Pages:
Author

Topic: 63.73 BTC Hacked - Blockchain.info secured by 2FA - Starting security podcast? - page 5. (Read 15021 times)

hero member
Activity: 686
Merit: 500
HYPER project manager and PR + GoldPieces [GP]
I've made a quick guide to fully securing coins on Blockchain.info as these horror stories really upset me: https://bitcointalksearch.org/topic/psa-email-is-not-2fa-on-blockchaininfo-learn-how-to-secure-bitcoin-properly-876492

Thanks for sharing!

Your thoughts on 3rd party devices, such as Trezor? I'm worried about losing the device if I buy a few.

(Though sure they would have considered that) Just wondering in the event of losing device, how quickly Stored BTC funds would be recoverable and the process involved?

You can back up to paper wallet easily with their tool so even if you lose the Trezor the coins are safe. Also the Trezor is password protected so as long as your password is in your HEAD only they cannot steal your coins. This is just my understanding of it and I can't make any guarantees.
full member
Activity: 238
Merit: 100
I've made a quick guide to fully securing coins on Blockchain.info as these horror stories really upset me: https://bitcointalksearch.org/topic/psa-email-is-not-2fa-on-blockchaininfo-learn-how-to-secure-bitcoin-properly-876492

Thanks for sharing!

Your thoughts on 3rd party devices, such as Trezor? I'm worried about losing the device if I buy a few.

(Though sure they would have considered that) Just wondering in the event of losing device, how quickly Stored BTC funds would be recoverable and the process involved?
legendary
Activity: 2296
Merit: 1014
Help...
I am not sure if someone accessed a backup of my wallet somewhere... All my BTC was stolen via a single blockchain transaction

43d9ecf12e25a0bcc6c655660d604cdff800f726dc42f68b08cea8fc1d61a3c4

sent to here

https://blockchain.info/address/1L8zn4BJs2B4a4pxN4HBaNKEgaowpa3857

if anyone has help or can apply any forensics... i am more than willing to pay a bounty to recover some of these funds... thank you...

skype me at "thestatdude"

many of these coins were purchased via credit card and i have hardly afford to lose them... please help..
Man im so sorry for you, who would have know that using TOR is security risk.
Im feeling your pain.
full member
Activity: 238
Merit: 100
Are Mac users (OSX) better protected in this case or just as susceptible as Windows/Linux users?

Umm, Linux is in no way as susceptible as Windows.

Linux and Mac have similarly strong security - Windows is a joke.



Have there ever been any cases where Microsoft were held accountable/compensated for security flaws in their OS?
hero member
Activity: 686
Merit: 500
HYPER project manager and PR + GoldPieces [GP]
I've made a quick guide to fully securing coins on Blockchain.info for beginners as these horror stories really upset me: https://bitcointalksearch.org/topic/psa-email-is-not-2fa-on-blockchaininfo-learn-how-to-secure-bitcoin-properly-876492
legendary
Activity: 1316
Merit: 1000
If you have a Keylogger on your computer the only thing that will stop unauthorised withdrawals is SMS 2fa - which I understand blockchain.info offers.

If you only have email 2fa the hacker just needs to wait until you login to your email service and they have the password. Then they wait until you log into your blockchain.info account and they have all they need. They could even delete the email from your email account after authorising the transaction.

Note, a keylogger will also give someone access to your local wallet passphrase too. It happened to someone I know and they lost a couple hundred thousand dollars worth. Keyloggers are very very dangerous.

What I am not sure about is if a malicious user gets your blockchain.info login details and you have SMS 2Fa activated can they still grab the private key. That would totally defy the purpose of SMS 2fa so I assume not but I am not sure.
Q7
sr. member
Activity: 448
Merit: 250
Seen before similar incidence when other guy also has 2fa authentication enabled but still lost the coin. Keeping in armory and hope for best
legendary
Activity: 1316
Merit: 1000
Are Mac users (OSX) better protected in this case or just as susceptible as Windows/Linux users?

Umm, Linux is in no way as susceptible as Windows.

Linux and Mac have similarly strong security - Windows is a joke.
full member
Activity: 238
Merit: 100
fact is, i treated my blockchain.info as a WEB wallet, trusting them it was SECURE with 2FA alone.

it was not.

All someone needs can be found by hacking your PC and installing a keylogger.

they need no 2FA whatsoever if they then have your password.


Sorry for loss man!

Is it worth contacting Blockchain Support, if you haven't already done so? Seems like your not the only bitcoiner to fall victim to unauthorised 3rd party applications. Perhaps there's a way for the Blockchain web wallets to run a keylogging sweep?

Are Mac users (OSX) better protected in this case or just as susceptible as Windows/Linux users?

full member
Activity: 178
Merit: 100
Anyone you remember got in the house with your computer unattended?
legendary
Activity: 1456
Merit: 1000
Thats horrible, sorry to hear that dude.  WTF

Help...
I am not sure if someone accessed a backup of my wallet somewhere... All my BTC was stolen via a single blockchain transaction

43d9ecf12e25a0bcc6c655660d604cdff800f726dc42f68b08cea8fc1d61a3c4

sent to here

https://blockchain.info/address/1L8zn4BJs2B4a4pxN4HBaNKEgaowpa3857

if anyone has help or can apply any forensics... i am more than willing to pay a bounty to recover some of these funds... thank you...

skype me at "thestatdude"

many of these coins were purchased via credit card and i have hardly afford to lose them... please help..
hero member
Activity: 658
Merit: 501
legendary
Activity: 980
Merit: 1040
Please let me make sure I understand you. Are you saying that just because you use Linux, your Bitcoin are positively secure?

Linux alone isnt enough obviously, but using windows makes your PC positively insecure.
legendary
Activity: 1638
Merit: 1010
https://www.bitcoin.com/
I have multible wallets, 3 hot wallets and off line cold storage. I also have signed up for the coinbase vault but yet to use it.
Funny thing is the only wallet i had which got hacked was blockchain but it was a very small amount and i didnt have 2fa back then.
I would advise like many other members already have is to look into cold storage, usb or paper wallet.
If you dont think you know enough about btc security yet then sign up for coinbase vault till you learn more. I know many members won't agree with me on this but its safer from hackers.
legendary
Activity: 3038
Merit: 1660
lose: unfind ... loose: untight
, i use linux and i know my bitcoins are safe this way. i will never found a trojan or a keylogger on my computer

Please let me make sure I understand you. Are you saying that just because you use Linux, your Bitcoin are positively secure?
legendary
Activity: 1316
Merit: 1000

Bank are also scammers and the fees go to a lot of needless jobs now we have blockchain tech
hero member
Activity: 714
Merit: 500
Damn, that is really hard.
I am glad, I finally managed to put most of my coins in paper wallets. For me it was just laziness that I postponed that for months.

Do make something clear, since so many people don't seem to understand that. The difference between bitcoin and fiat is, that with bitcoin it is your responsibility how secure they are. That is one reason why banks have hefty fees: They use part of it to ensure security and insurance. You can't have both: no fees and someone else takes care of the security

So, yes, bitcoins are much more secure than a bank, if YOU make them that secure. But it is not that hard to store them securily: Printing out paper wallets is really easy. Protect them with bip38, store one copy at home and one copy at another secure place and you are done with the security.
hero member
Activity: 658
Merit: 501

I don't want to f about with Trezors and such, i want to use my wallet like a bank

why is this so difficult ??

Its not difficult. Just get a coinbase or circle wallet with sms 2FA and they provide the security you need from hackers and insurance as well.

What they will not protect you from, in actuality they will expose you to, is theft from the state in the form of capital gains taxes when your Bitcoins go up in value.
newbie
Activity: 14
Merit: 0
Well, you can improve your security, by doing this :

https://blog.blockchain.com/2014/11/13/quick-bit-boost-your-password-security-in-one-easy-step/

But, when you a service provider with +/- 2 000 000 wallets, it should have been set by default, to the highest level.

I am truely dissapointed, but VERY happy all my money is stored in paper wallets.  Grin

I am a new bitcoin user that uses blockchain as a wallet. I have used the above advice and gone from the default of 500 iterations to the 20,000 maximum.

What makes Bitcoin wallets different to typical online banking ?- And if your on-line bank account is hacked the bank is responsible for the loss.

Why is this not the case for bitcoin wallets?

I really feel for the stat guy and deplore some of the responses on this read saying he was to blame.

Bitcoin will never reach its potential if a newbee has to go through a raft of additional measures to keep their wallets safe.

I don't want to f about with Trezors and such, i want to use my wallet like a bank

why is this so difficult ??
sr. member
Activity: 300
Merit: 250
Honestly, not sure what to think. If BC.I was compromised even with 2FA, then this means that there is some exploit going on in BC.I and piuk owes statdude 63btc.

if blockchain.info could be hacked, there would be A LOT more users and bitcoin got stolen. Total number of user reported is only about 20 i think.

All someone needs can be found by hacking your PC and installing a keylogger.

they need no 2FA whatsoever if they then have your password.


Hacker still need 2FA (as second password) because knowing password only isn't enough to login (unless you turned off 2FA). In your case you have 2FA sending to your email, so it's obvious to guess the hacker also got access to your email. Why don't you use 2FA on your phone ?

Furthermore, if your PC got infected with trojan/keylogger then clearly we can't blame Blockchain.info

This is also the reason i laugh at everyone saying Bitcoin is safer than bank. Hacking to a personal computer is much easier than hacking into the bank !!!
Pages:
Jump to: