Author

Topic: Blockchain wallet hacked! (Read 2914 times)

hero member
Activity: 700
Merit: 500
March 27, 2014, 01:09:00 AM
#32
Don't forget to click on my sig.

Ponders if this is a reference to avoid sponsored links or if you genunially wanted me to check out your site Smiley
hero member
Activity: 732
Merit: 500
Nosce te Ipsum
March 26, 2014, 06:44:21 PM
#31
Looks like that is a Google's ad.
Well then Google is likely responsible for this scam..

A good friend of mine actually said the same thing today. How would one go about holding them accountable? They surely are!
hero member
Activity: 732
Merit: 500
Nosce te Ipsum
March 26, 2014, 06:42:58 PM
#30
LouReed, when you log into the read blockchain website do you still see a wallet that sent 2 btc today?  That 2 btc only went into the wallet 7 days ago and you didn't send it so maybe you didn't really lose 2btc.

Nope, they're gone!! My transaction was the one for 2.2 Bitcoin.
hero member
Activity: 732
Merit: 500
Nosce te Ipsum
March 26, 2014, 06:29:14 PM
#29
TOR Browser & using G Shocked Shocked gle search?  

My man, that should be https://www.ixquick.com/ or https://startpage.com/


Actually, you are right, it was Startpage, and I now feel a little better about being dooped, since the same link is still the first item even in Startpage, but it doesn't say add next to it.

Edit: Actually, I see that it does say "Adds by Google" above it.
newbie
Activity: 36
Merit: 0
March 26, 2014, 05:57:41 PM
#28
LouReed, when you log into the read blockchain website do you still see a wallet that sent 2 btc today?  That 2 btc only went into the wallet 7 days ago and you didn't send it so maybe you didn't really lose 2btc.
sr. member
Activity: 241
Merit: 250
Time you enjoy wasting is not wasted time.
March 26, 2014, 04:47:46 PM
#27
Don't forget to click on my sig.
hero member
Activity: 700
Merit: 500
March 26, 2014, 04:46:39 PM
#26

That really sucks now I understand why people would fall for the trap
Another reason why I remain suspicious of googles sponsored ads they can sometimes lead to viral places

Holy Mary Mother of Jesus, do yourself a favour and just do not ever click ads, no, no, no, no.

The google ad that literally could cost people thousands quite the scary thing to be honest
sr. member
Activity: 241
Merit: 250
Time you enjoy wasting is not wasted time.
March 26, 2014, 04:44:07 PM
#25

That really sucks now I understand why people would fall for the trap
Another reason why I remain suspicious of googles sponsored ads they can sometimes lead to viral places

Holy Mary Mother of Jesus, do yourself a favour and just do not ever click ads, no, no, no, no.

hero member
Activity: 700
Merit: 500
March 26, 2014, 04:07:08 PM
#24
Did a little more investigating today, and found out that I was Phished! That's what I get for spending my Bitcoin after a couple cocktails!!! Today when I Googled Blockchain, I just clicked on the top link, and noticed right away that it wasn't right because the logo had changed, and also the address bar was showing the IP address instead of the https//url. I knew instantly what had happened!! Here's a thread talking about the site:

https://bitcointalksearch.org/topic/m.5917325
That really sucks now I understand why people would fall for the trap
Another reason why I remain suspicious of googles sponsored ads they can sometimes lead to viral places
sr. member
Activity: 241
Merit: 250
Time you enjoy wasting is not wasted time.
March 26, 2014, 03:52:20 PM
#23
TOR Browser & using G Shocked Shocked gle search? 

My man, that should be https://www.ixquick.com/ or https://startpage.com/
hero member
Activity: 952
Merit: 513
March 26, 2014, 03:40:12 PM
#22
Looks like that is a Google's ad.
Well then Google is likely responsible for this scam..
hero member
Activity: 732
Merit: 500
Nosce te Ipsum
March 26, 2014, 03:35:48 PM
#21
I received this phishing mail two times and it's written in German.
and I never fall into it..
I banned his mail adress don't want to receive annoying mail a third time..


It's actually not an email. Do a Google search for Blockchain, it's the very first result at the top of the page, and it shows as Blockchain.info. When you click the link, you will see that it is using the old logo, and the address bar shows just an ip address.
sr. member
Activity: 241
Merit: 250
Time you enjoy wasting is not wasted time.
March 26, 2014, 02:58:35 PM
#20
Did a little more investigating today, and found out that I was Phished! That's what I get for spending my Bitcoin after a couple cocktails!!! Today when I Googled Blockchain, I just clicked on the top link, and noticed right away that it wasn't right because the logo had changed, and also the address bar was showing the IP address instead of the https//url. I knew instantly what had happened!! Here's a thread talking about the site:

https://bitcointalksearch.org/topic/m.5917325

El Clásico.  Sucks like fuck, though at least you've identified the vector & it isn't that your machine is pwned. 
hero member
Activity: 952
Merit: 513
March 26, 2014, 02:46:41 PM
#19
I received this phishing mail two times and it's written in German.
and I never fall into it..
I banned his mail adress don't want to receive annoying mail a third time..
hero member
Activity: 732
Merit: 500
Nosce te Ipsum
March 26, 2014, 02:23:29 PM
#18
Did a little more investigating today, and found out that I was Phished! That's what I get for spending my Bitcoin after a couple cocktails!!! Today when I Googled Blockchain, I just clicked on the top link, and noticed right away that it wasn't right because the logo had changed, and also the address bar was showing the IP address instead of the https//url. I knew instantly what had happened!! Here's a thread talking about the site:

https://bitcointalksearch.org/topic/m.5917325
hero member
Activity: 732
Merit: 500
Nosce te Ipsum
March 26, 2014, 07:37:14 AM
#17

Java/web exploit


Actually, this might actually make the most sense. I was using Tor at the time, and in order to use the "Shared Coin" option, you need to "temporarily allow all scripts", and what I did was click "Shared Coin" and then just automatically out of habit went up and clicked for it to allow scripts, and then I went to type in the amount to send and that's when I noticed they were gone.


You know, the strangest thing is, I had forgotten about that wallet, and today when I found it, I thought, "huh, let's see what kind of change I have in this wallet" I was actually shocked when I opened it and saw 2.2 Bitcoin in it! I couldn't for the life of me figure out when I would've sent that much coin to an old wallet that I don't even use anymore, and I still can't figure it out! I know that I wouldn't just forget about $1200+! I tried tracing back the transactions and nothing leads to any wallet that I ever owned! Is it possible that somehow someone else's address ended up in my wallet?? Seems ridiculous I know, but I just can't explain it!
I suspect an address collision.  People around here think it is not that common.  But, just like the lottery, someone wins every week despite the fact that the odds are "astronomically near zero".  1/35,000,000,000 doesn't seem like good odds, but just go ask the guy who won $500million what he thinks of that theory.

Your wallet probably was being 'shared' by an unknowing party and those were actually his $1200 and he probably actually is the guy who took them after noticing his address was being used by someone else (you)


This also makes a lot of sense to me because as I said, I honestly didn't think I had anything but just small change in this wallet, as I hadn't even been in it in quite some time because I had forgotten about it. There's just no way that I would've had 2+ Bitcoin in a wallet and forgotten about it! Like I said, I was fricken shocked when I saw the balance!
hero member
Activity: 732
Merit: 500
Nosce te Ipsum
March 26, 2014, 06:54:06 AM
#16
Several people have said key logger, but when I created the wallet many months ago, I made the password using just random digits, and then saved it in an encrypted file, so aside from the first time when I created it, I have NEVER typed it, always copy paste. I ASSume this would rule out key logger?
legendary
Activity: 1386
Merit: 1000
KawBet.com - Anonymous Bitcoin Casino & Sportsbook
March 26, 2014, 04:51:02 AM
#15
The odds of a collision with a given address are 1 / 1461501637330902918203684832716283019655932542976 per attempt
This backs my assertion.  You admit it is possible.  Just like the lottery, mathematically improbable, yet it happens all the time.
Just like entire planets quantum tunnelling into different galaxies. All the time man! All the time...
Once the first collision occurs and is mathematically explained - all you guys who are overly happy on the '9' key are going to shit bricks.   9999999999999999999999999999999999999999999999999999999999.  lol 
'entire planets quantum tunnelling into different galaxies'  - I think you've seen too many episodes of Star Trek
legendary
Activity: 924
Merit: 1000
March 26, 2014, 04:46:18 AM
#14
I recommend the armory wallet with a cheap offline netbook for signing outgoing transactions.

This is as sure as it can get...
hero member
Activity: 742
Merit: 500
March 26, 2014, 04:44:33 AM
#13
The odds of a collision with a given address are 1 / 1461501637330902918203684832716283019655932542976 per attempt
This backs my assertion.  You admit it is possible.  Just like the lottery, mathematically improbable, yet it happens all the time.

Just like entire planets quantum tunnelling into different galaxies. All the time man! All the time...

legendary
Activity: 1386
Merit: 1000
KawBet.com - Anonymous Bitcoin Casino & Sportsbook
March 26, 2014, 04:40:53 AM
#12
The odds of a collision with a given address are 1 / 1461501637330902918203684832716283019655932542976 per attempt
This backs my assertion.  You admit it is possible.  Just like the lottery, mathematically improbable, yet it happens all the time.
legendary
Activity: 4424
Merit: 4794
March 26, 2014, 12:50:40 AM
#11
what you need to do is buy a raspberry Pi. and its sole purpose is to move coins.
NO miners
No downloads of unverified software

i also think logins should supply a message thats unique to that session. that a person has to copy into GPG to get signed to prove ownership of the username. and the signature is the password. (to stop people using weak passwords)

along with google authenticate defaulted to enabled.

there are too many people that are too lazy to have a dedicated PC for wealth storage, too lazy to remember a decent length password and too lazy to use google authenticate.

basically if they want access to their funds with a simple 8 digit password.. then they need to accept the risks
sr. member
Activity: 476
Merit: 250
March 26, 2014, 12:47:30 AM
#10
did you activate 2FA?
20+ hard guessed password, how can hacker get that password  Huh
are you sure your computer free from keylogger program?
full member
Activity: 164
Merit: 100
Indie Developer
March 26, 2014, 12:43:51 AM
#9
I suspect an address collision.  People around here think it is not that common.  But, just like the lottery, someone wins every week despite the fact that the odds are "astronomically near zero".  1/35,000,000,000 doesn't seem like good odds, but just go ask the guy who won $500million what he thinks of that theory.

Your wallet probably was being 'shared' by an unknowing party and those were actually his $1200 and he probably actually is the guy who took them after noticing his address was being used by someone else (you)

To give you an idea of the numbers involved: There are 1,921,075 different addresses in the block chain. That's less than 0.000000000000000000000000000000000000001 % of all the addresses that can be generated. –  Artefact2 Aug 30 '11 at 21:42
legendary
Activity: 1162
Merit: 1007
March 26, 2014, 12:32:38 AM
#8
I suspect an address collision.  People around here think it is not that common.  But, just like the lottery, someone wins every week despite the fact that the odds are "astronomically near zero".  1/35,000,000,000 doesn't seem like good odds, but just go ask the guy who won $500million what he thinks of that theory.

Your wallet probably was being 'shared' by an unknowing party and those were actually his $1200 and he probably actually is the guy who took them after noticing his address was being used by someone else (you)

The odds of a collision with a given address are 1 / 1461501637330902918203684832716283019655932542976 per attempt (2^-160).  

If a million users generated a million address per day for one million days, the chance of a collision with your address is still no better than the chances of winning the lottery 4 times in a row.  
hero member
Activity: 528
Merit: 527
March 26, 2014, 12:32:15 AM
#7
You said:

when I clicked from the standard send to the shared send, the coins were gone, that quick!!

That is the clue to what happened. If they disappeared just after you logged in, then your computer was compromised.

We really do need hard (ROM) coded hardware Bitcoin wallets. Until then, I suspect security is always going to be an issue for most people.

As for future advice: One computer/laptop with a fresh install of an OS & drivers that is used for nothing else but your wallet software.
legendary
Activity: 4424
Merit: 4794
March 26, 2014, 12:31:05 AM
#6
I realize that the fact that the coins are gone, and there is nothing I can do about it, but can anyone tell me how it might've happened? I actually logged into the wallet to move the coins, and when I clicked from the standard send to the shared send, the coins were gone, that quick!! My password is 20+ characters of upper, lower, and symbols, so I know there is no way it was guessed. Any ideas on what might've happened so I can prevent it from happening again? I always thought I was extra safe, and used proper security when using web based wallets, but I guess I was wrong!!

Here is the thief's address: https://blockchain.info/address/1PfzGSswTmaekotjP9zZgYveLhB8ADx86X

lets say you had the funds sat there for weeks.. and then suddenly it goes like 20 seconds after logging in, but before you have chance to send them yourself.

well, i smell a keylogger that used your login details to raid you dry before you even had chance to do anything. did you see how fast that news anchor lost his funds by showing th QR code on the TV. if someone can steal money by someone realizing there's an opportunity, getting his phone out, rewinding the newsfeed scanning the qr code and then inputting their own address to send it too.. imagine how fast a bot can do it when it receives key presses and is scripted to autosend transactions

think about what bitcoin related programs you downloaded within a week before the funds disappeared. and list those programs here. so that  by reasonable deduction of other users showing their lists. people can finds the culprit.

please list the programs you downloaded this week, help the community. as a few other people argue the toss that its not their machine.. without even examining th evidence. so dont simply class it as a blockchain.info error..

afterall if its a key logger you dont want to keep running into these issues.

and before you reply with what most reply.. unless a keylogger is known to malware programs. it can remain undetected. so dont say your computer is fine because scans reveal nothing.. malware scans only reveal KNOWN threats.

and as for the lottery odds
lottery odds are normally a quarter of the population of the country

EG Euro millions is
1 in 116,531,800
UK lottery
1 in 13,983,816

population of europe is 700million
population of UK is 70 million

so if every person played, it would average 4 to 5 winners.. but we all know not everyone plays.

so we are talking about 116million combinations just so 4 or 5 people will have the same numbers.

now back to bitcoin.

bitcoin does not have a populations of 700million.. more like 2 million.
bitcoin address combinations are not 116million (116 with 6 zero's) but infact theres over 160 ZEROS
compare a lottery chance of 4 people per are chance.
with a 2,000,000 existent addresses out of:
10,000,000,000,000,000,000,000,000,000,000,000,000,000,000,000,000,000,000,000,000,000,000,000,000,000,000,000,000,000,000,000,000,000,000,000,000,000,000,000,000,000,000,000,000,000,000,000,000,000,000,000,000,000

which is still 1 chance out of
9,999,999,999,999,999,999,999,999,999,999,999,999,999,999,999,999,999,999,999,999,999,999,999,999,999,999,999,999,999,999,999,999,999,999,999,999,999,999,999,999,999,999,999,999,999,999,999,999,999,999,998,000,000
full member
Activity: 164
Merit: 100
Indie Developer
March 26, 2014, 12:29:42 AM
#5
So you supposedly have a compromised computer that send what you type to mr Evil. He immediately manages to login as he is notified of the new posible password that your computer sent out. Then the coins disappeared while you were logged in.

For this to work, blockchain.info must allow more than 1 simultaneous login, so they?
legendary
Activity: 1386
Merit: 1000
KawBet.com - Anonymous Bitcoin Casino & Sportsbook
March 26, 2014, 12:27:14 AM
#4
You know, the strangest thing is, I had forgotten about that wallet, and today when I found it, I thought, "huh, let's see what kind of change I have in this wallet" I was actually shocked when I opened it and saw 2.2 Bitcoin in it! I couldn't for the life of me figure out when I would've sent that much coin to an old wallet that I don't even use anymore, and I still can't figure it out! I know that I wouldn't just forget about $1200+! I tried tracing back the transactions and nothing leads to any wallet that I ever owned! Is it possible that somehow someone else's address ended up in my wallet?? Seems ridiculous I know, but I just can't explain it!
I suspect an address collision.  People around here think it is not that common.  But, just like the lottery, someone wins every week despite the fact that the odds are "astronomically near zero".  1/35,000,000,000 doesn't seem like good odds, but just go ask the guy who won $500million what he thinks of that theory.

Your wallet probably was being 'shared' by an unknowing party and those were actually his $1200 and he probably actually is the guy who took them after noticing his address was being used by someone else (you)
sr. member
Activity: 241
Merit: 250
Time you enjoy wasting is not wasted time.
March 26, 2014, 12:21:23 AM
#3
Poor/recycled password
Trojan/Keylogger
Classic phish
Java/web exploit
Insecure [?wireless] network
Compromised wallet backup file; esp from email
Some dodgypickup from unsafe intersex that's got you needing to shared send shiz

...usually covers it
hero member
Activity: 732
Merit: 500
Nosce te Ipsum
March 25, 2014, 11:42:10 PM
#2
You know, the strangest thing is, I had forgotten about that wallet, and today when I found it, I thought, "huh, let's see what kind of change I have in this wallet" I was actually shocked when I opened it and saw 2.2 Bitcoin in it! I couldn't for the life of me figure out when I would've sent that much coin to an old wallet that I don't even use anymore, and I still can't figure it out! I know that I wouldn't just forget about $1200+! I tried tracing back the transactions and nothing leads to any wallet that I ever owned! Is it possible that somehow someone else's address ended up in my wallet?? Seems ridiculous I know, but I just can't explain it!
hero member
Activity: 732
Merit: 500
Nosce te Ipsum
March 25, 2014, 11:27:40 PM
#1
I realize that the fact that the coins are gone, and there is nothing I can do about it, but can anyone tell me how it might've happened? I actually logged into the wallet to move the coins, and when I clicked from the standard send to the shared send, the coins were gone, that quick!! My password is 20+ characters of upper, lower, and symbols, so I know there is no way it was guessed. Any ideas on what might've happened so I can prevent it from happening again? I always thought I was extra safe, and used proper security when using web based wallets, but I guess I was wrong!!

Here is the thief's address: https://blockchain.info/address/1PfzGSswTmaekotjP9zZgYveLhB8ADx86X
Jump to: