|
|
Just a heads up, my Email and Intgold account has been hacked by some dude using the IP 212.59.0.29
 I thought he only managed to get into my Email which happened last week but when I checked my Intgold just now it showed that my last failed log in came from the same IP that hacked into my email. Lucky thing Intgold uses a secondary password... if not I think I'd have no Intgold left...  I feel like shooting someone! 
Here is the info...Looks like it is thru a proxy.
212.59.0.29 is proxy.takas.lt inetnum: 212.59.0.0 - 212.59.0.63 netname: LIETUVOS-TELEKOMAS descr: PROVIDER descr: Joint Stock Company Lietuvos Telekomas descr: local, long distance and international telecommunications descr: services carrier descr: LOCAL REGISTRY country: LT admin-c: LTIN1-RIPE tech-c: LTIN1-RIPE rev-srv: ns1.telecom.lt rev-srv: ns2.telecom.lt status: ASSIGNED PA mnt-by: TELECOMLT-MNT changed: ******@lir.telecom.lt 20041217 source: RIPE route: 212.59.0.0/24 descr: LT-TELEKOMAS origin: AS8764 mnt-by: AS8764-MNT changed: ******@lir.telecom.lt 20030911 source: RIPE person: Lithuanian Telecom IP NCC address: Savanoriu 28 address: LT-03501 Vilnius address: Lithuania remarks: ******************************************************* remarks: * ABUSE CONTACT: *****@takas.lt in case of violation, * remarks: * illegal activity, scans, probes, spam, etc. * remarks: ******************************************************* phone: +370 5 2367082 e-mail: ******@lir.telecom.lt nic-hdl: LTIN1-RIPE mnt-by: TELECOMLT-MNT changed: ******@lir.telecom.lt 20041220 source: RIPE QUOTE(TeamAaronShara @ Apr 22 2005, 07:30 AM) Here is the info...Looks like it is thru a proxy. 212.59.0.29 is proxy.takas.lt inetnum: 212.59.0.0 - 212.59.0.63 netname: LIETUVOS-TELEKOMAS descr: PROVIDER descr: Joint Stock Company Lietuvos Telekomas descr: local, long distance and international telecommunications descr: services carrier descr: LOCAL REGISTRY country: LT admin-c: LTIN1-RIPE tech-c: LTIN1-RIPE rev-srv: ns1.telecom.lt rev-srv: ns2.telecom.lt status: ASSIGNED PA mnt-by: TELECOMLT-MNT changed: ******@lir.telecom.lt 20041217 source: RIPE route: 212.59.0.0/24 descr: LT-TELEKOMAS origin: AS8764 mnt-by: AS8764-MNT changed: ******@lir.telecom.lt 20030911 source: RIPE person: Lithuanian Telecom IP NCC address: Savanoriu 28 address: LT-03501 Vilnius address: Lithuania remarks: ******************************************************* remarks: * ABUSE CONTACT: *****@takas.lt in case of violation, * remarks: * illegal activity, scans, probes, spam, etc. * remarks: ******************************************************* phone: +370 5 2367082 e-mail: ******@lir.telecom.lt nic-hdl: LTIN1-RIPE mnt-by: TELECOMLT-MNT changed: ******@lir.telecom.lt 20041220 source: RIPE [right][snapback]223340[/snapback][/right] wow, what a specific description.
Yea..Welll Lets just say that we HATE people sometimes, and HATE is a strong word.. Why do people have to do this!
Aaron and Shara QUOTE(TeamAaronShara @ Apr 22 2005, 07:37 AM) Yea..Welll Lets just say that we HATE people sometimes, and HATE is a strong word.. Why do people have to do this! Aaron and Shara [right][snapback]223349[/snapback][/right] Who in the world doesn't love easy money ?
Yea well STEALING from others is not the right way!
Aaron and Shara QUOTE(Eighterz @ Apr 22 2005, 08:47 AM) Who in the world doesn't love easy money ? [right][snapback]223354[/snapback][/right]  Easy is one thing, stealing is another!!! 
QUOTE(oNLooKER @ Apr 22 2005, 07:51 AM) Easy is one thing, stealing is another!!! [right][snapback]223358[/snapback][/right] Agree ! That's the reason why the law in online world must keep going strong. The sad thing is, there's still no strong "online law" in my country.  That's way i always keep frightened and keep changing my password every one week in my major source of business online. damn, its hell of work. QUOTE(oNLooKER @ Apr 21 2005, 05:51 PM) Easy is one thing, stealing is another!!! [right][snapback]223358[/snapback][/right] Exactly... besides IMO, if a person can educate oneself to hack, steal, etc. ... they sure aught to be able to learn how to make money the honest way!  Besides, if you fail either way, which position would you rather be in? * Poor and free OR * Poor and in jail (with Big Bubba) 
got escaped one time round.
abang, make sure your computer is well protected..
I'm sorry to hear this OnLooker go find him and beat his
wow Onlooker that does suck.
i hate thieves.
QUOTE(nothinggirl @ Apr 22 2005, 09:26 AM) wow Onlooker that does suck. i hate thieves. [right][snapback]223388[/snapback][/right] Yeah it does... it's a good thing he didn't manage to take anything... well wasn't much in there to take anyways... made a mistake myself to have my email and Intgold passwords the same...  good thing my Intgold secondary was something else.... And a very good thing my Egold password is something different as well or I'd be down in the dust... Gotta do the password change from now on and make another account just for storage.... haih..... so much work.... now I appreciate the good old banks... 
U wont find tat person if u r under a proxy!.. sigh.. there's the real hacker of doing this...
thanks GOD you have your intgold account's money safe.....just because of secondary password.
If you had even gone to this site: (www.e-qold.com) (NOTE: 'q' not 'g'), i know how you password got stolen. The guy who built the fake egold site lives in lithuania. The ip you provided here is a lithuanian IP.
My intgold account was also got tried to hack from same IP. "Last failed login April 11, 2005 at 08:19:28 PM from IP 212.59.0.29 There have been 025 failed login attempts on this account." But that ******* couldn't enter into my account due to the very complex password.  QUOTE(loginexists @ Apr 24 2005, 01:25 AM) If you had even gone to this site: (www.e-qold.com) (NOTE: 'q' not 'g'), i know how you password got stolen. The guy who built the fake egold site lives in lithuania. The ip you provided here is a lithuanian IP. [right][snapback]225351[/snapback][/right] This site looks the exact copy of e-gold site.  A newbie can get into this trap. 
QUOTE(moneylover @ Apr 24 2005, 03:48 PM) My intgold account was also got tried to hack from same IP. "Last failed login April 11, 2005 at 08:19:28 PM from IP 212.59.0.29 There have been 025 failed login attempts on this account." But that ******* couldn't enter into my account due to the very complex password. [right][snapback]225403[/snapback][/right] Seems like the F K is not targeting me alone.I've never been to the "e-qold.com" site so I dont think it's that.... I use a link I bookmarked to go to Egold... I suspect it might be from a program I've entered that I accidently used same passwords... This dude is going way overboard!!
QUOTE(moneylover @ Apr 24 2005, 03:50 PM) This site looks the exact copy of e-gold site. A newbie can get into this trap. [right][snapback]225404[/snapback][/right] Someone should get that site reported.... The F****R should be caught and sent to Jail!!! Really tickin me off!! Phew... I need a time out... QUOTE(oNLooKER @ Apr 24 2005, 02:53 AM) I suspect it might be from a program I've entered that I accidently used same passwords... [right][snapback]225405[/snapback][/right] yep, I also think so. I hate these suckers.
Hope you get this straightened out.
Someone hacked egold and changed my passphrase... E-gold people are of no help. They only send info to the address in your profile. And that was changed as well.
I am really sorry to hear this!!! I think there are too many unethical people on the net making money from other people!!! I just read an article about a 17 year old boy who nearly got away with $70,000 from Ebayers, through fake listings!!!
Anyone on the Net' who uses a payment processor is taking a chance of loosing their money.
I have learned not to leave much in any of them. So as soon as I receive word (via email) that I have received a payment, I transfere it to my bank...ASAP QUOTE(daniel_arch @ Apr 25 2005, 02:22 AM) I am really sorry to hear this!!! I think there are too many unethical people on the net making money from other people!!! I just read an article about a 17 year old boy who nearly got away with $70,000 from Ebayers, through fake listings!!! [right][snapback]225773[/snapback][/right] Wow~ That's must be pretty amazing. Plus bizzare 
How this people manage to do all this...Really scary
Just loged into my Intgold account and guess what I found!!
 "Last failed login May 2, 2005 at 01:50:03 PM from IP 80.142.224.90" IP 80.142.224.90 QUOTE Blacklist Status: Listed (details) Record Type: IP Address IP Location: Germany Germany - Nordrhein-westfalen - Bonn - Deutsche Telekom Ag Reverse IP: No websites hosted using this IP address Reverse DNS: p508EE05A.dip.t-dialin.net % This is the RIPE Whois query server #2. % The objects are in RPSL format. % % Note: the default output of the RIPE Whois server % is going to be changed soon. Your tools may need % to be adjusted. See % http://www.ripe.net/db/news/abuse-proposal-20050331.html % for more details. % % Rights restricted by copyright. % See http://www.ripe.net/db/copyright.html % Note: this output has been filtered. % Information related to '80.128.0.0 - 80.146.159.255' inetnum: 80.128.0.0 - 80.146.159.255 netname: DTAG-DIAL16 descr: Deutsche Telekom AG country: DE admin-c: DTIP tech-c: DTST status: ASSIGNED PA remarks: ****************************************************************** remarks: * Abuse Contact: http://www.t-com.de/ip-abuse in case of Spam, * remarks: * Hack Attacks, Illegal Activity, Violation, Scans, Probes, etc. * remarks: ****************************************************************** mnt-by: DTAG-NIC source: RIPE person: DTAG Global IP-Addressing address: Deutsche Telekom AG address: D-90492 Nuernberg address: Germany phone: +49 180 5334332 fax-no: +49 180 5334252 e-mail: Whois Privacy and Spam Prevention by Whois Source nic-hdl: DTIP mnt-by: DTAG-NIC source: RIPE person: Security Team address: Deutsche Telekom AG address: Germany phone: +49 180 5334332 fax-no: +49 180 5334252 e-mail: Whois Privacy and Spam Prevention by Whois Source nic-hdl: DTST mnt-by: DTAG-NIC source: RIPE % Information related to '80.128.0.0/11AS3320' route: 80.128.0.0/11 descr: Deutsche Telekom AG, Internet service provider origin: AS3320 member-of: AS3320:RS-PA-TELEKOM mnt-by: DTAG-RR source: RIPE Anyone else find this in their accounts or am I unlucky again!! All is still there but it sucks knowing someones trying to hack into your account!!
I had another too;
QUOTE Last failed login April 27, 2005 at 06:20:13 PM from IP 69.110.107.165
QUOTE(FinallyRetire @ May 2 2005, 09:15 PM) I had another too; [right][snapback]233532[/snapback][/right] I checked mine too Last failed login April 27, 2005 at 05:52:05 PM from IP 69.110.107.165 QUOTE(goldplayer @ May 2 2005, 05:38 PM) I checked mine too Last failed login April 27, 2005 at 05:52:05 PM from IP 69.110.107.165 [right][snapback]233560[/snapback][/right] ARG! I just checked mine and noticed Last failed login April 2, 2005 at 11:12:22 PM from IP 84.241.3.130 There have been 004 failed login attempts on this account.
I have 2 failed attempts and I know I've only had one.
So someone try to log on to my account from IP 84.241.3.130
QUOTE(TiCkLe @ May 12 2005, 12:08 PM) I have 2 failed attempts and I know I've only had one. So someone try to log on to my account from IP 84.241.3.130 [right][snapback]242400[/snapback][/right] Thats the same IP that tried to hack into mine!!!! 84.241.3.130 QUOTE(calorina @ May 13 2005, 10:25 AM) Thats the same IP that tried to hack into mine!!!! 84.241.3.130 [right][snapback]242879[/snapback][/right] That's funny, many MMGers get the same problem.. do you feel there is "hacker inside" ?
Whois query regarding ip address 84.241.3.130 from whois.ripe.net:
QUOTE % This is the RIPE Whois query server #1. % The objects are in RPSL format. % % Note: the default output of the RIPE Whois server % is changed. Your tools may need to be adjusted. See % http://www.ripe.net/db/news/abuse-proposal-20050331.html % for more details. % % Rights restricted by copyright. % See http://www.ripe.net/db/copyright.html % Note: This output has been filtered. % To receive output for a database update, use the "-B" flag. % Information related to '84.241.0.0 - 84.241.7.255' inetnum: 84.241.0.0 - 84.241.7.255 netname: SHATEL-KARAJ descr: SHATEL ISP/ICP in Karaj country: IR admin-c: BF4435-RIPE tech-c: BF4435-RIPE status: ASSIGNED PA mnt-by: MNT-RASANA mnt-lower: MNT-RASANA mnt-routes: MNT-RASANA source: RIPE person: Babak Farrokhi address: Suite 141, Saba Bldg, North Sheikh-Bahaei St address: MollaSadra St, Vanak Sq, Tehran, 19915, IRAN phone: +98 21 804 3808 phone: +98 21 804 3826 fax-no: +98 21 806 7344 abuse-mailbox: abuse at rasana.net nic-hdl: BF4435-RIPE remarks: +-----------------------------------------+ remarks: | I AM !NOT! SPAMMING OR HACKING YOU !! | remarks: | | remarks: | Please contact abuse at rasana.net | remarks: | | remarks: | If you think I am, please read: | remarks: | http://www.ripe.net/nicdb.html | remarks: +-----------------------------------------+ source: RIPE mnt-by: MNT-RASANA % Information related to '84.241.0.0/21AS31549' route: 84.241.0.0/21 descr: RASANA Karaj Routes origin: AS31549 mnt-by: MNT-RASANA source: RIPE hmmmzz.....
QUOTE(alexeow @ May 13 2005, 11:50 AM) Whois query regarding ip address 84.241.3.130 from whois.ripe.net: hmmmzz..... [right][snapback]242952[/snapback][/right] Iran ? still the same... sigh 
deosnt look good
they could be using proxy to make all these attempt.
figuring out those ip won't use.
I was looking at the last successful logins..and I noticed that a strange IP of 81. something logged in!! Thank goodness for the secondary password..or else they would have taken out all 12 dollars in there
I immediately changed my pass!
Same situation here. I login and i noticed that different ip adds have succesful login to my intgold acc. The ip is from other country!
I will close this acc soon. Not trusted. Best Regards, Kenneth
Grrr
my site, hyi-watch.com just got hacked from that IP : 212.59.0.29 !!! He redirect my site to 'http://www.invca.com/?r=egold' this hacker is trying to earn some money through illegal way everywhere(stealing, forced redirect), I will report this to invca.com please read the whole story here : http://www.hyipdiscussionforum.com/showthread.php?p=61730 regards, reverser
hackers are powerless without our security holes ! You just need to take care of your own computer ...
|