Bitcoin Forum

Hello, I've been purchasing bitcoins and selling them on and off since 2013 or so using Coinbase. One day out of the blue I get an email saying Coinbase is closing my account and they didn't give any reason whatsoever so I panicked because I've been using them all along so I had to quickly research different wallets I could use and such and an exchange because I was going to start my vacation I had plans to go to Atlantic City. So I chose to use the exchange Bitstamp and transferred my bitcoins to the blockchain wallet from the coinbase exchange. I had a total of 87 Bitcoins (this all took place around January 30th-Feb 1st of this year) I had half in my Blockchain Wallet and the other half in the bitstamp site. I woke up the next morning and checked my wallet only to find it empty my heart nearly stopped it said my bitcoins were transferred to this btc address 1CKav2MDgWxwSq1uPUFtuUBjTJHxVD8PM2. I was able to sell about roughly 5,600 or so dollars worth of the bitcoins on bitstamp the night before but when I logged in the other half of my bitcoins were sent to the address 17paadXLu4ryTgCR8ZwUxyGrP7wuAG1528. I was totally ruined and depressed my vacation ruined all my hard money poof gone in an instant. Now mind you I had all the security measures enabled for the blockchain wallet plus the bitstamp site I was not notified of the withdrawal of all my bitcoins for both things via email or cell phone text NOTHING... it totally baffles my mind now something is very very strange. The history section on bitstamp can show you a log of all that you do and it shows each ip address for each thing you do (log in, change password, withdrawal etc...) my cell phone ip was obviously different than my desktop ip in new york I was in New Jersey atlantic city at the time the hacker person had the same exact ip address as my home desktop pc in NY... that is what made absolutely no sense. Does anyone want to figure out what in the happy hell could have happened? I've lost a gigantic fortune i'm a lower middle class guy and this could have really boosted me beyond my wildest dreams and it looks like i'll never get that opportunity ever again ::sighs::   :'(

OP, sorry for your loss.

For everyone else reading this thread, if you aren't using cold storage right now it would be wise to set that up as soon as possible. Learn from the OP's mistakes instead of suffering the same consequences.

Can someone please tell me what could have possibly happened though?? I feel if I still was able to use coinbase all of that would not have happened. But if i had all the security features enabled for both the wallet and the web exchange how in the bloody hell could it have happened? And as I was baffled the person according to bitstamp website logs had my desktop ip address which was back in NY when i was in Atlantic City NJ and it said he made the withdrawal and I confirmed the email (i never received it) and i had email notifications on what in the actual hell? Same with Blockchain wallet no notifications to notify me of the withdrawal this other person made how the hell could have it happened is what I want to know ::sighs::...?  is there some security loophole exploit in Bitstamp and Blockchain wallet?

Yes.  Two things to keep in mind:

1. I like to keep my BTC in various wallets, I use six (two on my computers, in two digitalbitboxes and two online wallets with relatively small balances).  Diversification of BTC stashes makes sense to me.

2. It is important to think twice when doing any BTC actions.  I lost some BTC due to not being alert to scams.  I am now more aware of threats, and I hope it does not happen again.

Agree with your thoughts re OP and readers of this thread.

By blockchain wallet you mean blockchain.info right? I had my bitcoins stolen from them *cough* oh I mean a hacker... who also used my IP address, my password my 2FA, everything (bullshit). This sounds like an inside job. I would honestly take this to court because in the end it's probably blockchain.info's crappy security and not yours.

Definitely use only cold storage, luckily I learned that lesson for only 0.05BTC. I'm so sorry this happened to you. It boggles my mind when people store this much on exchanges or Web wallets. They are not banks. This is the wild west. They will steal your money if they can get away with it. Again, so sorry for your huge loss though. That's horrible.

Sorry about your loss.  I found this discussion from Andreas Antolopolis on Hot vs Cold wallets thought provoking:

https://youtu.be/Aji_E9sw0AE

"The only time I put my money on an exchange is when I am going to sell it.  Then, it's three confirmations and sold.  I don't trust banks.  Why would I trust a startup that's a couple years old?"

I had a "few" btc taken back in 2014. I figured they got in through TeamViewer I was using to check my miners on my internal network. Probably slapped a keylogger on and sat back and waited, which is how I guessed they got my encryption password.

Sneaky bastards cleaned me out of all alt-coin wallets (using a wallet.dat snatcher) but didn't access my trading sites thank god. Hundreds of coins lost tho. I know that sinking feeling bud and it truly sucks. I now know what all those poor shmucks at gox felt...

Cold wallets, multiple trading sites with 2-factor access, zipped and encrypted wallet backups sent to cloud services and emailing yourself, offline laptop for hot wallet transactions (quickly on-and-offline). I aint effing around this time.

.. oh yea. Buy gold and silver coins in your county's denominations. Just in case the whole blockchain thing doesn't really takeoff with the next generation lol.  ;)

NEVER put all your eggs in the same basket!!  8)

hey  cpfreeplz , so is Blockchain.info a legit wallet? you said the same thing happened to you when everything was enabled?with the Blockchain.info wallet I don't think there's a way to see which ip addresses logged in to the wallet but with Bitstamp exchange there is . I only opened 1 withdrawal amount for 5,500 the night I was in atlantic city and I DID CONFIRM that transaction i still saved it in my email I never received the withdrawal email of ALL my bitcoins yet bitstamp technical support told me they have to get my confirmation in order for it to process which they never got because I received 0 email about the withdrawal what in the actual fuck.....

Your own wallet on your own computer had currencies stolen?!?!

Not hard to do if you have total control of the pc.

Just like your username, there must  be a little ANARCHY in that situation. Ordinary guys like us who are not really into tech things and may not be so well-rounded with security matters are people who are at risks. There seems to be a big industry for hacking online even before Bitcoin and they expanded amazingly with the introduction of Bitcoin because unlike Paypal it would be virtually impossible to reverse what have been transacted already in Bitcoin ( a big plus and sometimes a minus point depending on the situation).

All i can say is I can feel your pain and the ruin the incident bought to your finances. Sad to say that Bitcoin can already be gone forever.

Jesus, for 87 bitcoin I'd probably be out for the dude's head.  That's no small amount by any means, as I'm sure you're painfully aware.  It kinda surprises me that people around here just seem to take these things philosophically, like the Master-P scam and Cryptsy and everything else.  Some try to get their money back, but it seems like most don't.  And maybe there isn't a way, but I do hope you try.  That fucking sucks.

This theft happened due to you using web wallet and this is very common for the hacker to hack and steal the bitcoins, this may be due to lot of option like if you have downloaded some malware exe , or in some link you would have used the same password what you used in webwallet.

Because i have also faced same problem but i was using desktop wallet , and this happened due to i downloaded the malware exe file and within 2 min he stoleed my 0.15 btc which i earned through gambling and on that time it was high loss for me. but he was not able to hack my webwallet coinbase as i have enabled 2 fa security with sms and email confirmation. So it is clear that use all security measures to avoid this hacks.

Something I don't understand and i'm furious at Bitstamp I made a withdrawal sold about 5,600 of bitcoins I RECEIVED that email confirmed it... yet the part where this asshole withdrew the rest of my bitcoins in Bitstamp I NEVER received ANY email yet on the bitstamp log it says the person withdrew 34 bitcoins ,Bitcoin withdrawal request: email was sent to user, Bitcoin withdrawal request: email confirmed by user <---- that NEVER HAPPENED and i've opened security tickets on bitstamp explaining that I NEVER received that email oking that shit!.... what the fuck how did that happen is it possible that it was negligence on the end of Bitstamp or an inside job? I know that sounds conspiracy minded but what the hell am i supposed to think if the 1 withdrawal i know i did i received an email for and confirmed it and i only have MY email address for the website i never received any other notification emails for that HUGE bitcoin withdrawal what the fuck??

They have probably been monitoring your keystrokes or something for some time.  They probably logged into your email, confirmed and then deleted the email before you even received an alert on your phone.  

If you still have your computer, with the same info, you could try putting it inside a virtual box and monitoring network traffic.  Then ... try to bait the bastard somehow, though they would be hiding behind a VPN.

I went into my email provider though after it all happened and checked the devices logged in and there was no suspicious ip addresses though that is the kicker.... as far as the whole Bitstamp shenanigans. If my desktop ip address was the ip used to withdrawal all my bitcoins is it possible a person on the Bitstamp exchange on their end did the hacking?  How else could they manipulate the ip addresses if i'm in atlantic city nj on my cell and my desktop computer pc IP in new york is allegedly being used to do the bitcoin withdrawal thing....

I don't know, but it would lead me to believe the funds were accessed by your computer.  Either somebody physically went to your computer or remotely.


Unless there was a break-in from an ex-girlfriend or somebody you had a recent falling out from, I'd think remote access.  If your internet is always on, then somebody may have found a "backdoor" port into your computer.  You may have received an email with a photo, a link to nowhere or some other embedded Trojan.  

If you were gone, the person probably new you were going to be gone.  They may still have access to your computer.  My advice would be to find a professional you trust to analyze your computer.  It could be a couple grand or a couple hundred bucks, but that's where I would start.  I think there is something on your computer like a keylogger, which are über hard to find without monitoring the network traffic.

EDIT: Think of your computer as potential evidence.  That's the best place to start, imo.

I have tried to examine my computer should I be looking at like Administrative tools or something I've tried to look in the past after this took place is there something specific i should look for like in.... Event Viewer or something like around the date of 1/31 -2/1?

I'd use Network Monitor.  See what traffic is coming and going.  If it's a keylog, then it probably only sends a couple of kb of information at set intervals, e.g., daily.  They are difficult to find.  I had somebody open word and type threatening messages to intimidate me.  I gave it to a "white hat hacker" friend, who was able to put "my computer" on another computer and wait.  We found out it was somebody from EV, going through a VPN in Belgium. It was somebody I knew. F****r!!!

If you'd like to see how much you can trust exchanges, this video stays in my mind: https://www.youtube.com/watch?v=T1X6qQt9ONg

They later found the exchange had 80,000 BTC stolen, so they crashed the price to less than 0.1¢ and "withdrew" those coins.

It's unlikely to be an inside job.  Bitstamp is subject to EU regulations and audits which makes it very difficult for them to pull off such a maneuver. 

The chances are that you had a keylogger - a type of malware that many antivirus programs can't detect.  It monitors everything you type so that the virus can find details about bank accounts, potentially e-mail accounts, and other sensitive information.  I would suggest that you instantly factory reset your computer, set up a new operating system and more.  DO NOT ACCESS YOUR BANK ACCOUNTS.  The keylogger may have been monitoring your activity for weeks before to pull this off.

This is why many people hold their Bitcoin on computers that never have access to the Internet, on hardware wallets (https://trezor.io/) and in paper wallets when they're intending to hold a significant amount for a long period.  I'm extremely sorry for your loss and hopefully this can serve as a lesson to others that holding your Bitcoin online is never safe.

Totally agree with this.  All signs point to it having orginated in your own PC.  Did you check the browser history?  It does sound like they deleted the email before it was pushed to the phone.  I sometimes do that by accident, check it in one place, delete it, and then it never even gets to the phone because by the time the phone checks for email it has already come and gone.

You should consider your PC compromised.  Unless you actually know a person who may have done this while sitting at the PC...

I went through my browser history in Feb. after it happened and I just went through it again right now and there's nothing that would point to someone going on this computer. I live with my parents and my door room is always locked when I go out. My mom and dad are not computer literate they are the only ones I know that have bitcoins. My computer was left on when I left to Atlantic City from January 31st-Feb 1st (the hack occurred Feb 1st sometime in the very early morning) My cell phone was connected to Harrahs wifi at the casino for which I put my user credentials you're allowed to connect up to 2 devices so I did my firestick and my cell phone. But people think it happened on my desktop computer so.... there's absolutely no trace of this hacker person doing anything on my computer it's driving me insane. Bitstamp did say the withdrawal came from this desktop computer because the IP address was the same how in the fuck it makes absolutely no sense lol. Throw the idea that anyone went on this computer in person because my parents were home the whole time and they don't have the intelligence capability nor would they do that to me lol..... So the Bitstamp hack people on this site think it happened on my desktop computer which according to the ip log on bitstamp makes sense but it doesn't make sense to me because how in the happy fuck did it happen.....

External hack possible.  I'd assume they are still monitoring and have access to your computer.


Not an accident.




Yup. Bitstamp is one of the most strictly regulated exchanges.


It could have been anything from a targeted attack (somebody overheard you talking about your BTC) or a phishing attack (bad website/program). As others have stated, DO NOT ACCESS ANY BANK ACCOUNT INFO.  I'd get onto a different computer and access your accounts to change all of your passwords to P@559hra53sesTh47ar3HARDt0kN0^^ (not my password).

I agree with Iranus.  You'll need to completely reload your computer.  I'd even 0 out the HD.  Assume the person is monitoring everything from your computer.  If there is any chance of tracking down this SOB, take your computer to as really good computer professional to copy your PC into a virtual box.  This way the person will still think they have access to your computer, but won't.  You can then have a monitor traffic monitor for this box. 

If you give it to the right person and take the due care, you may be able to get the person back into your computer.  Do not type anything about (emails, posts, etc.) about doing this.  It can take a while, but the person will come back.  Then, you'll be prepared.  I think the person knew you were in Atlantic City.  Think about emails, reservations, chats, documents that would have laid out your itinerary. 

IMO, you have three choices:
1. Try to put it in a virtual machine / reverse hack (get coins back?)
2. Clear your computer completely and reset all passwords (no chance of reverse hack)
3. Do nothing, but know you are likely vulnerable.   

If you go with option 3, don't access sensitive information from you computer unless you want to take the risk.

Season 1, Episode 5 of "The White Rabbit Project" on Netflix goes into detail about how they are able to pull this off.  It's not just you.  This is happening to banks, as well.