Pages:
Author

Topic: Someone sending out MilliBits - page 2. (Read 16411 times)

full member
Activity: 168
Merit: 100
February 18, 2014, 08:15:08 AM
#32


God bless you for understanding this, because I sure as heck don't.  I thought BTC was anonymous, and I didn't think I was putting myself and my BTC address at risk by sending BTC to another address.  If that's what you're saying, I'm nervous.

Errr... whoever told you bitcoin is anonymous was joking, because that's funny. It may be anonymous to regular folks, but it is NOT anonymous to governments with really powerful computers. Your spending patterns are as unique to you as your fingerprints. Human beings are creatures of habit. Let's say that you hypothetically enjoy delivery Chinese food with expensive liquor while watching heavyweight championship boxing. Prior to getting involved with bitcoin, your credit card transactions show that these are your preferences. Now, you are trying to stay hidden and use "anonymous" bitcoins to make your purchases instead. There is going to be a world heavyweight boxing match tonight so you run out to the local liquor store and buy a bottle of Dom Perignon, go home, and then order some delivery Chinese food, all with bitcoin. Your government's computers pick up this spending pattern on the blockchain, hack into Mr. Wok's servers and BAM! They've just located you. Most merchants have their wallets with coinbase or bitpay to isolate themselves from exchange rate risk and messy tax filings. That's how the government gets their hands on most merchant's bitcoin wallet addresses.

Or you like French food, expensive liquor, and buy a lotto ticket every Friday night at your local convenience store. All they'd have to do to catch you is wait for you at the local convenience store on Friday night.

Or... you get the picture.

If you were religious, I'd say that bitcoin is the mark of the beast!
member
Activity: 98
Merit: 10
February 18, 2014, 07:10:07 AM
#31
2) because of this, more generally speaking:




omg thanks for the laugh Smiley
legendary
Activity: 2114
Merit: 1015
February 18, 2014, 05:30:05 AM
#30
My address received this strange transaction lately. However, that address has not been written anywhere so the attacker had to just discover it from the block chain I suspect. Another theory is that this is some kind of bitcoin terrorism. People who have nice round balances in their cold storage get them ruined.

There are some interesting public notes there:
Public Note: Hey, give me back my 20 Bitcoin

Public Note: If you are reading this, please take some time to remember those who died 12 years ago today in the WTC attacks

Public Note: Whoever you are, you're epic.

edit:
there's some more suspicious activity, look this address: https://blockchain.info/address/1AgesqfafUHHpAWnmjj9g6TVqBGXk4ixxg

A lot of coins are sent to all possible addresses that start with 1Ag

According to Mendelejev's table, silver is Ag.

ONE MORE THEORY:
What if the attacker has targeted just one address? However, to make it less threatening it has added a bunch of other random addresses to the formula? Then people such as myself who get disturbed by this activity start making posts to this thread and are immediately connected to their address by the forum user.

and one more:
Some of the destination addresses have spent their input except this suspicious input. Maybe the attacker tries to pin point automated wallets? So if the suspicious input remains unspent but other balance is spent then there could be some automation in place which could be abused with the transaction malleability vulnerability.
legendary
Activity: 2126
Merit: 1001
February 13, 2014, 05:58:42 PM
#29
I got 1Enjoy and 1Sochi today on my address posted on my sig (which I now removed) so they are definitely scraping from here, though probably not here alone.

Solution to not get tagged:

Quote
If you don't want some anonymous actor to know which addresses you control, it's best to get rid of those keys or move those dust transactions out of your wallet.

One way to do that is by using Dust-B-Gone. A script written by Peter Todd, one of the bitcoin core developers. It takes those transactions and sends them to his server where they are all combined and spent in a transaction with a 0btc output, effectively giving the dust to the miners.

If you are weary of connecting to his server directly, it has the option of connecting through TOR.

Dust-B-Gone can be found here: https://github.com/petertodd/dust-b-gone

I've used it myself not too long ago and works like a charm. You may have to set the dust limit to 0.001 BTC for it to find the transaction(s). You can run it initially as a dry run by specifying --dry-run and it'll show you a raw dump of the transaction it'll send out.

More information can be found here: https://bitcointalksearch.org/topic/m.3413785


Aww, I like this!
He didn't send the dust to himself, or back to the owner, or to a black hole, he send it to the miners!
Yep, I like this guy!

Ente
sr. member
Activity: 266
Merit: 250
February 13, 2014, 03:28:43 PM
#28
I got 1Enjoy and 1Sochi today on my address posted on my sig (which I now removed) so they are definitely scraping from here, though probably not here alone.

Solution to not get tagged:

Quote
If you don't want some anonymous actor to know which addresses you control, it's best to get rid of those keys or move those dust transactions out of your wallet.

One way to do that is by using Dust-B-Gone. A script written by Peter Todd, one of the bitcoin core developers. It takes those transactions and sends them to his server where they are all combined and spent in a transaction with a 0btc output, effectively giving the dust to the miners.

If you are weary of connecting to his server directly, it has the option of connecting through TOR.

Dust-B-Gone can be found here: https://github.com/petertodd/dust-b-gone

I've used it myself not too long ago and works like a charm. You may have to set the dust limit to 0.001 BTC for it to find the transaction(s). You can run it initially as a dry run by specifying --dry-run and it'll show you a raw dump of the transaction it'll send out.

More information can be found here: https://bitcointalksearch.org/topic/m.3413785
global moderator
Activity: 4018
Merit: 2728
Join the world-leading crypto sportsbook NOW!
February 12, 2014, 01:20:07 PM
#27
Ok: more suspiciously, 1SochiWwFFySPjQoi2biVftXn8NRPCSQC has just sent me 1 satoshi. Literally just now.
That probably means someone is screwing around, probably on this forum: saw my post and sent it almost straightaway.
Come on, people. If you're going to prank someone at least make it 0.1 bitcoins.

That happened to somebody else on here about ten minutes after they posted in one of the threads haha. Maybe just coincidence?
hero member
Activity: 592
Merit: 500
February 12, 2014, 01:17:16 PM
#26
Now I've just been sochi/ enjoy 'd , cxnts!

Thought i'd got away from this bs..
legendary
Activity: 1764
Merit: 1031
February 12, 2014, 12:55:57 PM
#25
Ok: more suspiciously, 1SochiWwFFySPjQoi2biVftXn8NRPCSQC has just sent me 1 satoshi. Literally just now.
That probably means someone is screwing around, probably on this forum: saw my post and sent it almost straightaway.
Come on, people. If you're going to prank someone at least make it 0.1 bitcoins.
legendary
Activity: 1764
Merit: 1031
February 12, 2014, 12:51:19 PM
#24
Thanks for the reply. That's good to know (I'm assuming your address that got dust was not generated from a brainwallet, or has a very strong password.)
However, at the time of the dust payments, someone did send 0.000546 btc to a bunch of *dictionary-generated* brainwallet addresses (not random) and swept them back a week later - take a look at the addresses generated by those words, "speculat-", that I mention, and plenty of others. That's weird. Like I say, I don't know why you'd do it that way - sweeping the funds straightaway if the address has anything in it, as you describe, makes more sense - but that's apparently what happened. That looks a lot like something sinister to me. If it was routine bot sweeping, they wouldn't have put btc in and they wouldn't all have come out the same week. The amount was also roughly (exactly?) 1c at those prices, which may or may not be coincidence.
One alternative is some kind of DoS attack. Around half the addresses on the blockchain (1.2 million) that have any funds in have only dust, which dates back to c. 2011. At the time the amounts would have been tiny; they're much more now (and I imagine the perpetrator would like them back). I wonder whether it was something similar?
legendary
Activity: 2126
Merit: 1001
February 12, 2014, 12:23:34 PM
#23
Another theory. I'm not sure about this: just want to run it up the flagpole and see who salutes it.
If you look at brainwallets, you'll see that they can be incredibly insecure. A lot of people treat them like email and use bad passwords. It makes them vulnerable to people guessing them.
What if you used a dictionary to generate private keys and addresses, then sent a small amount of bitcoins - say 0.0000546 - to each address. A week later you run the same script and hoover up your coins, plus any others that happen to be sitting in an address you have 'guessed' right.
I don't know why you'd do it this way. Maybe you're a lazy coder, or something. But that appears to be what someone has done. Do a brainwallet address search for speculator, speculating, spectator, spectacles, etc, and you'll see what I mean. 0.0000546 bitcoins goes into the account, a week later out it goes. Looks like someone is running dictionary attacks with words over a certain length.
(Just so we're clear, I found this out through research into brainwallets and general curiosity, not to steal bitcoins from badly-secured wallets. I can't prove this but suffice to say I probably wouldn't post this warning if I was. Smiley )

*** People who have received dust payments: are you using a brainwallet? If so, consider it insecure and move your coins ASAP. ***

Like I said, not sure whether this is right or not. But something weird is going on with dictionary-generated brainwallet addresses.
Alternatively, I'd love to know any other theories as to why someone would send 0.0000546 bitcoins to a bunch of dictionary addresses.... any answers?

Good theory - but unprobable because of two things:

1) you can, as a "brainwallet harvester", create random private keys, calculate the public address to this, and look up on the blockchain if there is any money on that. If yes - sweep it away immediately. All public addresses with funds on them would be in a huge database, everything would be done completely offline.

2) because of this, more generally speaking:



3) bonus: I received dust, it was on an address I published somewhere, on the forums or something like that. Unrelated: I did a test and sent a small amount to a brainwallet address with a weak passphrase. It was sweeped like some hours later.

Ente
legendary
Activity: 1764
Merit: 1031
February 12, 2014, 12:04:08 PM
#22
Another theory. I'm not sure about this: just want to run it up the flagpole and see who salutes it.
If you look at brainwallets, you'll see that they can be incredibly insecure. A lot of people treat them like email and use bad passwords. It makes them vulnerable to people guessing them.
What if you used a dictionary to generate private keys and addresses, then sent a small amount of bitcoins - say 0.0000546 - to each address. A week later you run the same script and hoover up your coins, plus any others that happen to be sitting in an address you have 'guessed' right.
I don't know why you'd do it this way. Maybe you're a lazy coder, or something. But that appears to be what someone has done. Do a brainwallet address search for speculator, speculating, spectator, spectacles, etc, and you'll see what I mean. 0.0000546 bitcoins goes into the account, a week later out it goes. Looks like someone is running dictionary attacks with words over a certain length.
(Just so we're clear, I found this out through research into brainwallets and general curiosity, not to steal bitcoins from badly-secured wallets. I can't prove this but suffice to say I probably wouldn't post this warning if I was. Smiley )

*** People who have received dust payments: are you using a brainwallet? If so, consider it insecure and move your coins ASAP. ***

Like I said, not sure whether this is right or not. But something weird is going on with dictionary-generated brainwallet addresses.
Alternatively, I'd love to know any other theories as to why someone would send 0.0000546 bitcoins to a bunch of dictionary addresses.... any answers?
legendary
Activity: 1974
Merit: 1077
Honey badger just does not care
January 07, 2014, 05:38:18 PM
#21
God bless you for understanding this, because I sure as heck don't.  I thought BTC was anonymous, and I didn't think I was putting myself and my BTC address at risk by sending BTC to another address.  If that's what you're saying, I'm nervous.

Don't know which risk you are talking about. Bitcoin addresses which send and receive coins are in permanent public record. There are also connected to their inputs and outputs. You have to understand there are no "coins" like in the physical world, each coin is permanently destroyed when it completely becomes an input for another coin, but the record of it's previous existence remains forever. Two inputs of a new coin become tied to each other in that new coin, until that coin's output become's input to yet another one.

All those inputs and outputs have not only BTC amounts, but also sending address of the output and receiving address of the input in the blockchain record.

Keep in mind that sum of inputs and the outputs of each transaction have to be equal, and since there's a slim chance you have the exact amount in one "coin" you wan't to send to another address, in majority of cases your output have to be tied to your another coin's output to make enough for a transaction, and the change of the transaction goes to your new "coin" as it's input. This eternal multiple inputs/multiple outputs game is the reason for this dust to be sent, as a sender hopes to trace it's outputs for a long time until he figures out where it eventually ended.

There is in no way to connect a BTC address to a personal identity, but i'ts enough that you have leaked a single tie of some address to your identity, and this dust's output to become a new coin owned by an address in the same wallet as this leaked address, these old coins will also be tied to that leaked identity.

Also, keep in mind that your IP address is somewhere in the private record of you ISP provider. Each time your provider assigns a dynamic IP address to your home router, or static IP address to your business, it logs which IP address went to which customer. Those logs can be obtained in all countries with the court order, and in some countries even without the court order. The reason why I'm mentioning this is a possibility that your peers, when you send a BTC transaction, my log the IP which sent them the transaction. In most cases you are not connected to a peer who does such a thing, but even if you are, those "nasty" peers my get the IP of the peer that relayed the transaction, not the peer that originated it, so they can never be sure if they got the IP address of the originator right. You can make sure that your IP will never be logged, but it's far from easy, and the guys that need such a things know how to do it.

When you know these facts you are safe and there is no risk in using Bitcoin, just behave appropriately. There are recommended polices you should stick to, start with never reusing the BTC address without the great need to do so. This policy was recommended for a whole another reason (not to expose the public key, just a hash of it instead), but is very useful for keeping your transactions and addresses harder to tie together. This forum post is not adequate for all of these policies, but you can find them all over this forum.
legendary
Activity: 2126
Merit: 1001
January 07, 2014, 05:09:54 PM
#20

They are trying to entice the addresses to consolidate the funds, thus proving linkages between addresses in order to defeat pseudonymity.

Before the RNG bug was well known, some people were also using this technique to trying to entice spends from addresses from devices with weak RNG so they can perform a private key disclosure.

Will

Exactly. If you keep track of where coins start, and where they end up, you can 'color' the entire transaction tree. Think of a river that runs backwards from the sea. You dump dye in the water at the delta, the mouth, and watch is flow back up track all the estuaries. Not an elegant example, but you get the point. You could track water back to the smallest creek.

Thats whats happening here.

God bless you for understanding this, because I sure as heck don't.  I thought BTC was anonymous, and I didn't think I was putting myself and my BTC address at risk by sending BTC to another address.  If that's what you're saying, I'm nervous.

Well, Bitcoin isn't anonymous. It is, however, pseudonymous. That means you can distinguish individual payments, amounts and addresses, just just don't know which address belongs to whom.
With this technique (sending out tiny amounts), as well as a few others, one can figure out which individual addresses belong to the same user and/or wallet. For example, if you receive one dust amount to an "anonymous" address of your wallet, and spend it together with funds from an address you have written in your signature, everyone (who cares to look) knows that the first, "anonymous" address belongs to the user quone.

Not more, not less.

But yes, the public opinion on one hand, and the technical facts on the other hand about anonymity/pseudonymity are a reason to become nervous ;-)

Ente
full member
Activity: 224
Merit: 104
January 07, 2014, 04:35:08 PM
#19

They are trying to entice the addresses to consolidate the funds, thus proving linkages between addresses in order to defeat pseudonymity.

Before the RNG bug was well known, some people were also using this technique to trying to entice spends from addresses from devices with weak RNG so they can perform a private key disclosure.

Will

Exactly. If you keep track of where coins start, and where they end up, you can 'color' the entire transaction tree. Think of a river that runs backwards from the sea. You dump dye in the water at the delta, the mouth, and watch is flow back up track all the estuaries. Not an elegant example, but you get the point. You could track water back to the smallest creek.

Thats whats happening here.

God bless you for understanding this, because I sure as heck don't.  I thought BTC was anonymous, and I didn't think I was putting myself and my BTC address at risk by sending BTC to another address.  If that's what you're saying, I'm nervous.
legendary
Activity: 1204
Merit: 1002
RUM AND CARROTS: A PIRATE LIFE FOR ME
January 07, 2014, 04:05:17 PM
#18

They are trying to entice the addresses to consolidate the funds, thus proving linkages between addresses in order to defeat pseudonymity.

Before the RNG bug was well known, some people were also using this technique to trying to entice spends from addresses from devices with weak RNG so they can perform a private key disclosure.

Will

Exactly. If you keep track of where coins start, and where they end up, you can 'color' the entire transaction tree. Think of a river that runs backwards from the sea. You dump dye in the water at the delta, the mouth, and watch is flow back up track all the estuaries. Not an elegant example, but you get the point. You could track water back to the smallest creek.

Thats whats happening here.
full member
Activity: 532
Merit: 104
legendary
Activity: 1974
Merit: 1077
Honey badger just does not care
November 12, 2013, 06:38:17 AM
#16
Also, one scenario could be that people receive (milli)bitcoins and go on send them elsewhere. When you send a transaction out, you publish your (real) public key (which is something different to your public bitcoin address). If the privat+public key pair was created insecurely, the attacker ow knows the public key and might be able to steal all funds from that address.

BUT: Why the heck does the attacker here send millibits to addresses which already did transactions? Where the public key is already published and known?
So, this can't really be the reason.

Analyzing who owns which addresses? Doesn't really make sense, with just a handfull he scraped from bitcointalk and similar.

So, my guess is it's something with tainting other coins.

Ente

Maybe it's not just the public key, if the receiver sends this dust out to consolidate the wallet he may reveal his real IP address if his peer is listening, getting info for potential attack on the wallet later. I wonder if those addresses that receive dust have:
a) above average amount of BTC in them, meaning not particular BTC address but the wallet that holds that BTC address.
b) local wallet, not web wallet
legendary
Activity: 1540
Merit: 1029
November 12, 2013, 01:08:03 AM
#15
Very strange.
legendary
Activity: 2674
Merit: 3000
Terminated.
November 12, 2013, 01:01:45 AM
#14
This is mysterious.  Shocked
sr. member
Activity: 490
Merit: 250
November 11, 2013, 08:54:39 PM
#13
Quote from: rjs
That's generous of you to offer an exchange, but I think they're fine.

Here's the address of the coin with extra BTC on it: https://blockchain.info/address/13EboHof8EoyB3xW4tssrsufhQtaQmymhS - address 1FFirnLctcZxVx5otnLNZ4dDGUkMBM4vNr is being a Bitcoin fairy and sending Bitcoins to a bunch of addresses. That same address previously sent a whole bunch of 1BTC to many, many addresses and then 100BTC to two addresses and 25BTC to one address. My first thought was that was Casascius loading his coins and then doing... something sending a little extra. But spot-checking the 1BTC addresses doesn't show what I would expect in this case, which would be that all those addresses just had one (or two) transactions to them, and they all hold a nice round 1BTC (or 1.001BTC), but that's not really what I'm seeing. A mystery!
Pages:
Jump to: