Pages:
Author

Topic: "Warning: Cryptocurrency Theft Involving Kaspersky Password Manager - My Story" (Read 480 times)

member
Activity: 266
Merit: 42
NO SHITCOIN INSIDE
Storing your private keys (aka seedphrase) in a password manager is no less safe then storing all your sensitive passwords in a password manager, IMO.
For some it might be safer to use a PM then keeping a physical copy in their house where it could be lost or stolen.

Millions of bitcoins have been lost forever because people lose the physical copy of their seedphrase.
So it might be argued that storing a physical copy of it somewhere  is no less risky then storing it online.

But if you do decide to store it online make sure to make use of Bitcoin's hidden wallet feature.
So even if someone steals your private key they will never be able to access your wallet without knowing your secret passphrase to open the hidden wallet.
Obviously, don't ever store your passphrase with your seed phrase. And make sure you don't ever forget your passphrase because without it
you will never be able too access your wallet with the seedphrase alone. Ideally your passphrase should be stored only in your head.

For those who don't know a hidden wallet, also known as a 25th word, is simply a wallet that is accessed with a passphrase that you make up to access your wallet.
Many hardware wallets such as Trezor and Coldcard offer this feature. It is a wallet within a wallet.

Hidden wallets are a great security feature that everyone should learn how to use IMO.

hero member
Activity: 714
Merit: 1298
~

Very sad story and I understand your feelings towards  Kaspersky team members who  you have blamed of being involved into the  stealing of your SEED. As has been said by others the use of any software  to keep SEED is a bad practice. However there might have  been on your machine a malware which has stolen   your SEED by some way. Why don't consider such development?
legendary
Activity: 2478
Merit: 1360
Don't let others control your BTC -> self custody
Are you sure this is your transaction? Can you give us the address that you kept these coins on?
Can you explain what motivated you to store coins on a password manager, especially after the Last Pass incident?
I also use a password manager for some things (power company payment panel, emails that I rarely use, online stores) and I feel fine doing int because what's the worst thing that can happen? If somebody hacks it they'll get my name and address... boo hoo, pretty much like every store that delivered something to my home. I'd never keep my seeds there, because you have to realize what could happen if there's a leak. Your whole money could be gone without a trace, so let's not be scared to use a password manager, just do it for things that can't hurt you.
sr. member
Activity: 2296
Merit: 348
I'm sorry for your loss, but I wonder why you would use a third-party password manager to keep your seed phrase when you have such a large amount stored in your wallet, and you shouldn't be using Trust Wallet to keep your assets in the first place but instead use a completely decentralized wallet to store your assets if the amount is high and anything above 0.5 BTC is very high in my opinion, you should even buy a hardware wallet to store your assets since it's a much safer way.

Google is one of the trusted platforms on the internet, and I would even be hesitant to use Google's services to store my sensitive information such as private keys or seed phrases because I know no matter how safe it is, it is still a third-party and anything can happen.
legendary
Activity: 2576
Merit: 2880
Catalog Websites
Sorry for your loss. But you have the most part to be blamed for.

On July 12, 2023, I became a victim of cryptocurrency theft in the amount of 1.32605552 BTC. I had access to my wallet only on a paper medium, as well as through Kaspersky Password Manager, where 12 secret words were stored to access the wallet in the Trust Wallet application on my iPhone XS Max.
You store your seed phrase on a password manager. That is wrong. Having it stored on a paper is better. You can have like three copies of it stored in different locations. If you are afraid of those that can see it, then use passphrase with it.

Another thing is that you are using a close source wallet. Use open source wallet instead although this is not about what you are talking about but close source wallets should be avoided.
I'm not sure that victim-blaming is the best choice for this kind of situations. Of course we all know (theoretically) that we should avoid storing important information in app/programs like password managers, and actually I use one as well but I don't store any crypto information in it, anyway if it's actually Kaspersky's fault than it's clear that they are to blame. OP is paying for a service that is corrupted. Blamed him is just ridiculous for me. Should have he been more cautious? Yes. Did he do something bad? No.
legendary
Activity: 2898
Merit: 1823

Pardon me, but I'm confused. The transaction during July 12, 2023 shows that more than 1.32605552 BTC was sent to 3LwDzjA1xH8amCHuvU9YjWST6rsyfPmvmU


At first I thought OP had linked the transaction hash where their hacked coins were consolidated along with others but I went to check all the inputs and couldn't find any amounting to "1.32605552 BTC"  Huh

It's either OP confused some data or this is just another fake story (meh) -- yet another regular day in bitcointalk lol.


It's probably another shit-post. But what kind of shit-post? Tin-foil hats on, but this might be a sort of 4D Chess "test" to know who might feed the troll and continue the discussion.

This topic might be deleted/transferred to Archival probably within one week.

¯\_(ツ)_/¯
sr. member
Activity: 812
Merit: 315
Vave.com - Crypto Casino
This is what I am talking about, how can you have over 1 BTC and choose to use a password manager to store your seed? You can afford a hardware wallet like Trezor or some brand new airgapped device like Keystone 3, mine came with a steel for writing down the recovery seed if you want to and still keep in a case that comes with the hardware wallet.

You obviously don't know a lot about crypto wallet and things you must not do with your wallet, keeping recovery seed or private key online will expose it to others, they are to be kept offline that's why I will always recommend a offline wallet like Trezor or Keystone, it's not too late to learn from your mistake.

This is going to be a painful lesson that would probably take a very long time to forget, over 1 BTC right now is not a small amount of money, I hope you will accept your mistake and work towards buying back what you've lost, sorry for your loss..
newbie
Activity: 2
Merit: 0

Transaction hash: 81cfe97cc16a49398d6986032ec8f6970ea80df5aa0990dcf0164de87136f5bf


Pardon me, but I'm confused. The transaction during July 12, 2023 shows that more than 1.32605552 BTC was sent to 3LwDzjA1xH8amCHuvU9YjWST6rsyfPmvmU

yes, this is also a mystery to me, there were 1.32605552 BTC in the wallet. Why this happened I don’t know
hero member
Activity: 798
Merit: 1045
Goodnight, ohh Leo!!! 🦅
I want to share a story with all of you that happened to me and may be of interest to everyone who uses cryptocurrencies and security technologies. My name is Igor, I am a resident of the city of Slavgorod in the Altai Krai, Russia.
you didn't have to tell us everything about yourself; we're definitely okay with the fact that your OP says - ulitov43... This is exactly the type of mistakes you make with your assets too.. cus why would anyone store their seedphrase on a browser/password manager?

it's unlikely that your actions were inadvertent and it didn't even occur to you until it was stolen... You seee, this is exactly the same thing I keep preaching everyday in here: you can't eat your cake and have it so it must be made clear that your wallet's security lies solely in your own hands.
Sorry for your loss though.

Sandra 🧑‍🦰
hero member
Activity: 2884
Merit: 579
Hire Bitcointalk Camp. Manager @ r7promotions.com
Sorry about that.

You own more than 1 btc and yet you saved your seed phrase to a password manager. It's always been tipped that you shouldn't put your seed phrases to a cloud storage whether it's from kasperky or any known anti virus password managers.

It is a very vital information and people working from these companies have an idea on what we're saving from them especially if it's requiring to be updated and connection on the internet.

The most basic way of keeping the phrase is through writing on a piece of paper and keeping that offline with some backups. I hope that you recover from this loss.
legendary
Activity: 2422
Merit: 1191
Privacy Servers. Since 2009.
Dear colleagues,

I want to share a story with all of you that happened to me and may be of interest to everyone who uses cryptocurrencies and security technologies. My name is Igor, I am a resident of the city of Slavgorod in the Altai Krai, Russia.

On July 12, 2023, I became a victim of cryptocurrency theft in the amount of 1.32605552 BTC. I had access to my wallet only on a paper medium, as well as through Kaspersky Password Manager, where 12 secret words were stored to access the wallet in the Trust Wallet application on my iPhone XS Max. Amazingly, my funds were transferred to another wallet, despite the fact that I did not receive any phishing or spam emails. Kaspersky suggested contacting the police to initiate an official investigation, which I did. A criminal case was opened, but, unfortunately, Kaspersky does not respond to police requests.

I am convinced that employees of Kaspersky are involved in this case, as I have a similar wallet on another iPhone with the same secret words in Trust Wallet, but without using Kaspersky Password Manager, and my funds remain intact on it.

It is very important to me that other users learn about this fraudulent scheme to avoid becoming its victims. The lost funds are of great value to me, so I appeal to you for support and advice. Perhaps someone among you has encountered a similar situation and can share their experience and advice.

Thank you for your attention and understanding.

Igor.
Transaction hash: 81cfe97cc16a49398d6986032ec8f6970ea80df5aa0990dcf0164de87136f5bf

Sorry for your loss, 1.32BTC is a lot of money. But let's see. First of all, there is no proof that the reason it happened was a Kaspersky product. Apart from phishing, there are lots of other ways bad guys can steal your precious coins.

I somehow didn't get the part regarding the second copy of your wallet on your phone.. You claim that your balance is still there? How is that possible? 
hero member
Activity: 2786
Merit: 902
yesssir! 🫡
Pardon me, but I'm confused. The transaction during July 12, 2023 shows that more than 1.32605552 BTC was sent to 3LwDzjA1xH8amCHuvU9YjWST6rsyfPmvmU

At first I thought OP had linked the transaction hash where their hacked coins were consolidated along with others but I went to check all the inputs and couldn't find any amounting to "1.32605552 BTC"  Huh

It's either OP confused some data or this is just another fake story (meh) -- yet another regular day in bitcointalk lol.
full member
Activity: 1148
Merit: 158
★Bitvest.io★ Play Plinko or Invest!
Hey OP, that's a tough situation with your crypto getting swiped. It's super important to look out for security in the crypto world. Maybe try chatting with some cybersecurity peeps? They might have insights into any weak points in your setup. Stay on guard against phishing and keep an eye on your accounts for anything fishy. It's a bummer losing funds, but I'm rooting for you to get things sorted out!
legendary
Activity: 1792
Merit: 1296
Crypto Casino and Sportsbook
The lost funds are of great value to me, so I appeal to you for support and advice. Perhaps someone among you has encountered a similar situation and can share their experience and advice.
Your story is sad, but who can you blame but yourself? You yourself made a mistake (neglected security) with your assets. Cryptocurrencies primarily imply personal responsibility for crypto safety. What they call here “being your own bank”. The seed-phrase should not have been shared (stored in a Kaspersky Password Manager) with anyone. What is gone can't be returned. Get used to it with cryptocurrencies.

Kaspersky suggested contacting the police to initiate an official investigation, which I did. A criminal case was opened, but, unfortunately, Kaspersky does not respond to police requests.
Could you tell us on what basis the criminal case was initiated? Was this charged as theft? As far as I know, bitcoin is not an officially recognized financial asset (or anything like that). Stealing something that doesn't officially exist is not theft, right. I know it sounds contradictory, but while the legal status of cryptocurrencies has not been determined, this is exactly what happens.
legendary
Activity: 1568
Merit: 6660
bitcoincleanup.com / bitmixlist.org
That's why it's a really bad idea to use a password manager, it was never a popular thing in the first place so it's really weird that people are using them and it's a surprise that there's still people using them despite all of the hacks and breaches on this services. That's why you should always just go for the old school way of password management, Notepad or maybe even a piece of paper because that way, you're only vulnerability is that you're going to be breached on your own computer which is highly unlikely when you know how to keep yourself safe and you don't just download files and games online anywhere that's not even remotely trusted. If you're still using some sort of password manager that's connected to a database then you should know that you're risking all of your accounts being stolen by malicious entities that will stop at nothing in accessing your accounts and getting what valuables you've got.

Notepad? Are you kidding?

That's probably even worse than writing all your passwords on sticky notes and putting them on your PC.

Why don't you use a local password manager like KeePass XC or BitWarden, it is much better than using a notepad without the possibility of getting hacked like many of these commercial and insecure password managers.
sr. member
Activity: 1484
Merit: 323
That's why it's a really bad idea to use a password manager, it was never a popular thing in the first place so it's really weird that people are using them and it's a surprise that there's still people using them despite all of the hacks and breaches on this services. That's why you should always just go for the old school way of password management, Notepad or maybe even a piece of paper because that way, you're only vulnerability is that you're going to be breached on your own computer which is highly unlikely when you know how to keep yourself safe and you don't just download files and games online anywhere that's not even remotely trusted. If you're still using some sort of password manager that's connected to a database then you should know that you're risking all of your accounts being stolen by malicious entities that will stop at nothing in accessing your accounts and getting what valuables you've got.
hero member
Activity: 882
Merit: 1873
Crypto Swap Exchange
I had access to my wallet only on a paper medium, as well as through Kaspersky Password Manager, where 12 secret words were stored to access the wallet in the Trust Wallet application on my iPhone XS Max.
I do not even need to read the rest of the post.  I am not saying what happened was a good thing but it was your mistake.  When holding Bitcoin you have to trust NO BODY.  Not even the 'best Password Manager' available.  The point was not having to trust any body at all and rely on our own responsibility.  You failed that step and this is what happened.

Sorry about the loss.  But you need to take more care about your own Wealth and stop trusting strangers.  Would you give me your Seed to hold it for you?  Probably not.  Then why give it to a random Server you know exactly nothing about.
hero member
Activity: 2814
Merit: 734
Bitcoin is GOD
On July 12, 2023, I became a victim of cryptocurrency theft in the amount of 1.32605552 BTC. I had access to my wallet only on a paper medium, as well as through Kaspersky Password Manager, where 12 secret words were stored to access the wallet in the Trust Wallet application on my iPhone XS Max. Amazingly, my funds were transferred to another wallet, despite the fact that I did not receive any phishing or spam emails. Kaspersky suggested contacting the police to initiate an official investigation, which I did. A criminal case was opened, but, unfortunately, Kaspersky does not respond to police requests.

I am convinced that employees of Kaspersky are involved in this case, as I have a similar wallet on another iPhone with the same secret words in Trust Wallet, but without using Kaspersky Password Manager, and my funds remain intact on it.

It is very important to me that other users learn about this fraudulent scheme to avoid becoming its victims. The lost funds are of great value to me, so I appeal to you for support and advice. Perhaps someone among you has encountered a similar situation and can share their experience and advice.

Thank you for your attention and understanding.
I sincerely hope you can recover your coins, unfortunately this is unlikely even if the amount that was stolen should guarantee some sort of investigation, however if the person that stole your coins is not on your country the chances of recovering your coins will drop even further.

With that being said, you need to change the way you secure your coins, as it is widely accepted that storing your coins in any device that is online all the time is a bad practice that can lead to your coins being stolen, a reality you can confirm due to your own negative experience.
member
Activity: 266
Merit: 42
NO SHITCOIN INSIDE
I don't agree with the general sentiment on this thread that password managers are never to be trusted.

If password managers are so bad then why aren't we hearing a lot of stories in the media about people having their passwords compromised or hacked into?
The only major thing I ever heard was Lastpass having their users emails compromised but as far as I know these kind of hacks  did not involve any actual breaches of stored passwords.

I'm not advising people to store their private keys online that is their own decision to make but to say that password managers are never to be trusted does not make any sense to me either.
If there has been any actual breaches or hacks of the password manager software resulting in people actually  having their passwords stolen I would love to know about it.

Also it is just not practical to have to memorize hundreds of different passwords or write them all down, so most people have no choice but to use a PW manager.

Having said that, some password managers are better then others and again personally I would not use any password managers that are not 100% verifiably open source.
Since Lastpass and Kaspersky password managers are not open source I would not use either one of them.
 
full member
Activity: 1484
Merit: 136
★Bitvest.io★ Play Plinko or Invest!
That's the reason why I don't trust password managers, because the thing is it is connected to internet and database and because it is an application for password for sure those hackers or malicious intents targets this kind of application, that might explain why you've lose your bitcoin, I hope you've learn your lesson that instead of storing your password in important account such as crypto wallets better store it in a paper or any kind just don't put it in internet because it can be easily compromised, well, for me I have a special way of storing my passwords and seed phrase but its a secret, its just I have a multiple series of condition before I can access my password storage but do not I'm not storing it in internet. Maybe you have your own way of securing and storing your passwords rather than relying on applications that will handle your passwords.
Pages:
Jump to: