11 btc gone from my account at 6:00 just a few hours ago, HELP! - page 2.

proudhon

legendary

Activity: 2198

Merit: 1311

Quote from: DeathAndTaxes on April 07, 2013, 11:33:27 AM

Quote from: thoughtfan on April 07, 2013, 11:29:36 AM

Always use 2 factor folks. Sorry for your loss.

This. This. This.

Sadly we see dozens and dozens of these reported cases and not a single one involving 2FA. Granted 2 factor isn't a magical bullet. With clever use of trojan/rootkit an attacker could trick you into giving them access to your wallet (or in the case of something like MtGox trick you into withdrawing BTC to their address) but the 2 factor greatly increases the security.

This is going to continue to be a big problem, I think. Lots of the people getting into bitcoin right now are not well enough acquainted with good security practices regarding passwords, let alone 2 factor auth.

DeathAndTaxes

donator

Activity: 1218

Merit: 1079

Gerald Davis

Quote from: thoughtfan on April 07, 2013, 11:29:36 AM

Always use 2 factor folks. Sorry for your loss.

This. This. This.

Sadly we see dozens and dozens of these reported cases and not a single one involving 2FA. Granted 2 factor isn't a magical bullet. With clever use of trojan/rootkit an attacker could trick you into giving them access to your wallet (or in the case of something like MtGox trick you into withdrawing BTC to their address) but the 2 factor greatly increases the security.

thoughtfan

hero member

Activity: 784

Merit: 506

Another forum member reported someone attempting to guess his blockchain.info wallet password earlier today https://bitcointalksearch.org/topic/m.1761904 .

Always use 2 factor folks. Sorry for your loss.

jackofspades

newbie

Activity: 31

Merit: 0

Too bad BTC is untraceable, good hackers wouldn't do it if they weren't
good enough to think they weren't get caught, if someone stole it, its gone.

It sucks sorry dude, move on, acquire more and youll make youre money back when
BTC doubles in price within a month. Use more protection (auth)

naphto

sr. member

Activity: 392

Merit: 250

Quote from: Come-from-Beyond on April 07, 2013, 10:00:34 AM

Isn't it necessary to know wallet id (GUID) as well?

My wallet username was the same as my forum one, and my password was 1234567890.
I found out that the 1234567890 username had the same password. Same goes for 0123456789.

So, even if I had only 0.4 mBTC in my wallet (which is like 5 cents), I changed my password, and I put a confirmation by email on login.

mulletwang

member

Activity: 110

Merit: 10

my allias is kinda obvious but somewhat obscure, how would that llow someone to take me coins?

BurtW

legendary

Activity: 2646

Merit: 1137

All paid signature campaigns should be banned.

Quote from: Come-from-Beyond on April 07, 2013, 10:00:34 AM

Quote from: naphto on April 07, 2013, 09:55:47 AM

Quote from: Joost on April 07, 2013, 09:45:32 AM

Quote from: naphto on April 07, 2013, 09:34:12 AM

Maybe you got bruteforced ...

Brute forcing SHA256 is out of the question, people.

SHA256? What is it?
I found out 5 passwords of blockchain accounts with only a 10 caracters password yesterday, just trying easy ones.
Both 5 accounts were 0 btc :p

Isn't it necessary to know wallet id (GUID) as well?

He may have an obvious alias (I know I do).

Zaih

hero member

Activity: 504

Merit: 500

Wow that really sucks. Don't give up on Bitcoins though, hopefully this won't occur again!

BurtW

legendary

Activity: 2646

Merit: 1137

All paid signature campaigns should be banned.

Quote from: mulletwang on April 07, 2013, 09:48:48 AM

yesterday i was sending identity conformation to BTCJAM and mtgox. i don't know if that is relevant to anything or not but i did check my btcjam acc and mtgox and they are not there. as i stated earlier i did not make any transfer as i was asleep.

Question: did you have any other accounts? StrongCoin for example? Did you use the same password on any other accounts? Mt Gox for example?

They may have gotten your password from another account if you use the same password any other place.

In Bitcoinland I use a different password for every single Bitcoin related account.

Come-from-Beyond

legendary

Activity: 2142

Merit: 1009

Newbie

Quote from: naphto on April 07, 2013, 09:55:47 AM

Quote from: Joost on April 07, 2013, 09:45:32 AM

Quote from: naphto on April 07, 2013, 09:34:12 AM

Maybe you got bruteforced ...

Brute forcing SHA256 is out of the question, people.

SHA256? What is it?
I found out 5 passwords of blockchain accounts with only a 10 caracters password yesterday, just trying easy ones.
Both 5 accounts were 0 btc :p

Isn't it necessary to know wallet id (GUID) as well?

naphto

sr. member

Activity: 392

Merit: 250

Quote from: BurtW on April 07, 2013, 09:57:31 AM

Interesting. Why are you trying to hack into peoples accounts? Are you a thief?

no, was just curious to see if people would use the same username / password.

BurtW

legendary

Activity: 2646

Merit: 1137

All paid signature campaigns should be banned.

Quote from: naphto on April 07, 2013, 09:55:47 AM

Quote from: Joost on April 07, 2013, 09:45:32 AM

Quote from: naphto on April 07, 2013, 09:34:12 AM

Maybe you got bruteforced ...

Brute forcing SHA256 is out of the question, people.

SHA256? What is it?
I found out 5 passwords of blockchain accounts with only a 10 caracters password yesterday, just trying easy ones.
Both 5 accounts were 0 btc :p

Interesting. Why are you trying to hack into peoples accounts? Are you a thief?

BurtW

legendary

Activity: 2646

Merit: 1137

All paid signature campaigns should be banned.

Quote from: naphto on April 07, 2013, 09:34:12 AM

Maybe you got bruteforced ...

Bitcoin network not possible.

Password maybe.

Did you use a strong password?

Still, the most likely attack vector was a key logger as suggested above. Check your computer for virus, key logger, etc.

Only thing you can do now is watch the address and see where they go next.

naphto

sr. member

Activity: 392

Merit: 250

Quote from: Joost on April 07, 2013, 09:45:32 AM

Quote from: naphto on April 07, 2013, 09:34:12 AM

Maybe you got bruteforced ...

Brute forcing SHA256 is out of the question, people.

SHA256? What is it?
I found out 5 passwords of blockchain accounts with only a 10 caracters password yesterday, just trying easy ones.
Both 5 accounts were 0 btc :p

mulletwang

member

Activity: 110

Merit: 10

yesterday i was sending identity conformation to BTCJAM and mtgox. i don't know if that is relevant to anything or not but i did check my btcjam acc and mtgox and they are not there. as i stated earlier i did not make any transfer as i was asleep.

Joost

member

Activity: 68

Merit: 10

Quote from: naphto on April 07, 2013, 09:34:12 AM

Maybe you got bruteforced ...

Brute forcing SHA256 is out of the question, people.

naphto

sr. member

Activity: 392

Merit: 250

Maybe you got bruteforced ...

BurtW

legendary

Activity: 2646

Merit: 1137

All paid signature campaigns should be banned.

Quote from: alexeft on April 07, 2013, 09:30:51 AM

Quote from: BurtW on April 07, 2013, 09:24:14 AM

Fishy.

Why didn't they take them all from you? Why did they only take 11?

Indeed!

Are you SURE that you didn't transfer them somewhere? BTCJam for example?

alexeft

legendary

Activity: 854

Merit: 1000

Quote from: BurtW on April 07, 2013, 09:24:14 AM

Fishy.

Why didn't they take them all from you? Why did they only take 11?

Indeed!

BurtW

legendary

Activity: 2646

Merit: 1137

All paid signature campaigns should be banned.

Fishy.

Why didn't they take them all from you? Why did they only take 11?

Topic: 11 btc gone from my account at 6:00 just a few hours ago, HELP! - page 2. (Read 2943 times)