Topic: ALL of my bitcoins stolen (Around 60) . What the F*CK. - page 5. (Read 16802 times)

Encrypting the wallet will help, but it doesn't solve the problem. When the BitCoin client is running, it will have decrypted your private keys and they will likely be in the memory of your machine. If you have a virus on your machine, that virus can access memory and get your private keys. Even if the devs of BitCoin work real hard and keep your keys encrypted when in memory, at some point they have be decrypted so they can be used. They may only be in memory or machine registers for a few milliseconds, but if you have a smart enough virus, your keys (and your BTC) will be compromised.

Encryption will help when the Bitcoin client is not running and it will protect you against an attack against your backups or other offline copies of your data.

It is essential for security (and the safekeeping of your BTC) that you keep your machine virus and malware free. If you can get to your money on your machine, so can a virus.

There is lots of good advice out there on how to keep your machine virus free, but the basics are to keep your machine patched, use antivirus, and never, ever, under any circumstances, access the Internet when you are logged in with administrative, root, or any other kind of elevated privileges.

In the Windows world turn on auto updates and let them run every day. Use a current, supported version of windows (that means Windows 7, not XP.) The anti-virus software the Microsoft gives out for free is solid - there is no excuse to not have anti-virus protection. Make sure your login account is not an "administrator". Only log in as an administrator when you want to install software.

In the Linux world, make sure you apply security packages from your distribution frequently. Don't run as root.

I don't post this to taunt or scold the OP, just to provide advice to prevent it happening to others.

Encryption cannot protect wallets in use, because your legitimate client has to decrypt it anyway. Encryption is good for backups only.

The client is still young. The bitcoin system itself is very secure, robust and well designed. It is the client that is the problem. The client keeps a wallet in plaintext. And notice the version 0.33, it is still beta. Things will resolve themselves. Bitcoin is still very young, we are all early adopters here.

Well said. IMHO this was a big faux paux on the part of Satoshi and the early devs. They should've foresaw the coming waves of thieves that would try anything to get their hands on a person's BTC.

Let me just put it this way. BTC was a system designed by coders for coders. It was meant to be an interesting experiment. I don't think the "elders of bitcoin" foresaw that it would grow into what it is today. They were caught off-guard.

Can't find it myself either.  Google show nothing...

True :/ . But I think there can be such a case as within a reasonable doubt. I bet there are other people who've had the same thing happen to them but they're afraid to ever speak of it for they know that forum trolls will just plain ridicule them.

There are thing that the OP can do however to be more convincing such as consult with an expert in BTC security or someone at one of the exchanges, send him the wallet.dat file, have it analyzed. Send the debug.log. Submit a theft report to the police and share that with a trusted member of the BTC community. But *shrug* in the end most will still yell "scammer" or 'liar"

They are working on encryption. It should be in the next version.

https://github.com/bitcoin/bitcoin/pull/232

Ha! There are ways to mitigate the risks and make it a lot harder for a hacker to get at your BTC. The worst thing is to just leave it in plain sight sort of speak where any simple coder can just ftp or e-mail the wallet.dat file.

I know mocking windows is a fun past time for many, but lets look at a few facts we already know:
1. The machine is terribly out of date, without even SP1
2. I dont know of any os that is safe to use out of date
3. Windows is targetted more because its used more

And 3 is the kicker. Not being able to use windows with bitcoin is eliminating what, 80% of the world from bitcoin? Sounds like a great plan.

Besides, many of these types of attacks could probably have been prevented with an encrypted wallet, currently a HIGH priority of devs, and yet nobody dares blame them. And to those that say 'encrypting the wallet will make no difference' do you really think that the devs are thus adding it to pander to 'noobs', but that is secretly known as a waste of time?

There is security in bitcoin, but it has to be YOU! Don't count on security by default...

I've been thinking and I've come to the conclusion that Satoshi and the dev team should have never released a bitcoin client for windows!!!

Then right now we'd all be a bunch of Linux geeks enjoying our geeky little currency and nobody would've had the opportunity to steal from us. Later on maybe once the security of the default client is vastly improved, then and only then release a windows version. Just my 2 cents.

It is hard because there is no way to prove the theft. The nature of bitcoin makes it impossible.

Keep proving the world that you are a bitter troll with no clue about computer security. A wallet.dat encryption is a false security feature, go troll somewhere else.

Hmm..a namecoin binary that steals bitcoins...nice trojan...

I don't think they really care about any sum. It all gents blamed on the victim. Tough love?

Oh here we go..attack of the Linux nerds!

OMG OMG the default bitcoin cleint's security sucks..OMG unencrypted wallet.dat is such a good idea!

Anyways, this is the standard response most of you give...so yeah..moving on.

This sucks and is really putting me off investing in bitcoin.

What is the point if some hacker can just come in under my nose and steal everything?

There is no security in bitcoin, it's ridiculous.

Yeah tell me about it. I've been kicking myself over not doing that. Really the only thing I should've been using windows for is gaming and running trading applications, the rest Linux can do almost anything Windows can now.

The only thing that I suspect at this point is some virus. Also that namecoin binary seems interesting because I too ran a namecoin binary two days before I got hacked. I wonder...hmm...

Before you format make a vmware image (or whatever other imaging program you prefer) of your running system - for forensic analysis. Get in touch with the major exchanges and report your coins stolen. They will need some hardcore proof but if there is even the slightest chance of gaining them back I'd say it's worth it.

If it is a targeted bitcoins virus, it would just loads up your wallet and sends the info via a web call. Your firewall wouldn't even stop a gets. It is really unlikely that any virus programs are going to catch something that simple, antivirus software hasn't yet learned that anything accessing wallet.dat is probablt bad. Of course, since no one should be stupid enough to run such a program, it is possible that it got injected through some known exploit. In that case, antivirus should find it.


Things on the forum are the most suspicious, since the forum is the best way to get malicious software out. If I had to guess, I would start there. I would hate to see someone use namecoin this way, but you never know.

EDIT: I can't find that link anywhere on the forum. Where did you find it?

conficker gives the attacker remote control of your pc, ala botherder.

you think nobody would bother to do this? symmantec already blogged aobut this possibility, albiet they postulated that the control would be to use the pcs as miners. But surely, stealing the unencrypted wallet is far more profitable than remote mining.... and a F load easier.

Damn, this sucks, another one.

I too had Win 7 without SP1 on there.

I'm wondering, were you also running RDP or VNC services? VNC for example could've been cracked if you had an easy to guess password.

Try running a bunch of online virus scaners like bitdefender, f-secure online scan, eset online scan, panda activescan...

Run spybot, malwarebytes..and last but not least combofix in case you may have a rootkit. Either way dude I strongly recommend you format, reinstall get yourself a legit copy of Win 7 if you don't already have it and update to SP1. Also if you are inclined to learn a bit about linux setup a dedicated linux box to store your bitcoins on. At the very least run a Linux install in Vmware or something.