Topic: BTC hacked from blockchain wallet (Read 578 times)

There are many happenings in this in any different situations. If someone knows your account information of Blockchain wallet, there is still a possibility to be hack, how? In this way, if your information in blockchain wallet and the information of your email is the same you will get hacked by the hackers when they know that 1 information because they can confirm in your email to withdraw the funds. So keep safe your email because that is one of the most important especially for recovering funds.

It's good to see you taking your case to huobi, but like i said: do be carefull you're not attacking somebody innocent that has used a mixing service to regain some anonimity...

I just read an interesting blogpost that might be relevant to this discussion, and the discussion link posted by Lucius (https://bitcointalksearch.org/topic/blockchaincom-scam-lost-funds-5157460)

https://googleprojectzero.blogspot.com/2019/08/a-very-deep-dive-into-ios-exploit.html
Tl;DR; version => vulnerabilities that were fixed in iOS 12 allowed hackers to gain access to iphone devices that merely surfed to an infected webpage... Nothing else: just visiting an infected webpage was sufficient to give the culprits full access to your phone (emails, files, passwords,...).

There is nobody that can ever be 100% sure they're running a completely clean system...

This does NOT mean that we can be sure there are no vulnerability's on blockchain's side... Just that everybody saying that they're 100% sure their system was clean, eventough they used it to visit blockchain.info (so it's an online system) is misinformed.

I know the OP never said he used iOS, but other platforms might have similar vulnerability's.

No problem, it would be really great if something could be done from Huobi, they can freeze that address and conduct an investigation, so there would be hope for a refund of stolen coins.

Regarding everything else in your case, you can never be completely sure that the failure did not come from you, but this does not mean that the fault cannot be on the other side. The problem is in proving that blockchain.com is have some security glitch, I doubt they would ever admit it.

Did you see this thread? https://bitcointalksearch.org/topic/blockchaincom-scam-lost-funds-5157460

Users who are convinced they lost 400 Bitcoins due to some vulnerability had a plan to sue blockchain.com (ex info), you can contact them for more info.

Sorry to keep you waiting for the answer. I was trying to identify the thief through Huobi, cause the transaction finally ended at 1L5tLc6ayc3RXAyicHRv2c2uSNVJzoP4Yp Huobi account, that probably accumulates multiple other thefts.
Back to security questions, I can assure you that all the keys, passwords, IDs are securely stored, so no physical contact of possession possible. I never click on e-mail links, phishing sites, extensions or other potential malware source. My computer was turned off all night before I turned it on next morning when realized the hack. I have also double-checked it for viruses and access ports protection, so it's totally clean, not infected with all ports being safely closed.
I really don't know at this point what could have happened, but i'm sure it's not my fault. It may still be the case like in the link you submitted https://bitcointalksearch.org/topic/thoughts-on-this-private-key-stealing-mystery-2488493

Sorry about this, some persons usually get hacked on blockchain .info, some users said they had activated SMS option as against a more secured google autenticator, and another had saved his private keys online, which is unsafe and not recommended to do so. Try to have a separate email from bitcoin login, and never use the same password, you may want to get phone for for the sole purpose of sending and receiving bitcoin and never download anything there. Alternatively, get a hardware wallet which is the most secured provided your keep the private keys safe.

What would you have had them done, they should refund your money because they are binance with safu fund? My dear, it is true that they are saying, there are so many hackers right now that would gain access to your account at any time if you are careless with your passwords or careless with the website that you go to.

I am also sorry to have heard your story, and thank God they dint steal more than that, there should be some sort of way that you can really trace it and I am not sure that is their  problem, if it was network bridge, I am sure that they would have been able to sort it out for you, and which may have also affected thousands of their users also, and you would surely have seen so many complains. I think you have to look for a more reliable way to secure your coin then if you no longer trust blockchain.

becareful your private key.that's important

Unfortunately it’s very hard, if not impossible to prove that it’s blockchains fault. The most probable scenario is that you have been phished, for example when googling “blockchain”, there maybe Advertisements on top of results, which appear to be the same site, but in the end it’s somthing very close like “blockchian.com”.

This really is a frustrating experience I must say. I feel your loss. But I also think what bxmail said isn't wrong. I have used blockchain for close to three years now but I haven't experienced such. This is where I encourage people to always access their wallet through the app and not through web. In all,, we should at all time safeguard our PKey and passwords. You never can tell who is lurking and waiting for the unguarded hour to strike.

the transaction was made about the same time you're checking your email
but it gets confirmation almost an hour later, if you had acted fast you would have saved your coins
can you remember what emails you were reading/opening at that time?
did you open or click any link in your email?
did you check your blockchain.com wallet before or after reading your email?

Last TX showed 1L5tLc6ayc3RXAyicHRv2c2uSNVJzoP4Yp, this address recieved 77.7 BTC.
it's not easy address..

I'm sorry for your loss,  mate. If your Blockchain account has been compromised then I'm afraid there's no chance to recover your funds back.

In order to avoid this to happen in the future try to use a hardware wallet instead of holding your private key on your PC.

bxmail, can you tell us where you kept your wallet ID and password? It is important to determine if the attack vector was in compromising that information by remote of someone came in physical possession of that information.

Do you remember last time when you access your wallet, are you use link to blockchain.com from your browser bookmarks, did you click on it from your e-mail or you search for it with search engine?

It is also posible that you somehow infected your computer with keylogger or RAT (remote access trojan), can you tell us do you use any antivirus or other security software?

I see you posted in Web Wallets board also, but in case you missed it, people lost coins from this wallet long time ago in cases like this :

https://bitcointalksearch.org/topic/thoughts-on-this-private-key-stealing-mystery-2488493

We all know this and you said to prevent same mistakes? I don't understand since you never posted a mistake in the OP, you also said it might be a security breach but the thing here is that the hacker might already hacked you log in. Better store your balances in a more secure wallet, I don't think this statement is new since there are a lot of threads here saying that it ia not safe to store on online wallets or some called it hot wallets.

Its unfortunate that they would not own up to the responsibility of their infrastructure being compromised one way or the other because doing that to them would be bad for business as they know that words would quickly spread fast over the internet because paying you back would mean them admitting of not keeping your funds safe as they have promised millions of their clients all over the world.

This is one issues I have with crypto market despite the reoccurring report of this particular service provider have been determined to be responsible for quite a number of loss of funds but they will go away with it because the market does not have control or overseeing body to put its activities in check.

Thank you for your support. Any help or advice is valuable and highly appreciated. I just want to add that the main reason for posting this was to inform other people of the situation and prevent from making same mistakes.

To avoid something similar in the future I would recommend storing BTC in cold wallet, write some super complex password, write it on the sheet of paper and hide somewhere (don't take photo of it and save to your PC). Store only small amounts of BTC in everyday usage wallet (I would prefer one with Google Authenticator).

Nothing you can do about this mate and I’m sorry for your losses though it’s not that large amount still this is important case because we have trusted the company to handle our money safely and without our mistakes as you’ve mentioned(but of course instance can happen that either way it’s our fault or really breach from their part)

What you can do now is move on,try to use this experience to be safer next time and prevent being a victim again.

Well the damage has been done but of course this realizations will help Him and others to skip same scenarios in future for the benefits of all

https://www.walletexplorer.com/wallet/Huobi.com-2?from_address=1L5tLc6ayc3RXAyicHRv2c2uSNVJzoP4Yp

That's a wallet belonging to Huobi... I'd contact their support department and ask them to look into this transaction... However, since the funds moved 2 times, it's perfectly possible the thief used a mixer...

Just to summarise:
1FgpbfQ8nVMS523Btnyv3rxhF7YxtiEdr7 belonged to you...
The thief robbed you in tx 4d412c58ab3dba8a138557e41e9ace1c8b36ee3d44107a930c8f31f0198d2b93 and funded what is most likely either his own address or an address belonging to a mixer => 1PdXxtu8Laq773RXT5q5pp6qtaG3HvSw2r

The unspent output created by the thief was combined with unspent outputs funding the following addresses:
1MXVwghCaz7yPvuyJU35yQdQHnpA9ea8PA (0.06180723 BTC - Output)
1H6htL41r9v8nAAZdpmaxw35kyjCewS9um (0.04020064 BTC - Output)
1H6htL41r9v8nAAZdpmaxw35kyjCewS9um (0.35708617 BTC - Output)
1JHLWuWsDqYwxzrjYcxZ6K7Feiv5R9SyvF (0.03159732 BTC - Output)
1PdXxtu8Laq773RXT5q5pp6qtaG3HvSw2r (0.03435393 BTC - Output)
1DbovmqydEvgFjLPfA6brASV98cmEy8gy2 (0.13459853 BTC - Output)
1MXVwghCaz7yPvuyJU35yQdQHnpA9ea8PA (0.01590557 BTC - Output)
1Q2qYzdeqd1KJdRJwMBqjft9mnMzc98fdp (0.01895248 BTC - Output)
1M7T8LZeJopJMffYRcpvviFvb11eKMLb1j (0.03038733 BTC - Output)
1Q2qYzdeqd1KJdRJwMBqjft9mnMzc98fdp (0.00673544 BTC - Output)
1FWSCxbScSfwrdetudCqArD5VND71JfPiy (0.0296867 BTC - Output)
1Q7SmKLD5Vs597oBZBAaviSzTfLwkZbXLd (0.11753431 BTC - Output)

to fund 1L5tLc6ayc3RXAyicHRv2c2uSNVJzoP4Yp

1L5tLc6ayc3RXAyicHRv2c2uSNVJzoP4Yp belongs to huobi... So somebody is exchanging those funds, either to other altcoins or to fiat... If huobi requires KYC, the police should be able to either find the thief, or the person who was unlucky enough to use a mixer and end up with the thief's funds after mixing...

This seems to be a personal error, it is not possible that it was the fault of Blockchain. I also use Blockchain and there are no problems while using this wallet. Bitcoin will not move on its own if no one controls the address and most likely it is because of hackers. The money moves 2 times in two different addresses and stops at this address 1L5tLc6ayc3RXAyicHRv2c2uSNVJzoP4Yp