Pages:
Author

Topic: Tor+Blockchain wallet hacked? 633 btc loss - page 4. (Read 14349 times)

legendary
Activity: 1315
Merit: 1002
October 18, 2014, 06:56:33 AM
#78
at the end all BTC will be lost and hacked until forgotten.... that is why there is no future in current system...
hero member
Activity: 980
Merit: 507
October 18, 2014, 06:53:46 AM
#77
... Then there was an error message pop up, he closed it and refreshed the wallet page...

That probably was probably a key moment.

Exactly.  They were key logging him or had hijacked the computer and then transferred the money out.  It is doubtful it was a MITM attack while using TOR when the easier method is to just have owned his computer.  (Of course it is possible, just very unlikely).
I also agree. A man in the middle attack is really not feasible with TOR.

One theory as to what could have happened (besides spreading FUD) to the OP is that he went on a hidden wikki, looking for a .onion version of blockchain.info, clicked on a fake blockchian.info link (hidden wikki is littered with these kinds of phishing sites), entered his identifier and password, then the person behind the phishing .onion site was able to login to blockchain and steal the OP's bitcon.

IMO the OP is spreading FUD more likely then not. I don't see why the OP would be paranoid enough to use TOR when dealing with bitcoin but isn't paranoid enough to want to use cold storage

It happened the same thing to me using coinbase.com and I didn't use the hidden wiki to access coinbase. There is people literally living from stealing BTC you shouldn't underestimate these people
Why would you use TOR to access coinbase? They already know your identity and your bank account details therefore there is little reason to try to hide your identity to access coinbase

it has been reported that POODLE has exploited a SSLv3 vulnerability so it is, in theory possible that an attacker launched a zero day attack against the OP

I didn't give them any ID, just an email address.

By the way, someone stole from my blockchain with double authentification and a second password when sending funds... using it via TOR

I think blockchain is having an attack or something like that. Do you know any wallet that Works good with TOR? Or
would you recommend me generate new wallets from my cold wallet in Armory?

Fucking blockchain...
legendary
Activity: 1036
Merit: 1000
Thug for life!
October 16, 2014, 07:00:57 PM
#76
Unfortunately OP, this is a common occurance.  Malicious Tor exit nodes are redirecting requests to known bitcoin wallets and exchanges to their own malicious version and stealing coins.  Even in SSL connections.  Always verify the SSL certificate fingerprint and make sure it is correct when you are doing Bitcoin related things on Tor.
Even with SSL, Poodle has been shown to be able to perform a MITM attack against users. Checking the SSL certificate would not necessarily have stopped this attack
sr. member
Activity: 331
Merit: 250
October 16, 2014, 03:34:42 AM
#75
probably a man-in-the-middle attack performed by a TOR exit node.

just a reminder that in general it is not a good idea to use TOR to access
clearnet (that is, "normal" web addresses, as opposed to TOR hidden services).
What TOR makes secure in this case is the connection to the so-called TOR exit
node, which connects for you to your destination address, and sends you
the data back over the TOR network, thus acting as a proxy.  However, you are effectively trusting
the exit node not to fiddle with the data it forwards. Since the exit node can be
anybody (you can set up one, too), there is really no reason to trust it.
In particular, they can redirct your blockchain.info request to a fake site,
or strip your communication of its SSL and read all of it.

If you still want to use TOR to access clear net, and want to make this secure,
you have to download and install SSL certificates of every site you are going to use, in this
case of blockchain.info .

HTTPS everywhere is suppose to resolve this issue, no?
sr. member
Activity: 331
Merit: 250
October 16, 2014, 03:34:03 AM
#74
can't believe that owner of 775 btc who is too lazy to protect his/her btc ....should more careful it's too shocking news he lost almost  236740$ it can change one's whole life....

other guys lost much more and they studied "computer science"  Roll Eyes

actualy we dont know anything about this case. i doubt it was because if Tor. i think it was his shitty computer (maleware etc).

You summed it up perfectly.
hero member
Activity: 793
Merit: 1026
October 16, 2014, 02:45:43 AM
#73
Unfortunately OP, this is a common occurance.  Malicious Tor exit nodes are redirecting requests to known bitcoin wallets and exchanges to their own malicious version and stealing coins.  Even in SSL connections.  Always verify the SSL certificate fingerprint and make sure it is correct when you are doing Bitcoin related things on Tor.
member
Activity: 65
Merit: 10
October 15, 2014, 11:09:15 PM
#72
Why not use cold wallet?
full member
Activity: 236
Merit: 100
October 15, 2014, 10:37:30 PM
#71
Bitcoin biggest enemy is not the government? Is hacker?
hero member
Activity: 686
Merit: 500
October 15, 2014, 08:31:10 PM
#70
... Then there was an error message pop up, he closed it and refreshed the wallet page...

That probably was probably a key moment.

Exactly.  They were key logging him or had hijacked the computer and then transferred the money out.  It is doubtful it was a MITM attack while using TOR when the easier method is to just have owned his computer.  (Of course it is possible, just very unlikely).
I also agree. A man in the middle attack is really not feasible with TOR.

One theory as to what could have happened (besides spreading FUD) to the OP is that he went on a hidden wikki, looking for a .onion version of blockchain.info, clicked on a fake blockchian.info link (hidden wikki is littered with these kinds of phishing sites), entered his identifier and password, then the person behind the phishing .onion site was able to login to blockchain and steal the OP's bitcon.

IMO the OP is spreading FUD more likely then not. I don't see why the OP would be paranoid enough to use TOR when dealing with bitcoin but isn't paranoid enough to want to use cold storage

It happened the same thing to me using coinbase.com and I didn't use the hidden wiki to access coinbase. There is people literally living from stealing BTC you shouldn't underestimate these people
Why would you use TOR to access coinbase? They already know your identity and your bank account details therefore there is little reason to try to hide your identity to access coinbase

it has been reported that POODLE has exploited a SSLv3 vulnerability so it is, in theory possible that an attacker launched a zero day attack against the OP
member
Activity: 70
Merit: 10
★Bitin.io★ - Instant Exchange
October 15, 2014, 07:31:49 PM
#69
Is it really? Thought of the lost coins won't be found forever, I feel a little sad.
legendary
Activity: 4214
Merit: 1313
October 15, 2014, 07:22:19 PM
#68

With the recently announced POODLE flaw, I think that is probably it.  Particularly when you see "certificate doesn't match" etc.

sr. member
Activity: 364
Merit: 256
October 15, 2014, 06:14:20 PM
#67

https://bitcointalksearch.org/topic/poodle-vulnerability-825058

It's caused by POODLE vulnerability in TSL/SSL, if you use TOR to access internet then someone might have stolen and read your traffic (read above thread by theymos)
hero member
Activity: 980
Merit: 507
October 14, 2014, 06:25:39 PM
#65
... Then there was an error message pop up, he closed it and refreshed the wallet page...

That probably was probably a key moment.

Exactly.  They were key logging him or had hijacked the computer and then transferred the money out.  It is doubtful it was a MITM attack while using TOR when the easier method is to just have owned his computer.  (Of course it is possible, just very unlikely).
I also agree. A man in the middle attack is really not feasible with TOR.

One theory as to what could have happened (besides spreading FUD) to the OP is that he went on a hidden wikki, looking for a .onion version of blockchain.info, clicked on a fake blockchian.info link (hidden wikki is littered with these kinds of phishing sites), entered his identifier and password, then the person behind the phishing .onion site was able to login to blockchain and steal the OP's bitcon.

IMO the OP is spreading FUD more likely then not. I don't see why the OP would be paranoid enough to use TOR when dealing with bitcoin but isn't paranoid enough to want to use cold storage

It happened the same thing to me using coinbase.com and I didn't use the hidden wiki to access coinbase. There is people literally living from stealing BTC you shouldn't underestimate these people
sr. member
Activity: 448
Merit: 250
October 14, 2014, 06:22:32 PM
#64
... Then there was an error message pop up, he closed it and refreshed the wallet page...

That probably was probably a key moment.

Exactly.  They were key logging him or had hijacked the computer and then transferred the money out.  It is doubtful it was a MITM attack while using TOR when the easier method is to just have owned his computer.  (Of course it is possible, just very unlikely).
I also agree. A man in the middle attack is really not feasible with TOR.

One theory as to what could have happened (besides spreading FUD) to the OP is that he went on a hidden wikki, looking for a .onion version of blockchain.info, clicked on a fake blockchian.info link (hidden wikki is littered with these kinds of phishing sites), entered his identifier and password, then the person behind the phishing .onion site was able to login to blockchain and steal the OP's bitcon.

IMO the OP is spreading FUD more likely then not. I don't see why the OP would be paranoid enough to use TOR when dealing with bitcoin but isn't paranoid enough to want to use cold storage
legendary
Activity: 1090
Merit: 1000
October 14, 2014, 04:49:55 PM
#63
Spend the money and use a good VPN service.

Don't trust Tor with finances. Tor is fine for anonymity but not security.

Sorry for your loss.
hero member
Activity: 980
Merit: 507
October 14, 2014, 04:14:44 PM
#62
I lost 2 BTC in a similar way, using coinbase+tor

I got a "this connection is untrusted" message and when I refreshed the window the BTC were gone...

Since then I use Armory. But the funny thing is that for small amounts I changed to blockhain + tor...
hero member
Activity: 728
Merit: 500
October 14, 2014, 11:09:02 AM
#61
I have lost too, but not that amount.

I hope you find it soon.
legendary
Activity: 1722
Merit: 1000
October 14, 2014, 10:36:47 AM
#60
I.. I..

I only have 4-5 BTC and I am so protective I have them all in many different locations encrypted with different passes...
legendary
Activity: 1258
Merit: 1027
October 14, 2014, 10:05:23 AM
#59
The real question is why would someone keep ~$250k worth of BTC on a web based wallet?

Did Gox teach us nothing?

With Bitcoin you are the bank.

It's a beautiful and dangerous thing.

IMO, if you do not control and protect your private keys you are setting yourself up for disaster.

Pages:
Jump to: