Bitcoin developer @lukedashjr's wallet was hacked - page 12.

fillippone

legendary

Activity: 2268

Merit: 16328

Fully fledged Merit Cycler - Golden Feather 22-23

Quote from: bitmover on January 02, 2023, 02:44:44 PM

This is probably Luke's fault. He is human. He knows a lot, and probably trusted more than he should in his skills.

Complacency. This is the root cause of all this.
Thinking you are safe, make you do stupid things.
For example not moving your coins when you had the proof of a successful attack to your servers.

Quote from: bitmover on January 02, 2023, 02:44:44 PM

Did he had all those 3 million USD in the same wallet? Why didn't he put in at least 5 different wallets?

Those aver very old UTXO from a time when there were no such things as "wallets" , or proper HD ones.

In the compromised wallet.dat (now I get the irony of your question), there were UTXO with unrelated private keys, if this is what you are asking for.

MysteryMiner

legendary

Activity: 1512

Merit: 1049

Death to enemies!

Quote from: dezoel on January 02, 2023, 04:21:12 PM

It's definitely a sign that none of the cryptos at just a singular place is safe, no matter if it is in your ledger or on your pc or anything else. Singular place is always terrible.

Many people claim that "not your keys not your coins" because of exchange hackings, but at the same time if you end up putting it on binance, do you really think that binance will be hacked so big that they will fail to pay the customers? They have so much money that you could empty all of their hot wallets today, and their cold wallets would still cover everyone's funds. That is why I highly believe that they are going to be the best case if you want to safely secure your coins.

You could just send your coins to me for safekeeping. I also will not bend to LEA if ordered to freeze your coins. Single place is OK as long as it is only Your control and nobody else.

dezoel

legendary

Activity: 2044

Merit: 1075

Leading Crypto Sports Betting & Casino Platform

It's definitely a sign that none of the cryptos at just a singular place is safe, no matter if it is in your ledger or on your pc or anything else. Singular place is always terrible.

Many people claim that "not your keys not your coins" because of exchange hackings, but at the same time if you end up putting it on binance, do you really think that binance will be hacked so big that they will fail to pay the customers? They have so much money that you could empty all of their hot wallets today, and their cold wallets would still cover everyone's funds. That is why I highly believe that they are going to be the best case if you want to safely secure your coins.

MysteryMiner

legendary

Activity: 1512

Merit: 1049

Death to enemies!

Am I only one who find this amusing? Remember, Luke Dash-Junior is the fukker responsible for 51% attack against CoiledCoin by abusing mining pool power controlled by him.

Also, still nobody managed to hack me and steam my coins. And I am confident that nobody will be able. I am better in computer security than Luke.

Emitdama

sr. member

Activity: 1914

Merit: 328

Quote from: uneng on January 01, 2023, 08:05:03 PM

I think it's better to rely on a good and old notebook than on any digital devices...

Notebooks can be damaged easily by natural calamities so there is still a danger on storing our keys there but a good one would be to embed them on some stainless metal. Hardware wallets is good too but we should only use the popular brands only to be sure that they are safe.

Quote from: Wind_FURY on January 02, 2023, 04:55:09 AM

That's a coordinated/targeted-attack, and probably his way of securing the keys were not very good enough. I believe we should learn from this, and start using different paths/strategies to secure our keys. If you have your whole savings in Bitcoin it's probably better to use different wallets and secure them differently to confuse the attacker. Use - Hardware Wallets, Encrypted Wallets, and other wallets written down and secured through lock/key vaults.

It is said that it was a bitcoin developer so it's somehow surprising if he didn't store his coins properly but we can't also underestimate the hackers. This news wasn't alone though but there are even exchanges who got hacked and we know that exchanges do also have a better security because they hold a lot of cryptos. The amount lost by the guy isn't small so will definitely learn from this and use a different approach to secure his coins.

suzanne5223

hero member

Activity: 2660

Merit: 651

Want top-notch marketing for your project, Hire me

I read some of Luke Dash jr tweets relating to the comprised wallet and he said " If you're using a very old #Bitcoin Knots, it might expire today. Don't upgrade it. Instead, add to your bitcoin.conf file:softwareexpiry=0 or just wait to upgrade and use it until the dust settles."
I have no tech knowledge about Bitcoin core development but could this be that his wallet comprised attack all started from a dust attack?

This is why I always advise people to always use privacy services when moving cryptocurrency to their holding wallets. For the record doing this through Crypton Exchange only cost a few cents and the withdrawal are instant with no daily limit.

bitmover

legendary

Activity: 2352

Merit: 6089

bitcoindata.science

Quote from: fillippone on January 02, 2023, 08:08:21 AM

Two consequences:
1.A lot of bad FUD will come out of this story. "if even an OG bitcoin- core developer" cannot take his Bitcoin safe, who on Earth will be able to do so?"
2.Many of us will review practices to become more responsible managing satoshi. A long overdue review of all the processes involving UTXO manipulation will be carried out by most of us, following this new. And this is a good thing.

I have been thinking about the consequences as well, but I think this is all FUD.

This is probably Luke's fault. He is human. He knows a lot, and probably trusted more than he should in his skills.

Did he had all those 3 million USD in the same wallet? Why didn't he put in at least 5 different wallets?
Was he betrayed by someone close to him?

The main problem imo is that this is good for CZ and Binance.

Recently CZ was saying that "99% of people today holding crypto themselves will end up lose it"

Fonte: https://twitter.com/BTC_Archive/status/1603413440948834305

So, a few days later, a Bitcoin Core dev just lose it. In my local board there are already people saying that people should keep their funds in exchanges because it might be safer. Well, it is not!

This is an isolated case, and bitcoin is not at risk, and people should still be using hardware wallets to protect their money (IMO)

fillippone

legendary

Activity: 2268

Merit: 16328

Fully fledged Merit Cycler - Golden Feather 22-23

Quote from: adaseb on January 02, 2023, 01:15:47 PM

Can someone that knows him tell him to post something on his Mastodon or Bitcointalk account. People are asking him to post on another social medium to prove its him but he refuses. Normally he posts first to Mastodon and then Twitter, however now he doesn't post anything on Mastodon.
<...>

All I can tell is someone else has been trying to contact him and while someone had confirmation of all this (Peter Todd, he confirmed over Twitter the story is original), other haven't been able to contact him directly (Giacomo Zucco confirmed he messaged him on Telegram, but he hasn't got any answer so far.).

darkangel11

legendary

Activity: 2478

Merit: 1360

Don't let others control your BTC -> self custody

Quote from: adaseb on January 02, 2023, 01:15:47 PM

Can someone that knows him tell him to post something on his Mastodon or Bitcointalk account. People are asking him to post on another social medium to prove its him but he refuses. Normally he posts first to Mastodon and then Twitter, however now he doesn't post anything on Mastodon.

When a Bitcoin OG posts something such as

Quote

"How do I download it and know it's not infected?"

its very strange because we all know you are suppose to verify the checksum after the download to confirm its legit.

This is like Satoshi making a post and saying something like "How can I mine Bitcoins on my Cell phone".

I also think it's strange. He said he has no time for Mastodon right now or something like that...
He wants FBI to help him, says they got his cold storage Huh

Cold storage isn't really cold if you can hack it.
I have a cold storage that's on an unplugged computer with a clean system that was never used to browse sites or download any software, which I'll turn on only when I decide to move my bitcoins.
This is incredible that a dev who uses a specialized hardware (Talos) with linux, doesn't secure his coins better and wants the FBI to help him.

Hispo

legendary

Activity: 1162

Merit: 2025

Leading Crypto Sports Betting & Casino Platform

Quote from: adaseb on January 02, 2023, 01:15:47 PM

Can someone that knows him tell him to post something on his Mastodon or Bitcointalk account. People are asking him to post on another social medium to prove its him but he refuses. Normally he posts first to Mastodon and then Twitter, however now he doesn't post anything on Mastodon.

When a Bitcoin OG posts something such as

Quote

"How do I download it and know it's not infected?"

its very strange because we all know you are suppose to verify the checksum after the download to confirm its legit.

This is like Satoshi making a post and saying something like "How can I mine Bitcoins on my Cell phone".

Exactly what I think.
All this is horrible news and only fuels my paranoia, still before jumping into conclusions, I will wait for an official statement, because we all know that hacking Twitter accounts is possible, and I want to assume a Core developer would know how to take care their Bitcoin in a proper manner.

Also, is there any way to know whether he revoked his PGP keys or not? I have seen many comments on this thread mentioning he has not done so yet.

Fingers crossed all this is just a Ruse. Sad

adaseb

legendary

Activity: 3808

Merit: 1723

Can someone that knows him tell him to post something on his Mastodon or Bitcointalk account. People are asking him to post on another social medium to prove its him but he refuses. Normally he posts first to Mastodon and then Twitter, however now he doesn't post anything on Mastodon.

When a Bitcoin OG posts something such as

Quote

"How do I download it and know it's not infected?"

its very strange because we all know you are suppose to verify the checksum after the download to confirm its legit.

This is like Satoshi making a post and saying something like "How can I mine Bitcoins on my Cell phone".

NotATether

legendary

Activity: 1568

Merit: 6660

bitcoincleanup.com / bitmixlist.org

Quote from: PrivacyG on January 02, 2023, 09:36:52 AM

Not trying to joke around or anything. But could this be a 'lost my Monero in a boat accident' kind of 'hack'? I can not wrap my head around how this could have happened. Unless lukedashjr's way of storing his balance was mediocre.

The only way I can think of this happening is in a non-standard storage configuration:

- PGP key is used to encrypt multiple Bitcoin private keys
- To spend the bitcoins, the password of the key is entered, and a transaction is made (by hand??)
- Hacker steals PGP key and message, and places a keylogger to get the password. Then they can swipe the coins.

Keep in mind I am still assuming at this point, this is probably NOT how he actually set up his cold wallet.

adaseb

legendary

Activity: 3808

Merit: 1723

Quote from: MiliMil on January 02, 2023, 05:37:59 AM

What would be the safest and most secure setup for a cold wallet? I am now unsure how to transfer from cold wallet to an online address without compromising security.
Would it be possible to transfer BTC from cold wallet to another cold wallet and then send from that secondary cold wallet to an online address? That way my original cold wallet isn't connecting to the internet or being directly exposed?

Years ago I used to use a USB stick between offline and online computer. Then I read somewhere that its not perfectly safe because if the online computer has some worm, it can jump onto the USB key, and then when you connect the USB key to the offline computer it can infect that computer and steal coins. This was far fetched but it made me worry. So I searched for a full proof method.

Basically my old laptop had a crappy camera. However this camera sucked and couldn't read large QR codes. It also had a SD card reader. So what I did was use an old camera from 1995. And I would take photos of the QR code on ONLINE computer, put that SD card into the OFFLINE computer and read it and sign it. That SD card NEVER was connected to the online computer.

Once I signed the transaction, you can take your iPhone, go to Camera and point at QR code and it will display the signed raw transaction that you can later just go to an online block explorer and push it.

This way there is an "AIR GAP". This is probably even safer than hardware wallets however its a ton of work.

coolcoinz

legendary

Activity: 2814

Merit: 1192

Quote from: franky1 on January 02, 2023, 11:08:17 AM

Quote from: coolcoinz on January 02, 2023, 11:01:42 AM

I don't get the part about his server being hacked months ago. I'd take that as a warning that somebody is working on getting my coins and moved all of it even deeper into cold storage, probably to a hardware wallet.

his coins were on old legacy keys (before seeds were even a thing, before hardware wallets(seed based) were a thing)
he had backups EG (maybe)paper wallet and/or (most probably) usb drive of wallet.dat files

This comment is interesting.

https://mobile.twitter.com/vicariousdrama/status/1609925987453571073

If this is true he was using those addresses for donations. Was this a double spending issue? Did someone somehow attach another transaction to the existing one?
I have to say this is fare above my level, but somehow someone had to get access to his private key stored on that machine. I doubt it was really a cold wallet (paper/USB) He must've had it on one of his workstations.

If hacking cold wallets was possible like that someone would've got Satoshi's coins long ago.

franky1

legendary

Activity: 4410

Merit: 4766

Quote from: coolcoinz on January 02, 2023, 11:01:42 AM

I don't get the part about his server being hacked months ago. I'd take that as a warning that somebody is working on getting my coins and moved all of it even deeper into cold storage, probably to a hardware wallet.

his coins were on old legacy keys (before seeds were even a thing, before hardware wallets(seed based) were a thing)
he had backups EG (maybe)paper wallet and/or (most probably) usb drive of wallet.dat files

coolcoinz

legendary

Activity: 2814

Merit: 1192

I don't get the part about his server being hacked months ago. I'd take that as a warning that somebody is working on getting my coins and moved all of it even deeper into cold storage, probably to a hardware wallet. I mean I already have mine on a hardware wallet but from the looks of it Luke had it all on his machine and thought that since they all connect to a routing server and the hacker couldn't get into them last time, they're safe.
It's easy to say now after the fact but wiping the server and reinstalling everything after the first hack might've been a good idea. Getting in touch with the ISP to change your IP within their network might help too. We're talking about 3 million in BTC, no amount of scrutiny is too much.

franky1

legendary

Activity: 4410

Merit: 4766

i know alot of people think there is a single telephone number that if you call it, 'CSI:cyber crime' team answer and speedily arrive at your house in 20 minutes to explore your computer.. sorry.. this is not how things work

Quote from: stompix on January 02, 2023, 10:36:05 AM

But I'm still not entirely convinced of this story, not because of the haking part, the coins moving etc, but this line in his tweet..

Quote

@[email protected] on Mastodon @LukeDashjr
What the heck @FBI@ic3 why can't I reach anyone???
9:19 PM · Jan 1, 2023

if you read it properly and apply logic and common sense against it too
(if you read his other tweets it makes more sense in full context)

he did contact authorities by the usual routes(phone).. they were not interested/unable to help. his tweet was just a rant not a plea for help

to get hold of FBI you have to go through a rigmarole of call centres to escalate the situation. also it was late night of new years day. dont expect miracles

he was obviously not able to get to the centre of the FBI... and local authorities were (as known from other incidences of many people) just got sent around the pass the bucket brigade of call centres, saying there is "nothing they can do at local level and here is a crime reference number, bye"

stompix

legendary

Activity: 2912

Merit: 6403

Blackjack.fun

Quote from: fillippone on January 02, 2023, 08:08:21 AM

Two consequences:
1.A lot of bad FUD will come out of this story. "if even an OG bitcoin- core developer" cannot take his Bitcoin safe, who on Earth will be able to do so?"

That's the first thing I've thought about after reading achow101 reply stating that is is indeed real, this is just giving unlimited ammunition to critics, if the guy that helped develop the code, that for sure is more knowledgeable about risks and security, what about the uneducated that are risking everything, I can almost hear 1 million Helen Lovejoy screaming!

But I'm still not entirely convinced of this story, not because of the haking part, the coins moving etc, but this line in his tweet..

Quote

@[email protected] on Mastodon @LukeDashjr
What the heck @FBI@ic3 why can't I reach anyone???
9:19 PM · Jan 1, 2023

This feels like trolling, why would you tweet that? For sure he knows better than everyone how a complaint is filed and how you deal with it, but tweet about this?
But assuming this is real, stay away from bitcoin knots fro a while (I doubt that many were using it in the first place)

Quote

That's how you might verify that your Bitcoin Knots or Core download isn't infested with malware.
So to be clear: DO NOT DOWNLOAD BITCOIN KNOTS AND TRUST IT UNTIL THIS IS RESOLVED.
If you already did in the last few months, consider shutting that system down for now.

mindrust

legendary

Activity: 3276

Merit: 2442

Quote from: digaran on January 02, 2023, 10:03:07 AM

This is what happens when you reveal your real life identity to the public, especially if you are well known bitcoin developer which means you own at least a few hundreds.

This incident has nothing to do with him being sloppy with the security of his coins, this was an organized attack just because they knew his whereabouts.

Maybe if you are reading this post and have millions of $ in bitcoin be more careful what you reveal about what you have and who you are.

Maybe Satoshi knew something all along, that's why he disappeared given if he actually still alive.

Is is kind of sad, not so long ago I made post this and now this happened.

Quote from: mindrust on December 21, 2022, 11:39:19 AM

It is pretty hard to stay anonymous on the internet. Especially if you are a dev that has to work on a project all the time. Fixing bugs, creating updates all the time, sooner or later you will make a mistake and lose your anonymity. Hell, even if you do everything right, you still may lose your anonymity because some clever bastard may hack you.

That’s one of the weaknesses of crypto imo. Crypto itself is bullet proof but their devs aren’t.

Even gmaxwell merited it, as you see I almost described this exact situation.

PrivacyG

hero member

Activity: 882

Merit: 1873

Crypto Swap Exchange

Quote from: digaran on January 02, 2023, 10:03:07 AM

This incident has nothing to do with him being sloppy with the security of his coins, this was an organized attack just because they knew his whereabouts.

Do you have any source for this claim? If there is a place he would look into first, probably before even posting a tweet, I would assume it is where his seed was stored.

-
Regards,
PrivacyG

Topic: Bitcoin developer @lukedashjr's wallet was hacked - page 12. (Read 12899 times)