The odds of a collision with a given address are 1 / 1461501637330902918203684832716283019655932542976 per attempt
This backs my assertion. You admit it is possible. Just like the lottery, mathematically improbable, yet it happens all the time. 
Topic: Blockchain wallet hacked! - page 2. (Read 2913 times)
what you need to do is buy a raspberry Pi. and its sole purpose is to move coins.
NO miners
No downloads of unverified software
i also think logins should supply a message thats unique to that session. that a person has to copy into GPG to get signed to prove ownership of the username. and the signature is the password. (to stop people using weak passwords)
along with google authenticate defaulted to enabled.
there are too many people that are too lazy to have a dedicated PC for wealth storage, too lazy to remember a decent length password and too lazy to use google authenticate.
basically if they want access to their funds with a simple 8 digit password.. then they need to accept the risks
NO miners
No downloads of unverified software
i also think logins should supply a message thats unique to that session. that a person has to copy into GPG to get signed to prove ownership of the username. and the signature is the password. (to stop people using weak passwords)
along with google authenticate defaulted to enabled.
there are too many people that are too lazy to have a dedicated PC for wealth storage, too lazy to remember a decent length password and too lazy to use google authenticate.
basically if they want access to their funds with a simple 8 digit password.. then they need to accept the risks
did you activate 2FA?
20+ hard guessed password, how can hacker get that password
are you sure your computer free from keylogger program?
20+ hard guessed password, how can hacker get that password
are you sure your computer free from keylogger program?
I suspect an address collision. People around here think it is not that common. But, just like the lottery, someone wins every week despite the fact that the odds are "astronomically near zero". 1/35,000,000,000 doesn't seem like good odds, but just go ask the guy who won $500million what he thinks of that theory.
Your wallet probably was being 'shared' by an unknowing party and those were actually his $1200 and he probably actually is the guy who took them after noticing his address was being used by someone else (you)
Your wallet probably was being 'shared' by an unknowing party and those were actually his $1200 and he probably actually is the guy who took them after noticing his address was being used by someone else (you)
To give you an idea of the numbers involved: There are 1,921,075 different addresses in the block chain. That's less than 0.000000000000000000000000000000000000001 % of all the addresses that can be generated. – Artefact2 Aug 30 '11 at 21:42
I suspect an address collision. People around here think it is not that common. But, just like the lottery, someone wins every week despite the fact that the odds are "astronomically near zero". 1/35,000,000,000 doesn't seem like good odds, but just go ask the guy who won $500million what he thinks of that theory.
Your wallet probably was being 'shared' by an unknowing party and those were actually his $1200 and he probably actually is the guy who took them after noticing his address was being used by someone else (you)
Your wallet probably was being 'shared' by an unknowing party and those were actually his $1200 and he probably actually is the guy who took them after noticing his address was being used by someone else (you)
The odds of a collision with a given address are 1 / 1461501637330902918203684832716283019655932542976 per attempt (2^-160).
If a million users generated a million address per day for one million days, the chance of a collision with your address is still no better than the chances of winning the lottery 4 times in a row.
You said:
That is the clue to what happened. If they disappeared just after you logged in, then your computer was compromised.
We really do need hard (ROM) coded hardware Bitcoin wallets. Until then, I suspect security is always going to be an issue for most people.
As for future advice: One computer/laptop with a fresh install of an OS & drivers that is used for nothing else but your wallet software.
when I clicked from the standard send to the shared send, the coins were gone, that quick!!
That is the clue to what happened. If they disappeared just after you logged in, then your computer was compromised.
We really do need hard (ROM) coded hardware Bitcoin wallets. Until then, I suspect security is always going to be an issue for most people.
As for future advice: One computer/laptop with a fresh install of an OS & drivers that is used for nothing else but your wallet software.
I realize that the fact that the coins are gone, and there is nothing I can do about it, but can anyone tell me how it might've happened? I actually logged into the wallet to move the coins, and when I clicked from the standard send to the shared send, the coins were gone, that quick!! My password is 20+ characters of upper, lower, and symbols, so I know there is no way it was guessed. Any ideas on what might've happened so I can prevent it from happening again? I always thought I was extra safe, and used proper security when using web based wallets, but I guess I was wrong!!
Here is the thief's address: https://blockchain.info/address/1PfzGSswTmaekotjP9zZgYveLhB8ADx86X
Here is the thief's address: https://blockchain.info/address/1PfzGSswTmaekotjP9zZgYveLhB8ADx86X
lets say you had the funds sat there for weeks.. and then suddenly it goes like 20 seconds after logging in, but before you have chance to send them yourself.
well, i smell a keylogger that used your login details to raid you dry before you even had chance to do anything. did you see how fast that news anchor lost his funds by showing th QR code on the TV. if someone can steal money by someone realizing there's an opportunity, getting his phone out, rewinding the newsfeed scanning the qr code and then inputting their own address to send it too.. imagine how fast a bot can do it when it receives key presses and is scripted to autosend transactions
think about what bitcoin related programs you downloaded within a week before the funds disappeared. and list those programs here. so that by reasonable deduction of other users showing their lists. people can finds the culprit.
please list the programs you downloaded this week, help the community. as a few other people argue the toss that its not their machine.. without even examining th evidence. so dont simply class it as a blockchain.info error..
afterall if its a key logger you dont want to keep running into these issues.
and before you reply with what most reply.. unless a keylogger is known to malware programs. it can remain undetected. so dont say your computer is fine because scans reveal nothing.. malware scans only reveal KNOWN threats.
and as for the lottery odds
lottery odds are normally a quarter of the population of the country
EG Euro millions is
1 in 116,531,800
UK lottery
1 in 13,983,816
population of europe is 700million
population of UK is 70 million
so if every person played, it would average 4 to 5 winners.. but we all know not everyone plays.
so we are talking about 116million combinations just so 4 or 5 people will have the same numbers.
now back to bitcoin.
bitcoin does not have a populations of 700million.. more like 2 million.
bitcoin address combinations are not 116million (116 with 6 zero's) but infact theres over 160 ZEROS
compare a lottery chance of 4 people per are chance.
with a 2,000,000 existent addresses out of:
10,000,000,000,000,000,000,000,000,000,000,000,000,000,000,000,000,000,000,000,000,000,000,000,000,000,000,000,000,000,000,000,000,000,000,000,000,000,000,000,000,000,000,000,000,000,000,000,000,000,000,000,000,000
which is still 1 chance out of
9,999,999,999,999,999,999,999,999,999,999,999,999,999,999,999,999,999,999,999,999,999,999,999,999,999,999,999,999,999,999,999,999,999,999,999,999,999,999,999,999,999,999,999,999,999,999,999,999,999,999,998,000,000
So you supposedly have a compromised computer that send what you type to mr Evil. He immediately manages to login as he is notified of the new posible password that your computer sent out. Then the coins disappeared while you were logged in.
For this to work, blockchain.info must allow more than 1 simultaneous login, so they?
For this to work, blockchain.info must allow more than 1 simultaneous login, so they?
You know, the strangest thing is, I had forgotten about that wallet, and today when I found it, I thought, "huh, let's see what kind of change I have in this wallet" I was actually shocked when I opened it and saw 2.2 Bitcoin in it! I couldn't for the life of me figure out when I would've sent that much coin to an old wallet that I don't even use anymore, and I still can't figure it out! I know that I wouldn't just forget about $1200+! I tried tracing back the transactions and nothing leads to any wallet that I ever owned! Is it possible that somehow someone else's address ended up in my wallet?? Seems ridiculous I know, but I just can't explain it!
I suspect an address collision. People around here think it is not that common. But, just like the lottery, someone wins every week despite the fact that the odds are "astronomically near zero". 1/35,000,000,000 doesn't seem like good odds, but just go ask the guy who won $500million what he thinks of that theory. Your wallet probably was being 'shared' by an unknowing party and those were actually his $1200 and he probably actually is the guy who took them after noticing his address was being used by someone else (you)
Poor/recycled password
Trojan/Keylogger
Classic phish
Java/web exploit
Insecure [?wireless] network
Compromised wallet backup file; esp from email
Some dodgypickup from unsafe intersex that's got you needing to shared send shiz
...usually covers it
Trojan/Keylogger
Classic phish
Java/web exploit
Insecure [?wireless] network
Compromised wallet backup file; esp from email
Some dodgypickup from unsafe intersex that's got you needing to shared send shiz
...usually covers it
You know, the strangest thing is, I had forgotten about that wallet, and today when I found it, I thought, "huh, let's see what kind of change I have in this wallet" I was actually shocked when I opened it and saw 2.2 Bitcoin in it! I couldn't for the life of me figure out when I would've sent that much coin to an old wallet that I don't even use anymore, and I still can't figure it out! I know that I wouldn't just forget about $1200+! I tried tracing back the transactions and nothing leads to any wallet that I ever owned! Is it possible that somehow someone else's address ended up in my wallet?? Seems ridiculous I know, but I just can't explain it!
I realize that the fact that the coins are gone, and there is nothing I can do about it, but can anyone tell me how it might've happened? I actually logged into the wallet to move the coins, and when I clicked from the standard send to the shared send, the coins were gone, that quick!! My password is 20+ characters of upper, lower, and symbols, so I know there is no way it was guessed. Any ideas on what might've happened so I can prevent it from happening again? I always thought I was extra safe, and used proper security when using web based wallets, but I guess I was wrong!!
Here is the thief's address: https://blockchain.info/address/1PfzGSswTmaekotjP9zZgYveLhB8ADx86X
Here is the thief's address: https://blockchain.info/address/1PfzGSswTmaekotjP9zZgYveLhB8ADx86X
Jump to: