Author

Topic: Why do people keep on getting hacked? (Read 1098 times)

sr. member
Activity: 588
Merit: 253
February 02, 2014, 07:56:08 PM
#16
To be safe. Keep a separate computer for bitcoin purposes only. With fresh os installation with bitcoin and antivirus only is installed. Do not install anything on this computer. Do not use this to browse the web other than very trusted website. Do not install java and flash and other plugins. Alt coins can be installed on vps.
member
Activity: 65
Merit: 10
It is! :)
February 02, 2014, 07:36:53 PM
#15
is there still a chance getting hacked?
You don't own your Bitcoins. MtGox does.
So you would first need to solve that Smiley
legendary
Activity: 1232
Merit: 1195
February 01, 2014, 06:58:51 AM
#14
Is this the same hacked as people claim on facebook that their account got 'hacked'. It didn't get hacked, you got phished for being an idiot.
sr. member
Activity: 308
Merit: 250
February 01, 2014, 05:10:17 AM
#13
The chances of the exchange itself getting hacked is small,imo. Its the end user that is to blame for not keeping their systems clean,and obviously keeping sensitive information to yourself is paramount.
newbie
Activity: 44
Merit: 0
January 31, 2014, 01:36:22 PM
#12
IMO social engineering is probably the biggest risk of all. You can cover some of your bases by using a linux OS, a strong password, not telling people you have bitcoins, etc. But I think if you were going to get hacked, a lot of times its going to come from social engineering. Its the easiest way "in". If you are sloppy and careless you are going to get hacked (talking at parties while drinking,leaving things around your dorm,etc). Ive been to two bitcoin meetings recently... a conference and a meetup and after both times I had several attacks on my email accounts. people trying to figure out my passwords. I didnt divulge any personal info except handing out my business cards!

BOTTOM LINE = Loose lips sink ships!
legendary
Activity: 1540
Merit: 1000
January 31, 2014, 04:26:11 AM
#11
They've been clicking on suspicious links and downloading weird shit and are trying to blame everything but themselves for the mistake.
full member
Activity: 224
Merit: 100
January 31, 2014, 04:22:14 AM
#10
is a safe password enough to not get hacked?

lets say you have an account on MTGOX with a password that contains big and small letters
extra keys and numbers and is over 20 caracters long

is there still a chance getting hacked?

(except phising,keyloggers)

We are going to see more and more of this as time goes by. The number of noobs that are getting into bitcoin just keeps going up and up so we'll see more coins stolen. People don't like to hear that they are at fault, so the blame will fall on bitcoin and it will have a negative impact on bitcoin's reputation. But, yeah, rick pickings for thieves. Also opens up a door for those who can offer secure wallets. Unfortunately a lot of people have failed in that area so any newcomer will struggle to do it right.

I don't think most people are aware that they probably have had numerous Trojans on their computers. The Trojans are only discovered once something goes wrong (theft of accounts, data, money, etc). The general assumption is "I've never has a virus so why would I get one now?" I used to be like that, but not anymore.
hero member
Activity: 721
Merit: 503
January 31, 2014, 12:39:42 AM
#9
is a safe password enough to not get hacked?

lets say you have an account on MTGOX with a password that contains big and small letters
extra keys and numbers and is over 20 caracters long

is there still a chance getting hacked?

(except phising,keyloggers)
phishing is quite easy to avoid by using certificate-patrol.
keyloggers are quite easy to defeat by using keyscrambler.

Keyloggers come in 2 forms:
Hardware - which no software can protect you against - this comes in the form of a device physically sitting between your keyboard and computer
Software - depends on a lot of variables, but you should generally assume that if a malicious party has code running on your computer that it is completely compromised

Phishing is easy to avoid with a few simple precautions in most cases


To answer the more general point: proper information security is a hard problem, people make mistakes and private keys or exchange/wallet credentials leak to the bad guys
legendary
Activity: 3682
Merit: 1580
January 30, 2014, 10:25:14 PM
#8
is a safe password enough to not get hacked?

lets say you have an account on MTGOX with a password that contains big and small letters
extra keys and numbers and is over 20 caracters long

is there still a chance getting hacked?

(except phising,keyloggers)

We are going to see more and more of this as time goes by. The number of noobs that are getting into bitcoin just keeps going up and up so we'll see more coins stolen. People don't like to hear that they are at fault, so the blame will fall on bitcoin and it will have a negative impact on bitcoin's reputation. But, yeah, rich pickings for thieves. Also opens up a door for those who can offer secure wallets. Unfortunately a lot of people have failed in that area so any newcomer will struggle to do it right.
sr. member
Activity: 336
Merit: 250
Cuddling, censored, unicorn-shaped troll.
January 30, 2014, 09:03:06 PM
#7
is a safe password enough to not get hacked?

lets say you have an account on MTGOX with a password that contains big and small letters
extra keys and numbers and is over 20 caracters long

is there still a chance getting hacked?

(except phising,keyloggers)
phishing is quite easy to avoid by using certificate-patrol.
keyloggers are quite easy to defeat by using keyscrambler.
legendary
Activity: 1120
Merit: 1012
January 30, 2014, 08:53:43 PM
#6
If you use a separate computer for all the wallets (BTC, LTC, PPC, etc.) you can simply keep it offline, right? So you NEVER connect(ed) it to the internet. As long you send it to the right address, everything is fine I guess. Is that correct?
A savings-only wallet can be offline/cold/paper and you can keep sending coins to it. A wallet that you regularly spend from needs to be online at the time you spend the coins.

That's not the case if you use Armory (a Bitcoin client).

You can create an offline wallet which never needs to go online, yet you can still spend from it by creating transactions online (online computer with no private keys) and signing those transactions offline (offline computer which holds the private keys).
donator
Activity: 1617
Merit: 1012
January 30, 2014, 08:42:48 PM
#5
If you use a separate computer for all the wallets (BTC, LTC, PPC, etc.) you can simply keep it offline, right? So you NEVER connect(ed) it to the internet. As long you send it to the right address, everything is fine I guess. Is that correct?
A savings-only wallet can be offline/cold/paper and you can keep sending coins to it. A wallet that you regularly spend from needs to be online at the time you spend the coins.
newbie
Activity: 52
Merit: 0
January 30, 2014, 08:24:00 PM
#4
If you use a separate computer for all the wallets (BTC, LTC, PPC, etc.) you can simply keep it offline, right? So you NEVER connect(ed) it to the internet. As long you send it to the right address, everything is fine I guess. Is that correct?
legendary
Activity: 1039
Merit: 1005
January 30, 2014, 04:05:17 PM
#3
Never ever allow a trojan to be installed on the computer which is used to access your bitcoins. Otherwise your password security (and mail-based two-factor authentication) is just gone out the Windows. High password complexity does not help, most passwords (except for the really trivial stupid ones) aren't guessed but stolen.
The safest approach is to have a computer that is only being used for wallet stuff - no web browsing, no e-mail, no filesharing, if possible running a small and safe linux...

Onkel Paul
legendary
Activity: 1120
Merit: 1012
January 30, 2014, 04:00:32 PM
#2
is a safe password enough to not get hacked?

lets say you have an account on MTGOX with a password that contains big and small letters
extra keys and numbers and is over 20 caracters long

is there still a chance getting hacked?

(except phising,keyloggers)

If you aren't the sole controller of your private keys, you don't have any bitcoins.

Do whatever is necessary to make sure you are the sole controller of your private keys.

Offline wallets. Paper wallets. Cold storage. M of N wallets. Multisig addresses.

There are many tools available. I like Armory myself.
full member
Activity: 185
Merit: 100
January 30, 2014, 03:57:22 PM
#1
is a safe password enough to not get hacked?

lets say you have an account on MTGOX with a password that contains big and small letters
extra keys and numbers and is over 20 caracters long

is there still a chance getting hacked?

(except phising,keyloggers)
Jump to: