Hee Dev,
Can you also do a little bit for Dennis....
Topic: [ANN][XST] Stealth-Coin.com | Tor | StealthText, World's first anonymous SMS Tx! - page 375. (Read 748616 times)
August 02, 2014, 05:04:17 PM
August 02, 2014, 04:56:55 PM
Guys, sorry for your losses.
Some advice.
1. Don't use same passwords, generate new one every time when you need. Use a password manager with autolocking.
For example: KeePass Password Safe. It has some nice features: "The master key dialog can be shown on a secure desktop, on which almost no keylogger works. Auto-Type can be protected against keyloggers, too."
2. Enable TFA (Two Factor Authentication) on an exchanges and on a mail providers. It's not difficult. For example, you should download Google Authenticator to your Android phone and scan QR-code from an exchange (backup the key to your password manager). But it's not a panacea. Somebody using trojan can intercept TFA code entry to the site and use it. But better with than without TFA.
3. Encrypt your wallets (some wallets has error: checkbox "for mint only" do full unlocking not for mint only but for send coins too).
Don't use server in the conf file if you not need it.
4. Don't work under Administrator. Almost all users works as administrator. This is the biggest vulnerability. Work as a normal user with restricted rights and 95-99% of the vulnerabilities will pass you.
5. Antivirus+firewall.
6. Use a sandbox for untrusted software (for example, the Sandboxie or some antiviruses has it).
7. Use the Windows Update.
8. Create backups of your wallets and password regulary (it's not for secure, it's for your calm).
More safe:
Use virtual machine or standalone computer for trusted wallets and exchanges with 1-8 items (don't copy secret info from host machine to the virtual, use the internal password manager).
And the most difficult - go to Linux for coins and exchanges only with 1-8 except Windows specific.
Some advice.
1. Don't use same passwords, generate new one every time when you need. Use a password manager with autolocking.
For example: KeePass Password Safe. It has some nice features: "The master key dialog can be shown on a secure desktop, on which almost no keylogger works. Auto-Type can be protected against keyloggers, too."
2. Enable TFA (Two Factor Authentication) on an exchanges and on a mail providers. It's not difficult. For example, you should download Google Authenticator to your Android phone and scan QR-code from an exchange (backup the key to your password manager). But it's not a panacea. Somebody using trojan can intercept TFA code entry to the site and use it. But better with than without TFA.
3. Encrypt your wallets (some wallets has error: checkbox "for mint only" do full unlocking not for mint only but for send coins too).
Don't use server in the conf file if you not need it.
4. Don't work under Administrator. Almost all users works as administrator. This is the biggest vulnerability. Work as a normal user with restricted rights and 95-99% of the vulnerabilities will pass you.
5. Antivirus+firewall.
6. Use a sandbox for untrusted software (for example, the Sandboxie or some antiviruses has it).
7. Use the Windows Update.
8. Create backups of your wallets and password regulary (it's not for secure, it's for your calm).
More safe:
Use virtual machine or standalone computer for trusted wallets and exchanges with 1-8 items (don't copy secret info from host machine to the virtual, use the internal password manager).
And the most difficult - go to Linux for coins and exchanges only with 1-8 except Windows specific.
Sorry to the guys for their loss, that sucks :/.
Cheers to this poster for this. Very good. I'm going to check out that password manager, also sanbox is a great idea, I totally forgot about them. Any recomended sandbx software?
August 02, 2014, 04:55:45 PM
Send......
August 02, 2014, 04:50:20 PM
Hee dennis,
I give you 1000xst i'am so sorry for you. I hope some other people help also...
I give you 1000xst i'am so sorry for you. I hope some other people help also...
woww... thats really nice from you Zeerobje! I really this!ZeeRobje: my adress is RzPMCaQxjxCNCyw2eiYsLqU2MWe45vFfLU
Maby thanks!
August 02, 2014, 04:33:47 PM
Hee dennis,
I give you 1000xst i'am so sorry for you. I hope some other people help also...
I give you 1000xst i'am so sorry for you. I hope some other people help also...
woww... thats really nice from you Zeerobje! I really this! August 02, 2014, 04:32:24 PM
I use lastpass in Firefox myself. And use the maximum allowed characters (16-20) with all character types for generated passwords makes it virtually impossible to brute force. I listen to the Security Now podcast from Twit.tv network and Steve Gibson said a while back that some research had come up on hacks of windows that 95+ % of all attacks would be prevented if people would make themselves a standard user instead of admin. Then just use the admin password when required by certain actions. It sometimes can be a hassle but if a simple change like that keeps bad guys out of my system, I will deal with the small hassles.
August 02, 2014, 04:26:37 PM
Hee dennis,
I give you 1000xst i'am so sorry for you. I hope some other people help also...
I give you 1000xst i'am so sorry for you. I hope some other people help also...
August 02, 2014, 04:22:59 PM
What is happening with XST, why so many hacked, do anyone try to destroying XST coins or it was mistake by user who got hacked.
User error. It has nothing to do with XST and honestly should be discussed elsewhere.
Protect your accounts and wallets with good passwords and 2FA where possible.
August 02, 2014, 04:14:40 PM
What is happening with XST, why so many hacked, do anyone try to destroying XST coins or it was mistake by user who got hacked.
August 02, 2014, 03:27:29 PM
hey guys, sorry for what happened
August 02, 2014, 02:56:25 PM
Iam gonna buy more XST
August 02, 2014, 02:52:22 PM
I'm now in contact with bittrex. Hope that i can get back my coins!
Me too!
are you hacked to?
So for now HunterS You en Me?
Sorry to hear man that really sucks. I've got a lot of coins on Bittrex and no theft on my side. Everyone get a solid password manager and authy as security, I think it's time for XST cold storage wallets.
Hey,
I share this on twitter. But it's looks like that more people that used 2FA are hacked. Time to get explain from bittrex
Wait, so Google 2FA was hacked as well? Why do I not believe this?
August 02, 2014, 02:41:56 PM
Sorry to hear man that really sucks. I've got a lot of coins on Bittrex and no theft on my side. Everyone get a solid password manager and authy as security, I think it's time for XST cold storage wallets.
Just put them in regular wallets and let them stake.
August 02, 2014, 02:40:29 PM
I'm now in contact with bittrex. Hope that i can get back my coins!
Me too!So for now HunterS You en Me?
No. I was saying that I hope you get your coins back.
August 02, 2014, 01:43:55 PM
I'm now in contact with bittrex. Hope that i can get back my coins!
Me too!
are you hacked to?
So for now HunterS You en Me?
Sorry to hear man that really sucks. I've got a lot of coins on Bittrex and no theft on my side. Everyone get a solid password manager and authy as security, I think it's time for XST cold storage wallets.
August 02, 2014, 12:53:32 PM
Guys, sorry for your losses.
Some advice.
1. Don't use same passwords, generate new one every time when you need. Use a password manager with autolocking.
For example: KeePass Password Safe. It has some nice features: "The master key dialog can be shown on a secure desktop, on which almost no keylogger works. Auto-Type can be protected against keyloggers, too."
2. Enable TFA (Two Factor Authentication) on an exchanges and on a mail providers. It's not difficult. For example, you should download Google Authenticator to your Android phone and scan QR-code from an exchange (backup the key to your password manager). But it's not a panacea. Somebody using trojan can intercept TFA code entry to the site and use it. But better with than without TFA.
3. Encrypt your wallets (some wallets has error: checkbox "for mint only" do full unlocking not for mint only but for send coins too).
Don't use server in the conf file if you not need it.
4. Don't work under Administrator. Almost all users works as administrator. This is the biggest vulnerability. Work as a normal user with restricted rights and 95-99% of the vulnerabilities will pass you.
5. Antivirus+firewall.
6. Use a sandbox for untrusted software (for example, the Sandboxie or some antiviruses has it).
7. Use the Windows Update.
8. Create backups of your wallets and password regulary (it's not for secure, it's for your calm).
More safe:
Use virtual machine or standalone computer for trusted wallets and exchanges with 1-8 items (don't copy secret info from host machine to the virtual, use the internal password manager).
And the most difficult - go to Linux for coins and exchanges only with 1-8 except Windows specific.
Some advice.
1. Don't use same passwords, generate new one every time when you need. Use a password manager with autolocking.
For example: KeePass Password Safe. It has some nice features: "The master key dialog can be shown on a secure desktop, on which almost no keylogger works. Auto-Type can be protected against keyloggers, too."
2. Enable TFA (Two Factor Authentication) on an exchanges and on a mail providers. It's not difficult. For example, you should download Google Authenticator to your Android phone and scan QR-code from an exchange (backup the key to your password manager). But it's not a panacea. Somebody using trojan can intercept TFA code entry to the site and use it. But better with than without TFA.
3. Encrypt your wallets (some wallets has error: checkbox "for mint only" do full unlocking not for mint only but for send coins too).
Don't use server in the conf file if you not need it.
4. Don't work under Administrator. Almost all users works as administrator. This is the biggest vulnerability. Work as a normal user with restricted rights and 95-99% of the vulnerabilities will pass you.
5. Antivirus+firewall.
6. Use a sandbox for untrusted software (for example, the Sandboxie or some antiviruses has it).
7. Use the Windows Update.
8. Create backups of your wallets and password regulary (it's not for secure, it's for your calm).
More safe:
Use virtual machine or standalone computer for trusted wallets and exchanges with 1-8 items (don't copy secret info from host machine to the virtual, use the internal password manager).
And the most difficult - go to Linux for coins and exchanges only with 1-8 except Windows specific.
August 02, 2014, 12:28:01 PM
I'm now in contact with bittrex. Hope that i can get back my coins!
Me too!
August 02, 2014, 12:13:34 PM
i had 2FA enaled but got a email that is disabled. And now dumped my XST coins and pay out the BTC
You dumped your XST because someone hacked your bittrex account?
How does that make sense?
no i don;t dump my coins! Someone dump my coins.
They hacked my 2FA on bittrex.
I was not at home but got a email from bittrex that the 2FA is disabled. When i came back i saw 0,0 balance everywhere.
I'm now in contact with bittrex. Hope that i can get back my coins!
August 02, 2014, 12:06:19 PM
i had 2FA enaled but got a email that is disabled. And now dumped my XST coins and pay out the BTC
Don't use email 2FA or SMS 2FA where the text is sent to google voice, especially if you are using gmail as your account login.
Probably what happened is that you use a weak gmail password or it got sniped through malware or shitware vulnerability (e.g. teamviewer) and you also had 2FA linked to the same gmail account through google voice SMS 2FA or email 2FA.
August 02, 2014, 12:02:28 PM
i had 2FA enaled but got a email that is disabled. And now dumped my XST coins and pay out the BTC
You dumped your XST because someone hacked your bittrex account?
How does that make sense?
Jump to: