i was getting brute force on one email of the various emails i got multiple emails asking for password reset. still seems okay
Yes, the hacked has mails most probably from bitcointalk or bter.com or who know where.
And he was trying to bruteforce remind emails to see if email exist in my database. Later he tres on those emails password bruteforce.
I accually found my very low lever password that i was setting on trash websites like forums.
https://hashes.org/download.php?type=hafound&hashlistId=64So if you password is in that txt file then it would be smart to change it

Anyway i now blocked this brute force hacker. He is still trying to bruteforce ( i mean he didnt turned off his scripts).
But he cant do anything becasue captcha is blocking him

As this captcha is pretty weak it stopped this attack for now but i guess i will need to make it harder if i will see that it is beeing cracked

Anyway the attacker still didnt updated his scripts so they are trying to login without captcha POST field

So remember guys, DONT USE THE SAME PASSWORD ON TWO WEBSITES !

Anyway i hope i wont end like nicehash

Still i am nothing compared to them or any existing exchange - even those smallests.