Pages:
Author

Topic: 63.73 BTC Hacked - Blockchain.info secured by 2FA - Starting security podcast? - page 2. (Read 15021 times)

legendary
Activity: 1498
Merit: 1000
Sorry OP about the loss. I hope you catch the hacker and make him pay. It would be useful to know how your computer was compromised, if you ever find out.

And just a heads up for people talking about online wallets, Blockchain.info being online isn't what made it hackable in this case. If your computer is compromised - as appears to have been the case here - then any bitcoins that computer has access to, either on local wallets or online wallets, are in jeopardy.

Trust me, I would love to catch them.

The most frustrating thing is I have NO idea how I got a keylogger. That has never happened before, and I wonder if I was targeted somehow by someone I know. The only explanation for that, would be somehow my TeamViewer had a password I used somewhere else that was leaked, but it's impossible to verify now.

I had no idea you could use 2FA for Teamviewer or I would have. I also should have had a stronger and more unique password there obviously.
I also would have used the On-Screen keyboard for blockchain.info or any sensitive passwords, and turned off blockchain email backups of my wallet, which they stupidly had on in default settings.

I would even consider restricting login to certain IP addresses. I thought about this many times but was worried I'd lock myself out somehow.

Any of those things may have saved me. I am still not sure if Tor use had anything to do with it, but if it did, that's even more upsetting.

And NEVER have trusted Google to protect my account in any way shape or form.

The irony I just put all my BTC there for safekeeping the week before is what really astounds me.

Google 2FA = total failure.  
hero member
Activity: 728
Merit: 500
Edit - I have no idea if it works or not but I type in my password and then hit five random keys (anywhere in the middle) followed by hitting the backspace five times).  Even if it is placebo, I have always thought that was a way I could defeat any potential keyloggers.  Note - I am not the most tech savvy individual in the world.

Quote
This would not foil any potential keylogging attempts of stealing your password to your wallet. A keylogger can see all the keys that you press so if they attempt to decrypt your wallet with your password, they can simply delete the last 5 letters and then would have access to your wallet. A keylogger would not even know that you entered them in the middle of your password so it would not affect it.

Also blockchain.info allows the 2nd password that is optional and will allow you to send funds can be entered via a "screen" keyboard which prevents most keyloggers from capturing your password

Thank you for the post.  I can appreciate my bubble being burst as it does help.  Not sarcasm at all.

I pretty much don't touch that computer outside of work and three websites.  I'm on a different computer for this forum and other BTC related activity...
sr. member
Activity: 342
Merit: 250
Sorry OP about the loss. I hope you catch the hacker and make him pay. It would be useful to know how your computer was compromised, if you ever find out.

And just a heads up for people talking about online wallets, Blockchain.info being online isn't what made it hackable in this case. If your computer is compromised - as appears to have been the case here - then any bitcoins that computer has access to, either on local wallets or online wallets, are in jeopardy.
hero member
Activity: 518
Merit: 500
Sorry bro.....
Are you link your email to your Blockchain account? Maybe there is a private key backup file that sent by Blockchain in your email. The hacker get access to your email, he got your privet key, he got everything.
hero member
Activity: 647
Merit: 501
GainerCoin.com 🔥 Masternode coin 🔥
Wow... I should take my money off of online wallets. I really like using the blockchain.info app on my phone, but it's not worth the security risk.
I definetly don't want to run a full blown bitcoin client like bitcoin-qt...

I wouldn't think of using anything but Bitcoin-QT.  It is intensive but once the blockchain is downloaded there is minimal effect on my computer experience if I leave it open.  I'm not even terribly confident that it is secure and I have a pass code that takes minutes to input (random phrases from Ulysses).  

I finally broke down and installed a phone wallet but only for the novelty.  There is never more than fifty bucks in it.

These stories kind of scare me.  I don't have nearly the amount that OP had but I don't want to lose anything that I have.  2FA on an email account might seem like an inconvenience but is necessary in my opinion.

I feel for you, OP.  I hope that there is a way to bet your BTC back...

Edit - I have no idea if it works or not but I type in my password and then hit five random keys (anywhere in the middle) followed by hitting the backspace five times).  Even if it is placebo, I have always thought that was a way I could defeat any potential keyloggers.  Note - I am not the most tech savvy individual in the world.
This would not foil any potential keylogging attempts of stealing your password to your wallet. A keylogger can see all the keys that you press so if they attempt to decrypt your wallet with your password, they can simply delete the last 5 letters and then would have access to your wallet. A keylogger would not even know that you entered them in the middle of your password so it would not affect it.

Also blockchain.info allows the 2nd password that is optional and will allow you to send funds can be entered via a "screen" keyboard which prevents most keyloggers from capturing your password
legendary
Activity: 1456
Merit: 1000
made me LOL

wait how the heck is that even possible though..someone stealing wallet.dat file?

or however online wallets back up work.. fuk thats gotta suck..esp when they mixed coins.
member
Activity: 67
Merit: 10
wait how the heck is that even possible though..someone stealing wallet.dat file?

or however online wallets back up work.. fuk thats gotta suck..esp when they mixed coins.
sr. member
Activity: 304
Merit: 250
Holly crap!

I don't know how to react.

Most I can tell you is check with the addresses he sent them to are coming from. For example if he sent it to a gambling website, perhaps you can then ask the admin for his username or IP or something that can help you better.

Good luck mate!
legendary
Activity: 1456
Merit: 1000
https://www.cryptocoinsnews.com/tor-users-can-now-connect-blockchain-infos-onion-address-securely-ssl/



I've certainly gained a lot of lessons about trust dealing with bitcoin. don't trust people, don't trust any form of security, & anything bad that can happen to you, most certainly can and will happen.

Certainly words to live by in general and even more so in the realm of unregulated crypto currencies.
hero member
Activity: 728
Merit: 500
Wow... I should take my money off of online wallets. I really like using the blockchain.info app on my phone, but it's not worth the security risk.
I definetly don't want to run a full blown bitcoin client like bitcoin-qt...

I wouldn't think of using anything but Bitcoin-QT.  It is intensive but once the blockchain is downloaded there is minimal effect on my computer experience if I leave it open.  I'm not even terribly confident that it is secure and I have a pass code that takes minutes to input (random phrases from Ulysses).  

I finally broke down and installed a phone wallet but only for the novelty.  There is never more than fifty bucks in it.

These stories kind of scare me.  I don't have nearly the amount that OP had but I don't want to lose anything that I have.  2FA on an email account might seem like an inconvenience but is necessary in my opinion.

I feel for you, OP.  I hope that there is a way to bet your BTC back...

Edit - I have no idea if it works or not but I type in my password and then hit five random keys (anywhere in the middle) followed by hitting the backspace five times).  Even if it is placebo, I have always thought that was a way I could defeat any potential keyloggers.  Note - I am not the most tech savvy individual in the world.
legendary
Activity: 1498
Merit: 1000
https://www.cryptocoinsnews.com/tor-users-can-now-connect-blockchain-infos-onion-address-securely-ssl/


How nice, I get to be the martyr and foot the bill for blockchain.info to beef up their security.

Still ironic google 2fa protected everything except my gmail (I'm assuming), which gave up nothing except the wonderfully backed up copy of my wallet sent right to my email (thanks blockchain.info for your genius default settings, very secure).

I'm guessing keylogger did the rest by hacking my application specific password to Mozilla Thunderbird and using that to breach Google with 2FA.

I still don't understand the supposed MITM Tor Exit node attack but it may be possible. I just have no idea how to confirm if that's what happened. I do know my Google and Blockchain accounts were maliciously logged into from a strange IP address and neither sent me any sort of security alert (google was supposed to via SMS)

thanks to those with kind words.

I've certainly gained a lot of lessons about trust dealing with bitcoin. don't trust people, don't trust any form of security, & anything bad that can happen to you, most certainly can and will happen.
hero member
Activity: 574
Merit: 500
CoinBooster Rep
Update - Coins have been moved to these addresses, any ideas?

1K5B5vgry2dxA8U8YphyKCZnmL2TkXmZSX
Total Received   1,009.127 BTC

1Ajz2tmqhAS2qPDAYw1aqkYJ6xC4mz7LoU
Total Received   41.74661948 BTC

1AA5NSDzAw1nvmbiaPUAdJ7zacu8HvDdSy
Total Received   745.6897046 BTC
Final Balance   745.6897046 BTC

14KAMZsnHwHb32vd1XrNE1pndhuijHjR1a
Total Received   43.7795 BTC
Final Balance   43.7795 BTC



Seems to be have been mixed.
sr. member
Activity: 420
Merit: 250
Ever wanted to run your own casino? PM me for info
Update - Coins have been moved to these addresses, any ideas?

1K5B5vgry2dxA8U8YphyKCZnmL2TkXmZSX
Total Received   1,009.127 BTC

1Ajz2tmqhAS2qPDAYw1aqkYJ6xC4mz7LoU
Total Received   41.74661948 BTC

1AA5NSDzAw1nvmbiaPUAdJ7zacu8HvDdSy
Total Received   745.6897046 BTC
Final Balance   745.6897046 BTC

14KAMZsnHwHb32vd1XrNE1pndhuijHjR1a
Total Received   43.7795 BTC
Final Balance   43.7795 BTC
Any attempt to track your stolen bitcoin via the blockchain will likely be fruitless. The fact that bitcoin is fungible means that anyone can potentially trade bitcoin for other bitcoin (or bitcoin for various altcoins), and/or potentially send the stolen bitcoin to a mixer and someone completely unrelated to your thief could not be in possession of inputs that can be traced to the outputs of your stolen coins.

IMO the best bet of finding the thief is via IP tracking of the person who logged into your blockchain.info wallet. I think this would likely also be fruitless if your VPN was connecting to the internet via tor exit nodes as you seem to think they were.
sr. member
Activity: 322
Merit: 250
Wow... I should take my money off of online wallets. I really like using the blockchain.info app on my phone, but it's not worth the security risk.
I definetly don't want to run a full blown bitcoin client like bitcoin-qt...

This horror story reminds me of the whole inputs.io scam. I remember the first time i heard people saying their money got stolen all of a sudden. And i knew it had to have been an inside job, since it wasn't possible for all those 2FA-protected accounts to be cracked... When i read the thread title, i immediatly logged into my blockchain.info account to see if mine wasn't stolen either.

Bitcoin transactions are not reversible. That's the whole point of bitcoin anyway. So i'm afraid your 63.73 BTC is lost for sure. There simply is no way of ever getting it back. Unless ofcourse you could track the money to some casino or whatever, and report it to them as stolen money. You would be able to prove you are the owner of that address...
Sadly, it's extremely hard to track down those funds.
legendary
Activity: 3150
Merit: 1069
Please 1 BTC should be everyones maximum limit on online wallets. Mine coins were too stolen from android wallet so I stopped using it.
hero member
Activity: 574
Merit: 500
CoinBooster Rep
The chances of you getting it back now bud are really slim.

Sorry.
legendary
Activity: 1498
Merit: 1000
Update - Coins have been moved to these addresses, any ideas?

1K5B5vgry2dxA8U8YphyKCZnmL2TkXmZSX
Total Received   1,009.127 BTC

1Ajz2tmqhAS2qPDAYw1aqkYJ6xC4mz7LoU
Total Received   41.74661948 BTC

1AA5NSDzAw1nvmbiaPUAdJ7zacu8HvDdSy
Total Received   745.6897046 BTC
Final Balance   745.6897046 BTC

14KAMZsnHwHb32vd1XrNE1pndhuijHjR1a
Total Received   43.7795 BTC
Final Balance   43.7795 BTC

legendary
Activity: 1498
Merit: 1000
it's called IP Vanish and connected thru Tor, although I did not know that.
sr. member
Activity: 294
Merit: 250
★YoBit.Net★ 350+ Coins Exchange & Dice
legendary
Activity: 980
Merit: 1040
Pages:
Jump to: