I don't know if you ever figured out how the coins were stolen, but it sounds exactly like what happened to me a few weeks back, I clicked on a phishing link:
https://bitcointalksearch.org/topic/blockchain-wallet-hacked-531047
I foolishly opened a link that was a Google add for Blockchain.info. It was the very top search result, and I never second guessed it, just clicked it and entered my credentials, and went to send coins, clicked the Shared Coins option, and when the page loaded, my coins were gone!
Topic: Stolen bitcoins, help! - page 2. (Read 4566 times)
http://webcache.googleusercontent.com/search?q=cache:yj1iwewfkYgJ:www.hackforums.net/showthread.php%3Ftid%3D3973147%26page%3D18+&cd=27&hl=en&ct=clnk&gl=us
Quote
01-12-2014, 02:44 AM Post: #178
themad2403
Offline
Bazzinga!
******
HF l33t Prestige: 2
Posts: 29
Joined: Dec 2013
Reputation: 11
btc: 13CChHmYHDMCfFpVDjnpEPfsijUUjjcccc
thanks bro
themad2403
Offline
Bazzinga!
******
HF l33t Prestige: 2
Posts: 29
Joined: Dec 2013
Reputation: 11
btc: 13CChHmYHDMCfFpVDjnpEPfsijUUjjcccc
thanks bro
Bazinga has given me a lead and this guy is in Bitcoin too...
Profile: https://www.digitalpoint.com/members/joshie.70773/
His bitcoin knowledge: https://forums.digitalpoint.com/threads/would-you-accept-bitcoin-for-services.2714543/
...may be a wrong shot, but should be explored.
I hope my contribution helped yesterday, bud. Don't want anything in return.
~Bruno Kucinskas
~Bruno Kucinskas
You can try to possibly link IP with the wallet address.
https://bitcointalksearch.org/topic/you-should-assume-your-ip-address-can-be-associated-with-you-gavin-anderson-602774
That's tough. If he wasn't running a full node then only the first nodes that relayed his transactions would have a record of his public IP address. Even that may just be a TOR exit node or VPN egress point.https://bitcointalksearch.org/topic/you-should-assume-your-ip-address-can-be-associated-with-you-gavin-anderson-602774
He may use a web wallet as well. I think, then there is no chance to track his IP. Till now, I think the people on hackforum, who have shipped items to him can provide us the best trace. I think Danny is already over there.
You can try to possibly link IP with the wallet address.
https://bitcointalksearch.org/topic/you-should-assume-your-ip-address-can-be-associated-with-you-gavin-anderson-602774
That's tough. If he wasn't running a full node then only the first nodes that relayed his transactions would have a record of his public IP address. Even that may just be a TOR exit node or VPN egress point. https://bitcointalksearch.org/topic/you-should-assume-your-ip-address-can-be-associated-with-you-gavin-anderson-602774
You can try to possibly link IP with the wallet address.
https://bitcointalksearch.org/topic/you-should-assume-your-ip-address-can-be-associated-with-you-gavin-anderson-602774
https://bitcointalksearch.org/topic/you-should-assume-your-ip-address-can-be-associated-with-you-gavin-anderson-602774
I thought it was Lopez
*awkwardly walks away*
*awkwardly walks away*
I never saw Slater being the bitcoin-stealing type. Zach and Screech, maybe.
Lisa Turtle mined before it was cool, doesn't need to steal.
Lisa Turtle mined before it was cool, doesn't need to steal.
Subpoenas? Waste of time in the short term. There are certain police agencies within each state that have the specific power to issue an administrative demand to turn over the information you need to at least localize this individual and focus local authorities on him. I did this all the time and the information gleaned often led nowhere. But it is possible. (AT&T was a pain in the ass.). This is one of those moments where you have to ask yourself, is the EFF helping or hurting.
However, he is in IT and he is mining for crypto. There are others in that forum who know of him and shipped material items to him. Get them to help and you are in to something. (For the record, the email address is confirmed.).
However, he is in IT and he is mining for crypto. There are others in that forum who know of him and shipped material items to him. Get them to help and you are in to something. (For the record, the email address is confirmed.).
Hi jc01480, thanks for your input.
Could you tell us how the address is confirmed? Did he post it somewhere from his account?
He listed it in the forum he is a member of.
Subpoenas? Waste of time in the short term. There are certain police agencies within each state that have the specific power to issue an administrative demand to turn over the information you need to at least localize this individual and focus local authorities on him. I did this all the time and the information gleaned often led nowhere. But it is possible. (AT&T was a pain in the ass.). This is one of those moments where you have to ask yourself, is the EFF helping or hurting.
However, he is in IT and he is mining for crypto. There are others in that forum who know of him and shipped material items to him. Get them to help and you are in to something. (For the record, the email address is confirmed.).
However, he is in IT and he is mining for crypto. There are others in that forum who know of him and shipped material items to him. Get them to help and you are in to something. (For the record, the email address is confirmed.).
Hi jc01480, thanks for your input.
Could you tell us how the address is confirmed? Did he post it somewhere from his account?
Subpoenas? Waste of time in the short term. There are certain police agencies within each state that have the specific power to issue an administrative demand to turn over the information you need to at least localize this individual and focus local authorities on him. I did this all the time and the information gleaned often led nowhere. But it is possible. (AT&T was a pain in the ass.). This is one of those moments where you have to ask yourself, is the EFF helping or hurting.
However, he is in IT and he is mining for crypto. There are others in that forum who know of him and shipped material items to him. Get them to help and you are in to something. (For the record, the email address is confirmed.).
However, he is in IT and he is mining for crypto. There are others in that forum who know of him and shipped material items to him. Get them to help and you are in to something. (For the record, the email address is confirmed.).
theres a mario perez that is interested in hacking that goes to meetups in guatemala
http://www.meetup.com/HacksHackersGuatemala/members/41823132/
not sure if its the same dude, but name and hobby's are atleast common
and another mario perez interested in hacking.. but from spain
https://soundcloud.com/h4ck3r-2
http://www.meetup.com/HacksHackersGuatemala/members/41823132/
not sure if its the same dude, but name and hobby's are atleast common
and another mario perez interested in hacking.. but from spain
https://soundcloud.com/h4ck3r-2
Sorry if this will sound harsh, but that's not how it should be done.
Circumstantial evidence or baseless hunches are useless.
Let's get disciplined, let's follow only the evidence:
1) Bitcoin Address
2) Bitcoin address linked to user TheMad2403 @HackerForums -confirmed-
3) User TheMad2403 @Hackerforums linked with email [email protected] -confirmed- (http://www.hackforums.net/showthread.php?tid=4028421&pid=38049637#pid38049637)
4) Email [email protected] linked to several phishing sites of Latinamerican banks (all registered with bogus information, I checked them all) -confirmed-
5) (your next lead... Must be linked to any of the previous points)
For now the best course of action is:
1) Get Live.com subpoenaed.
2) Get the registrars subpoenaed.
Considering that this guy doesn't seem to be a newbie in these activities, he probably used stolen credit card data to register those domains, and probably he used proxies to use live.com if that address was used solely for scams.
But who knows, he could had been sloppy.
Something we can be very confident about is that the guy is most definitely a Hispanic, but we can't infer yet his nationality or ancestry.
theres a mario perez that is interested in hacking that goes to meetups in guatemala
http://www.meetup.com/HacksHackersGuatemala/members/41823132/
not sure if its the same dude, but name and hobby's are atleast common
and another mario perez interested in hacking.. but from spain
https://soundcloud.com/h4ck3r-2
http://www.meetup.com/HacksHackersGuatemala/members/41823132/
not sure if its the same dude, but name and hobby's are atleast common
and another mario perez interested in hacking.. but from spain
https://soundcloud.com/h4ck3r-2
People, don't jump into conclusions. Please.
Whoever thinks he got the dox on this guy, think about it twice.
This guy is more elusive than Carmen Sandiego.
This guy is a confirmed wannabe career scammer, and I found at least three different names (aliases) associated with [email protected]
But he is definitely hispanic with some technical knowledge.
This case has to be threaded carefully.
Whoever thinks he got the dox on this guy, think about it twice.
This guy is more elusive than Carmen Sandiego.
This guy is a confirmed wannabe career scammer, and I found at least three different names (aliases) associated with [email protected]
But he is definitely hispanic with some technical knowledge.
This case has to be threaded carefully.
I suspect he's in Souther California. San Bernadino area.
People who dox some randoms here are a bit mad? If someone stole something for real go to police and they can subpoena the details if any.
People, don't jump into conclusions. Please.
Whoever thinks he got the dox on this guy, think about it twice.
This guy is more elusive than Carmen Sandiego.
This guy is a confirmed wannabe career scammer, and I found at least three different names (aliases) associated with [email protected]
But he is definitely hispanic with some technical knowledge.
This case has to be threaded carefully.
Whoever thinks he got the dox on this guy, think about it twice.
This guy is more elusive than Carmen Sandiego.
This guy is a confirmed wannabe career scammer, and I found at least three different names (aliases) associated with [email protected]
But he is definitely hispanic with some technical knowledge.
This case has to be threaded carefully.
legendary
Activity: 1302
Merit: 1008
Core dev leaves me neg feedback #abuse #political
This is sad to hear and shows once again how poor the average person's computer security is. Multisig and hardware wallets are really needed.
Totally agree. The few people that I know personally who own bitcoin are not savvy enough or aware enough to do these things (most of my coins are in cold storage) despite my nagging.
This may also be the result of weak entropy. If someone accidentally generates you your private key, then no multisig or hardware wallet can protect U.
Yes, and working random number generators too.
It's actually amazing: to secure funds held at address 1xxxxx… the only thing that is required is that the big 78-digit number that unlocks the address must be kept a secret. If no one peaks at this number nor guesses it somehow, then your funds are secure. That's it. That is bitcoin security in a nutshell. But as we've seen time and time again, keeping those numbers secret is not as easy as it sounds!
Good way to look at it Peter.
One problem is that we're used to having all
our devices online, where using the number
once exposes it (which is why cold storage
is important)
This is sad to hear and shows once again how poor the average person's computer security is. Multisig and hardware wallets are really needed.
Totally agree. The few people that I know personally who own bitcoin are not savvy enough or aware enough to do these things (most of my coins are in cold storage) despite my nagging.
This may also be the result of weak entropy. If someone accidentally generates you your private key, then no multisig or hardware wallet can protect U.
Yes, and working random number generators too.
It's actually amazing: to secure funds held at address 1xxxxx… the only thing that is required is that the big 78-digit number that unlocks the address must be kept a secret. If no one peaks at this number nor guesses it somehow, then your funds are secure. That's it. That is bitcoin security in a nutshell. But as we've seen time and time again, keeping those numbers secret is not as easy as it sounds!
This is sad to hear and shows once again how poor the average person's computer security is. Multisig and hardware wallets are really needed.
Totally agree. The few people that I know personally who own bitcoin are not savvy enough or aware enough to do these things (most of my coins are in cold storage) despite my nagging.
This may also be the result of weak entropy. If someone accidentally generates you your private key, then no multisig or hardware wallet can protect U.
This is sad to hear and shows once again how poor the average person's computer security is. Multisig and hardware wallets are really needed.
Totally agree. The few people that I know personally who own bitcoin are not savvy enough or aware enough to do these things (most of my coins are in cold storage) despite my nagging.
This is what I'm hoping multisig wallets solve. For example, I picture users downloading wallet software like they do normally (e.g. Multibit) but to send any coins they must also plug in a separate device (like a variation of Bitcoin Trezor) to the USB slot to provide a second signature. It takes two signatures to move any coins, which means an attacker must compromise two separate device and software stacks, one of which may not even have an OS (again, like Trezor).
To me this is the perfect way to have top notch security, on par with cold storage, while maintaining simple convenient usage.
The problem we have now is a single private key provides total access. That's why existing solutions - cold storage, Trezor, Armory - try to isolate those keys. However, even these currently top notch solutions are not without concern. If anything happens to the private keys managed by any of these methods, again, coins can be quickly lost. It's simply moving the risk to another model (albeit safer, usually).
The real solution is to distribute that risk beyond more than one single point of failure. That's what multisig can do.
Jump to: