They have stolen bitcoins from my official Bitcoin wallet

ranochigo

legendary

Activity: 3038

Merit: 4418

Crypto Swap Exchange

Quote from: ed_war_d on December 08, 2015, 02:58:22 AM

In this case nobody can be sure his bitcoins are safe.
Cool wallet on the paper is a good thing, but...
You make new wallet and write it on paper and put 1 btc into. After 1 year you will need put another 1 btc there, but you will not shure has your wallet the 1st 1 btc or not for some reason.
You'll need to synchronize core to be sure the your wallet has the 1st 1 btc.
If you are not sure it is a not very good idea to put your other 1 btc

The best way is to ensure that it is safe is probably to generate it offline and make multiple copies of it. When you spend it, send the change to another newly generated address from the offline computer.

You don't need to use Bitcoin Core to make a cold wallet. Electrum with a raspberry pi would be sufficient. Put the transaction info into the USB drive, go to your offline raspberry pi to sign it and broadcast it on your online computer. All activities on your Bitcoin address can be tracked easily using a block explorer. All the activities are recorded there and it is easy to check the balance with only your address.

BitcoinNewsMagazine

legendary

Activity: 1806

Merit: 1164

The only secure way to use Bitcoin Core is with Armory in cold storage mode. Needs two computers though. If your private keys are not permanently offline you are ripe to be a victim of malware sooner or later. Get a Ledger hardware wallet for $20.

Was

member

Activity: 75

Merit: 14

We are Satoshi.

Microsoft stole them

btcxyzzz

legendary

Activity: 888

Merit: 1000

Monero - secure, private and untraceable currency.

Quote from: ed_war_d on December 07, 2015, 02:24:11 AM

I installed Windows 10 in October.

God fined you for using that crap. Wink

rebuilder

legendary

Activity: 1615

Merit: 1000

Quote from: ed_war_d on December 08, 2015, 02:58:22 AM

In this case nobody can be sure his bitcoins are safe.
Cool wallet on the paper is a good thing, but...
You make new wallet and write it on paper and put 1 btc into. After 1 year you will need put another 1 btc there, but you will not shure has your wallet the 1st 1 btc or not for some reason.
You'll need to synchronize core to be sure the your wallet has the 1st 1 btc.
If you are not sure it is a not very good idea to put your other 1 btc

It's a good practice to note down the address (Not the private key!) your long-term storage coins are held at. That way, you can check the BTC is still there on blockchain.info or any other block explorer site with no risk of compromising your private keys.

The real issue is making sure your private keys stay safe in the first place. For sums like you unfortunately lost, you need to be quite careful. Using a freshly created linux USB to create your wallet, and generating the keys offline, writing them on paper and then wiping the USB boot disk should be a pretty good solution. If you want to run a Bitcoin client and intend to ever send BTC to a wallet on that client, you should have a computer completely set aside for that purpose, in a safe space. Do not run a bitcoin client on your day-to-day computer. I wouldn't trust anything other than a fresh install of an OS to run a client on. Preferably a fresh computer as well, if you're feeling paranoid enough about rootkits etc.

Sorry for your loss. I wish we could help, but it's probably all gone now. If you still have BTC elsewhere, make sure to secure them very well.

ed_war_d

newbie

Activity: 37

Merit: 0

Quote from: rebuilder on December 07, 2015, 06:19:32 PM

Quote from: ed_war_d on December 07, 2015, 05:11:54 AM

I had the 1st wallet. Then when the sum of bitcoins was pretty big I've made the new one (about 3 years ago). I've transfered the bitcoins to the new wallet 1 time and keep them there. For the new bitcoins I've used the new wallet.

Just to be clear:

The new wallet is the one that has this address in it:
https://blockchain.info/address/15ESHhWuNfqMEQPXWexGb9kK1J53brWksL
correct?

And you created this wallet 3 years ago. You did not transfer anything to this new wallet until November 4th, 2014. Correct?

If that's the case, it seems your keys have been compromised some time over the last 3 years, and the thief likely just waited for something to be transferred to an address controlled by those keys. This would, to me, suggest an automated system to check a number of compromised keys for new BTC, which in turn would suggest a relatively widespread virus of some sort being how your keys got stolen.

In this case nobody can be sure his bitcoins are safe.
Cool wallet on the paper is a good thing, but...
You make new wallet and write it on paper and put 1 btc into. After 1 year you will need put another 1 btc there, but you will not shure has your wallet the 1st 1 btc or not for some reason.
You'll need to synchronize core to be sure the your wallet has the 1st 1 btc.
If you are not sure it is a not very good idea to put your other 1 btc

rebuilder

legendary

Activity: 1615

Merit: 1000

Quote from: ed_war_d on December 07, 2015, 05:11:54 AM

I had the 1st wallet. Then when the sum of bitcoins was pretty big I've made the new one (about 3 years ago). I've transfered the bitcoins to the new wallet 1 time and keep them there. For the new bitcoins I've used the new wallet.

Just to be clear:

The new wallet is the one that has this address in it:
https://blockchain.info/address/15ESHhWuNfqMEQPXWexGb9kK1J53brWksL
correct?

And you created this wallet 3 years ago. You did not transfer anything to this new wallet until November 4th, 2014. Correct?

If that's the case, it seems your keys have been compromised some time over the last 3 years, and the thief likely just waited for something to be transferred to an address controlled by those keys. This would, to me, suggest an automated system to check a number of compromised keys for new BTC, which in turn would suggest a relatively widespread virus of some sort being how your keys got stolen.

Hannu

hero member

Activity: 1063

Merit: 502

RIP: S5, A faithful device long time

Quote from: RodeoX on December 07, 2015, 01:46:13 PM

Quote from: cr1776 on December 07, 2015, 01:42:15 PM

I think it was this in the first message:

https://blockchain.info/address/15ESHhWuNfqMEQPXWexGb9kK1J53brWksL

Oh thanks, I see it now. Not that knowing the this is going to be enough.

Oh no, that is lot of money RUR/USD. Ruble even more value then Dollars Undecided

cr1776

legendary

Activity: 4228

Merit: 1313

Quote from: RodeoX on December 07, 2015, 01:46:13 PM

Quote from: cr1776 on December 07, 2015, 01:42:15 PM

I think it was this in the first message:

https://blockchain.info/address/15ESHhWuNfqMEQPXWexGb9kK1J53brWksL

Oh thanks, I see it now. Not that knowing the this is going to be enough.

Agreed. Somehow, someone got the private keys and took control of them. Hard to get them back.

RodeoX

legendary

Activity: 3066

Merit: 1147

The revolution will be monetized!

Quote from: cr1776 on December 07, 2015, 01:42:15 PM

I think it was this in the first message:

https://blockchain.info/address/15ESHhWuNfqMEQPXWexGb9kK1J53brWksL

Oh thanks, I see it now. Not that knowing the this is going to be enough.

cr1776

legendary

Activity: 4228

Merit: 1313

Quote from: RodeoX on December 07, 2015, 12:47:02 PM

Quote from: ed_war_d on December 07, 2015, 10:20:27 AM

Quote from: RodeoX on December 07, 2015, 09:55:17 AM

With Bitcoin you are the boss! That not only means you are in charge, but that you must work. Bitcoin security is no better than your security. If used correctly it is miles above the bank's security system. However if you do not protect your private key then no other methods matter.

I don't know how this happened to you, but someone must have gotten that key. Consider who else has access to your computer. Think about where you store your private key. This breach may not involve malware at all. Also, Think about a more secure OS like Linux.

Sorry to hear about your loss.

Look at the picture from my 2nd wallet:
http://tinypic.com/r/ddsw0/9
There is no address in transaction. The label "нeдocтyпнo" means "no acsess"
It seems it's pretty strange

No information about the transaction? That is strange. You did a lot of things right, using the long password with no words. That rules out guessing your password. You are using good anti-malware. That makes malware a little less likely.
If you wrote the password in a document or on a slip of paper you may want to check the security on that document. It may also be worth asking yourself "who else knows I have bitcoins and has access to this computer"?
What a bummer. Can blockchain.info give you a Tx ID? That may give some more information.

I think it was this in the first message:

https://blockchain.info/address/15ESHhWuNfqMEQPXWexGb9kK1J53brWksL

Hannu

hero member

Activity: 1063

Merit: 502

RIP: S5, A faithful device long time

Quote from: ed_war_d on December 07, 2015, 02:24:11 AM

They have stolen bitcoins from my official Bitcoin wallet.
Wallet had the password (about 30 characters)
Last time I've entered the password at least 6 months ago.
I installed Windows 10 in October.
Kaspersky Internet Security says no viruses.
https://blockchain.info/address/15ESHhWuNfqMEQPXWexGb9kK1J53brWksL
What do you think thinks about this? The system is so full of holes?

(Russian version is here:
https://bitcointalksearch.org/topic/1072-1278586 )

Do not use windows 10... We have been problems example in working place with windows 10 Lips sealed

-Normal use like infra etc
If you must use windows 10, install all updates what it offers to install. Lips sealed

I tried to use bitcoin core win10, i went to workplace to home Hybrid Kernel has been collapsed totally and file system!

First aid to computer: https://www.f-secure.com/fi_FI/web/home_fi/online-scanner -Proud to be Finnish Cool

http://www.surfright.nl/en/hitmanpro

RodeoX

legendary

Activity: 3066

Merit: 1147

The revolution will be monetized!

Quote from: ed_war_d on December 07, 2015, 10:20:27 AM

Quote from: RodeoX on December 07, 2015, 09:55:17 AM

With Bitcoin you are the boss! That not only means you are in charge, but that you must work. Bitcoin security is no better than your security. If used correctly it is miles above the bank's security system. However if you do not protect your private key then no other methods matter.

I don't know how this happened to you, but someone must have gotten that key. Consider who else has access to your computer. Think about where you store your private key. This breach may not involve malware at all. Also, Think about a more secure OS like Linux.

Sorry to hear about your loss.

Look at the picture from my 2nd wallet:
http://tinypic.com/r/ddsw0/9
There is no address in transaction. The label "нeдocтyпнo" means "no acsess"
It seems it's pretty strange

No information about the transaction? That is strange. You did a lot of things right, using the long password with no words. That rules out guessing your password. You are using good anti-malware. That makes malware a little less likely.
If you wrote the password in a document or on a slip of paper you may want to check the security on that document. It may also be worth asking yourself "who else knows I have bitcoins and has access to this computer"?
What a bummer. Can blockchain.info give you a Tx ID? That may give some more information.

Xialla

legendary

Activity: 1036

Merit: 1001

/dev/null

Quote from: ed_war_d on December 07, 2015, 02:24:11 AM

I installed Windows 10 in October.

so, this is your problem. sorry for your loss..

ed_war_d

newbie

Activity: 37

Merit: 0

Quote from: johnyj on December 07, 2015, 11:54:23 AM

Quote from: ed_war_d on December 07, 2015, 11:44:25 AM

Quote from: johnyj on December 07, 2015, 11:33:58 AM

Possibly a password theft if your password is too easy to guess (several words you always use) but in order to steal your coins, the hacker must also have access to your private key. In fact there is no 100% sure way to make sure that no one else have your private key unless it is generated by you manually and kept offline secretly

The entropy in core client should be strong enough to avoid key collision, but the key should be generated offline and kept offline most of the time

The passwords were about 30 simbols and didn't contain whole words
I've never entered the passwords for many mounthes

It is possible that your private key is already stolen before you set the password. For example, some Trojan has been installed before you install the core client, and they constantly searching for the wallet.dat file on your c drive. Once found, they immediately send the wallet to the hacker, and that is before you even set the password

In this case why they didn't steal it 3 years ago?

johnyj

legendary

Activity: 1988

Merit: 1012

Beyond Imagination

Quote from: ed_war_d on December 07, 2015, 11:44:25 AM

Quote from: johnyj on December 07, 2015, 11:33:58 AM

Possibly a password theft if your password is too easy to guess (several words you always use) but in order to steal your coins, the hacker must also have access to your private key. In fact there is no 100% sure way to make sure that no one else have your private key unless it is generated by you manually and kept offline secretly

The entropy in core client should be strong enough to avoid key collision, but the key should be generated offline and kept offline most of the time

The passwords were about 30 simbols and didn't contain whole words
I've never entered the passwords for many mounthes

It is possible that your private key is already stolen before you set the password. For example, some Trojan has been installed before you install the core client, and they constantly searching for the wallet.dat file on your c drive. Once found, they immediately send the wallet to the hacker, and that is before you even set the password

ed_war_d

newbie

Activity: 37

Merit: 0

Quote from: mexxer-2 on December 07, 2015, 05:13:16 AM

Quote from: shorena on December 07, 2015, 05:08:53 AM

Quote from: yoona on December 07, 2015, 05:06:16 AM

first of all i am sorry for the lost. but did anybody here asked op to sign a message to prove the ownership of the address? it's important right to claim that the address is really owned by op. and after that we can go discussing this . no offense op okay Wink

No, why? They can hardly reclaim the coins with a signed message. I dont see how that matters at all.

I think he means to say that we should first actually get some proof that OP's wallet was indeed hacked and he is not just wasting everyone's time with wild speculation as to how his wallet might've been hacked

What proofs you would like to get?

ed_war_d

newbie

Activity: 37

Merit: 0

Quote from: johnyj on December 07, 2015, 11:33:58 AM

Possibly a password theft if your password is too easy to guess (several words you always use) but in order to steal your coins, the hacker must also have access to your private key. In fact there is no 100% sure way to make sure that no one else have your private key unless it is generated by you manually and kept offline secretly

The entropy in core client should be strong enough to avoid key collision, but the key should be generated offline and kept offline most of the time

The passwords were about 30 simbols and didn't contain whole words
I've never entered the passwords for many mounthes

johnyj

legendary

Activity: 1988

Merit: 1012

Beyond Imagination

Possibly a password theft if your password is too easy to guess (several words you always use) but in order to steal your coins, the hacker must also have access to your private key. In fact there is no 100% sure way to make sure that no one else have your private key unless it is generated by you manually and kept offline secretly

The entropy in core client should be strong enough to avoid key collision, but the key should be generated offline and kept offline most of the time

cr1776

legendary

Activity: 4228

Merit: 1313

Quote from: ed_war_d on December 07, 2015, 04:30:17 AM

...
I've made clean installation of Windows 2-3 times since I've entered the passwords last time.
I hope the investigation of this case can improve the Bitcoin world and can prevent such incidents in future

The isn't a bitcoin issue, this is a computer security issue. If you can't secure the computer, nothing that the bitcoin developers do will help stop it.

If you can't secure Windows, use Linux or OS X or any number of other OSs. And use them ONLY offline. Or use a paper wallet. Or a hardware wallet.

Sorry for the loss.

Topic: They have stolen bitcoins from my official Bitcoin wallet (Read 4154 times)