Pages:
Author

Topic: Bitcoin Rise (Read 2492 times)

newbie
Activity: 9
Merit: 0
June 08, 2012, 08:01:08 AM
#36
See the piercing bars? Breakout from the sideways range? This will be at 30 USD again in no time.

j/k

Yes I agree Cheesy
member
Activity: 209
Merit: 10
June 06, 2012, 05:03:18 PM
#35
Quote
As a malware analyst , I can tell you it is entirely possible to get in, get out and leave no signs. Take a keylogger for example. Anti-virus applications are based primarily on signatures & heuristics.

For the signature , executable packers known as "crypters" are available which basically use a form of encryption RC4, XOR, etc. and attach those to a "Stub" . The stub loads the encrypted "payload" into memory , which is able to sneak past the antivirus as it can't decrypt the payload and an attempt would cost too many CPU cycles, rendering their product slow, etc. etc.  Once the encrypted data is in memory , the stub decrypts it , and resumes the "frozen" process. This effectively bypasses AV.

For defeating heuristics simple time puzzles or pointless API calls or any process that eats CPU can effectively "time out" the AV engine causing it to abort analyzing the file.

If the payload is created correctly, it is possible to steal wallet.dat , or ONLY start the "server" process when bitcoind.exe is running. After either recording your passphrase or uploading your wallet.dat file, the file "melts" and leaves no evidence behind

thats really interesting, thanks for your insight.

it just goes to show how important it  is to practice safe browsing and really be aware of what the threats are out there.

Seeing as how dealing with malware is your profession can you offer any tips that may benefit newbies and the rest of us? Maybe make a new thread if its indepth.

I believe knowing what exactly the threats are and how they work make them seem more real and make newcomers to bitcoin take security more seriously

Analyzing malware is a hobby of mine, my day-to-day job is as a software engineer. A great tip would be to download Sandboxie and do all your browsing and run all downloaded applications (if you must download them from not-well-known sites ) inside a sandboxed environment. This way if you do happen to download malware it will have little chance at actually infecting your system.

The fact is , 0-day exploits exist as well . Take a look at MS08-067 :

http://technet.microsoft.com/en-us/security/bulletin/ms08-067

This was a well-known exploit that went unprotected for quite a while and even today in "lab" test one can find machines still vulnerable. It allowed for hackers to upload their infected payloads without any user interaction. Things you hear over and over again like "install the latest updates " are repeated for a reason.

A second tip would be to "Know Thy Enemy" . Do research on commonly used malware such as "DarkComet RAT", "CyberGate RAT", and "BlackShades". Fact is, there are plenty of custom-made backdoor programs that can go undetected for years.

Using a firewall one can set a Deny All rule for all incoming & outgoing connections and allow on a case-by-case basis.

MD5 and SHA-1 hashes are extremely helpful in verifying the validity of downloaded software. If you are an extremely paranoid person like myself , I'd suggest downloading a Live CD of Ubuntu or your preferred Linux distro, verifying the MD5 signature, and booting from that CD . Create a new wallet and transfer all your funds to that wallet. Encrypt it, and then copy to USB which has been formatted (even better , zeroed out w/ Eraser or equivalent. Your USB device could have been previously infected to where it autoruns malware from a hidden area. )

Lastly, make sure your wireless network is using WPA/WPA2 with a unique password of at least 12+ alphanumeric characters with a few special symbols as well.

Tools like Ettercap, Arpspoof , and SSLStrip can be run on a cracked WEP network and regardless of how safe you are with your local machine, everything transmitted over your wireless can be intercepted. Use wired connections where possible.

To simplify and be more practical: don't download software from unknown sources, stay up-to-date on patches and antivirus definitions, and use a different password or 2-factor authentication for sites which hold sensitive information.



vip
Activity: 571
Merit: 504
I still <3 u Satoshi
June 06, 2012, 04:11:24 PM
#34
Quote
As a malware analyst , I can tell you it is entirely possible to get in, get out and leave no signs. Take a keylogger for example. Anti-virus applications are based primarily on signatures & heuristics.

For the signature , executable packers known as "crypters" are available which basically use a form of encryption RC4, XOR, etc. and attach those to a "Stub" . The stub loads the encrypted "payload" into memory , which is able to sneak past the antivirus as it can't decrypt the payload and an attempt would cost too many CPU cycles, rendering their product slow, etc. etc.  Once the encrypted data is in memory , the stub decrypts it , and resumes the "frozen" process. This effectively bypasses AV.

For defeating heuristics simple time puzzles or pointless API calls or any process that eats CPU can effectively "time out" the AV engine causing it to abort analyzing the file.

If the payload is created correctly, it is possible to steal wallet.dat , or ONLY start the "server" process when bitcoind.exe is running. After either recording your passphrase or uploading your wallet.dat file, the file "melts" and leaves no evidence behind

thats really interesting, thanks for your insight.

it just goes to show how important it  is to practice safe browsing and really be aware of what the threats are out there.

Seeing as how dealing with malware is your profession can you offer any tips that may benefit newbies and the rest of us? Maybe make a new thread if its indepth.

I believe knowing what exactly the threats are and how they work make them seem more real and make newcomers to bitcoin take security more seriously
vip
Activity: 571
Merit: 504
I still <3 u Satoshi
June 06, 2012, 03:05:22 PM
#33

 buy a yubi key (same thing as a blizzard authenticator)


Do you know if you could use a bizzard authenticator?
(or the other way around...)

no you can not.  you need to buy a yubi key or use google authenticator. google authenticator is free.
member
Activity: 209
Merit: 10
June 06, 2012, 01:30:32 PM
#32
my.gox could have world leading security, but it wouldn't matter because people will still get key logged because THEY DON'T TAKE PERSONAL RESPONSIBILITY FOR THEIR OWN SECURITY.

8 characters is too few for a password in my opinion.


use clean systems to access my.gox. easy as booting a live session of Ubuntu.

 buy a yubi key (same thing as a blizzard authenticator)

use a more secure password.

change your passwords regularly.

don't whine and moan when your own negligence rob's you of your money. you are basically handing the hackers your bitcoins .

Edit: Oh, and your gox account is only as secure as your email. keep that in mind.

I don't believe my PC was ever compromised,I've checked it with several AV's & have a network pro coming over soon to dig deeper.

My email is untouched,PW was never changed,nothing altered.So,before you assume I'm an idiot,check yourself  Angry

Notice I'm not alone in getting my account hacked recently,so all of us are whiners & piss & moaners,gee thanks for your support.What a caring community Roll Eyes

If BTC is ever to get to the general public,where there are people dumber than even me,security needs to be more automated,more checks & balances so to speak on the exchange's & for general transactions.

Otherwise money launderers,drug dealers & hackers will be the majority using BTC,as it is now.

Again,thanks for caring.........................................

As a malware analyst , I can tell you it is entirely possible to get in, get out and leave no signs. Take a keylogger for example. Anti-virus applications are based primarily on signatures & heuristics.

For the signature , executable packers known as "crypters" are available which basically use a form of encryption RC4, XOR, etc. and attach those to a "Stub" . The stub loads the encrypted "payload" into memory , which is able to sneak past the antivirus as it can't decrypt the payload and an attempt would cost too many CPU cycles, rendering their product slow, etc. etc.  Once the encrypted data is in memory , the stub decrypts it , and resumes the "frozen" process. This effectively bypasses AV.

For defeating heuristics simple time puzzles or pointless API calls or any process that eats CPU can effectively "time out" the AV engine causing it to abort analyzing the file.

If the payload is created correctly, it is possible to steal wallet.dat , or ONLY start the "server" process when bitcoind.exe is running. After either recording your passphrase or uploading your wallet.dat file, the file "melts" and leaves no evidence behind.



newbie
Activity: 31
Merit: 0
June 06, 2012, 12:26:42 PM
#31

 buy a yubi key (same thing as a blizzard authenticator)


Do you know if you could use a bizzard authenticator?
(or the other way around...)
full member
Activity: 207
Merit: 100
June 06, 2012, 06:44:01 AM
#30
Here is technical analysis of BTC chart long term:

http://www.btcwallet.org/wp-content/uploads/2012/05/bitcoinb30.png

for more technical analysis charts you can visit my website at: BTCwallet.org
legendary
Activity: 1288
Merit: 1227
Away on an extended break
June 06, 2012, 02:07:42 AM
#29
my.gox could have world leading security, but it wouldn't matter because people will still get key logged because THEY DON'T TAKE PERSONAL RESPONSIBILITY FOR THEIR OWN SECURITY.

8 characters is too few for a password in my opinion.


use clean systems to access my.gox. easy as booting a live session of Ubuntu.

 buy a yubi key (same thing as a blizzard authenticator)

use a more secure password.

change your passwords regularly.

don't whine and moan when your own negligence rob's you of your money. you are basically handing the hackers your bitcoins .

Edit: Oh, and your gox account is only as secure as your email. keep that in mind.

I don't believe my PC was ever compromised,I've checked it with several AV's & have a network pro coming over soon to dig deeper.

My email is untouched,PW was never changed,nothing altered.So,before you assume I'm an idiot,check yourself  Angry

Notice I'm not alone in getting my account hacked recently,so all of us are whiners & piss & moaners,gee thanks for your support.What a caring community Roll Eyes

If BTC is ever to get to the general public,where there are people dumber than even me,security needs to be more automated,more checks & balances so to speak on the exchange's & for general transactions.

Otherwise money launderers,drug dealers & hackers will be the majority using BTC,as it is now.

Again,thanks for caring.........................................

You would never know if you were key logged. AV is not 100% effective and any IT specialist will tell you its easier to re-install a system than remove a root-kit.

Heck, just run the keylogger through some obfuscation software and most AV's won't throw a hint. Use only 2 factor auth and/or Linux for any financially related activities, and check your keyboard's connector for a hardware keylogger before even typing in your userid.
vip
Activity: 571
Merit: 504
I still <3 u Satoshi
June 06, 2012, 02:02:33 AM
#28
my.gox could have world leading security, but it wouldn't matter because people will still get key logged because THEY DON'T TAKE PERSONAL RESPONSIBILITY FOR THEIR OWN SECURITY.

8 characters is too few for a password in my opinion.


use clean systems to access my.gox. easy as booting a live session of Ubuntu.

 buy a yubi key (same thing as a blizzard authenticator)

use a more secure password.

change your passwords regularly.

don't whine and moan when your own negligence rob's you of your money. you are basically handing the hackers your bitcoins .

Edit: Oh, and your gox account is only as secure as your email. keep that in mind.

I don't believe my PC was ever compromised,I've checked it with several AV's & have a network pro coming over soon to dig deeper.

My email is untouched,PW was never changed,nothing altered.So,before you assume I'm an idiot,check yourself  Angry

Notice I'm not alone in getting my account hacked recently,so all of us are whiners & piss & moaners,gee thanks for your support.What a caring community Roll Eyes

If BTC is ever to get to the general public,where there are people dumber than even me,security needs to be more automated,more checks & balances so to speak on the exchange's & for general transactions.

Otherwise money launderers,drug dealers & hackers will be the majority using BTC,as it is now.

Again,thanks for caring.........................................

You would never know if you were key logged. AV is not 100% effective and any IT specialist will tell you its easier to re-install a system than remove a root-kit.

edit: Bottom line is, you need to take ownership of your own security and your own mistakes rather than trying to pass it off on mt.gox.
Of course your not alone, lots of people make dumb mistakes, and this is how you learn. Just like I did when my WoW account was hacked via key-logger.

I had anti-virus too  Wink

Mt.gox by the way are now offering free authenticator service via google authenticator. So I imagine they're trying a wee bit harder than you to protect your account.

legendary
Activity: 2212
Merit: 1001
June 06, 2012, 01:42:53 AM
#27
my.gox could have world leading security, but it wouldn't matter because people will still get key logged because THEY DON'T TAKE PERSONAL RESPONSIBILITY FOR THEIR OWN SECURITY.

8 characters is too few for a password in my opinion.


use clean systems to access my.gox. easy as booting a live session of Ubuntu.

 buy a yubi key (same thing as a blizzard authenticator)

use a more secure password.

change your passwords regularly.

don't whine and moan when your own negligence rob's you of your money. you are basically handing the hackers your bitcoins .

Edit: Oh, and your gox account is only as secure as your email. keep that in mind.

I don't believe my PC was ever compromised,I've checked it with several AV's & have a network pro coming over soon to dig deeper.

My email is untouched,PW was never changed,nothing altered.So,before you assume I'm an idiot,check yourself  Angry

Notice I'm not alone in getting my account hacked recently,so all of us are whiners & piss & moaners,gee thanks for your support.What a caring community Roll Eyes

If BTC is ever to get to the general public,where there are people dumber than even me,security needs to be more automated,more checks & balances so to speak on the exchange's & for general transactions.

Otherwise money launderers,drug dealers & hackers will be the majority using BTC,as it is now.

Again,thanks for caring.........................................
legendary
Activity: 3416
Merit: 1912
The Concierge of Crypto
June 06, 2012, 01:31:41 AM
#26
I think what he's saying is that his password is RqQsxaHGWDzP7fweKDsx0wj4gyLPHRrPrJMurBMPq2MRltwEgQ6rcCTN2i7qjPKOmbu4IgHFdjFu9pQ 9v1vrjzYT3tjP9Pa1CncuR7epkiC3PvCuBJ5pNasvMziwktQTQMYLscyqZDj20cOvxZ5WmF8HcIqPOE n0MR96CSMTvMME4tB37lsEmPA5GSON1lST3ZuxN16m

But that he deleted 1 character from this long string. Which character is that? What position? Also, it's highly likely that this string is no where close to what his actual password is, so he is merely suggesting that his password is

1. very long (200 characters)
2. alphanumeric
3. case sensitive (uppercase and lowercase)

Incidentally, how long can a Mt. Gox password be? And for those of you curious, my username or userid to log into Mt. Gox looks like a password more than a username. (Really, I just generated a 16 character username, so essentially it's like a password with a password.)
vip
Activity: 571
Merit: 504
I still <3 u Satoshi
June 05, 2012, 09:47:33 PM
#25
I wonder if the bitcoin client will ever have 2 factor auth  Smiley

I think its called multi-sig. I don't think its fully implemented yet, but www.blockchain.info can pair their your online wallet with your desktop/smartphone wallet for 2 factor auth.
hero member
Activity: 686
Merit: 500
Wat
June 05, 2012, 09:44:36 PM
#24
I wonder if the bitcoin client will ever have 2 factor auth  Smiley
vip
Activity: 571
Merit: 504
I still <3 u Satoshi
June 05, 2012, 09:32:02 PM
#23
keyloggers also record the clipboard I believe, if thats what you are getting at...
my.gox could have world leading security, but it wouldn't matter because people will still get key logged because THEY DON'T TAKE PERSONAL RESPONSIBILITY FOR THEIR OWN SECURITY.

8 characters is too few for a password in my opinion.


use clean systems to access my.gox. easy as booting a live session of Ubuntu.

 buy a yubi key (same thing as a blizzard authenticator)

use a more secure password.

change your passwords regularly.

don't whine and moan when your own negligence rob's you of your money. you are basically handing the hackers your bitcoins .

Edit: Oh, and your gox account is only as secure as your email. keep that in mind.

Google authenticator is a free yubi-key-like application which you can download for free on any android phone.  Anything you really want secure should be two factor auth-ed, or you are completely vulnerable to someone to keylogging you.  


mtgox.comdeepceleronv

Here's some help for you if your keylogger didn't work, I deleted 1 character:

RqQsxaHGWDzP7fweKDsx0wj4gyLPHRrPrJMurBMPq2MRltwEgQ6rcCTN2i7qjPKOmbu4IgHFdjFu9pQ 9v1vrjzYT3tjP9Pa1CncuR7epkiC3PvCuBJ5pNasvMziwktQTQMYLscyqZDj20cOvxZ5WmF8HcIqPOE n0MR96CSMTvMME4tB37lsEmPA5GSON1lST3ZuxN16m


I'm 99% certain keyloggers also record your clipboard, if that's what you are getting at...

I was unaware that google had a authenticator thats free to use... I'll look into that.
Doesn't mt.gox require a yubi key explicitly? Will the google authenticator work on mt.gox?...
legendary
Activity: 1512
Merit: 1036
June 05, 2012, 06:16:08 PM
#22
my.gox could have world leading security, but it wouldn't matter because people will still get key logged because THEY DON'T TAKE PERSONAL RESPONSIBILITY FOR THEIR OWN SECURITY.

8 characters is too few for a password in my opinion.


use clean systems to access my.gox. easy as booting a live session of Ubuntu.

 buy a yubi key (same thing as a blizzard authenticator)

use a more secure password.

change your passwords regularly.

don't whine and moan when your own negligence rob's you of your money. you are basically handing the hackers your bitcoins .

Edit: Oh, and your gox account is only as secure as your email. keep that in mind.

Google authenticator is a free yubi-key-like application which you can download for free on any android phone.  Anything you really want secure should be two factor auth-ed, or you are completely vulnerable to someone to keylogging you.  


mtgox.comdeepceleronv

Here's some help for you if your keylogger didn't work, I deleted 1 character:

RqQsxaHGWDzP7fweKDsx0wj4gyLPHRrPrJMurBMPq2MRltwEgQ6rcCTN2i7qjPKOmbu4IgHFdjFu9pQ 9v1vrjzYT3tjP9Pa1CncuR7epkiC3PvCuBJ5pNasvMziwktQTQMYLscyqZDj20cOvxZ5WmF8HcIqPOE n0MR96CSMTvMME4tB37lsEmPA5GSON1lST3ZuxN16m
full member
Activity: 169
Merit: 100
June 05, 2012, 06:02:31 PM
#21
my.gox could have world leading security, but it wouldn't matter because people will still get key logged because THEY DON'T TAKE PERSONAL RESPONSIBILITY FOR THEIR OWN SECURITY.

8 characters is too few for a password in my opinion.


use clean systems to access my.gox. easy as booting a live session of Ubuntu.

 buy a yubi key (same thing as a blizzard authenticator)

use a more secure password.

change your passwords regularly.

don't whine and moan when your own negligence rob's you of your money. you are basically handing the hackers your bitcoins .

Edit: Oh, and your gox account is only as secure as your email. keep that in mind.

Google authenticator is a free yubi-key-like application which you can download for free on any android phone.  Anything you really want secure should be two factor auth-ed, or you are completely vulnerable to someone to keylogging you. 
vip
Activity: 571
Merit: 504
I still <3 u Satoshi
June 05, 2012, 05:50:04 PM
#20
my.gox could have world leading security, but it wouldn't matter because people will still get key logged because THEY DON'T TAKE PERSONAL RESPONSIBILITY FOR THEIR OWN SECURITY.

8 characters is too few for a password in my opinion.


use clean systems to access my.gox. easy as booting a live session of Ubuntu.

 buy a yubi key (same thing as a blizzard authenticator)

use a more secure password.

change your passwords regularly.

don't whine and moan when your own negligence rob's you of your money. you are basically handing the hackers your bitcoins .

Edit: Oh, and your gox account is only as secure as your email. keep that in mind.
legendary
Activity: 2212
Merit: 1001
June 05, 2012, 05:28:05 PM
#19
Well the amount I lost was 37 BTC,but how many have NOT reported thier loss & will never do so............................it all ADDS up.

An 8 digit PW is not bad,its fuckers doing anything they can (greedy) to steal from us honest folk..........& a slight lack in security by MTgox.
legendary
Activity: 2506
Merit: 1010
June 05, 2012, 04:48:46 PM
#18
Well,I think whats happening,in part now,is there are accounts being hacked on MTgox,

I doubt your 15 BTC that you lost is moving the market that much.  There were a total of three reports of Mt. Gox accounts being hacked.  Yours was likely due to your using a password that is just 8 characters long including a five letter dictionary word and three digits (as you've described in another thread).  Sorry that ended badly, but that was only a matter of time before that would be cracked.

Most people with larger amounts of funds have already implemented Yubikey, and those that haven't yet now have Google Authenticator as an option as well.
legendary
Activity: 2212
Merit: 1001
June 05, 2012, 04:37:10 PM
#17
Well,I think whats happening,in part now,is there are accounts being hacked on MTgox,any cash in your account is converted to coins & they are bought at whatever the current price is.So in effect its a "false rise",just a theory BTW.Since me & several others have had this done to us  Cry
Pages:
Jump to: