Topic: I was hacked (1170btc stolen) - 500btc max BOUNTY - page 22. (Read 35693 times)
I know its been said, but wow, thats a tough hit. Sorry for the loss, I hope you have some luck and are able to find them. That said, you had your password on DB not encrypted for that many coins? I know you know your mistake and its been a huge lesson for you.. But, is this your only coin? If not, you should be protecting asap..
A remote possibility is that its someone from Dropbox itself.
for 1100 BTC.. this is quite possible.
Wow... that's a freaking theft... The wallet was online I assume?
Electrum - dropbox was compromised (with plain txt for the pwd, I know I know..)You are shitting me .. you kept >1000BTC and you had a txt file with your password on a dropbox.
Very clever.
I would love to have 1BTC .... I am working hard on BTC projects and I have like 0.00000000BTC ...
You had >1000BTC
nice income ... you should share some with others to gain a luck But luck have got nothing to do when you keep your password in a plain txt file.
I wish I can track those thieves but perhaps this will be not possible for me.
Kind regards.
PM me and I'll make that 1 millibtc.
This just makes me want to puke. 
Xapo is looking like a solid option more and more everyday for those that want to be their own cold storage.
Xapo is looking like a solid option more and more everyday for those that want to be their own cold storage. A remote possibility is that its someone from Dropbox itself.
I wouldnt go so far in guessing that happened, more likely he picked some trojan/keylogger.
Srsly, i dont see the logic in even having that amount of money in one place , let alone in an online wallet.
This just prooves my point that local wallet client + wallet.dat on a removable drive is the best option.
Hope you get your funds back
Paper wallet anyone?
From nxtforum.org
Damelon:
http://thehackernews.com/2014/07/facebook-takes-down-bitcoin-stealing.html
But dates may not be right
Damelon:
Quote
I have just spoken by video to klee on Skype.
He has confirmed the messages earlier were from him.
He confirms that all his Nxt and all his Bitcoin have been taken.
He acknowledges that his security measures were not as good as they should be:
1. passes kept in a plaintext file
2. On a dropbox account that was not repassworded after heartbleed.
3. Possibility of open wifi at Vienna conference (long time ago, but a possibility, as his home wifi is passworded).
4. There were also irregulatities with his FB group page, where someone could suddenly post admin level posts.
5. Apparently his other accounts have not been compromised (mail, forum etc).
I would like to ask everyone when commenting to take into account the situation here. Feel free to comment, but if it descends into personal attacks, that will have consequences, as everyone knows.
Seems like the total losses amount to $ 1,000,000.
He has confirmed the messages earlier were from him.
He confirms that all his Nxt and all his Bitcoin have been taken.
He acknowledges that his security measures were not as good as they should be:
1. passes kept in a plaintext file
2. On a dropbox account that was not repassworded after heartbleed.
3. Possibility of open wifi at Vienna conference (long time ago, but a possibility, as his home wifi is passworded).
4. There were also irregulatities with his FB group page, where someone could suddenly post admin level posts.
5. Apparently his other accounts have not been compromised (mail, forum etc).
I would like to ask everyone when commenting to take into account the situation here. Feel free to comment, but if it descends into personal attacks, that will have consequences, as everyone knows.
Seems like the total losses amount to $ 1,000,000.
http://thehackernews.com/2014/07/facebook-takes-down-bitcoin-stealing.html
But dates may not be right
Attempted a BTC tag.
You owe me $2 so far
Nice You owe me $2 so far
If we could mark the transactions "coins stolen from klee", might put any innocent buyers off. It's only when the culprits try to convert to fiat they are likely to get nailed.
A remote possibility is that its someone from Dropbox itself.
Heyyyyyyy ...DONT format. Keep the evidence !!!
Why ? ... police can help ?
No ... because is not money ...
It is required to keep so that he may take help of some cyber expert to find out the IP trace of the attacker. Probably the anti-virus software running on his machine already has it.
How did the thief get your encrypted wallet? did you also backup your wallet on the same dropbox account where you stored password in plaintext?
That is crazy money to lose
I am really sorry...I hope you can somehow manage to figure it out... IMO it seems like it could have been someone that knows you (if you took the standard pre-cautionary measures)
I am really sorry...I hope you can somehow manage to figure it out... IMO it seems like it could have been someone that knows you (if you took the standard pre-cautionary measures)
I can't even imagine what that feels like. I wish you luck man.
When i grow up i want to be an internet detective.
Attempted a BTC tag.
You owe me $2 so far
You owe me $2 so far
make sure check what you download anything or click anything when you download it ?
like fake application . fake ebook . or fake Pdf of ebook or sync youre email to another website ?
if you do it please pm me what the application you download . i can tracking who's created the application or ebook or the website and contact to the real they ISP (internet service provider) and contact IT of country case of million money and tell them the case .
glad to see this thread . i know what you feel now .
like fake application . fake ebook . or fake Pdf of ebook or sync youre email to another website ?
if you do it please pm me what the application you download . i can tracking who's created the application or ebook or the website and contact to the real they ISP (internet service provider) and contact IT of country case of million money and tell them the case .
glad to see this thread . i know what you feel now .
Well this is an awful story. No point in lecturing, you should be aware of the mistakes you made based on the former posts.
I would not format the machine, but it might not be a bad idea to take it offline if you have any other sensitive information on it but it sounds like this all took place on dropbox.
Do you access dropbox from work or through any corporate/company firewall or anything where others could watch your traffic and/or remotely access your machine?
I would not format the machine, but it might not be a bad idea to take it offline if you have any other sensitive information on it but it sounds like this all took place on dropbox.
Do you access dropbox from work or through any corporate/company firewall or anything where others could watch your traffic and/or remotely access your machine?
Electrum password alone isn't sufficient (assuming the attacker got it through your dropbox plain text file), he'd also need a copy of the electrum wallet file. Any idea how that was accessed?
If I understand the OP correctly, both the wallet file and a plaintext txt with the password were on a dropbox volume.I don't use electrum but the way I understand it is the wallet is constructed from the 12 word seed.
That's why I asked Klee for kleerification... (*snort* sorry)
There's a password that secures your wallet file, and there's the master seed. With the seed, you're able to access the funds all by itself, but with the electrum password alone, you still need the wallet.
EDIT: Apologies for not replying but I am trying to manage a mess here (format the computers, contacts with authorities, phone/skype calls etc)..
Doesn't dropbox use 2-factor?
2-factor is useless against inside job.
My goodness that's a huge amount of BTC stolen. Storing plain text access to your wallet, ONLINE... but I guess it's too late for the lecture.
Make an image of your hard drive/ssd before you do anything else. There is a slim chance that the leftover evidence could lead to the capture. The more you use that same machine, the more the data gets overwritten.
Make an image of your hard drive/ssd before you do anything else. There is a slim chance that the leftover evidence could lead to the capture. The more you use that same machine, the more the data gets overwritten.
Heyyyyyyy ...DONT format. Keep the evidence !!!
Why ? ... police can help ?
No ... because is not money ...
Cars, TVs, computers are not money either and police can help.
Jump to: