Your numbers don't add up.
So far you've only said that you lost "a very large chunk" from this address: 1J18yk7D353z3gRVcdbS7PV5Q8h5w6oWWG.
The receiving address (1KPTdMb6p7H3YCwsyFqrEmKGmsHqe1Q3jg) indeed had 25,000 but only 3522 were received from said address.
How much did you lose and from which addresses?
Topic: I just got hacked - any help is welcome! (25,000 BTC stolen) - page 24. (Read 381810 times)
Yes I guess I was specifically singled out unless there are others who haven't come out of the woodwork yet.
if i were an unethical hacker looking for loot,
i would find (or buy) a zero day exploit that would allow me to gain entry to a windows pc
the list of 20,000 bitcoin nodes is here: https://smsz.net/btcStats/bitcoin.kml
i'ld start through that list until i found that i had access to a whale and send funds from that wallet to a safe address.
because attacking all the nodes would expose me, i'ld stop after finding the whale. and to not cause the bitcoin price to crash and as a result my loot become worth much less, i would not sell everything all at once.
i would cash out enough to be content and then sit quietly.
i'ld also keep copies of any other wallets that i came across while looking for the whale, so that at some point in the future withdrawal from those could be made at will.
this is all totally a hypothetical, but describes what could be going on here very well.
Yep whoever did this ain't stupid...no doubt he reads this forum too, soooo...may have not been a good idea after all for me to shout it out loud to the world.
He will do his best to find over the counter buyers for his BTC.
I very much doubt whoever he sells them to will bother to track the history of the coins through the blocks...
You know the culprit is probably reading this thread and moving it around while watching these responses as he launders and distributes it. With each hop adding plausible deniability.
Yep well I'm not denying that this is not my fault.
Come back to me when/if you get hacked and we'll see how easy it is for me to jump on my "I know best" horse and whip ya
Hindsight is 20/20, no?
Come back to me when/if you get hacked and we'll see how easy it is for me to jump on my "I know best" horse and whip ya
Hindsight is 20/20, no?
It is not a high horse.
Its an attempt to let every reader see the only true issue that matters in this thread in an effort to help them so it does not happen to them as well.
Security.
“An ounce of prevention is worth a pound of cure.”
I am sorry for your loss.
I know Bind, I know. Trust me this will be forever burned in my memory. And trust me I will even pay you some BTC JUST for that advice and for reiterating it (if by some miracle I can recover a portion of the funds at least..). Maybe then I'll know better.
Yes I guess I was specifically singled out unless there are others who haven't come out of the woodwork yet.
if i were an unethical hacker looking for loot,
i would find (or buy) a zero day exploit that would allow me to gain entry to a windows pc
the list of 20,000 bitcoin nodes is here: https://smsz.net/btcStats/bitcoin.kml
i'ld start through that list until i found that i had access to a whale and send funds from that wallet to a safe address.
because attacking all the nodes would expose me, i'ld stop after finding the whale. and to not cause the bitcoin price to crash and as a result my loot become worth much less, i would not sell everything all at once.
i would cash out enough to be content and then sit quietly.
i'ld also keep copies of any other wallets that i came across while looking for the whale, so that at some point in the future withdrawals by spending from those wallets could be performed, at will.
this is all totally a hypothetical, but describes what could be going on here very well.
Latest amount being moved:
http://blockexplorer.com/address/1G65mXC4HctMNHN6MTpHsWi1A5zRungssL
Whoever is doing this knows how to launder BTC that's for sure...follow the blockchain folks..
http://blockexplorer.com/address/1G65mXC4HctMNHN6MTpHsWi1A5zRungssL
Whoever is doing this knows how to launder BTC that's for sure...follow the blockchain folks..
i traced the money thru the blockchain, the money is here, lets all keep an eye on it...
http://blockexplorer.com/address/1G65mXC4HctMNHN6MTpHsWi1A5zRungssL
http://blockexplorer.com/address/1Ftg4CAN9A5nS2MtwqNyrrbMykBeB1aVfw
http://blockexplorer.com/address/1FuwW7WATgQbcGidQdrzmnNEU6TKndvXB7
http://blockexplorer.com/address/14U42exffKGhtdjXfouCu29KejiYbDTgcY
(traced from http://blockexplorer.com/address/1KPTdMb6p7H3YCwsyFqrEmKGmsHqe1Q3jg )
http://blockexplorer.com/address/1G65mXC4HctMNHN6MTpHsWi1A5zRungssL
http://blockexplorer.com/address/1Ftg4CAN9A5nS2MtwqNyrrbMykBeB1aVfw
http://blockexplorer.com/address/1FuwW7WATgQbcGidQdrzmnNEU6TKndvXB7
http://blockexplorer.com/address/14U42exffKGhtdjXfouCu29KejiYbDTgcY
(traced from http://blockexplorer.com/address/1KPTdMb6p7H3YCwsyFqrEmKGmsHqe1Q3jg )
Yep well I'm not denying that this is not my fault.
Come back to me when/if you get hacked and we'll see how easy it is for me to jump on my "I know best" horse and whip ya
Hindsight is 20/20, no?
Come back to me when/if you get hacked and we'll see how easy it is for me to jump on my "I know best" horse and whip ya
Hindsight is 20/20, no?
It is not a high horse.
Its an attempt to let every reader see the only true issue that matters in this thread in an effort to help them so it does not happen to them as well.
Security.
“An ounce of prevention is worth a pound of cure.”
I am sorry for your loss.
Early on in the thread two things jumped out at me:
1) Something in background put on your computer by someone knowledgeable already "steals" your wallet regularly, purportedly "on your behalf" to "hide it from attackers" etc. How better to avoid butter melting in one's mouth than to be the trusted security expert who is obviously the one person who would not have done such a thing, it being so against their ethics etc that they have devoted their life to learning all about such things in order to prevent them. Naturally you'll say this was not the attacker. That is the whole point.
2) You ran virus scanner / anti-virus. How the heck did you ever manage to located the tiny tiny percent of such things that are not themselves the attackers?
I have read the whole thread now so I have gotten the impression that possibly your anti-virus might have good provenance and pedigree.
But how many security experts trusted by gosh maybe even entire governments who give them high clearances and so on, who routinely work with billions or at least millions of dollars and would never think of stealing them (ahem: from people who *would* list them among the suspects if any went missing...) would turn up their nose at a totally free half million bucks thrown at them by some simpleton suffering from overtrustingness syndrome?
It amazes me that this suspicious creator of automated hidden background saves of your wallet was not mentioned by other posters. The character has such amazing power of being unnoticed / unsuspected it even infects all the readers of this thread?!?!?!
Maybe it is that the tone of replies led people to prefer to be vague and general (list ALL your friends ANYONE having physical access) than to risk getting nasty response to pointing directly at the most capable suspect you have mentioned?
(A suspect who in fact should be one of the first to point to himself as a prime suspect if actually as you imply is any kind of reputable security type.)
-MarkM-
1) Something in background put on your computer by someone knowledgeable already "steals" your wallet regularly, purportedly "on your behalf" to "hide it from attackers" etc. How better to avoid butter melting in one's mouth than to be the trusted security expert who is obviously the one person who would not have done such a thing, it being so against their ethics etc that they have devoted their life to learning all about such things in order to prevent them. Naturally you'll say this was not the attacker. That is the whole point.
2) You ran virus scanner / anti-virus. How the heck did you ever manage to located the tiny tiny percent of such things that are not themselves the attackers?
I have read the whole thread now so I have gotten the impression that possibly your anti-virus might have good provenance and pedigree.
But how many security experts trusted by gosh maybe even entire governments who give them high clearances and so on, who routinely work with billions or at least millions of dollars and would never think of stealing them (ahem: from people who *would* list them among the suspects if any went missing...) would turn up their nose at a totally free half million bucks thrown at them by some simpleton suffering from overtrustingness syndrome?
It amazes me that this suspicious creator of automated hidden background saves of your wallet was not mentioned by other posters. The character has such amazing power of being unnoticed / unsuspected it even infects all the readers of this thread?!?!?!
Maybe it is that the tone of replies led people to prefer to be vague and general (list ALL your friends ANYONE having physical access) than to risk getting nasty response to pointing directly at the most capable suspect you have mentioned?
(A suspect who in fact should be one of the first to point to himself as a prime suspect if actually as you imply is any kind of reputable security type.)
-MarkM-
allinvain, I'm truly sorry to hear about this. What a crappy thing to do to you. 
I hope something can be done to get at whoever did this. It sure does look like a targeted attack by someone who knew what you had. It may be of little consolation but as mentioned before, crooks tend to wind up living miserable lives. You should not keep beating yourself up over this, you were taking basic precautions. This could have happened to any of us (except Vladimir).
I hope something can be done to get at whoever did this. It sure does look like a targeted attack by someone who knew what you had. It may be of little consolation but as mentioned before, crooks tend to wind up living miserable lives. You should not keep beating yourself up over this, you were taking basic precautions. This could have happened to any of us (except Vladimir).
Nothing matters here except the OP did not secure his wallet.dat and/or computer.
Thats the thing everyone needs to take away from this thread. Nothing else.
Protect your ASSets.
Have multiple wallets.
Mine BTC with a temp everyday wallet.
When you get coins move it to your SAVINGS account wallet, which is encrypted on your hard drive. Truecrypt is excellent for this. Have a copy on your hard drive. Upload a copy to various online sites, burn a copy to cd. Its safe and secure. Even if someone obtains it they wont be able to decrypt it. Replace as needed to update it.
You can even have a CHECKING account wallet for spending if you want.
Sure you should go through the motions and get the police involved. Who knows, something might turn up.
I dont think ANY exchange owners is going to violate their clients trust by believing you and acting on your behalf just because you claim you were ripped off. You could be lying, then saying wait no, i am telling the truth!!!! Honest !!!!
For all we know you are a scammer trundling through the block explorer and found a nice juicy wallet to try to exploit here, hoping some idiotic exchange admin acts on.
If not, at least you have learned a valuable lesson about computer/wallet security.
Thats the thing everyone needs to take away from this thread. Nothing else.
Protect your ASSets.
Have multiple wallets.
Mine BTC with a temp everyday wallet.
When you get coins move it to your SAVINGS account wallet, which is encrypted on your hard drive. Truecrypt is excellent for this. Have a copy on your hard drive. Upload a copy to various online sites, burn a copy to cd. Its safe and secure. Even if someone obtains it they wont be able to decrypt it. Replace as needed to update it.
You can even have a CHECKING account wallet for spending if you want.
Sure you should go through the motions and get the police involved. Who knows, something might turn up.
I dont think ANY exchange owners is going to violate their clients trust by believing you and acting on your behalf just because you claim you were ripped off. You could be lying, then saying wait no, i am telling the truth!!!! Honest !!!!
For all we know you are a scammer trundling through the block explorer and found a nice juicy wallet to try to exploit here, hoping some idiotic exchange admin acts on.
If not, at least you have learned a valuable lesson about computer/wallet security.
Yep well I'm not denying that this is not my fault.
Come back to me when/if you get hacked and we'll see how easy it is for me to jump on my "I know best" horse and whip ya
Hindsight is 20/20, no?
Maybe one should state a new rule:
Don't hang around on IRC with a machine storing a lot of BTC.
Don't hang around on IRC with a machine storing a lot of BTC.
I never did. I did backup my wallet.dat file to dropbox, wuala, and spideroak.
Once I read an article about employees of dropbox having access to users's files I deleted the wallet.dat file from there. I dunno, I doubt it was caused becaused someone had access to where i backed it up. It most likely means he/she (hacker) had access to my windows box and the UNENCRYPTED wallet.dat file.
The first thing I did when I saw this was restore the backup from these online storage sites, but still the transaction was still there so I could not invalidate one damn thing.
If you ever stored wallet.dat on dropBox unencrypted, I think an employee could get access to old versions of your wallet due to the fact that DropBox essentially stores a copy of every version of every file, as it changes over time. So even if you delete it from your hard drive i think you can go into DropBox web interface and get old versions of it. Presumably DropBox employees have this same type of access. This is why people store sensitive files on DropBox only if they are stored in encrypted containers (like a TrueCrypt volume).
TrueCrypt is annoying with DropBox though, because DropBox doesn't sync the changes to the container until after it is dismounted.
Wow crap. Yeah that could be another possible attack vector. I never knew that they store previous versions. I though the file was gone forever.
oh what a noob I was..Also anyone who uses the same passwords for DropBox as they do for anything Bitcoin related, or for that matter anything else at all, should change ASAP. See the XKCD comic about this very subject.
Look, this person just sent 22K to a different address. This person is trying to launder the BTC.
http://blockexplorer.com/address/12fe9xw9Pqcnm5AzUEMuneyRzZuxc7JDWQ
then 2500 here:
http://blockexplorer.com/address/165vfNnWshUzjoXFbrhBXyjERwvzqBAQDg
Then he sent it further down to these addresses:
14qcmPPdSoHacA2hTUViJXaHvaZT9riSV7
1FfUUkUpTKNyDhZ9CH7D3jkYCd5kZ9weSx
Look at the second address. FfUUkUp
wow, the irony.
allinvain, sorry to hear about your loss. do you you mind sharing absolutely any bitcoin related software you have installed on your network? with note of what was most recent?
Sure, I install something called "cpu miner" latest verision of guiminer ..I also tried to run namecoind as I was thinking of getting into mining namecoins...
Other than that at the moment I can't remember installing any other windows programs or doing any updates.
Sorry for the loss. I should point out that you mentioned you found a couple of viruses that your virus scanner said were "cleaned". You also mentioned that you used your computer for other financial activities beyond BitCoin. This is a very risky situation.
From a security point of view if your computer is ever compromised by malware, there is no sure way to clean it, other than to wipe it completely by formatting the hard drive and re-installing the operating system from read only media. Using your virus software to "clean" the computer doesn't always work. Using the "recovery partition" on your hard drive doesn't always work. Once your machine has been rooted, there are all kinds of places that malware can hide itself that is beyond the reach of any virus scanner.
This by the way is true for both Windows and Linux / Unix environments. If your machine ever gets rooted, all is lost. You must reinstall from scratch if you need to be sure. If you have high value data on your computer, you "need to be sure".
From a security point of view if your computer is ever compromised by malware, there is no sure way to clean it, other than to wipe it completely by formatting the hard drive and re-installing the operating system from read only media. Using your virus software to "clean" the computer doesn't always work. Using the "recovery partition" on your hard drive doesn't always work. Once your machine has been rooted, there are all kinds of places that malware can hide itself that is beyond the reach of any virus scanner.
This by the way is true for both Windows and Linux / Unix environments. If your machine ever gets rooted, all is lost. You must reinstall from scratch if you need to be sure. If you have high value data on your computer, you "need to be sure".
Yes that is really my fault. I am pretty sure that my computer was rooted, and could have been for a long time and now finally whoever controlls the root kit heard about bitcoin and decided the time is right.
In the future I plan to get a separate box (laptop) with ubuntu linux on it and have that as my secure workstation. I am never trusting windows again or any god damn virus scanner.
Nothing matters here except the OP did not secure his wallet.dat and/or computer.
Thats the thing everyone needs to take away from this thread. Nothing else.
Protect your ASSets.
Have multiple wallets.
Mine BTC with a temp everyday wallet.
When you get coins move it to your SAVINGS account wallet, which is encrypted on your hard drive. Truecrypt is excellent for this. Have a copy on your hard drive. Upload a copy to various online sites, burn a copy to cd. Its safe and secure. Even if someone obtains it they wont be able to decrypt it. Replace as needed to update it.
You can even have a CHECKING account wallet for spending if you want.
Sure you should go through the motions and get the police involved. Who knows, something might turn up.
I dont think ANY exchange owners is going to violate their clients trust by believing you and acting on your behalf just because you claim you were ripped off. You could be lying, then saying wait no, i am telling the truth!!!! Honest !!!!
For all we know you are a scammer trundling through the block explorer and found a nice juicy wallet to try to exploit here, hoping some idiotic exchange admin acts on.
If not, at least you have learned a valuable lesson about computer/wallet security.
Thats the thing everyone needs to take away from this thread. Nothing else.
Protect your ASSets.
Have multiple wallets.
Mine BTC with a temp everyday wallet.
When you get coins move it to your SAVINGS account wallet, which is encrypted on your hard drive. Truecrypt is excellent for this. Have a copy on your hard drive. Upload a copy to various online sites, burn a copy to cd. Its safe and secure. Even if someone obtains it they wont be able to decrypt it. Replace as needed to update it.
You can even have a CHECKING account wallet for spending if you want.
Sure you should go through the motions and get the police involved. Who knows, something might turn up.
I dont think ANY exchange owners is going to violate their clients trust by believing you and acting on your behalf just because you claim you were ripped off. You could be lying, then saying wait no, i am telling the truth!!!! Honest !!!!
For all we know you are a scammer trundling through the block explorer and found a nice juicy wallet to try to exploit here, hoping some idiotic exchange admin acts on.
If not, at least you have learned a valuable lesson about computer/wallet security.
Your computer is open to RDP??? Well then, attack vector found. But you were still personally targeted.
Well yeah, I log in from work to keep en eye on my forex trading platforms. Yes I guess I was specifically singled out unless there are others who haven't come out of the woodwork yet.
allinvain, sorry to hear about your loss. do you you mind sharing absolutely any bitcoin related software you have installed on your network? with note of what was most recent?
Sorry for the loss. I should point out that you mentioned you found a couple of viruses that your virus scanner said were "cleaned". You also mentioned that you used your computer for other financial activities beyond BitCoin. This is a very risky situation.
From a security point of view if your computer is ever compromised by malware, there is no sure way to clean it, other than to wipe it completely by formatting the hard drive and re-installing the operating system from read only media. Using your virus software to "clean" the computer doesn't always work. Using the "recovery partition" on your hard drive doesn't always work. Once your machine has been rooted, there are all kinds of places that malware can hide itself that is beyond the reach of any virus scanner.
This by the way is true for both Windows and Linux / Unix environments. If your machine ever gets rooted, all is lost. You must reinstall from scratch if you need to be sure. If you have high value data on your computer, you "need to be sure".
From a security point of view if your computer is ever compromised by malware, there is no sure way to clean it, other than to wipe it completely by formatting the hard drive and re-installing the operating system from read only media. Using your virus software to "clean" the computer doesn't always work. Using the "recovery partition" on your hard drive doesn't always work. Once your machine has been rooted, there are all kinds of places that malware can hide itself that is beyond the reach of any virus scanner.
This by the way is true for both Windows and Linux / Unix environments. If your machine ever gets rooted, all is lost. You must reinstall from scratch if you need to be sure. If you have high value data on your computer, you "need to be sure".
What would you consider sufficient proof that I indeed controlled this balance?
I have no doubt that you can provide proof that you controlled the balance. You cannot, however, provide proof that you do not still control the balance. This crime is unprovable. Bitcoin's strength is also its weakness.
Indeed, the double edged sword of crypto-currency.
Sucks that it's a case of my word against whoever..I wish I could show that I do not have control of that address. Eventually I will post a screenshot as proof at the very least that he money was moved. I am working on few things to possibly found out who did it.
Look, this person just sent 22K to a different address. This person is trying to launder the BTC.
http://blockexplorer.com/address/12fe9xw9Pqcnm5AzUEMuneyRzZuxc7JDWQ
then 2500 here:
http://blockexplorer.com/address/165vfNnWshUzjoXFbrhBXyjERwvzqBAQDg
Then he sent it further down to these addresses:
14qcmPPdSoHacA2hTUViJXaHvaZT9riSV7
1FfUUkUpTKNyDhZ9CH7D3jkYCd5kZ9weSx
Jump to: