It turns out that the infection came via teamviewer application for remote control, either 0day exploit or brute force and then the intruder could execute the trojan
Link? I see quite a few apprently legitimate links (I say legitimate because one normally doesn't charge for trojans) where did the bad copy come from? 
Topic: PAY FOR INFORMATION - 600 BTC REWARD FOR IDENTITY OF HACKER - page 4. (Read 8925 times)
is this prove enough?
http://imageshack.us/photo/my-images/29/adressbook.jpg/
Otherwise you can come and see if i really possess the wallet.dat ;-)
I know the chances are very little to see the money again...
It turns out that the infection came via teamviewer application for remote control, either 0day exploit or brute force and then the intruder could execute the trojan
http://imageshack.us/photo/my-images/29/adressbook.jpg/
Otherwise you can come and see if i really possess the wallet.dat ;-)
I know the chances are very little to see the money again...
It turns out that the infection came via teamviewer application for remote control, either 0day exploit or brute force and then the intruder could execute the trojan
In case you're not aware of it, you can prove ownership of any address by signing a message with the corresponding private key. You can use brainwallet.org to do this. You can also use the bitcoind's signmessage command.
is this prove enough?
http://imageshack.us/photo/my-images/29/adressbook.jpg/
Otherwise you can come and see if i really possess the wallet.dat ;-)
I know the chances are very little to see the money again...
It turns out that the infection came via teamviewer application for remote control, either 0day exploit or brute force and then the intruder could execute the trojan
http://imageshack.us/photo/my-images/29/adressbook.jpg/
Otherwise you can come and see if i really possess the wallet.dat ;-)
I know the chances are very little to see the money again...
It turns out that the infection came via teamviewer application for remote control, either 0day exploit or brute force and then the intruder could execute the trojan
Yes i could prove this, i have a backup copy of the wallet.dat and everything is connected to me (my identity) via mtgox
Please, prove it.
Yes i could prove this, i have a backup copy of the wallet.dat and everything is connected to me (my identity) via mtgox
Dear all,
stupid as i am i allowed some hacker to somehow install a trojan horse on my pc where i stored some of my bitcoins. (around 2600), With keylogger he got all my passwords and, of course stole my local wallet file (encryption did not help)
The hacker sent the bitcoins to the address: 1Q3KFL7Z1BTpUboDaU6Qj3t9xCXWpzNntS
stupid as i am i allowed some hacker to somehow install a trojan horse on my pc where i stored some of my bitcoins. (around 2600), With keylogger he got all my passwords and, of course stole my local wallet file (encryption did not help)
The hacker sent the bitcoins to the address: 1Q3KFL7Z1BTpUboDaU6Qj3t9xCXWpzNntS
http://blockchain.info/tx/8d6602b0e8e4479d79e5dab0c35bdb4f7545513cb426411348ec1502413a8f80
Could you prove that you control at least one of the original addresses?
Don't follow the blockchain as it becomes useless if the mixing service is used. The luser should need someone who takes a look at the infected computer and server from what infection happened. Think different!
Here is where a new feature might just come in handy.. On the taint analysis the address of bitcointalk user nyana is tagged.
http://blockchain.info/address/18V845FZ8UnQNCDiSH1fE1xu6T4HHbJCUu
You could try PMing that user and seeing if they know anything about the address in question. It's a long shot but you never know.
http://blockchain.info/address/18V845FZ8UnQNCDiSH1fE1xu6T4HHbJCUu
You could try PMing that user and seeing if they know anything about the address in question. It's a long shot but you never know.
Remember what software you run before being hacked. Also I have read in some forum members signature "Don't deal with Anna Volkova she will scam you" or something similar. I just cannot find the forum members profile but he probably knows much more including some contact details.
Meanwhile take a read about solution for lost coins here https://encyclopediadramatica.se/An_hero because you will not see them again. Trollolol
Meanwhile take a read about solution for lost coins here https://encyclopediadramatica.se/An_hero because you will not see them again. Trollolol
If the thief isn't careful there might be some possibility that he will create a transaction that will move some of those coins he now owns (or give a receiving address associated with the stolen coins) to someone who can identify him , and with a huge amount of luck that person could end up being an honest person who is aware of the theft from this discussion. This is highly unlikely, but from a blockchain standpoint there really aren't any better options.
Looking at the blockchain today, I can confirm at this point in time the thief seems to own the following addresses:
1Q3KFL7Z1BTpUboDaU6Qj3t9xCXWpzNntS
1PJHvJWKLH9qwaRKeyVS2rC5gfZMr344LB, 1BuXv589E9pqYrLfcMiUPnurgBZZS6sL12, 1EPwBwuxyfyQF9kwkwDLoqYw2vcxFCDSYa, 1MGpi8ChSTbDRTA7h3gHh89UGirvsXMCZ1, 1CoTHatdK7hEsZJvymuCNf7eQoApMCuJxo, 126ZVBxjad3BtATBXeeq3uZPcKn24zr4gf, 1MmzRFGAg8HdDHnDJTKo1cKNsgxxiMYUtP, 15QUs9EGw283oisjzSF8XP28Kg4FVugveE, 14PnHT4YonpSzccX9GBpmkh4ohs8dDYDaN, 1BmSgffyC6WAJBBSJbXXodcvcw4cQsthW5
In addition the thief has received from or sent to the following addresses (many of which the thief may also own, but I am not able to confirm this yet). If anyone happens to own any of these addresses (or know who does), then there is a good chance that they know who the thief is (or they also were stolen from):
1129ApiFKympPgHnzNnW8VNaDAYwgTEtMG, 126RfCopCdAS4qoZjTQPaufnvkDCmtsiwp, 12J8nM48ZNZMBaxFRBcyMbHhNkiPKCzQaY, 12Lt8DgTSwbDfQ5EKDkdoiX5czsJfSQcrK, 12r5PLeSPCcTFE78o1SbgaqUXoiY9LfWMV, 1322uvUdCME77yt8tQfkUAGpRtmRXf4EQp, 139TaFcXGJVuTDbR3TfpiGfiegt4jAFpiY, 13ja4sRDMG1uyAwxeAtV52dU4mtk8cHW73, 13XgASZP7N6pTMeyS5Sq8JeuCAkNzefnT7, 142qkA5L4sy1suDJRWfm6njmg3NPneqXmk, 14FSCmXntye2Hm9FGXnbBXiGiziKD41Zzb, 14KThQGAxVcqFLWF5QvESWPWoRqQ5L6i5z, 14oByZkGE9TxPMTeYZYzeNakJuSk7xWXa2, 1513U6VjSwhr3ZAAN3MnDnFHmcXY1HPWdF, 15bGw4QDZNqPPqFqV2kq3oAZB5r5dvUaER, 15GyGHvCUoG1KTPtycoVcqATGu4Ex4DVXo, 15kBvBLejU14VroJgdr863i1FqT6QkWB7U, 15UjaZJxjWdgB8jC6KivuuhbhbxoLuWwDm, 15yk8fiyuAXDTqGL8ekPCsNN7vX6dV6ALf, 163ZekxCzX7RKU49DUc4mda5knqNc3NF3z, 168NqBEoGjWbUwxhKXeCiALiGU8suxW1Ue, 16DnRquyKbsrGAPbp1Z8GxNctLia9t12Ee, 16mMWkKrERWVzAGWbnCxMFoAF9ghTB67MM, 17CLN16PvCdgTYzWKyuc3FjSu1nhGFtFEf, 17KJ3M8vBMNp7vBwwsGp33QN81jNXPa5u, 17m9n5uFTwK1Nfg9Py9STfGg3BNDvVwGyk, 17Vk6E3mNzfyTmZKpRWquKZGR51T7HEXiu, 18drKV9xUJNgKwWPQdpKYUspkKiHsob8xK, 18r9qqqMMtrx1i1xaH624uSFoRkQGqPK7x, 18vWaDD9djRFuZF672PfSzgN19Duvcivsj, 198hk8Qk8v7y2tRaxpE1iJU9fVkX6Tb7ph, 199Y5zwijtZbB6hE77MQxgG7vmDuD4Jv7Y, 19SQ9iFCGyKWeoxDktrVNczWkH6cQ3kmpV, 1A7SukLsFZDNezR2BX4LhJo73HJdBkH6Ua, 1AbY3D7VFRemePM2NgUTquQmAjXLKPg7XH, 1AFs9GrQyPQpN5W73RzizcEap1CQ7whPZT, 1Ah5hZVevKbDcFLJiwxUTJs2BaySe9S1sV, 1ApkrEjJ5ByihAQZrJxqeau5P19HF8wPSw, 1BDWwDLNAUwAiaqJHvNmMKUNo1U4gbiRHA, 1Bn7XjuwZqScjgT7eytm8mpU8PEpCxXdMN, 1Byx2Wt8phzcuHf5XDZwoFqQq5nErxqrt, 1Cig4FxUY59xVJYeUaF8YtEyfbxDsfVkYm, 1CLVnMWEwzuGVcQ6L2WBoUJQFj3B9XeVmx, 1CMpywEPKTBBsWxccWkTk5tzizteyRG1WZ, 1Dm9XuD28BGYDxi5Rxt38S66ehRSZ2ajtV, 1EcFFZ7eykZQjw6LnDKiXg8NfjSUvqHKZE, 1EedaVtSyVrmkbbAx7iJQpUfFr5beeNHbY, 1Ff3XukPtmVtk9JFr8JVyRZ7rWKoKEY5TV, 1EgQM7unQm59oPm4F87ZRD6JwX4a9WGdTz, 1FbaMihMDCANJ6Xgxc7BgNroKXF1yrEho9, 1FbASjLhfbmF5eKJKzK3Cb55rCN1REuXSY, 1FRb654gcqj38rx9UadziGjLEs1fMSeFjD, 1FuzUfqkWrNaac3j6c8CiWmjCjRMiWjjFZ, 1FyVmocPa9wWwY5WjKtzHwrU8r1NkFE8h9, 1FzVCGK5n9tmj6hPFFffWnC8mjnWZL7bCn, 1FZVJD95CaDAheHCP6R9PiA2Jb4ojVhBSx, 1GjrbSXP1mYCoZbUnGjp5JGvPH4cNK8epK, 1H9QXBc3a4qkRgsLdD1BVoaVKm9UP5PWfa, 1HJ2U8ckG24UADWF1M6DEfnuUmMgcsURot, 1HV2sYHjAZEueYe5fF14CBEwQJ9Fawnaqo, 1Jo3M8W6F9ACiLRaAiZs3LMSZfnniCStPz, 1JoTxrqZAhWXTDFPoChKFk7hqDfmkC6tUG, 1JuTf9JFpV4wDYLSCKQZHF4hBX6edxr4R6, 1KGxAeHHALMnJPzGbSb6A6BxRLyrmhmgkQ, 1KNpeXAxx4qLctNv2XKVVCPoMPt2BmbH6o, 1KPy4EJFV8ZRgMDoZQ9usZKRrdq1eKGgeK, 1KXNoekZ8VjZrkrchr6UUVPbBfyGsXcQcr, 1LEJa3uDvwpZJTH7ygbV6Fjskfc3AZ7ns9, 1Lgq3bdysYJYBAJrvjKCXWgiP3kC7tgusE, 1LNqumVxZLpMmk2YAZv94dcoZgyG5FnN3J, 1LUAZUR3zFBaf3kxmpmD18gXCU68tQnTnK, 1MmzRFGAg8HdDHnDJTKo1cKNsgxxiMYUtP, 1MUDnDKYbkMqZjDapcb69dct83xxwXkNp1, 1MZWEMTQAb1PPnNi2rFYLMakxHuGAkVK73, 1N2BPjxdD46AxYiWSLSvx1THG9xhzHNC2c, 1NePkjQCHgJ4u94qgS2WjQMqivTYrk2ZGA, 1NomJEEBXuUU2ioaqNdkYYY7PKqdwd3sUx, 1NTAA7itEJ9R8zgqCobi4JqJ4eC4ZtAr7c, 1P8edr8cDnnRxtU745V9w9am9DQbf287Cw, 1P9ZJaeAG6vY6XH29P1orTRk1JKm7TEaqf, 1Pkio2icGqKkghPHYREinMFFcuDN14s8A8, 1Pu6uF7A2DfuAsaxM637j3H1wtFKAGB2BV, 1q543G6muPvXJ6bXETJL3S7tuAthMtDkM, 1QAgtMUhna8dgM4HuhAuvtwSxXFMLMjgxq, 1y2PkvvtkkkV4uVZuePVuXmMUYHBWr4Zn
That being said, if a forensic team gains access to your hard drive their is probably a better chance of them finding useful information to track down the thief than the chance that the thief will engage in a transaction using one of these addresses with an honest person who happens to see this discussion. (Both possibilities are so unlikely that you probably need to consider the coins gone). I hope you get lucky though.
IP: 178.177.115.229
Here you have the contact information for the IP Address
https://apps.db.ripe.net/search/query.html?searchtext=178.177.115.229#resultsAnchor
But as they mention before, it may be a Tor Exit node or another victim.
Another one bites the dust. This is why we need protocol modifications enhancing user security such as those I describe here:
https://bitcointalksearch.org/topic/m.1319612
How many $10,000s plus casualties will it take before people see reason?
Your paper wallets are all well and good, but highly inconvenient. Security does not need to be inconvenient.
https://bitcointalksearch.org/topic/m.1319612
How many $10,000s plus casualties will it take before people see reason?
Your paper wallets are all well and good, but highly inconvenient. Security does not need to be inconvenient.
Everyone who has a stash of bitcoins this big:
You can avoid this problem in ONE EASY STEP by sending your bitcoins to paper wallets. If you have bitcoins in a "hotwallet" (any wallet that is online), you should move them to a cold paper wallet today.
1. Go to BitAddress.org
2. Print yourself a dozen paper wallets
3. Send your bitcoins to the PRINTED addresses (not the ones on your screen). Best if you divide them into 10-12 equal parts so you never have to put them all back online at once unless you intend to spend them all at once.
4. Put the paper somewhere safe.
REDEMPTION is easy. Just create a temporary wallet at BlockChain.info. Import the paper wallets via their private keys. You can spend your coins immediately without having to wait for confirmation.
Skeptical? Try it out with 0.01 BTC.
You can avoid this problem in ONE EASY STEP by sending your bitcoins to paper wallets. If you have bitcoins in a "hotwallet" (any wallet that is online), you should move them to a cold paper wallet today.
1. Go to BitAddress.org
2. Print yourself a dozen paper wallets
3. Send your bitcoins to the PRINTED addresses (not the ones on your screen). Best if you divide them into 10-12 equal parts so you never have to put them all back online at once unless you intend to spend them all at once.
4. Put the paper somewhere safe.
REDEMPTION is easy. Just create a temporary wallet at BlockChain.info. Import the paper wallets via their private keys. You can spend your coins immediately without having to wait for confirmation.
Skeptical? Try it out with 0.01 BTC.
Good luck 
You will never get the coins back. Bitcoins is irreversible. This was a one time bang operation most likely that took place all the way in russia, I highly doubt the IP you have is even useful. Sorry man.
Dear all,
stupid as i am i allowed some hacker to somehow install a trojan horse on my pc where i stored some of my bitcoins. (around 2600), With keylogger he got all my passwords and, of course stole my local wallet file (encryption did not help)
The hacker sent the bitcoins to the address: 1Q3KFL7Z1BTpUboDaU6Qj3t9xCXWpzNntS
http://blockchain.info/address/1Q3KFL7Z1BTpUboDaU6Qj3t9xCXWpzNntS
Of course i will have the police investigate, but they do not even know what bitcoin is.....
Maybe some of you are expert enough to track the bitcoins so the hacker can loose anonymity by selling them on some platform or similar.
At the same time of course he also stole 200 from my mt gox account, for that the hacker used the email address [email protected] and the transaction data was Transaction reference:
f5e5acd4-50a6-4de5-9061-1c0e3964eafe
Date: 2012-11-16 03:30:13 GMT
IP: 178.177.115.229
If you have a hint that discovers the identity of this person so i can get the bitcions back, i offer a reward of 600 BTC or bitcoin equivalent.
Thanks
stupid as i am i allowed some hacker to somehow install a trojan horse on my pc where i stored some of my bitcoins. (around 2600), With keylogger he got all my passwords and, of course stole my local wallet file (encryption did not help)
The hacker sent the bitcoins to the address: 1Q3KFL7Z1BTpUboDaU6Qj3t9xCXWpzNntS
http://blockchain.info/address/1Q3KFL7Z1BTpUboDaU6Qj3t9xCXWpzNntS
Of course i will have the police investigate, but they do not even know what bitcoin is.....
Maybe some of you are expert enough to track the bitcoins so the hacker can loose anonymity by selling them on some platform or similar.
At the same time of course he also stole 200 from my mt gox account, for that the hacker used the email address [email protected] and the transaction data was Transaction reference:
f5e5acd4-50a6-4de5-9061-1c0e3964eafe
Date: 2012-11-16 03:30:13 GMT
IP: 178.177.115.229
If you have a hint that discovers the identity of this person so i can get the bitcions back, i offer a reward of 600 BTC or bitcoin equivalent.
Thanks
Jump to: