Pages:
Author

Topic: Stolen BTCs from paper wallet - page 3. (Read 886 times)

legendary
Activity: 3290
Merit: 16489
Thick-Skinned Gang Leader and Golden Feather 2021
December 20, 2022, 02:59:53 AM
#3
It is (was) a paper wallet I generated in bitaddress.org. I generated it online, in my work. The system is protected by firewall and VPN. Then I printed it in the printer connected in the network.
The network is very safe - I will not tell the name of company for privacy. The printer is connected to the system's network.
You made all the mistakes in the book Shocked
The main reason to use a paper wallet, is to create cold storage. Cold storage, by definition, has never touched the internet. That's the only way to make sure nobody can ever hack it.
By using an online website on an online computer and a network printer, you've added many risk factors.

Online:
Install Electrum on your PC.
Import your address to create a watch-only wallet.
Preview the transaction, Copy the unsigned transaction. Put it on a USB stick.

Offline and running without hard drive storage:
Get a Linux LIVE DVD. Use Knoppix or Tails for instance, or any other distribution that comes with Electrum pre-installed.
Unplug your internet cable. Close the curtains. Reboot your computer and start up from that DVD. Don't enter any wireless connection password. Keep it offline.
Start Electrum. Import your private key.
Copy your unsigned transaction from the USB stick, load it into Electrum.
CHECK the transaction in Electrum. Check the fees, check the amount, check all destination addresses (character by character).
If all is okay, sign the transaction. Copy it back to your USB stick.
Turn off the computer. That wipes the Live LINUX from memory and all traces are gone.

Online:
Use your normal online Electrum to (check again and) broadcast the transaction.
hero member
Activity: 1050
Merit: 681
December 20, 2022, 02:53:44 AM
#2
I will tell the story how I lost 0.4 BTC.
First of all sorry for your loss mate. Thats a really big amount for most of the average working people.
It is (was) a paper wallet I generated in bitaddress.org. I generated it online, in my work
Thats the problem. If you generated it online, you cant say it as a paper wallet. Its an online web-wallet and your keys can be stolen if you have trojen/malware in your pc, as simple as that. Please beware next time, and clean your PC.

Read this: How To Run The Bitaddress.org Tool In A Secure Offline TAILS Temporary Live Boot Session
copper member
Activity: 10
Merit: 12
December 20, 2022, 02:42:59 AM
#1
Hello guys,

I will tell the story how I lost 0.4 BTC. I want to ask you advices.

It is (was) a paper wallet I generated in bitaddress.org. I generated it online, in my work. The system is protected by firewall and VPN. Then I printed it in the printer connected in the network.
The network is very safe - I will not tell the name of company for privacy. The printer is connected to the system's network.
Supposing that there's no one from inside evolved, is it possible to have a malicious intermediate between my computer and bitaddress?
Any other ideas about how that happened?

Another thing is your opinion about one method I'm thinking for generate a paper wallet in bitaddress.org. Everybody tells that the bitaddress' website is safe. Is that so?
The idea is to enter in the website and switch off the internet. The next steps will all be done without any internet:
- generate the wallets
- restore the windows, erasing everything
- take out this HD, connect to my other notebook and format it using the program Eraser, which records random information in the drive
- return the HD to the previous notebook and install Windows again
Only now, turn on the internet.

Any risk in this procedure?

Thank you.
Pages:
Jump to: