero member
Activity: 784
Merit: 672
Top Crypto Casino
January 11, 2024, 11:29:24 AM
#62
Also, there might be another reason if his laptop/computer/mobile phone is used by his friends then the occurrence might happen by one of his friends who does not require anything change.
That could also happen but for doing something like that the other person who has access to his device be aware of Bitcointalk and its lending board. Most of the people still don't know about this forum and that's why it's unlikely that someone friend could done any harm to someone's account. But, still that's a possibility which we can't avoid.
I read the word "teleporting" several times, and it turns out to be something offered by a shitcoin forum. Are people dumb enough to share their password with them for extra "perks"? If so, that's not even a hack, it's just giving it away.
That altforum and it's admin has never asked for someone's password to give them extra perks. Most of the users who teleported to that forum used completely new password and so far no one of them were forced to use the same password that they have on Bitcointalk or on someone else. In fact they were giving good opportunity to the users who already had ranked on Bitcointalk, I don't think anything is wrong in that. It's a win-win situation for all the users but if someone uses the same password due to his/her own irresponsibility then we can't blame that forum or someone else for that thing.
legendary
Activity: 1820
Merit: 2700
Crypto Swap Exchange
January 11, 2024, 04:20:36 AM
#61
If the hack happened for using the same password and teleporting the account then only the admin/moderators of that site may know the password.
I read the word "teleporting" several times, and it turns out to be something offered by a shitcoin forum. Are people dumb enough to share their password with them for extra "perks"? If so, that's not even a hack, it's just giving it away.

No, that's not how it works. Not even the shitcointalk admin would be that foolish to put its members at such risk. To "teleport" your account, all you need to do is to use the same username and add a link to your altcoinstalk profile on your bitcointalk forum profile (e.g., under your website link) to verify ownership.

But I guess there might be users who are "dumb" enough to think they have to use the same password too.

As for forum admins (or mods) knowing your forum password, that shouldn't happen either. Generally, passwords are stored in a database in a hashed format, which makes it difficult to reverse back into the original password. However, this doesn't mean that people should blindly trust every online platform to have honest intentions.

Quote
It's not a good practice to use the same passwords on different platforms
Don't be subtle: it's stupid Tongue
Get a password manager, don't store your password database in the cloud, and make regular backups. It takes a while to set up and change passwords for everything, but it's worth it.

I agree. Also, use 2FA wherever possible.
legendary
Activity: 3290
Merit: 16489
Thick-Skinned Gang Leader and Golden Feather 2021
January 11, 2024, 01:05:30 AM
#60
If the hack happened for using the same password and teleporting the account then only the admin/moderators of that site may know the password.
I read the word "teleporting" several times, and it turns out to be something offered by a shitcoin forum. Are people dumb enough to share their password with them for extra "perks"? If so, that's not even a hack, it's just giving it away.

if his laptop/computer/mobile phone is used by his friends then the occurrence might happen by one of his friends who does not require anything change.
That's why computers have user accounts. Nobody uses my account, but I don't mind creating new accounts for friends. There's no need to give others access to your data.
copper member
Activity: 2422
Merit: 1313
Playbet.io - Crypto Casino and Sportsbook
January 10, 2024, 08:15:45 PM
#59
I believe that tjtonmoy also created a post where he shared some information about databases where his IP address was found. And, I believe if that's true then his accounts on other platforms might be at risk because hackers often share such databases with other users who can easily copy the details and login with those details. Most of the members aren't aware of such things but that's happening.

It's not a good practice to use the same passwords on different platforms and the one who does that often gets targeted by the hackers. It's always better to use different passwords for different platforms and one should also enable 2FA if it's present. During my research I have also found that some people use their e-mail's original password on other platforms but they don't know that they can easily lose all of their accounts on other platforms if an hacker successfully get logged in to their e-mail accounts.
You have guessed the perfect way to be such a hacker if it really happened. Also, there might be another reason if his laptop/computer/mobile phone is used by his friends then the occurrence might happen by one of his friends who does not require anything change.
hero member
Activity: 784
Merit: 672
Top Crypto Casino
January 10, 2024, 04:20:47 PM
#58
If the hack happened for using the same password and teleporting the account then only the admin/moderators of that site may know the password. If the hack happened for teleport then the scammer is the admin/moderator. Though I do not know who is the admin/moderator and whether they have any intention to be a hacker or not I think they won't do this. I think the hack might have happened for another reason not for using the same password. One more important fact is that others happened same the hacker (which they said) those are not confirmed about the using of same password.
I also don't know actually who's the admin of that forum and where is he from but I don't think that he would do something like this. Their forum is getting more users each day and most of the users of this forum are already on that forum, that's why they would never do something that would harm their reputation. I think that tjtonmoy used same password on multiple platforms and that can be the reason for his account getting compromised.

I believe that tjtonmoy also created a post where he shared some information about databases where his IP address was found. And, I believe if that's true then his accounts on other platforms might be at risk because hackers often share such databases with other users who can easily copy the details and login with those details. Most of the members aren't aware of such things but that's happening.

It's not a good practice to use the same passwords on different platforms and the one who does that often gets targeted by the hackers. It's always better to use different passwords for different platforms and one should also enable 2FA if it's present. During my research I have also found that some people use their e-mail's original password on other platforms but they don't know that they can easily lose all of their accounts on other platforms if an hacker successfully get logged in to their e-mail accounts.
copper member
Activity: 2422
Merit: 1313
Playbet.io - Crypto Casino and Sportsbook
January 10, 2024, 01:34:00 PM
#57
Teleporting an account from Bitcointalk to Altcoinstalks, and using a same password. It breaks an important principle, don't reuse password on different platforms.
If the hack happened for using the same password and teleporting the account then only the admin/moderators of that site may know the password. If the hack happened for teleport then the scammer is the admin/moderator. Though I do not know who is the admin/moderator and whether they have any intention to be a hacker or not I think they won't do this. I think the hack might have happened for another reason not for using the same password. One more important fact is that others happened same the hacker (which they said) those are not confirmed about the using of same password.
legendary
Activity: 2800
Merit: 2736
Farewell LEO: o_e_l_e_o
January 08, 2024, 08:16:06 AM
#56
In my opinion, if someone didn't scam and steal money, they can be forgiven for just about anything. Anything that the forum doesn't deem illegal anyways.
In addition red tags are for failed trade, you covered the proven scam thing anyway.

Quote
Ask and respect the decision. It may or may not go the way you wish, but that's what you have to deal with.
How many inappropriate feedback you will need to see before you make the decision that it's enough with the respect? You are not supporting the reason for the red feedback but you are fine with having JollyGood on your trust list.
legendary
Activity: 2688
Merit: 1262
January 08, 2024, 08:12:20 AM
#55
-snip-
@Peanutstar case has been solved, he paid back the money. Meanwhile, for me, the scammer failed to get the loan due to the address change. I with @Shansan already have multiple successful loans around 150-300$ not only with him but also with @Darkstar_. The sign message is the simplest thing to prove the ownership of your account, however, you need to (Stake) your address first (Unless the hacker compromises your address and is being used for the stake) I can tell the fault is on you.
----
None of us want these happening, this business requires both sides. Usually, the lender will ask you to (Sign Message) at the time you ask loan (If this is your first time requesting a loan). Then, If you ask for a loan again with the lender (As long you use the same address you're using from the previous loan) they will not ask you to (Sign-Message) again (Unless) is changed. Well, the hacker asked with his fresh address not the same address I was using with Shansan so he declined the request unless he can make some sign message to prove the request was by the real owners who asking loan with a different address.
hero member
Activity: 812
Merit: 560
January 08, 2024, 08:08:51 AM
#54
I have noticed several accusations that they have not asked me for any loan but they have not changed their password. Unfortunately, I have accepted one of them. I am worried about the access of those accounts without changing the password. How is the hacker processing like this?

The challenge here is not about changing the password to that account that necessarily matters first, this hackershave developed more strong resistance that could make them hack and yet make it appear they didn't, the easiest way for them to do so is by having access to the device we are using to browse or access the forum, then they try to use our same logins details already backed up on the google and copy them to log in, two of them will be using the account together, the user will not be suspecious because he's still having access to the account, but attrocities like loan, spamming, or change of wallet address could be initiated by the hackers on the user's behalf, we have to watch well all our devices and avoid any third party access on them.
Pages:
Jump to: