wxa7115 account hacked | Bitcointalksearch.org

wxa7115_recovery

newbie

Activity: 8

Merit: 4

Quote from: DYING_S0UL on October 02, 2024, 10:04:51 PM

Sorry if it sounds dumb. I never knew VPN services provided email. Only thought tempmail had an expiration. I don't use VPN's much. If it's okay, can you tell which VPN provider gives this kind of facility or which one you used? Tongue

There are several VPN services which can also provide an email for a price or as it was in my case as a temporary promotion, I used torguard, which for obvious reasons I cannot really recommend as an email provider.

Quote

Good luck with your appeal, I hope you get back your account.

The process is still ongoing, but I hope the evidence provided is enough to prove my case.

Lucius

legendary

Activity: 3234

Merit: 5637

Blackjack.fun-Free Raffle-Join&Win $50🎲

@DYING_S0UL, I don't see anything strange here, because today there are a lot of services that offer a lot of things within their services - for example, we have the very popular Proton e-mail, within which, among other things, you can use VPN - and also as part of some AV security packages you also get and VPN.

However, the OP, like everyone else, should use some more serious e-mail providers when it comes to this forum and any online service that is important to us.

DYING_S0UL

sr. member

Activity: 322

Merit: 318

The Alliance Of Bitcointalk Translators - ENG>BAN

Quote from: wxa7115_recovery on August 18, 2024, 07:54:04 AM

A good question, and I suppose the most likely answer is we cannot expect for a VPN provider to hold the same kind of security as Gmail and other similar services.

Sorry if it sounds dumb. I never knew VPN services provided email. Only thought tempmail had an expiration. I don't use VPN's much. If it's okay, can you tell which VPN provider gives this kind of facility or which one you used? Tongue

Good luck with your appeal, I hope you get back your account.

wxa7115_recovery

newbie

Activity: 8

Merit: 4

Up

Still waiting for a response from the recovery team.

wxa7115_recovery

newbie

Activity: 8

Merit: 4

As an update, I was contacted by the recovery team and I was asked to produce further evidence, I have provided it and expect a positive outcome during the next weeks.

wxa7115_recovery

newbie

Activity: 8

Merit: 4

Quote from: Shishir99 on August 19, 2024, 01:42:42 AM

Quote from: JeromeTash on August 16, 2024, 12:30:39 AM

I am not sure if i get you right, what do you mean by the email address expired?
Are you trying to say the hacker got hold of your old email address you used to register the account?

Satoshi's email was compromised in the same way

Quote from: theymos on September 08, 2014, 04:06:34 PM

Perhaps [email protected] expired and then someone else registered it.

There are some services where your email or account may get expired and someone else can register the same email again. If you are someone famous and your email address is known by others, they won't give you an hour if it's get expired. But I don't know what has happened with this guy. Probably same case.

This just goes to show you that regardless of whether you are the founder or just a regular user, hackers are always looking for any vulnerability they can find and take advantage of it

Shishir99

hero member

Activity: 770

Merit: 482

Quote from: JeromeTash on August 16, 2024, 12:30:39 AM

I am not sure if i get you right, what do you mean by the email address expired?
Are you trying to say the hacker got hold of your old email address you used to register the account?

Satoshi's email was compromised in the same way

Quote from: theymos on September 08, 2014, 04:06:34 PM

Perhaps [email protected] expired and then someone else registered it.

There are some services where your email or account may get expired and someone else can register the same email again. If you are someone famous and your email address is known by others, they won't give you an hour if it's get expired. But I don't know what has happened with this guy. Probably same case.

JeromeTash

legendary

Activity: 2338

Merit: 1261

Heisenberg

Quote from: Alone055 on August 17, 2024, 11:58:55 AM

How did the hacker know the email attached to your account? Again, another simple mistake: you must always have the "Hide email address from public?" option checked in "Account Related Settings" so that no one can see the email address attached to your account when they check your public profile.

This!

It also got me wondering how some random chap out there who then got OP's formally expired email address figured out that he had an account registered on Bitcointalk and therefore hacked it as soon as possible. I do believe in coincidences but.....

Anyway, the ball is in the cryptios team's hands. I believe they will gather all the available evidence and make a verdict. Good Luck to OP.

Upgrade00

legendary

Activity: 2114

Merit: 2248

Playgram - The Telegram Casino

Quote from: Alone055 on August 17, 2024, 11:58:55 AM

Again, another simple mistake: you must always have the "Hide email address from public?" option checked in "Account Related Settings" so that no one can see the email address attached to your account when they check your public profile.

In this case I believe the email address was hidden, the service provider when they gave the address to someone else, they must have been able to view previous emails received and sent. This is my best guess on how they were able to link it to the forum account.

Quote from: Alone055 on August 17, 2024, 11:58:55 AM

I also wonder how a person can create the same email address provided to someone by a specific service, in your case, the VPN service. If they were to buy the same promotion, they would probably not be allowed to have the same email address as yours.

Services do this for free email or phone number offers, they can always rotate this around to other users when the free promotion expires. Some can have more than one person using an email or phone number a the same time.

wxa7115_recovery

newbie

Activity: 8

Merit: 4

Quote from: Ambatman on August 17, 2024, 04:56:05 AM

Been here before and it ain't funny
As long as there's no mishap you should have your account before the month end.
Nobody needs to advice you now on importance of using a secured email.
Lol experienced sure is an harsh teacher.
Success in advance.

Thanks, nice to know the possible ETA this process may take, sucks you had to go through this too.

Quote from: Alone055 on August 17, 2024, 11:58:55 AM

Quote from: wxa7115_recovery on August 16, 2024, 01:39:21 AM

What I mean is that I bought a VPN and I received a free email, then at a later time the promotion expired and the VPN eventually stopped providing me that email, I stopped having access to it and the data in it was most likely erased

So why didn't you change the email address after the VPN promotion expired and they stopped providing you the email? I know that you didn't anticipate something like this happening, but it's a normal security concern to have everything up-to-date in your account. You don't need to have access to the previous email to change it to a new one, all you need is your password.

Anything other than saying I am a dumbass and careless will ring hollow, I should have done exactly as you describe, but I did not.

Quote

I also wonder how a person can create the same email address provided to someone by a specific service, in your case, the VPN service. If they were to buy the same promotion, they would probably not be allowed to have the same email address as yours.

A good question, and I suppose the most likely answer is we cannot expect for a VPN provider to hold the same kind of security as Gmail and other similar services.

Alone055

sr. member

Activity: 1204

Merit: 290

Quote from: wxa7115_recovery on August 16, 2024, 01:39:21 AM

What I mean is that I bought a VPN and I received a free email, then at a later time the promotion expired and the VPN eventually stopped providing me that email, I stopped having access to it and the data in it was most likely erased

So why didn't you change the email address after the VPN promotion expired and they stopped providing you the email? I know that you didn't anticipate something like this happening, but it's a normal security concern to have everything up-to-date in your account. You don't need to have access to the previous email to change it to a new one, all you need is your password.

Quote from: wxa7115_recovery on August 16, 2024, 01:39:21 AM

then at a some point the hacker created that same email and use it to reset the password by email.

How did the hacker know the email attached to your account? Again, another simple mistake: you must always have the "Hide email address from public?" option checked in "Account Related Settings" so that no one can see the email address attached to your account when they check your public profile.

I also wonder how a person can create the same email address provided to someone by a specific service, in your case, the VPN service. If they were to buy the same promotion, they would probably not be allowed to have the same email address as yours.

Ambatman

sr. member

Activity: 420

Merit: 315

Top Crypto Casino

Been here before and it ain't funny
As long as there's no mishap you should have your account before the month end.
Nobody needs to advice you now on importance of using a secured email.
Lol experienced sure is an harsh teacher.
Success in advance.

wxa7115_recovery

newbie

Activity: 8

Merit: 4

Quote from: Upgrade00 on August 16, 2024, 01:55:37 AM

It appears the account hasn't posted since then, but there is a possibility that it tries to pm people to scam them. You can try account recovery using secret question if you set one up, this will lock the account.

Never set one if my memory serves me right

Quote from: FatFork on August 16, 2024, 02:07:23 AM

You first used the Bech32 address bc1qc7k8... nearly four years ago, and it appears you've consistently used it for DCA-ing since then. Given this history and the absence of previous account issues, I believe it's reasonable to assume you still control this address. So, I think there's no need to sign an older one.

Cool, that saves me some effort.

Quote

By the way, congrats on finally consolidating those inputs! It was about time, right? You could've saved a few bucks if you'd done it earlier, but hey, better late than never.

LOL, it took me forever to consolidate my inputs, but I do not like to touch my wallets unless I absolutely have to.

FatFork

legendary

Activity: 1624

Merit: 2594

Top Crypto Casino

Quote from: wxa7115_recovery on August 16, 2024, 01:39:21 AM

Quote from: JeromeTash on August 16, 2024, 12:30:39 AM

Also signing a message from an older Bitcoin address is much more better like this address 14Ff7YBLb4N5QTdE596e8zpFgZeZfLvcgZ

If I am not mistaken that address belongs to the online wallet blockchain.com, formerly blockchain.info, so I cannot provide a signature for it.

However I think I can provide a signature from an address that is older than the one I provided already.

I am looking into it.

You first used the Bech32 address bc1qc7k8... nearly four years ago, and it appears you've consistently used it for DCA-ing since then. Given this history and the absence of previous account issues, I believe it's reasonable to assume you still control this address. So, I think there's no need to sign an older one.

By the way, congrats on finally consolidating those inputs! It was about time, right? You could've saved a few bucks if you'd done it earlier, but hey, better late than never.

Upgrade00

legendary

Activity: 2114

Merit: 2248

Playgram - The Telegram Casino

It appears the account hasn't posted since then, but there is a possibility that it tries to pm people to scam them. You can try account recovery using secret question if you set one up, this will lock the account.

There has been warnings on email security, but it's been a while I saw them. You made the mistake of using a promotional email address. The email providers likely transferred all previous data when the account was retrieved, and the new owner saw some bitcointalk related mails leading them here.

Do you have any other accounts linked to that address?

wxa7115_recovery

newbie

Activity: 8

Merit: 4

Quote from: JeromeTash on August 16, 2024, 12:30:39 AM

I am not sure if i get you right, what do you mean by the email address expired?
Are you trying to say the hacker got hold of your old email address you used to register the account?

What I mean is that I bought a VPN and I received a free email, then at a later time the promotion expired and the VPN eventually stopped providing me that email, I stopped having access to it and the data in it was most likely erased, then at a some point the hacker created that same email and use it to reset the password by email.

Quote from: JeromeTash on August 16, 2024, 12:30:39 AM

Also signing a message from an older Bitcoin address is much more better like this address 14Ff7YBLb4N5QTdE596e8zpFgZeZfLvcgZ

If I am not mistaken that address belongs to the online wallet blockchain.com, formerly blockchain.info, so I cannot provide a signature for it.

However I think I can provide a signature from an address that is older than the one I provided already.

I am looking into it.

KingsDen

legendary

Activity: 1288

Merit: 1081

Goodnight, o_e_l_e_o 🌹

Quote from: JeromeTash on August 16, 2024, 12:30:39 AM

I am not sure if i get you right, what do you mean by the email address expired?
Are you trying to say the hacker got hold of your old email address you used to register the account?

I think he meant that he stopped using the email, maybe the purpose of creating the email was accomplished and Op abandoned it and the hacker picked it up. This is why it is advisable to have a separate email for the forum your private or work email.

I have checked the activity log and this is the first time of resetting password in the account.

JeromeTash

legendary

Activity: 2338

Merit: 1261

Heisenberg

I am not sure if i get you right, what do you mean by the email address expired?
Are you trying to say the hacker got hold of your old email address you used to register the account?

Also signing a message from an older Bitcoin address is much more better like this address 14Ff7YBLb4N5QTdE596e8zpFgZeZfLvcgZ

wxa7115_recovery

newbie

Activity: 8

Merit: 4

On August 14, 2024, 06:02:34 PM the seclog indicates the password for the account wxa7115 was reset by email, however I did not did this, after taking the time to verify and check my devices, I think that what happened was that this was an old email that expired and disappeared some time ago, and the hacker made it again and that is how they could gain control of my account.

This is my signed message proving my ownership:

Code:

-----BEGIN BITCOIN SIGNED MESSAGE-----
This is wxa7115, my account has been hacked, today is August 16 2024 according to the default forum time, please verify this message and red tag my account until it gets back to me.
-----BEGIN SIGNATURE-----
bc1qc7k8p6mtgss6s3ws3ddhpw0hf6ywhpwzx49tez
IHh1Zgwk1ogMnRuolUBuYr/W3KJnL3oBMyayQBmo74NBSF1NRdrEVhVmUT8uM6mVS75+N3t+GgfwbsGdTGZ2Yro=
-----END BITCOIN SIGNED MESSAGE-----

I used that address here: https://bitcointalksearch.org/topic/m.58274941

Quote from: wxa7115 on October 26, 2021, 11:47:44 AM

Quote from: Hhampuz on October 25, 2021, 06:40:14 PM

Round 55 Payments have been sent out!

Thank you all for yet another great week, keep it up!

We have 1x Hero Member position open, apply now!

Bitcointalk Profile Link: https://bitcointalksearch.org/user/wxa7115-509190
Current amount of posts (including this one): 5520
SegWit (preferably bech32) BTC Address for Payouts: bc1qc7k8p6mtgss6s3ws3ddhpw0hf6ywhpwzx49tez
EARNED merit in the last 120 days: 45

And here is that post quoted in the case it is deleted by the hacker: https://bitcointalksearch.org/topic/m.58277196

Quote from: Hhampuz on October 26, 2021, 07:42:26 PM

Quote from: wxa7115 on October 26, 2021, 11:47:44 AM

Bitcointalk Profile Link: https://bitcointalksearch.org/user/wxa7115-509190
Current amount of posts (including this one): 5520
SegWit (preferably bech32) BTC Address for Payouts: bc1qc7k8p6mtgss6s3ws3ddhpw0hf6ywhpwzx49tez
EARNED merit in the last 120 days: 45

Accepted! Welcome to the Campaign

We are once again CFNP, thank you all for the applications.

I am already following the procedure described here to recover my account, but it could take time for this to happen, and the community needs to be aware of what is happening.

Topic: wxa7115 account hacked (Read 441 times)