I've been robbed now I'm afraid to access my coins: how to proceed?

stompix

legendary

Activity: 2912

Merit: 6403

Blackjack.fun

Quote from: jacknimble on February 15, 2018, 11:22:08 PM

Recently I purchased a large number of coins on an exchange and began to proceed to send them to a private wallet. I had $5000 stolen within about 20 minutes of my first deposit. I had followed the same procedure I have used for years without incident, downloading an offline generator, booting a machine with TAILS, creating a paper wallet, and depositing to it. I had thought this was fairly secure but now reading up on it I see how wrong I was.

Now I have several thousands more in various coins I have recently purchased sitting on the exchange where I bought them, and I am terrified of attempting to get them off the exchange and into wallets without getting stolen.

As I understand it, it is likely that there is malware on my machine deep in the BIOS or something which was capable of stealing the keys as they were generated.

I am sorely tempted to leave the coins in the exchange, since that has 2FA protection and, after all, it's the process of moving them that seems to be the biggest security risk, but everyone seems to agree that's a bad idea and I do hate the thought that a 3rd party is in control anyway. Can I please be advised on how I can safely get my coins into secure wallets? Thanks.

As the others said, you need to give us a few more details.

Since nobody raised the question till now, are we talking about BTC?

Then, the second crucial part, you said you've downloaded an offline generator.
Since this is the only thing you have done that is different from the previous time, assuming the machine was not used for anything else between those two points, what wallet generator have you downloaded?

pentol86

sr. member

Activity: 851

Merit: 254

Borderless for People, Frictionless for Banks

i think you should access your account from other PC, or buy a new laptop, with different connection (internet provider) and access from there, also you should buy hardware wallet like trezor to keep your coin offline, good luck

avoxosuccesful

jr. member

Activity: 252

Merit: 3

mhn i'll advice you open another wallet or private key,stop using just one wallet and save on a note pador sm'in.but that pvk uv got at the moment has been hacked what ever u put in there is still goan come out with same result.

oddwh

hero member

Activity: 854

Merit: 1002

Seems like you were already careful with security, this is where your story is a bit scary as it can happen to everyone of us. Same question as others, what is this key generator ?

Maybe this generator just pick their private keys not truely generated from a database and the hacker just has to check these addresses. I never heared of a bios attack in cryptocurrencies, or I missed something and even, if this machine is always offline, the hacker couldn't receive any datas.

For generating keys, I still prefer using a classic software wallet (like bitcoin core). At least, you can trust this software. This is not the first story we hear about a compromised key generator. The last one was with a Iota key generator : https://news.bitcoin.com/iota-attacked-for-subpar-wallet-security-following-4m-hack/

Sevarchik

member

Activity: 420

Merit: 10

Buy one laptop install latest windows to them and use him only for accessing to your coins no other web sites. And allways update your system.
This can give you 99% security

mk4

legendary

Activity: 2870

Merit: 3873

Paldo.io 🤖

Quote from: lite on February 16, 2018, 12:06:07 AM

Quote from: Juggy777 on February 16, 2018, 12:00:10 AM

Quote from: jacknimble on February 15, 2018, 11:22:08 PM

Recently I purchased a large number of coins on an exchange and began to proceed to send them to a private wallet. I had $5000 stolen within about 20 minutes of my first deposit. I had followed the same procedure I have used for years without incident, downloading an offline generator, booting a machine with TAILS..........

There is something wrong with this, you say you followed this for years and yet your coins were lost. Were you using it on a public wifi as many people have lost it using public...........

What's the exchange name, post your address of funds, and the address where funds went.

He's using TAILS(live version i believe), so chances of virus infection is very low. it's probably the offline keys generator that he used must've stolen the money. op can you share which offline generator were you using? sorry for your loss.

This. We need the specifics. Though to be honest I think if OP knows enough for him/her to be using Tails he/she should probably be knowledgeable enough to know which offline key generators to trust.

lite

legendary

Activity: 1400

Merit: 1009

Quote from: Juggy777 on February 16, 2018, 12:00:10 AM

Quote from: jacknimble on February 15, 2018, 11:22:08 PM

Recently I purchased a large number of coins on an exchange and began to proceed to send them to a private wallet. I had $5000 stolen within about 20 minutes of my first deposit. I had followed the same procedure I have used for years without incident, downloading an offline generator, booting a machine with TAILS, creating a paper wallet, and depositing to it. I had thought this was fairly secure but now reading up on it I see how wrong I was.

Now I have several thousands more in various coins I have recently purchased sitting on the exchange where I bought them, and I am terrified of attempting to get them off the exchange and into wallets without getting stolen.

As I understand it, it is likely that there is malware on my machine deep in the BIOS or something which was capable of stealing the keys as they were generated.

I am sorely tempted to leave the coins in the exchange, since that has 2FA protection and, after all, it's the process of moving them that seems to be the biggest security risk, but everyone seems to agree that's a bad idea and I do hate the thought that a 3rd party is in control anyway. Can I please be advised on how I can safely get my coins into secure wallets? Thanks.

There is something wrong with this, you say you followed this for years and yet your coins were lost. Were you using it on a public wifi as many people have lost it using public wifi. Is your machine infected with viruses, have it checked. Did you get in touch with the exchange and seeked out as to how was this possible.

What's the exchange name, post your address of funds, and the address where funds went.

He's using TAILS(live version i believe), so chances of virus infection is very low. it's probably the offline keys generator that he used must've stolen the money. op can you share which offline generator were you using? sorry for your loss.

Juggy777

hero member

Activity: 2646

Merit: 686

Quote from: jacknimble on February 15, 2018, 11:22:08 PM

Recently I purchased a large number of coins on an exchange and began to proceed to send them to a private wallet. I had $5000 stolen within about 20 minutes of my first deposit. I had followed the same procedure I have used for years without incident, downloading an offline generator, booting a machine with TAILS, creating a paper wallet, and depositing to it. I had thought this was fairly secure but now reading up on it I see how wrong I was.

Now I have several thousands more in various coins I have recently purchased sitting on the exchange where I bought them, and I am terrified of attempting to get them off the exchange and into wallets without getting stolen.

As I understand it, it is likely that there is malware on my machine deep in the BIOS or something which was capable of stealing the keys as they were generated.

I am sorely tempted to leave the coins in the exchange, since that has 2FA protection and, after all, it's the process of moving them that seems to be the biggest security risk, but everyone seems to agree that's a bad idea and I do hate the thought that a 3rd party is in control anyway. Can I please be advised on how I can safely get my coins into secure wallets? Thanks.

There is something wrong with this, you say you followed this for years and yet your coins were lost. Were you using it on a public wifi as many people have lost it using public wifi. Is your machine infected with viruses, have it checked. Did you get in touch with the exchange and seeked out as to how was this possible.

What's the exchange name, post your address of funds, and the address where funds went.

rommelzkie

full member

Activity: 294

Merit: 125

The first thing to do is create an offline wallet. for example create a wallet on MEW if your token is ERC20. after that keep your private keys written on a paper. donot save your private keys details to your computer. after that, withdraw a small amount of tokens from your exchange going to your new wallet. double and triple check the address. if there is no problem within one week. your old wallet private keys might be compromised.

odolvlobo

legendary

Activity: 4466

Merit: 3391

Determining how your private keys were accessed would be helpful. Perhaps the key generation software you downloaded is the problem. Either way, the only sensible thing to do now is to get a hardware wallet.

mk4

legendary

Activity: 2870

Merit: 3873

Paldo.io 🤖

I honestly don't know at which step your problem occurred and if it's a human error or not, but try creating your paper wallet on another separate device, or better yet, on a hardware wallet like a Trezor[1] or a Ledger Nano S[2] as I really don't think there's such thing as a "BIOS malware"(not sure, correct me if I'm wrong). You transacted $5000 worth of crypto, a $100 hardware wallet shouldn't be much for you.

[1] https://trezor.io/
[2] https://ledgerwallet.com/

jacknimble

newbie

Activity: 6

Merit: 0

Recently I purchased a large number of coins on an exchange and began to proceed to send them to a private wallet. I had $5000 stolen within about 20 minutes of my first deposit. I had followed the same procedure I have used for years without incident, downloading an offline generator, booting a machine with TAILS, creating a paper wallet, and depositing to it. I had thought this was fairly secure but now reading up on it I see how wrong I was.

Now I have several thousands more in various coins I have recently purchased sitting on the exchange where I bought them, and I am terrified of attempting to get them off the exchange and into wallets without getting stolen.

As I understand it, it is likely that there is malware on my machine deep in the BIOS or something which was capable of stealing the keys as they were generated.

I am sorely tempted to leave the coins in the exchange, since that has 2FA protection and, after all, it's the process of moving them that seems to be the biggest security risk, but everyone seems to agree that's a bad idea and I do hate the thought that a 3rd party is in control anyway. Can I please be advised on how I can safely get my coins into secure wallets? Thanks.

Topic: I've been robbed now I'm afraid to access my coins: how to proceed? (Read 166 times)