Bitcoin Forum

Someone has logged in from the ip 186.145.27.170 and sent all my coins (76.10BTC) to 14nKZU5S2BkLXStnmuF9hcaWMZyyUBc4ea. Also requested to buy 44.6BTC from user miernik (I doubt it's him, I've dealt with him before, has a lot of reviews and it would be silly).

I'm from Spain and the ip is from Bogotá, Columbia. I don't know anybody there.

I don't use the password anywhere else (>30 characters), I don't use the account from another PC and I use Linux since 2001, so I know my stuff. I suspect the site has a security hole.

Please help. It's not a lot of money but it's all I have...

http://www.reddit.com/r/Bitcoin/comments/14ofz5/bitcoins_stolen_from_bitcoinde/

edit: Also someone accesed from 190.19.179.211 (Argentina, it seems)

edit 2: I just noticed the password is saved in my phone's browser. Guys, never do that. Also, I think someone in the Spanish translation of MIUI is probably the thief.

edit 3: I overreacted in the MIUI.es forums, but I realized there are too many attack vectors in my phone and I don't have proof. Also, I disabled Flash as it's the software I haven't kept updated in my PC.

Sorry to hear of your loss.

Thus far, I have never heard of anyone who stored their bitcoins on a paper wallet and had them stolen.  Please use paper wallets.

That still doesn't protect against a replay attack.


Yup, a lot of that going on.  

MtGox account got cleared out
 - http://bitcointalk.org/index.php?topic=85533.0

All BTC disappeared from my Mt. Gox account
 - http://bitcointalk.org/index.php?topic=88368.0

Another:
 - http://bitcointalk.org/index.php?topic=80562.msg941759#msg941759

And another: My mtgox account got compromised, what can I do?
 - http://bitcointalk.org/index.php?topic=84585.0

Yet more: MT.Gox account hacked - lost 2k USD - MT.GOX will not explain how.
 - http://bitcointalk.org/index.php?topic=89142.0

And more again: Bitcoins stolen from MtGox
 - http://www.reddit.com/r/Bitcoin/comments/x8lcv/bitcoins_stolen_from_mtgox

And yet more: Stolen from Mt.Gox coins. Help return the coins.
 - http://bitcointalk.org/index.php?topic=119816.0

Or more here: Email from Mt.Gox this morning.
 - http://www.reddit.com/r/Bitcoin/comments/z0na5/email_from_mtgox_this_morning

And even more here: I just had $715 stolen out of my Mt. Gox account.
 - http://www.reddit.com/r/Bitcoin/comments/12j9gi/i_just_had_715_stolen_out_of_my_mt_gox_account

And the biggie: Bitcoinica MtGox account compromised
 - http://bitcointalk.org/index.php?topic=93074.0

With more here: Unauthorized Account Activity on my Mt.Gox Account - Account Compromised/Hacked?
 - http://bitcointalk.org/index.php?topic=94140.0

And on other services as well. Here same thing happened to some GLBSE users:
 - http://bitcointalk.org/index.php?topic=84893.0

And elsewhere, BitMarket.eu in this instance:
 - http://bitcointalk.org/index.php?topic=5441.msg1259168#msg1259168

And now on bitcoin.de as well: Bitcoins stolen from bitcoin.de.
 - http://bitcointalk.org/index.php?topic=130264.0

In none of these was the person using multi-factor authentication. Mt. Gox has had Yubikey support for a while. Mt. Gox accounts now support Google Authenticator:
 - https://mtgox.com/press_release_20120605.html

If the exchange you are storing funds with doesn't provide OTP, consider using a different exchange:
 - http://bitcoin.stackexchange.com/questions/4113/which-two-factor-authentication-methods-are-available-at-which-exchanges

If you are storing funds in an EWallet, consider using a paper wallet.

Here is a fantastic guide: How to use 2-factor auth on mtgox, even without a smartphone (from a second device, of course, not from the same computer you log in on).
 - http://bitcointalk.org/index.php?topic=111943.0

As I already asked you, what made you think you we're robbed by one of the MIUI Spain team members? How, over the mobile phone?
 Please explain.

Also I don't understand what you're trying to achieve by accusing the Spanish MIUI team http://miui.es/index.php/topic,5028 and also posting it on reddit http://www.reddit.com/r/Bitcoin/comments/14ofz5/bitcoins_stolen_from_bitcoinde/

That's the only plausible explanation, other than this hole (https://www.adobe.com/support/security/bulletins/apsb12-22.html) in flash.

Please remove the accusation form OP and reddit

How you can be so sure that it wasn't a MIUI "cooker"?

I was asking you the same question but you didn't answer, how can you acuse a ROM "cooker" to be person that robbed you? You have any proof to back that up?

You now say maybe is a Flash issue and continue to have the accusation posted. I don't understand what you're trying to achieve here.

I don't care if no one believe me, that's my opinion after all. For me is just enough proof to never trust a custom build for something so big (as an entire OS) from a little known source.

You keep stirring the shit and avoid answering my question.

Again, how did you linked the "robbery" from bitcoin.de and password saving with the Spanish MIUI community?

So based on your assumption that you did nothing wrong, bitcoin.de owners haven't either and you have the best guarded password in the world the only weak link was your mobile phone, hence the Spanish MIUI dev community. Basically you started throwing shit at whoever you had closer.

Now it comes, why did you kept almost 800 EUR on an exchange that doesn't even provide 2fa auth? Your edit on reddit and 15 years working in network security tell me that you know what it is and how it works, so how did you left so much money in there knowing from the beginning it was only guarded by a simple password?

Do you have any screenshoots of your bitcoin.de account history?

I don't "keep" them, I'm trading all the time, I send bitcoins there because I want to sell them (duh!). You should not worry about MIUI reputation, bitcoin.de is the culprit for not having two-factor.

https://i.imgur.com/HWniq.png
https://i.imgur.com/RmauP.png

I hope this serves you as a lesson and never leave the bitcoins on the same exchange you bought them.

I didn't bought them there.

Worse, please don't tell you bought them on an exchange that had 2fa auth and you send them for safe keeping on bitcoin.de

Please stop it. I already said I sent them there to sell them, not for "safe keeping".

Ok, I understand, please remove the baseless accusation from the OP