Equanimous (OP)
Newbie
Offline
Activity: 17
Merit: 0
|
|
August 15, 2011, 03:22:49 PM |
|
On the 6. aug. 2011 i got 50 BTC stolen for my account on bitcoin7.com.
The transaction was:
Address: 1L1TC4HiJhwswF5FZu15HuXbGdMMu6PLNe Transaction: f9f7f54e5c3ac762bede011904250417d5c154eeaab648d8af6aaed222c01ae3 Date: 2011-08-06 13:10:51 (CET)
The foreign ips assessing to my account was.
"77.37.156.150" "2011-08-01 01:58:07" "171.171.195.67" "2011-08-01 23:19:06" "178.177.197.228" "2011-08-03 00:28:47" "178.177.197.228" "2011-08-03 00:30:11" "178.177.197.228" "2011-08-03 01:04:06" "178.177.197.228" "2011-08-03 01:40:44" "178.177.197.228" "2011-08-03 01:41:08" "178.140.109.184" "2011-08-06 13:09:35"
I prayed that the thieves would get an incurable headache until my bitcoins is returned.
Have anyone had similar bitcoin experience ?
|
|
|
|
SomeoneWeird
|
|
August 15, 2011, 03:41:19 PM |
|
On the 6. aug. 2011 i got 50 BTC stolen for my account on bitcoin7.com.
The transaction was:
Address: 1L1TC4HiJhwswF5FZu15HuXbGdMMu6PLNe Transaction: f9f7f54e5c3ac762bede011904250417d5c154eeaab648d8af6aaed222c01ae3 Date: 2011-08-06 13:10:51 (CET)
The foreign ips assessing to my account was.
"77.37.156.150" "2011-08-01 01:58:07" "171.171.195.67" "2011-08-01 23:19:06" "178.177.197.228" "2011-08-03 00:28:47" "178.177.197.228" "2011-08-03 00:30:11" "178.177.197.228" "2011-08-03 01:04:06" "178.177.197.228" "2011-08-03 01:40:44" "178.177.197.228" "2011-08-03 01:41:08" "178.140.109.184" "2011-08-06 13:09:35"
I prayed that the thieves would get an incurable headache until my bitcoins is returned.
Have anyone had similar bitcoin experience ?
How did you get the ip's?
|
|
|
|
Equanimous (OP)
Newbie
Offline
Activity: 17
Merit: 0
|
|
August 15, 2011, 03:47:10 PM |
|
I asked bitcoin7 support.
|
|
|
|
SomeoneWeird
|
|
August 15, 2011, 03:50:29 PM |
|
I asked bitcoin7 support.
Ok, well, the transaction was over a week ago. Why'd you chose to come forward now and not then?
|
|
|
|
Equanimous (OP)
Newbie
Offline
Activity: 17
Merit: 0
|
|
August 15, 2011, 04:09:35 PM |
|
I feel I needed to clam down before I posted.
|
|
|
|
skadoosh00
Newbie
Offline
Activity: 24
Merit: 0
|
|
August 15, 2011, 04:19:24 PM |
|
Any luck on finding the thieves or getting anything back?
And you show remarkable restraint. I would've posted the offending IPs the moment I saw this happen to me.
|
|
|
|
GabrielZ
Newbie
Offline
Activity: 28
Merit: 0
|
|
August 15, 2011, 04:35:37 PM |
|
Could you please enlighten a newbie, how this could happen? Did the thieves crack your password of your bitcoin7 login?
|
|
|
|
AMD FTW
Sr. Member
Offline
Activity: 317
Merit: 250
GET IN - Smart Ticket Protocol - Live in market!
|
|
August 16, 2011, 04:51:38 AM |
|
I'm interested in hearing how they got access
|
|
|
|
tomba
Member
Offline
Activity: 81
Merit: 10
|
|
August 16, 2011, 07:01:14 AM |
|
Indeed, how did this happen ? Was it bitcoin7's fault or was your computer hacked or what ?
|
If you appreciate my posts you can donate any number of Coins you like at BTC 16MPWTomba4GUN1FU98DWmUKvVUr5ms3rs LTC Lg15AdU4cYhfUttyd1n2LQYGNANkdqGWQ9
|
|
|
Stephen Gornick
Legendary
Offline
Activity: 2506
Merit: 1010
|
|
August 16, 2011, 09:36:35 AM |
|
1.) Use multi-factor authentication. If your exchange doesn't offer multi-factor (e.g., yubikey or mobile sms/text verification) then consider finding a new exchange. 2.) Contact your local police and/or #bitcoin-police - http://en.bitcoin.it/wiki/Bitcoin_Police
|
|
|
|
Equanimous (OP)
Newbie
Offline
Activity: 17
Merit: 0
|
|
August 17, 2011, 03:59:16 PM |
|
Well, I don't know exactly how it happed. I did make the mistake to leave my bitcoins on the bitcoin7 account. (I was waiting for the client to get wallet encryption) Well, I am pretty sure that my computer was not hacked.
One way could be for the hacker to bribe or threaten an bitcoin7 employee to give him a database dump of the password hashes. Then run a cracking program on them to one or more was cracked.
@Stephen Gornick Is there a list of exchange with multi-factor authentication ?
|
|
|
|
Stephen Gornick
Legendary
Offline
Activity: 2506
Merit: 1010
|
|
August 18, 2011, 08:10:42 PM |
|
@Stephen Gornick Is there a list of exchange with multi-factor authentication ? So far, those that I'm aware of: - Intersango (Britcoin.co.uk, Intersango.com, Intersango.us) - Google Auth with multi-factor - Mt. Gox - Yubikey - TradeHill - Duo Security (mobile) - Camp BX - Text/SMS - ExchB - motp (mobile one time password app) - WorldBitcoinExchange.com - Duo Security (mobile) or Google Auth with multi-factor There are also eWallets with a type of two-factor auth: - WalletBit uses SecureCard, which is a paper-based credentials system
|
|
|
|
the joint
Legendary
Offline
Activity: 1834
Merit: 1020
|
|
August 18, 2011, 08:22:21 PM |
|
An extra tip. Make sure your email account password is very strong!
If your email is required to manually change passwords or for password recovery, it is essential that you email password is very strong. There's no point in having very strong password on exchanges if these strong passwords can be accessed via a hacked email account.
|
|
|
|
exxe
|
|
August 19, 2011, 11:38:18 AM Last edit: February 03, 2013, 11:48:00 PM by exxe |
|
The same thing happened to me on August 11th. Someone withdrew ~42 BTC. Today I have informed bitcoin7 and asked for more information.
I have absolutely no idea how this could happen. I've not used this user:pass combination anywhere on bitcoin related sites.
Damn!
|
|
|
|
captainteemo
|
|
August 19, 2011, 12:17:04 PM |
|
You're being lied to by bitcoin7.
171.171.195.67 is a Bank of America-owned IP that is not routed or globally accessible. It can't access the internet, nor vice versa. There is no way that IP logged into the site.
That /24 has never hit the internet before, and as of this month (or this year or last year even) has never been online.
|
|
|
|
SomeoneWeird
|
|
August 19, 2011, 12:22:32 PM |
|
You're being lied to by bitcoin7.
171.171.195.67 is a Bank of America-owned IP that is not routed or globally accessible. It can't access the internet, nor vice versa. There is no way that IP logged into the site.
That /24 has never hit the internet before, and as of this month (or this year or last year even) has never been online.
Or he's lying that he got the money stolen and just making up addresses.
|
|
|
|
Ricochet
|
|
August 20, 2011, 12:37:31 AM |
|
@Stephen Gornick Is there a list of exchange with multi-factor authentication ? So far, those that I'm aware of: - Intersango (Britcoin.co.uk, Intersango.com, Intersango.us) - Google Auth with multi-factor - Mt. Gox - Yubikey - TradeHill - Duo Security (mobile) - Camp BX - Text/SMS - ExchB - motp (mobile one time password app) - WorldBitcoinExchange.com - Duo Security (mobile) or Google Auth with multi-factor There are also eWallets with a type of two-factor auth: - WalletBit uses SecureCard, which is a paper-based credentials system Bitcoin2Cash also can use Google Auth (OpenID) with two-factor authentication.
|
|
|
|
1905
Full Member
Offline
Activity: 198
Merit: 100
Give him a mask and he will tell you the truth.
|
|
August 20, 2011, 12:49:33 AM |
|
Sorry completely off subject but I noticed Stephen has a picture of the "face" on Mars. A) that is awesome. b) how do i get a picture attached to my profile? Ive been looking around here. Am i a)retarded or b) a newbie and not authorized to customize my profile with a picture yet?
|
Man is least himself when he talks in his own person. Give him a mask and he will tell you the truth.
- Oscar Wilde
|
|
|
1905
Full Member
Offline
Activity: 198
Merit: 100
Give him a mask and he will tell you the truth.
|
|
August 20, 2011, 01:04:52 AM |
|
A) Im a retard.... lol
|
Man is least himself when he talks in his own person. Give him a mask and he will tell you the truth.
- Oscar Wilde
|
|
|
jorijnsmit
Newbie
Offline
Activity: 36
Merit: 0
|
|
August 22, 2011, 07:53:39 PM |
|
You're being lied to by bitcoin7.
171.171.195.67 is a Bank of America-owned IP that is not routed or globally accessible. It can't access the internet, nor vice versa. There is no way that IP logged into the site.
That /24 has never hit the internet before, and as of this month (or this year or last year even) has never been online.
Interesting! So what really happened here?
|
|
|
|
|