I currently keep mine in a blockchain.info wallet as it was recommended to me a while back. I would certainly be interested to hear if there is something more desirable though.
Electrum. I could never recommend storing your bitcoins online, sorry.
Topic: My Wallet got hacked and the hacker paid huge transaction fees to take the money - page 2. (Read 5105 times)
December 15, 2013, 10:26:18 PM
Electrum. I could never recommend storing your bitcoins online, sorry.
December 15, 2013, 07:25:41 PM
*.is is Iceland.
Also it does appear to be a Tor node.
* Dns resolved 79.134.234.200 to masterchief2.tor.leo-unglaub.net
Code:
% Abuse contact for '79.134.224.0 - 79.134.255.255' is '[email protected]'
inetnum: 79.134.224.0 - 79.134.255.255
netname: CH-GLOBAL-20071024
descr: Backbone ehf
remarks: icecell-net
country: IS
org: ORG-GNSA2-RIPE
admin-c: AF15-RIPE
tech-c: AF15-RIPE
tech-c: ME2795-RIPE
status: ALLOCATED PA
mnt-by: RIPE-NCC-HM-MNT
mnt-lower: AF15-MNT
mnt-routes: AF15-MNT
notify: [email protected]
inetnum: 79.134.224.0 - 79.134.255.255
netname: CH-GLOBAL-20071024
descr: Backbone ehf
remarks: icecell-net
country: IS
org: ORG-GNSA2-RIPE
admin-c: AF15-RIPE
tech-c: AF15-RIPE
tech-c: ME2795-RIPE
status: ALLOCATED PA
mnt-by: RIPE-NCC-HM-MNT
mnt-lower: AF15-MNT
mnt-routes: AF15-MNT
notify: [email protected]
Also it does appear to be a Tor node.
* Dns resolved 79.134.234.200 to masterchief2.tor.leo-unglaub.net
December 15, 2013, 07:24:25 PM
If it really is TOR then what is the point? It could be anyone and anywhere. Really sorry but its likely gone forever.
Yeah, I kind of accept that would be the outcome. But I still feel the right thing would be to tell the police about it... even if they do nothing about the stuff :/ December 15, 2013, 07:20:27 PM
If it really is TOR then what is the point? It could be anyone and anywhere. Really sorry but its likely gone forever.
December 15, 2013, 07:18:58 PM
if your funds were stolen from multibit it has nothing to do with multibit.
It means your computer is compromised. Using qt OR blockchain.info
on the same computer will make you lose more money.
It means your computer is compromised. Using qt OR blockchain.info
on the same computer will make you lose more money.
But my computer was not even on.
What if the hacker had access to the wallet backup and the password? It wouldn't need my computer that way, right?
Ok, just one thing. Where do you keep the backups for this? I mean, I could make a linux installation in a USB pen and use it just for keeping the bitcoins. But I'm afraid that if something happened to that USB pen, my BTC would be lost forever that way.
December 15, 2013, 07:16:40 PM
Ok, thank you all for the support.
I already spent most of the day changing the most important passwords I have (email, dropbox, ebay, paypla, etc...).
I had installed Maverics (Mac OSX) about 1 month ago from scratch, but well, I guess it's time to be a bit paranoid so I'll install it again like you suggest.
About the lost bitcoins, perhaps it's a silly question, but do you think it's worth to make a complaint in the police? So far the hacker didn't move them from any of the two addresses where he sent them.
The IP address the hacker used was: 79.134.234.200
I can see this belongs to some guy in Austria, but like I said, I think he's just someone how runs a TOR server.
I already spent most of the day changing the most important passwords I have (email, dropbox, ebay, paypla, etc...).
I had installed Maverics (Mac OSX) about 1 month ago from scratch, but well, I guess it's time to be a bit paranoid so I'll install it again like you suggest.
About the lost bitcoins, perhaps it's a silly question, but do you think it's worth to make a complaint in the police? So far the hacker didn't move them from any of the two addresses where he sent them.
The IP address the hacker used was: 79.134.234.200
I can see this belongs to some guy in Austria, but like I said, I think he's just someone how runs a TOR server.
December 15, 2013, 07:13:04 PM
if your funds were stolen from multibit it has nothing to do with multibit.
It means your computer is compromised. Using qt OR blockchain.info
on the same computer will make you lose more money.
It means your computer is compromised. Using qt OR blockchain.info
on the same computer will make you lose more money.
But my computer was not even on.
What if the hacker had access to the wallet backup and the password? It wouldn't need my computer that way, right?
December 15, 2013, 06:42:48 PM
This is exactly the sort of advice I was expecting and for that I thank you. Once something is compromised then its gone, out of the door, bolted!
Its how you move on from there that is important. I hope you can win!
Its how you move on from there that is important. I hope you can win!
December 15, 2013, 06:40:30 PM
I moved the wallet to Blockchain.info, it's not that I trust my gmail account (and dropbox) is completely safe now but I guess it must be impossible to enter the account after I put up the google key two factor authentication.
blockchain.info is even worse than a desktop client! You computer has been compromized. Moving to blockchain.info won't make things any better.
What you should do is backup essential documents, delete everything on your computer, reinstall the operating system, install anti-malware software like anti-virus apps and scan and restore the backups. Then change your passwords everywhere including your email accounts. As far as bitcoins go you should move all the coins to a new wallet. Make sure you set a password on your new wallet.
December 15, 2013, 05:32:36 PM
and that's the most important point I feel. You have to be paranoid when it comes to anything money related. Not even directly but anything which could affect YOUR money. I am paranoid but I feel totally justified in being so.
December 15, 2013, 05:22:11 PM
if your funds were stolen from multibit it has nothing to do with multibit.
It means your computer is compromised. Using qt OR blockchain.info
on the same computer will make you lose more money.
It means your computer is compromised. Using qt OR blockchain.info
on the same computer will make you lose more money.
But my computer was not even on.
What if the hacker had access to the wallet backup and the password? It wouldn't need my computer that way, right?
December 15, 2013, 05:16:18 PM
When it comes to things I fell I simply cannot lose, I am on suspicion alert 101%. Online backups from other parties are not trustworthy at all, if they have access (which could be a possibility) then there would be a lucrative market selling information. Trust nothing or no-one.
December 15, 2013, 04:21:06 PM
That's so bad 
How could the attacker hack a multibit wallet?
A custom trojan?
How could the attacker hack a multibit wallet?
A custom trojan?
Well, I know the hacker had access to my email (I saw a login using the security questions in the GMAIL logs, it comes from some guy in Austria, but I think he was just running a TOR node).
Now, since the wallet backup was sent by email to another person, I think that's how he got it.
I don't know how he got the password tough... I have some suspicion it has something to do with Dropbox, but I can't find any logs in Dropbox to confirm this.
I moved the wallet to Blockchain.info, it's not that I trust my gmail account (and dropbox) is completely safe now but I guess it must be impossible to enter the account after I put up the google key two factor authentication.
If your computer was compromised, be sure to change your password at blockchain.info from a different machine or be absolutely sure that it is clean now.
December 15, 2013, 04:18:37 PM
I would work on the same principle as with anything related to security. Once compromised, always compromised. Backup the essentials and start afresh, its most likely the only option after any infiltration.
December 15, 2013, 03:57:26 PM
That's so bad
How could the attacker hack a multibit wallet?
A custom trojan?
How could the attacker hack a multibit wallet?
A custom trojan?
Well, I know the hacker had access to my email (I saw a login using the security questions in the GMAIL logs, it comes from some guy in Austria, but I think he was just running a TOR node).
Now, since the wallet backup was sent by email to another person, I think that's how he got it.
I don't know how he got the password tough... I have some suspicion it has something to do with Dropbox, but I can't find any logs in Dropbox to confirm this.
I moved the wallet to Blockchain.info, it's not that I trust my gmail account (and dropbox) is completely safe now but I guess it must be impossible to enter the account after I put up the google key two factor authentication.
December 15, 2013, 03:54:48 PM
You are wrong, Hacker did not paid huge fees.
check this out :
Why would he pay high fee?
check this out :
Why would he pay high fee?
Hi, I know that now, it's just that Multibit gave some 3.4 BTC fees like the screenshot I posted, but that part must have been some mistake.
December 15, 2013, 03:48:48 PM
That's so bad
How could the attacker hack a multibit wallet?
A custom trojan?
How could the attacker hack a multibit wallet?
A custom trojan?
December 15, 2013, 03:18:28 PM
You are wrong, Hacker did not paid huge fees.
check this out :
Why would he pay high fee?
check this out :
Why would he pay high fee?
December 15, 2013, 03:03:43 PM
if your funds were stolen from multibit it has nothing to do with multibit.
It means your computer is compromised. Using qt OR blockchain.info
on the same computer will make you lose more money.
It means your computer is compromised. Using qt OR blockchain.info
on the same computer will make you lose more money.
But my computer was not even on.
What if the hacker had access to the wallet backup and the password? It wouldn't need my computer that way, right?
Nothing has to be running for someone to initiate a transfer of your funds if they have your sensitive information.
December 15, 2013, 02:54:46 PM
if your funds were stolen from multibit it has nothing to do with multibit.
It means your computer is compromised. Using qt OR blockchain.info
on the same computer will make you lose more money.
It means your computer is compromised. Using qt OR blockchain.info
on the same computer will make you lose more money.
But my computer was not even on.
What if the hacker had access to the wallet backup and the password? It wouldn't need my computer that way, right?
Jump to: