Topic: What is going on??? - page 3. (Read 1776 times)

I don't think it has anything to do with the AltcoinTalk forum, I personally used a completely different password from my BitcoinTalk account.

I guess that my problem started after downloading a crack for a video format converter program. Although the site from which I downloaded the file is usually reliable, it may have contained a Trojan.

No one sent me a link or a suspicious email. I downloaded the file personally at my own risk. It was a big mistake for which I unfortunately paid dearly.

https://socradar.io/what-is-stealer-as-a-service/

There may be something that these users all have in common:

- Peanutswar
- tjtonmoy
- ryzaadit
- yhiaali3

I don't think it has to do with altcoinstalks b/c it happened to Peanutswar before the account teleport option was a thing, and I'm not sure they are all members of that forum...

Could be any number of things. It could even be somebody buying stolen login credentials from the malware service subscribers.

How do they get infected? If it's targeted attacks, they must know how to get the user to install the malware.

​
Yes, definitely, this is a new and literal way to steal by requesting a loan after hacking the account and not changing anything. If it were not for the notification that came to me via the Telegram bot, I would not have known that my account had been hacked and that someone was submitting a loan request through my account. It is likely that the hacker is a member of Bitcoin Talk and knows how to use the forum well.

Fortunately, Shasan has great experience in loans and acted very professionally, otherwise I would have been exposed to a difficult situation, either repaying a loan that I did not obtain or obtaining negative trust.

It is also good that two-factor protection has been added in the forum to increase security, now I have changed the password and enabled two-factor protection.

So the issue seems to be infostealer malware targeting Bitcointalk users. But not only that, whoever is paying for it (its a Malware-as-a-Service subscriber) knows how to apply for loans on Bitcointalk and do so in such a manner that does not arouse suspicion. Very sophisticated, and somewhat of a new phenomenon on the forum (going back to the case of Peanutswar who seems to be the first victim).

No, it's completely different. I use a unique password for each of my accounts

My device has already been infected with a virus, and I have formatted and erased all of the disks, and I am now in the process of changing the passwords for all my accounts.
Thank you

Sorry for off-topic but the I took time to catch a trust abuser at the same time.


So little Nut's can maybe come up with proofs before accusing other people? And be honest what you believe or think is totally irrelevant same a what I believe or think.
And I talk about proof's not the nonsense shit you accused me of first time even tho we NEVER interact Are you human enough to do that?

Why did you get so angry so you had to give me feedback when I discussed with the mega liar Alterra57? When I asked him for proof's for he's totally sick lies about me he instant locked the thread and started insult me instead  and you supported it very strange. Can be read here: https://bitcointalksearch.org/topic/m.63492761
That thread was fast to lock and disappear when asking for proof's came up to the table. Why was you so fast to back him up and change my message you quoted?

Just a normal question: I wonder who is in need of money the most. You or Me. Who do you think? You or Me?

---

Now back to topic

It's terrible that people need to loan money in first place from strangers online. That's not what a forum should offer but Sashan obvious is a good guy and offer it any many cunts take advance of it and I think it's many alt accounts that doing this shit. I can only speak from what I think, but my voice matter's as much as all others here.

But lets be honest (this maybe will be laughed at since it a sensitive subject, and a few rep-members don't like to talk about that)  But who cares? This is a free to speech forum right?
How hard is it for a REP-member to create an ALT just throw it with merits and pretend it's somebody "new"?? I am not saying this is the case, but it's not hard at all if you being here long time enough and know people and if you are a merit source you are home and can do whatever you want, and it's so easy to blame a new user and just switch focus, bet be realistic how will a new member rank up compare to a already know member that can get 100 merits in 10 days if he/she wish.

I think it's something strange at this place, something very strange but I don't throw mud at someone personal I just saying what I am seeing and think.  
And as fast you open your mouth and share opinions you shall be overflooded with Feedback like: "troll" "idiot" "loser" "scammer" "multi account". and bl.a bl.a bl.a
It's sad people don't know what other opinions and constructive criticism here is.

Yes maybe I am an idiot in your eyes but you know what I am isn't? You! and I am so happy for that.
And yes, if you got life exp you can see things and a path after six months.

Best regards
BabyBandit

Can you confirm that you used your Bitcointalk password on Altcoinstalks?

I am not judging you. Just trying to find the root of the problem.

If it was a different password, I recommend running a virus scan on your computer.

Yes, the hacker did not change anything, he is using my login information.
Now you have changed the password and activated two-factor protection
It is good that two-factor protection has been added to the forum
Thank you

Another hacking issue without changing email and/or passord.

It's only foolish people that will sign up another website and use same password or having a regular password they do use, I have also teleported my account but there no hack or someone using my account to go collect loan and claims it was a hack or something similar. It is unwise for someone to go teleport their account and still use the same password as the previous place and again, for Shasan he doesn't accept loan immediately. For few times I have applied for loans it took me almost about 18hrs to 24hrs before accepting my loans and as then the real account owner might have come online to noticed the evil going on his account then he could call for cancellation.

I think have also told him to always request for a signed a massage from the wallet the used in their current campaign because I believe he wouldn't release any loan if that person is not in campaign so, even though they come claiming is not them with the sign messages it could be very tough for them to apply loan, except that hacker have access the bitcoin wallet as well. And note one thing, when someone also complained about this then you should know that is a lie, after all the discussion going on here you think we could be so loss about our phrase key and private keys after regularly involving in discussion that says not your key not your coin.

That could also happen but for doing something like that the other person who has access to his device be aware of Bitcointalk and its lending board. Most of the people still don't know about this forum and that's why it's unlikely that someone friend could done any harm to someone's account. But, still that's a possibility which we can't avoid.
That altforum and it's admin has never asked for someone's password to give them extra perks. Most of the users who teleported to that forum used completely new password and so far no one of them were forced to use the same password that they have on Bitcointalk or on someone else. In fact they were giving good opportunity to the users who already had ranked on Bitcointalk, I don't think anything is wrong in that. It's a win-win situation for all the users but if someone uses the same password due to his/her own irresponsibility then we can't blame that forum or someone else for that thing.

No, that's not how it works. Not even the shitcointalk admin would be that foolish to put its members at such risk. To "teleport" your account, all you need to do is to use the same username and add a link to your altcoinstalk profile on your bitcointalk forum profile (e.g., under your website link) to verify ownership.

But I guess there might be users who are "dumb" enough to think they have to use the same password too.

As for forum admins (or mods) knowing your forum password, that shouldn't happen either. Generally, passwords are stored in a database in a hashed format, which makes it difficult to reverse back into the original password. However, this doesn't mean that people should blindly trust every online platform to have honest intentions.


I agree. Also, use 2FA wherever possible.

I read the word "teleporting" several times, and it turns out to be something offered by a shitcoin forum. Are people dumb enough to share their password with them for extra "perks"? If so, that's not even a hack, it's just giving it away.

That's why computers have user accounts. Nobody uses my account, but I don't mind creating new accounts for friends. There's no need to give others access to your data.

You have guessed the perfect way to be such a hacker if it really happened. Also, there might be another reason if his laptop/computer/mobile phone is used by his friends then the occurrence might happen by one of his friends who does not require anything change.

I also don't know actually who's the admin of that forum and where is he from but I don't think that he would do something like this. Their forum is getting more users each day and most of the users of this forum are already on that forum, that's why they would never do something that would harm their reputation. I think that tjtonmoy used same password on multiple platforms and that can be the reason for his account getting compromised.

I believe that tjtonmoy also created a post where he shared some information about databases where his IP address was found. And, I believe if that's true then his accounts on other platforms might be at risk because hackers often share such databases with other users who can easily copy the details and login with those details. Most of the members aren't aware of such things but that's happening.

It's not a good practice to use the same passwords on different platforms and the one who does that often gets targeted by the hackers. It's always better to use different passwords for different platforms and one should also enable 2FA if it's present. During my research I have also found that some people use their e-mail's original password on other platforms but they don't know that they can easily lose all of their accounts on other platforms if an hacker successfully get logged in to their e-mail accounts.

If the hack happened for using the same password and teleporting the account then only the admin/moderators of that site may know the password. If the hack happened for teleport then the scammer is the admin/moderator. Though I do not know who is the admin/moderator and whether they have any intention to be a hacker or not I think they won't do this. I think the hack might have happened for another reason not for using the same password. One more important fact is that others happened same the hacker (which they said) those are not confirmed about the using of same password.

In addition red tags are for failed trade, you covered the proven scam thing anyway.

How many inappropriate feedback you will need to see before you make the decision that it's enough with the respect? You are not supporting the reason for the red feedback but you are fine with having JollyGood on your trust list.

@Peanutstar case has been solved, he paid back the money. Meanwhile, for me, the scammer failed to get the loan due to the address change. I with @Shansan already have multiple successful loans around 150-300$ not only with him but also with @Darkstar_. The sign message is the simplest thing to prove the ownership of your account, however, you need to (Stake) your address first (Unless the hacker compromises your address and is being used for the stake) I can tell the fault is on you.
----
None of us want these happening, this business requires both sides. Usually, the lender will ask you to (Sign Message) at the time you ask loan (If this is your first time requesting a loan). Then, If you ask for a loan again with the lender (As long you use the same address you're using from the previous loan) they will not ask you to (Sign-Message) again (Unless) is changed. Well, the hacker asked with his fresh address not the same address I was using with Shansan so he declined the request unless he can make some sign message to prove the request was by the real owners who asking loan with a different address.

The challenge here is not about changing the password to that account that necessarily matters first, this hackershave developed more strong resistance that could make them hack and yet make it appear they didn't, the easiest way for them to do so is by having access to the device we are using to browse or access the forum, then they try to use our same logins details already backed up on the google and copy them to log in, two of them will be using the account together, the user will not be suspecious because he's still having access to the account, but attrocities like loan, spamming, or change of wallet address could be initiated by the hackers on the user's behalf, we have to watch well all our devices and avoid any third party access on them.