Pages:
Author

Topic: ~$10,000 in cryptos stolen off my desktop from an encrypted folder, how, why? - page 2. (Read 5401 times)

hero member
Activity: 1190
Merit: 568
Sovryn - Brings DeFi to Bitcoin
Oh how they do that hmm i feel sorry for the $10000 Cry
How they do that to you? I think know you should  get a new highlysecured password.
Or you need to careful they can do that again
member
Activity: 104
Merit: 10
Probably some FUD Bitcoin Logger.
sr. member
Activity: 378
Merit: 250
That is very unfortunate i must say. Have you like used the same password for anything else that you may think is dodgy. That may be the problem. Have a system check if you have an aniti-virus for your computer. It would filter out any viruses. Have you visited any untrustworthy websites or conversed with untrustworthy people on the internet. This may be the cause. However, like you stated I doubt that you will be seeing your money again.
full member
Activity: 152
Merit: 100
  I kept 500 Ether, 1,000 Litecoin and 500 PPC in a cold wallet in a password protected .rar file on my desktop, when I happened to check my watch address yesterday all the balances were emptied two days ago.

   I made two mistakes (1) I download a lot from Torrent sites, (2) I kept ALL my "cold" storage paper wallets in one encrypted WinRar file with a 12 character password. I thought this security was enough and am still at a loss as to what happened.
I don't know what was your password, but with only 12 characters there are very high chances it was weak enough to be brute forced.

I suggest you read some guides on how to choose a strong password: http://lifehacker.com/four-methods-to-create-a-secure-password-youll-actually-1601854240

And downloading from torrents is not the problem (assuming your system does not have exploitable holes), the problem is what programs you run after downloading them. Depending what you download, there is a very high chance it is bundled with malicious stuff.

I know how it feels to lost even files due to malware but you have lost a lot of money and i am sorry about your loss. But these days i find online storage like google drive more secure place to store files.
Are you implying that it's safer to store files in online cloud storage than on your own computer?! lol
If you encrypt your file appropriately (strong password, algorithm) before uploading then it is not only pretty safe, it is also recommended. I recommend GnuPG, or AES Crypt.

Because keeping your backup in only 1 place is actually a bad idea, what would happen if a natural disaster wipes your house, or you get robbed?! Your data will be simply lost, that is when online backups are very useful and should always be considered, especially when the data is crucial.
legendary
Activity: 1414
Merit: 1002
= jasad =
Did you use truecrypt or veracrypt? Those applications are flawed.

Have you used the password anywhere else? Did you use on-screen keyboard when opening the .rar file? If you didn't any old keylogger could log your password. Simple as that.
OP has newbie rank,and just post once,have one activity,its almost impossible to get any other information from him,this case can be lesson for us that human error is the most common way for hacker to hack our bitcoin,and this is make me more aware.
legendary
Activity: 938
Merit: 1002
Did you use truecrypt or veracrypt? Those applications are flawed.

Have you used the password anywhere else? Did you use on-screen keyboard when opening the .rar file? If you didn't any old keylogger could log your password. Simple as that.
hero member
Activity: 602
Merit: 500

   I kept 500 Ether, 1,000 Litecoin and 500 PPC in a cold wallet in a password protected .rar file on my desktop, when I happened to check my watch address yesterday all the balances were emptied two days ago.

   I made two mistakes (1) I download a lot from Torrent sites, (2) I kept ALL my "cold" storage paper wallets in one encrypted WinRar file with a 12 character password. I thought this security was enough and am still at a loss as to what happened.

   The other day I noticed a program running in the Task Manager called, "Wool Department", there was no google results for it, so I closed it but it kept coming back up (on Windows). Next I got an e-mail from Microsoft about verification, then a few other sites I have not used for a long time. My email was hacked years ago, so I changed my password and did not connect the two events at all.


  • My Ether address:    0xea13bae3f4d94b43d2224bb8a1abb0f4e7e0e24d
    My Litecoin address: LhfSd3ZzJMrWawrFimQcTnCx8rYQ3XYiVG
    My PPC address:      PPM4tkGmx9f4LMchhCqQAn6j843KDU3ELk

   I assume I will never see any of it again, but would like to offer 1/2 of any recovered funds as a reward to anyone that can help to find the criminal(s) responsible/return the funds.
sad story,and this happen again to people who dont warn to download file,i think if we have so much asset in our computer,we should not download any suspicious file,its the easiest way for hacker to sent you phising.
hero member
Activity: 770
Merit: 500
✪ NEXCHANGE | BTC, LTC, ETH & DOGE ✪
So sorry for your loss man, hope you can at least get something bad. It is good that you help others by posting in forum. This makes people who do not use safety be more aware.
legendary
Activity: 1596
Merit: 1005
★Nitrogensports.eu★
Just because you download a lot of torrents does not mean you could get infected with malware, especially if you know what you're doing.

The most likely culprits are keyloggers or remote access tools that inadvertently installed and executed in your desktop.

I've had someone hack my home server (which contained nothing, because it was for school purposes) but I attribute that to a brute-force attempt on the RDP protocol (running Win 2012 R2). It is otherwise secure from everything else.
From what I could see there are plenty of reputable groups releasing clean torrents with movies, series, music etc.
And there is almost zero chance for these torrent are compromised in any way with a malware.
But if Op is a fan of some more hardcore and underground torrents there is no telling what could happen.

I wonder if Op found any viruses/malware on his machine - I am very curious, please post an update.
legendary
Activity: 3416
Merit: 1912
The Concierge of Crypto
Just because you download a lot of torrents does not mean you could get infected with malware, especially if you know what you're doing.

The most likely culprits are keyloggers or remote access tools that inadvertently installed and executed in your desktop.

I've had someone hack my home server (which contained nothing, because it was for school purposes) but I attribute that to a brute-force attempt on the RDP protocol (running Win 2012 R2). It is otherwise secure from everything else.
sr. member
Activity: 405
Merit: 250

Like someone else said.  GO with Linux.  Be a man.

Outside of that you should look into a graphical keyboard. Although I suppose it depends on where they hook into the keyboard. If they specifically read the hardware keyboard device then you'd be covered. If they hook into some keyboard abstraction then no you wouldn't.
sr. member
Activity: 446
Merit: 251
I read your post on Ethereum's subreddit. I believe you were specifically targeted. You should learn from this incident, if you want to securely store Bitcoins, use a hardware wallet.
Always use 2FA when you are using an online service, change all your email passwords, and format your computer.
With these simple steps you will get back to it, I know that sadly your money is lost, but I'm sure you can go through this.
legendary
Activity: 812
Merit: 1000

It's better separate computer for fun and computer for business.


This.

When you start to get in the many thousands for bitcoin holdings just buy a cheap laptop and keep it offline or something. I keep a little on exchanges but these days its better to have more than 1 computer with bitcoin dealings.
hero member
Activity: 1106
Merit: 521
sorry to hear that man, what torrent files were you downloading?  was it programs of just simple movies files and stuff?
legendary
Activity: 1148
Merit: 1014
In Satoshi I Trust
^^
Too late. Nothing to put in it, coin gone Sad

i guess he will start again and hold bitcoin  Smiley  - maybe one bitcoin is worth 10k USD in 10 years. So he should at least own 1.
sr. member
Activity: 378
Merit: 250
Ouch sorry man this is my ultimate nightmare. I am super paranoid about keeping any amount larger than say 100 on a computer or exchange. Im actually even skeptical of hardware wallets and the possibility of them becoming compromised. I used the old fashion printed paper wallet.
member
Activity: 96
Merit: 10
Brute forcing 12 trully random characters from RAR encrypted file would be real challege. So either OP used dictionary words or the most common way: keylogger.

Hopefully OP can get the coins back, maybe try post the thread in service section instead.
hero member
Activity: 630
Merit: 500
PM me to buy traffic for your site!
Go Linux bro. Be a man.

Why ? Just because linux mallware is more rare doesnt mean it does not exist. The only reason they dont make as much linux mallware is because
not alot of people use it. People with high amount of funds in crypto are often a targeted pray, and i doubt it would help much having linux instead of any other platform.
legendary
Activity: 2156
Merit: 1018
Buzz App - Spin wheel, farm rewards
^^ agree.  Its not that is impossible for this to happen if you are using linux but it is about 10,000 less likely. So, ya, next to impossible.

If that's too much trouble I recommend using the wallet service at blockchain.com. It seems to me at least that security their is quite high and they've been around since the beginning.
legendary
Activity: 888
Merit: 1000
Monero - secure, private and untraceable currency.
Pages:
Jump to: