Bitcoin Forum

My bitcoin wallet was hacked again even protected by 2FA google authenticator and secondary password. Anyway i created a new wallet, but how is this possible ???

What kind of wallet you using?

The only thing i can think of is your lack of security on both your phone and computer because my spare coins have remained safe on a online wallet for over a year. What wallet was it that has apparently been hacked?

You created a wallet on the same device where the first was hacked?

mitm,  they are simply hijacking your logged in session and taking your money.

Are you using a web wallet?  You shouldn't be doing that - they likely have your saved session data.

Use a paper wallet that was generated from a computer that is offline...print it, then make sure any memory is not stored in the printer.

If that doesn't help then consider that there may be an inside job happening where you do bitcoin business and your machine is compromised.

[sarcasm] what kind of king of btc gets consistently jacked like this? [/sarcasm]

From reading his post history as well as this (http://bitcointalk.org/index.php?topic=1002166) thread, I think it's likely that he's using Blockchain.info.

Yes blockchain but now i remember i have a Multibit desktop wallet in my Linux at home.

I found where this hijacking is being done,have to uninstall google chrome, many malware sitting in the mystartpage in there.

By the way the guy that did sarcasm, lol i love that and you are absolutely right but what can i do. I guess they know my new wallet created so i am sticking to Multibit for now.

Can Multibit send and receive bitcoins cause i do this a lot daily???

I would suggest you do a clean install of windows or whatever operating system you use and ofcourse install some security softwares. Make sure to take back-up of your keys before re-installing the OS as it would delete everything.

And yes, Multibit can do both. You can also take a look at other desktop wallets such as Electrum.

Yes, it can send and receive bitcoins after you download the block headers. Compared to downloading the actual 30 gigabyte blockchain file, it only takes a few minutes to download the block headers so it's very fast. Another lightweight wallet that I'd recommend is Electrum (http://www.electrum.org/) which works in pretty much the same way.

You said in your other thread that your work computer running Windows had 484 threats and 23 infiltrations. That's actually probably a conservative estimate since malware scanners typically can't detect and remove everything especially in cases like yours where there are so many infections. Are you still doing anything Bitcoin-related on that computer? If so, then you really need to completely reformat the hard drive and do a fresh installation of Windows (actually you should probably do this even if you're not):


Generally speaking, Linux is impervious to malware so you should be safe as long as you don't visit phishing sites which can steal your bitcoins regardless of what OS you're using.

Thanks ,sticking to Multibit then :) . And not touching the Windows OS for bitcoin or whatsoever.

If you want to be completely safe, then it's probably a good idea to assume that any online account accessed using that Windows PC is also compromised. Especially since you said that Malwarebytes was able to detect keyloggers. So you should change your passwords, security questions, etc. too if you haven't already done so.

once you do a fresh os install make sure you use legit software or download it from a trusted source.
people can secure their wallets as much as they want, but if their pc contains a virus then their effort was for nothing.

Now i have uninstalled google, did a restart, scanned with Malware bytes , the 7 unwanted programs google chrome extensions are not anymore. Changed the wallet 2FA to email , google email which i have also via a SMS message. Am surfing with Firefox, its feeling great now with ADBLOCK , and avira browser security ,plus malwarebytes and Eset smart security latest update. I am giving a final go to my old wallet. What do you guys think ???(I know ,i am too stubborn but thats me)

why people still store on online wallet, is behind me, my advice:

buy a old laptop, and leave your wallet there, use that laptop just for that nothing else, like if it was your bank

If your old wallet has been compromised in the past, then it is quite possible that the thief already has your private keys.  This means that they no longer need access to your wallet.  Any time you receive any bitcoins to any address that existed in the wallet prior to being hacked, the thief will be able to instantly remove them.

If you are determined to continue using blockchain.info, then you should abandon your old wallet and create a brand new one once you are absolutely certain that you no longer have any malware on your computer. (Be aware that malware scanners don't and can't find ALL malware).

Never use a online wallet 8)

Thanks a lot mate, then best bet is MULTIBIT. I hope it can use 1 simple address for sending and receiving as i was reading its faq and it says you can add as many addressess as you like for sending and receiving, but i only need one.

The issue is more likely local PC security related than it is to blockchain.info . If your local machine has malware or the network you are on is insecure ( sniffing, mitm, etc ), then it would be easy for an attacker to get access to your session and steal your coins. I think blockchain.info is fairly safe to use as long as you ensure the security of your local machine and network. Having an offline wallet or hardware device is of course always preferred at the slight cost to convenience.

It might be better now, but blockchain.info is not exactly known to be secure.

Seems like the problem is malware or a keylogger. Format your system erase viruses, the only way the 2fa was cracked was because they had access to email.

The only way the 2FA was braked was only because they knew my private key and that disable anything and permits the hacker to do what they like. Anyway this is old story now. Am sitting at my home with my new Multibit wallet, which looks as awesome as it can ,knowing here i am in Linux and no one can touch this wallet of mine. So thanks again for all your help mates.

Its not because you are on a Linux you're immune. Still take care of the computer that holds your wallet!

Even doing this, you are likely not safe.  If you have a key logger in there, you may still have something lurking.

You need to reinstall the OS (backup your keys and anything else that is important first).  Windows, Linux, Mac OS X, whatever.  Malware bytes may have missed something and you should not assume that it caught everything.

You don't want to have to go through this again, so I'd make sure that you reformat and reinstall.

How do you store your backups?

Could access to your backups + passphrase have been how your coins got stolen?

You need an OS reinstall on any device that has communicated with that infected computer. Antivirus software isn't enough.
From a freshly installed computer reset all your passwords as well.

Here is how you do it right:

https://bitcointalk.org/index.php?topic=858604.0

https://i.imgur.com/DpjSiSk.jpg

Electrum portable works extremely well on an aegis secure key

how do you know if it is hacked ? who was the wallet provider ? i always use blockchain wallets and never had any problem , what is showing when you are opening it ?

Dont celebrate too early, because altho using linux makes you less vulnerable it doesnt make you untouchable. There has been an increase in linux attacking mallware
designed for people like you, who think that "there are no viruses coded to attack linux systems"
Just be careful mate, better make paperwallet's, just to be sure

cheers

Thanks all for your replies. What i mean is i am using Multibit now, so the chances to be hacked are far far less then blockchain.info. I know Linux is not immune, but also cannot be infected with 490 spywares like Windows. No matter if i reinstall, keep Malware bytes and an antivirus, Windows still have 99% of chances to get infected. It sucks definitely.

well next time don't download to many shit, because having so many spywere and malware, isn't really windows fault

Use multi sig wallet.

Also, keep your BTC in a cold storage.

Finally, do NOT download internet porn.

I preffer hardware wallet, but if you preffer 2FA, use very old phone without OS and internet access just to receive the SMS.

If you still want to use online wallets, try some linux distribution that is set just only for that purpose. Maybe TAILS?

Online wallets are always risky. Never keep all your bitcoins in one place.

if it requires google to protect it, then its an online wallet..

try using local (on your computer) proper wallets, rather than having privkeys online

Mate i am Muslim just to let you know, i don't watch porn let alone download it. So your sense of humour is wrong in here, although i like humour very much.

I am using local now Multibit from my Linux machine at home.

I doubt it was a joke and was sound advice to prevent infections. When Ever I help someone clean their computer from a virus I tell the not to watch porn online or if they must have to to go to redtube, Pornhub, Xhamster, yourporn, ect... and don't click on any ads even if they are an older married couple and always hear the same thing that no one watches porn.... but they always are getting infections that usually come from going to shady porn sites ... why is that?

Perhaps you don't ever watch porn but you would be the exception to the rule because arab countries are some of the largest porn consumers in the world:

The Middle East already has the world's most popular porn star ­— 21-year-old Mia Khalifa from Lebanon.

According to research put out by PornMD, the terms “creamy squirt,” “blowjob” and even “Kendra Wilkinson” (Hugh Hefner’s former girlfriend) appear on the top 10 most-searched terms coming out of countries like Iraq, Syria and Iran. The word “Arab” is the number-one searched porn term in Egypt, Iran and Syria. Some get a little creepier. “Pain” lands at Iraq’s fourth most-searched term, while “father daughter” and “brother sister” come in at numbers four and five for Syria. Both the words “mother” and “mom” appear on Egypt’s top 10 list.

Search Engine Request Keyword Trends for keyword sex:
1.  Pakistan    
      2.  India    
      3.  Egypt    
      4.  Turkey    
      5.  Algeria    
      6.  Morocco    
      7.  Indonesia
      8.  Vietnam    
      9.  Iran    
     10. Croatia    

This is not an attack against Muslims as the US state with the highest consumption of porn is the religiously conservative mostly christian state of Utah. The correlation seems to be that there are much higher amounts of porn consumption with sexually repressed areas and people where their laws or culture make sexuality taboo.

But sure, you don't watch porn, just write down those sites above and make sure you don't click on any ads when you aren't watching porn in the future. Additionally, keep your OS patched with the latest updates, make sure your flash and adobe reader plugins are up to date, and use a separate browser that is locked down for casual surfing with no flash, no javascript, https everywhere, no java, ect... and when you aren't watching porn you can switch to the other browser that allows for flash to visit the safe list of porn sites, that you have no need of (but bookmark them anyways  ;)).

Damn, all this security talk makes me not want to watch porn as well.... time to do some security research.

Just wanted to say i am not from any of these countries ,lol, i am from Albania, i know a lot of my co citizens watch porn, but i really don't.  If i will do i have kept the list site which not to visit from your post.

And honestly if that Khalifa something you re talking, i hope someone cut her head off , i mean it really, shame of the Muslims if she is who you says.

It is shame for all human kind if you are serious.

Wow... ok , Ill be sure to ignore you and stop assisting you.... you are either a troll , one of "those muslims" or incredibly bad at jokes.

I recommend everyone else immediately add him to your ignore list and we ostracize this sick asshole.

I would lime to say a website called thumbzilla is great,  owned by ph and no ads. Keeps the computer safe and lets be real most people need some alone time. The stupid ones click on ads  and unknown sites.

i think your pc have virus or spyware something.
are u download something ? because im done with this before.
u can download some spyware on google. theres many.

Thanks guys, but everything is fixed now, am using Multibit local wallet and is on my Linux home machine. Not at my work, i don't touch anything there anymore, so far so good.

just use blockchain  , you prob got a rat on your comp maybe

Not ever touching blockchain again. I have started with Multibit at home, going great so far, so am sticking to it. Added a password to my wallet there ,although not needed, but just for added security. So far so good.

What's your online wallet?

Does that wallet need GA to withdraw?

If the wallet needs a GA code to withdraw, it means the hacker is very powerful. He can bypass the withdraw GA.

It's not safe to store coins on online wallet, I prefer big exchange wallet, so I can withdraw money easily and it's rather safe.

Yes he bypassed GA, but not because he is powerful, because he had my private key of my wallet. I have GA in different other places, not even once were they breaked. So i doubt him being powerful to break GA, its the safest bet yet. And i keep my phone without internet access just to be sure.

I do not know if it's a good idea to use Gmail for 2FA on any wallet... those are the most targeted accounts on the internet.

Linux will give you a false sense of security.. yes you will most likely get less infections, but it takes only ONE infection for you to be compromised.

FREE TIP : Avoid 2 topics on this forum.... Politics and religion ... You make enemies very quickly and you will NEVER agree with someone from the opposite side. 

Thanks, maybe Linux is not that secure at all, but at least i have the local Multibit wallet sitting on my PC ,rather than to rely on Blockchain.info to store my data. I said goodbye forever to Blockchain.

Please if you have had a keylogger on your computer, please reinstall the whole OS.
How good programs like Malwarebytes can be, I have often seen that there is a hidden infection staying after using almost every scan.
A clean OS reinstall is the only way to be safe.

Further more I agree totally with offline / hardware wallets for big amounts.

That would be ok ,but you are not understanding me. I have Multibit in my home PC. Its my work PC who is infected and personally i dont care much about the work PC, never using BTC in here anymore.

If you don't want to re-install Windows and you're not certain that your PC is free from keyloggers, I would suggest you use a virtual keyboard every time you put password in your Bitcoin wallet.

All modern Windows versions come with in-built virtual keyboard. Also may top antivirus programs come with virtual keyboard, not sure about ESET.

I have started the Multibit new wallet at my home PC running very smoothly so far. Thanks for your suggestions, as i say i don't care anymore about my work PC.

Among all the Bitcoin wallet online at this time as Coinbase, Blockchain,... Which one is the best ?

Thanks !

Neither of those.

Coinbase is NOT a wallet, it's an account.  You donate your bitcoins to them, and in exchange they give you an account in their database.  The account indicates a promise on their part to send an equivalent amount of their bitcoins wherever you want whenever you ask.  You have to trust that they will always be able to fulfill that promise.  There are many things that could destroy their ability to fulfill that promise (system down, hacked, embezzlement, accidental or intentional destruction of private keys, government agency, etc).

Blockchain is a wallet.  There have been a variety of issues where individuals have lost bitcoins from their blockchain.info wallet. Weak passwords and browser plug-ins both contribute to the security issues. It can be relatively safe as long as you are capable of identifying and preventing the following potential issues:

• malware on your computer
• malware in the javascript served up to your browser
• weak password
• exposed password
• failure to create and properly secure frequent backups

Sounds like classic user error to me. Better luck in the future, friend.

set up your new wallet on new machine / HDD i think!

How much got taken?

It is on a new machine, so far running so good, no problems at all. Its on my Linux machine, can't open it elsewhere like i did with blockchain opening it everywhere and i got what i deserved. It was not much thank God, 0.018 BTC in total. At first 0.013 then i added GA to authenticate, but not much can be done with anything once the hacker has your private key, can bypass anything. Feeling great with my Multibit now. I hope this cannot be hacked so easily considering running on Linux. Added a password just to make sure.

THis except for your "spending" BTC.

My main storing wallet was created on a harddrive that has never been connected to the interenet.

Multibits connects online not through webpage, but it connects. Its working cool so far.

Would a MITM attack be visible in the logs? Would the login be shown as coming from your own IP address or from another IP address?

are u already scan ur computer with antivirus or spyware.
i think your pc have virus or spyware something.
are u download something ? because im done with this before. mybe its contain virus.
u can download some spyware on google. theres many.

a hw-wallet like trezor or any similar one is the best solution i think.. This would also remove the risk of malware, keyloggers, etc. And might even be cheaper than an old laptop.

i recommend the Trezor "wallet" from slushs company satoshilabs.com. (www.buytrezor.com) - heres an interesting review: http://www.coindesk.com/review-bitcoin-vault-trezor-lives-name/

heres a nice overview on all the hardware-wallets for btc:
https://bitcointalk.org/index.php?topic=899253.0

Yeah it's impossible (or very unlikely) that the reason is anything else but some sort of keylogger/malware, your defense was strong enough pass wise but not OS wise.

again? sorry for your losses but consider that your fault. first of all never trust an online wallet service such as blockchain.info
secondly, from now on, you can use an old laptop disconnected from internet as a secure place to store you coin. otherwise you can download and execute a live version of Tails OS to create an offline wallet with Electrum

Not again, only 2 times max, now i have email 2fa and so far nothing is stolen from my blockchain wallet after doing this. still i am better with the Multibit in Ubuntu. I added a password to it for added security. Its sitting in my desktop.

Attacker might get your private keys by keylogging or by sidejacking (it'll happened when you used public Wifi)

Its in my desktop at home, no WIFI, only LAN connecting, i know this can be hacked too, but is much more difficult then Blockchain and at least is a software, attacker need to have access to my desktop. I keep this in my home PC, not in my office PC.

add some anvirus protection and key-stroke protection like zemana anti-keylogger, they help alot against malware and other stuff

Using Ubuntu Linux is probably a good idea. It may be worth having a dedicated machine just for holding your wallets.

Best idea is to have an offline laptop to store the coins.

Learn to use electrum. At least even though a thin client, you HAVE YOUR OWN PRIVATE KEYS

Once your username and password are known to a snooper, they can access your precious bitcoins, whether the credentials are for an online exchange account, an online wallet, your mobile wallet or your PC wallet. If your PC or mobile is connected to the internet, an attacker can access it using security vulnerabilities specific to the device’s OS.

If, like most people, you use a password formula for various logins then you should consider strengthening your passphrase scheme (formula) to generate more secure passwords. Often, the theft of one of your password can reveal all of your other login passwords, because they are variations of a formula. Botnets exist to decypher and extrapolate these formulaic passwords.

A standard Bitcoin transaction requires your private key to unlock its bitcoin outputs. If a third party obtains one or more of your private keys (stored in your wallet) then, he can transact any coins previously received by that public-private key pair. Such a transaction doesn’t have to be made using your wallet – it can be initiated on any device and from anywhere. This is a design feature of Bitcoin which allows, amongst other things, the ability to import and export addresses between wallets.

The following infographic can explain more about it:

Your infographic has several incorrect "facts".

Additionally, it has some "statistics" that are likely to be misleading.

same type, when some people got lost his bank acct access either email.

so, virus or similar like that kinds is we should got concern

i really don't understand why people are posting that stuff [err infographics]. Its neither clarifying anything nor helping the OP to get his btc back or giving him an idea of how to secure his enviroment for future btc-traffic/handling . I just can repeat myself again and again: Your BTCs are as safe as your computer is. Means: Your wallet is an open safe as long as your computer isn't secured properly.

lets put this "diplomatic expression stlye" aside and become "lil bit" straighter:

short form: "That infographic is sh**y and overloading this thread because its containing incorrect "facts" (for example mtgox hack alone was +500m in 2014-exrate) as well as being short of +50%..." delete that mess. i think OP s got enough sh** around atm. and might also have too much sh** in his head. read the rest of this post to understand what i actually mean.

-------- -------- -------- -------- -------- -------- -------- -------- -------- -------- -------- -------- -------- --------
@OP: just read your below post.


Are you serious? So you want someone to cut her head off?? Or put it like that: You HOPE someone does it??

something else. I haven't found any BTC key or so in your first post. Can you please post the btc-key which you claim your coins "got stolen" from?