I was hacked (1170btc stolen) - 500btc max BOUNTY - page 21.

Wulfcastle

hero member

Activity: 546

Merit: 500

Quote from: ?? on ??

@OP

Really sorry for your loss.

You need to ask member BurtW what he knows about this address 1CEQCaXZuKx3bPRySUFvCpXthWAnExukFb. He sent 0.00112233 BTC on 2014-07-11 17:07:52 from 1BurtWEejbnKeBRsvcydJvsNztB1bXV5iQ tx:73368087a30b59804d35457777debcf30aa72d35895c5c9739f8556453603921

Hope this helps.

Hmmmm, this could be interesting

Wulfcastle

hero member

Activity: 546

Merit: 500

Here's a proposition :

Mirror your hard drives that were compromised, DO NOT FORMAT THEM. And send all your data to a professional Anti-virus company, Kaspersky/AVG, make them aware of what has happened and about the reward for finding the identity of the hacker, then get the community behind this and get some media publications to carry this story and make as many people as possible aware of this hack and the reward for it. If you get a following big enough, two things could happen the hacker could be pressured into sending back the coins (unlikely) or dump them for USD (very likely). If they dump them for USD and you find their identity everything can be linked to them (through bank account etc) and you can get all your money back.

Why contact an Anti-virus company? Well quite simply they are professionals in this field, if the hackers compromised your computer there's a high chance they could find "breadcrumbs" left by the hackers and pinpoint their location and subsequently their identities. Although there are probably some great detectives here on BCT, I think you'd have a better chance handing over all your compromised HDD's to a professional Ani-virus company.

Also get Roger Ver to tweet about klee's hack and the 500 BTC reward. We all remember what happened to the last hacker which Roger Ver tweeted about.

Sheldor333

sr. member

Activity: 406

Merit: 250

I do recommend you get the word out. Send an email to some of the Bitcoin news networks so they at least write a post about it. If you have any more btc get them safe right away, no excuses.
Other then that I don't think you can get them back to be honest.

bitcasino

sr. member

Activity: 342

Merit: 250

1170 BTC stolen from a personal wallet and nothing in the news. It won't help to find the hacker....
https://www.google.com/?gws_rd=ssl#q=1170+bitcoin&tbm=nws

Eadeqa

hero member

Activity: 644

Merit: 500

Quote from: kokojie on July 11, 2014, 12:14:33 PM

How did the thief get your encrypted wallet? did you also backup your wallet on the same dropbox account where you stored password in plaintext?

He put 12 words electrum seed in a plaint text in dropbox folder. Electrum seeds can be used to recover all addresses. It's a deterministic wallet.

PilotofBTC

legendary

Activity: 1736

Merit: 1001

Quote from: Light on July 11, 2014, 09:45:13 AM

Quote from: klee on July 11, 2014, 09:27:31 AM

Not technically advanced to understand you!

What he was suggesting was that someone managed to generate the same address as you. Not only is the probability infinitesimal, but given that you've also lost NXT and assuming they were both on the DB account then it would obviously point to DB as the attack vector.

Dropbox is an assumption. He had a plaintext file with all his passwords in it. He used Electrum, so I assume he has the seed stored in that file too.

EFFV

sr. member

Activity: 278

Merit: 250

Quote from: jabo38 on July 11, 2014, 02:06:49 PM

Quote from: RocketSingh on July 11, 2014, 11:35:51 AM

Quote from: klee on July 11, 2014, 11:04:03 AM

Quote from: oda.krell on July 11, 2014, 11:00:40 AM

Quote from: cypherdoc on July 11, 2014, 10:54:34 AM

Quote from: david123 on July 11, 2014, 10:50:55 AM

Quote from: oda.krell on July 11, 2014, 10:42:49 AM

Electrum password alone isn't sufficient (assuming the attacker got it through your dropbox plain text file), he'd also need a copy of the electrum wallet file. Any idea how that was accessed?

If I understand the OP correctly, both the wallet file and a plaintext txt with the password were on a dropbox volume.

I don't use electrum but the way I understand it is the wallet is constructed from the 12 word seed.

That's why I asked Klee for kleerification... (*snort* sorry)

There's a password that secures your wallet file, and there's the master seed. With the seed, you're able to access the funds all by itself, but with the electrum password alone, you still need the wallet.

They had both..

EDIT: Apologies for not replying but I am trying to manage a mess here (format the computers, contacts with authorities, phone/skype calls etc)..

Heyyyyyyy ...DONT format. Keep the evidence !!!

Yes, seriously. Don't delete anything.

In fact, do the opposite.

Clone it.

Take that computer off-line. Clone to hard drive so you have multiple copies of it.

Then change all passwords and move all your existing accounts. EVERYTHING. Start from scratch with clients, passwords and all that.

Now that all accounts that can be secured are freshly secured, send out the clones of the drive.

There are some serious hackers that can dive into those clones and possible get some really good clues.

It is very possible if there was malware, it can be identified, where and who it came from.

There could be other clues too.

Your are offering lots of money as a reward, mailing out some extra hard drives is going to help a lot.

Good Advice.

jabo38

legendary

Activity: 1232

Merit: 1001

mining is so 2012-2013

Quote from: RocketSingh on July 11, 2014, 11:35:51 AM

Quote from: klee on July 11, 2014, 11:04:03 AM

Quote from: oda.krell on July 11, 2014, 11:00:40 AM

Quote from: cypherdoc on July 11, 2014, 10:54:34 AM

Quote from: david123 on July 11, 2014, 10:50:55 AM

Quote from: oda.krell on July 11, 2014, 10:42:49 AM

Electrum password alone isn't sufficient (assuming the attacker got it through your dropbox plain text file), he'd also need a copy of the electrum wallet file. Any idea how that was accessed?

If I understand the OP correctly, both the wallet file and a plaintext txt with the password were on a dropbox volume.

I don't use electrum but the way I understand it is the wallet is constructed from the 12 word seed.

That's why I asked Klee for kleerification... (*snort* sorry)

There's a password that secures your wallet file, and there's the master seed. With the seed, you're able to access the funds all by itself, but with the electrum password alone, you still need the wallet.

They had both..

EDIT: Apologies for not replying but I am trying to manage a mess here (format the computers, contacts with authorities, phone/skype calls etc)..

Heyyyyyyy ...DONT format. Keep the evidence !!!

Yes, seriously. Don't delete anything.

In fact, do the opposite.

Clone it.

Take that computer off-line. Clone to hard drive so you have multiple copies of it.

Then change all passwords and move all your existing accounts. EVERYTHING. Start from scratch with clients, passwords and all that.

Now that all accounts that can be secured are freshly secured, send out the clones of the drive.

There are some serious hackers that can dive into those clones and possible get some really good clues.

It is very possible if there was malware, it can be identified, where and who it came from.

There could be other clues too.

Your are offering lots of money as a reward, mailing out some extra hard drives is going to help a lot.

RawDog

legendary

Activity: 1596

Merit: 1026

Quote from: ashish12 on July 11, 2014, 02:03:06 PM

HUGE MONEY Shocked

Definitely some hard cashish there. My new yacht only cost a few bucks more than that.

ashish12

sr. member

Activity: 353

Merit: 250

BITCOIN

HUGE MONEY Shocked

bitcoin_bagholder

sr. member

Activity: 336

Merit: 250

Ouch to the method used for password storage.

Klee, I hope you recover funds and track down the thief. I understand bter is being cooperative.

coins101

legendary

Activity: 1456

Merit: 1000

Has the exchange been in contact with you?

Can we get the IP address from the exchange?

Thanks.

jonald_fyookball

legendary

Activity: 1302

Merit: 1008

Core dev leaves me neg feedback #abuse #political

wow...sucks !

if you have more coins that are NOT in cold storage yet,
feel free to PM me and I can help you set up
cold storage with electrum. I have a pretty
airtight system.

Lauda

legendary

Activity: 2674

Merit: 2965

Terminated.

Quote from: ?? on ??

Is it possible that Dropbox could be liable for this?

It's possible but not necessary. My Dropbox password is weak as well, but my details were on G. Drive. I've moved all files to HDDs/SDDs and off-line.
Sorry to hear this OP, hopefully someone can do something.

spazzdla

legendary

Activity: 1722

Merit: 1000

Quote from: ?? on ??

Is it possible that Dropbox could be liable for this?

If it was an inside job I cannot see how not.

achimsmile

legendary

Activity: 1225

Merit: 1000

Quote from: spazzdla on July 11, 2014, 12:34:51 PM

You had >1000BTC

nice income ... you should share some with others to gain a luck

He donated millions of Nxt to the Nxt community, And 1M Nxt for brain preservation research: https://twitter.com/kLee1977/status/438639867929833472

And 500BTC bounty is a lot as well. He should have gained enough luck...

ibminer

legendary

Activity: 1789

Merit: 2535

Goonies never say die.

Quote from: spazzdla on July 11, 2014, 12:37:34 PM

Quote from: Amitabh S on July 11, 2014, 12:19:45 PM

A remote possibility is that its someone from Dropbox itself.

for 1100 BTC.. this is quite possible.

Not intending to lecture here but this is why you do not store this type of information on an online dropbox account, or any online account for that matter. Almost anything that allows you to drop your files online has multiple unknown people behind it that may be able to access your information if they really wanted to. Some staff may have a way to query the entire database of files to search specifically for wallet.dat files, who knows
I am sure there is a DB expert somewhere at dropbox that, with a little inside effort, could pull it off. Although I would be going more with someone who knows klee, in this situation.

No amount of privacy statements or internal controls is going to stop certain types of people making XX,XXX/year from grabbing your wallet worth 700K, especially when they have a chance at remaining anonymous after stealing it.

The more exposure bitcoin has, the more these types of things could increase. In general, cloud-based services scare me for multiple reasons.

Stop storing sensitive information online! Undecided

wheresmycoin

hero member

Activity: 654

Merit: 504

Quote from: klee on July 11, 2014, 09:00:44 AM

Dear HEADHUNTERS,

43% of any btc I will be able to get back IF you find the identity of the thief!

If the whole amount will be returned to me (1170BTC) that would be 500BTC.

https://blockchain.info/nl/address/1GwNLwoCQiobJzmURSAq54vH4BYjFkwaxr

FIND HIM!!!

hope you manage to get them back.

is this stolen pile all your btc stash or just some

FeedbackLoop

hero member

Activity: 742

Merit: 500

Quote from: Chef Ramsay on July 11, 2014, 12:34:46 PM

This just makes me want to puke. Sad

Xapo is looking like a solid option more and more everyday for those that want to be their own cold storage.

But this wasn't cold storage.

People, maybe we should leave this thread just for posts that will help OP for now? He must be obviously in a very intense situation and trying to monitor this thread.

HarryT1923

full member

Activity: 182

Merit: 100

really sorry to hear this. that is devastating. Cry

Topic: I was hacked (1170btc stolen) - 500btc max BOUNTY - page 21. (Read 35693 times)