Pages:
Author

Topic: SECURITY, Have you been a victim? How safe are your bitcoins? (Read 1735 times)

full member
Activity: 263
Merit: 131
I do agree that Linux is relatively more safer than Windows OS but it's for more tech-savvy people that are not afraid to work with command line. I know that graphical environments for Linux have advanced a lot but still it's not for the average joe to fiddle with settings and modifications every other day to get things to work when with Windows 10 everything is ready right out of the box. And if you are a gamer you will have a hard time trying to run games on that. I think if you are serious with upping your online security you could dual-boot Linux and Windows on the same machine. Windows for your daily work and Linux when you are dealing with sensitive information prone to attack.

You are right but I see the normal windows user running in problems and loosing all data on their first try with any Linux, but again I suggest for windows the portable electrum and for linux you do this:

sudo apt-get install python-qt4 python-pip
and
sudo pip install https://download.electrum.org/2.6.4/Electrum-2.6.4.tar.gz

and have fun with a handy small good working wallet.

I didnt tested the OSX app yet - I dont like 2/3 apple signs on my machines Wink
And no time or need for the android app - but I will test it soon.

Use electrum for the daily fun / needs with smaller amounts.

As Multisginature wallet you even can configure complexe rules, but in a very easy way.
For a club, clan, community, household etc. - shared money etc.
sr. member
Activity: 350
Merit: 251
Shit, did I leave the stove on?
I do agree that Linux is relatively more safer than Windows OS but it's for more tech-savvy people that are not afraid to work with command line. I know that graphical environments for Linux have advanced a lot but still it's not for the average joe to fiddle with settings and modifications every other day to get things to work when with Windows 10 everything is ready right out of the box. And if you are a gamer you will have a hard time trying to run games on that. I think if you are serious with upping your online security you could dual-boot Linux and Windows on the same machine. Windows for your daily work and Linux when you are dealing with sensitive information prone to attack.
full member
Activity: 210
Merit: 100
Thanks God, currently I am full safe , no one has tried to attack me till now, But I am afraiding, as there are a lot of people who are well expert in the field of bitcoin and they got hacked.
hero member
Activity: 672
Merit: 500
With the introduction of 2FA things got a lot better for the average user. We are not there but honestly i feel quite safe that a hacker needs to hack both my mail, account and phone to get to my money.
full member
Activity: 263
Merit: 131
If you are really serious about security, first step is to avoid Windows. It is very, very weak and has a pile of vulnerabilities.

I had people "invading" my Windows OS and planting/modifying shortcuts without my consent. All I had to do was to connect to internet for that to happen.

Now, I use a Linux based operating system where no one can modify a thing as easy. Downloading external programs can be completely avoided if I wanted, on Windows they can be executed as soon as the download has finished (imagine if you authorized the download by accident).

There are no safe or idiot proof tips when you are using Windows. Then I won't waste my time giving you tips.

But if you use a Linux based operating system (Debian, Ubuntu, Mint) then all you should care about probably is:
  1.Avoid downloading programs from external sites, if you do make sure it is from a trusted source.
  2.Do not install countless extensions in your browser (install only what is absolutely necessary and if they're trusted), do not install modified browsers unless you know what you are doing.
  3.Do not install remote desktop client, if you do make sure your password is strong enough and shutdown the server when it is not needed.
  4.Use a decent password for both your root and user account, preferably different. Disable/Uninstall SSH server if it is not needed.
  5.Do not install or run any command someone told you on forum, chat, or whatever unless you are sure those commands are not evil.
  6.Backup your wallet regularly, use a password manager to make accounts with random and strong passwords and backup often and when needed. Do not repeat passwords across sites.
  7.Keep both local and online backups of critical files, make sure your backup is encrypted so only you can access it in case they are stolen. You never know when a natural disaster will occur and wipe your house.
  8.Avoid doing things via smartphone.

By following those simple rules I believe you are pretty safe and can sleep well at night.

I never lost a single penny to outside attacks using a Linux based operating system and by following simple rules above.

Yes. *nix or *nux is best for it.
But not all are in running some debian/ubuntu - even not in a desktop mode!  Cool
(dont use S.U.s.E. - all I have to say about this...)

Anyways.
Run a multi-signature wallet - even the easy Electrum wallet can with the portable version!
You always will need n+1 keys (how much you want) but dont forget - if the rule is 2/3 then you need 2 of those keys or you never can open your own wallet again.

Best would be to use a hardware wallet (cold wallet) with verification on button press or touchpad for the big money.
And use a small wallet for collecting bitcoin (and transfering it to the big wallet) and load up the small wallet (electrum for example) on windows only with what you want to spend.

And maybe try MultiBitHD - I was not fine with it on windows but it has additional security features against some other wallets.
full member
Activity: 152
Merit: 100
If you are really serious about security, first step is to avoid Windows. It is very, very weak and has a pile of vulnerabilities.

I had people "invading" my Windows OS and planting/modifying shortcuts without my consent. All I had to do was to connect to internet for that to happen.

Now, I use a Linux based operating system where no one can modify a thing as easy. Downloading external programs can be completely avoided if I wanted, on Windows they can be executed as soon as the download has finished (imagine if you authorized the download by accident).

There are no safe or idiot proof tips when you are using Windows. Then I won't waste my time giving you tips.

But if you use a Linux based operating system (Debian, Ubuntu, Mint) then all you should care about probably is:
  1.Avoid downloading programs from external sites, if you do make sure it is from a trusted source.
  2.Do not install countless extensions in your browser (install only what is absolutely necessary and if they're trusted), do not install modified browsers unless you know what you are doing.
  3.Do not install remote desktop client, if you do make sure your password is strong enough and shutdown the server when it is not needed.
  4.Use a decent password for both your root and user account, preferably different. Disable/Uninstall SSH server if it is not needed.
  5.Do not install or run any command someone told you on forum, chat, or whatever unless you are sure those commands are not evil.
  6.Backup your wallet regularly, use a password manager to make accounts with random and strong passwords and backup often and when needed. Do not repeat passwords across sites.
  7.Keep both local and online backups of critical files, make sure your backup is encrypted so only you can access it in case they are stolen. You never know when a natural disaster will occur and wipe your house.
  8.Avoid doing things via smartphone.

By following those simple rules I believe you are pretty safe and can sleep well at night.

I never lost a single penny to outside attacks using a Linux based operating system and by following simple rules above.
member
Activity: 112
Merit: 10
So far I have been lucky enough to not become victim of any hack but just being lucky is not it, I take all the security measures to ensure my money remains safe and I think unless one becomes too careless, keeping your coins safe is not that big of a challenge and I am not talking about investing in hardware wallets, even the biggest volume of coins can be kept safe free if one knows how to.

But having said that, if you're running a service of some sort then it is a little different since you would then be dependent on some of your employees who may end up stealing themselves, as most recently happened with shapeshift.

I have another safe option. Use Bread wallet. Keep the private key safe. Now transfer funds to your wallet.
Now uninstall it from iPhone. You're safe for sure.
legendary
Activity: 3430
Merit: 3080
# Update your AV software

The other advice was good, but the above is sort of a myth: well designed operating software doesn't need "anti-virus", the virus thing was just a symptom of the Microsoft software culture i.e. why bother fixing OS vulnerabilities when you can start an "anti-exploit software" industry all of it's own. A load of BS word-salad garbage, designed to fleece the consumer, in other words.
legendary
Activity: 2590
Merit: 3015
Welt Am Draht
Nope. Cold wallets in the main. I keep peanuts on Mycelium and don't particularly care what happens to that. Nothing has so far. I gave up blockchain.info as I couldn't trust my own machines.
hero member
Activity: 826
Merit: 1000
I think of my wallet as just another computer file. So I keep it safe by:

1. keeping the overwhelming majority of my coins offline always. I keep a small amount on my phone for daily spending, an amount less than the value of the phone.

2. I only use Linux for transferring any larger amount or reloading the phone.  Windows is out of the question for me. I use open source tools that I compile myself. It's freekin crazy to just download some bitcoin related software to a winxx computer.

3. Keep the back-up "real world" safe! If you want a copy of my wallet file you can find it in my safe deposit box at the bank.

4. trust no one. Satoshi gave us trustless cash for a reason.
Your practices are really amazing.

But I have simple suggestion who live in village of developing countries :
Use a Desktop wallet,keep it safe from virus and unauthorized access. Keep the private key safe and then no one will ever able to hack it.
legendary
Activity: 3248
Merit: 1070
A friend of mine got hacked a while ago, but he admitted to re-using passwords for different sites. He also used online services for email and those accounts were not protected with 2FA. You will get hacked, if you make the basic mistakes like this.

# Never re-use the same password for multiple sites.
# Use 2FA where available
# Store the majority of your coins offline and hide your private key.
# Buy a Hardware wallet for day to day payments.
# Update your AV software
# Use Virtual machines to test out new services or websites.

I hope these tips will be helpful to anyone reading this, it has worked for me thus far. ^smile^

they should add 2fa to bitcoin client itself, other than the passphrase, some newbie put low effort into making  a good passphrase so for them it would be good to have an additional layer of security
legendary
Activity: 3542
Merit: 1965
Leading Crypto Sports Betting & Casino Platform
A friend of mine got hacked a while ago, but he admitted to re-using passwords for different sites. He also used online services for email and those accounts were not protected with 2FA. You will get hacked, if you make the basic mistakes like this.

# Never re-use the same password for multiple sites.
# Use 2FA where available
# Store the majority of your coins offline and hide your private key.
# Buy a Hardware wallet for day to day payments.
# Update your AV software
# Use Virtual machines to test out new services or websites.

I hope these tips will be helpful to anyone reading this, it has worked for me thus far. ^smile^
full member
Activity: 182
Merit: 100
highly secure I save bitcoin and keep it in wallet blockchain even I'm currently very trouble to try to enter. because I lost my cell phone where I had to use SMS verification. This makes the hacker could not enter also Cheesy

Since you are using a 2FA no one can enter your wallet but you alone this is a great security that blockchain.info have.
hero member
Activity: 518
Merit: 500
highly secure I save bitcoin and keep it in wallet blockchain even I'm currently very trouble to try to enter. because I lost my cell phone where I had to use SMS verification. This makes the hacker could not enter also Cheesy
hero member
Activity: 812
Merit: 1000
So far I have been lucky enough to not become victim of any hack but just being lucky is not it, I take all the security measures to ensure my money remains safe and I think unless one becomes too careless, keeping your coins safe is not that big of a challenge and I am not talking about investing in hardware wallets, even the biggest volume of coins can be kept safe free if one knows how to.

But having said that, if you're running a service of some sort then it is a little different since you would then be dependent on some of your employees who may end up stealing themselves, as most recently happened with shapeshift.
legendary
Activity: 1382
Merit: 1122
When I first got into Bitcoin I looked for wallets on Google Play and found 2 that looked promising. Bitcoin wallet and Blockchain.info. I liked the UI of blockchain.info's app a little more so I used it over Bitcoin wallet (on Android). I bought BTC0.05 off of an exchange and within 24h it was stolen from my wallet. I didn't have any malware on my phone (I have an encrypted BlackBerry) and I hadn't set up 2FA because I was a newbie and didn't know how. I got robbed and went to blockchain.info for answers. I got useless generic information from them saying I must have malware, sorry this happened to you, nothing we can do etc.

Lesson learned. Luckily at the time it was about an $18CAD lesson for me. Never use an online wallet. They're so easily compromisible. I looked at the address that my funds were sent to and the person was constantly getting huge amounts of Bitcoins sent to their wallet, from what I can only assume were other victims.

What I do now is create paper wallets on a fresh OS. I use an Ubuntu Live USB. I'm 99.99999% guaranteed not to have a virus on the fresh OS, then I never import the private key until I need to spend the funds. I would highly recommend you look into paper wallets (cheap, relatively easy-to-use) or hardware wallets (expensive, but more practical for moving large amounts with ease and protection).

I've never used a hardware wallet because I don't have enough Bitcoins to store to make it worthwhile.

I sell Ubuntu Live USBs, if you're looking for an easy way to make very secure paper wallets, check out my thread here.
legendary
Activity: 1073
Merit: 1000
I never got any single satoshi stolen by hacking or security breaches, and I can't say I adopt the most hardcore security practices, I even leave Bitcoin in exchanges and online wallets.

Maybe the fact that I use Linux has something to do with it, also I don't install altcoin stuff
legendary
Activity: 3528
Merit: 7005
Top Crypto Casino
Yeah, I had a breach of my trust.  My trust got hacked by a green-trusted member and I got hit for 0.3 bitcoin.  I'M STILL NOT OVER IT BUT I'M GETTING THERE.

But as far as having my wallet hacked, or my account--no, not yet.  But there are tons of people here who've been victims, and even Mt. Gox and Cryptsy say they're victims of hacking.  That's up for debate but it definitely happens.  People here are going to tell you to make paper wallets and that's probably your safest bet.
legendary
Activity: 1120
Merit: 1000
i have never lost my bitcoin a bit or even my altcoin, to protect my pc i keep my antivirus up to date, installing 2factor auntheticator ,typed the password with screenkeyboard to protect our pass from keylogger, and so on, you must installing 2fauntheticator even though for spendable amount, and for big amount make sure to keep it safe on cold storage
the point is you have ultimate controll over your bitcoin
legendary
Activity: 1246
Merit: 1000
Even if you are a newbie, if you place your coins in cold storage, they are reasonably safe.
I use an electrum offline wallet and have not faced any issues so far.
Pages:
Jump to: