Author

Topic: [SDC] ShadowCash | Welcome to the UMBRA - page 207. (Read 1289707 times)

hero member
Activity: 812
Merit: 1000
 lawgicc : ur shadow wallet had a 30+char password, yes?
how the hell could he get it without the pass?

ur blockchain.info is a separate issue, yes?

btw u r handling this remarkably well. u have my sympathy.
hero member
Activity: 606
Merit: 500
.....
The only wallet qt I have is the newest SDC wallet.

 Roll Eyes
did you download the wallet from the OP never download from Quotes!!!

Do a check against the versions: checksum

How, example:

https://www.youtube.com/watch?v=C7ZZqnkrj48


checksuming a good idea (tho few will do it).
ive never seen a prog that checked its own cheksum b4 launch. If the app verified it's checksum by comparing to a value stored on the blockchain… then hmm… is this a solution?

nevertheless in lawgic's case the coins have been stolen by some other means.
what do we know?

1) the attacker did not use shadowsend
2) the attacker staked the wallet with the stolen funds
3) the wallet was protected with a 30+char pass
4) the PC was brand new


My Q
How did they know the pass? lawgic: did u ever enter it? was there maybe a keystroke logger that grabbed it?





It fucking beats me. I literally unwrapped this computer yesterday....No idea how a key logger would have got my new PC key logged that quick....My chromebook with linux was encrypted with 2 paraphrases, and my paraphrases are encrypted with pgp 30+ characters long, numbers+letters+symbols.


Never seen these files before?



any idea?

The Shadow-Qt with the shadow logo does nothing when clicked. I use a different folder/exe to open up the qt. Also the file below was added around the time my coins were lifted and someone tried to access my blockchain wallet.

for as long as I can remember, shadow.exe has been the file included in the .zip releases. and the most recent shadow.exe is ~12MB.
sr. member
Activity: 420
Merit: 250
.....
The only wallet qt I have is the newest SDC wallet.

 Roll Eyes
did you download the wallet from the OP never download from Quotes!!!

Do a check against the versions: checksum

How, example:

https://www.youtube.com/watch?v=C7ZZqnkrj48


checksuming a good idea (tho few will do it).
ive never seen a prog that checked its own cheksum b4 launch. If the app verified it's checksum by comparing to a value stored on the blockchain… then hmm… is this a solution?

nevertheless in lawgic's case the coins have been stolen by some other means.
what do we know?

1) the attacker did not use shadowsend
2) the attacker staked the wallet with the stolen funds
3) the attacker made 2 withdrawals (robberies) seperated by several hours
4) the wallet was protected with a 30+char pass
5) the PC was brand new


My Q
How did they know the pass? lawgic: did u ever enter it? was there maybe a keystroke logger that grabbed it?





I think the attempts to log in to the blockchain.info account are a valuable clue.

The attacker never entered the right paraphrase to my Blockchain.info wallet or it wouldve logged it. The only log of the attacker was from the TOR ip that was blocked because of my settings. The keylogger has yet to access any of my other accounts..
full member
Activity: 126
Merit: 100
Moon
.....
The only wallet qt I have is the newest SDC wallet.

 Roll Eyes
did you download the wallet from the OP never download from Quotes!!!

Do a check against the versions: checksum

How, example:

https://www.youtube.com/watch?v=C7ZZqnkrj48


checksuming a good idea (tho few will do it).
ive never seen a prog that checked its own cheksum b4 launch. If the app verified it's checksum by comparing to a value stored on the blockchain… then hmm… is this a solution?

nevertheless in lawgic's case the coins have been stolen by some other means.
what do we know?

1) the attacker did not use shadowsend
2) the attacker staked the wallet with the stolen funds
3) the wallet was protected with a 30+char pass
4) the PC was brand new


My Q
How did they know the pass? lawgic: did u ever enter it? was there maybe a keystroke logger that grabbed it?





It fucking beats me. I literally unwrapped this computer yesterday....No idea how a key logger would have got my new PC key logged that quick....My chromebook with linux was encrypted with 2 paraphrases, and my paraphrases are encrypted with pgp 30+ characters long, numbers+letters+symbols.


Never seen these files before?



any idea?

The Shadow-Qt with the shadow logo does nothing when clicked. I use a different folder/exe to open up the qt. Also the file below was added around the time my coins were lifted and someone tried to access my blockchain wallet.
run malwarebytes or superantispyware someone prob ratted you! or malware scan now! hacker could have binded files n show clean
hero member
Activity: 812
Merit: 1000
.....
The only wallet qt I have is the newest SDC wallet.

 Roll Eyes
did you download the wallet from the OP never download from Quotes!!!

Do a check against the versions: checksum

How, example:

https://www.youtube.com/watch?v=C7ZZqnkrj48


checksuming a good idea (tho few will do it).
ive never seen a prog that checked its own cheksum b4 launch. If the app verified it's checksum by comparing to a value stored on the blockchain… then hmm… is this a solution?

nevertheless in lawgic's case the coins have been stolen by some other means.
what do we know?

1) the attacker did not use shadowsend
2) the attacker staked the wallet with the stolen funds
3) the attacker made 2 withdrawals (robberies) seperated by several hours
4) the wallet was protected with a 30+char pass
5) the PC was brand new


My Q
How did they know the pass? lawgic: did u ever enter it? was there maybe a keystroke logger that grabbed it?





I think the attempts to log in to the blockchain.info account are a valuable clue.

didnt look at those screens close but yes lawgicc appears to have fallen prey to a targeted attack.
my q again however is how did they know his pass for his shadow wallet? he must have entered it (typed it) at some point on his new PC which had a keylogger.

lawgicc: where did u buy ur new PC?
sr. member
Activity: 420
Merit: 250
.....
The only wallet qt I have is the newest SDC wallet.

 Roll Eyes
did you download the wallet from the OP never download from Quotes!!!

Do a check against the versions: checksum

How, example:

https://www.youtube.com/watch?v=C7ZZqnkrj48


checksuming a good idea (tho few will do it).
ive never seen a prog that checked its own cheksum b4 launch. If the app verified it's checksum by comparing to a value stored on the blockchain… then hmm… is this a solution?

nevertheless in lawgic's case the coins have been stolen by some other means.
what do we know?

1) the attacker did not use shadowsend
2) the attacker staked the wallet with the stolen funds
3) the wallet was protected with a 30+char pass
4) the PC was brand new


My Q
How did they know the pass? lawgic: did u ever enter it? was there maybe a keystroke logger that grabbed it?





It fucking beats me. I literally unwrapped this computer yesterday....No idea how a key logger would have got my new PC key logged that quick....My chromebook with linux was encrypted with 2 paraphrases, and my paraphrases are encrypted with pgp 30+ characters long, numbers+letters+symbols.


Never seen these files before?



any idea?

The Shadow-Qt with the shadow logo does nothing when clicked. I use a different folder/exe to open up the qt. Also the file below was added around the time my coins were lifted and someone tried to access my blockchain wallet.
hero member
Activity: 503
Merit: 500
.....
The only wallet qt I have is the newest SDC wallet.

 Roll Eyes
did you download the wallet from the OP never download from Quotes!!!

Do a check against the versions: checksum

How, example:

https://www.youtube.com/watch?v=C7ZZqnkrj48


checksuming a good idea (tho few will do it).
ive never seen a prog that checked its own cheksum b4 launch. If the app verified it's checksum by comparing to a value stored on the blockchain… then hmm… is this a solution?

nevertheless in lawgic's case the coins have been stolen by some other means.
what do we know?

1) the attacker did not use shadowsend
2) the attacker staked the wallet with the stolen funds
3) the attacker made 2 withdrawals (robberies) seperated by several hours
4) the wallet was protected with a 30+char pass
5) the PC was brand new


My Q
How did they know the pass? lawgic: did u ever enter it? was there maybe a keystroke logger that grabbed it?





I think the attempts to log in to the blockchain.info account are a valuable clue.
hero member
Activity: 812
Merit: 1000
.....
The only wallet qt I have is the newest SDC wallet.

 Roll Eyes
did you download the wallet from the OP never download from Quotes!!!

Do a check against the versions: checksum

How, example:

https://www.youtube.com/watch?v=C7ZZqnkrj48


checksuming a good idea (tho few will do it).
ive never seen a prog that checked its own cheksum b4 launch. If the app verified it's checksum by comparing to a value stored on the blockchain… then hmm… is this a solution?

nevertheless in lawgicc's case the coins have been stolen by some other means.
what do we know?

1) the attacker did not use shadowsend
2) the attacker staked the wallet with the stolen funds
3) the attacker made 2 withdrawals (robberies) seperated by several hours
4) the wallet was protected with a 30+char pass
5) the PC was brand new


My Q
How did they know the pass? lawgicc: did u ever enter it? was there maybe a keystroke logger that grabbed it?



sr. member
Activity: 420
Merit: 250
.....
The only wallet qt I have is the newest SDC wallet.

 Roll Eyes
did you download the wallet from the OP never download from Quotes!!!

i first went to the website to download it then that didnt work i kept getting error messages so i downloaded it from the repost from Erok that was a repost of rynomaster....that didnt work so i went to the OP and that verison worked....Then my balance went to 0 once fully synced. Feels awesome.


legendary
Activity: 1456
Merit: 1000
.....
The only wallet qt I have is the newest SDC wallet.

 Roll Eyes
did you download the wallet from the OP never download from Quotes!!!

Do a check against the versions: checksum

How, example:

https://www.youtube.com/watch?v=C7ZZqnkrj48
full member
Activity: 126
Merit: 100
Moon
.....
The only wallet qt I have is the newest SDC wallet.

 Roll Eyes
did you download the wallet from the OP never download from Quotes!!!
sr. member
Activity: 420
Merit: 250
Are you sure you didn't get really high last night before bed, wake up in the middle of the night super paranoid of your new computer having NSA backdoors, create a new wallet on your old pc and send the SDC to it, enable it for staking, take another super fat dab and fall back asleep, waking up with no memory of the middle night paranoia fit?

i love people that try to down others that smoke weed. I can be blunted off an eighth to the dome and function perfectly fine. your lame joke would be somewhat humerous if i didnt just lose 55k sdc. its good though atleast dasource has verified the SDC didnt get sent from my wallets. Why would i make this all up?? For what??? a couple free extra SDC and a pitty party? fuck off yo i dont even want anyones sdc its good

-img-

it wasn't a joke, it was a serious inquiry. stranger things have happened and i certainly have nothing against cannabis.

so either your wallet.dat got lifted from your computer, or someone brute forced your private key.

even if someone lifted my wallet.dat file theyd have to have my paraphrase....which is pretty damn impressive if they cracked that.
 
please elaborate what a brute force of my private key is?

I dont believe it was a keylogger....I tested it myself, with wrong passwords, wrong auth codes, and the only access the attacker did was inbetween the red and blue lines. (This is on my blockchain wallet, same day my SDC coins go missing.)



The only wallet qt I have is the newest SDC wallet.
legendary
Activity: 1190
Merit: 1002
Pecvniate obedivnt omnia.
Are you sure you didn't get really high last night before bed, wake up in the middle of the night super paranoid of your new computer having NSA backdoors, create a new wallet on your old pc and send the SDC to it, enable it for staking, take another super fat dab and fall back asleep, waking up with no memory of the middle night paranoia fit?

i love people that try to down others that smoke weed. I can be blunted off an eighth to the dome and function perfectly fine. your lame joke would be somewhat humerous if i didnt just lose 55k sdc. its good though atleast dasource has verified the SDC didnt get sent from my wallets. Why would i make this all up?? For what??? a couple free extra SDC and a pitty party? fuck off yo i dont even want anyones sdc its good



Sorry you're having this horrible experience. I don't understand how such a thing is possible, it seems very weird! I'm not very tech savvy so I don't get much of the discussion but if you don't find your coins,  even if you don't wanna anyone's SDC I'll happily donate a little something for solidarity.

Should we all fear for our coins? It would be great if someone could identify how these coins got hacked and explain the other how to protect their coins from this to happen.
I think it's time large holders and holders in general start thinking about storing offline on paper wallets etc and deleting everything from there computers until we can come up with something to fix this problem i am in the process, only have a small amount not in cold storage now, how can this be prevented? could shadow build some kind of cryptovault program that held the wallet or wallet.dat etc so this was not possible? i have something like this on my phone to keep apps and photos safe also optional 2FA in the wallet is an idea i have thrown out before, this is a huge problem in crypto that needs to be addressed.

it's not the responsibility of the devs to make sure everyone's coins are safe from malware. pulling coins off of the network would negatively impact the security of the network.
No it's not, and i never said it was, but it would be nice if in the future there were some shadowapps that made things a bit safer for everyone, IMO the fact so many BTC have been flogged in this fashion, has hurt it more then any amount of blackmarket activity, i don't like putting my credit card info on the net, good luck getting the majority of the world to accept crypto when they can be lifted form your computer so easy. will never happen.
legendary
Activity: 1190
Merit: 1002
Pecvniate obedivnt omnia.
Here are some apps i would like to see on sold in the shadowapp store one day
1. shadowvault a program that stores your wallet securely like the many vault programs, but using shadowtech because the ones out there now suck.
2. A shadow version of Authy for optional 2FA in the SDC wallet
If we had these i would store my wallet wallet.dat all in vault with PW and 2FA , then i would have my wallet with another PW and 2FA try breaking into that bitch.
hero member
Activity: 606
Merit: 500
Are you sure you didn't get really high last night before bed, wake up in the middle of the night super paranoid of your new computer having NSA backdoors, create a new wallet on your old pc and send the SDC to it, enable it for staking, take another super fat dab and fall back asleep, waking up with no memory of the middle night paranoia fit?

i love people that try to down others that smoke weed. I can be blunted off an eighth to the dome and function perfectly fine. your lame joke would be somewhat humerous if i didnt just lose 55k sdc. its good though atleast dasource has verified the SDC didnt get sent from my wallets. Why would i make this all up?? For what??? a couple free extra SDC and a pitty party? fuck off yo i dont even want anyones sdc its good



Sorry you're having this horrible experience. I don't understand how such a thing is possible, it seems very weird! I'm not very tech savvy so I don't get much of the discussion but if you don't find your coins,  even if you don't wanna anyone's SDC I'll happily donate a little something for solidarity.

Should we all fear for our coins? It would be great if someone could identify how these coins got hacked and explain the other how to protect their coins from this to happen.
I think it's time large holders and holders in general start thinking about storing offline on paper wallets etc and deleting everything from there computers until we can come up with something to fix this problem i am in the process, only have a small amount not in cold storage now, how can this be prevented? could shadow build some kind of cryptovault program that held the wallet or wallet.dat etc so this was not possible? i have something like this on my phone to keep apps and photos safe also optional 2FA in the wallet is an idea i have thrown out before, this is a huge problem in crypto that needs to be addressed.

it's not the responsibility of the devs to make sure everyone's coins are safe from malware. pulling coins off of the network would negatively impact the security of the network.
hero member
Activity: 821
Merit: 1000
Should we all fear for our coins? It would be great if someone could identify how these coins got hacked and explain the other how to protect their coins from this to happen.

It is the same as any other hack ... you get affected by malware and the rest is history.
The best way to protect yourself if you have a sizable investment (by your own admission) and you wish to stake is to use a separate device. (if you have the know how use multisig).

Part of the development on the ShadowCore over the past month has been to bring the likes of BIP32/39 etc. Hopefully once we have these on the main-net we can get some interest from a hardware vendor to support Shadow Hardware Wallet so everyone can sleep at night better knowing there Shadows are more secure than ever.

Generally speaking the message today post this unfortunate incident is the same as always, be extra careful where, how and what you do on devices where any sums of any crypto is present.
legendary
Activity: 1190
Merit: 1002
Pecvniate obedivnt omnia.
Are you sure you didn't get really high last night before bed, wake up in the middle of the night super paranoid of your new computer having NSA backdoors, create a new wallet on your old pc and send the SDC to it, enable it for staking, take another super fat dab and fall back asleep, waking up with no memory of the middle night paranoia fit?

i love people that try to down others that smoke weed. I can be blunted off an eighth to the dome and function perfectly fine. your lame joke would be somewhat humerous if i didnt just lose 55k sdc. its good though atleast dasource has verified the SDC didnt get sent from my wallets. Why would i make this all up?? For what??? a couple free extra SDC and a pitty party? fuck off yo i dont even want anyones sdc its good



Sorry you're having this horrible experience. I don't understand how such a thing is possible, it seems very weird! I'm not very tech savvy so I don't get much of the discussion but if you don't find your coins,  even if you don't wanna anyone's SDC I'll happily donate a little something for solidarity.

Should we all fear for our coins? It would be great if someone could identify how these coins got hacked and explain the other how to protect their coins from this to happen.
I think it's time large holders and holders in general start thinking about storing offline on paper wallets etc and deleting everything from there computers until we can come up with something to fix this problem i am in the process, only have a small amount not in cold storage now, how can this be prevented? could shadow build some kind of cryptovault program that held the wallet or wallet.dat etc so this was not possible? i have something like this on my phone to keep apps and photos safe also optional 2FA in the wallet is an idea i have thrown out before, this is a huge problem in crypto that needs to be addressed.
hero member
Activity: 606
Merit: 500
Are you sure you didn't get really high last night before bed, wake up in the middle of the night super paranoid of your new computer having NSA backdoors, create a new wallet on your old pc and send the SDC to it, enable it for staking, take another super fat dab and fall back asleep, waking up with no memory of the middle night paranoia fit?

i love people that try to down others that smoke weed. I can be blunted off an eighth to the dome and function perfectly fine. your lame joke would be somewhat humerous if i didnt just lose 55k sdc. its good though atleast dasource has verified the SDC didnt get sent from my wallets. Why would i make this all up?? For what??? a couple free extra SDC and a pitty party? fuck off yo i dont even want anyones sdc its good

-img-

it wasn't a joke, it was a serious inquiry. stranger things have happened and i certainly have nothing against cannabis.

so either your wallet.dat got lifted from your computer, or someone brute forced your private key.
sr. member
Activity: 406
Merit: 250
Are you sure you didn't get really high last night before bed, wake up in the middle of the night super paranoid of your new computer having NSA backdoors, create a new wallet on your old pc and send the SDC to it, enable it for staking, take another super fat dab and fall back asleep, waking up with no memory of the middle night paranoia fit?

i love people that try to down others that smoke weed. I can be blunted off an eighth to the dome and function perfectly fine. your lame joke would be somewhat humerous if i didnt just lose 55k sdc. its good though atleast dasource has verified the SDC didnt get sent from my wallets. Why would i make this all up?? For what??? a couple free extra SDC and a pitty party? fuck off yo i dont even want anyones sdc its good



Sorry you're having this horrible experience. I don't understand how such a thing is possible, it seems very weird! I'm not very tech savvy so I don't get much of the discussion but if you don't find your coins,  even if you don't wanna anyone's SDC I'll happily donate a little something for solidarity.

Should we all fear for our coins? It would be great if someone could identify how these coins got hacked and explain the other how to protect their coins from this to happen.
sr. member
Activity: 420
Merit: 250
Are you sure you didn't get really high last night before bed, wake up in the middle of the night super paranoid of your new computer having NSA backdoors, create a new wallet on your old pc and send the SDC to it, enable it for staking, take another super fat dab and fall back asleep, waking up with no memory of the middle night paranoia fit?

i love people that try to down others that smoke weed. I can be blunted off an eighth to the dome and function perfectly fine. your lame joke would be somewhat humerous if i didnt just lose 55k sdc. its good though atleast dasource has verified the SDC didnt get sent from my wallets. Why would i make this all up?? For what??? a couple free extra SDC and a pitty party? fuck off yo i dont even want anyones sdc its good


Hahaha when i was a butcher i used to get smashed before work everyday never cut my arm off Cool i work better on it.

id smoke a j to the dome of the fire out here in cali before every football game, led the league in rushing yards and received offensive MVP in D1 Mt Hamilton division. So wheatclove, suck my dick.
Jump to: