Funds stolen from blockchain.info | Bitcointalksearch.org

dooglus

legendary

Activity: 2940

Merit: 1333

Quote from: P4man on November 06, 2014, 04:40:06 AM

blockchain uses https (obviously). If there is a problem with that, a man in the middle attack wouldnt be confined to tor at all. Anyone who could snoop your traffic would be able to steal your coins, and that would be problematic to put it mildly.

That's not true. In order to use the POODLE exploit you need to be able to modify the stream, not just read it.

The problem is only with webservers which allow SSL3. Everyone should disable SSL3 to prevent the attack.

blockchain.info uses cloudflare, which seems to mean they don't use SSL3 - which leaves me wonder how this attack is being successful.

P4man

hero member

Activity: 518

Merit: 500

blockchain uses https (obviously). If there is a problem with that, a man in the middle attack wouldnt be confined to tor at all. Anyone who could snoop your traffic would be able to steal your coins, and that would be problematic to put it mildly.

ranochigo

legendary

Activity: 3038

Merit: 4418

Crypto Swap Exchange

Quote from: PolarPoint on November 05, 2014, 03:11:02 PM

Quote from: ranochigo on November 04, 2014, 08:09:28 AM

Tor is pretty safe as long as you download all the updates. The latest Tor update disabled SSL3 and it is not possible to MITM attack with the newest version.

I don't know Tor enough to be criticising it, but the whole idea seems rather unsafe. I don't feel comfortable with typing any passwords in it.

Traffic coming out of tor exit nodes are unencrypted. Rogue exit nodes can potential capture unencrypted information transmitted using HTTP instead of HTTPS. Alternatively, vulnerbilities in HTTPS can allow those exit nodes to see encrypted information and capture your passwords.

Tstar

legendary

Activity: 1176

Merit: 1005

Decentralized Asset Management Platform

people who using TOR to access blockchain faced this problem
it was an issue with exit node on tor network

PolarPoint

hero member

Activity: 672

Merit: 500

Quote from: ranochigo on November 04, 2014, 08:09:28 AM

Tor is pretty safe as long as you download all the updates. The latest Tor update disabled SSL3 and it is not possible to MITM attack with the newest version.

I don't know Tor enough to be criticising it, but the whole idea seems rather unsafe. I don't feel comfortable with typing any passwords in it.

marcelus

sr. member

Activity: 297

Merit: 250

Quote from: ranochigo on November 04, 2014, 08:09:28 AM

Quote from: hamza171 on November 02, 2014, 08:03:49 PM

So how is TOR safe if someone can do this?

Tor is pretty safe as long as you download all the updates. The latest Tor update disabled SSL3 and it is not possible to MITM attack with the newest version.

It's exit nodes that are the problem.

ranochigo

legendary

Activity: 3038

Merit: 4418

Crypto Swap Exchange

Quote from: hamza171 on November 02, 2014, 08:03:49 PM

So how is TOR safe if someone can do this?

Tor is pretty safe as long as you download all the updates. The latest Tor update disabled SSL3 and it is not possible to MITM attack with the newest version.

sionsandman

hero member

Activity: 519

Merit: 500

Quote from: kruhft on November 04, 2014, 02:20:56 AM

Quote from: lonari on November 01, 2014, 01:14:05 PM

Was accessing my wallet from Tor and then suddenly, 1.84100102 BTC was transferred to 1FJxeqyAAkxjbV5ijh3CnNkbgdu8zCVsY7

2FA was always enabled. Using google auth.

Do I have any recourse?

Looks like whoever it is has been pretty active: https://blockchain.info/address/1FJxeqyAAkxjbV5ijh3CnNkbgdu8zCVsY7

WOW

kruhft

newbie

Activity: 5

Merit: 0

Quote from: lonari on November 01, 2014, 01:14:05 PM

Was accessing my wallet from Tor and then suddenly, 1.84100102 BTC was transferred to 1FJxeqyAAkxjbV5ijh3CnNkbgdu8zCVsY7

2FA was always enabled. Using google auth.

Do I have any recourse?

Looks like whoever it is has been pretty active: https://blockchain.info/address/1FJxeqyAAkxjbV5ijh3CnNkbgdu8zCVsY7

MystPhysX

hero member

Activity: 597

Merit: 500

Quote from: hamza171 on November 02, 2014, 08:03:49 PM

So how is TOR safe if someone can do this?

This is using the POODLE exploit, it's genius. Only way to stop it is to disable SSL 3.0 on both ends. So using TOR only makes the MITM part easier, it's not that TOR is the only way to accomplish this.

hamza171

sr. member

Activity: 249

Merit: 250

So how is TOR safe if someone can do this?

Gleb Goodston

newbie

Activity: 39

Merit: 0

Yes Tor & any online wallet don't mix & you should expect to lose everything. Never access with Tor you will regret it. It's the same with emails and other things too.

Spoetnik

legendary

Activity: 1540

Merit: 1011

FUD Philanthropist™

Quote from: HQLD on November 02, 2014, 06:54:14 AM

I also know someboy who have had the same experience. If the exit node is running by a criminal you may loose all your coins.

far more likely than a man in the middle attack.

thompete

full member

Activity: 224

Merit: 100

Quote from: pooya87 on November 02, 2014, 06:18:57 AM

Quote from: lonari on November 01, 2014, 01:14:05 PM

Was accessing my wallet from Tor and then suddenly, 1.84100102 BTC was transferred to 1FJxeqyAAkxjbV5ijh3CnNkbgdu8zCVsY7

2FA was always enabled. Using google auth.

Do I have any recourse?

how is this possible, i see a lot of posts about losing bitcoins while using Tor but all of them have one thing in common: they don't have 2FA.
are you sure you didn't mess up like using wrong recipient address

It has to do something with javascript and tor running along. There are a lot of security issues doing it, and there have been several cases of this happening.

HQLD

newbie

Activity: 13

Merit: 0

I also know someboy who have had the same experience. If the exit node is running by a criminal you may loose all your coins.

pooya87

legendary

Activity: 3472

Merit: 10611

Quote from: lonari on November 01, 2014, 01:14:05 PM

Was accessing my wallet from Tor and then suddenly, 1.84100102 BTC was transferred to 1FJxeqyAAkxjbV5ijh3CnNkbgdu8zCVsY7

2FA was always enabled. Using google auth.

Do I have any recourse?

how is this possible, i see a lot of posts about losing bitcoins while using Tor but all of them have one thing in common: they don't have 2FA.
are you sure you didn't mess up like using wrong recipient address

Domino

hero member

Activity: 662

Merit: 500

Quote from: lonari on November 02, 2014, 02:13:38 AM

i know it's not a huge amount, but do I have any recourse?

Bitcoin transcation is irreversible and I am afraid you won't be able to get your bitcoin back.

TheNinja

member

Activity: 70

Merit: 10

★777Coin.com★ Fun BTC Casino!

1.8 BTC isn't a huge amount?...Damn I wish I had that much. It's hard to get it back...particularly due to the nature of cryptocurrency

lonari

newbie

Activity: 9

Merit: 0

i know it's not a huge amount, but do I have any recourse?

xcapator

sr. member

Activity: 322

Merit: 252

Here I Am !!

Do not use TOR to access your wallet / blockchain.info, I believe you were the victim of man-in-the-middle attack, there is known POODLE vulnerability in TSL/SSL that's being exploited in TOR network

similar thread :
https://bitcointalksearch.org/topic/there-is-an-epic-blockchaininfo-theft-method-out-there-828238

cma3

newbie

Activity: 56

Merit: 0

sounds familiar:

https://bitcointalksearch.org/topic/torblockchain-wallet-hacked-633-btc-loss-821829

PolarPoint

hero member

Activity: 672

Merit: 500

You should search the forum about blockchain.info wallets and tor. You are not the only one with funds stolen. Tor and web wallets don't mix.

lonari

newbie

Activity: 9

Merit: 0

i think it has something to do with malicious Tor exit nodes.

so whatever you do, don't use Tor with web wallets Angry

letyouearn

legendary

Activity: 1722

Merit: 1014

How is it possible buddy ? How can anyone stole bitcoins from ur blockchain wallet without knowing ur identifier and password . I am totally confused about this issue. If this is really happening, then i have to stop using blockchain and have to transfer my all funds to a secure btc wallet.

lonari

newbie

Activity: 9

Merit: 0

Was accessing my wallet from Tor and then suddenly, 1.84100102 BTC was transferred to 1FJxeqyAAkxjbV5ijh3CnNkbgdu8zCVsY7

2FA was always enabled. Using google auth.

Do I have any recourse?

Topic: Funds stolen from blockchain.info (Read 3550 times)