Topic: About 20 Bitcoins STOLEN from my Blockchain.info wallet! 5btc reward! - page 2. (Read 9050 times)

It makes me worried to click any link now. I thought they had to download something on my computer to infect it. Now they say all I have to do is load a page with java and it's over with.

Any tech savvy guys give me some pointers on how to keep my PC protected?

I hope my blockchain.info coins are safe. I will have to check later.

I'm thinking whoever is behind this is getting a lot of people. The address of the other thief has had at least 2 more transactions totaling over 10BTC enter his account since the hack. Is there anybody at blockchain.info that can shed light on the subject, or is that not possible?

I wouldn't be surprised if there is an exploit somewhere along the line.

I used to use the blockchain mobile wallet but it was glitching pretty bad for me...did you use a mobile wallet?  Did you use an unsecured network like public Wifi?  Did you happen to use a wireless connection?  Did you manually type in the private key or copy/paste it?  I would say Keylogger or man in the middle attack was the culprit.  Yes 2fa 2fa everytime if you ca

HUMM it's interesting that someone else had their wallet hacked today as well... it looks like they didn't get that much but it's likely that person didn't have as much in his account.  I don't know if any other people got their blockchain accounts hacked today or within the last 24 hours but if it is more than just me then it could mean that someone found a way to exploit Blockchain wallets!

This could really answer all the questions of how they got into my account because I don't see how anyone could have done it otherwise...

Maybe when others check their blockchain wallets and find that they were hacked too then it would be up to blockchain to fix these... at least this would give me some hope...

I know that technically using the private key on a website can compromise it but what I figured is that it would be safe because it was only used on blockchain which is suppose to be a very "trustworthy" site.  I've done many transactions with the site with no issue at all and for quite a long time as well.

I have no idea how it was compromised, I don't think I've ever given any one the blockchain wallet id and never used that password on another site.  Also it only seems that just that wallet/btc address was compromised as the first thing I did was checked was some other offline btc accounts and they seemed to be fine.

Even my other wallet on blockchain was not compromised so I really have no idea how someone did this.
 
I'm usually very careful to make sure that if I have a wallet which I may "actively" use to transact with others it and don't keep a lot of funds in it.  The mining address/private key should have never been on that account as I normally NEVER leave it on there after I've moved the coins out, so I screwed up by not deleting that from the wallet and not using a "throwaway" wallet which I always delete all keys and then abandon.  It was a wallet that I used a long time ago in the past for BTC-BTC transactions and must have forgot that the mining address was still there.

This just kills me because I have no clue how the account was compromised.  Basically the only site that ever had the private key was Blockchain which is why I didn't think that I would have to worry about the private key getting stolen from within the blockchain site.  The only thing I can think that happened was that someone somehow figured out my wallet address and password but still have no clue how that was done as I've never given anyone that info...

Maybe blockchain would be able to shed some light on this so that at least I can figure out where I went wrong (other than not deleting the private key of my mining address).

Thanks to all for the tips so far, I hope that maybe if any address the coins get sent to is tagged with a public message on the blockchain that the thief won't be able to use it with out raising some alerts...

If you read this thread

https://bitcointalksearch.org/topic/someone-hacked-my-wallet-303795

you will see nothing is considered too high or low. Someone must of went through a lot of searching to steal just over 1BTC.

I am sorry to hear about your loss.

Questions so other newbs like myself can learn.  If OP would have had 2 way authenticator activated and second password for spending transactions could this still have happened?

Next I always see these paper wallet suggestions, but is that really necessary if your protect your computer?  Honestly if paper is the only it really makes Bitcoin less useful since once you put your coins on a paper wallet, spending them is a pain in the butt.

If paper wallets are the way to go for higher quantities, what is considered a high quantity?

If I should start a thread on this no problem, just thought maybe it pertained to this thread.

I hope that it isn't lost on the readers of the OP that continuing to use a Private Key after it has been stored on any website for any length of time is not a good idea.

In my opinion, online wallets are good for microtransactions only. Anything else and you really want full control over your funds. I operate an inputs.io account but as soon as funds enter that wallet they are immediately moved to my offline wallet that I have fully encrypted. I suggest a similar workflow to others for both mobile and online wallets.

I hope that you can make it on your mortgage with your current funds. I'm guessing you can cash in your mining equipment locally if need-be.

It's confirmed, and you're probably not going to get it back.
I heard blockchain.info sometimes pays any stolen funds, but I doubt they can do that without any proof.

I didn't use this with my phone as far that I am aware of.

In the end I guess I should have taken more steps to secure the account and that address was not deleted like I usually do... some very expensive mistakes!

I use a brain wallet to do my mining and when I want to cash out, NORMALLY I would just import the private key into a "throwaway" blockchain wallet, get the BTC then send it over to an exchange then delete all the info from the blockchain wallet, it usually only has anything in it for a few hours.  It also seems that the wallet IDs that are generated are random or use a complex algorithm so it seems to be hard for someone to brute force the wallet AND the password.  Even if they get in it will be pretty much useless as there is no information or btc in there.

This way I don't need a new address every time I "withdraw" the btc and I can keep track of how much I've mined.

It seems that this time that I imported the address to a wallet that SHOULD have been secure and was one that I've set up to "use" for btc-btc transactions.  I imported the brain wallet, moved the btc from the previous mining then forgot to delete the public/private key from it.

I did not realize this until it was too late, I don't know how someone even got the blockchain wallet id and figured out my password.  I would think that blockchain would also have some sort of protection from someone brute forcing the password.  I would think that my other wallets may be compromised if someone hacked my computer... There is a leak somewhere and at this point it looks like blockchain but maybe the private key was compromised and they just imported it into their account and moved the funds.  I'm not sure if you can see that in the transaction log.

I did not have that wallet synced to my phone or anything else, I didn't use 2 factor authentication which was something I should have done.  It's just that that account was not suppose to have that much funds just sitting there anyway as I usually delete any brain wallet private keys that I may have imported into ANY web wallet.

So, it really sucks and I still have no idea how someone got in the Blockchain.info account or figured out my brain wallet, it was a good long phrase with special characters too.

It seems like my other wallets are safe so far but I'm going to re-secure everything.  I really just have no idea how this could have happened... is there some way for someone to figure out what someone's Blockchain's generated wallet address?  

I've opened a ticket with blockchain and see what they say, hopefully something can be done but I doubt it...

Thanks to everyone for the suggestions and information, hopefully at the very least we can lock up those coins so no one will want to use them if they are "marked" stolen on every address that the thief sends them to.

There are many ways... here is one way to do it:

Download this website: bitaddress.org

Save it on an USB stick and boot up your computer without internet connection. Then generate addresses and print out.

PS: I must warn you that even an offline computer could steal your addresses if you ever plug it back online. One way to minimize this risk is to use a live OS such as tails or simply use an old computer that will never connect to the web again.

How exactly can I make one and how do they work?

could you please explain step by step for a newbie what the best way of protecting there bitcoins are, maybe we should create a permenant thread for how todo do this

Out of curiosity, did you use a 2nd password for transfer authorizations?

my advice.

take out a loan to cover your mortgage.

follow the money, maybe the thief will spend them on something, or send them to an exchange, this could maybe somehow tie and identity to this address.

were you using this blockchine.info wallet with your mobile device at any point?

please everyone stop doing this!

paper wallets are really easy to print out.

bitaddress.org

Were the stolen coins in one?

Yeah... I'm just hoping that maybe, just maybe something could be done... I'm just so pissed that I pretty much watched it happen, when I saw that the coins were taken they were still Unconfirmed!  It had 0 confirmations still!  I wish there were a way to stop 0 confirmation transactions... but that is not how it works...

Just hope that maybe someone in the community can do something to help... I've sent a small transaction to the address the thief sent the coins to and embedded a statement that the coins were stolen.

Maybe if people keep putting messages on stolen BTC addresses then it may help deter this stuff, so I'm going to watch this and every time the btc moves I will add that tag again.  Who knows what will happen, I'm hoping for the best...


Also in regards to the other posts, thanks for the suggestions, I'll look into the ip address, I just have NO idea how they got into my account so two things, they are a "pro" hacker and the IP is just a proxy or maybe a lucky script kiddy that did not mask their real IP.

Oh, and the thing about looking at my btc address is that it will never show my actual IP because I don't use a BTC client on my computer, it's all brain wallets, paper wallets and I only import them when I need to use them on an online site like blockchain so all IP's will only show the BTC relays.  It was just a stupid mistake that I left the mining address in that wallet.

Thanks so far...

Sorry for your loss.

Other than trying to follow the money flow you're left with the IP address used to relay the transaction. It may be that whoever stole it didn't mask his IP and in that case maybe you can connect it to an account at blockchain.info, bitcointalk.org etc... not sure if they will help you with that though.

Googling the IP doesn't give us much, but we find this:
derekl [derekl!b83abf54@gateway/web/freenode/ip.184.58.191.84] has joined #zeromq

Apparently a guy "derekl" joined a chatroom with that IP. But does it belong to a gateway? I'm not sure how IRC works there, maybe someone else can comment.