Telegram Chat compromised !!!

tungfa

Administrator
Dash Core Team
Moderator
Foundation Member
Masternode Owner/Operator
Apr 9, 2014
8,902
6,734
1,283


out telegram chat seems compromised
somebody took over my account and kicked all admins from the group
there is some rogue tungfa out there !!

do NOT trust him !!
(need to run out but will sort this out later )
 
Last edited:

tungfa

Administrator
Dash Core Team
Moderator
Foundation Member
Masternode Owner/Operator
Apr 9, 2014
8,902
6,734
1,283
okay shutting down all Dash Telegram !

Do NOT use any Dash telegram group anymore
do NOT trust any 'News" postings there and such
and do NOT trust any TUNGFA !!
(ping me here or on other outlets until this is solved !!!)
 

tungfa

Administrator
Dash Core Team
Moderator
Foundation Member
Masternode Owner/Operator
Apr 9, 2014
8,902
6,734
1,283
https://t.me/dashnews
is still posting !
please consider anything posted there a SCAM / FUD / nonsense / ....
 

Figlmüller

Member
Sep 2, 2014
85
45
58
Vienna, Austria
...but what if the tungfa forum account has been compromised? Are you in posession of any GPG keys or some sort, so you could publish news digitally signed?
 

tungfa

Administrator
Dash Core Team
Moderator
Foundation Member
Masternode Owner/Operator
Apr 9, 2014
8,902
6,734
1,283
...but what if the tungfa forum account has been compromised? Are you in posession of any GPG keys or some sort, so you could publish news digitally signed?
good thinking
tbh this is a good excuse / exersice to re-evaluate our OpSec
andy and the pros are on it to work out a plan moving forward
 

qwizzie

Well-known Member
Aug 6, 2014
1,661
799
183
How did this happen anyways ? Was it through phishing email that they manage to take-over the Telegram chat / tungfa account ? Or by other means ?
 

tungfa

Administrator
Dash Core Team
Moderator
Foundation Member
Masternode Owner/Operator
Apr 9, 2014
8,902
6,734
1,283
How did this happen anyways ? Was it through phishing email that they manage to take-over the Telegram chat / tungfa account ? Or by other means ?
cloned sim card it seems
 

demo

Well-known Member
Apr 23, 2016
3,113
263
153
Dash Address
XnpT2YQaYpyh7F9twM6EtDMn1TCDCEEgNX
cloned sim card it seems
You connected another device, they send you an SMS OTP confirmation, but someone by using ss7 signaling cloned your sim card.
You should configure your telegram with advanced security precautions next time, and ask 2 SMS confirmations instead of just one.

 
Last edited:

solarguy

Active Member
Mar 15, 2017
865
413
133
60
Glad you guys are all over this.

On a tangentially related note, I have never really messed with our telegram platform. What goes on there in general terms?
 

tungfa

Administrator
Dash Core Team
Moderator
Foundation Member
Masternode Owner/Operator
Apr 9, 2014
8,902
6,734
1,283
Glad you guys are all over this.

On a tangentially related note, I have never really messed with our telegram platform. What goes on there in general terms?
multiple channels in multiple languages
+ News Feed
no biggie - we can rebuild this easy fresh and new
 

tungfa

Administrator
Dash Core Team
Moderator
Foundation Member
Masternode Owner/Operator
Apr 9, 2014
8,902
6,734
1,283
Telegram update :
- still waiting for Telegram response
- “my account” is now for sale on Telegram (hacker is spamming all groups ) + up for Auction on DN
do NOT buy that account !!! let Telegram take care of it first !! we will NOT be blackmailed and do NOT pay !!!
it happened before and no worries, shut it all down and start fresh is the plan
 

tungfa

Administrator
Dash Core Team
Moderator
Foundation Member
Masternode Owner/Operator
Apr 9, 2014
8,902
6,734
1,283
Update:

- I am still me and me (@Figlmüller )
https://keybase.io/tungfa

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

After recent hack of my @tungfa Telegram account i want to verify myself here !
I am still Tungfa , secured all accounts, New Passwords, 2FA, .... all around !
I will NOT be using Telegram App for the time being !
Do NOT trust anybody using my name on Telegram App
[email protected]
-----BEGIN PGP SIGNATURE-----
Version: Keybase OpenPGP v2.0.76
Comment: https://keybase.io/crypto

wsFcBAABCgAGBQJappbWAAoJELBDogy6LA+FUagQALE6Ik83/4gZOjZu46z//JEK
qsnlXYhGGHbZPsdjPB0C/H395YCpVBtwbCezHFuPoVHajII62EGg3ythyQMINP6Y
wrvHq5sqXAcXgezvJYQJdBbAjK0y2YvSq5LhC658IhxuuN47skVz1UYvuFj1D9Nk
N3kEO1vHn+oGFL6pe+jgfwjs08y0iSjBy8wwDrN3RqdfH2NombETukJm//nNZEUp
Wd/lLNFbmPj+OsOlC7Kd94KIeyPeP9gKM7LdJf3xInE0hRWicGJ+nVquG49jyAiw
dD+rhWczBg3kPjOAMVUIHqDYvBnE07lVIH2w2om3s9Wh4rZq45R68Hmyi18F7m2k
pWwDCN9A6wZd1+nZVLRA6qgRXi+sT1w/158UoZYeYH7fALpIW5+B5rpDNDQij194
vo/iiAsmwaMC+gU8Ab9+UQehWX7+03cGAIL89x6WpKTD+ySTSsMOcK/7U0RHAV57
6hsWNozj0MkWWCqjMbeq21IlEs3gAfJfT8Xzp7/ANu+FWtvyi9r5aInVAKVZqz50
vkqYUe6NUsuG7nkwpLI7KVx9pVGR4Tm6j7drxZSLq/sFQZCHUULKS0CptU0yqi/l
DYqYWS634s2pXi7C2zMlN1MJ7YazHSZuUiKcJjz9zsj/FjbenO1U+/NLqAcck0dY
oCycAiHq2US0R7x9UzVG
=GBQf
-----END PGP SIGNATURE-----


- General and personal
The hacker has much more personal info than expected
so i went trough a OpSec excessive the last days and whipped everything
Wiped all computers, new passwords all around , new KeePass file, moved all coins , new encryption's , 2FA, new sim card + phone number, canceled all CC , Reported my Passport to BKA (at embassy)
...... (huge pain - good excersise)

- Telegram in General
Telegram never replied to me and that guy is still out there !
I messaged and emailed them on multiple outlets - still no answer
For safety (1 message) i will keep Telegram off for now and keep all Dash Groups off too !
My worry is , if we start new groups now , we still would have to deal with that guy and different "tungfa's " out there
so
best to solve that problem 1st
and then get back to work !
(supposedly all my info goes for sale on DN soon - and we take it from there)

General Message to Blackmailers: we do NOT pay !!
Until Further Notice: DO NOT Trust any Dash related News Posted on Telegram !!!!!

 
Last edited:
  • Like
Reactions: Dash_Medellin

demo

Well-known Member
Apr 23, 2016
3,113
263
153
Dash Address
XnpT2YQaYpyh7F9twM6EtDMn1TCDCEEgNX

jimbursch

Well-known Member
Mar 5, 2017
837
501
163
56
The hacker has much more personal info than expected
so i went trough a OpSec excessive the last days and whipped everything
This suggests that more than just your Telegram account was hacked, which is why I think @demo is asking for more confirmation.

You're right, this is a valuable exercise to establish procedures when this sort of thing happens. I look forward to a debrief report, after everything is settled down.
 

tungfa

Administrator
Dash Core Team
Moderator
Foundation Member
Masternode Owner/Operator
Apr 9, 2014
8,902
6,734
1,283
This suggests that more than just your Telegram account was hacked, which is why I think @demo is asking for more confirmation.

You're right, this is a valuable exercise to establish procedures when this sort of thing happens. I look forward to a debrief report, after everything is settled down.
This suggests that more than just your Telegram account was hacked, which is why I think @demo is asking for more confirmation.

You're right, this is a valuable exercise to establish procedures when this sort of thing happens. I look forward to a debrief report, after everything is settled down.
it was a cloned phone , nothing else
so the only thing i had connected to my 'real' phone number was telegram !
(nothing else got compromised !)
obviously i went full power (to make sure nothing else was malicious) and whipped everything
i will not use my MN to verify , because all i will get out of that then is demo spamming me for any vote i do or not do ; )
Keybase is 100% trusted and used for 100% secure communications (back up plan ) in case Slack or others fail. feel free to double check my integrity with the rest of the team or look me up on keybase (and send message there) https://keybase.io/tungfa
 

demo

Well-known Member
Apr 23, 2016
3,113
263
153
Dash Address
XnpT2YQaYpyh7F9twM6EtDMn1TCDCEEgNX
it was a cloned phone , nothing else
so the only thing i had connected to my 'real' phone number was telegram !
(nothing else got compromised !)
obviously i went full power (to make sure nothing else was malicious) and whipped everything
i will not use my MN to verify , because all i will get out of that then is demo spamming me for any vote i do or not do ; )
Keybase is 100% trusted and used for 100% secure communications (back up plan ) in case Slack or others fail. feel free to double check my integrity with the rest of the team or look me up on keybase (and send message there) https://keybase.io/tungfa
I dont trust keybase.io certificates for another reason.
Someone may claim that his keybase.io has been compromised, while it hasnt!
This may happen for various reasons, for example because the individual signed something and he changed his mind.
Put your words where you money is! Thats why I think the most honest signature, is the signature of the dash wallet.

i will not use my MN to verify , because all i will get out of that then is demo spamming me for any vote i do or not do ; )
It is not a matter of masternode and of vote tracking. It is a matter of wallet. If you dont want to use your masternode wallet, use a simple wallet (that contains some money in it) to sign. The more money you have in this wallet, and the larger the percentage of your total money this wallet contains, the more I trust the honesty of your wallet signature.
 
Last edited:

demo

Well-known Member
Apr 23, 2016
3,113
263
153
Dash Address
XnpT2YQaYpyh7F9twM6EtDMn1TCDCEEgNX
I thought it is a well protected messenger... Did you find who and how did this?
If you are unable to read this very thread, you will never be protected. We already told you how they did it.
You connected another device, they send you an SMS OTP confirmation, but someone by using ss7 signaling cloned your sim card.
You should configure your telegram with advanced security precautions next time, and ask 2 SMS confirmations instead of just one.

 

marcusdavis

New Member
May 17, 2018
3
0
1
26
Wow, that's awful. This situation is similar to Russia's stance with Telegram. I wonder what actions will Durov take
 

Ever Vega

New Member
May 17, 2018
4
1
3
48
wow... esto da un poco de miedo, teniendo en cuenta que muchas empresas cripto, tienen sus comunidades en Telegram.