Can offline wallets ever be hacked? - page 2.

taufik123

legendary

Activity: 2716

Merit: 1859

Rollbit.com | #1 Solana Casino

Quote from: mk4 on January 03, 2023, 04:34:19 AM

Quote from: Jason Brendon on January 03, 2023, 01:17:36 AM

When a person is too smart like a btc developer, he is easier to get fucked.

It depends. Sometimes a person thinks he/she's so smart(and so confident, in this case with his wallet security setup) that he/she gets complacent. Even smart and very technical people can get really careless.

A Bitcoin Core developer who incidentally already understands the ins and outs of bitcoin development can still be hacked and lose his bitcoins.
Saying too confident might not be right, he was just careless and assumed everything was safe so he didn't check every place whether was safe or not.

If his server is infiltrated by malware, most likely that is the cause, because a few months ago the server was entered by an unknown person.
When smart people get too careless, there's no meaningful security, anything can be hacked regardless of who that someone is.

Kryptowerk

legendary

Activity: 2114

Merit: 1403

Disobey.

Quote from: LDL on January 02, 2023, 08:54:27 PM

Until now a warning message from bitcoin forum was "Don't keep Your Money in Online Accounts/wallets" but it's sad to hear that a bitcoin developer's account was hacked and $3.6M(200BTC) assets were hacked from his online and offline wallets. has been So the only question we all have is how a hacker can hack or gain access to his offline wallet security password.

Bitcoin core developer Luke Dashjr lost Pretty Good Privacy (PGP) his offine and Online Accounts/ wallets and lost more than 200BTC.

Now my question is how a big bitcoin developer like him lost access to his offline wallet. So what are the risks of using offline wallets?

@LukeDashjr tweet: https://twitter.com/LukeDashjr/status/1609613748364509184?s=19
CryptoGlobe

As others pointed out, something that is indeed offline cannot be hacked.
If ofc there are any keys / passphrases of that "offline" wallet still on a computer that has access to the internet, yes it can be remotely accessed and possibly be hacked.

The best way to create a cold/offline wallet is via either by hand (risky regarding making a mistake on syntax etc) or a computer that is not (an nerver will be) connected to the internet.
If you use a printer, the printer should ideally be destroyed afterwards and not have an WLAN or similar connectivity.

ABCbits

legendary

Activity: 2870

Merit: 7490

Crypto Swap Exchange

Quote from: LDL on January 02, 2023, 08:54:27 PM

Can offline wallets ever be hacked?

I'll just repeat what i said on other thread.

Quote from: ABCbits on January 02, 2023, 05:06:18 AM

It depends on his cold wallet setup/usage. For example, using USB storage to transfer unsigned and signed transaction could be exploited by specifically designed malware.

Quote from: Jason Brendon on January 03, 2023, 01:17:36 AM

When a person is too smart like a btc developer, he is easier to get fucked.

Too smart or certain negative trait which sometimes comes due to being smart?

lousie9

sr. member

Activity: 1680

Merit: 263

Quote from: Frankolala on January 03, 2023, 05:58:58 AM

Offline wallet can not be hacked,only if due to his carelessness he put his back up seeds,where someone smarter than him saw it in his house and took advantage of him.

Maybe he linked his private keys to an online storage system,unknowingly to him and this led to the hack. He most have exposed himself in one way or the other to the hackers.

it makes more sense. there is the carelessness of the owner of the wallet in saving seeds. this is what can be done. maybe he saved the seed in a spreadsheet in some e-mail. hacking could have started from there.
an offline wallet, I'm sure it's safer than an online wallet. if an error is likely to occur, it is most likely due to the user himself.

franky1

legendary

Activity: 4410

Merit: 4788

Quote from: Frankolala on January 03, 2023, 05:58:58 AM

Maybe he linked his private keys to an online storage system,unknowingly to him and this led to the hack. He most have exposed himself in one way or the other to the hackers.

luke spent some coin in september 2022 with the change going back to his wallet. which had other spends 2019-2022 thus his keys were exposed to a node that had internet access

he did not use hardware(offline signing) wallets

Frankolala

hero member

Activity: 896

Merit: 586

Leading Crypto Sports Betting & Casino Platform

Offline wallet can not be hacked,only if due to his carelessness he put his back up seeds,where someone smarter than him saw it in his house and took advantage of him.

Maybe he linked his private keys to an online storage system,unknowingly to him and this led to the hack. He most have exposed himself in one way or the other to the hackers.

BlackBoss_

sr. member

Activity: 602

Merit: 387

Rollbit is for you. Take $RLB token!

Offline wallet isn't safe if you did stupid steps when you were creating that offline wallet.

You must do all steps when creating an offline wallet when Internet connection is disconnected. After creating it, that device should be kept air-gaped and not connect to Internet.

And how you store your backups is important too. If your backups lost to someone else, they can access your bitcoins.

Leak can occur if you do stupid things in any of those steps.

franky1

legendary

Activity: 4410

Merit: 4788

caution when confusing the words cold vs offline

back in the good old days we had no concept of "offline"(hardware wallets) we had paper wallets and backups as 'offline'

our usage of the words cold or hot were for home use(private internet access pc) vs server use(public access)

offline vs online were about
paper/wallet.dat backups/airgapped
vs
node imported/used wallets/keys

if keys were truly generated in an (airgapped) offline method where the keys were never exposed to a Pc that uses the internet.. then the only risk is some greedy relative being nosey in your house(or a burglar)

NeuroticFish

legendary

Activity: 3668

Merit: 6382

Looking for campaign manager? Contact icopress!

Quote from: LDL on January 02, 2023, 08:54:27 PM

Now my question is how a big bitcoin developer like him lost access to his offline wallet. So what are the risks of using offline wallets?

I don't believe that story yet, so I'll answer only about the question on the offline wallet.
An offline wallet can be hacked into if the user is (very) sloppy and unlucky:
* use of USB to transfer things (usually unsigned/signed transactions) in/out of that device
* storing (or handling!) wallet backups, seed backups and similar information on the online/hot computer, or even worse, on e-mail or cloud
* doing regular backups of the offline computer and keeping the backups somewhere accessible from the internet
* also, obviously, actual access of somebody in the house (or bank/safety deposit or wherever people keep them) and stealing backups of wallets or seed

mk4

legendary

Activity: 2870

Merit: 3873

Paldo.io 🤖

Quote from: Jason Brendon on January 03, 2023, 01:17:36 AM

When a person is too smart like a btc developer, he is easier to get fucked.

It depends. Sometimes a person thinks he/she's so smart(and so confident, in this case with his wallet security setup) that he/she gets complacent. Even smart and very technical people can get really careless.

Findingnemo

hero member

Activity: 2366

Merit: 793

Bitcoin = Financial freedom

Quote from: Jason Brendon on January 03, 2023, 01:17:36 AM

i am quite disappointed for he's okay with storing btc on a compromised server.
I don't know what he was thinking. To me, even a noobie knows the importance of a hardware wallet. Maybe because two negatives make a positive?
When a person is too smart like a btc developer, he is easier to get fucked.

Maybe a simple negligence costed him a lot, yes he maybe a smart ass but not everyone can keep everything at its perfect all the time so possibly he was phished or something else happened so the key was compromised and caused the hacker to get access to his device.

As far as OP is concerned offline wallet and cold wallet are completely different, what I refer an offline wallet is never ever stored the key on any digital medium is offline and its impossible to hack the wallet.

Jason Brendon

member

Activity: 162

Merit: 65

i am quite disappointed for he's okay with storing btc on a compromised server.
I don't know what he was thinking. To me, even a noobie knows the importance of a hardware wallet. Maybe because two negatives make a positive?
When a person is too smart like a btc developer, he is easier to get fucked.

Despairo

hero member

Activity: 1064

Merit: 843

I think the hack is happen because Luke Dashjr wasn't aware if PGP key can be hacked and it's his own careless for give access to his hardware wallet, I don't see any possibility hardware wallet can be hacked through online if it's never get connected.

Holding 200 BTC in one wallet is not a wise idea to be honest, he need to split it to 5 or 10 hardware wallets to reduce such kind bad happen.

Quote from: dansus021 on January 02, 2023, 10:03:56 PM

Can offline wallet be hacked the answer is yes https://www.youtube.com/watch?v=dT9y-KQbqi4

It's different case since Joe Grand was cracking the hardware wallet, while Luke Dashjr got hacked via online, the hacker doesn't get his hardware wallet.

gunhell16

hero member

Activity: 1666

Merit: 453

Quote from: LDL on January 02, 2023, 08:54:27 PM

Until now a warning message from bitcoin forum was "Don't keep Your Money in Online Accounts/wallets" but it's sad to hear that a bitcoin developer's account was hacked and $3.6M(200BTC) assets were hacked from his online and offline wallets. has been So the only question we all have is how a hacker can hack or gain access to his offline wallet security password.

Bitcoin core developer Luke Dashjr lost Pretty Good Privacy (PGP) his offine and Online Accounts/ wallets and lost more than 200BTC.

Now my question is how a big bitcoin developer like him lost access to his offline wallet. So what are the risks of using offline wallets?

@LukeDashjr tweet: https://twitter.com/LukeDashjr/status/1609613748364509184?s=19
CryptoGlobe

You know OP this is just my understanding, hackers can hack when they have an active internet data connection, without it they can't do their evil plan as a hacker in terms of offline wallets here in the cryptocurrency.

But if I use google it is still possible to hack your mobile or pc based on what I saw
5 Ways an Offline PC Can Be Hacked

pooya87

legendary

Activity: 3472

Merit: 10611

Hacks like this have never been because of a flaw in a cold storage setup but a flaw in the user himself.
In other words as long as a cold storage remains cold, it can not be hacked. For example you can never "hack" my paper wallet I have in my desk drawer but if you invade my home you can steal it now that I told you where it is (hypothetical scenario)!

I'll wait for more solid information on how this hack was taken place but if we assume this is real (not tax evasion Wink

) then as @franky1 said it seems like he infected his wallet on his own, as a mistake.

Quote from: LDL on January 02, 2023, 08:54:27 PM

Now my question is how a big bitcoin developer like him lost access to his offline wallet.

To err is human!

TribalBob

sr. member

Activity: 1330

Merit: 257

DGbet.fun - Crypto Sportsbook

as long as the offline wallet is not linked to the online wallet it's safe I guess,

dansus021

copper member

Activity: 2156

Merit: 983

Part of AOBT - English Translator to Indonesia

Can offline wallet be hacked the answer is yes https://www.youtube.com/watch?v=dT9y-KQbqi4

So what are the risks of using offline wallets? there is always the risk the biggest risk is we sometimes forget about the pin Grin

like the video I showed you above and offline wallet is pretty much safe than online wallet since online hack its happen all the time

Upgrade00

legendary

Activity: 2114

Merit: 2248

Playgram - The Telegram Casino

Quote from: LDL on January 02, 2023, 08:54:27 PM

So the only question we all have is how a hacker can hack or gain access to his offline wallet security password.

An offline wallet cannot be directly hacked, but if you link the private keys to an online sorage system, that can be hacked and once your keys are revealed, the hacker can make away with the bitcoins regardless of whether it's online or offline.

In a later tweet he hinted that this could have been due to a compromise on bitcoinknots, which Luke helps develop and maintain.

It's an unfortunate loss and a significant one at that.
If there's any take away from this, it's not to get complacent with your wallet security.

franky1

legendary

Activity: 4410

Merit: 4788

reading the tweets..
it seems he had a trojan on his online server.. and possibly backed up that server to his home Pc thus infecting his home PC(he was transitioning to a new server)

certain terms are mixed messages
before there were even hardare wallets and seeds and all the different types of ways to back up

hot=on a CEX server where public acess the server.
cold was your home full node(independant node not on a server)

airgapped/paper wallet were refered to as offline

in short cold did not dictate to mean offline, it just meant not on a server with public access

i remember a few years back trying to suggest a term of "warm wallet" for home node that were online when the confusion of cold wallet definitions first started stirring up because OG cold was not offline but newbie cold thought it meant offline

but "warm" didnt catch on as a buzzword to define the difference between server hot vs home node cold

LDL

hero member

Activity: 742

Merit: 671

Until now a warning message from bitcoin forum was "Don't keep Your Money in Online Accounts/wallets" but it's sad to hear that a bitcoin developer's account was hacked and $3.6M(200BTC) assets were hacked from his online and offline wallets. has been So the only question we all have is how a hacker can hack or gain access to his offline wallet security password.

Bitcoin core developer Luke Dashjr lost Pretty Good Privacy (PGP) his offine and Online Accounts/ wallets and lost more than 200BTC.

Now my question is how a big bitcoin developer like him lost access to his offline wallet. So what are the risks of using offline wallets?

@LukeDashjr tweet: https://twitter.com/LukeDashjr/status/1609613748364509184?s=19
CryptoGlobe

Topic: Can offline wallets ever be hacked? - page 2. (Read 505 times)