I was hacked

Crystal · Apr 14, 2020

I have now spent my whole morning enabling 2 factor authentication, Installing anti viruses on to my computer in absolute panic. I hate hackers

Requal · Apr 14, 2020

Same. Good luck though.

Crystal · Apr 14, 2020

Requal said:
Same. Good luck though.

I think there was a huge databreach

Zyger · Apr 14, 2020

Do you use unique passwords for each site?

Crystal · Apr 14, 2020

Zyger said:
Do you use unique passwords for each site?

Sort of. Basically when I use the password 3 times I use another one. And I also think it was this as well
I was a kid when I first started making accounts, Now ofc I know it is stupid silly thing to leave the passwords the same

xopurpp · Apr 14, 2020

that must suck

Em · Apr 14, 2020

Crystal said:
Sort of. Basically when I use the password 3 times I use another one. And I also think it was this as well
I was a kid when I first started making accounts, Now ofc I know it is stupid silly thing to leave the passwords the same

You should probably change your passwords to unique with a password generator or just use random letters and then use something like lastpass or 1password, or just put your passwords on a txt file, or if you don't trust that, a sticky note..

PradyXT · Apr 14, 2020

Crystal said:
View attachment 332678
I have now spent my whole morning enabling 2 factor authentication, Installing anti viruses on to my computer in absolute panic. I hate hackers

Do you have the TID?

Em · Apr 14, 2020

0n. said:
Pretty sure that email's an aquaticalts email, at least I know they move accs to 13mail.xyz and sell them as MFAs

?? what are you talking about

Em · Apr 14, 2020

0n. said:
AquaticAlts is a an alt shop that sells MFAs (Mail Full Access), their MFAs are always on those emails and locked to that email for 30 days because they were moved recently

i think what you're saying is completely unrelated to this persons situation

Azerkiller · Apr 14, 2020

Before I always used the same password, but one day my Amazon account was hacked with all my bank identifications on it

Luckily, to connect to my account it needed validation with an SMS code so the guy nothing could order. But since that day, I have taken a password manager and for each website I go to, I have a different password. It's so much better, now if a site is hacked, I only have one password in the wild. :tup:

Doge · Apr 14, 2020

Em said:
i think what you're saying is completely unrelated to this persons situation

How is it not related? He knows what he's talking about. I mean when I saw the screenshot, the first thing I thought is that the domain is owned by some alt shop and is used to take over mass amounts of NFA accounts. Looking up the whois records on the domain pretty much confirmed this.

From OP's screenshot:

WhoIs lookup:

Googling the domain results in many more cases like this, specifically pertaining to Mojang:

How it works is these people just run "NFA" (Non-full access) aka email + password accounts with security questions. If they get valid accounts, they likely use the "NFA to FA method" in an automated way. The method allows you to move the email of accounts with security questions. This is what happened to MisfitNerd's account: https://www.mc-market.org/threads/573775/ except his account was likely targeted.

The alt shop that 0n. mentioned seems to have recently started selling "MFA" accounts, so it is indeed quite possible that this is their domain. Could easily be confirmed by asking from someone who bought from them anyway.

Em · Apr 14, 2020

Doge said:
How is it not related? He knows what he's talking about. I mean when I saw the screenshot, the first thing I thought is that the domain is owned by some alt shop and is used to take over mass amounts of NFA accounts. Looking up the whois records on the domain pretty much confirmed this.

From OP's screenshot:

WhoIs lookup:

Googling the domain results in many more cases like this, specifically pertaining to Mojang:

How it works is these people just run "NFA" (Non-full access) aka email + password accounts with security questions. If they get valid accounts, they likely use the "NFA to FA method" in an automated way. The method allows you to move the email of accounts with security questions. This is what happened to MisfitNerd's account: https://www.mc-market.org/threads/573775/ except his account was likely targeted.

The alt shop that 0n. mentioned seems to have recently started selling "MFA" accounts, so it is indeed quite possible that this is their domain. Could easily be confirmed by asking from someone who bought from them anyway.

thanks for that screenshot. didn't even see that domain that 0n. was talking about. makes sense now.

Playboy · Apr 14, 2020

If you had [Censored], they had a massive databreach.

Ally · Apr 14, 2020

Playboy said:
If you had [Censored], they had a massive databreach.

For the second time in a year. They never learn.

TheOnlyOG · Apr 14, 2020

Playboy said:
If you had [Censored], they had a massive databreach.

What link was that for me it says [Censored]

Em · Apr 14, 2020

TheOnlyOG said:
What link was that for me it says [Censored]

A known competitor of MCM.

I was hacked

Crystal

Attachments

Requal

Absolute Lad.

Crystal

Zyger

Middleman

Crystal

xopurpp

Em

Server Owner

PradyXT

pc, custom kb, and mouse enjoyer

Em

Server Owner

Em

Server Owner

Azerkiller

Doge

Long Dogs

Em

Server Owner

Playboy

Ally

gσ∂∂єѕѕ σƒ мαтнѕ αη∂ мєℓσηѕ χσ

TheOnlyOG

youtube.com/TheRealOG

Em

Server Owner