Topic: If you used Brainwallet.org - MUST READ! - Security Breach! - page 8. (Read 52768 times)
Electrum users are advised not to type their seed in brainwallet.org (or any other website).
Sounds like a weak passphrase to me. We already know that people have created huge 'rainbow tables' of bitcoin addresses generated from SHA256 of weak passphrases, and they just sit watching the blockchain for any of them to come up and then siphon off the funds. This is yet another reason why a 'brain wallet' is such a terribly bad idea for anyone to do.
Will
Will
A brain wallet when done right is perfectly fine. A deterministic wallet like electrum is like a brain wallet. 12 words that are the seed to all your bitcoin keys. Of course the entropy is greater than your typical brain wallet. 128 bits for electrum.
Since the coins are already gone, please post what password you used for your brain wallet. We can then confirm to you that it was a bad and easily hackable password.
Don't try to be funny and drop the wrong password, everyone will know immediately.
Don't try to be funny and drop the wrong password, everyone will know immediately.
+1, and its not like he can use the address again...
Sounds like a weak passphrase to me. We already know that people have created huge 'rainbow tables' of bitcoin addresses generated from SHA256 of weak passphrases, and they just sit watching the blockchain for any of them to come up and then siphon off the funds. This is yet another reason why a 'brain wallet' is such a terribly bad idea for anyone to do.
Will
Will
Since the coins are already gone, please post what password you used for your brain wallet. We can then confirm to you that it was a bad and easily hackable password.
Don't try to be funny and drop the wrong password, everyone will know immediately.
Don't try to be funny and drop the wrong password, everyone will know immediately.
Brainwallet just uses this python code ...
privkey_hex = hashlib.sha256(keyphrase).hexdigest()
(Not that actual code since its from one of my scripts, but something similar). Its trivial to do your own version and avoid the web site entirely (then import the private key into the wallet of your choice). The slightly more tricky part is obtaining the WIF key and addresses, I posted a simple script here https://bitcointalksearch.org/topic/m.2642261 but there are probably more professional versions elsewhere on this forum.
But as has been said earlier, if you don't understand what a script is doing, then don't use it.
privkey_hex = hashlib.sha256(keyphrase).hexdigest()
(Not that actual code since its from one of my scripts, but something similar). Its trivial to do your own version and avoid the web site entirely (then import the private key into the wallet of your choice). The slightly more tricky part is obtaining the WIF key and addresses, I posted a simple script here https://bitcointalksearch.org/topic/m.2642261 but there are probably more professional versions elsewhere on this forum.
But as has been said earlier, if you don't understand what a script is doing, then don't use it.
The owner of that site needs to shut it down. This kind of thing was inevitable and we warned about it from the start. Someone has calculated a rainbow table and the passphrase you chose is in it.
Which wallet software did you import the key into? Do we need to put a warning about this site into wallet apps? We need to find some way to kill this stupid and dangerous site asap.
Which wallet software did you import the key into? Do we need to put a warning about this site into wallet apps? We need to find some way to kill this stupid and dangerous site asap.
How could be compromised a brainwallet ?
Breaking known algorithms should we exclude because that would affect all kind of wallets.
You have a javascript brainwallet like brainwallet.org or bitaddress.org or namecoinia.org.
1. It has a connection to the internet and transmitting your private keys.
You can avoid this if you save the page on your computer and switch off the internet connection when you are generating the keypairs.
Alternatively you can do it in a virtualbox container which has no internet connection.
2. You are generating a random keypair however it isn't random in the reality, but follows a deterministic or stored pattern known to the brainwallet creator.
The source is known (javascript) but it is obfuscated and difficult to check it. In this case it doesn't matter if you are offline or online.
Best if you generate deterministic wallet with a passphrase which is random and long enough but you choose it and your computer is offline.
In this case I cannot imagine how could the brainwallet creator know the private keys.
Of course they are other attack possibilities also but they are not brainwallet specific.
If you downloaded from a pishing site, you have some trojans on your computer or you have written the passphrase on a paper and let on the table on your bureau.
Breaking known algorithms should we exclude because that would affect all kind of wallets.
You have a javascript brainwallet like brainwallet.org or bitaddress.org or namecoinia.org.
1. It has a connection to the internet and transmitting your private keys.
You can avoid this if you save the page on your computer and switch off the internet connection when you are generating the keypairs.
Alternatively you can do it in a virtualbox container which has no internet connection.
2. You are generating a random keypair however it isn't random in the reality, but follows a deterministic or stored pattern known to the brainwallet creator.
The source is known (javascript) but it is obfuscated and difficult to check it. In this case it doesn't matter if you are offline or online.
Best if you generate deterministic wallet with a passphrase which is random and long enough but you choose it and your computer is offline.
In this case I cannot imagine how could the brainwallet creator know the private keys.
Of course they are other attack possibilities also but they are not brainwallet specific.
If you downloaded from a pishing site, you have some trojans on your computer or you have written the passphrase on a paper and let on the table on your bureau.
What passphrase did you use?
ireallylikecookies -> not ok
poweroutletsmmaybeeshockyuoifyuotuochit -> a lot better.
ireallylikecookies -> not ok
poweroutletsmmaybeeshockyuoifyuotuochit -> a lot better.
Is your passphrase just too simple?
Any passphrase you can memorize is almost too simple by definition. 
/sub
I used Brainwallet for a friend half a year ago on an offline pc with the code from github. The money is still there. I wouldn't trust the version that happens to be on any website but for now I do trust github to not mess with repos. I wish there was some signing involved though. If reputable dev would confirm to have seen nothing fishy about version [hash], I would pick up the changelog (if any) from there and decide if I use the signed version or the updated version. I picked the most recent version as it was old already, so I assumed it was reviewed by quite some people but I guess git's feature to mess with the history would allow to forge an old-looking head easily.
I used Brainwallet for a friend half a year ago on an offline pc with the code from github. The money is still there. I wouldn't trust the version that happens to be on any website but for now I do trust github to not mess with repos. I wish there was some signing involved though. If reputable dev would confirm to have seen nothing fishy about version [hash], I would pick up the changelog (if any) from there and decide if I use the signed version or the updated version. I picked the most recent version as it was old already, so I assumed it was reviewed by quite some people but I guess git's feature to mess with the history would allow to forge an old-looking head easily.
I don't think you can download the script from the site. Regardless, whether it is the website author or a hacker, the site is compromised. I don't think it had anything to do with my wallet.dat password being compromised - it is a very long, secure password and I do not believe there are any trojans on my system.
It is just javascript so you can just do Command-S or on window control-s and it will save the entire page. That is all you need.
and I meant maybe your brainwallet password was short not your wallet.dat password. It is probably a bot that instant created all private keys of a word list and then when a balance hit's it transfers it out.
You can save the website for offline usage or better yet get it from github.
I use from a computer with no internet access - and it works fine for generating the key pairs this way.
I use from a computer with no internet access - and it works fine for generating the key pairs this way.
I decided to mess around and make a brain wallet. I used the website www.brainwallet.org. Supposively, this javascript is client side only. Anyway, I made a brain wallet and decided to test it. I moved my spare change (I keep most of my BTC in cold storage) about 0.178 BTC to the new brain wallet I made "15WjmFwpZ1mp3fG55JGoGv3p5y9jtehEB2". Literally within seconds, it was moved to a new bitcoin address not owned by me "1Lp3S4PajwhuFCyrAXSFdVGxLuqTsXtVQC" https://blockchain.info/address/15WjmFwpZ1mp3fG55JGoGv3p5y9jtehEB2
I am very security conscience and am certain my wallet file was not compromised. My only thought is the brainwallet website has been compromised instead and some bot is stealing the private keys generated there and then instantly transfering any funds deposited to these compromised wallets to their own bitcoin addresses. DO NOT USE www.brainwallet.org and if you have used it, then immediately move your funds to a new location ASAP.
I am not complaining though, I only lost 0.178BTC - it could have been much worse.
I am very security conscience and am certain my wallet file was not compromised. My only thought is the brainwallet website has been compromised instead and some bot is stealing the private keys generated there and then instantly transfering any funds deposited to these compromised wallets to their own bitcoin addresses. DO NOT USE www.brainwallet.org and if you have used it, then immediately move your funds to a new location ASAP.
I am not complaining though, I only lost 0.178BTC - it could have been much worse.
Is your passphrase just too simple?
That is why you download it, and unplug your internet, then generator the public key. But I think your password was probably too short.
I don't think you can download the script from the site. Regardless, whether it is the website author or a hacker, the site is compromised. I don't think it had anything to do with my wallet.dat password being compromised - it is a very long, secure password and I do not believe there are any trojans on my system.
I decided to mess around and make a brain wallet. I used the website www.brainwallet.org. Supposively, this javascript is client side only. Anyway, I made a brain wallet and decided to test it. I moved my spare change (I keep most of my BTC in cold storage) about 0.178 BTC to the new brain wallet I made "15WjmFwpZ1mp3fG55JGoGv3p5y9jtehEB2". Literally within seconds, it was moved to a new bitcoin address not owned by me "1Lp3S4PajwhuFCyrAXSFdVGxLuqTsXtVQC" https://blockchain.info/address/15WjmFwpZ1mp3fG55JGoGv3p5y9jtehEB2
I am very security conscience and am certain my wallet file was not compromised. My only thought is the brainwallet website has been compromised instead and some bot is stealing the private keys generated there and then instantly transfering any funds deposited to these compromised wallets to their own bitcoin addresses. DO NOT USE www.brainwallet.org and if you have used it, then immediately move your funds to a new location ASAP.
I am not complaining though, I only lost 0.178BTC - it could have been much worse.
I am very security conscience and am certain my wallet file was not compromised. My only thought is the brainwallet website has been compromised instead and some bot is stealing the private keys generated there and then instantly transfering any funds deposited to these compromised wallets to their own bitcoin addresses. DO NOT USE www.brainwallet.org and if you have used it, then immediately move your funds to a new location ASAP.
I am not complaining though, I only lost 0.178BTC - it could have been much worse.
Jump to: