|
Title: How someone stole my bitcoin within 1 second ? Post by: btctousd81 on June 30, 2017, 06:11:41 AM please hear me out.
i was playing with bitcoin address generator vanitygen64 and blockchain.info and http://directory.io/ which happens to have all the possible bitcoins address with private keys., i know they generate it on the fly depending on the page number. I took first bitcoin address and private key from last page of site to make sure, btc wont get stolen quickly. http://directory.io/904625697166532776746648320380374280100293470930272690489102837043110636675 i sent some funds to ythe first address on that page, https://blockchain.info/address/1PDSZN2qgFcuay1vVRxYo1yp9gfXeSKJgt as i imported that address in my blockchain.info account, i was waiting for the confirmation , but before it could get confirmed , another transaction is made without my knowledge, by someone who has the private key(offcourse private key is publicly open on site directory.io). so my question is : 1) is this really a theft or i am missing something here ? like transaction fees or something else ? 2) how can he do so fast ? obviously its not done manually but still 3) why would he watch some random address ? which has not balance. 4) how is he doing this ? any links or direction would be great. thanks for your time., have a great day ahead. edit: i was using vanitygen64 to generate some address and private keys pair. but first i wanted to see if someone can steal btc using only 51 char long WIF format. Title: Re: How someone stole my bitcoin within 1 second ? Post by: Herbert2020 on June 30, 2017, 06:23:40 AM This is how a real random private key looks like (generated with bitaddress.org to make a point):
FC46D306D1CA227F3A7A8342571A1CA19C13C122C7C4FA33C9BA7699E5D19481 and here is your private key: FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFEBAAEDCE6AF48A03BBFD25E8CD0364101 also that website doesn't have "all" the private keys and doesn't even generate all of them it fails after some point if you continue going deep enough. it also has nothing to do with Vanity address, i don't know why you even mentioned it here! Title: Re: How someone stole my bitcoin within 1 second ? Post by: n0ne on June 30, 2017, 06:25:50 AM Several such incidents have happened in the past, during the generation of vanity address you could have missed the private key. This might be used by some hackers. Without that I don't think your bitcoin gets lost from blockchain wallet. Have a clear picture, because only your mistake could have resulted in the loss or theft. The wallet is good with perfect security features.
Title: Re: How someone stole my bitcoin within 1 second ? Post by: btctousd81 on June 30, 2017, 06:37:08 AM This is how a real random private key looks like (generated with bitaddress.org to make a point): FC46D306D1CA227F3A7A8342571A1CA19C13C122C7C4FA33C9BA7699E5D19481 and here is your private key: FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFEBAAEDCE6AF48A03BBFD25E8CD0364101 also that website doesn't have "all" the private keys and doesn't even generate all of them it fails after some point if you continue going deep enough. it also has nothing to do with Vanity address, i don't know why you even mentioned it here! i was using vanitygen64 to generate some btc address and private keys pair. but first i wanted to see if someone can steal btc using only 51 char long WIF format already present on public site. private key associate with 1PDSZN2qgFcuay1vVRxYo1yp9gfXeSKJgt is 5Km2kuu7vtFDPpxywn4u3NLpbr5jKpTB3jsuDU2KYEqemizF9vA its in WIF format. how did you get FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFEBAAEDCE6AF48A03BBFD25E8CD0364101 private key ? thanks Title: Re: How someone stole my bitcoin within 1 second ? Post by: achow101 on June 30, 2017, 06:37:39 AM In what way do you think choosing an address at the end of the private key address range would be secure? There are most definitely people who are monitoring the private keys at the beginning and the end of range and will swipe any and all Bitcoin sent to those addresses. It is almost definitely a bot that probably monitors a few thousand private keys at the beginning and end of the private key range.
i was using vanitygen64 to generate some btc address and private keys pair. but first i wanted to see if someone can steal btc using only 51 char long WIF format already present on public site. Every single private key is known. It doesn't matter if it it is on a public site or not, everyone already knows what every single private key is. Its just that the range is so massive that trying to go through all of the keys to find all of the ones that have Bitcoin is insanely expensive and takes a ridiculous amount of time (like longer than the heat death of the universe amount of time). Vanitygen randomly generates private keys until it gets one that has an address with the prefix you want, so it is secure.private key associate with That's the private key expressed in hex.1PDSZN2qgFcuay1vVRxYo1yp9gfXeSKJgt is 5Km2kuu7vtFDPpxywn4u3NLpbr5jKpTB3jsuDU2KYEqemizF9vA its in WIF format. how did you get FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFEBAAEDCE6AF48A03BBFD25E8CD0364101 private key ? thanks Title: Re: How someone stole my bitcoin within 1 second ? Post by: Kakmakr on June 30, 2017, 06:37:49 AM So the next thing you will see is some person starting a thread and using http://directory.io/ as proof that they actually succeeded to hack a Bitcoin address. The people who generated those public/private key pairs obviously anticipated that people would be too lazy to dig deeper and would use the first keys to experiment and they automated the process to monitor activity on those addresses and then to move those coins. < most logical explanation >
Title: Re: How someone stole my bitcoin within 1 second ? Post by: btctousd81 on June 30, 2017, 06:39:13 AM Several such incidents have happened in the past, during the generation of vanity address you could have missed the private key. This might be used by some hackers. Without that I don't think your bitcoin gets lost from blockchain wallet. Have a clear picture, because only your mistake could have resulted in the loss or theft. The wallet is good with perfect security features. sorry for confusion and my bad english., i did not used the address made by vanitygen, i used btc address and pair from http://directory.io which is available on public site. thanks |