Title: BTC stolen from PC wallet Post by: JorgeStolfi on August 24, 2014, 01:56:30 PM Moving off-topic discussion from the Tezor thread (https://bitcointalk.org/index.php?topic=122438.msg8509269#msg8509269):
yesterday was some BTC stollen from my wallet (PC). I dont know how or who or how did this happened. [ ... ] Impossible to say, as you don't know how they were stolen. [ ... ]All I can found that BTC was sent to 183u3xkUUqpVwJmmLqqt14cchS5Mu9CQk7 and then to 17gH1u6VJwhVD9cWR59jfeinLMzag2GZ43 .. but I had some secure things like firewall antispam .. .etc. on my computer .. but i looks it is not enough .. So I hope trezor will make it safe for next time. Were you handling that wallet when the first transaction happened, or shortly before? Quote from: JorgeStolfi Do you use Dropbox or some other external storage? No external (Inet) devices .. only my own NAS with firewall and restricted IPsQuote from: JorgeStolfi Was the wallet totally emptied, or only part of it? tottlly empty after that attackQuote from: JorgeStolfi What software/hardware did you use to generate your private keys? sorry but I dont understand this queston. Do you mean passwords? Or what type of keys?I meant, what software do you use to handle your wallet. How did you create the private keys of the accounts that were emptied. Title: Re: BTC stolen from PC wallet Post by: BurtW on August 24, 2014, 01:58:53 PM What wallet were you using?
Title: Re: BTC stolen from PC wallet Post by: Slesh on August 24, 2014, 03:33:56 PM What wallet were you using? I'm using Bitcoin Core 64 bit. (now v0.9.2.1 - QT ver. 5.2.0) Title: Re: BTC stolen from PC wallet Post by: BurtW on August 24, 2014, 05:01:45 PM What wallet were you using? I'm using Bitcoin Core 64 bit. (now v0.9.2.1 - QT ver. 5.2.0) If so was it a long, random password or a short common one? Title: Re: BTC stolen from PC wallet Post by: Slesh on August 24, 2014, 05:16:13 PM What wallet were you using? I'm using Bitcoin Core 64 bit. (now v0.9.2.1 - QT ver. 5.2.0) If so was it a long, random password or a short common one? Protected with passwd. 8 characters (each different, some lettes, some digits...etc.).. that's why I dont know how this could happened. Title: Re: BTC stolen from PC wallet Post by: BurtW on August 24, 2014, 05:29:34 PM What wallet were you using? I'm using Bitcoin Core 64 bit. (now v0.9.2.1 - QT ver. 5.2.0) If so was it a long, random password or a short common one? Protected with passwd. 8 characters (each different, some lettes, some digits...etc.).. that's why I dont know how this could happened. (I use 32 character random passwords generated by LastPass). Title: Re: BTC stolen from PC wallet Post by: Rannasha on August 24, 2014, 05:46:15 PM What wallet were you using? I'm using Bitcoin Core 64 bit. (now v0.9.2.1 - QT ver. 5.2.0) If so was it a long, random password or a short common one? Protected with passwd. 8 characters (each different, some lettes, some digits...etc.).. that's why I dont know how this could happened. (I use 32 character random passwords generated by LastPass). Or it was just a keylogger. This is typically the cause of these kinds of thefts. Title: Re: BTC stolen from PC wallet Post by: Slesh on August 24, 2014, 05:55:01 PM What wallet were you using? I'm using Bitcoin Core 64 bit. (now v0.9.2.1 - QT ver. 5.2.0) If so was it a long, random password or a short common one? Protected with passwd. 8 characters (each different, some lettes, some digits...etc.).. that's why I dont know how this could happened. (I use 32 character random passwords generated by LastPass). Or it was just a keylogger. This is typically the cause of these kinds of thefts. Who knows. Do I have to delete this wallet and set new one? I am afraid setting new psswd is not enough. .. Title: Re: BTC stolen from PC wallet Post by: JorgeStolfi on August 24, 2014, 06:14:27 PM Or it was just a keylogger. This is typically the cause of these kinds of thefts. Who knows. Do I have to delete this wallet and set new one? I am afraid setting new psswd is not enough. .. A Trezor may be just as good, although you must be careful when updating its firmware. Title: Re: BTC stolen from PC wallet Post by: Slesh on August 24, 2014, 06:42:45 PM Or it was just a keylogger. This is typically the cause of these kinds of thefts. Who knows. Do I have to delete this wallet and set new one? I am afraid setting new psswd is not enough. .. A Trezor may be just as good, although you must be careful when updating its firmware. Yes .. I decide to do it like this. Change passwd to 24 letters. Move wallet do other location and connect to Inet only when I will want to use it.....this was a little bit expensive lesson. Title: Re: BTC stolen from PC wallet Post by: BurtW on August 24, 2014, 06:44:48 PM Or it was just a keylogger. This is typically the cause of these kinds of thefts. Who knows. Do I have to delete this wallet and set new one? I am afraid setting new psswd is not enough. .. A Trezor may be just as good, although you must be careful when updating its firmware. Yes .. I decide to do it like this. Change passwd to 24 letters. Move wallet do other location and connect to Inet only when I will want to use it.....this was a little bit expensive lesson. Title: Re: BTC stolen from PC wallet Post by: JorgeStolfi on August 24, 2014, 06:54:42 PM If it was a keylogger, that will not do. As I understand, the safest is to use a separate computer, not connected to the internet, to store your wallet and sign transactions. Yes .. I decide to do it like this. [ ... ]Move wallet do other location and connect to Inet only when I will want to use it.....I don't think that there is a sufficiently safe way to carry several thousand dollars in bitcoin outside your home. If you do not control the physical environment where you sign the transactions, there seem to be ways to steal your bitcoins, even of you use a Trezor. Title: Re: BTC stolen from PC wallet Post by: Slesh on August 24, 2014, 07:07:10 PM If it was a keylogger, that will not do. As I understand, the safest is to use a separate computer, not connected to the internet, to store your wallet and sign transactions. Yes .. I decide to do it like this. [ ... ]Move wallet do other location and connect to Inet only when I will want to use it.....I don't think that there is a sufficiently safe way to carry several thousand dollars in bitcoin outside your home. If you do not control the physical environment where you sign the transactions, there seem to be ways to steal your bitcoins, even of you use a Trezor. The computer and NAS isin my home, hidden on local network. No dat file outside. Maybe i did not catch the idea of Trezor, but lets imagine that I will have one standalone computer with wallet. I need to connect to internet to get incoming tansactions. Or not? Than what exactly tresor do? I thought that Tresor only sign the transaction. Because where is the 20 GB blockchain info? Second thing is that I maybe should delete this wallet at all and start with new wallet on other computer, because maybe someone use the copy of it. Is there any chance to find out that someone use copy od my wallet? What will you do as the best secure solution? Title: Re: BTC stolen from PC wallet Post by: JorgeStolfi on August 24, 2014, 08:29:17 PM Maybe i did not catch the idea of Trezor, but lets imagine that I will have one standalone computer with wallet. I need to connect to internet to get incoming tansactions. Or not? Than what exactly tresor do? I thought that Tresor only sign the transaction. Because where is the 20 GB blockchain info? You will do most of your account management and processing on the computer that is connected to the internet. Only when it is time to sign a transaction, you will transfer the transaction data to the other computer that has your wallet, sign the transaction there, transfer the signed transaction back to the first computer, and broadcast it from there.The Trezor basically replaces that second computer. It keeps your private keys, signs transaction that are passed to it by your primary computer through the USB port, and returns the signed transactions to the primary computer. [/quote] Is there any chance to find out that someone use copy od my wallet? What will you do as the best secure solution? I cannot help you there. As it says in my signature, I do not own bitcoins -- mainly for other reasons, but for this reason too: bitcoins are easy to steal, and once stolen there is nothing one can do, no none to help, and no hope of ever getting them back. There is no way of knowing whether someone has a copy of your wallet, but that is very likely. (The alternative is that a malicious software in your computer sent out the transaction on its own, without sending your wallet to the thief.) Definitely, you should never use those addresses and private keys again. Title: Re: BTC stolen from PC wallet Post by: BurtW on August 24, 2014, 08:34:59 PM The basic idea of the Trezor is that the private keys never leave the device and cannot be read from the device. So as stated above the trezor is your second "offline" computer. It keeps your private keys very private and untouchable and it signs the transactions with those private keys. Another nice thing is that once you backup the Trezor seed (and keep it very, very safe) you never have to do another backup.
Title: Re: BTC stolen from PC wallet Post by: ajas on August 25, 2014, 09:09:17 PM We all must be aware that some people try to get our bitcoins. Recently somebody (not me) tried to change my password on a bitcoin echange site, but fortunatly did not succeed. I also got an email related to bitcoin with a .jar attachment. I dont know what is inside as I didn't open it. But they know my email adress and that I own bitcoins. So: Use 2 factor authentification, offline wallets, Trezor, ... Only keep small amounts of btc online. Title: Re: BTC stolen from PC wallet Post by: ForgottenPassword on August 25, 2014, 09:13:02 PM If your wallet has been hacked and it was only stored on your computer, you should assume the attacker has compromised your computer. You could have any kind of malware on your PC now. Generating a new wallet file will NOT be enough, you need to do a full OS reinstall and then generate a new wallet.
Did you install any software on your PC recently? anything bitcoin-related (price tickers, widgets, altcoins)? where did you download your wallet software from? Title: Re: BTC stolen from PC wallet Post by: Slesh on August 25, 2014, 09:27:51 PM If your wallet has been hacked and it was only stored on your computer, you should assume the attacker has compromised your computer. You could have any kind of malware on your PC now. Generating a new wallet file will NOT be enough, you need to do a full OS reinstall and then generate a new wallet. Did you install any software on your PC recently? anything bitcoin-related (price tickers, widgets, altcoins)? where did you download your wallet software from? I have lot of sw on my PC. So i take new laptop with new OS ane crate new wallet. This laptop is dedicated only to BTC. So i think this topic should be closed. I have no clue how this could happened. No security alarm of any security SW. I oly saw that adress 17gH1u6VJwhVD9cWR59jfeinLMzag2GZ43 belongs to some hackers/thieves beacuse I am not the only one who was robbed... https://www.bitcoinregime.com/2014/07/07/stolen-bitcoins-and-releated-account/ Title: Re: BTC stolen from PC wallet Post by: ForgottenPassword on August 25, 2014, 09:35:32 PM I have lot of sw on my PC. So i take new laptop with new OS ane crate new wallet. This laptop is dedicated only to BTC. So i think this topic should be closed. I have no clue how this could happened. No security alarm of any security SW. I oly saw that adress 17gH1u6VJwhVD9cWR59jfeinLMzag2GZ43 belongs to some hackers/thieves beacuse I am not the only one who was robbed... https://www.bitcoinregime.com/2014/07/07/stolen-bitcoins-and-releated-account/ That address belongs to a mixing service. The hacker used it to make it harder to track the BTC. Anti-virus software is easily defeated, that should be a "last resort". You could still have malware, so be careful. Using a dedicated laptop is a good idea but I would recommend you use it as a offline wallet. Keep it offline at all times (physically take out the WiFi card and bluetooth if you can) and transfer signed transactions via USB stick to a computer connected to the internet. Here are two clients that support offline wallets: http://bitcoinarmory.com Forum section for this client here: https://bitcointalk.org/index.php?board=97.0 This client does need a full copy of the blockchain plus its own database so uses up 50GB of space on your online PC. http://electrum.org Forum section: https://bitcointalk.org/index.php?board=98.0 This is an SPV wallet, doesn't need a copy of the blockchain but it tells your peers what addresses you own so it has weaker privacy than Armory. Title: Re: BTC stolen from PC wallet Post by: OhShei8e on August 25, 2014, 09:44:25 PM I have no clue how this could happened. No security alarm of any security SW. ??? Do you use snakeoil? Title: Re: BTC stolen from PC wallet Post by: Slesh on August 25, 2014, 09:50:22 PM I have no clue how this could happened. No security alarm of any security SW. ??? Do you use snakeoil? ?? what is it? I mean SW like firewall (on router, NAS, PC) - there was no alarms logs and antivir with antispam .. Title: Re: BTC stolen from PC wallet Post by: honolululu on August 26, 2014, 06:39:10 AM I have no clue how this could happened. No security alarm of any security SW. ??? Do you use snakeoil? ?? what is it? I mean SW like firewall (on router, NAS, PC) - there was no alarms logs and antivir with antispam .. I think they were trying to say that firewalls and antivirus can help once in a while, you need to control access to your wallet by unplugging from the internet completely. It is kind of a hassle for sure, but so is losing coins. |