Author

Topic: OFFICIAL: BTC-e accounts had been hacked (Read 1883 times)

hero member
Activity: 574
Merit: 500
April 20, 2013, 12:53:11 AM
#10
Mine was left alone. My balances never changed.
sr. member
Activity: 258
Merit: 250
You can trust me, I have an avatar
April 20, 2013, 12:49:52 AM
#9
So I have to agree with the premise that this is the user's fault for using Microsoft Windows; however insensitive this may sound to Microsoft Windows users or to Microsoft corporation.

For the record, I use linux and my btc-e account was pwnd around the time of the crash. From what I've been reading, having Java enabled in Firefox is what I suspect the culprit was. Java can be disabled in Tools > Addons > Plugins.
legendary
Activity: 1078
Merit: 1003
April 20, 2013, 12:08:32 AM
#8
Is it secure enough though, or should i use linux as a virtualmachine

Linux on a totally separate computer only used for Bitcoin would be good if you're really worried.  Mac has keyloggers I'm sure, but Windows is out in orbit if we're talking about the security of computers.
newbie
Activity: 32
Merit: 0
April 20, 2013, 12:05:09 AM
#7
Is it secure enough though, or should i use linux as a virtualmachine
legendary
Activity: 1078
Merit: 1003
April 20, 2013, 12:03:53 AM
#6
I have a Mac, mountain lion OSX

How secure is my OS compared to linux?

More secure than Windows.
newbie
Activity: 32
Merit: 0
April 20, 2013, 12:02:44 AM
#5
I have a Mac, mountain lion OSX

How secure is my OS compared to linux?
legendary
Activity: 2282
Merit: 1050
Monero Core Team
April 19, 2013, 07:36:14 PM
#4
They got this right

Quote
Russian

    7) Иcпoльзoвaниe Linux\Unix oпepaциoнныx cиcтeм знaчитeльнo coкpaщaeт вepoятнocть зapaжeния кoмпьютepa злoвpeдным ПO типa RAT\кeйлoгep.

English (Google Translation)

   7) The use of Linux \ Unix operating systems greatly reduces the chance of infecting your computer malicious software such as RAT \ keylogger.


Now I have refused to enter any sensitive financial information, such a accessing online banking or using a credit card online on a Microsoft Windows computer since long before Bitcoin even existed, using GNU/Linux exclusively for this purpose. When I started using Bitcoin I again only use GNU/Linux in any situation where I have to enter a password related to Bitcoin. So I have to agree with the premise that this is the user's fault for using Microsoft Windows; however insensitive this may sound to Microsoft Windows users or to Microsoft corporation.
legendary
Activity: 1862
Merit: 1011
Reverse engineer from time to time
April 19, 2013, 06:33:06 PM
#3
And the guy couldn't type this in English??? Great way to deal with non-Russian customers.
member
Activity: 76
Merit: 10
April 19, 2013, 06:27:31 PM
#2
source:http://translate.google.com/translate?hl=en&sl=auto&tl=en&u=http%3A%2F%2Fpastebin.com%2FQHS2k8dc
source of link above:  https://btc-e.com/news/139
Quote
In connection with the hacking of accounts Exchange recommend that you read the safety precautions that will help you avoid losing money and save your nerves.
Please take instructions very seriously - from malicious actions have been affected so many people. Almost always the fault of theft is the user.
What you need to do to best protect yourself:
1) Tie your account to a unique postal address, preferably with GMAIL two-factor authentication. Keep this a secret e-mail address and be sure to use to bind to a cell phone.
2) Use the unique generated passwords like v6ZexHceab! MEjp5 $. You can store your passwords in a program keepass, while the file is password database stored on a removable storage device that is connected only when necessary.
An example of a good nickname: John8888
An example of a good password: v6ZexHceab! MEjp5 $
An example of a good template: alenka.treidersha1917 @ gmail.com
An example of a bad nickname: Suparc00lBull1995 (in case the same as the user name of your network activity)
An example of a bad password: Bull1995 (contains part of the nickname)
An example of poor template [email protected] (coincides with the nickname, easily guessed)
3) Never use the same password! This is a godsend for vlomschika - often by your nick is very easy to gather all the necessary information from public sources using just google.
Attack scenario: You signed up for a little-known pool, that offers favorable conditions. To register, you will only use your email address and password, which coincides with other services. A couple of weeks pool ceased to exist, and you have strangely disappeared with your money exchange accounts.
Also, do not use common words and phrases - brute force password crackers pick up a dictionary.
4) Be sure to include confirmation of withdrawal of funds via email,
https://btc-e.com/news/131
However, remember that it's not only helps to lose money through bad deal.
For example - to sell all btc for $ 0.07
5) Do not click on links sent by chat and private messages!
Even if you have a strong password, the attacker can proekspluatirovat unpatched vulnerabilities browser \ plugin. In this case, the antivirus will not help - the attacker will use a unique signature malware.
6) For maximum safety, it is recommended to use a separate computer or a virtual machine. This is especially true for large sums of money.
At the rate of 260, even 10 btc are weighty value, while the cost of a single PC \ netbook is less than $ 300.
7) The use of Linux \ Unix operating systems greatly reduces the chance of infecting your computer malicious software such as RAT \ keylogger.
Cool Do not advertise transactions with large sums. This may attract the attention of criminals who are "shepherd" you a few weeks, bit by bit gathering the necessary information. In this case the probability of a successful attack - 80%.
Attack scenario:
You let slip that are operating with 1000 + btc. An attacker conducts a conversation with you, day after day collecting the necessary information for a successful attack. He learns that you are living in Omsk, BU interested in buying cards for mining.
An attacker creates a fake advertisement for the sale and share a link with you (leave at the forum, which you are likely to read). You negotiate a deal, tell your shipping address. Next - a trick. The information gathered is sufficient to seize control of your secondary accounts, manipulating your network circle of contacts and even physical capture of the purse.
The cost of such an attack is not great, and requires little time attacking. Since we are talking about large sums, you should be very careful.
That's all,
take care of yourself and be careful - your safety is in your hands!
John8888
member
Activity: 76
Merit: 10
April 19, 2013, 06:21:52 PM
#1
The statement on BTC-e.com is so far the closest to an official statement that "BTC-e accounts had been hacked".    Although don't hold your breath.

source: http://pastebin.com/QHS2k8dc  , link source :https://btc-e.com/news/139
Quote
Almost always the fault of theft is the user.
Please any, especially reputable, member reading this confirm that this is what stated in the links provided in this post.

source: https://btc-e.com/news/139
Quote
News / Protection against unauthorized withdrawal (UPDATED!!!)

00:00 17.04.13 from admin

Functional confirmation of the withdrawal through the mail. (http://pastebin.com/QHS2k8dc view all !!!
Russian version, use a translator)

To use a functional need to confirm email - https://btc-e.com/profile#edit/home
Activate protection - https://btc-e.com/profile#edit/security
After that, each withdrawal you will come to notice in the mail.
Today will be translated into English.

For complete safety, use different passwords on the stock exchange and mail, as well as recommend the use of e-mail gmail.com with two-factor authentication.

source: http://pastebin.com/QHS2k8dc
Quote
B cвязи c yчacтившимиcя взлoмaми aккayнтoв биpжи peкoмeндyeм oзнaкoмитьcя c мepaми пpeдocтopoжнocти,...

http://pastebin.com/QHS2k8dc
Translated by Google
http://translate.google.com/translate?hl=en&sl=auto&tl=en&u=http%3A%2F%2Fpastebin.com%2FQHS2k8dc
Quote
In connection with the hacking of accounts Exchange recommend that you read the safety precautions,...

tl;dr BTC-e.com publishes guidance on account security "in light of current hacking", although BTC-e.com states that "fault of theft is the user"
Jump to: