Pages:
Author

Topic: 11 btc gone from my account at 6:00 just a few hours ago, HELP! - page 2. (Read 2973 times)

legendary
Activity: 2198
Merit: 1311
Always use 2 factor folks.  Sorry for your loss.

This. This. This.

Sadly we see dozens and dozens of these reported cases and not a single one involving 2FA.  Granted 2 factor isn't a magical bullet.  With clever use of trojan/rootkit an attacker could trick you into giving them access to your wallet (or in the case of something like MtGox trick you into withdrawing BTC to their address) but the 2 factor greatly increases the security.



This is going to continue to be a big problem, I think.  Lots of the people getting into bitcoin right now are not well enough acquainted with good security practices regarding passwords, let alone 2 factor auth.
donator
Activity: 1218
Merit: 1079
Gerald Davis
Always use 2 factor folks.  Sorry for your loss.

This. This. This.

Sadly we see dozens and dozens of these reported cases and not a single one involving 2FA.  Granted 2 factor isn't a magical bullet.  With clever use of trojan/rootkit an attacker could trick you into giving them access to your wallet (or in the case of something like MtGox trick you into withdrawing BTC to their address) but the 2 factor greatly increases the security.

hero member
Activity: 784
Merit: 506
Another forum member reported someone attempting to guess his blockchain.info wallet password earlier today https://bitcointalksearch.org/topic/m.1761904 .

Always use 2 factor folks.  Sorry for your loss.
newbie
Activity: 31
Merit: 0
Too bad BTC is untraceable, good hackers wouldn't do it if they weren't
good enough to think they weren't get caught, if someone stole it, its gone.

It sucks sorry dude, move on, acquire more and youll make youre money back when
BTC doubles in price within a month. Use more protection (auth)
sr. member
Activity: 392
Merit: 250
Isn't it necessary to know wallet id (GUID) as well?


My wallet username was the same as my forum one, and my password was 1234567890.
I found out that the 1234567890 username had the same password. Same goes for 0123456789.

So, even if I had only 0.4 mBTC in my wallet (which is like 5 cents), I changed my password, and I put a confirmation by email on login.
member
Activity: 110
Merit: 10
my allias is kinda obvious but somewhat obscure, how would that llow someone to take me coins?
legendary
Activity: 2646
Merit: 1138
All paid signature campaigns should be banned.
Maybe you got bruteforced ...

Brute forcing SHA256 is out of the question, people.


SHA256? What is it?
I found out 5 passwords of blockchain accounts with only a 10 caracters password yesterday, just trying easy ones.
Both 5 accounts were 0 btc :p

Isn't it necessary to know wallet id (GUID) as well?
He may have an obvious alias (I know I do).
hero member
Activity: 504
Merit: 500
Wow that really sucks. Don't give up on Bitcoins though, hopefully this won't occur again!
legendary
Activity: 2646
Merit: 1138
All paid signature campaigns should be banned.
yesterday i was sending identity conformation to BTCJAM and mtgox. i don't know if that is relevant to anything or not but i did check my btcjam acc and mtgox and they are not there. as i stated earlier i did not make any transfer as i was asleep.
Question:  did you have any other accounts?  StrongCoin for example?  Did you use the same password on any other accounts?  Mt Gox for example?

They may have gotten your password from another account if you use the same password any other place.

In Bitcoinland I use a different password for every single Bitcoin related account.
legendary
Activity: 2142
Merit: 1010
Newbie
Maybe you got bruteforced ...

Brute forcing SHA256 is out of the question, people.


SHA256? What is it?
I found out 5 passwords of blockchain accounts with only a 10 caracters password yesterday, just trying easy ones.
Both 5 accounts were 0 btc :p

Isn't it necessary to know wallet id (GUID) as well?
sr. member
Activity: 392
Merit: 250
Interesting.  Why are you trying to hack into peoples accounts?  Are you a thief?


no, was just curious to see if people would use the same username / password.
legendary
Activity: 2646
Merit: 1138
All paid signature campaigns should be banned.
Maybe you got bruteforced ...

Brute forcing SHA256 is out of the question, people.


SHA256? What is it?
I found out 5 passwords of blockchain accounts with only a 10 caracters password yesterday, just trying easy ones.
Both 5 accounts were 0 btc :p
Interesting.  Why are you trying to hack into peoples accounts?  Are you a thief?
legendary
Activity: 2646
Merit: 1138
All paid signature campaigns should be banned.
Maybe you got bruteforced ...
Bitcoin network not possible.

Password maybe.

Did you use a strong password?

Still, the most likely attack vector was a key logger as suggested above.  Check your computer for virus, key logger, etc.

Only thing you can do now is watch the address and see where they go next.
sr. member
Activity: 392
Merit: 250
Maybe you got bruteforced ...

Brute forcing SHA256 is out of the question, people.


SHA256? What is it?
I found out 5 passwords of blockchain accounts with only a 10 caracters password yesterday, just trying easy ones.
Both 5 accounts were 0 btc :p
member
Activity: 110
Merit: 10
yesterday i was sending identity conformation to BTCJAM and mtgox. i don't know if that is relevant to anything or not but i did check my btcjam acc and mtgox and they are not there. as i stated earlier i did not make any transfer as i was asleep.
member
Activity: 68
Merit: 10
Maybe you got bruteforced ...

Brute forcing SHA256 is out of the question, people.
sr. member
Activity: 392
Merit: 250
Maybe you got bruteforced ...
legendary
Activity: 2646
Merit: 1138
All paid signature campaigns should be banned.
Fishy.

Why didn't they take them all from you?  Why did they only take 11?

Indeed!
Are you SURE that you didn't transfer them somewhere?  BTCJam for example?
legendary
Activity: 854
Merit: 1000
Fishy.

Why didn't they take them all from you?  Why did they only take 11?

Indeed!
legendary
Activity: 2646
Merit: 1138
All paid signature campaigns should be banned.
Fishy.

Why didn't they take them all from you?  Why did they only take 11?
Pages:
Jump to: