Pages:
Author

Topic: I GOT HACKED AND LOST 1 MILLION - page 2. (Read 25047 times)

legendary
Activity: 2030
Merit: 1573
CLEAN non GPL infringing code made in Rust lang
January 08, 2019, 07:28:56 PM
Thank you for all given infos, including @Artemis3.

On my side I set some rules :

- Permanent use of a keyboard input encryptor : however I do not know it's real efficiency, your opinions are therefore welcome.

- Each password used (and I use hundreds) is unique.

- All these passwords are printed on physical paper and stored in a folder. Of course in case of destruction of these documents (by fire, water etc ...) I could only blame myself. It should be noted that this solution suits me for the moment insofar as I do not have collossales sums in cryptos.In the case of op, I would secure even more it is obvious).

- I do not install special wallets (especially for airdrops)

There is so much more to say, but eveyone uses own method.I especially wanted to participate in this conversation to bring my humble point of view regarding the storage of passwords.

Good luck to all, especially op, you have strong nerves, well done! I wish you the best for 2019, wholeheartedly Smiley
Those are good ideas. You have to think ahead, because when you are handling money you WILL become a target, either directly (you managed to attract someone's attention) or indirectly (phishing, malware, random probing, etc).

As for the keyboard encryptor, I'm not entirely sure of the usefulness of that. I guess its a race of who captures the keystrokes first...
You should have those passwords backed up in someway, in case the physical location gets destroyed (in a fire, flood, or such). Could be digitally using an encrypted file or password manager, or copies in a different places. But securing (and making) the copies becomes tricky; which is why I like the digital encrypting method more.

Another possibility is to buy a tablet or something and run a wallet there. If you dedicate it you probably won't be running other stuff, the problem then becomes updates and such. Eventually you just get a HW wallet or cold wallets and be done with it.
Cold "paper" wallets are very good when handled properly and its always a good practice to learn how to make and use them.

And never mix your leisure computer with your money handling operations.
legendary
Activity: 3164
Merit: 2258
I fix broken miners. And make holes in teeth :-)
January 04, 2019, 02:27:06 PM
Another possibility is to buy a tablet or something and run a wallet there. If you dedicate it you probably won't be running other stuff, the problem then becomes updates and such. Eventually you just get a HW wallet or cold wallets and be done with it.
legendary
Activity: 2534
Merit: 1713
Top Crypto Casino
January 04, 2019, 12:36:37 PM
A good idea is maybe having a separate laptop which is specifically used for the purpose of wallet transactions only
legendary
Activity: 2450
Merit: 1448
January 04, 2019, 11:02:15 AM
Thank you for all given infos, including @Artemis3.

On my side I set some rules :

- Permanent use of a keyboard input encryptor : however I do not know it's real efficiency, your opinions are therefore welcome.

- Each password used (and I use hundreds) is unique.

- All these passwords are printed on physical paper and stored in a folder. Of course in case of destruction of these documents (by fire, water etc ...) I could only blame myself. It should be noted that this solution suits me for the moment insofar as I do not have collossales sums in cryptos.In the case of op, I would secure even more it is obvious).

- I do not install special wallets (especially for airdrops)

There is so much more to say, but eveyone uses own method.I especially wanted to participate in this conversation to bring my humble point of view regarding the storage of passwords.

Good luck to all, especially op, you have strong nerves, well done! I wish you the best for 2019, wholeheartedly Smiley
legendary
Activity: 2030
Merit: 1573
CLEAN non GPL infringing code made in Rust lang
January 04, 2019, 08:20:12 AM
Passwords may be as good as they can. When they are stored in the same password safe the single password of the safe unlocks all of them. A password safe does not provide real security. At most it helps to distribute your passwords over many devices.

do not put backup codes in any password safe. They are only safe on paper and that only if they are read from the screen on a safe system. 2FA means to have a second independent source for the authentication - that is not given anymore if the backup codes are stored on the same system as the password - that is even true if a different password manager is used.

It is an scalability problem. Your brain isn't going to reliable handle 1000 random passwords. Same with 2fa backups. Tho be my guest if you trust more writing them down manually in a notebook, and hope that notebook does not fall in the wrong hands or gets lost.

Password managers encrypt their data file (or at least they should), provided you use a decent password, it should be no problem to store it even in google cloud. If you read the rest of my post, you should pay attention to the "secure computer" part, you can have that one air gapped, without any LAN or WIFI if you want.

You don't seem to trust password managers, perhaps because your password was keylogged when you opened it in your insecure windows computer. But that's not the password manager fault, you had a malware already intercepting everything. You should prevent this in the first place.
sr. member
Activity: 437
Merit: 255
January 02, 2019, 03:41:33 AM
Now lets talk about passwords. Never EVER Re-use the same password anywhere, period. Use a password manager to generate a different random password for every site and service you use, and password protect that with a GOOD (2) password. If you have a password for your PC (which you should) make this also a good password different to the one in your password manager. Then every time you need to login to a site, use your password manager. This works better in a safer OS like Linux, BSD, etc; which is why permanently installing linux in another PC dedicated for such tasks is not such a bad idea (ie. your productivity separate from your gaming PC).

Passwords may be as good as they can. When they are stored in the same password safe the single password of the safe unlocks all of them. A password safe does not provide real security. At most it helps to distribute your passwords over many devices.


2fa is not panacea, but I'm not against you backing up the codes within the password manager, tho you could use a separate password file (with a different GOOD password) for that exclusive use, since you very rarely need the backups (only when your smartphone is lost); again much better to do this in a "secure" PC running a safer OS.

do not put backup codes in any password safe. They are only safe on paper and that only if they are read from the screen on a safe system. 2FA means to have a second independent source for the authentication - that is not given anymore if the backup codes are stored on the same system as the password - that is even true if a different password manager is used.
hero member
Activity: 1054
Merit: 501
January 01, 2019, 05:53:26 PM
#99
For some reason namecheap will neither react nor reply to such email except if, opp, ask his legal adviceser to compose and file this msg on his behalf to namecheap.


member
Activity: 294
Merit: 53
January 01, 2019, 04:16:55 PM
#98
this is funny (or not)

Namecheap never reacted to the ticket. GitHub seamed to have taken down the repository for some days. But now its up and running again.  Huh

Have you tried Namecheap's live chat yet? Tell them there to give priority to your ticket.
legendary
Activity: 2030
Merit: 1573
CLEAN non GPL infringing code made in Rust lang
January 01, 2019, 02:29:35 PM
#97
Let this sad incident be a reminder to anyone that happens to come across this thread: When you handle bitcoins or any other decentralized crypto, YOU are THE BANK.

You simply cannot be lazy about it, the higher the amount, the more important it is. BUT, while you are starting with "low" sums, take the chance to train yourself and get in the habit to do things properly.

The OP thankfully admitted some mistakes, but to summarize:

  • Windows 10
  • Same password
  • Trying unknown software on the same PC

Seriously people, DON'T. Lets start with the beginning.

You should not use windows to handle these sums. Even if you see companies and large institutions using it, Microsoft has a long history of security faults. The OS might be OK for gaming and non essential stuff, but handling your money is something that should never occur to you. The solution is simple, use a different OS for serious tasks.

For example you can download a linux iso, put it in a thumbdrive and boot the computer from it to create and occasionally handle a cold wallet. You don't even need to install that OS in your computer if you don't want, just boot from it to do your banking and then shut it off. Someone mentioned kali, I don't recommend this. not only its very unfriendly to newcomers, but it logs as root by default. That is not a distro for protection, its for testing security, meaning: attacking (which you should never do without written permission).

How to make and handle a cold wallet:

Use newbie friendly distro like Linux Mint or Ubuntu to boot from usb, install a wallet like Electrum using the distro package manager; create a wallet and write down the seed words (1) in a piece of paper by hand (no printing, no photos). Once created don't bother with passwords, just print or photo your wallet addresses and turn off the PC.

From now on any money you send to those addresses are as safe as that paper with the written seed words is. It is offline (ie. cold), and no "hacker" can do anything about it.

But someday you may want to move those funds elsewhere:

Use newbie friendly distro like Linux Mint or Ubuntu to boot from usb, install a wallet like Electrum using the distro package manager; recover the wallet by using the seed words you wrote in that piece of paper by hand, do your transactions and turn off the PC.

Ideally you should keep a "cold" wallet for large sums, and a "hot" wallet (eg: in your smartphone) for daily needs.

By using an usb thumbdrive to boot a linux distro you are keeping separate your risky malware OS from your serious banking use. You could also install the "secure" OS permanently in another PC (old or not) to do your internet and online banking, and perhaps productivity safer, but keep using the boot from USB (livecd) method around when handling cold wallets, which you are not supposed to do very often. You can check any transactions going to your cold wallet by using any of the online blockchain explorers.

Now lets talk about passwords. Never EVER Re-use the same password anywhere, period. Use a password manager to generate a different random password for every site and service you use, and password protect that with a GOOD (2) password. If you have a password for your PC (which you should) make this also a good password different to the one in your password manager. Then every time you need to login to a site, use your password manager. This works better in a safer OS like Linux, BSD, etc; which is why permanently installing linux in another PC dedicated for such tasks is not such a bad idea (ie. your productivity separate from your gaming PC).

2fa is not panacea, but I'm not against you backing up the codes within the password manager, tho you could use a separate password file (with a different GOOD password) for that exclusive use, since you very rarely need the backups (only when your smartphone is lost); again much better to do this in a "secure" PC running a safer OS.


If this is too annoying and you'd rather trust your money to 3rd party institutions, fine go ahead and use a bank vault (maybe a good place to store a copy of your seed words). But remember when you are the bank, the responsibility lies almost entirely in you.

(1) Those seed words represent (are used to regenerate) your private key.
(2) A good password is something you can't find in a dictionary. You can easily scramble your passwords by mixing words and number together, preferably intermingled. Eg. say Table and 1988 could become T1a9b8l8e or tA19BL88E be creative and use your imagination for something only you can remember.

Good luck. Perhaps post a bounty in services for recovery?
sr. member
Activity: 437
Merit: 255
January 01, 2019, 12:00:29 PM
#96
...
To make Windows more secure anti keylogger, anti screen recording software and constant port checks need to be done. With my experience I would not use a non dedicated computer for crypto anymore - too late. For anybody: Use hardware wallets or dedicated computers without automatic updates

'without automatic updates'

Why?  Huh
[/quote]

because 'automatic updates' deploy new code on the computer which is a risk on itself - even if the original software is from a trusted source the updates may contain malicious code
jr. member
Activity: 89
Merit: 1
January 01, 2019, 11:03:39 AM
#95
A simple premium version of avast for less than 15 buck ...

Please Check the history of the thread. The critical file has been checked by virustotal and was marked ok. Avast and other virus checks wouldn't have helped. Basically that was the trap I was running in.

To make Windows more secure anti keylogger, anti screen recording software and constant port checks need to be done. With my experience I would not use a non dedicated computer for crypto anymore - too late. For anybody: Use hardware wallets or dedicated computers without automatic updates

'without automatic updates'

Why?  Huh
sr. member
Activity: 437
Merit: 255
December 30, 2018, 08:53:40 PM
#94
OMG! That's enormous!, sorry for your loss, it would be of great help if you could elaborate where coins where held, is it a multi wallet(If Yes, which wallet ?) how it happen or what you could think have happened ? A malware installation, phishing site and or anything that is more specific.



@Valerian77  => @Harkorede,


i'm sorry about the loss. i wish you will be able to recover partial coin if, not full amount.

i'll suggest any discussion should be made via pm. Harkorede, pls use PM when asking such question(s) in so doing Valerian77, can also reply and post detail info's to you via pm.

*Otherwise, is not adviceable to post such info's on the public board where everyone including the person behind the act can easily access.


If the attacker reads this thread he will not get any information that he doesn't have already.

Regarding the method of hacking - it was a RAT attack in electrumdiamond. We understand the function of that malware pretty well now. From that and what was said before I recommend not to install anything whatsoever on your system what has not been electronically signed by a known entity. Virus and Malware check do not help to prevent such a scenario.
sr. member
Activity: 437
Merit: 255
December 30, 2018, 08:37:33 PM
#93
A simple premium version of avast for less than 15 buck ...

Please Check the history of the thread. The critical file has been checked by virustotal and was marked ok. Avast and other virus checks wouldn't have helped. Basically that was the trap I was running in.

To make Windows more secure anti keylogger, anti screen recording software and constant port checks need to be done. With my experience I would not use a non dedicated computer for crypto anymore - too late. For anybody: Use hardware wallets or dedicated computers without automatic updates
sr. member
Activity: 1470
Merit: 325
December 29, 2018, 10:40:40 AM
#92
that's nothing in crypto we are all billionaires. we just create money out of thin air.
hero member
Activity: 1054
Merit: 501
December 29, 2018, 11:23:08 AM
#92
A simple premium version of avast for less than 15 buck per year could have help block these hacker's from penetrating or gaining full access into your system.

well, now we all have to provide useful information(s), help or guideline(s) when necessary b/c the deed has been done.
brand new
Activity: 0
Merit: 0
December 29, 2018, 08:21:26 AM
#91
you got 1 million and didnt have hardware wallet?
hero member
Activity: 1054
Merit: 501
December 29, 2018, 11:06:05 AM
#91
OMG! That's enormous!, sorry for your loss, it would be of great help if you could elaborate where coins where held, is it a multi wallet(If Yes, which wallet ?) how it happen or what you could think have happened ? A malware installation, phishing site and or anything that is more specific.



@Valerian77  => @Harkorede,


i'm sorry about the loss. i wish you will be able to recover partial coin if, not full amount.

i'll suggest any discussion should be made via pm. Harkorede, pls use PM when asking such question(s) in so doing Valerian77, can also reply and post detail info's to you via pm.

*Otherwise, is not adviceable to post such info's on the public board where everyone including the person behind the act can easily access.

Regard's
legendary
Activity: 2534
Merit: 1713
Top Crypto Casino
December 28, 2018, 01:26:04 PM
#90
I feel very sorry for you. That is a lot of crypto ($1 million) to be scammed.

http://whois.domaintools.com/electrumdiamond.org/

If the scammer thief used Namecheap servers to host his website and Namecheap to register the domain it means Namecheap.com could have valuable information.
sr. member
Activity: 437
Merit: 255
December 28, 2018, 07:58:34 AM
#89
By the way if you're going to use a windows box forget using standard AV tools. Microsoft's Defender is useless, as is most of the normal AV tools. A bit of recompiling and a little salt and an executable with a full reverse command shell can be installed in no time.
true

Get a real EDR and AETD tool like SentinelOne, or Crowdstrike. They can usually spot fileless tricks in about 6-10 seconds, giving the attacker a pretty limited window to get a persistent session going. Granted they could loop but your system should scream about thousands of attacks being killed a minute, if you're not monitoring your system you're fucked.

Better option: 10 year old burner PC. Best option Kali type burner OS.
thanks - good hint
brand new
Activity: 0
Merit: 0
December 28, 2018, 06:01:43 AM
#89
My heart stopped when I thought my bitcoin wallet got hacked. Fortunately it was just an incorrect password. Sorry for your loss.
Pages:
Jump to: