Topic: HELP, BITCOINS STOLEN - REWARD 600 Bitcoins or equivalent in Euro - page 3. (Read 10392 times)

A smartphone app that could scan paper wallets and initiate transactions would make paper wallets just as mobile as your netbook.  I don't know if that smartphone app is part of the present or part of the future, but I gather your netbook won't be powered on 24/7 so it's just as cold as paper when it's off.

The hardest part of using paper wallets is having to type the codes if you can't scan them.  Eliminate the typing, and they are very convenient.  They weigh far less than the netbook and can be given away IRL if you end up needing to give someone bitcoins.

I was referring to the OP with my statement, who comes off as the type that would be vulnerable to this kind of thing.

Ever tried NOD32? Never had a problem in the 3 years I've been running it, and it catches a lot of potential bullshit.

Not to burst the little mutual agreements you guys seem to be having, but I don't regard myself as a retard who was social engineered to click yes to every dialog box. I use a separate password for every site, have encrypted backups of my wallet and gpg identity, use 2-factor authentication whenever possible, and don't just execute random stuff.

Apparently, that isn't enough. Granted, some of those habits prevented much larger losses: I only lost 101 Bitcoins because the attacker couldn't access my accounts with 2-factor authentication, and I had no Bitcoins in my wallet. However, my wallet encryption means nothing if my computer is compromised, and technically I should consider my gpg identity compromised as well, which sucks major ass.

The thing is, it doesn't take a retard to have an unsecure computer. It only takes one slip-up, or sometimes not even that (0-days).


So what would be the best way to make something secure, but still usable? (ie, not cold storage, I need to trade my coins on exchanges) My current plan is to buy a lightweight netbook, carry it with me all the time, put ubuntu and full-disk encryption on it, and only do bitcoin stuff from there.

Oh, and I'll try to find out what infected me, but it might take a while.

There are a lot of people who demand that bitcoin is not user friendy and should be plug-and-playable.
When I see thefts like this, I'd rather demand the opposite. Maybe that'll force people to understand which precautions are necessary to avoid digital theft.

yep, for this bucks you can eventually get things moving even in russia^^.

600 BTC (~$7000 at current rates) is a lot of money, I hope the thief made (or will make) some mistake along the way, I wish I could help but my knowledge of how the bitcoin/blockchain works is poor.

Because I cannot post to the thread in Bitcoin/Legal I'm posting this here.


In case you're not aware of it, you can prove ownership of any address by signing a message with the corresponding private key. You can use brainwallet.org to do this.

Obviously nothing will ever be as safe as cold storage. Unfortunately, armory is far from being user friendly (it requires shitload of memory, for starters).
Multisig txs seem to be like a decent solution when needing good security and easy access to bitcoins. Obviously cold storage will still be the way to go for any large amount of coins.

Nothing will ever protect against the competency of the operator.

3-rd party software firewalls are shit. Windows7 built-in firewall is great if configured properly, but firewall is like last line of defense if malicious code already is executed on computer. Advanced malware can disable all software firewalls. And they are useless if lamer does not know how to use them properly.Most malware is spread by social engineering retards into downloading and running the malware on computer. So You are correct.Not anymore. You need to have service with working exploit accessible from outside. Router/NAT between your computer and internet prevent this. The address space layout randomization and data execution prevention makes these types of attacks very hard.The FTP wallet stealer was more proof of concept code than real malware but I know it was used successfully on many times For grabbing the password you need RAT.The best rats now use Tor and Tor hidden services for C&C. But the RAT or the haxor might not be so advanced and it really might contain some leads.You are too smart to infect your own computer Second computer for cold wallet without network connection and Armory on both of them is workable solution. Offline computer might be any computer capable of running WindowsXP such as Pentium3 or 4. They are really cheap. You don't need to keep 2000 coins online.They will not be completely safe and will create additional problems. Armory and offline wallets are the way to go.

I hope multisig transactions will soon be implemented in a way that they are easy to use, that will make things a lot safer.

Cold-storage? Agreed. That's why I'm annoyed with the inconvenience of that security.

Yeah all it is, is either a RAT or IRC/HTTP bot which has downloaded and executed a open source wallet stealer which uploads the wallet to an FTP. If its a rat then the attacker would of just used remote file manager.

Either way nothing special, having the binary used however would allow us to find the point of origin. Especially if a RAT was used because they make connection to the attacker themselves and not a centralized command and control server.


I think OP you being infected and having your wallet stolen would of been in the time frame of 24 hours max. So thinking back to when your had you wallet stolen anything within a day of downloading some form of exe would help.

Not only would you wallet of been stolen but you would of probably fell victim to the attacker actually mining on your computer. This is something else that saddens me because people who do this do very little to hide the login and password to the Pool they are mining for .
 

I would try a simple dictionary attack on the mail.ru for the email however I do not posses and Russian based pass lists. Either way ill keep trying and see what I can find.

Why does this happen to other people and not me, I WANT to be infected by such malware .

Isn't it possible to port scan then buffer overflow whatever listening service?

If you're worried just send bitcoins to a paper wallet, and you'll be fine.

Nothing to worry about too much, download Comodo firewall its a good program for monitoring and blocking any malicious connections. Most malware is spread the traditional way such as via torrents, Youtube, drive by's etc. So staying protected just means staying wise and being cautious of sites you visit and files you download.

Interesting, most popular way to spread a virus is warez & exploit kits.

http://investing.businessweek.com/research/stocks/private/snapshot.asp?privcapId=49933867
http://www.utrace.de/whois/178.176.96.4
http://www.utrace.de/ip-adresse/178.177.115.29

I would contact this ISP
However, russian hosting are not very responsive unless the is a court ruling, maybe offer them the bounty xD.

EDIT:
There are professional private detectives located in russia of course, maybe thats an option, no idea how much they charge and how high the success probability is.

Most trojans are like remote desktop or Radmin that can give full control over computer. This is nothing special.

For me it's also on Windows 7, and it is indeed probably some trojan*, but it's one that can read password fields, not just keylogging. One of my accounts he got into has a password that I don't physically type.

*I don't remember clicking any, but who knows.

Most likely it was a trojan binded to some executable file that OP run. Also it can be a 0-day exploit on system or some misconfiguration of computer such as reused passwords or something.Likely Windows, because to infect Windows you need to double click file. To infect Linux you need to use SU. It is a sanity check and dumbness filter.

Message to the thief if he is reading this: I will launder the coins for a small fee. Additional guarantees available. Price and other terms negotiable. Also I can give instructions for do-it-yourself laundering.

OP is not going to pay me for my great knowledge!