Author

Topic: My encrypted private key touched iCloud (Read 146 times)

legendary
Activity: 1568
Merit: 6660
bitcoincleanup.com / bitmixlist.org
November 28, 2023, 07:11:13 AM
#9
I have never heard of someone compromising their iCloud or being hacked, but it's still not advisable to store all your backups on any cloud service because it's always connected online we know everything can be possible online and if you store any private keys or seed phrase to any cloud service considered it as compromised and it's not safe anymore. So like others said to make sure your funds are safe make another offline wallet and move your funds there.

You don't need the password to someone's iCloud to take over it - just having access to a compromised device with the email open or even some trusted person's email is enough to gain access.



OP: You gotta initiate the funds transfer process in an secure environment where you are comfortable that it will not be possible to make a mistake during the operation. The only thing worse than getting hacked is misplacing your own funds.
legendary
Activity: 2170
Merit: 1789
November 27, 2023, 08:53:53 PM
#8
Should I recreate a cold private key or my security was actually not too much compromised ?
Are you familiar with how some people lose their money even though it is stored in a cold wallet, and they claim they never store their private key online or something similar? I think you have a bigger risk compared to them, which for all we know probably make the same mistake as you did and simply forget them.

I remember julerz losing his campaign funds because his 'cold storage' was compromised and he needed to repay quite a huge sum. I don't think you want to experience the same thing, so you just do what others tell you.
legendary
Activity: 3472
Merit: 10611
November 26, 2023, 12:01:24 AM
#7
The question you should ask yourself is whether creating a new cold storage and paying the fee for on-chain transaction(s) to send your coils to this new wallet is worth it compared to not doing anything and taking the risk (even a small one) of losing all your coins in case your wallet got hacked some day.

Sometimes in life the options you have are not favorable but you have to choose one nonetheless. So choose one that is the least bad.
legendary
Activity: 1512
Merit: 4795
Leading Crypto Sports Betting & Casino Platform
legendary
Activity: 3374
Merit: 3095
Playbet.io - Crypto Casino and Sportsbook
November 25, 2023, 08:58:34 AM
#5
I have never heard of someone compromising their iCloud or being hacked, but it's still not advisable to store all your backups on any cloud service because it's always connected online we know everything can be possible online and if you store any private keys or seed phrase to any cloud service considered it as compromised and it's not safe anymore. So like others said to make sure your funds are safe make another offline wallet and move your funds there.
legendary
Activity: 3668
Merit: 6382
Looking for campaign manager? Contact icopress!
November 25, 2023, 06:00:30 AM
#4
What advice could you give me now ? Should I recreate a cold private key or my security was actually not too much compromised ?

I will start with something simple, that should answer your initial questions: "there's no cloud, it's just somebody else's computer" (actually server, but yeah).
As advice, I have the feeling you use electrum connected to the internet anyway, so the actual advice would be: get yourself a hardware wallet before it's too late. And yeah, generate (there too) brand new wallet.
legendary
Activity: 1512
Merit: 4795
Leading Crypto Sports Betting & Casino Platform
November 25, 2023, 05:57:09 AM
#3
If I do not create another wallet on Electrum even if I use a very strong password, that would be what I will always think about. Because the safest is to never let your seed phrase or private key to be stored online. Create a new wallet and send your coins there.
legendary
Activity: 2268
Merit: 18711
November 25, 2023, 05:43:18 AM
#2
The private key is secured by a password.
How strong is this password?

I deleted the file on iCloud just a few minutes later.
Doesn't matter. Nothing is ever really deleted from the cloud. There will be an unknown number of back ups of your data still stored on various servers around the world.

What advice could you give me now ?
You definitely need to create a new cold wallet and transfer your funds to it. If your password is weak, then you need to this immediately.

I am also curious how you accidentally exported and uploaded the private key from what you are calling a cold wallet. A cold wallet should be on an airgapped computer without an internet connection. To accidentally upload it you would have had to export it on your airgapped computer, copy it to a USB, transfer it to a live computer, and then upload it, all without realizing it was the wallet file and not the xpub. It sounds like you are using a hot wallet, not a cold wallet.
jr. member
Activity: 48
Merit: 27
November 25, 2023, 05:38:27 AM
#1
Hello,

I wanted to export my electrum xpub key to iCloud, however I exported the wallet file containing the private key. The private key is secured by a password.
I deleted the file on iCloud just a few minutes later.

What advice could you give me now ? Should I recreate a cold private key or my security was actually not too much compromised ?

Thanks
Jump to: