Alias was very short so may have been hackable.  Password was 15 characters long but made up of multiple words that may have been found in dictionary.  Possible but permutations to put that many words together would still be extremely high.

that wouldn't be the case with me though Jubalix - I used a unique alias and unique password on blockchain.info - couldn't have pulled it from anywhere else.

So, interesting development this morning.  I shut down the wallet I had with blockchain.info yesterday after it was potentially compromised and decided to just start with a fresh new wallet hosted there.  Very strong password, different identifier.  Java not installed on my machine and scanned for malware.

Received this this morning -- from blockchain.info notification:

Authorize log-in attempt
An attempt to login to your blockchain.info wallet was made from an unknown browser. Please confirm the following details are correct:
Time: 2013-04-27 07:17:42
IP Address: 77.109.138.42 (Switzerland)
User Agent: Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US; rv:1. Gecko/20051111 Firefox/1.5
If the above details are correct please use the following login link:
https://blockchain.info/wallet/[blocked out for obvious reasons]
If this login attempt was made by you this email can be safely ignored however you may wish to change your wallet alias.

and this...

An attempt to login to your blockchain.info wallet was made from an unknown browser. Please confirm the following details are correct:
Time: 2013-04-27 08:38:09
IP Address: 5.9.121.38 (Germany)
User Agent: Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US; rv:1. Gecko/20051111 Firefox/1.5
If the above details are correct please use the following login link:
https://blockchain.info/wallet/[blocked out for obvious reasons]
If this login attempt was made by you this email can be safely ignored however you may wish to change your wallet alias.

Apparently there is still some sort of malware out there attempting to hack the blockchain.info service.  Machine was clean when I set this new wallet up, only way I think they could've possibly found the address is through scanning potential aliases.  Admittedly, my alias is a plain word so possible they could've just tried brute force finding an alias that would lead them to identifier and tried to log in from there.  Otherwise, can't imagine how they would've gotten it.  Just a lead for PIUK to follow if he's interested in trying to button up security on the site.

I would side with you at times on this Shinobi, but then you need to really step back and realize the lack of understanding of most things that people engage with on a daily basis.  You use VISA and pay your bill at the end of every month, but very very very few people understand the mechanics behind credit card transactions, payments via the ACH rails or anything else involved with day to day financial life in 2013.  Yet there are trillions of dollars spent each year by people typing in their passwords to online bank accounts and pull pieces of plastic out of their wallet that is representative of fiat money (which is a whole other rabbit hole altogether). 

I think there is something behind this, otherwise I wouldn't be wasting my time here. What will happen (and you can see it starting slowly) is that VC money, independent development and ingenuity with start to develop tools that will isolate the average end user from the complexity while still giving them the benefit fo the technology.  It has already begun with services like blockchain.info aggregating wallets and providing cloud based services.  It will eventually progress to hardware based tools (similar to the RSA key fob many people used to have at offices) and move on from there.  Long BTC public addresses will be replaced by alias services (how? I'm not sure, but they will) and people will slowly become accustomed to using this a method of money transport.  I could certainly be mistaken but it has attracted enough interest and has engaged enough people's aspirations that even if the current instance of BTC doesn't make it to prime-time, something similar will.

I once read that all it takes is for 10% of the population to be extremely excited about something (whether it be a fashion, technology, fad, etc) and it will become mainstream (given the average persons indifference and apathy).  While I don't think we're at the tipping point yet, the ideals behind this project is resonant enough with a population in turmoil to energize that portion of the population and turn this truly into a movement.

Tried to change original post.  Dont' want to single out blockchain.info as source in fairness to piuk as it could've easily been a java exploit - don't think we've gotten to bottom of it yet.

I also just uninstalled java from my machine.

Yeah, can I change it after the fact?  Realized that after I did it and it's definitely misleading.  Nothing wrong with the protocol or bitcoin in general - more apropot would be wallet hack.

Agree.  Already had cold storage so was trying to be diligent, just hadn't moved since withdrawing from BTC-e.  Definitely have learned a lesson.  Keep hot balances low and only access bitcoin-qt from clean/sandboxed computer that I don't do my daily surfing on to avoid any type of java/javascript exploits.  Recommend the same for others.

Looks like someone had a busy day yesterday.  Traced where some of my funds went and over 2500 BTC got dumped into this account all yesterday after being routed bunch of different places.

https://blockchain.info/address/16WcStW5Mef1KrmyC9pMBKzKdp5RFsFxjo

By 'hot' i mean one connected to the network that can be used to send and receive.  'Cold' storage usually means setting up a key you can store things then printing out a paper wallet or something similar and not having the private key/wallet accessible by any means on your computer.

Actually been on here for just about a year - just never had any reason or desire to post until recently.

Just interacted with PIUK on the other thread we've been discussing this in - the one I started.  Ideally just looking to determine which apps I can trust again.

re: casascius -- you are correct, I didn't lose 500+ coins.  I only lost 0.78, still stings given I haven't been at this for long and don't have a ton, but you were right to think that through versus jumping to conclusion like SgtSpike did.  Signed a message for him proving him wrong and never heard back.

re: Piuk --  I'm PM'd the other user to see if we were sharing any apps.  Would be difficult to go through everything or what we've downloaded to ensure no keyloggers, but...

    Do you have a bitcoin app on your android phone?  Yes - BitcoinSpinner
    Do you have a blockchain.info wallet holding the address in question?  Yes.
    If you have a blockchain wallet do you use a public alias the same as your bitcointalk, bitcoin-otc or irc username?  No. Separate name and separate password.
    Do you have accounts on one of the following sites: BTC-e, bitcoin-central or mining.bitcoin.cz? Account on BTC-e
    Do you reuse the same wallet password on different websites (specifically the above sites)?  Different passwords
    Do you read the BTC-e chat box?  Can't say I "read" it but messages are flashing up all the time while I'm on the site.
    Does your browser have Java enabled? http://isjavaenabled.com  -- Tough call on this one.  I've been running noscript for a week or so on Firefox on a fresh install, so should be protected there, but have had that address for a while and know I was on btc-e prior to installing noscript, so all depends when person would gotten my privkey.

Well, i learned my lesson.  Having access on phone is nice so i can transfer when I'm not in front of my machine at home, but agree that's only good for limited amounts.  Fortunately, I've lurked here long enough to learn about cold storage and how to set that up disconnected from network so I'm safe.  I PM'd the other guy that got hacked in the same transaction but haven't hear back yet.  Right now it would appear blockchain.info is the common factor, but if he was running same program on phone I'd probably consider that another possible weak link.

New wallet, one location. 

That's the same address mine went to.

have the bitcoin-qt client (behind firewall and encrypted wallet), blockchain.info (pretty tough password) and also have the address on my phone using bitcoinspinner for android (could be weak link).

Address in question is 1HHwDwxpeq4ZxRDE3TDNVfhT6jyj6Cx6nE

I don't have nearly 500 BTC.  That's what is screwed up.  Only one of the accounts on that list is from me which seems very odd given not sure how transfers from multiple separate accounts could be under one transaction. 

SgtSpike - Just went back and re-read my original post.  Don't recall asking for handouts.  Just trying to do public service.  Don't jump down my throat.

GyFo+kcxewu+KG51xxXHI+JFOhnpXX0oSr08QzWV22im9mnD1ksVAKxxq7VYkyXR+7tqHczO8DZS94PK7UPJ30w=

Understated given I never keep more than .5 BTC in a hot account.  Pissed, yes.  Extremely. But could've been a whole lot worse.  I have the address both locally on a bitcoin client and on blockchain.info.  Can't rule out either it was a hack on my system, but i keep everything pretty tied down.

Just finished dinner and checked to find one of my hot accounts had been cleared of Bitcoin in a transaction at 6:22.  Block just had first confirmation 30 minutes later, must not have paid a fee on it.  Not sure if this is blockchain.info related or not, but here's the address:

https://blockchain.info/address/1JKJdYSZNrWSca1b9ajejdmjuqooE7TLFr

Sucks, but my guess is this is all gone.  Anyway of getting back?  From my understanding, no, but huge score for whoever pulled this off.  Jerk off.

Successful trade for 2k with rafsoaken - quick and easy.