Pages:
Author

Topic: Bitcoin cold storage - HACKED easily (Read 12634 times)

hero member
Activity: 532
Merit: 501
January 27, 2016, 06:57:25 PM
Well what do you say is safer than cold storage? Oh yeah, put all your Bitcoins in an online wallet. This is just stupid.
member
Activity: 66
Merit: 10
January 27, 2016, 06:52:43 PM
"Nevertheless, the possibility that one of the core cryptographic algorithms underpinning bitcoin could be cunningly compromised, allowing a thief to pick the lock of even the most secure addresses, presents a chilling scenario."

OMG

Isn't there any way around this flaw??
hero member
Activity: 764
Merit: 500
I'm a cynic, I'm a quaint
January 27, 2016, 06:42:30 PM
This topic should not have been resurrected. There was little useful discussion in it to start with and it only got worse.

legendary
Activity: 1946
Merit: 1007
January 27, 2016, 11:12:35 AM
If that was the case than why aren't the exchanges hacked more often? Or large holders keeping their coins safe on paper?

Maybe it is time for everybody to switch to hardware wallets though.
hero member
Activity: 756
Merit: 500
January 27, 2016, 10:49:03 AM
So the only truly safe to store Bitcoin is on paper wallet?  Storage of Bitcoin is one of my least favorite parts about Bitcoin, some of it is over the head of the average user that is not super technical.
full member
Activity: 224
Merit: 100
January 27, 2016, 10:42:58 AM
How's that could happened ?

It's going to happen only if there's malware or other program that could do that.
sr. member
Activity: 252
Merit: 250
January 27, 2016, 09:34:37 AM
Your funds are not safe neither in "cold storage". Read:

https://www2.informatik.hu-berlin.de/~verbuech/klepto-ecdsa/klepto-ecdsa.pdf  

or

http://www.coindesk.com/research-hackers-install-backdoor-bitcoin-cold-storage/


many of you said "cold storage is the best". well. it is not. that explains many hacks in Bitcoin which some of the bitcoiners considered to be very safe. Smiley

What's next? Mass withdrawals from Bitcoin. What can you do when you KNOW that your cold storage is exposed to be stolen? You must be stupid to keep your earnings there.

Only few people knew about this exploit. Now, any russian or ukrainian kid will try to hack the cold storages and guess what?! THEY WILL DO IT !    Grin
talk about bitcoin most secure storage,i think its depending how we secure our device too,cold storage maybe not safest way to keep your bitcoin,but i think its better than use only online wallet to store your big mount of your bitcoin.
sr. member
Activity: 406
Merit: 250
Good bye Blockchain , you were hacked
January 27, 2016, 04:24:25 AM
Thats why I bought a HP PAVILION DV 7 with only LINUX and only WALLETS in it. Don't intend to use it for anything else. Thanks for your answers.
full member
Activity: 174
Merit: 100
January 27, 2016, 04:17:21 AM
I just want to share with you guys my story which is also in my avatar.
First I learned about bitcoin in early 2013 and immediately fall in love with it.
I kept all my BTC in blockchain wallet, an online wallet. My bad as I opened it even in my work PC (full of spyware or viruses) so I was stolen my private key from some hacker ,trojan, or backdoor program.

I immediately after then, started using MULTIBIT CLASSIC in LINUX (not a single problem from more than 1 year) I just upgraded yesterday to a new laptop with LINUX mint latest and MULTIBIT HD which has better security.

Whats the risk of my BTC and private keys to be stolen? I think its low ,but what are they in % (using LINUX adds a lot of chances to not getting hacked easily , still possible though) Huh

Opening your online wallet on a PC full of viruses isn't the smartest thing to do... i never use any online wallet though. I only use software wallets, password protected.
legendary
Activity: 2674
Merit: 2965
Terminated.
January 27, 2016, 03:04:01 AM
I kept all my BTC in blockchain wallet, an online wallet. My bad as I opened it even in my work PC (full of spyware or viruses) so I was stolen my private key from some hacker ,trojan, or backdoor program.
Whats the risk of my BTC and private keys to be stolen? I think its low ,but what are they in % (using LINUX adds a lot of chances to not getting hacked easily , still possible though) Huh
Even though you kind of made a relevant post, you still revived a very old threads for no good reason. Nobody can tell you a chance in %; exact chances in these cases can not be calculated to the high amount of variables. It is certainly possible to get hacked but is rather improbable. It depends solely on you, not anyone else. If you want to be even more sure then use a system solely for running Bitcoin.
sr. member
Activity: 406
Merit: 250
Good bye Blockchain , you were hacked
January 27, 2016, 02:59:59 AM
I just want to share with you guys my story which is also in my avatar.
First I learned about bitcoin in early 2013 and immediately fall in love with it.
I kept all my BTC in blockchain wallet, an online wallet. My bad as I opened it even in my work PC (full of spyware or viruses) so I was stolen my private key from some hacker ,trojan, or backdoor program.

I immediately after then, started using MULTIBIT CLASSIC in LINUX (not a single problem from more than 1 year) I just upgraded yesterday to a new laptop with LINUX mint latest and MULTIBIT HD which has better security.

Whats the risk of my BTC and private keys to be stolen? I think its low ,but what are they in % (using LINUX adds a lot of chances to not getting hacked easily , still possible though) Huh
legendary
Activity: 1176
Merit: 1010
Borsche
March 17, 2015, 10:52:02 AM
there are many hacking reports daily.


Where can we see those reports?

In OPs heavily hallucinating brain Smiley I guess it's scary to live your life when you don't understand anything you read, as is the case with OP. To him, most probably reading an article that "eating dangerous substances can sometimes lead to death" equals to a summary of "eat = die". I feel sorry for him.
full member
Activity: 131
Merit: 100
February 01, 2015, 05:39:40 AM
there are many hacking reports daily.


Where can we see those reports?
member
Activity: 112
Merit: 10
★Bitin.io★ - Instant Exchange
February 01, 2015, 05:21:08 AM
Since getting into bitcoin, I have never seen anything so full of made up FUD just to try push people out.

This is the same as when a new player joins an online game. He is bulled, threatened and made to feel weak until they eventually leave the game.

The problem I see with bitcoin is there are too many people who's intention is to push people away from bitcoin.
legendary
Activity: 1022
Merit: 1007
Sooner or later, a man who wears two faces forgets
January 31, 2015, 01:50:57 PM
So i read the whole post and to find out here afterwards that it was fake  Cry
THough it is good that it was fake , would have costed me lot of work to make them more safe
hero member
Activity: 1372
Merit: 783
better everyday ♥
January 29, 2015, 01:12:02 PM

That would not help with this attack, as the keys are compromised during the signing whether it happens online or offline. If you have a system running a compromised version of ECDSA, there's nothing you can really do to protect the private key of an address that's been used to sign a transaction. That being said, the attacker first has to get you to use a compromised version.
Which definitely can't be defined as 'easily'.
The hack would be rather hard to deploy, especially on a larger base.

large scale = any online wallet can be compromised in this way. When it's about computer, you can not be ever sure. Anyway, why would someone keep a large amount of funds in BTC by having the fear that he can wake up in a morning and see : balance ZERO.

Stop trying to spread FUD dude.  

It's already been established, it's near impossible to hack cold storage, unless that attacker somehow installed the compromised version of ECDSA on the cold offline wallet.

Can't be done, only in theory.

who established ? Smiley  

Carlos Rienzi, head of Security at Xapo:

https://blog.xapo.com/xapo-responds-to-coindesk-article-on-susceptibility-to-backdoor-attack/

Your myth has been debunked.

BUSTED!     Grin

final words : "we believe that our deep cold storage architecture offers the highest levels of bitcoin storage security available by any bitcoin company."

why do you show me ADVERTING? Smiley


Not sure what ADVERTING is, but whatever Xapo is selling, I'm buying.   Roll Eyes
legendary
Activity: 1470
Merit: 1004
January 29, 2015, 12:49:53 PM

That would not help with this attack, as the keys are compromised during the signing whether it happens online or offline. If you have a system running a compromised version of ECDSA, there's nothing you can really do to protect the private key of an address that's been used to sign a transaction. That being said, the attacker first has to get you to use a compromised version.
Which definitely can't be defined as 'easily'.
The hack would be rather hard to deploy, especially on a larger base.

large scale = any online wallet can be compromised in this way. When it's about computer, you can not be ever sure. Anyway, why would someone keep a large amount of funds in BTC by having the fear that he can wake up in a morning and see : balance ZERO.

Stop trying to spread FUD dude.  

It's already been established, it's near impossible to hack cold storage, unless that attacker somehow installed the compromised version of ECDSA on the cold offline wallet.

Can't be done, only in theory.

who established ? Smiley  

Carlos Rienzi, head of Security at Xapo:

https://blog.xapo.com/xapo-responds-to-coindesk-article-on-susceptibility-to-backdoor-attack/

Your myth has been debunked.

BUSTED!     Grin

final words : "we believe that our deep cold storage architecture offers the highest levels of bitcoin storage security available by any bitcoin company."

why do you show me ADVERTING? Smiley
hero member
Activity: 1372
Merit: 783
better everyday ♥
January 29, 2015, 12:46:17 PM

That would not help with this attack, as the keys are compromised during the signing whether it happens online or offline. If you have a system running a compromised version of ECDSA, there's nothing you can really do to protect the private key of an address that's been used to sign a transaction. That being said, the attacker first has to get you to use a compromised version.
Which definitely can't be defined as 'easily'.
The hack would be rather hard to deploy, especially on a larger base.

large scale = any online wallet can be compromised in this way. When it's about computer, you can not be ever sure. Anyway, why would someone keep a large amount of funds in BTC by having the fear that he can wake up in a morning and see : balance ZERO.

Stop trying to spread FUD dude. 

It's already been established, it's near impossible to hack cold storage, unless that attacker somehow installed the compromised version of ECDSA on the cold offline wallet.

Can't be done, only in theory.

who established ? Smiley 

Carlos Rienzi, head of Security at Xapo:

https://blog.xapo.com/xapo-responds-to-coindesk-article-on-susceptibility-to-backdoor-attack/

Your myth has been debunked.

BUSTED!     Grin
legendary
Activity: 1470
Merit: 1004
January 29, 2015, 12:36:39 PM

That would not help with this attack, as the keys are compromised during the signing whether it happens online or offline. If you have a system running a compromised version of ECDSA, there's nothing you can really do to protect the private key of an address that's been used to sign a transaction. That being said, the attacker first has to get you to use a compromised version.
Which definitely can't be defined as 'easily'.
The hack would be rather hard to deploy, especially on a larger base.

large scale = any online wallet can be compromised in this way. When it's about computer, you can not be ever sure. Anyway, why would someone keep a large amount of funds in BTC by having the fear that he can wake up in a morning and see : balance ZERO.

Stop trying to spread FUD dude. 

It's already been established, it's near impossible to hack cold storage, unless that attacker somehow installed the compromised version of ECDSA on the cold offline wallet.

Can't be done, only in theory.

who established ? Smiley 
member
Activity: 98
Merit: 10
January 26, 2015, 02:34:53 PM
So what everybody needs to realize is that if you don't have the common sense to take proper precautions, you will get hacked.
Pages:
Jump to: