Pages:
Author

Topic: [XPM] 7800 STOLEN - Please read / help - page 2. (Read 3375 times)

hero member
Activity: 588
Merit: 500
August 19, 2013, 09:13:37 AM
#23
Sorry to hear about your loss. Use multiple wallets and strong passwords next time.
full member
Activity: 186
Merit: 100
August 19, 2013, 08:31:30 AM
#22
Sorry for your loss. In the future, run Ubuntu from CD, install Qt, disconnect from internet physically, never mind syncing blocks, create new wallet, extract private key and save on paper or somerhing, switch of power to computer. Now when you do mining, send all proceeds to this cold storage and do it at once you get the coins.
legendary
Activity: 1008
Merit: 1000
August 19, 2013, 08:31:08 AM
#21
Sounds great, Im a bit new...what a cold wallet?

Is it one that does stay online and up-to-date with the blockchain?

Exactly the opposite  Smiley
member
Activity: 113
Merit: 10
August 19, 2013, 08:11:54 AM
#20
Sounds great, Im a bit new...what a cold wallet?

Is it one that does stay online and up-to-date with the blockchain?
sr. member
Activity: 420
Merit: 250
August 19, 2013, 08:01:15 AM
#19
Ive encrypted it from day one, I have the wallet.dat files.

What the safest way to store them? I guess leaving them on the desktop on the server isnt a good idea ?



I have a cold wallet that I keep on a flash drive.

I made a new encrypted wallet.dat and stored it on a flash drive, writing down the address.
This is my savings account flash drive. I have a cold wallet of every coin I take as payments.
They are all in the same password protected rar. I even have a copy of every wallet/client on that flash drive as well.
There is no way conceivable for someone to hack my cold wallet.  Wink

I plan on eventually making it 2x flash drives and keeping one in my safety deposit box. This way If anything happens to the first flash drive I'm not completely boned.

Another way to store a cold wallet for long term is to put it in a password protected rar and email it to yourself. As long as Gmail is still alive and kicking you have a copy.
For shits and giggles, and so its "stealthy", Name the rar something like "Christmas Pics". If someone gets into your email they wont even think twice about trying to brute force your "Chrismas Pics" lol
member
Activity: 113
Merit: 10
August 19, 2013, 07:45:40 AM
#18
Ive encrypted it from day one, I have the wallet.dat files.

What the safest way to store them? I guess leaving them on the desktop on the server isnt a good idea ?

EDIT:

Ive been thinking...

The thing is this thief has been successful and probably feeling pretty smug right now, he will most likely continue.

OP I've emailed ypool support to see if they can help and dropped a link tp this thread in the freenode XPM channel, Ypool are the only functional XPM pool that I know of.

I'll also drop links to this thread where I can to make people aware. I suggest that if anyone else know a good place to drop a link then to do so and keep this thread updated so we dont pester admins etc with dupe requests.


hero member
Activity: 820
Merit: 1000
August 19, 2013, 07:38:47 AM
#17
Woah dude, this sucks.

Hope you find out who it is and recover your coins.

What step can I take to ensure the security of my wallet??
Make sure it is encrypted from day 1 and make sure you dont have a keylogger!
member
Activity: 113
Merit: 10
August 19, 2013, 07:31:55 AM
#16
Woah dude, this sucks.

Hope you find out who it is and recover your coins.

What step can I take to ensure the security of my wallet??
hero member
Activity: 820
Merit: 1000
August 19, 2013, 06:56:07 AM
#15
Have you checked your ~/.bash_history file?
Everything you type to the console will be recorded there, including your plaintext wallet passwords, if you are not explicitly excluding them.

So it would be easy for an attacker who has access to the machine to steal the wallet and the bash_history file.
Are you aware of this security hole?

Wow I wasn't actually. But I had never unlocked a wallet on a linux machine until after the first coins were taken and I had to unlock in order to run the sendoaddress script.  Good to know for future though!
sr. member
Activity: 259
Merit: 260
August 19, 2013, 06:49:01 AM
#14
Have you checked your ~/.bash_history file?
Everything you type to the console will be recorded there, including your plaintext wallet passwords, if you are not explicitly excluding them.

So it would be easy for an attacker who has access to the machine to steal the wallet and the bash_history file.
Are you aware of this security hole?
hero member
Activity: 820
Merit: 1000
August 19, 2013, 06:42:40 AM
#13
I don't have any coin i guess worth anything like 7k  however would be good to know there is a way to thwart people stealing your coins to some degree. I don't see how it would work ? why was he only trying to draw 10xpm at one time, why did he not extract the coins in one large transaction?

I would guess because the block value is a little over 10 XPM right now.

Really sorry to hear what happened to you, Paul. I had my Bter account hacked a couple of months back, and while my losses pales in comparison to yours, they were quite significant to me and hurt a lot.

Mail the shit out of all the exchanges and tell them not to accept any transactions from that address. Also keep a lookout to see where the coins move.
Indeed 7068 were taken in one hit, then 10 XPM at a time when each block matured.  The blocks were all around 10.5 in value to be on the safe side and account for fees he was sending 10 at a time.  The script was simply...
Code:
#!/bin/bash
while true; do ./primecoind sendtoaddress 10.4; done;
legendary
Activity: 1050
Merit: 1000
August 19, 2013, 06:38:28 AM
#12
I don't have any coin i guess worth anything like 7k  however would be good to know there is a way to thwart people stealing your coins to some degree. I don't see how it would work ? why was he only trying to draw 10xpm at one time, why did he not extract the coins in one large transaction?

I would guess because the block value is a little over 10 XPM right now.

Really sorry to hear what happened to you, Paul. I had my Bter account hacked a couple of months back, and while my losses pales in comparison to yours, they were quite significant to me and hurt a lot.

Mail the shit out of all the exchanges and tell them not to accept any transactions from that address. Also keep a lookout to see where the coins move.
legendary
Activity: 2100
Merit: 1167
MY RED TRUST LEFT BY SCUMBAGS - READ MY SIG
August 19, 2013, 06:30:39 AM
#11
Yeah this is not good, i wonder how it would be possible to give wallets or funds even more security?

BTW - can you explain more how this works

"  I turned on a single miner and set it running a script to sendtoaddress 10 XPM and ran it as fast as I could in an effort to beat the thief"

Have you got a copy of this script that runs on ubuntu 64 bit?

I don't have any coin i guess worth anything like 7k  however would be good to know there is a way to thwart people stealing your coins to some degree. I don't see how it would work ? why was he only trying to draw 10xpm at one time, why did he not extract the coins in one large transaction?

hero member
Activity: 820
Merit: 1000
August 19, 2013, 06:04:04 AM
#10
Damn that's allot hope you will find out who it was and how he did it! to ease your pain a little  (i know you are not begging) i send 10 xpm to your address, i know it's a small amount but maybe if 780 people do the same Wink i enjoy crypto and like it very much. it's not only the crypto but the crypto community what make's it worth liking it so please don't lose faith.


Regards.

thanks nfuse, I'm certainly not begging, but it is much appreciated.
member
Activity: 97
Merit: 10
August 19, 2013, 05:56:31 AM
#9
Damn that's allot hope you will find out who it was and how he did it! to ease your pain a little  (i know you are not begging) i send 10 xpm to your address, i know it's a small amount but maybe if 780 people do the same Wink i enjoy crypto and like it very much. it's not only the crypto but the crypto community what make's it worth liking it so please don't lose faith.


Regards.
sr. member
Activity: 363
Merit: 250
August 19, 2013, 05:34:30 AM
#8
Damm that sucks paul.  That really sucks.

I guess the lesson to be learned here is not to hold your funds in a wallet that exists in many many places.  It would be better practice to be routinely sending those funds to a cold wallet which you have stored in a very safe place.

If it is like you say, a VPS vulnerability, i wonder if we will be seeing more reports about this in the near future, as there were a lot of other people mining on those same VPS's.

Best of luck,
crendore
hero member
Activity: 820
Merit: 1000
August 19, 2013, 05:26:01 AM
#7
Sorry about your loss.

I have sent you small (0.15btc) donation to help you with your losses to the address in your signature.

txid: 0a393ac298ca893567b1746eea0455f916a3b2d979d4640db2bf0143522b0167


thanks usahero, that was both unnecessary but warmly welcomed.
sr. member
Activity: 434
Merit: 250
August 19, 2013, 05:18:24 AM
#6
Sorry about your loss.

I have sent you small (0.15btc) donation to help you with your losses to the address in your signature.

txid: 0a393ac298ca893567b1746eea0455f916a3b2d979d4640db2bf0143522b0167



full member
Activity: 182
Merit: 100
August 19, 2013, 05:07:52 AM
#5
Since maturing coins were still being stolen it meant that they must have had a copy of my wallet.dat rather than using my RPC. 

Why? They could have asked for unconfirmed transactions over RPC, dump the privkey of the block and import into their own wallet. This way, once the block matures, they can spend it.

I know this works because I do this very thing to group all my immature mined blocks into one wallet.
newbie
Activity: 21
Merit: 0
August 19, 2013, 05:04:10 AM
#4
Sad story =/ Hope you to recover somehow
Pages:
Jump to: