Pages:
Author

Topic: Bitcoin developer @lukedashjr's wallet was hacked - page 7. (Read 12927 times)

legendary
Activity: 1512
Merit: 7340
Farewell, Leo
i know some will say "need to wipe windows/linux per spend and delete everything and start again"... but who actually does that
Lol. Every reasonable person with a shitload amount of money, maybe?

its like telling someone to get a new debit card each time they use their debit card for the risk of someone cloning the card.. who actually does that
What the actual fuck? What kind of analogy is this? First things first, you don't store a million dollars worth of bitcoin in a hot wallet. That should be a principle, period. Secondly, using a hot wallet more than once doesn't introduce any additional risk. If you have a computer that's connected to the internet, with a Bitcoin wallet installed, and you use it only to make transactions, using it once or a million times doesn't make a difference security-wise. Thirdly, debit card transactions are reversible.
legendary
Activity: 4424
Merit: 4794
no what you are not reading is ..
he had over 200btc on DIFFERENT keys before september. but moved coin in september to new address thus exposing that wallet in september..
(its not a stash since 2011 that has been lingering on a computer for a decade or exposed a decade or less ago)


they were exposed september 2022+
because he spent some coin in september and got change in september but didnt send the change to a different wallet(such as a HD seed associated key made on an airgapped wallet)

instead the funds in september went back to a change address in a node of standard change address creation within the node
sr. member
Activity: 1190
Merit: 469
Quote from: franky1
his funds were not on HD seeds.

i know. they were on individual paper wallets. how many of them i am not sure exactly.

Quote
if funds are on hd seeds then yea skip the advice about change addresses.
but if funds are on legacy, then you have to manually spend all value to 2 addresses(1x destination for amount to want to spend and 1x yourself in a new wallet for the change) ensuring change doesnt go to same wallet thats on the online computer
paper wallets are not meant to receive back change. that's why.


Quote
at most all i can say is when he done the spend in september. he should have used that opportunity to move it(like i suggested) to a new wallet that was airgapped.
i mean i'm sure he's got enough grief as it is he doesn't need armchair quarterbacks but the mistake was made long before september. the mistake was made when he started storing those private keys on that computer to begin with. how many years did that go on for until someone finally hacked him? how many years did he have time to read up on how to best protect your stash? and what did he do? it doesn't seem like he did anything.  Huh
legendary
Activity: 4424
Merit: 4794
its funny to say "but HD seed do XYZ"
his funds were not on HD seeds. so mute point

if funds are on hd seeds then yea skip the advice about change addresses.
but if funds are on legacy, then you have to manually spend all value to 2 addresses(1x destination for amount to want to spend and 1x yourself in a new wallet for the change) ensuring change doesnt go to same wallet thats on the online computer

meaning when its time for a legacy hoard to upgrade wallet to HD he will need to do as i just said

you cant just re invent the past and pretend he had a HD seed.. he didnt.

i dont even like luke JR for numerous reasons. but still i wont re invent the past to give more reasons to say he done things wrong because he had access to XYZ before events

at most all i can say is when he done the spend in september. he should have used that opportunity to move it(like i suggested) to a new wallet that was airgapped.

sr. member
Activity: 1190
Merit: 469

anyways moving on
he used a wallet to spend funds like a couple months before some hacks on his server. so obviously when they trojaned into home computer the wallets were still on PC
sounds like an amateurish mistake.

Quote
i know some will say "need to wipe windows/linux per spend and delete everything and start again"... but who actually does that
well if i had bitcoin private keys that added up to $2 or $3 million then i wouldn't keep them stored on a computer that was connected to the internet, franky.

Quote
its like telling someone to get a new debit card each time they use their debit card for the risk of someone cloning the card.. who actually does that
i'm not sure that's an apples to apples comparison. banks put spending limits and atm cash limits on debit cards for exactly this reason: to avoid having to reimburse a customer for amounts that would exceed what they are comfortable reimbursing. Shocked


Quote
one thing i dislike about core is how you cant choose your "change" address easily..
why should you need to choose your change address? an hd seed is meant to manage your change addresses so that all your funds remain under its control. if you prefer to use your hd seed as a paper wallet one time use type of thing then yeah, i mean, you have to do that manually.

Quote
but again. who bothers to do that
they shouldn't NEED to do that. you can use an hd wallet to do as many transactions as you want to and have good security in place too.

Quote
some say you should take an umbrella with you all the time in case it rains.. but who bothers to do that
some say you should take an an extra shirt with you in case you get lunch sauce on one while on work break. but who does that
if it can cost you $2 million then yeah, you might want to bother to do those things or anything else for that matter if it falls into a similar category.
legendary
Activity: 4424
Merit: 4794
it actually does not matter if its seed or legacy or multisig or segwit

if you expose any seed, wallet file, private key to a system that is hackable(online) where you probably downloaded a compromised file that contains a trojan. those coins no matter the format of the private key, becomes their
Very stupid of him to store his private keys on a computer.

The purpose of cold storage is that your keys are stored OFFLINE where it is impossible for anyone else to access but you.
When your keys are online then it is not cold storage -- it is the same thing as storing in a hot wallet. Can't believe a bitcoin dev is that dumb.

first of all cold store is a term that pre exists hardware wallets and exporting keys
for airgapped stores like hardware wallets, paper wallets and offline devises. they were just called those 3 things

cold meant home node, hot meant node on a webserver with public access
..

anyways moving on
he used a wallet to spend funds like a couple months before some hacks on his server. so obviously when they trojaned into home computer the wallets were still on PC

i know some will say "need to wipe windows/linux per spend and delete everything and start again"... but who actually does that

its like telling someone to get a new debit card each time they use their debit card for the risk of someone cloning the card.. who actually does that

.
one thing i dislike about core is how you cant choose your "change" address easily.. it just uses the current seed or the random generator to create a change address to add to current wallet in core.. .
to avoid this.. you have to instead treat it as if you are spending funds fully to 2 destinations as a complete spend of all value of current wallet/seed.. where you choose the second destination as an address of separate wallet you have not put into core/your device.
(meaning a new wallet created airgapped)

that way the 2nd destination is a wallet on a completely separate airgapped device. and no funds are being returned to a wallet that is in core when spending.

but again. who bothers to do that

some say you should take an umbrella with you all the time in case it rains.. but who bothers to do that
some say you should take an an extra shirt with you in case you get lunch sauce on one while on work break. but who does that
member
Activity: 302
Merit: 46
NO SHITCOIN INSIDE
it actually does not matter if its seed or legacy or multisig or segwit

if you expose any seed, wallet file, private key to a system that is hackable(online) where you probably downloaded a compromised file that contains a trojan. those coins no matter the format of the private key, becomes their

Very stupid of him to store his private keys on a computer.

The purpose of cold storage is that your keys are stored OFFLINE where it is impossible for anyone else to access but you.
When your keys are online then it is not cold storage -- it is the same thing as storing in a hot wallet. Can't believe a bitcoin dev is that dumb.


legendary
Activity: 1568
Merit: 6660
bitcoincleanup.com / bitmixlist.org
My question is : how the chainanalisys stood after the ChipMixer Round?

And my question is, have they not heard the alarm bells from people (Twitter?) warning them that they are currently holding Luke-jr's stolen funds?

OKX has got to freeze all those funds. Never mind, they apparently haven't even been sent to an exchange yet.
legendary
Activity: 2380
Merit: 17063
Fully fledged Merit Cycler - Golden Feather 22-23
Update on the funds.
Fist they went trough Chipmixer:



Then according to this analyst they were transferred to a CEX:



My question is : how the chainanalisys stood after the ChipMixer Round?

legendary
Activity: 4424
Merit: 4794
i too think the luke stash splits that end up on bc1q addresses(precise amounts of 1-5btc) will end up on those types of CEX and converted to some other currency
converting it to true fiat via those sites wont be non-kyc because doing fiat withdrawals reveals bank account holder name. so those sites will be just conversion bridges to altcoins/stable coins and them moved again before the entity doing it thinks its safe to then "cash out" or hoard back as BTC again elsewhere

I have just only one question.
Why didn’t he cash the UTXO sending them pro the exchange? No one would have never known that, as those funds were not tied to him.
Now he has to be extremely careful handling those utxo's.

whomever the entity is (luke/hacker) they are not stupid to just throw coins into an exchange to cash out, straight from the "event". as the lack of taint jumps are to close to the publicly known address, which has been called out as stolen funds

their game is to taint jump and tx format change to hope they can skip passed the limits and tolerances of coin analysis where the fresh addresses of small amount wont raise any red flags when eventually entering an exchange/service

im surprised that these coins have not moved on much. i would have expected those precise(no decimal) coins on bc1q addresses to have been 'spent' through a mixer by now. several times. or looped through a non kyc exchange to swap for altcoin/stablecoin.

edit

i just checked address in tx above. and it has now split the 1btc into smaller amounts of 0.002
as have some other bc1q adddreses(taint back to 1yar) of precise amounts now split into 0.001 amounts
https://www.blockchain.com/explorer/addresses/BTC/bc1qr3vpj9ffshqp53u9la0g6nwhx6f5n3z9l7xhwd
this to me shows signs of splits of "mixer token" allotments (al)ready to be mixed
https://www.blockchain.com/explorer/addresses/btc/bc1qm2qljj3a64ueqfq885ne2yy9pddnez7vz4y2v5

i would say beyond this point it is now hard to tell if these funds when spent are the entity(luke/hacker) or some idiot that is in receipt from some mixed funds.

but knowing (due to FATF regs) that regulated exchanges do not tolerate funds that went through a mixer, it should be fun to see what exchanges accept or reject deposits from those spends, even if the user is not entity(hacker/luke)

as for the funds the entity does get (different mixer deposit stash) they too may have issues trying to deposit into exchanges unless another taint jump ordeal is done to outpace chain analysis tolerances
hero member
Activity: 1008
Merit: 724
This is truly an unprecedented event!  From such an experienced developer in the field of blockchain, hackers managed to steal a large sum of money in Bitcoins....

At the same time, Bitcoin Core developers themselves give recommendations on the safe storage of the first cryptocurrency on their website.  Most Bitcoin users are guided by these recommendations when choosing one or another wallet to store their coins. 

In my opinion, this means acknowledging the fact that there is no completely secure way to store Bitcoins.  It is necessary to use all available methods to minimize the existing risks of losing cryptocurrency.
It's hard to see the current condition when even experienced developers in the field of blockchain can be penetrated but on the other hand this can't just happen because I think there must be cause and effect and there could be some oversights that occur when looking at this from a broad perspective.

Right now I think we have to be more vigilant than before because hackers are getting smarter and smarter and I agree with what you said, use all the methods currently available to make your assets really safe because I don't mean to scare you but it could be people people who are out there right now are waiting for us to let our guard down and seize the moment as it happened to this seasoned developer.

Should he be removed from bitcoin development team? It seems this could have a negative impact on bitcoin as a whole. Just my opinion.
This will obviously have an impact because seeing some of the retweets there, a lot of people are worried because even a developer class is still being infiltrated, especially with people who only rely on daring to take risks and indeed this is a real target for haters of bitcoin because they seem to see a new weapon for make it look like bitcoin is indeed a means of scam and fraud for now.
legendary
Activity: 4424
Merit: 4794
it actually does not matter if its seed or legacy or multisig or segwit

if you expose any seed, wallet file, private key to a system that is hackable(online) where you probably downloaded a compromised file that contains a trojan. those coins no matter the format of the private key, becomes their
legendary
Activity: 1568
Merit: 6660
bitcoincleanup.com / bitmixlist.org
According to reddit, he did not use a seed phrase, but instead "split all his bitcoins across hundreds of private keys" which by virtue of being on the same computer, were stolen at once.

I don't even.... just take a look for yourself.

Also, he mentioned that he didn't use a standard seed phrase.

He also said that he independently generated each private/public key pair.

His funds were spread out across "hundreds" of private keys, which ended up all being compromised.

With a complex setup like this, and the fact that hundreds of independently generated private keys were all compromised, it's clear that he had all those keys backed up on a hot computer somewhere, which was compromised.

Kids, don't be stupid out there. Just use a 24 word seed phrase and never back it up on any computer ever. This situation is 100% avoidable.

I guess this is not so surprising anymore. I was thinking somewhere on the lines of his seed phrases getting burgled.
legendary
Activity: 2380
Merit: 17063
Fully fledged Merit Cycler - Golden Feather 22-23
Fair enough, There some exchange that still doesn’t required KYC and allow 2BTC deposit and withdrawal per day.

Like what? Not Binance, is that what you're talking about?
From my knowledge, he might be talking about Bybit exchange which used to allow 2BTC daily withdrawal limit for non KYC accounts, but they have recently updated their policy[1] and changed the limits to 20k usdt equivalent withdrawals per day.
Also, kucoin allows 1 BTC/day withdrawal limit for non KYC. Dunno of any trustable cex allowing 2BTC withdrawal limits today, but would love to know.

[1] https://announcements.bybit.com/en-US/article/enhanced-kyc-policy-to-be-implemented-after-dec-15-2022-bltf3d717c057f2a044/

i too think the luke stash splits that end up on bc1q addresses(precise amounts of 1-5btc) will end up on those types of CEX and converted to some other currency
converting it to true fiat via those sites wont be non-kyc because doing fiat withdrawals reveals bank account holder name. so those sites will be just conversion bridges to altcoins/stable coins and them moved again before the entity doing it thinks its safe to then "cash out" or hoard back as BTC again elsewhere

I have just only one question.
Why didn’t he cash the UTXO sending them pro the exchange? No one would have never known that, as those funds were not tied to him.
Now he has to be extremely careful handling those utxo's.
member
Activity: 162
Merit: 65
It does happen commonly but not to a huge name like this. Not because he is famous, even famous people could get hacked, but because he is famous for being a bitcoin developer. Dude knows how to be safe, and yet he was still hacked and he doesn't even know how he was hacked neither.

I believe that the best thing to do would be letting him handle whatever he wants to handle to get the answers, give him full access to everything and find the issue. Because, if there is a hole somewhere that hackers could use to hack him, they could 100% hack all of us, if he couldn't protect himself, there is absolutely no way that we could ever protect ourselves better than he did.

his server was being hacked all through november and december multiple times by the same instigator.
he knew the hackers were making hacking bots scripted to hack his system(s) specifically..

he (supposedly) however didnt realise they trojaned in specific code for his system to then get at his home computers.
he thought they were only playing around with his servers and had no idea they got code into his home computers to mess with them too after christmas

..
some of his comments are a bit sparse. . cynically im thinking "the less you say the less lies you have to tell" where it could be, that he heard about FTX in november and seen how people like micheal saylor also (paper loss) declared a tax loss in december.. and thought he should do something similar to avoid taxes..

however he could have actually been hacked.
his vagueness could be genuine surprise or planned avoidance of multiplying his lies

honestly speaking, when i first heard of this news, i was shocked. But then when i relooked at the whole thing, i acutally thought to myself, fuck it, he can't be really hacked. Until these days, i still couldn't believe that a 200BTC wallet stolen from a btc developer. It just doesn't look like he was really fucked. And what you said here actually validates my point.
So, fuck it, he is a trying to fool the public around.
legendary
Activity: 4424
Merit: 4794
Fair enough, There some exchange that still doesn’t required KYC and allow 2BTC deposit and withdrawal per day.

Like what? Not Binance, is that what you're talking about?
From my knowledge, he might be talking about Bybit exchange which used to allow 2BTC daily withdrawal limit for non KYC accounts, but they have recently updated their policy[1] and changed the limits to 20k usdt equivalent withdrawals per day.
Also, kucoin allows 1 BTC/day withdrawal limit for non KYC. Dunno of any trustable cex allowing 2BTC withdrawal limits today, but would love to know.

[1] https://announcements.bybit.com/en-US/article/enhanced-kyc-policy-to-be-implemented-after-dec-15-2022-bltf3d717c057f2a044/

i too think the luke stash splits that end up on bc1q addresses(precise amounts of 1-5btc) will end up on those types of CEX and converted to some other currency
converting it to true fiat via those sites wont be non-kyc because doing fiat withdrawals reveals bank account holder name. so those sites will be just conversion bridges to altcoins/stable coins and them moved again before the entity doing it thinks its safe to then "cash out" or hoard back as BTC again elsewhere
hero member
Activity: 1050
Merit: 681
Fair enough, There some exchange that still doesn’t required KYC and allow 2BTC deposit and withdrawal per day.

Like what? Not Binance, is that what you're talking about?
From my knowledge, he might be talking about Bybit exchange which used to allow 2BTC daily withdrawal limit for non KYC accounts, but they have recently updated their policy[1] and changed the limits to 20k usdt equivalent withdrawals per day.
Also, kucoin allows 1 BTC/day withdrawal limit for non KYC. Dunno of any trustable cex allowing 2BTC withdrawal limits today, but would love to know.

[1] https://announcements.bybit.com/en-US/article/enhanced-kyc-policy-to-be-implemented-after-dec-15-2022-bltf3d717c057f2a044/
legendary
Activity: 1568
Merit: 6660
bitcoincleanup.com / bitmixlist.org
Fair enough, There some exchange that still doesn’t required KYC and allow 2BTC deposit and withdrawal per day.

Like what? Not Binance, is that what you're talking about?
legendary
Activity: 4424
Merit: 4794
It does happen commonly but not to a huge name like this. Not because he is famous, even famous people could get hacked, but because he is famous for being a bitcoin developer. Dude knows how to be safe, and yet he was still hacked and he doesn't even know how he was hacked neither.

I believe that the best thing to do would be letting him handle whatever he wants to handle to get the answers, give him full access to everything and find the issue. Because, if there is a hole somewhere that hackers could use to hack him, they could 100% hack all of us, if he couldn't protect himself, there is absolutely no way that we could ever protect ourselves better than he did.

his server was being hacked all through november and december multiple times by the same instigator.
he knew the hackers were making hacking bots scripted to hack his system(s) specifically..

he (supposedly) however didnt realise they trojaned in specific code for his system to then get at his home computers.
he thought they were only playing around with his servers and had no idea they got code into his home computers to mess with them too after christmas

..
some of his comments are a bit sparse. . cynically im thinking "the less you say the less lies you have to tell" where it could be, that he heard about FTX in november and seen how people like micheal saylor also (paper loss) declared a tax loss in december.. and thought he should do something similar to avoid taxes..

however he could have actually been hacked.
his vagueness could be genuine surprise or planned avoidance of multiplying his lies
legendary
Activity: 2086
Merit: 1058
Incidents like this always happen every year and we as bitcoin users always have to be careful in storing private keys, and applying maximum security, if we have done that then there is no way to stop hackers because they are always looking for ways to get into our bitcoin account which has a fairly large asset, the victims right now I'm concerned because no matter what way we do it's very difficult to detect hackers,hopefully this will be a valuable lesson for all of us.
It does happen commonly but not to a huge name like this. Not because he is famous, even famous people could get hacked, but because he is famous for being a bitcoin developer. Dude knows how to be safe, and yet he was still hacked and he doesn't even know how he was hacked neither.

I believe that the best thing to do would be letting him handle whatever he wants to handle to get the answers, give him full access to everything and find the issue. Because, if there is a hole somewhere that hackers could use to hack him, they could 100% hack all of us, if he couldn't protect himself, there is absolutely no way that we could ever protect ourselves better than he did.
Pages:
Jump to: