Pages:
Author

Topic: About 20 Bitcoins STOLEN from my Blockchain.info wallet! 5btc reward! (Read 9058 times)

global moderator
Activity: 3794
Merit: 2612
In a world of peaches, don't ask for apple sauce
Sorry for your loss.  Embarrassed

You probably will not recover them.  Start making backup plans NOW for your mortgage (friends, family) and don't expect anything to come from this thread.

Yeah... I'm just hoping that maybe, just maybe something could be done... I'm just so pissed that I pretty much watched it happen, when I saw that the coins were taken they were still Unconfirmed!  It had 0 confirmations still! I wish there were a way to stop 0 confirmation transactions... but that is not how it works...

Just hope that maybe someone in the community can do something to help... I've sent a small transaction to the address the thief sent the coins to and embedded a statement that the coins were stolen.

Maybe if people keep putting messages on stolen BTC addresses then it may help deter this stuff, so I'm going to watch this and every time the btc moves I will add that tag again.  Who knows what will happen, I'm hoping for the best...


Also in regards to the other posts, thanks for the suggestions, I'll look into the ip address, I just have NO idea how they got into my account so two things, they are a "pro" hacker and the IP is just a proxy or maybe a lucky script kiddy that did not mask their real IP.

Oh, and the thing about looking at my btc address is that it will never show my actual IP because I don't use a BTC client on my computer, it's all brain wallets, paper wallets and I only import them when I need to use them on an online site like blockchain so all IP's will only show the BTC relays.  It was just a stupid mistake that I left the mining address in that wallet.

Thanks so far...
Actually there is. You could've just tried double spending it by simply sending out another transaction using the same funds with a higher fee. If it confirmed first, you would've gotten your funds back.

Aww damn it!  Although the thing is that I would not be allowed to do a double spend on the blockchain wallet so I figure that it would have to be somehow done manually, perhaps with the actual bitcoin-qt client but I usually move my coins around web wallets and paper/brain/offline wallets so even if I had started my btc client (which is how I would think I would be able to actually do a double spend) it would have been weeks or months behind in the block chain so by the time I would be synced with the block chain the coins would probably have been confirmed...

Although for future reference how would I do a double spend?  It seems like it would have to be done manually and if this happens and I'm lucky enough to see it in time then I could try to stop it... It was just a fluke that I saw the coins being stolen as I'm sure most people don't notice until it would be way to late...

Thanks
Not really sure which clients allow it. Maybe Bitcoind and maybe Bitcoin-qt with some adjustments. Anyone got any other wallets?
member
Activity: 70
Merit: 10
Sorry for your loss.  Embarrassed

You probably will not recover them.  Start making backup plans NOW for your mortgage (friends, family) and don't expect anything to come from this thread.

Yeah... I'm just hoping that maybe, just maybe something could be done... I'm just so pissed that I pretty much watched it happen, when I saw that the coins were taken they were still Unconfirmed!  It had 0 confirmations still! I wish there were a way to stop 0 confirmation transactions... but that is not how it works...

Just hope that maybe someone in the community can do something to help... I've sent a small transaction to the address the thief sent the coins to and embedded a statement that the coins were stolen.

Maybe if people keep putting messages on stolen BTC addresses then it may help deter this stuff, so I'm going to watch this and every time the btc moves I will add that tag again.  Who knows what will happen, I'm hoping for the best...


Also in regards to the other posts, thanks for the suggestions, I'll look into the ip address, I just have NO idea how they got into my account so two things, they are a "pro" hacker and the IP is just a proxy or maybe a lucky script kiddy that did not mask their real IP.

Oh, and the thing about looking at my btc address is that it will never show my actual IP because I don't use a BTC client on my computer, it's all brain wallets, paper wallets and I only import them when I need to use them on an online site like blockchain so all IP's will only show the BTC relays.  It was just a stupid mistake that I left the mining address in that wallet.

Thanks so far...
Actually there is. You could've just tried double spending it by simply sending out another transaction using the same funds with a higher fee. If it confirmed first, you would've gotten your funds back.

Aww damn it!  Although the thing is that I would not be allowed to do a double spend on the blockchain wallet so I figure that it would have to be somehow done manually, perhaps with the actual bitcoin-qt client but I usually move my coins around web wallets and paper/brain/offline wallets so even if I had started my btc client (which is how I would think I would be able to actually do a double spend) it would have been weeks or months behind in the block chain so by the time I would be synced with the block chain the coins would probably have been confirmed...

Although for future reference how would I do a double spend?  It seems like it would have to be done manually and if this happens and I'm lucky enough to see it in time then I could try to stop it... It was just a fluke that I saw the coins being stolen as I'm sure most people don't notice until it would be way to late...

Thanks
legendary
Activity: 1022
Merit: 1000
Freelance videographer
When I followed the trail,the result came up with this: 16hyuu6MQQ1hFcs13Aqow9VKL9ecvJabcc  I'm not sure if this'll help or not but I felt that it was important to tell people and hopefully help out the OP.

The taint analysis comes up with this:https://blockchain.info/taint/16hyuu6MQQ1hFcs13Aqow9VKL9ecvJabcc The two BTC addresses seem to be used more often so maybe start tracking the addressed with '2' in the branch column to find the culprit.

Since my andorid phone is the sole means of accessing my blockchain wallet,how secure is this and should I be worried or not in terms of how safe are my coins on there?

Thanks. Smiley
global moderator
Activity: 3794
Merit: 2612
In a world of peaches, don't ask for apple sauce
Sorry for your loss.  Embarrassed

You probably will not recover them.  Start making backup plans NOW for your mortgage (friends, family) and don't expect anything to come from this thread.

Yeah... I'm just hoping that maybe, just maybe something could be done... I'm just so pissed that I pretty much watched it happen, when I saw that the coins were taken they were still Unconfirmed!  It had 0 confirmations still! I wish there were a way to stop 0 confirmation transactions... but that is not how it works...

Just hope that maybe someone in the community can do something to help... I've sent a small transaction to the address the thief sent the coins to and embedded a statement that the coins were stolen.

Maybe if people keep putting messages on stolen BTC addresses then it may help deter this stuff, so I'm going to watch this and every time the btc moves I will add that tag again.  Who knows what will happen, I'm hoping for the best...


Also in regards to the other posts, thanks for the suggestions, I'll look into the ip address, I just have NO idea how they got into my account so two things, they are a "pro" hacker and the IP is just a proxy or maybe a lucky script kiddy that did not mask their real IP.

Oh, and the thing about looking at my btc address is that it will never show my actual IP because I don't use a BTC client on my computer, it's all brain wallets, paper wallets and I only import them when I need to use them on an online site like blockchain so all IP's will only show the BTC relays.  It was just a stupid mistake that I left the mining address in that wallet.

Thanks so far...
Actually there is. You could've just tried double spending it by simply sending out another transaction using the same funds with a higher fee. If it confirmed first, you would've gotten your funds back.
legendary
Activity: 1316
Merit: 1000
Varanida : Fair & Transparent Digital Ecosystem
No one can help you to recover your money, dude
b!z
legendary
Activity: 1582
Merit: 1010
I hope my blockchain.info coins are safe. I will have to check later.

They are probably still there, but aren't what I would call "safe." Just move them to a new wallet (PLEASE use a new private key) on a hard drive.

Yeah I will have to do that soon. Do you know any easy ways to spend BTC on a cold wallet without using an offline PC, fresh OS install etc?
member
Activity: 70
Merit: 10
My guess is that you either have a keylogger on your computer or you were MITM'd with a keylogger on the page. If you have had malware, it is probably still on your computer. Antivirus scans are not good enough.

What version of Java do you have?

I'm using Java 7 update 25.  I've opened other wallets on that computer as well but those were not emptied.  Maybe the hacker is just waiting for me to put more btc in or something.  Along with a MITM attack I would think they would get to my other accounts like my bank, credit cards, etc... but just my btc was stolen...

This sucks...
vip
Activity: 1316
Merit: 1043
👻
My guess is that you either have a keylogger on your computer or you were MITM'd with a keylogger on the page. If you have had malware, it is probably still on your computer. Antivirus scans are not good enough.

What version of Java do you have?
member
Activity: 70
Merit: 10
There is a slight possibility that you were hit by the bci RNG bug. There is an even smaller chance that you could get compensated for this:

https://bitcointalksearch.org/topic/m.2970668

Note the offer was made a month ago. It might not be available today.

Thanks for the link but it looks like my address was not part of that, hopefully I'll be able to figure out how this happened... My other wallet was completely fine.  Does anyone know if you can tell if the thief actually used MY blockchain account to take the funds or if they found the privaete key somehow (or by brute force) and used their own account to move the btc out of my mining address?

It would really help if I knew that so that I could at least not make the same mistake.
legendary
Activity: 3710
Merit: 1586
There is a slight possibility that you were hit by the bci RNG bug. There is an even smaller chance that you could get compensated for this:

https://bitcointalksearch.org/topic/m.2970668

Note the offer was made a month ago. It might not be available today.
full member
Activity: 210
Merit: 100
Your not getting the funds back make other plans
member
Activity: 84
Merit: 10
Sorry for your loss man, hope someone can track him down for you.
member
Activity: 70
Merit: 10
@timmah
Was you browser open to your blockchain.info wallet at the time when the theft occured? If so, it is possible that either a browser plugin or the website in another open tab stole the coins.

Hi,

No the wallet was not open, I just was checking my balance on blockchain without logging in and saw it was empty, that's when I just about had a heart attack.  I then logged into any and all of my wallets that I may have used and noticed that one of my wallets still had the mining public/private key in there so I assumed that it was a Blockchain hack but the more I look at it, it may not be the case.

Looking into some of other people that had their wallets emptied it was revealed that it was the "Brain wallet" itself that was hacked, as I used dictionary words it would just be a matter of time until someone just brute force hack the address until it matched then they would also have the private key, hind sight is 20/20, I think it would be a lot easier to just hack the btc address offline than trying to crack blockchain.  Then you have all the time in the world to run any brute force hacking without "alerting" someone.

So, I think this is the new or "more recent" way that people are stealing coins "magically' as many people use brain wallets with just dictionary words and maybe a special character or 2 but that is still possible to crack, especially these days with powerful CPUs.  Don't make my mistake!  If you make a brain wallet make sure that it has something else other than just dictionary words, etc.

Lame, over 2 months of mining gone and that is after waiting over a year for my BFL miners which don't pay much anymore.  I'll be lucky to cover power...

Thanks for the comment though.
member
Activity: 70
Merit: 10
So, I have about 3 days until I'm late for the payment and really need some help with what to do about this.  I will be forever grateful to anyone who can help recover these funds.

Thanks everyone.


How could anyone help you?

I am sorry for your loss, but btc transactions can not be cancelled.
Your money is gone. Forever.

Yeah, I understand that but who knows maybe at some point it can be traced back to whoever took them as they do have to send them to be used and I plan to watch the transfers and tag each one with a public message by just sending a few cents to that address with a public message.  Maybe when the thief tries to spend them the other party will reject their coins... at least I hope that there are still honest people who would do that...  If others want to add a tag I would think that would help as well, just in case I didn't see when it was moved and tag it myself first.  Also, I would think that if there are a lot of tags saying the coins are stolen it would get more attention and it only takes a few cents to "tag" their address with a public message.

Thanks for the comment though.
full member
Activity: 202
Merit: 100
@timmah
Was you browser open to your blockchain.info wallet at the time when the theft occured? If so, it is possible that either a browser plugin or the website in another open tab stole the coins.
member
Activity: 70
Merit: 10
I used to use the blockchain mobile wallet but it was glitching pretty bad for me...did you use a mobile wallet?  Did you use an unsecured network like public Wifi?  Did you happen to use a wireless connection?  Did you manually type in the private key or copy/paste it?  I would say Keylogger or man in the middle attack was the culprit.  Yes 2fa 2fa everytime if you ca

I've scanned my computer, the public key was never exposed to an open or an unsecured wireless network.  I'm pretty careful when using web wallets but I think I just figured out how my coins were stolen... It was very likely someone who brute force cracked my brain wallet and waited until my account filed up then hit me...

I thought it was a very secure brain wallet as it had a 7 word phrase with a special character as well but I guess it was not secure enough.  Too many regular words and not enough special characters etc...

On another note, I had created a Blockchain.info wallet and made an alias with the account, at that time the site allowed me to use a 4 character account alias and I most likely saved the actual address or recovery words but it was made so long ago that I think that file was lost with a hard drive crash.  Does anyone know how I would be able to regain access to the account?  I did not know that blockchain had changed the security of the site and did not allow short aliases, now I can't open that wallet even though I have the password too.  If I can open that wallet I may be able to have something to pay, so maybe they won't evict me...

Thanks all...

PS.  I have "secured" my brain wallet so that it would be almost impossible to hack.  Funny, I though the brainwallet was going to be safe given it was 7 words and a special character but I was wrong and it actually seems so obvious looking back at the mistake (FACE PALM).

PPS. If you or someone you know "took" my coins and they are returned to me I will still offer the 5btc reward with no questions asked, that way I won't continue to tag each time the coins are moved with the message that the coins were stolen.  Just send them here 1LTLDiacwf3Kt6aVDbT1jd3KhGwv9arhhu minus the 5btc and no questions will be asked... I need these btc that badly, I'm not sure if Starbucks will let me use their store's power and internet connections to mine bitcoins when I'm homeless... ;(
sr. member
Activity: 532
Merit: 250
So, I have about 3 days until I'm late for the payment and really need some help with what to do about this.  I will be forever grateful to anyone who can help recover these funds.

Thanks everyone.


How could anyone help you?

I am sorry for your loss, but btc transactions can not be cancelled.
Your money is gone. Forever.
full member
Activity: 182
Merit: 100
I hope my blockchain.info coins are safe. I will have to check later.

They are probably still there, but aren't what I would call "safe." Just move them to a new wallet (PLEASE use a new private key) on a hard drive.
sr. member
Activity: 392
Merit: 250
Bitcoin will survive
It's confirmed, and you're probably not going to get it back.
I heard blockchain.info sometimes pays any stolen funds, but I doubt they can do that without any proof.

and its very difficult to give them all proof that you all bitcoins stolen so now you have to manage some other ways to pay your all dues and no one going to help you with this position
full member
Activity: 196
Merit: 100
Sorry to hear about this.

Why do you guys use web wallets ?

Why cant you install bitcoin-qt in your system and use thats way much safer than blockchain.info

If you used mobile to access the website this might have happened

The phone app stores your primary password in plain text, relying on the sandboxing mechanism of the phone OS. And it doesn't support 2-factor. Your secondary characters password could be cracked.

My guess: You have a rooted phone disabling whatever sandboxing protections Android has, and another app on your phone grabbed the cached encrypted wallet on your phone along with the primary password and sent it to the attacker. The attacker then bruteforced the secondary password.

If you think i have helped you donate some coins to me address can be found in my sign
Pages:
Jump to: