The 2FA available there does not protect against locally installed programs, here are some examples of how it fails to do so:
1) You decided to enable 2FA after installing an untrusted program, then it just captures the key for generating 2FA codes;
2) You enabled 2FA earlier, but stored the key unprotected somewhere in your computer;
3) You enabled 2FA earlier, stored the key safely, but when you request a withdraw the program can alter the address in the process.
The solution involves not installing these programs. White-listing addresses helps too.
Topic: Used a bot, easy password, etc for Just-Dice use Google Authentic! Compromised~! - page 3. (Read 10055 times)
October 23, 2013, 05:11:55 AM
October 23, 2013, 05:03:43 AM
You should use 2FA on any account with money / any account that you can't afford to lose.
Even with good security practices, there's still a chance of being hit with a 0-day exploit. Yes, 2FA is a bit of an added hassle, but losing your coins is more annoying.
Even with good security practices, there's still a chance of being hit with a 0-day exploit. Yes, 2FA is a bit of an added hassle, but losing your coins is more annoying.
October 23, 2013, 04:55:43 AM
I would suggest if you are able to, turn on two factor authentication. As an added precaution move your funds to a safe machine (another laptop/computer or mobile phone).
October 23, 2013, 04:51:36 AM
Why do you think changing passwords will solve the issue ? Since you obviously don't have the code of this bot, it could have installed a couple of things to handle that. Basic stuff people: http://technet.microsoft.com/en-us/library/dd632947.aspx, https://en.wikipedia.org/wiki/Keystroke_logging#Software-based_keyloggers, and lastly http://www.computerhope.com/issues/ch001045.htm. The easiest thing you can do now is wipe out that windows.
I thought bitcoin users would be a bit smarter about that, everyone calls everything a scam still you download and run a closed-source bot ?
I thought bitcoin users would be a bit smarter about that, everyone calls everything a scam still you download and run a closed-source bot ?
October 23, 2013, 04:39:11 AM
I can also verify this. Change your passwords if you have used a bot.
October 23, 2013, 04:36:47 AM
Myself included just minutes ago lost entire just-dice balances by some clown in the chat room stealing players bitcoin balances. I think there should be a requirement made on all withdraws. Payouts should have to be sent to same deposit address on file. Maybe Doug will consider such a suggestion if feasible. Some folks have logged in and reporting 60+ bitcoin losses! Bad day for the industry for sure
Jump to: