Author

Topic: wxa7115 account hacked (Read 445 times)

newbie
Activity: 8
Merit: 4
October 05, 2024, 07:21:29 PM
#19
Sorry if it sounds dumb. I never knew VPN services provided email. Only thought tempmail had an expiration. I don't use VPN's much. If it's okay, can you tell which VPN provider gives this kind of facility or which one you used? Tongue
There are several VPN services which can also provide an email for a price or as it was in my case as a temporary promotion, I used torguard, which for obvious reasons I cannot really recommend as an email provider.

Quote
Good luck with your appeal, I hope you get back your account.
The process is still ongoing, but I hope the evidence provided is enough to prove my case.
legendary
Activity: 3234
Merit: 5637
Blackjack.fun-Free Raffle-Join&Win $50🎲
October 03, 2024, 04:34:57 AM
#18
@DYING_S0UL, I don't see anything strange here, because today there are a lot of services that offer a lot of things within their services - for example, we have the very popular Proton e-mail, within which, among other things, you can use VPN - and also as part of some AV security packages you also get and VPN.

However, the OP, like everyone else, should use some more serious e-mail providers when it comes to this forum and any online service that is important to us.
sr. member
Activity: 322
Merit: 318
The Alliance Of Bitcointalk Translators - ENG>BAN
October 02, 2024, 10:04:51 PM
#17
A good question, and I suppose the most likely answer is we cannot expect for a VPN provider to hold the same kind of security as Gmail and other similar services.
Sorry if it sounds dumb. I never knew VPN services provided email. Only thought tempmail had an expiration. I don't use VPN's much. If it's okay, can you tell which VPN provider gives this kind of facility or which one you used? Tongue

Good luck with your appeal, I hope you get back your account.
newbie
Activity: 8
Merit: 4
October 02, 2024, 07:07:02 PM
#16
Up

Still waiting for a response from the recovery team.
newbie
Activity: 8
Merit: 4
September 01, 2024, 08:34:53 PM
#15
As an update, I was contacted by the recovery team and I was asked to produce further evidence, I have provided it and expect a positive outcome during the next weeks.
newbie
Activity: 8
Merit: 4
August 26, 2024, 07:20:06 PM
#14
I am not sure if i get you right, what do you mean by the email address expired?
Are you trying to say the hacker got hold of your old email address you used to register the account?

Satoshi's email was compromised in the same way

Perhaps [email protected] expired and then someone else registered it.

There are some services where your email or account may get expired and someone else can register the same email again. If you are someone famous and your email address is known by others, they won't give you an hour if it's get expired. But I don't know what has happened with this guy. Probably same case.
This just goes to show you that regardless of whether you are the founder or just a regular user, hackers are always looking for any vulnerability they can find and take advantage of it
hero member
Activity: 840
Merit: 522
August 19, 2024, 01:42:42 AM
#13
I am not sure if i get you right, what do you mean by the email address expired?
Are you trying to say the hacker got hold of your old email address you used to register the account?

Satoshi's email was compromised in the same way

Perhaps [email protected] expired and then someone else registered it.

There are some services where your email or account may get expired and someone else can register the same email again. If you are someone famous and your email address is known by others, they won't give you an hour if it's get expired. But I don't know what has happened with this guy. Probably same case.
legendary
Activity: 2366
Merit: 1272
Heisenberg
August 18, 2024, 03:20:36 PM
#12
How did the hacker know the email attached to your account? Again, another simple mistake: you must always have the "Hide email address from public?" option checked in "Account Related Settings" so that no one can see the email address attached to your account when they check your public profile.
This!

It also got me wondering how some random chap out there who then got OP's formally expired email address figured out that he had an account registered on Bitcointalk and therefore hacked it as soon as possible. I do believe in coincidences but.....

Anyway, the ball is in the cryptios team's hands. I believe they will gather all the available evidence and make a verdict. Good Luck to OP.
legendary
Activity: 2254
Merit: 2406
Playgram - The Telegram Casino
August 18, 2024, 09:32:10 AM
#11
Again, another simple mistake: you must always have the "Hide email address from public?" option checked in "Account Related Settings" so that no one can see the email address attached to your account when they check your public profile.
In this case I believe the email address was hidden, the service provider when they gave the address to someone else, they must have been able to view previous emails received and sent. This is my best guess on how they were able to link it to the forum account.

I also wonder how a person can create the same email address provided to someone by a specific service, in your case, the VPN service. If they were to buy the same promotion, they would probably not be allowed to have the same email address as yours.
Services do this for free email or phone number offers, they can always rotate this around to other users when the free promotion expires. Some can have more than one person using an email or phone number a the same time.
newbie
Activity: 8
Merit: 4
August 18, 2024, 07:54:04 AM
#10
Been here before and it ain't funny
As long as there's no mishap you should have your account before the month end.
Nobody needs to advice you now on importance of using a secured email.
Lol experienced sure is an harsh teacher.
Success in advance.
Thanks, nice to know the possible ETA this process may take, sucks you had to go through this too.



What I mean is that I bought a VPN and I received a free email, then at a later time the promotion expired and the VPN eventually stopped providing me that email, I stopped having access to it and the data in it was most likely erased

So why didn't you change the email address after the VPN promotion expired and they stopped providing you the email? I know that you didn't anticipate something like this happening, but it's a normal security concern to have everything up-to-date in your account. You don't need to have access to the previous email to change it to a new one, all you need is your password.
Anything other than saying I am a dumbass and careless will ring hollow, I should have done exactly as you describe, but I did not.



Quote
I also wonder how a person can create the same email address provided to someone by a specific service, in your case, the VPN service. If they were to buy the same promotion, they would probably not be allowed to have the same email address as yours.
A good question, and I suppose the most likely answer is we cannot expect for a VPN provider to hold the same kind of security as Gmail and other similar services.
sr. member
Activity: 1260
Merit: 358
August 17, 2024, 11:58:55 AM
#9
What I mean is that I bought a VPN and I received a free email, then at a later time the promotion expired and the VPN eventually stopped providing me that email, I stopped having access to it and the data in it was most likely erased

So why didn't you change the email address after the VPN promotion expired and they stopped providing you the email? I know that you didn't anticipate something like this happening, but it's a normal security concern to have everything up-to-date in your account. You don't need to have access to the previous email to change it to a new one, all you need is your password.

then at a some point the hacker created that same email and use it to reset the password by email.

How did the hacker know the email attached to your account? Again, another simple mistake: you must always have the "Hide email address from public?" option checked in "Account Related Settings" so that no one can see the email address attached to your account when they check your public profile.

I also wonder how a person can create the same email address provided to someone by a specific service, in your case, the VPN service. If they were to buy the same promotion, they would probably not be allowed to have the same email address as yours.
sr. member
Activity: 490
Merit: 397
Playbet.io - Crypto Casino and Sportsbook
August 17, 2024, 04:56:05 AM
#8
Been here before and it ain't funny
As long as there's no mishap you should have your account before the month end.
Nobody needs to advice you now on importance of using a secured email.
Lol experienced sure is an harsh teacher.
Success in advance.
newbie
Activity: 8
Merit: 4
August 16, 2024, 02:34:06 AM
#7
It appears the account hasn't posted since then, but there is a possibility that it tries to pm people to scam them. You can try account recovery using secret question if you set one up, this will lock the account.
Never set one if my memory serves me right

You first used the Bech32 address bc1qc7k8... nearly four years ago, and it appears you've consistently used it for DCA-ing since then. Given this history and the absence of previous account issues, I believe it's reasonable to assume you still control this address. So, I think there's no need to sign an older one.
Cool, that saves me some effort.

Quote
By the way, congrats on finally consolidating those inputs! It was about time, right? You could've saved a few bucks if you'd done it earlier, but hey, better late than never.
LOL, it took me forever to consolidate my inputs, but I do not like to touch my wallets unless I absolutely have to.
legendary
Activity: 1820
Merit: 2700
Crypto Swap Exchange
August 16, 2024, 02:07:23 AM
#6
Also signing a message from an older Bitcoin address is much more better like this address 14Ff7YBLb4N5QTdE596e8zpFgZeZfLvcgZ
If I am not mistaken that address belongs to the online wallet blockchain.com, formerly blockchain.info, so I cannot provide a signature for it.

However I think I can provide a signature from an address that is older than the one I provided already.

I am looking into it.

You first used the Bech32 address bc1qc7k8... nearly four years ago, and it appears you've consistently used it for DCA-ing since then. Given this history and the absence of previous account issues, I believe it's reasonable to assume you still control this address. So, I think there's no need to sign an older one.

By the way, congrats on finally consolidating those inputs! It was about time, right? You could've saved a few bucks if you'd done it earlier, but hey, better late than never.
legendary
Activity: 2254
Merit: 2406
Playgram - The Telegram Casino
August 16, 2024, 01:55:37 AM
#5
It appears the account hasn't posted since then, but there is a possibility that it tries to pm people to scam them. You can try account recovery using secret question if you set one up, this will lock the account.

There has been warnings on email security, but it's been a while I saw them. You made the mistake of using a promotional email address. The email providers likely transferred all previous data when the account was retrieved, and the new owner saw some bitcointalk related mails leading them here.

Do you have any other accounts linked to that address?
newbie
Activity: 8
Merit: 4
August 16, 2024, 01:39:21 AM
#4
I am not sure if i get you right, what do you mean by the email address expired?
Are you trying to say the hacker got hold of your old email address you used to register the account?
What I mean is that I bought a VPN and I received a free email, then at a later time the promotion expired and the VPN eventually stopped providing me that email, I stopped having access to it and the data in it was most likely erased, then at a some point the hacker created that same email and use it to reset the password by email.

Also signing a message from an older Bitcoin address is much more better like this address 14Ff7YBLb4N5QTdE596e8zpFgZeZfLvcgZ
If I am not mistaken that address belongs to the online wallet blockchain.com, formerly blockchain.info, so I cannot provide a signature for it.

However I think I can provide a signature from an address that is older than the one I provided already.

I am looking into it.
legendary
Activity: 1302
Merit: 1089
Goodnight, o_e_l_e_o 🌹
August 16, 2024, 12:40:10 AM
#3
I am not sure if i get you right, what do you mean by the email address expired?
Are you trying to say the hacker got hold of your old email address you used to register the account?
I think he meant that he stopped using the email, maybe the purpose of creating the email was accomplished and Op abandoned it and the hacker picked it up. This is why it is advisable to have a separate email for the forum your private or work email.

I have checked the activity log and this is the first time of resetting password in the account.
legendary
Activity: 2366
Merit: 1272
Heisenberg
August 16, 2024, 12:30:39 AM
#2
I am not sure if i get you right, what do you mean by the email address expired?
Are you trying to say the hacker got hold of your old email address you used to register the account?

Also signing a message from an older Bitcoin address is much more better like this address 14Ff7YBLb4N5QTdE596e8zpFgZeZfLvcgZ
newbie
Activity: 8
Merit: 4
August 15, 2024, 10:07:23 PM
#1
On August 14, 2024, 06:02:34 PM the seclog indicates the password for the account wxa7115 was reset by email, however I did not did this, after taking the time to verify and check my devices, I think that what happened was that this was an old email that expired and disappeared some time ago, and the hacker made it again and that is how they could gain control of my account.

This is my signed message proving my ownership:

Code:
-----BEGIN BITCOIN SIGNED MESSAGE-----
This is wxa7115, my account has been hacked, today is August 16 2024 according to the default forum time, please verify this message and red tag my account until it gets back to me.
-----BEGIN SIGNATURE-----
bc1qc7k8p6mtgss6s3ws3ddhpw0hf6ywhpwzx49tez
IHh1Zgwk1ogMnRuolUBuYr/W3KJnL3oBMyayQBmo74NBSF1NRdrEVhVmUT8uM6mVS75+N3t+GgfwbsGdTGZ2Yro=
-----END BITCOIN SIGNED MESSAGE-----

I used that address here: https://bitcointalksearch.org/topic/m.58274941

Round 55 Payments have been sent out!


Thank you all for yet another great week, keep it up! Smiley

We have 1x Hero Member position open, apply now!
Bitcointalk Profile Link: https://bitcointalksearch.org/user/wxa7115-509190
Current amount of posts (including this one): 5520
SegWit (preferably bech32) BTC Address for Payouts: bc1qc7k8p6mtgss6s3ws3ddhpw0hf6ywhpwzx49tez
EARNED merit in the last 120 days: 45

And here is that post quoted in the case it is deleted by the hacker: https://bitcointalksearch.org/topic/m.58277196

Bitcointalk Profile Link: https://bitcointalksearch.org/user/wxa7115-509190
Current amount of posts (including this one): 5520
SegWit (preferably bech32) BTC Address for Payouts: bc1qc7k8p6mtgss6s3ws3ddhpw0hf6ywhpwzx49tez
EARNED merit in the last 120 days: 45

Accepted! Welcome to the Campaign Smiley


We are once again CFNP, thank you all for the applications.

I am already following the procedure described here to recover my account, but it could take time for this to happen, and the community needs to be aware of what is happening.
Jump to: