BTC-e being hacked. Watch your account. - page 2.

LostDutchman

sr. member

Activity: 476

Merit: 250

Quote from: Denton on January 31, 2014, 09:09:12 PM

Can one assume that a keylogger can be capable to read the clipboard data?

http://en.wikipedia.org/wiki/Keystroke_logging

Read it and weep!

"Software keyloggers may be augmented with features that capture user information without relying on keyboard key presses as the sole input. Some of these features include:

Clipboard logging. Anything that has been copied to the clipboard can be captured by the program."

Wink

Denton

full member

Activity: 798

Merit: 100

Can one assume that a keylogger can be capable to read the clipboard data?

keewee

legendary

Activity: 1025

Merit: 1000

Quote from: outofservice on January 31, 2014, 08:10:55 PM

Quote from: BitcoinAshley on January 31, 2014, 08:08:53 PM

You probably have a keylogger. Sucks to be you! Don't keep more on an exchange than you can afford to lose.

What is a keylogger?

It is a type of malware that logs every key you press on your keyboard and passes it back to a server. Once this sequence is captured it is easy to extract usernames, passwords etc. This is why it's imperative that you use two factor authentication if it is available. You should also be using a password manager such as KeePass so that you can use complex passwords that you never have to type out, just copy and paste them.

LostDutchman

sr. member

Activity: 476

Merit: 250

Quote from: Singlebyte on January 31, 2014, 08:35:34 PM

While reading this thread I was going to post my comments. But LostDutchman posted exactly what I was going to post! Thank you LD for saving me the time!

Why thank you for your kind comment!

It just breaks my heart when internet noobs get it bad because the simply do not understand how to be secure on the net.

I wish I could fix things for them but after the fact, they are pretty much screwed!

Complicated passwords work well.

Lots of Upper/lower case switheces, punctuatin marks..............

Esamples:

An "I've got your ass!" password:

"password 90210".

BUSTED in about 10 seconds!

This will at least take some time and maybe get you alerted that someone is trying to hack you:

"90I&3Z*forL%Ah+?Rt2N1!*"

Just an example.

My $.02.

Wink

Singlebyte

hero member

Activity: 854

Merit: 1000

While reading this thread I was going to post my comments. But LostDutchman posted exactly what I was going to post! Thank you LD for saving me the time!

outofservice

member

Activity: 70

Merit: 11

Quote from: LostDutchman on January 31, 2014, 08:27:44 PM

Quote from: outofservice on January 31, 2014, 08:12:18 PM

Quote from: TERA on January 31, 2014, 08:10:47 PM

It sounds like your password got stolen, not neccesarily btce itself hacked.

This is one department I'll admit that hodlors have a clear advantage.

Isn't stolen and hacked the same thing?

Uh, no.......................................

Sad

Quote from: outofservice on Today at 20:10:55

Quote from: BitcoinAshley on Today at 20:08:53

You probably have a keylogger. Sucks to be you! Don't keep more on an exchange than you can afford to lose.

What is a keylogger?

Oh boy..............................................

Thanks, your replies have been so helpful.

LostDutchman

sr. member

Activity: 476

Merit: 250

Quote from: outofservice on January 31, 2014, 08:12:18 PM

Quote from: TERA on January 31, 2014, 08:10:47 PM

It sounds like your password got stolen, not neccesarily btce itself hacked.

This is one department I'll admit that hodlors have a clear advantage.

Isn't stolen and hacked the same thing?

Uh, no.......................................

Sad

Dalmar

hero member

Activity: 1106

Merit: 500

Life is short, practice empathy in your life

Quote from: outofservice on January 31, 2014, 08:21:49 PM

I've got a masters in Exercise and Sport Science but don't know shit about computers or the system which is ridiculous because I have a brother who writes code and serious shit I have no idea what he's talking about.

You are just out of luck.. 2FA is quite easy to set up.

Perhaps try to track down the hacker.. there are other BTC-e hack victims who traced down the hacks to one main guy in Russia. Maybe you could work together and place a bounty on him on BTC Assassination Market.. Cheesy

LostDutchman

sr. member

Activity: 476

Merit: 250

Quote from: outofservice on January 31, 2014, 08:10:55 PM

Quote from: BitcoinAshley on January 31, 2014, 08:08:53 PM

You probably have a keylogger. Sucks to be you! Don't keep more on an exchange than you can afford to lose.

What is a keylogger?

Oh boy..............................................

Sad

ampere9765

sr. member

Activity: 252

Merit: 250

Quote from: r3wt on January 31, 2014, 08:15:29 PM

Op sorry for your loss, but:

pro tip: some email services such as windows live mail have options for enabling two factor auth on your email account. its a little annoying to enter the code everytime you login to your email, but if you have alot at stake its worth it.

i did not even know that. THANK YOU. setting up now.

outofservice

member

Activity: 70

Merit: 11

Quote from: TERA on January 31, 2014, 08:16:07 PM

Quote from: outofservice on January 31, 2014, 08:12:18 PM

Quote from: TERA on January 31, 2014, 08:10:47 PM

It sounds like your password got stolen, not neccesarily btce itself hacked.

This is one department I'll admit that hodlors have a clear advantage.

Isn't stolen and hacked the same thing?

I suppose their related. What I'm trying to say is that the password was probably obtained via one of your own devices and not via a security breach of btce itself and their servers.

I've got a masters in Exercise and Sport Science but don't know shit about computers or the system which is ridiculous because I have a brother who writes code and serious shit I have no idea what he's talking about.

Dalmar

hero member

Activity: 1106

Merit: 500

Life is short, practice empathy in your life

Quote from: outofservice on January 31, 2014, 08:17:04 PM

I did not get as deep as this and set my security up this way. Apparently I should have, maybe I wouldn't have been hacked.

Well, if you didn't have 2FA on, it's your own fault. Don't blame BTC-e, as your title suggests.

bitcoinlitcoinbtcltc

hero member

Activity: 717

Merit: 501

Quote from: Dalmar on January 31, 2014, 08:16:15 PM

Quote from: bitcoinlitcoinbtcltc on January 31, 2014, 08:14:42 PM

I have 2FA via Google Authenticator on my phone turned on for everything; logging in, transfering money, changing details, etc.
And it needs to be confirmed via e-mail, and my e-mail has a separate 2FA (SMS), and a different password.

I am safe from being hacked, right? Undecided

Logging in via a key-logger is one thing, but shouldn't it be impossible to withdraw without having access to your phone.

I think so. I mean, without my phone they can't login, or enter code to withdraw, change pass, email etc.
But want to be sure.

outofservice

member

Activity: 70

Merit: 11

Quote from: bitcoinlitcoinbtcltc on January 31, 2014, 08:14:42 PM

I have 2FA via Google Authenticator on my phone turned on for everything; logging in, transfering money, changing details, etc.
And it needs to be confirmed via e-mail, and my e-mail has a separate 2FA (SMS), and a different password.

I am safe from being hacked, right? Undecided

I did not get as deep as this and set my security up this way. Apparently I should have, maybe I wouldn't have been hacked.

Dalmar

hero member

Activity: 1106

Merit: 500

Life is short, practice empathy in your life

Quote from: bitcoinlitcoinbtcltc on January 31, 2014, 08:14:42 PM

I have 2FA via Google Authenticator on my phone turned on for everything; logging in, transfering money, changing details, etc.
And it needs to be confirmed via e-mail, and my e-mail has a separate 2FA (SMS), and a different password.

I am safe from being hacked, right? Undecided

Logging in via a key-logger is one thing, but shouldn't it be impossible to withdraw without having access to your phone.

TERA

hero member

Activity: 728

Merit: 500

Quote from: outofservice on January 31, 2014, 08:12:18 PM

Quote from: TERA on January 31, 2014, 08:10:47 PM

It sounds like your password got stolen, not neccesarily btce itself hacked.

This is one department I'll admit that hodlors have a clear advantage.

Isn't stolen and hacked the same thing?

I suppose their related. What I'm trying to say is that the password was probably obtained via one of your own devices and not via a security breach of btce itself and their servers.

r3wt

hero member

Activity: 686

Merit: 504

always the student, never the master.

Op sorry for your loss, but:

pro tip: some email services such as windows live mail have options for enabling two factor auth on your email account. its a little annoying to enter the code everytime you login to your email, but if you have alot at stake its worth it.

bitcoinlitcoinbtcltc

hero member

Activity: 717

Merit: 501

I have 2FA via Google Authenticator on my phone turned on for everything; logging in, transfering money, changing details, etc.
And it needs to be confirmed via e-mail, and my e-mail has a separate 2FA (SMS), and a different password.

I am safe from being hacked, right? Undecided

Dalmar

hero member

Activity: 1106

Merit: 500

Life is short, practice empathy in your life

Why didn't you use 2FA (two-factor authentication)?

--

PS. It's quite concerning reading the number of people getting hacked on btc-e. Yes, this might be outside forces, but still the number seems higher than bitstamp users who are hacked.

outofservice

member

Activity: 70

Merit: 11

Quote from: TERA on January 31, 2014, 08:10:47 PM

It sounds like your password got stolen, not neccesarily btce itself hacked.

This is one department I'll admit that hodlors have a clear advantage.

Isn't stolen and hacked the same thing?

Topic: BTC-e being hacked. Watch your account. - page 2. (Read 5192 times)