Pages:
Author

Topic: 135 BTC Stolen from my Deepbit account!!!!!!!! - page 6. (Read 29136 times)

hero member
Activity: 700
Merit: 500
My deepbit password is now over 20 characters long with caps and symbols.
That just shortened the time to crack now didn't it?

How so?

Because now you don;t have to waste time searching all the combinations between 1 and 20 characters.
legendary
Activity: 2198
Merit: 1311
My deepbit password is now over 20 characters long with caps and symbols.
That just shortened the time to crack now didn't it?

How so?
vip
Activity: 1052
Merit: 1155
if you are using any kind of remote access like teamviewer ,vnc, etc, it is likely that someone could remotely login to your pc!
We were not using anything like this.
sr. member
Activity: 406
Merit: 251
My deepbit password is now over 20 characters long with caps and symbols.
That just shortened the time to crack now didn't it?
full member
Activity: 226
Merit: 100
if you are using any kind of remote access like teamviewer ,vnc, etc, it is likely that someone could remotely login to your pc!
legendary
Activity: 2198
Merit: 1311
I suggest posting something in his thread here.  He's usually pretty quick to respond to important questions.  Also, sorry this happened to you, but thanks for the heads up.  My deepbit password is now over 20 characters long with caps and symbols.
vip
Activity: 1052
Merit: 1155
full member
Activity: 222
Merit: 100
So does anyone know how I can contact the deepbit Admin?

Maybe try to send PM to [Tycho], he seems to be the owner of this service:
https://bitcointalksearch.org/topic/dead-deepbitnet-ppspropinstant-payouts-we-pay-for-invalid-blocks-too-3889
legendary
Activity: 1050
Merit: 1000
All I have to say is look for somebody who had physical access to the computer where you logged onto deepbit(and no, when you close the web browser it does not log you out of deepbit) or someone who had the access to the computer from which the mining was done.
Although it's trivial to get username/password for anyone on the network, I doubt anyone at random would be trying that stuff. It's someone from your circle

Any security cameras where the computers are?

This makes most sense. Before brute-forcing passwords someone must know login email address and site. it would seem too coincidental for a random attack that some hacker could match site/login/pass without any inside info to just steal single account.
legendary
Activity: 1304
Merit: 1015
Ask Deepbit about IP of people who logged on your account.

+1 agreed

Any decent site keeps a record of IP addresses accessing each account.


And do not store bitcoins at a pool server, store them in your own, secure wallet!



If you have a dynamic IP don't forget to log the IP of you own machine before it changes.
vip
Activity: 1052
Merit: 1155
So does anyone know how I can contact the deepbit Admin?
legendary
Activity: 1304
Merit: 1015
do u use the same password for any other website? that website could use it against u.

I was also concerned with that when  I first set up deepbit,  so I chose a password that was unique to only that website.

Also, if you are using 'MemoryDealers' as your user name or your email address that you display publicly then I suggest you use a non-well-known email address.
full member
Activity: 126
Merit: 101
It would be funny if one of the trusted employees log into deepbit from their home  Grin Although I still think it's much simpler than this
member
Activity: 98
Merit: 13
Ask Deepbit about IP of people who logged on your account.

+1 agreed

Any decent site keeps a record of IP addresses accessing each account.


And do not store bitcoins at a pool server, store them in your own, secure wallet!

vip
Activity: 1386
Merit: 1140
The Casascius 1oz 10BTC Silver Round (w/ Gold B)

I was trying not to keep all my eggs in one basket.

Sorry to hear of this misfortune.

For everyone's benefit, here is the safest, 100% hacker proof way to store Bitcoins, and a great basket to put them in.

1. Set up a computer that has no access to the Internet whatsoever.

2. Install and run Bitcoin on it (from removable media, e.g. USB flash memory stick).  Copy the first auto-generated address you see into a blank Notepad text file, and save it on your USB stick.  There is no need to wait for the block chain to download (which shouldn't be happening anyway if you're offline)

3. Back up the wallet.dat file it creates onto your USB stick.  Better yet, do it onto two USB sticks.  It's located at %APPDATA%\Bitcoin\wallet.dat.  Keep both copies safe and secure.

4. Send all your Bitcoins to that address you generated and saved in step 2.  Use Block Explorer to keep track of your balance.

5. Format the hard drive of the computer, or at least delete your wallet.dat from it, or never connect it to the internet.

Main point: The software doesn't have to talk to the network for you to receive bitcoins.  By providing no means for your private keys to be reached from the Internet, they cannot be remotely stolen by anyone.

When ready to spend:

1. Go into a brand new installation of the Bitcoin software, and exit it completely (so it's not on your taskbar, etc.)

2. Go into the %APPDATA%\Bitcoin folder and delete all files with the extension .DAT.

3. Copy your prized wallet.dat into the folder

4. Restart Bitcoin and let it rebuild everything.  Coins will appear when the block chain is downloaded (possibly hours).

5. Spend like normal.
vip
Activity: 1052
Merit: 1155
do u use the same password for any other website? that website could use it against u.

I was also concerned with that when  I first set up deepbit,  so I chose a password that was unique to only that website.
newbie
Activity: 19
Merit: 0
do u use the same password for any other website? that website could use it against u.
vip
Activity: 1052
Merit: 1155
Ask Deepbit about IP of people who logged on your account.

This is exactly what I would like to do.
Does anyone have their contact info?   I don't see any on their website.

Thanks!
legendary
Activity: 1526
Merit: 1134
Lack of brute forcing protection might be it.

If anyone is setting up Bitcoin related services where hacking is a risk, I'd strongly recommend using Google or Facebook authentication instead of rolling your own. These companies have solved problems like brute forcing attacks a long time ago and are now also dealing with cases where your password is stolen. For example Google offers two-factor authentication, for free!
full member
Activity: 222
Merit: 100
Ask Deepbit about IP of people who logged on your account.
Pages:
Jump to: