Both LTC and BTC "offline" wallets hacked...

UMP-45

newbie

Activity: 56

Merit: 0

Quote from: metallicelmo on October 01, 2013, 10:48:39 AM

Quote from: favdesu on October 01, 2013, 10:44:02 AM

an attacker just needs the private keys to swipe your wallet.

someone had physical access to your laptop and knew the passwords. did you write them down?

did you really use the laptop offline? no hidden wifi, lan or anything?

I use this laptop with internet, but the security is very high I can't believe this happened. I'm a systems administrator for F sake.
The private keys were stored on my laptop in an encrypted 7-zip file...
Question is do I have to reinstall my laptop now? This is so much work

I can see in the blockchain info that the transaction was broadcasted to the bitcoin network from an IP address in the USA 24.183.53.172
I live in Holland so would this indicate someone from the US stole my key files and wallet?

Okay, he may have keylogged you.
Intiated a data transfer connection with your PC.
Knew your encrypted 7-Z file password.
Transfered the 7-Z file to his computer.
Opened it with your password.
Got your Private Keys, then took the coins.

favdesu

legendary

Activity: 1764

Merit: 1000

Quote from: metallicelmo on October 01, 2013, 10:48:39 AM

Quote from: favdesu on October 01, 2013, 10:44:02 AM

an attacker just needs the private keys to swipe your wallet.

someone had physical access to your laptop and knew the passwords. did you write them down?

did you really use the laptop offline? no hidden wifi, lan or anything?

I use this laptop with internet, but the security is very high I can't believe this happened. I'm a systems administrator for F sake.
The private keys were stored on my laptop in an encrypted 7-zip file...
Question is do I have to reinstall my laptop now? This is so much work

I can see in the blockchain info that the transaction was broadcasted to the bitcoin network from an IP address in the USA 24.183.53.172
I live in Holland so would this indicate someone from the US stole my key files and wallet?

as a sys admin you should know about VPN and TOR, right? highly unlikely that they used their real ip for this...

trojan/keylogger is my guess

metallicelmo

sr. member

Activity: 882

Merit: 252

Quote from: favdesu on October 01, 2013, 10:44:02 AM

an attacker just needs the private keys to swipe your wallet.

someone had physical access to your laptop and knew the passwords. did you write them down?

did you really use the laptop offline? no hidden wifi, lan or anything?

I use this laptop with internet, but the security is very high I can't believe this happened. I'm a systems administrator for F sake.
The private keys were stored on my laptop in an encrypted 7-zip file...
Question is do I have to reinstall my laptop now? This is so much work

I can see in the blockchain info that the transaction was broadcasted to the bitcoin network from an IP address in the USA 24.183.53.172
I live in Holland so would this indicate someone from the US stole my key files and wallet?

favdesu

legendary

Activity: 1764

Merit: 1000

an attacker just needs the private keys to swipe your wallet.

someone had physical access to your laptop and knew the passwords. did you write them down?

did you really use the laptop offline? no hidden wifi, lan or anything?

edit: brain wallet maybe?

UMP-45

newbie

Activity: 56

Merit: 0

Maybe he had access to your hard drive and transfered the wallet.dat file to his computer.
What Anti-Virus were you using?

metallicelmo

sr. member

Activity: 882

Merit: 252

Hey guys,

My "offline" wallets from Litecoin-QT and MultiBit are suddenly empty after I checked this morning.

LTC, BTC are both all gone.
Both wallets were stored on my laptop only. I'm the only one using this laptop. The .wallet files and key files were on my harddrive.
Both wallets protected by a strong password. All coins were transferred out when my laptop was turned OFF, I wasn't there or asleep at night.

here's both transactions:

BTC: http://blockchain.info/tx-index/b1ce29f0ce400cc1532a94ebaa96e607e58a8bff6dd302b115a634efb84f7616
LTC: http://block-explorer.com/tx/e05e45036aaedebd43295aa6413fa39305f055afa0e6683c9c5d5ffbb7fa34f2

Any idea what to do, possible to trace somehow where they went? How on earth would it be possible for someone to do this? My laptop has a virusscanner, scanned with multiple programs, nothing found..

For someone to hack my wallets, do they need the actual files from my harddrive?

Topic: Both LTC and BTC "offline" wallets hacked... (Read 1148 times)