Author

Topic: 55 ETH STOLEN FROM MY JAX WALLET TONIGHT, NEED INPUT PLEASE (Read 962 times)

sr. member
Activity: 882
Merit: 269
Thanks for the input.  I agree about Windows.  Normally I wouldn't have anywhere near that much in a hot wallet, but I was prepping for the ICO of BAT and MYST this morning, and that is what those funds were for.  From now on my hot wallets will be in TAIlLS on a USB stick, live only long enough to make the transaction.  Passwords: Yea, I know we humans are poor generators of randomness; I always use LastPass to generate and manage passwords.  Remote software...that's probably the hole, I have to use TeamViewer because I'm out of town a lot (licensed, cost me about $800 if I remember right).  I don't have the program running when I'm here, but just the protocols being enabled creates openings.   And the funds are still in the address the thief is using after hopping them around and then tumbling them in ShapeShift...in fact he added another 20 ETH 4 hours ago, no doubt stolen from someone else.

Since your account is already compromised, I think this is a lesson already to us here.Though I used jaxx also, but I seldom transact with it.Do you have or are using myethewallet? I think its also a good option. Also keeps your computer safe by not downloading any programs from not trusted sites.
legendary
Activity: 2730
Merit: 1288
Same thing happened with the DAO, just contact Vitalik and he will rollback the blockchain for you. This is a completely precidented reaction, so much so, that there will not be an additional major exchange traded fork this time because it was already created the first time.  



LOL

But is you go to cort it is most likely they would force him to revert.

I'm afraid there is nothing you can do to get your coins back. There is no rollback feature available.


What are you taking about. Yes it happened, so is possible.  ETH even forked from ETC because of it.
newbie
Activity: 17
Merit: 0
Thanks for the input.  I agree about Windows.  Normally I wouldn't have anywhere near that much in a hot wallet, but I was prepping for the ICO of BAT and MYST this morning, and that is what those funds were for.  From now on my hot wallets will be in TAIlLS on a USB stick, live only long enough to make the transaction.  Passwords: Yea, I know we humans are poor generators of randomness; I always use LastPass to generate and manage passwords.  Remote software...that's probably the hole, I have to use TeamViewer because I'm out of town a lot (licensed, cost me about $800 if I remember right).  I don't have the program running when I'm here, but just the protocols being enabled creates openings.   And the funds are still in the address the thief is using after hopping them around and then tumbling them in ShapeShift...in fact he added another 20 ETH 4 hours ago, no doubt stolen from someone else.
legendary
Activity: 1946
Merit: 1007
Thanks Norris and banano.  Yea, it seems such a shame that I know where MY money is but can't do a thing about it.  Funny thing is, I don't know anyone that is even close to being as security conscious as I am.  VPN always (including cell phone) TOR often, everything of any value encrypted, super long c0mPlEx passwords (never repeated) check for windows AND driver updates daily...heck, if someone whats to text with me it's WhatsApp or Signal...It just takes one slip up, somewhere

I hope you realize the example you give about complex passwords is not really complex? There are scripts that can check try any substitution of letters by common numbers and puncutation marks. The same goes for changing to capital letters.
full member
Activity: 176
Merit: 100
paperwallet. Always.
newbie
Activity: 5
Merit: 0
That's unfortunate I hope there's a way you can get your money back.

For the next time I would suggest a Ledger Nano S wallet (I'm not affiliated with them, just a happy user).
legendary
Activity: 2786
Merit: 1031
'Windows', there's a problem right there, do you install software downloaded from pirate websites?

There have been malware found in drivers by main manufacturers...

Do you have any remote desktop software installed?
sr. member
Activity: 490
Merit: 262
The World’s First Blockchain Core
Thanks Norris and banano.  Yea, it seems such a shame that I know where MY money is but can't do a thing about it.  Funny thing is, I don't know anyone that is even close to being as security conscious as I am.  VPN always (including cell phone) TOR often, everything of any value encrypted, super long c0mPlEx passwords (never repeated) check for windows AND driver updates daily...heck, if someone whats to text with me it's WhatsApp or Signal...It just takes one slip up, somewhere

I think you should keep it in the eth wallet for your safety  but it will take long time for sync. sometime You should scan virus on your computer
I rarely use the wallet of third party because safe level . I hope you can recover your coins . Good luck, guy.
newbie
Activity: 17
Merit: 0
Thanks Norris and banano.  Yea, it seems such a shame that I know where MY money is but can't do a thing about it.  Funny thing is, I don't know anyone that is even close to being as security conscious as I am.  VPN always (including cell phone) TOR often, everything of any value encrypted, super long c0mPlEx passwords (never repeated) check for windows AND driver updates daily...heck, if someone whats to text with me it's WhatsApp or Signal...It just takes one slip up, somewhere
legendary
Activity: 1946
Merit: 1007
I'm afraid there is nothing you can do to get your coins back. There is no rollback feature available.

You can prevent this from happening in the future though. Clean your system thoroughly. Install a good virus scanner and a second opinion scanner (e.g. hitmanpro), preferably do a clean OS install now you know for sure your system is compromised and make sure you are behind a firewall.

Looks like there was some kind of remote access to your system if you saw things pop up.
newbie
Activity: 17
Merit: 0
It happened as I was sitting in front of the computer, Jaxx wallet open on right screen, I was working in MEW on the left. I turn back to look at the right screen and the wallet is emptied.  That was 5 hours ago.  I FOUND THE ETH!  It made one hop out of here, was split into 3 parts, two more hops for each of the parts, into ShapeShift and then back out, converging on a single address.  The ETH IS STILL THERE...who should I call to attempt recovery?  Thanks!
Jump to: