Pages:
Author

Topic: Tor+Blockchain wallet hacked? 633 btc loss - page 6. (Read 14360 times)

legendary
Activity: 1512
Merit: 1036
October 14, 2014, 02:24:09 AM
#38
On Tor, you are allowing someone to be a man-in-the-middle. The exit node can see and intercept all traffic between you and the website, can present a fake phishing site to you, can record all traffic, can wrap SSL in their own certificate, etc. It is anonymous but not secure.

It is more likely that the computer was trojaned though. The PC cannot be trusted, it should be wiped and reloaded. It is not a good idea to let your "friends" use your computer that accesses your Bitcoins, many people would find 600 BTC + more valuable than a friendship.
hero member
Activity: 658
Merit: 500
October 14, 2014, 02:16:34 AM
#37
I saw it in the Chinese section too. It's kind of hard to believe, since Blockchain just got a lot of money from VC.

This has nothing to do with Blockchain.info, idiot.

The whole wallet encryption and decryption is done client side, bockchain.info doesnt store shit.
hero member
Activity: 658
Merit: 500
October 14, 2014, 02:14:15 AM
#36
This person has probably been attacked with a man in the middle attack. I think he has used a malicious TOR exit node which was sniffing his traffic. They then messed with his SSL certificate to blockchain.info. Because of this the user was logging in at blockchain on an unsecure (HTTP) connection. The attacker was able to sniff his data, and get the password. Im doing researchs to these attacks as we speak. Very frightning.
This would not work. Everything is done on the client side as far as encrypting and decrypting the wallet, creating new private keys and signing TXs. If the SSl certificate was tampered with then he should have received a warning.

The only thing a TOR exit node would have been able to do is stop the TX from being broadcast or prevent the user from accessing his wallet.

IMO TOR had nothing to do with the fact his money was stolen (if it was in fact stolen)

They can even inject fake SSL-lock icons inside your browser. Not much people will notice.

you dont get it do you? lol at your research... look like you have to spend alot more time.
hero member
Activity: 658
Merit: 500
October 14, 2014, 01:57:51 AM
#35
I saw it in the Chinese section too. It's kind of hard to believe, since Blockchain just got a lot of money from VC.
full member
Activity: 191
Merit: 100
October 14, 2014, 01:45:11 AM
#34
I was exploring this (1AaAYSunThcnsMdvgRqfCMKF68KacjM98f) address to find some clues, and I just found that this address perhaps is connected to some previous scams (perhaps - not proved for sure...)

One of the transactions.

Sender address is connected with https://bitcointalksearch.org/topic/m.8460225.

But well ... it doesn't change anything... Smiley maybe someone will find something more interesting about it. But it might be just a waste of time.

Thing is to be careful if you are using Tor.


the blockchain.info wallet is a html5/javascript local client.

tor and javascript are known to not go well together for security reasons. it's recommended to have javascript disabled when using tor.

go figure.
It is generally not efficient to look at individual transactions to try to track down where stolen bitcoin went. Someone could easily create a new address to receive the stolen bitcoin and then use a mixer to hide where he wants them to eventually end up
sr. member
Activity: 462
Merit: 250
October 14, 2014, 12:07:29 AM
#33
Mindbogglingly scary stuff. Can't imagine how the affected guy feels. What will he do if btc ever really does take off. The psychological costs of theft on this scale must be acute
full member
Activity: 210
Merit: 100
Looking for the next big thing
October 13, 2014, 10:16:49 PM
#32
that is soooo terrible.

thanks for posting. 

I just have a few bitcoin but I will remember this. 
member
Activity: 239
Merit: 10
October 13, 2014, 09:46:39 PM
#31
Well, the other day I left 250k laying on my table, and when I came back to the house, my new maid had stolen it all! Happens to the best of us.
sr. member
Activity: 364
Merit: 250
October 13, 2014, 06:02:17 PM
#30
This person has probably been attacked with a man in the middle attack. I think he has used a malicious TOR exit node which was sniffing his traffic. They then messed with his SSL certificate to blockchain.info. Because of this the user was logging in at blockchain on an unsecure (HTTP) connection. The attacker was able to sniff his data, and get the password. Im doing researchs to these attacks as we speak. Very frightning.
This would not work. Everything is done on the client side as far as encrypting and decrypting the wallet, creating new private keys and signing TXs. If the SSl certificate was tampered with then he should have received a warning.

The only thing a TOR exit node would have been able to do is stop the TX from being broadcast or prevent the user from accessing his wallet.

IMO TOR had nothing to do with the fact his money was stolen (if it was in fact stolen)

They can even inject fake SSL-lock icons inside your browser. Not much people will notice.
legendary
Activity: 2212
Merit: 1199
October 13, 2014, 05:42:43 PM
#29
I was exploring this (1AaAYSunThcnsMdvgRqfCMKF68KacjM98f) address to find some clues, and I just found that this address perhaps is connected to some previous scams (perhaps - not proved for sure...)

One of the transactions.

Sender address is connected with https://bitcointalksearch.org/topic/m.8460225.

But well ... it doesn't change anything... Smiley maybe someone will find something more interesting about it. But it might be just a waste of time.

Thing is to be careful if you are using Tor.


the blockchain.info wallet is a html5/javascript local client.

tor and javascript are known to not go well together for security reasons. it's recommended to have javascript disabled when using tor.

go figure.
full member
Activity: 173
Merit: 100
October 13, 2014, 05:33:20 PM
#28
This person has probably been attacked with a man in the middle attack. I think he has used a malicious TOR exit node which was sniffing his traffic. They then messed with his SSL certificate to blockchain.info. Because of this the user was logging in at blockchain on an unsecure (HTTP) connection. The attacker was able to sniff his data, and get the password. Im doing researchs to these attacks as we speak. Very frightning.
This would not work. Everything is done on the client side as far as encrypting and decrypting the wallet, creating new private keys and signing TXs. If the SSl certificate was tampered with then he should have received a warning.

The only thing a TOR exit node would have been able to do is stop the TX from being broadcast or prevent the user from accessing his wallet.

IMO TOR had nothing to do with the fact his money was stolen (if it was in fact stolen)
hero member
Activity: 728
Merit: 500
October 13, 2014, 05:30:19 PM
#27
Holly, this is huge!
full member
Activity: 211
Merit: 100
I Believe
October 13, 2014, 05:27:28 PM
#26
Need a good password program and 2FA login security for sure.
sr. member
Activity: 364
Merit: 250
October 13, 2014, 04:32:30 PM
#25
This person has probably been attacked with a man in the middle attack. I think he has used a malicious TOR exit node which was sniffing his traffic. They then messed with his SSL certificate to blockchain.info. Because of this the user was logging in at blockchain on an unsecure (HTTP) connection. The attacker was able to sniff his data, and get the password. Im doing researchs to these attacks as we speak. Very frightning.
legendary
Activity: 4522
Merit: 3426
October 13, 2014, 02:58:00 PM
#24
... Then there was an error message pop up, he closed it and refreshed the wallet page...

That was probably a key moment.
member
Activity: 115
Merit: 11
Bitcoin is revolution
October 13, 2014, 12:31:13 PM
#23
I know I'm gonna talk about other people said and besides we're talking about something happened.

In other posts where people claimed their BTC stolen happen the same thing and I mean a common factor which is online wallet. I know (if is true of course) this won't work for what they stealed you but it's important to remark and use offline wallet account when you have >100BTC and is only for your security.

Most people in this forum and Reedit say Armory is a good and easy one to use. I own <10BTC but either way is hard to lost something invested and more important, leave the BTC with bad image.  Cry
sr. member
Activity: 333
Merit: 252
October 13, 2014, 12:20:27 PM
#22
probably a man-in-the-middle attack performed by a TOR exit node.

just a reminder that in general it is not a good idea to use TOR to access
clearnet (that is, "normal" web addresses, as opposed to TOR hidden services).
What TOR makes secure in this case is the connection to the so-called TOR exit
node, which connects for you to your destination address, and sends you
the data back over the TOR network, thus acting as a proxy.  However, you are effectively trusting
the exit node not to fiddle with the data it forwards. Since the exit node can be
anybody (you can set up one, too), there is really no reason to trust it.
In particular, they can redirct your blockchain.info request to a fake site,
or strip your communication of its SSL and read all of it.

If you still want to use TOR to access clear net, and want to make this secure,
you have to download and install SSL certificates of every site you are going to use, in this
case of blockchain.info .

legendary
Activity: 1148
Merit: 1014
In Satoshi I Trust
October 13, 2014, 11:01:49 AM
#21
can't believe that owner of 775 btc who is too lazy to protect his/her btc ....should more careful it's too shocking news he lost almost  236740$ it can change one's whole life....

other guys lost much more and they studied "computer science"  Roll Eyes

actualy we dont know anything about this case. i doubt it was because if Tor. i think it was his shitty computer (maleware etc).
sr. member
Activity: 374
Merit: 250
October 13, 2014, 07:58:07 AM
#20
That is terrible so much to lose. Yes these sorts of things make it scary for regular users.
sgk
legendary
Activity: 1470
Merit: 1002
!! HODL !!
October 13, 2014, 07:48:59 AM
#19
how can someone steal that much and not feel remorse?   Roll Eyes

humans ftw
Pages:
Jump to: