Pages:
Author

Topic: How to deal with hack (Read 1880 times)

hero member
Activity: 518
Merit: 500
January 18, 2014, 08:39:13 AM
#34
Can an online wallet be hacked if you are using Google Authenticator?


Yes, if the hacker is "internal"
full member
Activity: 231
Merit: 100
January 18, 2014, 08:36:49 AM
#33
Can an online wallet be hacked if you are using Google Authenticator?
hero member
Activity: 518
Merit: 500
January 18, 2014, 08:34:46 AM
#32
If you store remarkable amounts, use at least a dedicated OS which cannot be tampered from your all-day OS. For really huge amounts use a second offline computer.

Any OS can be "tampered" with. Store large amounts offline, on a computer never connected to the Net.
full member
Activity: 378
Merit: 100
January 18, 2014, 07:52:52 AM
#31
or you could transfer them to your wallet on 2nd hard disk for the sole purpose of storing your bitcoins then remove it from the network.
full member
Activity: 141
Merit: 100
January 18, 2014, 07:39:56 AM
#30
If you store remarkable amounts, use at least a dedicated OS which cannot be tampered from your all-day OS. For really huge amounts use a second offline computer.
hero member
Activity: 518
Merit: 500
January 18, 2014, 07:27:43 AM
#29
yea it's pretty easy to install a keylogger then install a process id hider to hide the keylogger.

On Windows sure. 99% of keyloggers run on Windows OS.
full member
Activity: 378
Merit: 100
January 18, 2014, 07:26:25 AM
#28
yea it's pretty easy to install a keylogger then install a process id hider to hide the keylogger.
hero member
Activity: 518
Merit: 500
January 18, 2014, 07:12:37 AM
#27
Free advice: Don't run Windows - the most insecure OS in the history of OS's

Isn't this just because it is the most popular.. Therefore most viruses will be targeting it?

Absolutely. And the best reason not to run it. Probability.
sr. member
Activity: 430
Merit: 250
January 18, 2014, 06:27:55 AM
#26
Free advice: Don't run Windows - the most insecure OS in the history of OS's
This is what a lot of people would like to think, but in the end it's usually human stupidity not the os's fault. A keylogger isn't installed through an exploit in the system, it's you who install it.
sr. member
Activity: 585
Merit: 250
January 18, 2014, 06:17:13 AM
#25
Free advice: Don't run Windows - the most insecure OS in the history of OS's

Isn't this just because it is the most popular.. Therefore most viruses will be targeting it?
hero member
Activity: 518
Merit: 500
January 18, 2014, 05:49:01 AM
#24
Free advice: Don't run Windows - the most insecure OS in the history of OS's
newbie
Activity: 38
Merit: 0
January 18, 2014, 03:57:22 AM
#23
You should consider keeping your important (e.g. bitcoin/litecoin/namecoin/etc) wallets on one virtual machine, and running new/shady alts in another.  I'm actually surprised more people don't do this, as it would prevent 99% of the theft incidents I've seen.

Never use either of those virtual machines to browse the web or do anything else outside of working with those wallets.  Never install any software that you don't absolutely need on them.

And my dumb ass have VMs and I'm not doing this.

This is great advice, thanks Smiley  
No problem.  Be sure to back up these VMs regularly as well.  It might save you a lot of trouble some day, and creating a backup of a virtual machine is as easy as it gets.

What's a good VM to use and where do you get a free win install for VM's? I remember doing it a while back and there was a free ISO given by Microsoft, but not quite sure.
I'd suggest running Ubuntu rather than Windows on the VMs.  I'd suggest Debian or some other Linux distro, but I'm making the assumption since you're looking for a windows VM that you aren't too familiar with Linux.
newbie
Activity: 38
Merit: 0
January 18, 2014, 03:55:23 AM
#22
Posted before finishing my thought process...

VMWare and VirtualBox both offer snapshot capability.  Personally, I create at least 1 snapshot each day, and keep a full backup of the VMs on a set of external drives that I rotate out between home and work (create backup, bring drive 1 to work, take drive 2 home, etc...).

Remember that you're basically carrying your bank account around now, and every time you browse the web or install something on the same machine as a wallet, you're trusting someone else to be left alone in your vault.
member
Activity: 103
Merit: 10
January 18, 2014, 03:52:27 AM
#21
You should consider keeping your important (e.g. bitcoin/litecoin/namecoin/etc) wallets on one virtual machine, and running new/shady alts in another.  I'm actually surprised more people don't do this, as it would prevent 99% of the theft incidents I've seen.

Never use either of those virtual machines to browse the web or do anything else outside of working with those wallets.  Never install any software that you don't absolutely need on them.

And my dumb ass have VMs and I'm not doing this.

This is great advice, thanks Smiley  
No problem.  Be sure to back up these VMs regularly as well.  It might save you a lot of trouble some day, and creating a backup of a virtual machine is as easy as it gets.

What's a good VM to use and where do you get a free win install for VM's? I remember doing it a while back and there was a free ISO given by Microsoft, but not quite sure.
newbie
Activity: 38
Merit: 0
January 18, 2014, 03:50:32 AM
#20
You should consider keeping your important (e.g. bitcoin/litecoin/namecoin/etc) wallets on one virtual machine, and running new/shady alts in another.  I'm actually surprised more people don't do this, as it would prevent 99% of the theft incidents I've seen.

Never use either of those virtual machines to browse the web or do anything else outside of working with those wallets.  Never install any software that you don't absolutely need on them.

And my dumb ass have VMs and I'm not doing this.

This is great advice, thanks Smiley  
No problem.  Be sure to back up these VMs regularly as well.  It might save you a lot of trouble some day, and creating a backup of a virtual machine is as easy as it gets.
member
Activity: 103
Merit: 10
January 18, 2014, 03:45:03 AM
#19
eh yeah I will be doing that virtual machine thing tomorrow and seperating the main wallets from the alts. just a shitty day overall going to try and get some sleep. Thanks for all the suggestions, if I get any leads to a culprit I will post back. Night night Sad
sr. member
Activity: 430
Merit: 250
January 18, 2014, 03:42:46 AM
#18
I'm just trying to figure out how they got to my cavirtex account. They send an email whenever you connect from a different device, and I did get an email at a time when I didn't login and I changed my pass at that point, so how could they still have got in? So frustrating, I had just put my BTC there to cashout after all that hard work. Really people that do this stuff have black hearts and I really hope bad karma bites them back in the ass. Now i have to start back from scratch, and to think it was going to pay my debts off. Words just can't describe the disappointment. :S
How secure was your password (be honest with yourself)?  Never use the same password for multiple sites or purposes.  Consider ordering a yubikey as well.

Well I"m convinced its more from reused password from a pool than a key logger. I will be calilng them tomorrow to see if I can get any additional info.
With all those installed clients I'd be very surprised if none of them came with a keylogger.
sr. member
Activity: 280
Merit: 250
January 18, 2014, 03:39:49 AM
#17
You should consider keeping your important (e.g. bitcoin/litecoin/namecoin/etc) wallets on one virtual machine, and running new/shady alts in another.  I'm actually surprised more people don't do this, as it would prevent 99% of the theft incidents I've seen.

Never use either of those virtual machines to browse the web or do anything else outside of working with those wallets.  Never install any software that you don't absolutely need on them.

And my dumb ass have VMs and I'm not doing this.

This is great advice, thanks Smiley  
member
Activity: 103
Merit: 10
January 18, 2014, 03:38:37 AM
#16
I'm just trying to figure out how they got to my cavirtex account. They send an email whenever you connect from a different device, and I did get an email at a time when I didn't login and I changed my pass at that point, so how could they still have got in? So frustrating, I had just put my BTC there to cashout after all that hard work. Really people that do this stuff have black hearts and I really hope bad karma bites them back in the ass. Now i have to start back from scratch, and to think it was going to pay my debts off. Words just can't describe the disappointment. :S
How secure was your password (be honest with yourself)?  Never use the same password for multiple sites or purposes.  Consider ordering a yubikey as well.

Well I"m convinced its more from reused password from a pool than a key logger. I will be calilng them tomorrow to see if I can get any additional info.
member
Activity: 103
Merit: 10
January 18, 2014, 03:35:09 AM
#15
I saw Yubikey recently as an option and was going to look into it. For now i'm using google 2 auth.
Pages:
Jump to: