Topic: I think I might have had my BTC stolen? Really need advice (Read 3241 times)

First thing you do when email compromised is changing email password.

And how is this theft related to the fact that the user has an Apple?  Was it a security flaw in the machine or an attack on gmail?

Sorry about your loss. I know this doesn't help now, but here is my two cents.

This was  not a brute force attack against google. It would be impossible to hack you that way, so your password must have been hacked or compromised. A lot of insecure web pages, like the Playstation network and Codemasters have been hacked recently. So change your gmail passwords if you used those services.

I never tried hacking gmail, but if I was going to try I'd probably start by using the password recovery service and tring to guess your answer. For example, if your security question is 'what is my favorite colour' I'd try red, blue, green etc until I got it right. Maybe I'd look you up on facebook for mother maiden name or child's name or whatever. I might also be able to guess your password like this, so don't use gf / child's name. And you need to be careful with those security questions.

The weakest point I'd guess is your PC. I am always worried about my PC's integrity. There are a lot of smart guys out there trying to hack into your PC, like those lulzsec dudes for example. So maybe take at least basic security precautions like using a virus scanner (microsoft security essentials is OK), a firewall and such like. Keep your PC patched up with auto updates and install Noscript if you use firefox.

These are just basic things everyone should do routinely. But there is still a chance of being hacked even if you are careful.

http://groups.google.com/group/news.admin.net-abuse.email/browse_thread/thread/d115cac84c243634/4c99c06553bf84b0

The IP address is in that list. But I'm not exactly sure what that means. Was the person who stole from me most likely using Tor?

Today I called Burlington Telecom's abuse line and I was informed that they need a subpoena to give any information about the person. Is it worth going to the police? Would they do anything?

I want all these threads to die in a fire.

Not before they are put up as warnings for keeping personal security, though.

At least this will do some good:

Waking people up from the delusion that Apple products have any other security value than the jails and chains for their customers.

Man, I feel bad for you, but give that a rest. Some funds went to a donation address, big deal. You don't know anything.

How many?

One of the addresses to which some of my stolen btc went belongs to them.

Someone else had their mtgox account hacked and btc sent to the very same address..

There is a trail of crime here. This is a concerted attack on bitcoin users.

Wow, you didn't jump off a bridge?

Fuck LulzSec, seriously.

They accomplish absolutely nothing except screwing over normal people.  I hope they all die a slow painful death.

I have a pet theory that the Anon/LulzSec folks are hard at work screwing bitcoiners over...all for lulz no doubt!

I already sent an email. I will call tomorrow if they don't respond by then. I guess I've learned an important lesson about encrypting :/. Really beating myself up over this. But still hopefully I can contact whoever stole from me. For now I'm just going to try to sleep it off. Thanks for the help everybody.

Abuse report info for Burlingtontelecom

OrgAbusePhone:  +1-802-540-0007
OrgAbuseEmail:  [email protected]

Wow, thanks a lot. Very handy information. Hopefully I can at least contact whoever stole from me.

http://www.networksolutions.com/whois-search/countshockula.com

More info

Edit2: Leon Johnson works for the ISP and is the one who registered the domain.  So he may have the information you are looking for

http://www.jigsaw.com/BC.xhtml?contactId=12877237&lastName=Johnson


Not unless you know of a specific portmap vulnerability, or can figure out his linux login/password

I thought my password was secure, but I guess not.

I am contacting Burlington Telecom right now but they don't seem that legit to me... This sucks.

EDIT: Wow, what a strange website. Do those open ports mean anything to my situation?

IP address [?]:    65.183.151.13 [Whois] [Reverse IP]
IP country code:    US
IP address country:    ip address flag United States
IP address state:    Vermont
IP address city:    Burlington
IP postcode:    05401
IP address latitude:    44.4929
IP address longitude:    -73.2253
ISP of this IP [?]:    Burlington Telecom
Organization:    Burlington Telecom
Host of this IP: [?]:    saito.countshockula.com

Contact their abuse department with the information and time your email was accessed.  My guess though is that this is a compromised account and the thief is not the persons associated with that IP at the time of the attack.

Edit: There is a website running at http://65.183.151.13/

Also responding on port 22 for SSH

Lol.. 111 is responding as well.. He's not that bright.

The wallet.dat was on your email server unencrypted? Anyone have access to that account or a computer you might have used the account on? How secure are your passwords?

I think they were taken from my Gmail. I was stupid enough to put it there unencrypted, because they were not worth very much when I first uploaded them.. and I just never got around to it.

Does anyone have any information about this IP address: 65.183.151.13