63.73 BTC Hacked - Blockchain.info secured by 2FA - Starting security podcast? - page 3.

Hash72

sr. member

Activity: 294

Merit: 250

★YoBit.Net★ 350+ Coins Exchange & Dice

Quote from: statdude on November 27, 2014, 08:15:40 PM

Quote from: cozk on November 27, 2014, 08:14:15 PM

I wouldnt keep even 1BTC (mid-long term) in a wallet that i am not the only one controlling the private key.

You sir is retarded and you created your own misfortune. Sadly.

I still feel sorry though. I am canadian so i'll say it again. Sorry.

i totally agree.
keep it in paper wallet. this was an oversight on my part. doesnt explain what happened though Sad

Sorry statdude for your lost lesson to learn
hope you manage to get it back
Now i am using PRO HMA VPN should i disconnect it when i access Bockchain
or any other online wallet despite the fact of using 2F Auth or not

ScryptAsic

hero member

Activity: 647

Merit: 501

GainerCoin.com 🔥 Masternode coin 🔥

Quote from: statdude on November 29, 2014, 03:33:08 PM

Quote from: BitCoinDream on November 29, 2014, 11:51:52 AM

Quote from: BitCoinDream on November 28, 2014, 04:11:06 PM

Quote from: statdude on November 28, 2014, 03:21:14 PM

You can send dust with a public note in blockchain.info, viewable by all.

It appears my gmail was logged into on 22-Nov. Google was supposed to send me a security notification to my phone and email, yet I received neither?

Also, how is my gmail logged into when it has 2FA Google Auth activated???

I think your blockchain.info 2FA was based on gmail and gmail 2FA was based on SMS verification. Am i correct ?

I'm still awaiting this answer from OP.

It was not, unfortunately. it was setup based on email verification.

I don't know if this is what happened, but there have been some suggestions that this may have been caused by a Tor exit node.

Don't know precisely what this means, but I was using a VPN service at the time I believe functioned through Tor called IPVanish. Could this be the cause? How would I find out?

http://www.btcfeed.net/news/rogue-tor-node-hijacked-blockchain-info-accounts/

If your VPN was using tor to hide your identity then there is a good change that you were subject to a MITM attack when you tried to log into your blockchain wallet. However I would be somewhat surprised if a VPN was using tor as tor is very slow and I doubt they would get very much business with the speeds that tor can provide

pedrog

legendary

Activity: 2786

Merit: 1031

Quote from: statdude on November 29, 2014, 03:33:08 PM

It was not, unfortunately. it was setup based on email verification.

I don't know if this is what happened, but there have been some suggestions that this may have been caused by a Tor exit node.

Don't know precisely what this means, but I was using a VPN service at the time I believe functioned through Tor called IPVanish. Could this be the cause? How would I find out?

http://www.btcfeed.net/news/rogue-tor-node-hijacked-blockchain-info-accounts/

If your gmail account doesn't have SMS 2FA that might be your security weak link, Check your account activity:

https://www.google.com/settings/dashboard

statdude

legendary

Activity: 1498

Merit: 1000

Quote from: BitCoinDream on November 29, 2014, 11:51:52 AM

Quote from: BitCoinDream on November 28, 2014, 04:11:06 PM

Quote from: statdude on November 28, 2014, 03:21:14 PM

You can send dust with a public note in blockchain.info, viewable by all.

It appears my gmail was logged into on 22-Nov. Google was supposed to send me a security notification to my phone and email, yet I received neither?

Also, how is my gmail logged into when it has 2FA Google Auth activated???

I think your blockchain.info 2FA was based on gmail and gmail 2FA was based on SMS verification. Am i correct ?

I'm still awaiting this answer from OP.

It was not, unfortunately. it was setup based on email verification.

I don't know if this is what happened, but there have been some suggestions that this may have been caused by a Tor exit node.

Don't know precisely what this means, but I was using a VPN service at the time I believe functioned through Tor called IPVanish. Could this be the cause? How would I find out?

http://www.btcfeed.net/news/rogue-tor-node-hijacked-blockchain-info-accounts/

BitCoinDream

legendary

Activity: 2394

Merit: 1216

The revolution will be digital

Quote from: BitCoinDream on November 28, 2014, 04:11:06 PM

Quote from: statdude on November 28, 2014, 03:21:14 PM

You can send dust with a public note in blockchain.info, viewable by all.

It appears my gmail was logged into on 22-Nov. Google was supposed to send me a security notification to my phone and email, yet I received neither?

Also, how is my gmail logged into when it has 2FA Google Auth activated???

I think your blockchain.info 2FA was based on gmail and gmail 2FA was based on SMS verification. Am i correct ?

I'm still awaiting this answer from OP.

BitCoinNutJob

legendary

Activity: 1316

Merit: 1000

Quote from: magicmexican on November 28, 2014, 04:20:04 PM

Quote from: statdude on November 28, 2014, 03:52:20 PM

To the hacker:

I do have your login IP address and .edu email domain from a European country with Google.

I will be investigating this to the fullest extent allowable by law. Please contact me if you don't want this.

Best of luck. But your chances look really slim.

Maybe try to negotiate with him and give him 10% or something to have any shot at getting it back.

Yeah 10% you have no chance the hacker would rather take the risk, you are looking at 50/50 or 60/40. If the hacker is reading just do a deal with the person you hacked, you taught them a lesson on security, you made some money and they wont be chasing you all your life. Win win all round.

LiteCoinGuy

legendary

Activity: 1148

Merit: 1014

In Satoshi I Trust

Quote from: statdude on November 28, 2014, 02:31:07 PM

Thanks for the comments guys... PLEASE send dust to these addresses with a public comment marking them back to this thread..I have been trying to do so but it will not work for some reason. I am doing anything I can to get these coins labeled for all to see.

hopefully before the Zerocash release Lips sealed

https://bitcointalksearch.org/topic/m.3878992

KingOfSports

hero member

Activity: 602

Merit: 500

Acc bought - used solely for signature testing

Quote from: statdude on November 27, 2014, 06:42:24 PM

Help...
I am not sure if someone accessed a backup of my wallet somewhere... All my BTC was stolen via a single blockchain transaction

43d9ecf12e25a0bcc6c655660d604cdff800f726dc42f68b08cea8fc1d61a3c4

sent to here

https://blockchain.info/address/1L8zn4BJs2B4a4pxN4HBaNKEgaowpa3857

if anyone has help or can apply any forensics... i am more than willing to pay a bounty to recover some of these funds... thank you...

skype me at "thestatdude"

many of these coins were purchased via credit card and i have hardly afford to lose them... please help..

In reference to your kind messages to me two weeks ago - this is karma.

As the lovely names you called me in PM, this "insert negative name here" now has 20 BTC more than you and not a single penny of debt. Credit card, ew? Why ever invest on credit cards when this market is known for thievery and hacking? The overall EV of that decision was definitely -EV, I think you didn't run the numbers or "stats" well enough on that decision way back and now its costing you. Have fun talking to those CC companies and debt collectors...

ed_teech

hero member

Activity: 508

Merit: 500

Jahaha

I just heard and I am deeply sorry stat. I hope you can recover them soon.

ScryptAsic

hero member

Activity: 647

Merit: 501

GainerCoin.com 🔥 Masternode coin 🔥

Quote from: inBitweTrust on November 28, 2014, 04:24:18 PM

Quote from: statdude on November 28, 2014, 03:52:20 PM

To the hacker:

I do have your login IP address and .edu email domain from a European country with Google.

I will be investigating this to the fullest extent allowable by law. Please contact me if you don't want this.

Next step is to contact the authorities in Luxembourg and subpoena the records of the ISP.
That is enough money to pursue and you already have at least one lead so If I were the hacker
I would try and negotiate a deal soon.

I would say that the hacker almost certainly used some kind of VPN or socks5 proxy to connect to the OP's blockchain wallet and the email account was likely hacked or compromised. Unfortunately these are generally common elements that many bitcoin related thefts have

fr4nkthetank

legendary

Activity: 2294

Merit: 1182

Now the money is free, and so the people will be

Quote from: statdude on November 27, 2014, 06:42:24 PM

Help...
I am not sure if someone accessed a backup of my wallet somewhere... All my BTC was stolen via a single blockchain transaction

43d9ecf12e25a0bcc6c655660d604cdff800f726dc42f68b08cea8fc1d61a3c4

sent to here

https://blockchain.info/address/1L8zn4BJs2B4a4pxN4HBaNKEgaowpa3857

if anyone has help or can apply any forensics... i am more than willing to pay a bounty to recover some of these funds... thank you...

skype me at "thestatdude"

many of these coins were purchased via credit card and i have hardly afford to lose them... please help..

sometimes credit cards pay back for stolen stuff, look in the terms and conditions

deluxeCITY

hero member

Activity: 532

Merit: 500

Quote from: wpalczynski on November 28, 2014, 04:41:25 PM

I don't even think a 50/50 split agreement would persuade the thief to return the money, after all, he is a thief and planned this theft. I know there was a link in one of the posts of this thread to a case where the thief did return 50% of the coins, I wonder what the circumstances were in that case, what coerced him to return half the coins.

Quote from: ?? on ??

Quote from: magicmexican on November 28, 2014, 04:20:04 PM

Quote from: statdude on November 28, 2014, 03:52:20 PM

To the hacker:

I do have your login IP address and .edu email domain from a European country with Google.

I will be investigating this to the fullest extent allowable by law. Please contact me if you don't want this.

Best of luck. But your chances look really slim.

Maybe try to negotiate with him and give him 10% or something to have any shot at getting it back.

10% haha try 50/50 split and it might get returned

There is likely no split that would potentially compel a thief to return the OP's stolen bitcoin (assuming he is telling the truth), unless he left behind some evidence of his identity. If there was some level of evidence then it would potentially be possible the thief would return some percentage of the stolen money depending on what laws were potentially broken and how likely the evidence would potentially lead to the hacker's actual identity, in exchange for the OP agreeing not to contact law enforcement and agree to not press charges (and to not testify in the event that law enforcement does get involved)

b!z

legendary

Activity: 1582

Merit: 1010

Sorry to hear about your loss, statdude.

TKeenan

hero member

Activity: 874

Merit: 1000

Quote from: magicmexican on November 28, 2014, 04:45:47 PM

Quote from: TKeenan on November 28, 2014, 04:41:55 PM

Quote from: statdude on November 28, 2014, 03:52:20 PM

To the hacker:

I do have your login IP address and .edu email domain from a European country with Google.

I will be investigating this to the fullest extent allowable by law. Please contact me if you don't want this.

Wow! that should scare him into submission. You don't deal much with Russians - do you?

If the hacker is Russian, the chances to get 0.000001 btc back are 0%. But if he is located somewhere in Europe - there is a slight tiny chance.

If the hacker is Russian, your mom will lose her bitcoins next.

magicmexican

hero member

Activity: 812

Merit: 1000

Quote from: TKeenan on November 28, 2014, 04:41:55 PM

Quote from: statdude on November 28, 2014, 03:52:20 PM

To the hacker:

I do have your login IP address and .edu email domain from a European country with Google.

I will be investigating this to the fullest extent allowable by law. Please contact me if you don't want this.

Wow! that should scare him into submission. You don't deal much with Russians - do you?

If the hacker is Russian, the chances to get 0.000001 btc back are 0%. But if he is located somewhere in Europe - there is a slight tiny chance.

TKeenan

hero member

Activity: 874

Merit: 1000

Quote from: statdude on November 28, 2014, 03:52:20 PM

To the hacker:

I do have your login IP address and .edu email domain from a European country with Google.

I will be investigating this to the fullest extent allowable by law. Please contact me if you don't want this.

Wow! that should scare him into submission. You don't deal much with Russians - do you?

wpalczynski

legendary

Activity: 1456

Merit: 1000

I don't even think a 50/50 split agreement would persuade the thief to return the money, after all, he is a thief and planned this theft. I know there was a link in one of the posts of this thread to a case where the thief did return 50% of the coins, I wonder what the circumstances were in that case, what coerced him to return half the coins.

Quote from: ?? on ??

Quote from: magicmexican on November 28, 2014, 04:20:04 PM

Quote from: statdude on November 28, 2014, 03:52:20 PM

To the hacker:

I do have your login IP address and .edu email domain from a European country with Google.

I will be investigating this to the fullest extent allowable by law. Please contact me if you don't want this.

Best of luck. But your chances look really slim.

Maybe try to negotiate with him and give him 10% or something to have any shot at getting it back.

10% haha try 50/50 split and it might get returned

amorphia

newbie

Activity: 28

Merit: 0

Quote from: HYPERfuture on November 28, 2014, 10:00:08 AM

I've made a quick guide to fully securing coins on Blockchain.info for beginners as these horror stories really upset me: https://bitcointalksearch.org/topic/psa-email-is-not-2fa-on-blockchaininfo-learn-how-to-secure-bitcoin-properly-876492

Very nice of you creating that thread, very usefull for newbies. After my little loss of btc last summer i start using spybot for keylogers and rootkit scan and 2fa sms to a simple phone, smartphones sucks. I also use virtual keyboard while typing passwords.

I'm really sorry for the OP who lost such a big amount of BTC and wish cancer to the thief and spend all his stolen funds to doctors. Rot in hell!!!

inBitweTrust

hero member

Activity: 658

Merit: 501

Quote from: statdude on November 28, 2014, 03:52:20 PM

To the hacker:

I do have your login IP address and .edu email domain from a European country with Google.

I will be investigating this to the fullest extent allowable by law. Please contact me if you don't want this.

Next step is to contact the authorities in Luxembourg and subpoena the records of the ISP.
That is enough money to pursue and you already have at least one lead so If I were the hacker
I would try and negotiate a deal soon.

AltcoinInvestor

sr. member

Activity: 294

Merit: 250

Well, sorry dude. I don't think you can get your btc back.

This is why I only use "bitcoin core" wallet. I don't trust any online wallet or exchange...

Topic: 63.73 BTC Hacked - Blockchain.info secured by 2FA - Starting security podcast? - page 3. (Read 15021 times)