Topic: My Bitcoin Nightmare. (Read 4265 times)
Hope all goes okay
[/quote]
lol i like this !!
[/quote]
for one, I didn't exchange my "bitcoin for paypal" as genius above indicates.
ill laugh at you when u lose the lot and we'll see who neo is then smarta$$.
The only real way to be safe with BTC is offline storage, very painstaking indeed, but its the only way to be 100% safe.
Sorry for your loss OP, you couldnt have seen this coming, so it wasn't your fault
For storing large amounts of BTC ($500+) I'd recommend anyone to use cold storage
As for possible having your PP pass stolen, make sure you change all your passwords, and dispute any unauthorized transactions.
Sorry for your loss OP, you couldnt have seen this coming, so it wasn't your fault
For storing large amounts of BTC ($500+) I'd recommend anyone to use cold storage
As for possible having your PP pass stolen, make sure you change all your passwords, and dispute any unauthorized transactions.
Well ... when you exchange bitcoin (no chargeback) for paypal (with chargeback) ...
Welcome in real world, neo.
Welcome in real world, neo.
lol i like this !!
It baffles me how anyone can do financial transactions on a system with free programs like Avast. Pay a few bucks and get something that would give you way better security versus losing everything. Lesson learned.
Something that would give you way better security? Like what?
Anti virus programs are a joke. All they detect are the low hanging fruit like MegaFreeMicrosoftWindow50000.doc.exe. I have no anti virus or other similar programs and I've never had a virus in my life. How? I patch all my software immediately upon a new version being released, and I don't open suspicious files.
You could have every anti virus program in the world installed at the same time, but if a sufficiently motivated attacker targets you, they're all worthless. Whilst they claim to use heuristics to detect new threats that they don't have a signature for, the heuristics are quite poor. It takes virtually no effort to write malware which is not detected by any anti virus.
I'm not saying DON'T use anti virus, but as others have mentioned, they are far from infallible. They give both false positives and false negatives. The paid ones are generally no better than the free ones, and in many cases they're worse.
I'm reading tons of hack / keylogging complaints on these forums every day. Just goes to show how much further Bitcoin has to go by way of security.
i am think this difirent some times
Sorry, can't really understand what you want to say.
i am think this difirent some times
Something that would give you way better security? Like what?
Kaspersky or G-Data do very good protection (in antivirus version ONLY) ...
But, like you, i don't have one on the P2P machine ...
because it's useless.I only have this on my "files & internet" machine.
It baffles me how anyone can do financial transactions on a system with free programs like Avast. Pay a few bucks and get something that would give you way better security versus losing everything. Lesson learned.
Something that would give you way better security? Like what?
Anti virus programs are a joke. All they detect are the low hanging fruit like MegaFreeMicrosoftWindow50000.doc.exe. I have no anti virus or other similar programs and I've never had a virus in my life. How? I patch all my software immediately upon a new version being released, and I don't open suspicious files.
You could have every anti virus program in the world installed at the same time, but if a sufficiently motivated attacker targets you, they're all worthless. Whilst they claim to use heuristics to detect new threats that they don't have a signature for, the heuristics are quite poor. It takes virtually no effort to write malware which is not detected by any anti virus.
I'm not saying DON'T use anti virus, but as others have mentioned, they are far from infallible. They give both false positives and false negatives. The paid ones are generally no better than the free ones, and in many cases they're worse.
OP, you have quite a bit of reading and learning to do re computer security and so forth, and in that sense, yeah, you'd be best sticking with something that nannies your security for you until such time as you can responsibly and confidently handle it yourself.
But it sounds like you at least vaguely understood that you were accepting inordinate amounts of risk at several points in your "nightmare". If you let the perceived urgency of whatever you're doing override your basic instincts towards caution and prudence, you'll likely go through the woodchipper now and then, whether you're working with BTC or anything else. If something seems like a shitty deal, a sketchy company, a bad idea, and you either don't have the time or don't have the interest to make a solid call on it, just don't do it. If for some reason you absolutely must, then you'll have to accept the likely forfeiture of your stuff.
Sucks that all of these hit you in a row, but by now you're in an excellent position to reassess your moves and work on getting a tighter ship together. Good luck.
But it sounds like you at least vaguely understood that you were accepting inordinate amounts of risk at several points in your "nightmare". If you let the perceived urgency of whatever you're doing override your basic instincts towards caution and prudence, you'll likely go through the woodchipper now and then, whether you're working with BTC or anything else. If something seems like a shitty deal, a sketchy company, a bad idea, and you either don't have the time or don't have the interest to make a solid call on it, just don't do it. If for some reason you absolutely must, then you'll have to accept the likely forfeiture of your stuff.
Sucks that all of these hit you in a row, but by now you're in an excellent position to reassess your moves and work on getting a tighter ship together. Good luck.
Thanks, I guess I deserved to have my btc collection ripped off like that huh.
"Praises the thieves"
Can still see my coins sitting in someone else address dangling a carrot
First of all, I'm really sorry for your loss. Blaming yourself on top of things won't do any good. Security is still a major shortcoming of crypto, it's true. You didn't do anything "wrong".
However... If you suspected a keylogger, you would have been better off making an account at blockchain.info or coinbase and signing up for 2FA. The counterparty risk for 1 bitcoin is perfectly acceptable for that amount. The keylogger wouldn't have access to the codes going to your authenticator / sms, so couldn't access your account.
The more laborious method is using a fresh linux boot disk and, while offline, creating an encrypted paper wallet with the code from bitaddress.org. That would also avoid the keylogger, but it's not yet newbie friendly. (I know I've seen people selling completely loaded usbs on here, but I can't recall who or how much it costs.)
As others have said, your best bet would have been to come here for advice on how to sell your coin.
Sorry, again.
If I were you, I'd think about how to channel that rage productively. Anger is the best motivation. Think about how to channel it to get something you want.
However... If you suspected a keylogger, you would have been better off making an account at blockchain.info or coinbase and signing up for 2FA. The counterparty risk for 1 bitcoin is perfectly acceptable for that amount. The keylogger wouldn't have access to the codes going to your authenticator / sms, so couldn't access your account.
The more laborious method is using a fresh linux boot disk and, while offline, creating an encrypted paper wallet with the code from bitaddress.org. That would also avoid the keylogger, but it's not yet newbie friendly. (I know I've seen people selling completely loaded usbs on here, but I can't recall who or how much it costs.)
As others have said, your best bet would have been to come here for advice on how to sell your coin.
Sorry, again.
If I were you, I'd think about how to channel that rage productively. Anger is the best motivation. Think about how to channel it to get something you want.
Using a cloud wallet with multifactor authentication (password + sms key needed to login) would help significantly. CoinBase has this.
You should also register your cloud wallet account with an email address that itself has multifactor authentication (e.g gmail).
The other thing you want is a record of all the sessions that occur so that you can regularly audit it to make sure no one else is logging in.
Bitcoin security is operational security. A dedicated client/wallet machine is a good idea. So is offloading some of the nuts and bolts of physical security to a professional service.
You should also register your cloud wallet account with an email address that itself has multifactor authentication (e.g gmail).
The other thing you want is a record of all the sessions that occur so that you can regularly audit it to make sure no one else is logging in.
Bitcoin security is operational security. A dedicated client/wallet machine is a good idea. So is offloading some of the nuts and bolts of physical security to a professional service.
OP, you have quite a bit of reading and learning to do re computer security and so forth, and in that sense, yeah, you'd be best sticking with something that nannies your security for you until such time as you can responsibly and confidently handle it yourself.
But it sounds like you at least vaguely understood that you were accepting inordinate amounts of risk at several points in your "nightmare". If you let the perceived urgency of whatever you're doing override your basic instincts towards caution and prudence, you'll likely go through the woodchipper now and then, whether you're working with BTC or anything else. If something seems like a shitty deal, a sketchy company, a bad idea, and you either don't have the time or don't have the interest to make a solid call on it, just don't do it. If for some reason you absolutely must, then you'll have to accept the likely forfeiture of your stuff.
Sucks that all of these hit you in a row, but by now you're in an excellent position to reassess your moves and work on getting a tighter ship together. Good luck.
But it sounds like you at least vaguely understood that you were accepting inordinate amounts of risk at several points in your "nightmare". If you let the perceived urgency of whatever you're doing override your basic instincts towards caution and prudence, you'll likely go through the woodchipper now and then, whether you're working with BTC or anything else. If something seems like a shitty deal, a sketchy company, a bad idea, and you either don't have the time or don't have the interest to make a solid call on it, just don't do it. If for some reason you absolutely must, then you'll have to accept the likely forfeiture of your stuff.
Sucks that all of these hit you in a row, but by now you're in an excellent position to reassess your moves and work on getting a tighter ship together. Good luck.
don't use internet explorer or google chrome ... or firefox with keylogger in "add-ons" section (real ... ).ok ... don't use a PC
At this stage im not 100% sure if I was it was a keylogger or not, just guessing.
All I know is I sent 0.05 bitcoin to someone who bought it for 90$.
I Then bought 0.095 btc from virwox and sent it my acct leaving me with 0.7761.
Wake up in the middle of the night, and there's a sent transaction of 0.7761 btc
leaving me with 0.00051932 BTC.
I am guessing this because I changed my passphrase a few hours before all that happened
as well as clicked on a suspicious link which turned out to be an exe file with an icq picture.
All I know is I sent 0.05 bitcoin to someone who bought it for 90$.
I Then bought 0.095 btc from virwox and sent it my acct leaving me with 0.7761.
Wake up in the middle of the night, and there's a sent transaction of 0.7761 btc
leaving me with 0.00051932 BTC.
I am guessing this because I changed my passphrase a few hours before all that happened
as well as clicked on a suspicious link which turned out to be an exe file with an icq picture.
It baffles me how anyone can do financial transactions on a system with free programs like Avast. Pay a few bucks and get something that would give you way better security versus losing everything. Lesson learned.
I wonder that you would trust antivirus programs to offer any serious protection at all. Frankly they do more harm than good, as evidenced in this case where the OP "scanned" his computer and assumed everything was fine.
He/she should have unplugged from the internet as soon as he suspected a keylogger, generated a new address on an unconnected computer or read-only boot image, and moved his bitcoin. Waiting for a virus scan is madness - it takes too long, misses too much, and you can do that after you move your coins anyway. If you do bitcoin transations regularly, keep a small amount of bitcoin on your connected computer, use a crazy long random password to encrypt your wallet and a password manager which lets you unlock with mouse-driven password entry rather than keyboard strokes.
Hitmanpro is good
Also note that just about all AntiVirus programs give you (at best) something like a 96% coverage (which is an excellent result), many however don't even scan for certain malware types which better require dedicated scanners.
If your program doesn't check for heuristics and has some form of behavioural analysis of very good quality - you're usually screwed.
Many Trojans and Drive-By Downloads currently are initially detected only by like 3-4 out of 40 AV Software suites (and only after the Zero-Day timeframe is over) and it can take many days for updated signatures to propagate, make it into new definitions and get distributed as updates.
In Short :
Having one or two installed Software scanners detect nothing means.... absolutely nothing. Even if they're usually considered good quality products.
Plus, the bad guys know this as well and get pretty smart nowadays. They don't use "old stuff" they know scanners would immediately detect.
The OS and Browser needs to be up-to-date, especially all its plugins (Adobe Reader and Adobe Flash comes to mind, those suck at security) - and as a last resort, a 3rd party Firewall with strict rules concerning unknown applications (including System or Pseudo-System rights .dll's etc.) needs to be installed, so you at least get a last chance (flycatcher/quarterback) warning.
Still, if it's run on a MicroSoft Windows machine, odds are generally against you - big time. Its security is nothing short of a swiss cheese.... LOTS of holes in it and that never changes (and that's not even including the systemic backdoors). MS Windows is okay for gaming and security-irrelevant tasks, anything that needs serious security or serious privacy is better left to Linux/Unix/BSD/Solaris etc. A 2nd Partition that upon keypress boots a secure OS is usually a good idea (btw. that's how many large companies do it with their Laptops, although that usually includes a hardware dongle).
I do wonder if there's a trusted Linux Live CD/DVD focussing on Bitcoin (i.e. having all BitCoin software installed and prepared to store all permanent data on a Flash Drive); that would be neat, just boot off a clean optical media and do your Bitcoin business, when finished restart into the known Operating System off HD. Pretty secure compared to an ageing Windows and generally a hassle-free solution.
PS.
The best protection is not available for purchase and needs to be custom compiled by each user using a classic neuro-chemistry process :
Common Sense V1.0 - the best firewall and protection around.
If your program doesn't check for heuristics and has some form of behavioural analysis of very good quality - you're usually screwed.
Many Trojans and Drive-By Downloads currently are initially detected only by like 3-4 out of 40 AV Software suites (and only after the Zero-Day timeframe is over) and it can take many days for updated signatures to propagate, make it into new definitions and get distributed as updates.
In Short :
Having one or two installed Software scanners detect nothing means.... absolutely nothing. Even if they're usually considered good quality products.
Plus, the bad guys know this as well and get pretty smart nowadays. They don't use "old stuff" they know scanners would immediately detect.
The OS and Browser needs to be up-to-date, especially all its plugins (Adobe Reader and Adobe Flash comes to mind, those suck at security) - and as a last resort, a 3rd party Firewall with strict rules concerning unknown applications (including System or Pseudo-System rights .dll's etc.) needs to be installed, so you at least get a last chance (flycatcher/quarterback) warning.
Still, if it's run on a MicroSoft Windows machine, odds are generally against you - big time. Its security is nothing short of a swiss cheese.... LOTS of holes in it and that never changes (and that's not even including the systemic backdoors). MS Windows is okay for gaming and security-irrelevant tasks, anything that needs serious security or serious privacy is better left to Linux/Unix/BSD/Solaris etc. A 2nd Partition that upon keypress boots a secure OS is usually a good idea (btw. that's how many large companies do it with their Laptops, although that usually includes a hardware dongle).
I do wonder if there's a trusted Linux Live CD/DVD focussing on Bitcoin (i.e. having all BitCoin software installed and prepared to store all permanent data on a Flash Drive); that would be neat, just boot off a clean optical media and do your Bitcoin business, when finished restart into the known Operating System off HD. Pretty secure compared to an ageing Windows and generally a hassle-free solution.
PS.
The best protection is not available for purchase and needs to be custom compiled by each user using a classic neuro-chemistry process :
Common Sense V1.0 - the best firewall and protection around.
Fiat can be scammed as well. people need to learn morale values since young.
Jump to: