Author

Topic: Where did my Bitcoin go?? (Read 1169 times)

legendary
Activity: 3710
Merit: 1586
December 01, 2013, 02:04:52 AM
#12
My password was 20ish random characters - upper case letters, lower case, and numbers. After the first time it was drained I switched it to 120ish characters - random words, numbers, and symbols. Both would have been close to impossible brute force as far as I know.

As I said before when you visit the my wallet page and enter the wallet identifier you are served an encrypted copy of the wallet. Then you can take your sweet time brute forcing it offline using GPU farms. Once you successfully do that you have access to the private keys and can spend the coins sent to the corresponding addresses at will. So a) they brute forced your wallet when you had a weak password on it. Maybe they managed it when you had the 20 character password maybe earlier than that. b) If you reused addresses from when you had a weak password they could spend the coins sent to those addresses because they had the decrypted private keys. Adding a stronger password does not protect you from private keys that were stolen in the past.

Another possibility is that you have a key logger on your system i.e malware.
sr. member
Activity: 280
Merit: 250
November 30, 2013, 02:40:40 PM
#11
This exact thing has happened to me ~3 times using blockchain.info totalling 2+ BTC. At first I thought someone had compromised my wallet, but even after changing my password to 120+ characters and adding 2FA my account was immediately drained with no login logged. This may be a huge problem, I wonder what is happening.

Yeah someone did compromise your wallet. They don't need to login to blockchain.info's site to raid your wallet. Basically whenever somebody visits the wallet page and fills in the wallet identifier their browser gets served an encrypted copy of the wallet i.e. encrypted with your pass phrase. The attacker can then deploy GPU farms offline to brute force your wallet. If you used a poor pass phrase your wallet could have been compromised. Then it's just a case of waiting for you to receive some coins before they steal them.

Another possibility is that you suffered from the blockchain.info javascript random number generator bug that affected earlier versions of that site. Search the forum for more info. If this is the bug you suffered from you may be able to get compensation from blockchain.info.

Bottom line is that you should not use web wallets if you can avoid it. Use a desktop client like electrum.
My password was 20ish random characters - upper case letters, lower case, and numbers. After the first time it was drained I switched it to 120ish characters - random words, numbers, and symbols. Both would have been close to impossible brute force as far as I know. I will definitely research that bug and contact them, thanks for your help.
legendary
Activity: 3710
Merit: 1586
November 30, 2013, 10:24:06 AM
#10
This exact thing has happened to me ~3 times using blockchain.info totalling 2+ BTC. At first I thought someone had compromised my wallet, but even after changing my password to 120+ characters and adding 2FA my account was immediately drained with no login logged. This may be a huge problem, I wonder what is happening.

Yeah someone did compromise your wallet. They don't need to login to blockchain.info's site to raid your wallet. Basically whenever somebody visits the wallet page and fills in the wallet identifier their browser gets served an encrypted copy of the wallet i.e. encrypted with your pass phrase. The attacker can then deploy GPU farms offline to brute force your wallet. If you used a poor pass phrase your wallet could have been compromised. Then it's just a case of waiting for you to receive some coins before they steal them.

Another possibility is that you suffered from the blockchain.info javascript random number generator bug that affected earlier versions of that site. Search the forum for more info. If this is the bug you suffered from you may be able to get compensation from blockchain.info.

Bottom line is that you should not use web wallets if you can avoid it. Use a desktop client like electrum.
sr. member
Activity: 322
Merit: 250
November 30, 2013, 10:14:20 AM
#9
This exact thing has happened to me ~3 times using blockchain.info totalling 2+ BTC. At first I thought someone had compromised my wallet, but even after changing my password to 120+ characters and adding 2FA my account was immediately drained with no login logged. This may be a huge problem, I wonder what is happening.
Since when? Did you send those transactions just recently?
This could be quite a serious issue, if you ask me...
full member
Activity: 171
Merit: 100
November 30, 2013, 10:05:01 AM
#8
Try to contact Blockchain.info owner, maybe he can help you.
https://bitcointalksearch.org/user/piuk-17928



Thanks, I'll give it a shot.
legendary
Activity: 1274
Merit: 1004
November 30, 2013, 09:51:05 AM
#7
Try to contact Blockchain.info owner, maybe he can help you.
https://bitcointalksearch.org/user/piuk-17928

sr. member
Activity: 280
Merit: 250
November 30, 2013, 09:45:33 AM
#6
This exact thing has happened to me ~3 times using blockchain.info totalling 2+ BTC. At first I thought someone had compromised my wallet, but even after changing my password to 120+ characters and adding 2FA my account was immediately drained with no login logged. This may be a huge problem, I wonder what is happening.
full member
Activity: 171
Merit: 100
November 30, 2013, 09:30:36 AM
#5
I think I might know how to solve your problem. Quoted from a post I made yesterday:

Go to your wallet on blockchain.info. Select the "receive money" tab. Click the "Archived" tab.

There will probably be a wallet in there with the "missing" coins. Click the little blue arrow on the right to un-archive that address and restore your Blockchain balance to normal.

Hope that helps!

ETA: when I say "go to your wallet", I mean go to blockchain.info, choose the "wallet" tab, and log in.

Nope, that's not it. It's not my address the 0.9 btc was sent to, unfortunately.
member
Activity: 126
Merit: 10
November 30, 2013, 09:09:51 AM
#4
I think I might know how to solve your problem. Quoted from a post I made yesterday:

Go to your wallet on blockchain.info. Select the "receive money" tab. Click the "Archived" tab.

There will probably be a wallet in there with the "missing" coins. Click the little blue arrow on the right to un-archive that address and restore your Blockchain balance to normal.

Hope that helps!

ETA: when I say "go to your wallet", I mean go to blockchain.info, choose the "wallet" tab, and log in.
full member
Activity: 171
Merit: 100
November 30, 2013, 04:40:50 AM
#3
No, he scanned the QR-code from my wallet on my phone. The address was one I generated in my Blockchain wallet, same as the other addresses I've got in that wallet. Yea, it looks like it was automatically forwarded, but I have no idea who or how this forwarding process was set up. Nor have I any idea to whom the address it was forwarded to belongs.
sr. member
Activity: 322
Merit: 250
November 30, 2013, 03:05:34 AM
#2
Looks like it was automatically forwarded...
How did your friend get that address? Just via his bitcoin-qt wallet?
full member
Activity: 171
Merit: 100
November 29, 2013, 11:50:53 PM
#1
Tonight I sent 1 BTC to a friends wallet, and sent 0.9 BTC back to the address of my wallet. That means, I have a Windows Phone app with Blockchain.info wallet, which have the address: 1CMMBYkiB3AVXbysaYuFEepSJTVRggFaNm  As soon as I sent 0.9 Bitcoin back to this address, 10 sec later it sent 0.8995 to 1J6zrabFk55AgPQsUzmu5UBbJefgY5CRW, which is an address I have no knowledge of. So now I have no idea where my 0.9 Bitcoin have gone to, instead of my own Bitcoin wallet. What do I do? The transactions can be seen here: https://blockchain.info/da/address/1CMMBYkiB3AVXbysaYuFEepSJTVRggFaNm
Jump to: