Pages:
Author

Topic: Wallet Hack on 4/25 - page 4. (Read 11267 times)

newbie
Activity: 28
Merit: 0
April 26, 2013, 02:49:47 PM
#48
OP, might make sense for a thread like this to be called "blockchain.info hack" instead of "bitcoin hack". The latter is somewhat misleading.

Yeah, can I change it after the fact?  Realized that after I did it and it's definitely misleading.  Nothing wrong with the protocol or bitcoin in general - more apropot would be wallet hack.
newbie
Activity: 28
Merit: 0
April 26, 2013, 02:48:23 PM
#47
For 0.78 BTC you just got a very inexpensive lesson in security.  Don't let those coins be spent for naught.

Agree.  Already had cold storage so was trying to be diligent, just hadn't moved since withdrawing from BTC-e.  Definitely have learned a lesson.  Keep hot balances low and only access bitcoin-qt from clean/sandboxed computer that I don't do my daily surfing on to avoid any type of java/javascript exploits.  Recommend the same for others.
hero member
Activity: 910
Merit: 1005
April 26, 2013, 02:37:27 PM
#46
Any leads on what could have caused this? Or who the thief is?

Will reimbursing affected users be considered?

I am collecting all the information I can, still not clear of the exact root cause. There are a number a blockchain.info wallets compromised in this transaction but i'm not sure it is exclusively blockchain wallets, some of the input addresses look like wallets from other clients (i.e. they use change addresses and transactions are not shown as being relayed by blockchain). More data points are needed.

I am not convinced this has anything to do with Android. I've seen some chatter about brute-forcing attacks against blockchain.info wallets. Is it possible some older wallets have passwords that aren't strong enough? The b.i KDF is SHA1 repeated only a handful of times, iirc, because JavaScript is slow.

I think it is possible to rule out an android problem, several users have stated they do not use an android app.

Brute forcing is a possibility but I remain sceptical about the feasibility of brute forcing 10 character passwords. A 10 character password, 10 rounds of pbkdF2 with 36 possible characters at 5 million guesses per second would take 80,000 days to search the entire key space. I'm not sure it even possible to achieve 5 million guesses per second http://arstechnica.com/security/2012/12/25-gpu-cluster-cracks-every-standard-windows-password-in-6-hours/ estimates rates significantly lower speeds (if  pbkdF2 can be considered close to bcrypt speed). That is for one wallet as well, this seems to be multiple wallets in parallel. All wallets have a unique salt so precomputed dictionary attack shouldn't be possible. Also I have setup several wallets with deliberately weak passwords that are unemptied.

All users affected so far have had JAVA enabled possibly this is the result of some malware spread through a java applet. I can't find the post now but there was a report of a malicious Java applet designed to collect wallet data.

Other possibilities are XSS or a leak of passwords from another site although there is is no direct evidence of this.
sr. member
Activity: 252
Merit: 250
April 26, 2013, 02:35:06 PM
#45
...Sign a message with any one of the addresses from which your funds were supposedly stolen.
How does one even do that?
I'm not sure that it's possible in blockchain.info, but in the QT client, there's a button that says "sign message" or something like that.
I see, thanks. I'd entirely overlooked that, but in retrospect it's always been a feature that one can prove identity via ownership of an address.
hero member
Activity: 609
Merit: 506
April 26, 2013, 02:33:04 PM
#44
OP, might make sense for a thread like this to be called "blockchain.info hack" instead of "bitcoin hack". The latter is somewhat misleading.
sr. member
Activity: 252
Merit: 250
April 26, 2013, 02:32:16 PM
#43
I am not convinced this has anything to do with Android. I've seen some chatter about brute-forcing attacks against blockchain.info wallets. Is it possible some older wallets have passwords that aren't strong enough? The b.i KDF is SHA1 repeated only a handful of times, iirc, because JavaScript is slow.
Is it possible someone found a way to download all wallets from blockchain.info and just started bruting 'em? Maybe someone found a list of identifiers and is just pulling them as they have time. They did have those security issues recently...
sr. member
Activity: 252
Merit: 250
April 26, 2013, 02:27:50 PM
#42
I was asked to run Java last time I logged in to Blockchain.info. Is this supposed to happen? Think I'll transfer my Bitcoins to a paperwallet to be on the safe side...
o_O people still have Java installed? After the latest problems I ditched that sh!t and haven't looked back. How many zero-days is it responsible for now? 105% of them?
legendary
Activity: 1400
Merit: 1005
April 26, 2013, 02:11:50 PM
#41
...Sign a message with any one of the addresses from which your funds were supposedly stolen.
How does one even do that?
I'm not sure that it's possible in blockchain.info, but in the QT client, there's a button that says "sign message" or something like that.
sr. member
Activity: 252
Merit: 250
April 26, 2013, 02:09:04 PM
#40
...Sign a message with any one of the addresses from which your funds were supposedly stolen.
How does one even do that?
full member
Activity: 140
Merit: 100
Mining FTW
April 26, 2013, 01:33:53 PM
#39
[...]
    Does your browser have Java enabled? http://isjavaenabled.com  -- Tough call on this one.  I've been running noscript for a week or so on Firefox on a fresh install, so should be protected there, but have had that address for a while and know I was on btc-e prior to installing noscript, so all depends when person would gotten my privkey.


Are you confusing Java for Javascript? Or does noscript disable Java now too?
noscript, if properly used disables all javascript and all other functionality other than plain html. Has been that way since I've been using it... which is for a couple years now.
donator
Activity: 2058
Merit: 1007
Poor impulse control.
April 26, 2013, 12:35:43 PM
#38
[...]
    Does your browser have Java enabled? http://isjavaenabled.com  -- Tough call on this one.  I've been running noscript for a week or so on Firefox on a fresh install, so should be protected there, but have had that address for a while and know I was on btc-e prior to installing noscript, so all depends when person would gotten my privkey.


Are you confusing Java for Javascript? Or does noscript disable Java now too?
legendary
Activity: 1526
Merit: 1134
April 26, 2013, 12:34:45 PM
#37
I am not convinced this has anything to do with Android. I've seen some chatter about brute-forcing attacks against blockchain.info wallets. Is it possible some older wallets have passwords that aren't strong enough? The b.i KDF is SHA1 repeated only a handful of times, iirc, because JavaScript is slow.
sr. member
Activity: 266
Merit: 250
April 26, 2013, 12:27:57 PM
#36
hmmzzz armory?
sr. member
Activity: 322
Merit: 252
April 26, 2013, 12:24:52 PM
#35
For 0.78 BTC you just got a very inexpensive lesson in security.  Don't let those coins be spent for naught.
full member
Activity: 140
Merit: 100
Hoist the Colours
April 26, 2013, 11:19:54 AM
#34

It's too bad that stolen bitcoins cannot be redflagged so they can't be spent or sold on exchanges. If every bitcoins previous chain of owners can be verified it shouldn't be too hard.
It wouldn't be hard, but part of Bitcoins being Bitcoins is that they are fungible.  We'd be in for a whole huge mess if people started attempting to determine whether coins were stolen.  What authority do you go by?  If one person says funds are stolen, and another person says they were legitimately acquired, who do you believe?  What if you do not have services available to check the stolen-ness of coins prior to accepting them?  Not to mention, a proper criminal could simply send the coins to a mixing service, and then the taint would be spread across many different people and addresses.

This has been discussed many times before, and always ends up that no one wants to uphold any kind of taint on Bitcoin coins.  It just wouldn't work, and would largely kill Bitcoin.


I see you're point. Trying to make bitcoin owners traceable would also have similar problems. They only way would be to be able to secure a wallet with something more tougher to crack than a password. Same with emails, passwords are the weak link to their security.
legendary
Activity: 1400
Merit: 1005
April 26, 2013, 10:10:53 AM
#33

It's too bad that stolen bitcoins cannot be redflagged so they can't be spent or sold on exchanges. If every bitcoins previous chain of owners can be verified it shouldn't be too hard.
It wouldn't be hard, but part of Bitcoins being Bitcoins is that they are fungible.  We'd be in for a whole huge mess if people started attempting to determine whether coins were stolen.  What authority do you go by?  If one person says funds are stolen, and another person says they were legitimately acquired, who do you believe?  What if you do not have services available to check the stolen-ness of coins prior to accepting them?  Not to mention, a proper criminal could simply send the coins to a mixing service, and then the taint would be spread across many different people and addresses.

This has been discussed many times before, and always ends up that no one wants to uphold any kind of taint on Bitcoin coins.  It just wouldn't work, and would largely kill Bitcoin.
full member
Activity: 140
Merit: 100
Hoist the Colours
April 26, 2013, 09:51:46 AM
#32

It's too bad that stolen bitcoins cannot be redflagged so they can't be spent or sold on exchanges. If every bitcoins previous chain of owners can be verified it shouldn't be too hard.
sr. member
Activity: 602
Merit: 251
April 26, 2013, 09:46:15 AM
#31
I didn't press "accept", so I hope I'm safe. But I can't log into Blockchain now without it popping up... Maybe I should uninstall Java.
legendary
Activity: 1862
Merit: 1011
Reverse engineer from time to time
April 26, 2013, 09:42:05 AM
#30
I was asked to run Java last time I logged in to Blockchain.info. Is this supposed to happen? Think I'll transfer my Bitcoins to a paperwallet to be on the safe side...
That shouldn't happen, you were infected by Java, most likely. But how did Java exploit end up on Blockchain.info?
sr. member
Activity: 602
Merit: 251
April 26, 2013, 09:36:21 AM
#29
I was asked to run Java last time I logged in to Blockchain.info. Is this supposed to happen? Think I'll transfer my Bitcoins to a paperwallet to be on the safe side...
Pages:
Jump to: