ROBBED | Bitcointalksearch.org

caga

full member

Activity: 238

Merit: 100

www.secondstrade.com - 190% return Binary option

Quote from: luciann on December 14, 2014, 11:55:53 PM

6 btc is a fuk ton of money.

i didnt even know people can access the back up copy and just steal the balance.. thank god im on a mac? but still, this same scenario can happen to me as well right.

It certainly can, however windows are more prone to it.
In this case, we don't know what exactly cause the issue. So if the password was crackd some other way, it could happen on a mac as well.

luciann

sr. member

Activity: 252

Merit: 250

6 btc is a fuk ton of money.

i didnt even know people can access the back up copy and just steal the balance.. thank god im on a mac? but still, this same scenario can happen to me as well right.

leonaa

member

Activity: 82

Merit: 10

is there any actual physical wallets out there, that acts like a cold wallet?

contagion

newbie

Activity: 28

Merit: 0

Quote from: leesin on December 13, 2014, 10:26:01 PM

i dont want this happen to me... does anyone know how to setup a cold wallet very easily?

Create a paper wallet on a computer that is not connected to the internet. After creating the paper wallet, employ a software that wipes the hard drive overwriting deleted file sectors with random data, reformat the hard drive of that computer and reinstall the operating system. Don't plug it into the internet or plug in any devices or USB until after you wipe and reformat.

Then spend your BTC to the public address of that paper wallet.

Store multiple copies in multiple secure, secret locations of that printed paper wallet in fireproof and weather proof storage.

No one can get that private key electronically, so no one can steal those BTC electronically. It is up to your preparations to insure the printed private key(s) can't be stolen physically.

leesin

member

Activity: 93

Merit: 10

#feelthebern

i dont want this happen to me... does anyone know how to setup a cold wallet very easily?

freedomno1

legendary

Activity: 1806

Merit: 1090

Learning the troll avoidance button :)

Quote from: vm_mpn on December 12, 2014, 05:31:31 PM

Just out curiosity have you checked if your address has been affected by this http://www.coindesk.com/good-samaritan-blockchain-hacker-returned-255-btc-speaks/ ?

There is reference to address list but it may be incomplete https://bitcointalksearch.org/topic/reused-r-values-again-581411

This was an interesting read though, learned something about Bitcoin that I didn't before
Thanks for sharing and I hope the OP is able to get his bitcoins back also check if it disabled any settings in your virusscanner like a rootkit scanner in malwarebytes as an example.

contagion

newbie

Activity: 28

Merit: 0

Quote from: alani123 on December 13, 2014, 08:56:41 AM

By those terms, a big precentage of bitcoin users are average joes and could be robbed easily...

Who's gonna educate dem average joes? Besides that I don't think real average joes even know what bitcoin is right now.

If the economy-of-scale is sufficient (i.e. 100s of millions of users, not the paltry 1 - 2 million Bitcoin has after 6 years) the necessary hardware will be integrated into the smart phones. Then it will simply work plug-and-play for n00bs.

This is why I (formerly AnonyMint, TheFascistMind, UnunoctiumTesticles, etc) wrote about the adoption rate of Bitcoin slowing and of Monero. Note I clarified why adoption rate slows as large entities aggregate users and capital.

Readers would be wise to click every link above and learn. Sorry this is not boasting. It is fact.

sherbyspark

hero member

Activity: 910

Merit: 1000

Quote from: wadili89 on December 13, 2014, 03:10:24 AM

It may be the thief got the wallet long back and spent the time till now trying to crack the password.

Its scary how a veteran member gets robbed.

I think he mentioned that he had a long tough password. Its usually impossible that it would be cracked by bruteforcing.

alani123

legendary

Activity: 2422

Merit: 1451

Leading Crypto Sports Betting & Casino Platform

Quote from: LiteCoinGuy on December 13, 2014, 07:29:04 AM

Quote from: gogxmagog on December 13, 2014, 02:58:28 AM

I ran Sophos and it detected one item and deleted it. I don't think it was a key logger because I haven't sent any coins in weeks so no password was keyed in recently. It's just very weird that multibit opened up without me clicking it. All I can think is they cracked the pass with some super duper program or there is a flaw in multibit that allows the pass to be bypassed. I've cold storage for my savings, and they're fine, but ~6 btc is a big loss and I really don't understand IT enough to be 100% sure what I'm doing, like Linux or Ubuntu seem kind of daunting. I'm going to get a hardware wallet and I am never leaving more than 0.5 btc in my hot wallet ever again.
This experience has damaged my faith in btc. Not the tech itself, but the actuality of any regular joe ever trusting it. If btc is so easy to steal the banks will never have to worry.

yep, for the average joe we need bulletproof devices. its still a long way to go.

good that you hold your savings in cold storage and only leave pocket change in your hotwallet.

By those terms, a big precentage of bitcoin users are average joes and could be robbed easily. I'm pretty sure OP wasn't even close to being a bitcoin average joe since he was using secure passwords and had seperated his hotwallet from his vault. I don't think that many people follow such safety lines. I'm pretty sure that most of those 40% of the total bitcoins sitting in addresses with less than 10 coins in each don't even follow the basic security rules. I find the fact that he lost faith to bitcoin completely rational. Everyone knows bitcoin is secure as a network, the tools to securely store bitcoins are already out there too and there are convinient ways to use them as well. But we get more stuff like weusecoins promotional material rather than actual educational pieces.

Who's gonna educate dem average joes? Besides that I don't think real average joes even know what bitcoin is right now.

5ick3uffalo

legendary

Activity: 994

Merit: 1000

I am using Malwarebytes Premium and COMODO Firewall and Antivirus plus try to only use trustable software (official qt wallet) and not try browing shady websites. For unknown software I use Sandbox first. For Passwords ENPASS.

Posted From bitcointalk.org Android App

LiteCoinGuy

legendary

Activity: 1148

Merit: 1014

In Satoshi I Trust

Quote from: gogxmagog on December 13, 2014, 02:58:28 AM

I ran Sophos and it detected one item and deleted it. I don't think it was a key logger because I haven't sent any coins in weeks so no password was keyed in recently. It's just very weird that multibit opened up without me clicking it. All I can think is they cracked the pass with some super duper program or there is a flaw in multibit that allows the pass to be bypassed. I've cold storage for my savings, and they're fine, but ~6 btc is a big loss and I really don't understand IT enough to be 100% sure what I'm doing, like Linux or Ubuntu seem kind of daunting. I'm going to get a hardware wallet and I am never leaving more than 0.5 btc in my hot wallet ever again.
This experience has damaged my faith in btc. Not the tech itself, but the actuality of any regular joe ever trusting it. If btc is so easy to steal the banks will never have to worry.

yep, for the average joe we need bulletproof devices. its still a long way to go.

good that you hold your savings in cold storage and only leave pocket change in your hotwallet.

contagion

newbie

Activity: 28

Merit: 0

As these Russian hackers become more and more proficient and more numerous (their economy is collapsing and is owned by oligarchs so they need a vocation like hacking), how does this impact the integration of Bitcoin with sites that normally promise their users repudiation, e.g. Paypal??

Thus I suspect we will see Paypal integrate with a hardware wallet soon?

Quote from: ujka on December 13, 2014, 04:47:08 AM

Quote from: contagion on December 12, 2014, 10:07:25 PM

A solution could be a custom ASIC hardware key, wherein the private key is not accessible; it would interface with your (optionally deterministic hierarchical) wallet via USB but you would be require to press a physical button to release signatures.

Are you describing a Trezor? https://bitcointalksearch.org/topic/eshop-launched-trezor-bitcoin-hardware-wallet-122438

A quick glance and that appears to be what I was suggesting.

Such projects can be crowd financed these days with Kickstarter.

ujka

hero member

Activity: 630

Merit: 500

Quote from: contagion on December 12, 2014, 10:07:25 PM

A solution could be a custom ASIC hardware key, wherein the private key is not accessible; it would interface with your (optionally deterministic hierarchical) wallet via USB but you would be require to press a physical button to release signatures.

Are you describing a Trezor? https://bitcointalksearch.org/topic/eshop-launched-trezor-bitcoin-hardware-wallet-122438

contagion

newbie

Activity: 28

Merit: 0

I would not assume that antivirus can detect all forms of trojans that can intercept when you type your password. Some keyloggers may intercept keys at the system level and be detected, others may be application specific (e.g. if Multibit is an application or runs in the browser, then a trojan that infects the application or browser) and thus variable and not detected.

The only safe option would be hardware isolation, for hardware microcode that can't be reprogrammed dynamically, i.e. an ASIC not a CPU, since these have reprogrammable microcode (even though only Intel and the NSA are supposed to have the ability to reprogram these, a hacker might figure out how).

Quote from: contagion on December 12, 2014, 10:07:25 PM

A solution could be a custom ASIC hardware key, wherein the private key is not accessible; it would interface with your (optionally deterministic hierarchical) wallet via USB but you would be require to press a physical button to release signatures.

...

Is there something like this already available?

Ah good to see the market is already providing hardware wallets.

Quote from: LiteCoinGuy on December 13, 2014, 02:47:54 AM

Quote from: gogxmagog on December 12, 2014, 10:56:18 PM

I'm buying a ledger wallet.

good choice. its the first cheap device for a mass market. we need more of these and they will be developed in the next 1-2 years.

Blazr

hero member

Activity: 882

Merit: 1006

Quote from: gogxmagog on December 12, 2014, 10:56:18 PM

My password was 16 characters, numbers and made up words...

You should obviously change anything else that uses that password and never use it again. Out of curiosity, what was the password? A randomly generated 16char password made up of upper & lower case letters numbers and symbols is around 104bits of entropy which is pretty much impossible to crack, it would definitely cost a hell of a lot more than 6BTC worth of computing power to crack, so I'm curious to see how strong your password really was, if it really is that strong the hacker must have keylogged you when you last entered your password and only just got around to stealing the funds.

Maybe the hacker got a backup of your wallet that wasn't encrypted?

wadili89

legendary

Activity: 1106

Merit: 1000

It may be the thief got the wallet long back and spent the time till now trying to crack the password.

Its scary how a veteran member gets robbed.

Levitron

member

Activity: 63

Merit: 10

What was the virus called? also run malwarebytes

gogxmagog

legendary

Activity: 1456

Merit: 1010

Ad maiora!

I ran Sophos and it detected one item and deleted it. I don't think it was a key logger because I haven't sent any coins in weeks so no password was keyed in recently. It's just very weird that multibit opened up without me clicking it. All I can think is they cracked the pass with some super duper program or there is a flaw in multibit that allows the pass to be bypassed. I've cold storage for my savings, and they're fine, but ~6 btc is a big loss and I really don't understand IT enough to be 100% sure what I'm doing, like Linux or Ubuntu seem kind of daunting. I'm going to get a hardware wallet and I am never leaving more than 0.5 btc in my hot wallet ever again.
This experience has damaged my faith in btc. Not the tech itself, but the actuality of any regular joe ever trusting it. If btc is so easy to steal the banks will never have to worry.

LiteCoinGuy

legendary

Activity: 1148

Merit: 1014

In Satoshi I Trust

Quote from: gogxmagog on December 12, 2014, 10:56:18 PM

Yeah, it's my own damn fault for leaving those coins in the hot wallet. I guess I let my gaurd down.

My password was 16 characters, numbers and made up words... Not sure how they got past that? My btc in cold storage is untouched, I download a lot of music, and occasionally a movie, however I have been visiting viooz which is a bootleg streaming movie sight from Russia... So I dont know about that...

That's great you found the address but I'm not sure where to go with it? The "security issue" with btc sure won't help with the universal acceptance. I just lost almost 3k$ and I'm fairly careful, no expert, but fairly proficient... If I can get robbed than I would say over 80% of the general population is at far greater risk.
I'm buying a ledger wallet.

good choice. its the first cheap device for a mass market. we need more of these and they will be developed in the next 1-2 years.

and buy a good antivirus-programm like Kaspersky Wink

picolo

hero member

Activity: 1022

Merit: 500

Quote from: Blazr on December 12, 2014, 03:22:12 PM

Don't just create a new wallet, you need to reformat and reinstall your OS at the very least. You should also change all your passwords.

Did you install anything new recently, in particular anything cryptocurrency related?

Use an other computer with an antivirus when you want to create a new wallet. Paper wallet are saef to hold bigger amounts of bitcoins.

Topic: ROBBED (Read 3932 times)