I felt like this thread was necessary as so many members have been targeted by this retard.
LegendMiner: If you're reading this, fuck you. And good luck getting into my account. All my passwords are different plus I use authy.
LegendMiner isn't a hacker, he's not a l33t person, he isn't shit. I'll explain how he hacked all the accounts. A few simple precautions could have prevented it.
Some sites have shit security and don't take the necessary precautions to secure their backends. As a result of this, their databases get breached. When you signup for any site (including this one), your information is stored in a database. This typically consists of usernames, passwords, emails, IPs, and sometimes other info. Now, this entire file sometimes gets leaked online from popular sites. Some real big ones. Examples: [Censored], nulled.io, 000webhost, plenty more. Most sites hash your passwords.
Example: Say your password was 'megaman7'. The password may look like this:
However, this is extremely weak and can very likely be decrypted to it's original plaintext format. Some better sites will salt their passwords, which makes it harder to crack. Some use login keys, and other info to make it harder to decrypt passwords.
Now onto the point. LegendMiner searched one of your aliases or emails inside these databases, and found the passwords. He was able to decrypt them by cracking. If you used the same password on MCM as on that site, he was able to get into your account.
You can't do that much if you're already compromised. Try contacting support of your email, and getting that secured. For a temp solution, add 2FA (USE THE APP, NOT THE EMAIL CODE), to all important accounts.
Tips:
- Don't download shady .exe files.
- USE DIFFERENT PASSWORDS. Use a password manager, or at least use different passwords on some sites.
- Use 2FA on everything you care about.
/thread
That's about it, good luck recovering to all.
LegendMiner: If you're reading this, fuck you. And good luck getting into my account. All my passwords are different plus I use authy.
LegendMiner isn't a hacker, he's not a l33t person, he isn't shit. I'll explain how he hacked all the accounts. A few simple precautions could have prevented it.
Some sites have shit security and don't take the necessary precautions to secure their backends. As a result of this, their databases get breached. When you signup for any site (including this one), your information is stored in a database. This typically consists of usernames, passwords, emails, IPs, and sometimes other info. Now, this entire file sometimes gets leaked online from popular sites. Some real big ones. Examples: [Censored], nulled.io, 000webhost, plenty more. Most sites hash your passwords.
Example: Say your password was 'megaman7'. The password may look like this:
(This is the MD5 encrypted version)f64785abe18a7368c3a114dd2890afda
However, this is extremely weak and can very likely be decrypted to it's original plaintext format. Some better sites will salt their passwords, which makes it harder to crack. Some use login keys, and other info to make it harder to decrypt passwords.
Now onto the point. LegendMiner searched one of your aliases or emails inside these databases, and found the passwords. He was able to decrypt them by cracking. If you used the same password on MCM as on that site, he was able to get into your account.
You can't do that much if you're already compromised. Try contacting support of your email, and getting that secured. For a temp solution, add 2FA (USE THE APP, NOT THE EMAIL CODE), to all important accounts.
Tips:
- Don't download shady .exe files.
- USE DIFFERENT PASSWORDS. Use a password manager, or at least use different passwords on some sites.
- Use 2FA on everything you care about.
/thread
That's about it, good luck recovering to all.
Last edited:
Banned forever. Reason: Compromising Accounts
