|
Title: 1 BTC stolen from BrainWallet due to weak key Post by: GuyPaddock on December 13, 2013, 04:46:50 PM I did a transaction yesterday using http://www.bit2factor.org/ in which I got about 1 BTC total.
After the transaction, I used the "sweep key" function on Blockchain.info to transfer the funds into my own wallet, and it looks like it moved it to my oldest address -- 1Gj6ubnVGcHcPMmBEhvGXhcQkpusE4vH85 -- which was originally generated as a brain wallet back in April 2013. Before the transaction, the wallet address had a zero balance. About 4 hours after the sweep, it looks like someone came in and nabbed all the funds and sent them to 1EnuCnYuYadPAp1qTWj8rWxZvb9QQ1vFKz. According to the relay information, that transaction (3a19b0d36c19360cc0794de9b44b2fffd5a1a3a1a0322aed2b033b98f8b957a0) was relayed by 129.132.230.77 which maps to vbitcoin-08.inf.ethz.ch at ETH/UNIZH. My guess is that back when I used Blockchain.info in April, it had that RNG flaw that was discovered in August, and now that I was using the address again, someone used the key exposed in the prior transactions to grab the funds. I am 100% positive that this was not the result of a virus or anything on my own machine -- I'm a software dev, very cautious about what I download, running Kaspersky AV, and regular scans. Title: Re: 1 BTC stolen from BlockChain wallet -- assuming weak RNG Post by: Moebius327 on December 13, 2013, 05:17:17 PM Title: Re: 1 BTC stolen from BlockChain wallet -- assuming weak RNG Post by: grue on December 13, 2013, 06:06:02 PM My guess is that back when I used Blockchain.info in April, it had that RNG flaw that was discovered in August, and now that I was using the address again, someone used the key exposed in the prior transactions to grab the funds. the RNG flaw was only on keys generated by android wallets.Title: Re: 1 BTC stolen from BlockChain wallet -- assuming weak RNG Post by: Moebius327 on December 13, 2013, 06:22:43 PM Can you give some details on the password you used for the brainwallet? You know some people are "mining" brainwallets with weak passwords nowadays.
Title: Re: 1 BTC stolen from BlockChain wallet -- assuming weak RNG Post by: GuyPaddock on December 13, 2013, 08:06:07 PM My guess is that back when I used Blockchain.info in April, it had that RNG flaw that was discovered in August, and now that I was using the address again, someone used the key exposed in the prior transactions to grab the funds. the RNG flaw was only on keys generated by android wallets.Not true, the Blockchain RNG vulnerability in August was on the random numbers used to sign transactions. It was using the same R value for multiple transactions with the same private key. Title: Re: 1 BTC stolen from BlockChain wallet -- assuming weak RNG Post by: GuyPaddock on December 13, 2013, 08:26:41 PM Can you give some details on the password you used for the brainwallet? You know some people are "mining" brainwallets with weak passwords nowadays. 30 character passphrase. It's a sentence that starts with an uppercase letter, ends with a period, and contains three words separated by spaces. Title: Re: 1 BTC stolen from BlockChain wallet -- assuming weak RNG Post by: Moebius327 on December 13, 2013, 09:11:49 PM Can you give some details on the password you used for the brainwallet? You know some people are "mining" brainwallets with weak passwords nowadays. 30 character passphrase. It's a sentence that starts with an uppercase letter, ends with a period, and contains three words separated by spaces. Not by any chance a quote from somewhere? If you find the sentence in google search you have your answer. Title: Re: 1 BTC stolen from BlockChain wallet -- assuming weak RNG Post by: GuyPaddock on December 13, 2013, 10:07:37 PM Not intentionally a quote, no. The words themselves do, of course, show up in Google.
Title: Re: 1 BTC stolen from BlockChain wallet -- assuming weak RNG Post by: GuyPaddock on December 14, 2013, 01:07:22 AM I will wait to see what Blockchain.info says about it...
Title: Re: 1 BTC stolen from BrainWallet by Swiss Federal Institute of Technology Zurich Post by: GuyPaddock on December 14, 2013, 01:18:27 AM There, how's that?
Seriously, though, it looks like the Swiss Federal Institute of Technology Zurich is running a tool to brute force brain wallets. I just hope that at the end of their research / proof of concept, they return the coins... Title: Re: 1 BTC stolen from BrainWallet by Swiss Federal Institute of Technology Zurich Post by: prezbo on December 14, 2013, 11:41:12 AM Seriously, though, it looks like the Swiss Federal Institute of Technology Zurich is running a tool to brute force brain wallets. Them relaying the transaction doesn't mean they stole your money. I'm 100% sure ETH had nothing to do with this. You should maybe educate yourself what the data you gather actually means before you start throwing such accusations around. Title: Re: 1 BTC stolen from BrainWallet by Swiss Federal Institute of Technology Zurich Post by: Rannasha on December 14, 2013, 11:47:57 AM There, how's that? Seriously, though, it looks like the Swiss Federal Institute of Technology Zurich is running a tool to brute force brain wallets. I just hope that at the end of their research / proof of concept, they return the coins... The "relayed by" field on the Blockchain.info website just shows the node that Blockchain.info received the transaction from. And while Blockchain.info is well-connected to the network, the vast majority of nodes are not directly connected to Blockchain.info, so a transaction may pass through several nodes before Blockchain.info sees it. "relayed by" only shows the last hop. The chance that this transaction actually originated from ETH Zurich is rather small. Title: Re: 1 BTC stolen from BrainWallet by Swiss Federal Institute of Technology Zurich Post by: Moebius327 on December 14, 2013, 12:22:36 PM Instead of blaming people for your faults, you can ask politely who cracked your weak brainwallet password. Some people will return it. Also inform yourself what a strong brainwallet password means.
Title: Re: 1 BTC stolen from BrainWallet by Swiss Federal Institute of Technology Zurich Post by: TheFootMan on December 15, 2013, 02:33:18 AM If the info in this thread is correct, "Swiss Federal Institute of Technology Zurich" should be removed from the thread title. If blockchain only shows 'relayed by' and this is the last hop, the chance that "Swiss Federal Institute of Technology Zurich" is the culprint is fairly slim.
Title: Re: 1 BTC stolen from BrainWallet by Swiss Federal Institute of Technology Zurich Post by: CyberMOS on December 15, 2013, 07:09:41 PM ,... running Kaspersky AV, and regular scans. answerTitle: Re: 1 BTC stolen from BrainWallet by Swiss Federal Institute of Technology Zurich Post by: EuroTrash on December 15, 2013, 08:13:03 PM If the info in this thread is correct, "Swiss Federal Institute of Technology Zurich" should be removed from the thread title. If blockchain only shows 'relayed by' and this is the last hop, the chance that "Swiss Federal Institute of Technology Zurich" is the culprint is fairly slim. +1. OP please fix subject. ETH has a lot of computing power and some very fast relays which do actually strenghten the network. Someone in there did a thesis on bitcoin last year. I think there was a thread on bitcointalk about it. They do not mine but they run full nodes. Title: Re: 1 BTC stolen from BrainWallet due to weak key Post by: GuyPaddock on December 17, 2013, 04:22:17 AM Very well, fixed.
Title: Re: 1 BTC stolen from BrainWallet due to weak key Post by: TheFootMan on December 17, 2013, 04:34:09 AM Very well, fixed. I'm sorry about your loss. 1 btc is quite a lot of money. :( Did you figure out more details about how things happened, or have you written everything off by now? Title: Re: 1 BTC stolen from BrainWallet by Swiss Federal Institute of Technology Zurich Post by: GuyPaddock on December 17, 2013, 04:35:25 AM Instead of blaming people for your faults, you can ask politely who cracked your weak brainwallet password. Some people will return it. Also inform yourself what a strong brainwallet password means. Well, I haven't used a brainwallet since April and don't intend to. Normal private key is, IMO, way more secure. Didn't even realize I had that address still linked with my account until the funds were gone. Title: Re: 1 BTC stolen from BrainWallet due to weak key Post by: Patel on December 17, 2013, 05:04:27 AM Very well, fixed. the coins are already gone, what was your password? Title: Re: 1 BTC stolen from BrainWallet due to weak key Post by: prezbo on December 17, 2013, 09:52:43 AM Very well, fixed. the coins are already gone, what was your password? Yep, this would be interesting to know. Title: Re: 1 BTC stolen from BrainWallet due to weak key Post by: Moebius327 on December 17, 2013, 10:18:30 AM Very well, fixed. the coins are already gone, what was your password? Yep, this would be interesting to know. +1 Title: Re: 1 BTC stolen from BrainWallet due to weak key Post by: PrintMule on January 16, 2014, 01:26:51 PM Very well, fixed. the coins are already gone, what was your password? Yeah, this post made me also curious. This thread goes well in hand with multiple threads about address generating hacks, and brainwallet hacking competitions. |