Pages:
Author

Topic: BrainWallet Defcon Attack Discussion, Advice, Q&A, Brainflayer Info, etc. - page 3. (Read 12576 times)

member
Activity: 105
Merit: 59
I want to be absolutely clear - other than by accident (and those coins were returned within minutes) - I have not taken anyone's bitcoins. I will be following up with a blog post sharing more details of my research soon.

You could try asking btcrobinhood on reddit - they have a bot that sweeps brainwallets. I believe that their policy is to return 100% if you are able to demonstrate ownership sufficiently.

I would consider helping to recover forgotten brainwallet passphrases (using a tailored search), but I don't have a policy on this at the moment.
full member
Activity: 179
Merit: 100
How would it be possible? Only shot would be to see where your coins were sent to and followup with a plea for sympathy... But considering that it cost the hacker money/resources to carry out the attack, it's really, really doubtful you're getting your coins back... after all, that was the goal.

And you don't remember the string to your own brainwallet? Uhhh, how did you plan on recovering the coins before they were stolen?
Check my thread you'll find all the answers.I have the private key for the address.
full member
Activity: 179
Merit: 100
Please do not take this warning lightly.  Over 800BTC were available for theft (and lucky taken by a whitehat hacker - more information coming soon).  Please ensure that your bitcoins are not part of the ones that are taken in the future.  Save your bitcoins today, and transfer them to a safe storage system such as a Trezor or an Electrum Cold Storage wallet.
I were robbed of 22BTC by most likely a brainwallet cracker is there any chance I could get my BTC back for more info check my thread https://bitcointalksearch.org/topic/almost-surebrainwalletorg-stole-22btc-from-me-1146935

What is the BrainWallet string used to create that address?  I'll check if it's in his list of notable hacks.
I do not remember the string but maybe you can check for an address it is 1JqL1fp2nfuoSKirnRLjqUbQpf7Pou7mXR.
member
Activity: 132
Merit: 17
Please do not take this warning lightly.  Over 800BTC were available for theft (and lucky taken by a whitehat hacker - more information coming soon).  Please ensure that your bitcoins are not part of the ones that are taken in the future.  Save your bitcoins today, and transfer them to a safe storage system such as a Trezor or an Electrum Cold Storage wallet.
I were robbed of 22BTC by most likely a brainwallet cracker is there any chance I could get my BTC back for more info check my thread https://bitcointalksearch.org/topic/almost-surebrainwalletorg-stole-22btc-from-me-1146935

What is the BrainWallet string used to create that address?  I'll check if it's in his list of notable hacks.
full member
Activity: 179
Merit: 100
Please do not take this warning lightly.  Over 800BTC were available for theft (and lucky taken by a whitehat hacker - more information coming soon).  Please ensure that your bitcoins are not part of the ones that are taken in the future.  Save your bitcoins today, and transfer them to a safe storage system such as a Trezor or an Electrum Cold Storage wallet.
I were robbed of 22BTC by most likely a brainwallet cracker is there any chance I could get my BTC back for more info check my thread https://bitcointalksearch.org/topic/almost-surebrainwalletorg-stole-22btc-from-me-1146935
member
Activity: 132
Merit: 17
In light of recent events, it has been proven that BrainWallet is now no longer regarded as safe.  At Defcon 23 (running August 6-9 2015), a whitehat hacker (named Ryan) released a program (codenamed Brainflayer) capable of checking 10s of thousands of brainwallets per second.  During his research, he discovered private keys for addresses that at some point held over 730BTC.  Many of the phrases were regarded as generally safe.  However, they were still cracked by his program.  BrainWallet as a whole is now being regarded as unsafe for use.  While experts have considered it unsafe for a long time, this is one of the first practical implementations that proves exactly how unsafe they are as a wallet choice.

Following the announcement and presentation of the software implementation, BrainWallet's website has been shut down.  The latest commit on their GitHub page removed the website and replaced it with a parked page, saying that the project is now closed.

However, there are still many safe BrainWallets.  As of now, it is recommended that you clean the balance out of your BrainWallet and into a safer storage method.  It is important to note that Ryan, the developer of this program, did not take any of the bitcoins.  He attempted to alert the owner of 250BTC that their bitcoins are at risk.  However, he has not personally gained anything from this, and works for the betterment of the bitcoin community.

While many BrainWallet cracking tools have existed over time, Brainfalyer is many orders of magnitude faster.  It uses Bloom Filters to effectively and quickly check if addresses have been used, which increases its speed.  Various other optimizations have made is very efficient as well.  In the next months, it can be expected that other hackers will be creating botnets, and various other large scale attacks against brain wallets.  It is no longer safe to use a BrainWallet.  Transfer funds out immediately!

The presentation regarding general information about the attack is available on Ryan's website.
The source code for the project is available on GitHub

If you are one of the lucky BrainWallet users who have not haven your bitcoins stolen, we have hosted the BrainWallet code on our website.  It can be used to transfer your bitcoins to a safer medium.  A Trezor or Electrum (cold storage) wallet is recommended for users with larger amounts of bitcoin.  They are easy to set up, and are many times safer than your BrainWallet.  To use the BrainWallet software, go to our website's hosting of BrainWallet.  For smaller amounts of bitcoin, you can use the website implementation itself.  For larger amounts, click the "Download ZIP" button in the footer of the website.  From there, you can generate the private key and transfer your bitcoins before theft occurs.

Please do not take this warning lightly.  Over 730BTC were available for theft thoughout the history of BrainWallet.  Please ensure that your bitcoins are not part of the ones that are taken in the future.  Save your bitcoins today, and transfer them to a safe storage system such as a Trezor or an Electrum Cold Storage wallet.
Pages:
Jump to: