nope, mutiple ip`s from a lot countrys, also norway and other countries and other cities
now its 284 mails, dont know what he is trying...
Comment has been collapsed.
Maybe you made a mortal enemy of some script kiddie and he's now using his massive botnet trying to steal your used bundles.
Comment has been collapsed.
my account is actually empty, just 2 or 3 purchases and all keys are used
and i didnt pissed someone that he has get angry against me or something like that
Comment has been collapsed.
Probably a simple VPN. This is a very poor login system if it allows so many different attempts without locking you out. Seems like Groupees isn't very good at the whole security thing.
Comment has been collapsed.
agree, and additionally no second auth like IG or HB has for the key/purchase pages.
Comment has been collapsed.
Most likely a script, I can't see someone manually doing so many individual requests. Chances are OP isn't the only one affected as well, there may be other accounts being bruteforced too at the moment.
About the account not being locked, isn't the point of it to lock the user out if too many attempts are being made to login to that specific account, regardless of the IP address involved? I honestly don't know much about account security - I always assumed it worked that way.
Comment has been collapsed.
A bit strange not to allow requests from OP's IP and to allow it from other IPs. I feel it should be the other way around - if a user doesn't access the account with the usual IP too many times, it would lock.
Eh, either way can cause an issue I guess. :P
Comment has been collapsed.
If you have a short and relatively simple password, now is a good time to change it to something secure (like a random 30-character string).
Comment has been collapsed.
Wow, thats a lot.
I remember getting an email like that, but itwas just 1 attempt
Comment has been collapsed.
yep make a longgggg password whit mayus and number and all you can put (the longer, the better)
Comment has been collapsed.
Somebody's playing brute force...
I don't have a Groupees account so I don't know - do they use email or username to login?
If it's just email, do as above and change your password to something exceedingly random, and switch the account to a different email address. That way they'll be brute forcing nothing.
Comment has been collapsed.
email or steam login auth, but most including myself that login with steam auth still have their email associated with it as well. (unsure if that is forced or when i did that though)
Comment has been collapsed.
Then if possible change your email on the site. Without ALSO having access to your Steam account (which I assume they don't), if you change your email address on Groupees they'll then be trying to break in using an email address which is no longer linked to your account.
Comment has been collapsed.
+1 -- i think you have to add a new email in order to remove the old email (rather then change email button), but looks to me like that would work.
Comment has been collapsed.
If its possible use an alternate mail adress and change your information at groupees. Making a strong password would surely help but you will get tons of mails like that which is frustrating enough.
Comment has been collapsed.
I wonder what kind of hacker keeps trying after 258 tries, obviously it would take forever to bruteforce an account.
Comment has been collapsed.
With a large bot net, a terrible security system that doesn't lock the account after a certain amount of tries, and the possibility of a weak password easily broken with a dictionary attack rather than pure brute force, it might not actually take that long.
Mind you calling them "hackers" may be giving them too much credit ;)
Comment has been collapsed.
16 characters mixed with lower-/uppercase letters, digits and symbols
Medium size botnet About 143 billion years
to prevent dictionaries you just use random generated passwords so there is no words or logical combinations in your password
Comment has been collapsed.
Indeed, I agree with you completely. I was just pointing out that in the case of a weak password susceptible to a dictionary attack and a decent sized botnet it wouldn't necessarily take too long to get a user's password.
You're completely correct with your example (16 characters mixed with lower/uppercase letters, digits, and symbols), but not everybody creates strong passwords. I imagine alot of sites that don't enforce minimum character limits and inclusion of digits and/or symbols have alot of users with the password "password". Of those that do, there's probably alot of "Password1". ;)
Comment has been collapsed.
That's the point, unless you're targeting someone you don't need 258 tries, do the top 30-50 most used passwords and move on to the next target.
Comment has been collapsed.
Like celiktele mentioned use (if possible) an alternate e-mail adress so the hacker can't even try brute forcing your account since the e-mail adress does not match.
Change your password to at least 16 characters including normal/uppercase letters, symbols and numbers. That alone would take them multiple years. I'm paranoid so I do random passwords starting from 25+ characters^^
Comment has been collapsed.
Does this mail come when somebody enters the correct password or not necessary? If the former, the email + password combo is compromised and you should change it everywhere you use it.
Comment has been collapsed.
change your pw to a lenghty one and forget about it ... those kind of "brute force" attempts never work unless your pw is too simple
(someone logged to my PP once when i stupidly logged in while using some shit free free VPN (login + pw grubbed over the shitty VPN) > had only 50€ :-D good-guy haxor from Pittsburgh IP didn't even bother to rob me of the few monies lol ... lucky/lazy me not using 2step verification to save time (not linked to bank account for automatic pp withdrawals)
Comment has been collapsed.
so, i added now a other email adress and removed the old one
i hope this works now
by the way
actually i added a new email address without groupees asking me for the old password...
absolutly now security there...
Comment has been collapsed.
ah, and big thx to all for the help, good ideas
thx
Comment has been collapsed.
Main problem (according to screenshot you posted) he trying to do that with correct credentials (in other words someone else know your login/password).
First — I hope you already changed it after first e-mail.
Second — in your case I would be care more about how exactly someone was able to gain those data. :( Brutforce over Internet impossible unless you are using weak password or reuse same login/password at different places. So it either some leak on their or your side.
Comment has been collapsed.
holy shit what are you saying
you mean he has my correct login and password?
thats creepy
but how should he become them?
and groupees doesn have a ip check
when he has my password i wouldnt get an email, he can enter then directly without notifcations
i really hope that he was just trolling
Comment has been collapsed.
You didn't read e-mail's? Oo
Read the second one please, it clearly stays:
"... and registered the attempt to log into your Groupess account from new device or location with correct credentials."
Comment has been collapsed.
try this website to know where did this person got your password https://haveibeenpwned.com/
Comment has been collapsed.
how do i know that this is a clean side?
before i enter my email there
Comment has been collapsed.
@itsme
you absolutly right, i just got a support ticket
"Hello BunkerKillar,
You should change your password ASAP. The fact that you are receiving the email means someone already has the correct password for your account. You may change your password on your authentications page. Be sure to check any other accounts, and don't reuse passwords."
Comment has been collapsed.
Yep, sadly. :( Also make sure you didn't used same (or close to it) password at any other site. And in case if you did — change them ASAP as well.
Sorry for being Captain Obvious, just want to make sure. :)
Comment has been collapsed.
i have now 200 emails from Groupees with the message that someone is trying to enter my Account from different locations
Message: "There was an attempt to log into your account with a new device or location"
and always from different locations, poland, brazil, chile and and and
at the moment i have 258 mails, and every minute are coming more...
what now? i already sended a support ticket
Comment has been collapsed.