Very important : User account hacked - GSM-Forum

nishilsoni · 04-13-2014, 19:33

HELLO EVERYONE,

MY USER ACCOUNT HACKED ON 2 sites

On first site GUY REQUESTED NEW PASS WORD

AND ON SECOND HE ORDERES O2 semi premium and checked 1 carrier check

I changed my pass but

BE AWARE AND PLZ HELP ME TO FIND OUT THIS MOTHER****ER FROM PAKISTAN

HIS IP :
We have detected a suspicious activity on your account.

If you are not login from 39.47.106.236 - Pakistan(PK) please contact us as soon as possible.
You may be victim of account theft, and we need to check your security.

And he checked below IMEI : plz take a look and check in ur server if u get this imei from anyone

serialNumber : 889388YY3NQ
partDescription : IPHONE 3GS 16GB WHITE
imeiNumber : 011985008830001
initialActivationPolicyDetails : UK O2 Apple Channel.
initialActivationPolicyID : 40
unlocked : false
unlockDate :
warrantyStatus : Out Of Warranty (No Coverage)
coverageStartDate :
coverageEndDate :
daysRemaining : 0
PurchaseDate : 09/24/09
purchaseCountry : United Kingdom
registrationDate : 09/24/09
productDescription: iPhone 3GS
nextTetherPolicyID: 40
nextTetherPolicyDetails:UK O2 Apple Channel.
appliedActivationPolicyID:40
appliedActivationDetails:UK O2 Apple Channel.
unbricked : true
firstUnbrickDate : 09/24/09
lastUnbrickDate : 09/24/09
meid :
iccID : 8944110064648162695
productVersion : 3.1
macAddress : 041E64528D70
bluetoothMacAddress:

PLZ PLZ PLZ : spend 2 MIN IF TIME AND HELP NE TO CATCH THIS TYPE OF MF

THANKS

Desirat · 04-19-2014, 16:11

Perhaps its time for the unlock sites to implement 2FA known as dual factor authentication.

We all know how strong are the passwords users commonly use in websites/forums/email accounts. So maybe its time for the business owners start to think to protect them selfs by protecting their customers.

And maybe its time for the people start to think about protecting better their accounts. MAINLY THE WEAK POINT that is YOUR EMAIL ACCOUNT were you have your other accounts associated.

Gmail allows you to do 2FA.

PLEASE, for your (and our by association) sake, research about this!

All the time GSM area evolves around security in GSM equipments... Why not in unlock sites that need to have OUR MONEY there, protected by mediocre passwords.

Perhaps this is a strong sugestion you DHRU unlock sites owner should do to DHRU Support, or implement it if is already available via those scripts.

Best regards.

dhru_21 · 04-19-2014, 17:34

Quote:

Originally Posted by Desirat

Perhaps its time for the unlock sites to implement 2FA known as dual factor authentication.

We all know how strong are the passwords users commonly use in websites/forums/email accounts. So maybe its time for the business owners start to think to protect them selfs by protecting their customers.

And maybe its time for the people start to think about protecting better their accounts. MAINLY THE WEAK POINT that is YOUR EMAIL ACCOUNT were you have your other accounts associated.

Gmail allows you to do 2FA.

PLEASE, for your (and our by association) sake, research about this!

All the time GSM area evolves around security in GSM equipments... Why not in unlock sites that need to have OUR MONEY there, protected by mediocre passwords.

Perhaps this is a strong sugestion you DHRU unlock sites owner should do to DHRU Support, or implement it if is already available via those scripts.

Best regards.

we already have 2FA in our dhru fusion .

Desirat · 04-19-2014, 18:47

Quote:

Originally Posted by dhru_21

we already have 2FA in our dhru fusion .

If so, there is the need to make a -always on popup inpage- reminder when a user does not use 2FA, with the possible consequences.

Somehow ppl get their accounts hacked and this can only be for 3 reasons:

Bad user password in site/forum/email
Exploitable site/forum/email security implementation.
Hacked computer with all login info in browser's cache

Make ppl aware of the problem so everyone start to use this features.
Create a kind of wiki on how to use, with security advising for both users and your DHRU clients.
It makes some sense that this info should be enforced since the beginning. Also to pay special attention on how to secure their email accounts, so that all means of access can be effectively secure.

Im sorry if it looks im blaming anyone. For me its everyones fault that deal with online business and not bother to keep all money secure by simple laziness.
If its possible to effectively secure important online accounts, then start doing it!

Desirat · 04-19-2014, 19:02

And to be clear:

DHRU is not the only one that do unlock website scripts
There are more and sure don't know them but DHRU just come out in my post because of its own success in the field. Not pointing that they don't have such authentication.

nishilsoni · 04-21-2014, 16:15

Thanks for ur time regarding my issue ...

04-13-2014, 19:33	#1 (permalink)
nishilsoni Freak Poster Join Date: Dec 2010 Location: India Posts: 122 Member: 1478541 Status: Offline Thanks Meter: 30	Very important : User account hacked HELLO EVERYONE, MY USER ACCOUNT HACKED ON 2 sites On first site GUY REQUESTED NEW PASS WORD AND ON SECOND HE ORDERES O2 semi premium and checked 1 carrier check I changed my pass but BE AWARE AND PLZ HELP ME TO FIND OUT THIS MOTHER****ER FROM PAKISTAN HIS IP : We have detected a suspicious activity on your account. If you are not login from 39.47.106.236 - Pakistan(PK) please contact us as soon as possible. You may be victim of account theft, and we need to check your security. And he checked below IMEI : plz take a look and check in ur server if u get this imei from anyone serialNumber : 889388YY3NQ partDescription : IPHONE 3GS 16GB WHITE imeiNumber : 011985008830001 initialActivationPolicyDetails : UK O2 Apple Channel. initialActivationPolicyID : 40 unlocked : false unlockDate : warrantyStatus : Out Of Warranty (No Coverage) coverageStartDate : coverageEndDate : daysRemaining : 0 PurchaseDate : 09/24/09 purchaseCountry : United Kingdom registrationDate : 09/24/09 productDescription: iPhone 3GS nextTetherPolicyID: 40 nextTetherPolicyDetails:UK O2 Apple Channel. appliedActivationPolicyID:40 appliedActivationDetails:UK O2 Apple Channel. unbricked : true firstUnbrickDate : 09/24/09 lastUnbrickDate : 09/24/09 meid : iccID : 8944110064648162695 productVersion : 3.1 macAddress : 041E64528D70 bluetoothMacAddress: PLZ PLZ PLZ : spend 2 MIN IF TIME AND HELP NE TO CATCH THIS TYPE OF MF THANKS

04-21-2014, 16:15	#6 (permalink)
nishilsoni Freak Poster Join Date: Dec 2010 Location: India Posts: 122 Member: 1478541 Status: Offline Thanks Meter: 30	@ Desirat Thanks for ur time regarding my issue ...

04-19-2014, 16:11	#2 (permalink)
Desirat No Life Poster Join Date: Mar 2007 Location: Portugal Posts: 1,057 Member: 478535 Status: Offline Thanks Meter: 433	Perhaps its time for the unlock sites to implement 2FA known as dual factor authentication. We all know how strong are the passwords users commonly use in websites/forums/email accounts. So maybe its time for the business owners start to think to protect them selfs by protecting their customers. And maybe its time for the people start to think about protecting better their accounts. MAINLY THE WEAK POINT that is YOUR EMAIL ACCOUNT were you have your other accounts associated. Gmail allows you to do 2FA. PLEASE, for your (and our by association) sake, research about this! All the time GSM area evolves around security in GSM equipments... Why not in unlock sites that need to have OUR MONEY there, protected by mediocre passwords. Perhaps this is a strong sugestion you DHRU unlock sites owner should do to DHRU Support, or implement it if is already available via those scripts. Best regards.

04-19-2014, 19:02	#5 (permalink)
Desirat No Life Poster Join Date: Mar 2007 Location: Portugal Posts: 1,057 Member: 478535 Status: Offline Thanks Meter: 433	And to be clear: DHRU is not the only one that do unlock website scripts There are more and sure don't know them but DHRU just come out in my post because of its own success in the field. Not pointing that they don't have such authentication.