i have an account at HDBITS which was attacked and stolen yesterday
and i have been trying to login but cannot (username/password incorrect)
tried to get recovery on my gmail but also in vain (Says that it is not in database)
i had been trying to access the iRC but i couldn't as it is invite only channel and i am not expert of how to solve this
also i think it was stolen because i have just donated the day befor to the SySop there and i have screenshots of my converstaion to him
also i have many proofs that this is my geniune acc
also on the mail that has the origianl invite of HDBITS.there was several attack and recovery procedure (he tried to recover it many times)
i have many recovery messages on my secondary mail and my mobile as (they are the secondary recovery options)
and luckly for me that i still got it

i need immediate help and assistance
if anyone could contact staff there especially the SySop (as he know the full story) or write at their help forums
please help me :frusty:

Are you sure you didn't trade or something? :dabs:

no, i didn't trade it
i need someone from HDBITS staff to contact me or anyone could give me their username here and i will contact them

Since you know about IRC, here are the support channel details:


irc.p2p-network.net
#hdbits.support

Hope you get it sorted. ;)

it says that i need to get voice or something??
i really don't know what that does mean?
also thanks for ur help

wait around a while on the channel, maybe no mods are there and you need to be voiced by one to talk.

ok i am now trying to log on the iRC

Did someone just scammed you? So you trying to get acc back ? :lol:

Yeah, good luck with this.

Did someone just scammed you? So you trying to get acc back ? :lol:

Most likely the case.

Unless somebody knew your password (highly unlikely unless you used something really insecure), then there is no way they were able to access the account.

No one would try to brute-force a password (the logs would catch all the attempts) and all the passwords are hashed/encrypted in the DB so no admins would've tampered with it (unless given a serious enough reason to).

Obviously he was scammed, or he made the trade and now regrets he did it, and wants the account back.

yeah, he did something wrong......things like this just don't happen for no reason.....where there's smoke, there's fire in my book.....

Actually, I had my FTN account stolen a few years ago, probably by staff at a site where I had just signed up with the same password. It's suspicious, but not impossible.

yeah, he did something wrong......things like this just don't happen for no reason.....where there's smoke, there's fire in my book.....

You need to stick around here more longer m8. In time you will come to realize that many people have some very interesting comedic stories to tell and excuses. I am very surprised i havent heard the re-formatting of the hd's excuse lately. :slap::drunk:

yeah, he did something wrong......things like this just don't happen for no reason.....where there's smoke, there's fire in my book.....

Thats the logic that puts innocent people in prison. Thanks for being a moron!

Did someone just scammed you? So you trying to get acc back ? :lol:

Most likely the case.

Unless somebody knew your password (highly unlikely unless you used something really insecure), then there is no way they were able to access the account.

No one would try to brute-force a password (the logs would catch all the attempts) and all the passwords are hashed/encrypted in the DB so no admins would've tampered with it (unless given a serious enough reason to).

i had almost the same experience with my waffles account so dont says something you dont know ;)
the hacker logged into my account and i dunno how because i had a realy strong password (made by recover pass from waffles) , and he changed the password and then he tired to change the mail but for this he need to confirme it from the old mail (i used gmail) ; so in that time i got in my inbox gmail the mail from waffles...and i tired to log into my account but its too late the pass alredy chaned, so i decided to recover and surprise the email is not found on the date base :)
i have not confrimed the changement of the mail :) and he is not enter to my gmail account (and the mail to confrime is still unread)...
just to tell you a good hacker can get easly your account , trackers security is a joke for him, actualy i got back my account, thx to waffles staff

ya so what is the outcome of this where is the dude who started the thread...

something very fishy about this whole thing if ya ask me

ya so what is the outcome of this where is the dude who started the thread...

something very fishy about this whole thing if ya ask me

I'm actually wondering what he wanted from FST... :rolleyes:

i had almost the same experience with my waffles account so dont says something you dont know ;)
the hacker logged into my account and i dunno how because i had a realy strong password (made by recover pass from waffles) , and he changed the password and then he tired to change the mail but for this he need to confirme it from the old mail (i used gmail) ; so in that time i got in my inbox gmail the mail from waffles...and i tired to log into my account but its too late the pass alredy chaned, so i decided to recover and surprise the email is not found on the date base :)
i have not confrimed the changement of the mail :) and he is not enter to my gmail account (and the mail to confrime is still unread)...
just to tell you a good hacker can get easly your account , trackers security is a joke for him, actualy i got back my account, thx to waffles staff

That just means your security fails. Not the tracker's. No one, I guarantee you, no one can "hack" your account. It just isn't worth the effort.

A hacker that has the wits to hack the database and find your password, would rather just simply add an entry about himself. That's that. What you're suggesting is insane, you're suggesting a hacker bypassed tracker email change security, which could have simply been a bug, or the wrong way that waffles' code handles such outgoing emails by sending an email and disabling it from the database straight off.

I've been in the passwords/trackers business for quite a while, and I've only heard of one friend's account hacked, and that's simply because he gave the password out to people. Simply as that, no questions asked. He might have as well gotten keylogged (which could have happened in your case), but then again that's his fault, not the tracker's.

i had almost the same experience with my waffles account so dont says something you dont know ;)
the hacker logged into my account and i dunno how because i had a realy strong password (made by recover pass from waffles) , and he changed the password and then he tired to change the mail but for this he need to confirme it from the old mail (i used gmail) ; so in that time i got in my inbox gmail the mail from waffles...and i tired to log into my account but its too late the pass alredy chaned, so i decided to recover and surprise the email is not found on the date base :)
i have not confrimed the changement of the mail :) and he is not enter to my gmail account (and the mail to confrime is still unread)...
just to tell you a good hacker can get easly your account , trackers security is a joke for him, actualy i got back my account, thx to waffles staff

That just means your security fails. Not the tracker's. No one, I guarantee you, no one can "hack" your account. It just isn't worth the effort.

A hacker that has the wits to hack the database and find your password, would rather just simply add an entry about himself. That's that. What you're suggesting is insane, you're suggesting a hacker bypassed tracker email change security, which could have simply been a bug, or the wrong way that waffles' code handles such outgoing emails by sending an email and disabling it from the database straight off.

I've been in the passwords/trackers business for quite a while, and I've only heard of one friend's account hacked, and that's simply because he gave the password out to people. Simply as that, no questions asked. He might have as well gotten keylogged (which could have happened in your case), but then again that's his fault, not the tracker's.

maybe you are right , but you have to know i used password like : iotpLaXEyO , and i dont type it since i use firefox so its registred in my firefox (maybe he got it from here) , if so why he didnt get other more higher and interssting trackers :) and i use kaspersky IS 2010 full update so maybe i have to change it now ...
also what about the mail? i didnt confirmed the changement of mail and the mail is changed to his mail?!

http://www.geekologie.com/2010/02/19/batman-needs-a-break.jpg

That just means your security fails. Not the tracker's. No one, I guarantee you, no one can "hack" your account. It just isn't worth the effort.

A hacker that has the wits to hack the database and find your password, would rather just simply add an entry about himself. That's that. What you're suggesting is insane, you're suggesting a hacker bypassed tracker email change security, which could have simply been a bug, or the wrong way that waffles' code handles such outgoing emails by sending an email and disabling it from the database straight off.

I've been in the passwords/trackers business for quite a while, and I've only heard of one friend's account hacked, and that's simply because he gave the password out to people. Simply as that, no questions asked. He might have as well gotten keylogged (which could have happened in your case), but then again that's his fault, not the tracker's.

maybe you are right , but you have to know i used password like : iotpLaXEyO , and i dont type it since i use firefox so its registred in my firefox (maybe he got it from here) , if so why he didnt get other more higher and interssting trackers :) and i use kaspersky IS 2010 full update so maybe i have to change it now ...
also what about the mail? i didnt confirmed the changement of mail and the mail is changed to his mail?!
It doesnt really matter what you have used special char etc or how long your password lenght... if you got what i mean.

maybe you are right , but you have to know i used password like : iotpLaXEyO , and i dont type it since i use firefox so its registred in my firefox (maybe he got it from here) , if so why he didnt get other more higher and interssting trackers :) and i use kaspersky IS 2010 full update so maybe i have to change it now ...
also what about the mail? i didnt confirmed the changement of mail and the mail is changed to his mail?!
It doesnt really matter what you have used special char etc or how long your password lenght... if you got what i mean.
That's not true at all, though the risk is somewhat negated since most trackers only give you a few login attempts before banning your IP.

Any of your passwords should be over 8 characters, contain upper/lower case and numbers, if not special characters, and shouldn't be a dictionary word.

In this case it wouldn't matter because he probably got keylogged, but it's still not a bad idea.

In future, learn how to use Hijack, IceSword, Comodo with defense+, Sandboxie and limited accounts on machine.
This problem wont happen again if you learn a few things.

Did you gain your accunt back? Did you find any mod on the IRC?

Hope everythig worked out ok for you

In future, learn how to use Hijack, IceSword, Comodo with defense+, Sandboxie and limited accounts on machine.
This problem wont happen again if you learn a few things.

Don't forget common sense. Shady executables that do "nothing" when run are often up to no good, even if your antivirus doesn't cry.

Fortunately, I keep all my tracker passwords in a KeePass database. You could also use the on-screen keyboard to type them if you suspect the computer may be keylogged.