Topic: Help me tracking down the IP to those transactions or following them now! (Read 1446 times)

I use System explorer (freeware)
http://systemexplorer.net

And, on demand, Emsisoft Emergency Kit  (freeware)
http://www.emsisoft.com/en/software/eek/

anybody knows a program to detect keyloggers? so i can check out if there is still something active-.

also he seems to have deleted stroncoin account history..does he thin i am that dumb to not check blockchain one second after disovering that?


somehow i cant get rid of the feeling that strongcoins security seems compromised..

I am in no way a noob or whatever..besides 2 fac auth  I had every other safeguard there..

I would hire him from the spot lol

Thanks for all the hints !

it is really strange ..

i have eset nod32 running ..everything is highly secured..long passwords..everywhere other apasswords..customized win7 where nearly all shit is disabled....i have to manualy allow every fucking connecting program..

i am with computers 20years and it seems i got OWNED the first time..

also funny the thief left 20 other coins in strongcoin which he could have easily stolen too..


i cannot get how that worked..

fucking shit really..

I have seen that i did tor logins disallowed but had lastpass history disabled..


i am trying to find out what happened..

i put a traffic sniffer on my computer and wait now if the guy is brazen enough agaibn,..


the real strange thing is thoug...if he had a keylogger he should have known that this is the address is my mining motherload..

so why he didnt wait another 24hrs for the next 100 btc (100 btc autowd is enabled @ pool) or wait for much more time until 10k + are there ?

It happened when someone else had coins stolen, too. It's no good at mixing, so I don't really understand the point. Fwiw, some amount of coins ended up at 15ArtCgi3wmpQAAfYx4riaFmo4prJA4VsK which is a Bitcoin faucet. The thief may've just been bored. We really need to hire these guys instead of letting them run loose with idle hands.   

Maybe or maybe not the point is that the origination IP address is never recorded.  blockchain.info saying the IP address is x simply means that is the first node which relayed it to blockchain.info.   It could be the IP address of entity who submitted that transaction but it also could just happen to be a node which received the tx from another node who received it from another node who recieved it from another node ..... who received it from the source.


My guess just based on past thefts is a keylogger.  Your PC is infected and the attacker recorded the password the last time you logged in and then just logged in as you.

Use 2 factor authentication.  If a service doesn't offer 2 factor authentication then don't use the service.

A password which is "fj32!89r@pnfejSSnfds9X089RD03j^lkj%sa&uyi2nk;ff" doesn't provide any more security than "password123" if the attacker is using a keylogger.   

Use 2 factor authentication.
Use 2 factor authentication.
Use 2 factor authentication.
Use 2 factor authentication.
Use 2 factor authentication.

I have yet to see one of these reports from someone who's account was protected by 2 factor authentication. 
While nothing is "hackproof" 2 factor does raise the bar very high and as such it is far more likely a hacker will just exploit weaker targets.

So, someone stole your money and went to play satoshidice with it?

If you have any VNC-type software (tightVNC, realVNC, TeamViewer - whatever), including the Windows' Remote Assistance app (if you happen to be on Windows), I'd disconnect the network right now, move over important docs to a different hard drive, then do a clean install of your OS (request a new IP address from ISP while you're at it).

Alternately, if you use the SC password for anything else, that could be the problem. It may also be that your email account is compromised, with which they could have "recovered" your SC account. Since you're being individually targeted, it's probably a good idea to go through your LastPass login history and make sure all the IP addresses are your own. To see history, go to LastPass vault. In top-right is your email address with a drop-down button right next to it. Click it and then go to "History" where it'll show you all recent events and which IP those events originated again. You can find your IP address at cmyip.com

so that is done through tor?

Actually this is my adress located at strongcoin

the WD began yesterday evening and are now beeing tubled..

It is actually impossible to get in without knowing my megahyper password or having acess to lastpass..and even lastpass doesnt know it..

i am baffled on how this is possible..

Not really. You can see the IP which relayed that, but it frequently isn't the person who actually sent the transaction. The IP that comes up for the withdrawals is 127.0.0.1, which is useless.

it looks like it is beeing tumbled correct?

I will pay for that !

http://blockchain.info/address/1MmFPFbztUQ8NawgRS2qmogeGrqs18mwbW

I need the Ip from where those transactions are made..is this possible?

thanks !