I do know basics of how a computer works, but that doesn't make me a security expert. I don't want to become a security expert, and I don't want to spend hundreds of hours learning about security. In an ideal world I would, because yes, that is an interesting topic, but as it turns out I have other things to spend my time on.
Not everyone can be an expert in security. That's an unrealistic request. It would be nice if we had people who knew security giving out useful, actionable advice rather than "that sucks. learn real security. compare the hashes of all your .exe's by hand".
I guess I'm still frustrated because I don't know what mistakes the OP made (besides using Windows in the first place), and therefore I don't know if I'm making the same ones too.
Topic: I just got hacked - any help is welcome! (25,000 BTC stolen) - page 12. (Read 381847 times)
My wallet.dat is located in default place on my computer running Windows 7. But you will never get it! I don't make mistakes like other users and I don't run malware on my computer.
The next big thread will be when someone securing wallet.dat will get lose all of his coins, when some piece of Rube Goldberg machine of security breaks.
Until you get hit by an 0day in the browser you use.The next big thread will be when someone securing wallet.dat will get lose all of his coins, when some piece of Rube Goldberg machine of security breaks.
My wallet.dat is located in default place on my computer running Windows 7. But you will never get it! I don't make mistakes like other users and I don't run malware on my computer.
The next big thread will be when someone securing wallet.dat will get lose all of his coins, when some piece of Rube Goldberg machine of security breaks.
The next big thread will be when someone securing wallet.dat will get lose all of his coins, when some piece of Rube Goldberg machine of security breaks.
Dont' be so confident. I was just like you. I thought I'd never be stupid enough to run any malware and I regularly scanned my computer for malware. Anyways, what I'm trying to say is you better be safe than sorry and never get overly confident about security matters. Do what most people say which is to get a machine that is a dedicated bitcoin wallet.
AV will not save from good trojan at all. False sense of security and performance reduction.
Hardware router will only help against emote exploits and scanning. Must have one for security. But it will not help against trojans at all.
Patching windows will not help against trojans, only against known exploits.
And Win2000 and Win7 are totally different. There is few to none remote exploits that work on both of them. Only way to attack both systems with single shot is trojan, like DarkComet.
Quote
Can you provide any advice as to where one might begin learning about this?
Start learning how your computer works, join some underground forums. I was lucky to be able to start use computer in time when windows 95 and 98 was main OS used and there was no legal action against people doing whatever they can do with computer. Probably I'm simply prone to do bad things whenewer I can with whatever I can for my own amusement. No antivirus is going to protect you from being hacked. The malware writers use packaging and encryption to make payload undetected.
I feel somehow sorry for you if this is true story. Learn about real security, but I have no idea where. The books and online sources are misleading. I got my experience on computer security as computer repairman/gamer/nonstandart server hoster/disruptive scriptkiddie/botnet owner. More than 10 years of such activity btw.
I feel somehow sorry for you if this is true story. Learn about real security, but I have no idea where. The books and online sources are misleading. I got my experience on computer security as computer repairman/gamer/nonstandart server hoster/disruptive scriptkiddie/botnet owner. More than 10 years of such activity btw.
Can you provide any advice as to where one might begin learning about this? The OP claims he took all the basic precautions: AV, behind a router firewall, windows patched up to date, etc.
What Version of Windows was OP running? The link to infostealer.com that someone else posted only lists xp, NT, and 2000 as applicable OS'es. So Vista and WIn 7 are not vulnerable to that particular exploit?
No antivirus is going to protect you from being hacked. The malware writers use packaging and encryption to make payload undetected.
I feel somehow sorry for you if this is true story. Learn about real security, but I have no idea where. The books and online sources are misleading. I got my experience on computer security as computer repairman/gamer/nonstandart server hoster/disruptive scriptkiddie/botnet owner. More than 10 years of such activity btw.
I feel somehow sorry for you if this is true story. Learn about real security, but I have no idea where. The books and online sources are misleading. I got my experience on computer security as computer repairman/gamer/nonstandart server hoster/disruptive scriptkiddie/botnet owner. More than 10 years of such activity btw.
Can you provide any advice as to where one might begin learning about this? The OP claims he took all the basic precautions: AV, behind a router firewall, windows patched up to date, etc.
What Version of Windows was OP running? The link to infostealer.com that someone else posted only lists xp, NT, and 2000 as applicable OS'es. So Vista and WIn 7 are not vulnerable to that particular exploit?
Windows 7 Ultimate
I'm pretty sure if the exploit works on 2000 it will most likely work on Vista or Win 7.
No antivirus is going to protect you from being hacked. The malware writers use packaging and encryption to make payload undetected.
I feel somehow sorry for you if this is true story. Learn about real security, but I have no idea where. The books and online sources are misleading. I got my experience on computer security as computer repairman/gamer/nonstandart server hoster/disruptive scriptkiddie/botnet owner. More than 10 years of such activity btw.
I feel somehow sorry for you if this is true story. Learn about real security, but I have no idea where. The books and online sources are misleading. I got my experience on computer security as computer repairman/gamer/nonstandart server hoster/disruptive scriptkiddie/botnet owner. More than 10 years of such activity btw.
Can you provide any advice as to where one might begin learning about this? The OP claims he took all the basic precautions: AV, behind a router firewall, windows patched up to date, etc.
What Version of Windows was OP running? The link to infostealer.com that someone else posted only lists xp, NT, and 2000 as applicable OS'es. So Vista and WIn 7 are not vulnerable to that particular exploit?
My wallet.dat is located in default place on my computer running Windows 7. But you will never get it! I don't make mistakes like other users and I don't run malware on my computer.
The next big thread will be when someone securing wallet.dat will get lose all of his coins, when some piece of Rube Goldberg machine of security breaks.
The next big thread will be when someone securing wallet.dat will get lose all of his coins, when some piece of Rube Goldberg machine of security breaks.
Dont' be so confident. I was just like you. I thought I'd never be stupid enough to run any malware and I regularly scanned my computer for malware. Anyways, what I'm trying to say is you better be safe than sorry and never get overly confident about security matters. Do what most people say which is to get a machine that is a dedicated bitcoin wallet.
Any chance we can let this horse die by archiving the thread? I'd say the whole event has been beaten to its sub-molecular components by now. 
My wallet.dat is located in default place on my computer running Windows 7. But you will never get it! I don't make mistakes like other users and I don't run malware on my computer.
The next big thread will be when someone securing wallet.dat will get lose all of his coins, when some piece of Rube Goldberg machine of security breaks.
Until you get hit by an 0day in the browser you use. The next big thread will be when someone securing wallet.dat will get lose all of his coins, when some piece of Rube Goldberg machine of security breaks.
My wallet.dat is located in default place on my computer running Windows 7. But you will never get it! I don't make mistakes like other users and I don't run malware on my computer.
The next big thread will be when someone securing wallet.dat will get lose all of his coins, when some piece of Rube Goldberg machine of security breaks.
The next big thread will be when someone securing wallet.dat will get lose all of his coins, when some piece of Rube Goldberg machine of security breaks.
Absolutely gutting.
I've not read through the hole 20 pages of posts but its terrible what's happened.
There's always 'what if's' and you should've done this or that, but unfortunately not of that changes anything.
I feel so sorry for you - wish there was someway to help, or something useful to say..
This has though made me immediately re-think my own wallet security even though I have a few thousand times less BTC than the OPs stolen amount.
I also now think that forums like these are potential hunting grounds for hackers or thieves on the prowl for any 'bitcoiners' personal details or clues to where peoples wallets may be.... I know it's obvious, but please be careful what you post on these forums. Collectively there's is sooo much cash in our combined digital wallets, we must look like a gift to some nefarious feckers out there.
I've not read through the hole 20 pages of posts but its terrible what's happened.
There's always 'what if's' and you should've done this or that, but unfortunately not of that changes anything.
I feel so sorry for you - wish there was someway to help, or something useful to say..
This has though made me immediately re-think my own wallet security even though I have a few thousand times less BTC than the OPs stolen amount.
I also now think that forums like these are potential hunting grounds for hackers or thieves on the prowl for any 'bitcoiners' personal details or clues to where peoples wallets may be.... I know it's obvious, but please be careful what you post on these forums. Collectively there's is sooo much cash in our combined digital wallets, we must look like a gift to some nefarious feckers out there.
This is a terrible thing that happened to you.
If I had the know-how, I would trace the thief's location and supply you with his physical address.
If I had the know-how, I would trace the thief's location and supply you with his physical address.
No antivirus is going to protect you from being hacked. The malware writers use packaging and encryption to make payload undetected.
I feel somehow sorry for you if this is true story. Learn about real security, but I have no idea where. The books and online sources are misleading. I got my experience on computer security as computer repairman/gamer/nonstandart server hoster/disruptive scriptkiddie/botnet owner. More than 10 years of such activity btw.
I feel somehow sorry for you if this is true story. Learn about real security, but I have no idea where. The books and online sources are misleading. I got my experience on computer security as computer repairman/gamer/nonstandart server hoster/disruptive scriptkiddie/botnet owner. More than 10 years of such activity btw.
I'm reading this and I'm somewhat surprised how large portion of bitcoin users is computer illiterate and talk about encryption, reversing, etc, to help in this situation.
The Windows can be secured, it's only misconfigured out-of-the-box.
Almost all hacks today happen because of user running the trojan executable file. Windows is only making this easier, no dependencies needed for TrojanDownloader.deb
The author of this tread is no different. The infections in Temp folder are the actual remote access trojan files. Try to remeber what files you downloaded and from where. This might lead to initial source of trojanization.
Planing opening online Bitcoin business but unable to keep your own system secure? Probably this will be happening anyway, but this time it's only our own money, not your customers.
And you must stop using the infected computer and disconect it from network. As you are making this thread, the hacker might be watching your actions in real time and masturbating. He defineatly got epic lulz from your desperate and ineffective actions.
The Windows can be secured, it's only misconfigured out-of-the-box.
Almost all hacks today happen because of user running the trojan executable file. Windows is only making this easier, no dependencies needed for TrojanDownloader.deb
The author of this tread is no different. The infections in Temp folder are the actual remote access trojan files. Try to remeber what files you downloaded and from where. This might lead to initial source of trojanization.Planing opening online Bitcoin business but unable to keep your own system secure? Probably this will be happening anyway, but this time it's only our own money, not your customers.
And you must stop using the infected computer and disconect it from network. As you are making this thread, the hacker might be watching your actions in real time and masturbating. He defineatly got epic lulz from your desperate and ineffective actions.
Those infections appear only when I run an online antivirus scanner in IE. I think Symantec Antivirus is misreporting the scanner's virus database as an actual infeciton in the system..in a sense it is..but it just doesn't know the difference.
I'm reading this and I'm somewhat surprised how large portion of bitcoin users is computer illiterate and talk about encryption, reversing, etc, to help in this situation.
The Windows can be secured, it's only misconfigured out-of-the-box.
Almost all hacks today happen because of user running the trojan executable file. Windows is only making this easier, no dependencies needed for TrojanDownloader.deb The author of this tread is no different. The infections in Temp folder are the actual remote access trojan files. Try to remeber what files you downloaded and from where. This might lead to initial source of trojanization.
Planing opening online Bitcoin business but unable to keep your own system secure? Probably this will be happening anyway, but this time it's only our own money, not your customers.
And you must stop using the infected computer and disconect it from network. As you are making this thread, the hacker might be watching your actions in real time and masturbating. He defineatly got epic lulz from your desperate and ineffective actions.
The Windows can be secured, it's only misconfigured out-of-the-box.
Almost all hacks today happen because of user running the trojan executable file. Windows is only making this easier, no dependencies needed for TrojanDownloader.deb
The author of this tread is no different. The infections in Temp folder are the actual remote access trojan files. Try to remeber what files you downloaded and from where. This might lead to initial source of trojanization.Planing opening online Bitcoin business but unable to keep your own system secure? Probably this will be happening anyway, but this time it's only our own money, not your customers.
And you must stop using the infected computer and disconect it from network. As you are making this thread, the hacker might be watching your actions in real time and masturbating. He defineatly got epic lulz from your desperate and ineffective actions.
Ok, let me clear things up. The machine is my home machine but at the time I made that post I was running some trading applications and I had some live trades going. I needed to keep an eye on them. So I guess you can refer to it as "work at home" machine..or something like that.
I assumed as it was something like that. I was just pointing out where the confusion came from. Apparently the article, which I haven't read, suggested it was a work computer.
The story seems to lack credibility, but never let truth ruin a good story.
What I found most interesting is how anyone in their right mind will store 25K BTC on a work computer.
What I found most interesting is how anyone in their right mind will store 25K BTC on a work computer.
NOT work computer. HOME computer.
The problem is that I can't shut the machine as this is my work machine.
Maybe both then?
Ok, let me clear things up. The machine is my home machine but at the time I made that post I was running some trading applications and I had some live trades going. I needed to keep an eye on them. So I guess you can refer to it as "work at home" machine..or something like that.
The story seems to lack credibility, but never let truth ruin a good story.
What I found most interesting is how anyone in their right mind will store 25K BTC on a work computer.
What I found most interesting is how anyone in their right mind will store 25K BTC on a work computer.
NOT work computer. HOME computer.
The problem is that I can't shut the machine as this is my work machine.
Maybe both then?
Are you not concerned about bitrot? You have only 1 single copy of your wallet on a single thumbdrive? That is really dangerous for long-term storage. If I had any sizeable amount of BTC (as I presume you do) I would not feel very warm and fuzzy abou this.
what do you recommend? I'm trying to be as safe as possible, just wondering.
Possible way (and most likely) way the coins were stolen:
http://www.symantec.com/security_response/writeup.jsp?docid=2011-061615-3651-99&tabid=2
http://www.symantec.com/security_response/writeup.jsp?docid=2011-061615-3651-99&tabid=2
The story seems to lack credibility, but never let truth ruin a good story.
What I found most interesting is how anyone in their right mind will store 25K BTC on a work computer.
What I found most interesting is how anyone in their right mind will store 25K BTC on a work computer.
NOT work computer. HOME computer.
Jump to: