 Show Posts
|
|
Pages: [1]
|
|
No.
Blockchain.info ( as I understand it ), just hosts your wallet.
To access your wallet through blockchain.info, you may need email and phone access, but with private keys or the seed, funds can be transferred out without ever notifying you.
Or, if your machine has been compromised, the location your keys were stored could have been compromised.
I was dumb with my blockchain.info wallet, and shared my seed. Next day, all funds gone. No emails, text messages. Just a transfer out of my account of everything.
I'd hoped and hoped it was blockchain.info's fault, but actually mine in the end.
It's a bit deceptive really. blockchain.info is actually less secure imho, as you can access your funds through blockchain.info, or just with the keys.
I hope it is a blockchain.info bug.
Good luck tracking this down.
I'm moving to a hardware wallet for everything next.
|
|
|
|
|
Hi,
Have you used your wallet seed or private keys anywhere else?
|
|
|
|
|
Yes,
Just about the dumbest thing I've done.
Greed, yes. I actually think it's a relatively fair deal in retrospect. Screw around with seeds, download software off what is clearly in the light of day a dodgey site, combine that with my wallet seed and yes. I think I got what I deserved.
Lesson learned I hope.
As for their fake wallet software:
I decompiled their software, it's just a basic early electrum clone in c#.
It posts the seed through this phpmailer form:
btcgwallet dot org / mailer / index.php
Email address was: info at btcgwallet.org
All running out of asia.
Out of %50 spite, and %50 not wanting this to happen to anyone else, I wrote a small program that posts a random 12 word seed through this form every .01 seconds.
I'm pleased to see they've broken the mailer function page to stop my spam posts going through. It was probably impossible to distinguish from my fake seeds and any real seeds they collected. They've also disabled the function in their fake wallet download for now. I'll periodically send through 500000 fake seeds. It's not going to get my coins back, but I feel a teeny tiny bit better by doing this.
The form was used across a few 'wallet' sites, so, for now at least, a few people will hold on to their wallets a bit longer.
I've abandoned the wallet of course. Next wallet, uber safe, Trezor I think. Luckily I'd moved some coins out of my now lost wallet a few days before ....
Thanks for your input.
g
|
|
|
|
|
Well, I did a little bit more investigating of the the scam software. Really simple actually.
It just sends your seed through email on a php mailer site.
Managed to get my BTG out even though the seed had been shared, so the malware people are busy collecting BTC and not bothering with BTG.
Peace.
|
|
|
|
|
Not omni, def bitcoin gold wallet.
I downloaded from
btcgwallet dot org.
program was a rebranded original client. It takes my seed, but actually shows BTC addresses ( none of them related to my wallet ). Just enough info to keep me distracted while my coins are transfered away.
I can share the binary if it would help anyone.
Any way to notify the site owners their downloads have been hacked? Or let me guess, this is a phishing site, and I downloaded from the wrong site altogether.
I did know I should have transfered by coins out before doing this. But I didn't. 'A fool and his money ... ' comes to mind.
Cheers
Glenn
|
|
|
|
|
Hi, thank you for your reply.
It's pretty much as I expected.
As all the addresses were used, even the ones I didn't generate ( I didn't make the external addresses ), I thought it looked like a sweep.
I used a bitcoin gold client Bitcoin Gold 1.1.5 from Bitcoin-Wallet-1.1.5.0.exe from http[Suspicious link removed] and put my seed in to that. Is it possible, the client ( or hacked version thereof ), posted the seed to a hacker? I'd like to figure out the hack vector.
Wouldn't a hacker quickly move the funds along? They are just sitting there.
Is there a way to see if the bitcoin gold for that seed is also gone?
Thank you again for your assistance.
G
|
|
|
|
|
Hello,
I've had my coins transfered out of my blockchain.info wallet.
The addresses for my wallet are:
1Gw9XzNBMuZrQDoe7uj5gjddMatGvehemm
16d1LAJCUHQVkNstcmaFbTaHRmxeSZWxJD
1GZ7pfx8AtepqCt11vNNtoakvbqsHhWgAr
1EHPiacSctjDR36Lckg1yb2HMdZjfv696z
1CBDWMzjfJo9gHdfJj2cc7qu11UQgyS4tA
I've confirmed this by generating my private keys with bip39-master.
Now the strange thing is, I added these addresses to omniwallet, and before I knew it, the contents of these addresses ( which was only 25% of my wallet ), and the contents of another address are transfered to a new address, and I lose everything.
Time: 2017-12-19 17:16:33, transaction: af8a8265c425bc6aef49cce56a4cf89147c68639591faea3c3467fbadcdb450b
1GZ7pfx8AtepqCt11vNNtoakvbqsHhWgAr (0.04058 BTC - Output)
1GZ7pfx8AtepqCt11vNNtoakvbqsHhWgAr (0.07813 BTC - Output)
1EHPiacSctjDR36Lckg1yb2HMdZjfv696z (0.00001 BTC - Output)
1GZ7pfx8AtepqCt11vNNtoakvbqsHhWgAr (0.05564 BTC - Output)
16d1LAJCUHQVkNstcmaFbTaHRmxeSZWxJD (0.69800857 BTC - Output)
1CBDWMzjfJo9gHdfJj2cc7qu11UQgyS4tA (0.001 BTC - Output)
1JLE6ckXeLYcMQiGbCPDhsEFK56EiedGsw (3.18448379 BTC - Output)
-->1GDKbbYJawqfajQfLh3FLpKxP3xKWnfTrk - (Spent) 4.04968358 BTC
There are two very strange things here.
1. Where did the mystery address 1JLE6ckXeLYcMQiGbCPDhsEFK56EiedGsw come from?
2. What triggered everything going to the final location? - I've checked the BTC are still in that final address (1GDKbbYJawqfajQfLh3FLpKxP3xKWnfTrk ), so unlikely to be hacker .
Finally, how on earth do I get my coins back?
If this is too involved for this forum, can you point me to where I might get assistance?
Thank you
Wimple
|
|
|
|
|
