Bitcoin Forum
March 28, 2024, 01:05:37 PM *
News: Latest Bitcoin Core release: 26.0 [Torrent]
 
   Home   Help Search Login Register More  
Pages: [1] 2 3 4 5 »  All
  Print  
Author Topic: Brain Wallet hacked, suspect bitcoin talk hackers.  (Read 5557 times)
chessnut (OP)
Legendary
*
Offline Offline

Activity: 924
Merit: 1001



View Profile
May 29, 2015, 11:00:18 AM
 #1

Hi everyone,

This serves as another lesson to make your brain wallets silly hard to hack.

My Brain wallet, in the form of example123example123example123 (example123 was my bitcoin talk password,) was hacked resulting in the loss of 12btc I had freshly put in there. Before I noticed it was hacked I sent another 7btc there and luckily got it out before the hacker did.

This was my brain wallet 17z2uppQS9fyag5KtbQ6KNiCBrNSL1z64r

This is the Hackers wallet, with the funds in it at the time of writing 153h8BH61rQgfyujZjJqjQNSsRK2Hsaf3A


The community might take interest in this address as the hackers of bitcoin talk are prime suspects.

Its crazy, is this guy lucky or is it really that easy to hack brain wallets??

Take care!

1711631137
Hero Member
*
Offline Offline

Posts: 1711631137

View Profile Personal Message (Offline)

Ignore
1711631137
Reply with quote  #2

1711631137
Report to moderator
1711631137
Hero Member
*
Offline Offline

Posts: 1711631137

View Profile Personal Message (Offline)

Ignore
1711631137
Reply with quote  #2

1711631137
Report to moderator
The forum was founded in 2009 by Satoshi and Sirius. It replaced a SourceForge forum.
Advertised sites are not endorsed by the Bitcoin Forum. They may be unsafe, untrustworthy, or illegal in your jurisdiction.
1711631137
Hero Member
*
Offline Offline

Posts: 1711631137

View Profile Personal Message (Offline)

Ignore
1711631137
Reply with quote  #2

1711631137
Report to moderator
1711631137
Hero Member
*
Offline Offline

Posts: 1711631137

View Profile Personal Message (Offline)

Ignore
1711631137
Reply with quote  #2

1711631137
Report to moderator
1711631137
Hero Member
*
Offline Offline

Posts: 1711631137

View Profile Personal Message (Offline)

Ignore
1711631137
Reply with quote  #2

1711631137
Report to moderator
DarkHyudrA
Legendary
*
Offline Offline

Activity: 1386
Merit: 1000


English <-> Portuguese translations


View Profile
May 29, 2015, 11:07:07 AM
 #2

And how he found that this address is yours?

English <-> Brazilian Portuguese translations
NUFCrichard
Legendary
*
Offline Offline

Activity: 1218
Merit: 1003


View Profile
May 29, 2015, 11:07:27 AM
 #3

Sorry to hear that.
I don't understand exactly how that happened to you, what information did you have on your bitcointalk account that helped them hack your brain wallet?

It is the number one reason why bitcoin hasn't taken off as we all hope, security is much harder to perfect than almost everyone thinks
chessnut (OP)
Legendary
*
Offline Offline

Activity: 924
Merit: 1001



View Profile
May 29, 2015, 11:17:56 AM
 #4

And how he found that this address is yours?


He must have hacked my bitcoin talk password, like most of us, and tried many combinations to produce my private key.

Sorry to hear that.
I don't understand exactly how that happened to you, what information did you have on your bitcointalk account that helped them hack your brain wallet?

It is the number one reason why bitcoin hasn't taken off as we all hope, security is much harder to perfect than almost everyone thinks

I received an email from bitcoin talk that the hacker who brought bitcoin talk for a few days could have stolen my password hash amongst other things. This same password in the form of 'passwordpasswordpassword' was my brain wallet. Its a pretty random password, I dont believe it was brute force hacked. Im really baffled, I think it must have been the bitcoin talk hacker targeting me. There is also a chance it was bitaddress.org that was compromised but Ive never had that trouble before.

NUFCrichard
Legendary
*
Offline Offline

Activity: 1218
Merit: 1003


View Profile
May 29, 2015, 11:21:15 AM
 #5

That sucks, I hope you didn't have all of your bitcoin in that one wallet, though obviously 12 bitcoin is a hell of a lot to lose anyway

Bitcointalk should probably use 2fa to protect the users, I can't see much reason not to offer it at least.
Kyraishi
Hero Member
*****
Offline Offline

Activity: 952
Merit: 513



View Profile
May 29, 2015, 11:22:46 AM
 #6

And how he found that this address is yours?


He must have hacked my bitcoin talk password, like most of us, and tried many combinations to produce my private key.

Sorry to hear that.
I don't understand exactly how that happened to you, what information did you have on your bitcointalk account that helped them hack your brain wallet?

It is the number one reason why bitcoin hasn't taken off as we all hope, security is much harder to perfect than almost everyone thinks

I received an email from bitcoin talk that the hacker who brought bitcoin talk for a few days could have stolen my password hash amongst other things. This same password in the form of 'passwordpasswordpassword' was my brain wallet. Its a pretty random password, I dont believe it was brute force hacked. Im really baffled, I think it must have been the bitcoin talk hacker targeting me. There is also a chance it was bitaddress.org that was compromised but Ive never had that trouble before.

You used the live version of bitaddress or did you download the github repository and created your address from that?
Also, did you scan your PC for keyloggers, trojans, etc?

bronan
Hero Member
*****
Offline Offline

Activity: 774
Merit: 500


Lazy Lurker Reads Alot


View Profile
May 29, 2015, 11:24:03 AM
 #7

Even bank-, governement- massive shop sites and systems are not safe.
Let me remind you nasa, fbi and cia has been victim as well.
Yes its often a small gap, but they seem allways find that small fail in the systems.
Nothing is absolute safe against these attacks.
Its for most people too much to stay safe small mistakes by any person using your system can make a big hole in your security.
Some girlfriend of my wife was a real facebook lover and opened up all kinda sites and never refused any of the java and adobe stuff, its obvious that my system got infiltrated.
So even though some are trying to make it hard to get hacked, a friend or girlfriend could easily make the same mistake.
I have huge problems to get people to use different passes on different sites and programs, they simply refuse because they can not remember more than 2 passwords.....
Even today i noticed a group of workers who shared the system passes freely, everywhere stickers with the passwords from all of them.
Its time we find better ways to secure our programs/sites whatever from these problems.
I was hoping biometrics would solve alot, but i found even these have flaws and sometimes am worse than having passwords.


 
chessnut (OP)
Legendary
*
Offline Offline

Activity: 924
Merit: 1001



View Profile
May 29, 2015, 11:35:19 AM
 #8

There is also a chance it was bitaddress.org that was compromised but Ive never had that trouble before.

You used the live version of bitaddress or did you download the github repository and created your address from that?
Also, did you scan your PC for keyloggers, trojans, etc?
[/quote]

I used the live version of bitaddress. Im not very computer savy, I dont know how to tell if I have key loggers on my computer. I am using Ubuntu 14.04, be that as it may. Ive never had trouble on linux (except possibly this occasion)

That sucks, I hope you didn't have all of your bitcoin in that one wallet, though obviously 12 bitcoin is a hell of a lot to lose anyway

Bitcointalk should probably use 2fa to protect the users, I can't see much reason not to offer it at least.

Its wasnt too much of my total btc worth, but plenty enough to make me cringe.  Angry I was thinking of buying a new laptop but Im not feeling that rich any more.

spartacusrex
Hero Member
*****
Offline Offline

Activity: 718
Merit: 545



View Profile
May 29, 2015, 11:42:00 AM
 #9

Sorry to hear that..  Angry

May I ask how many characters your bitcointalk password was ? I'll use X.

So the attack 'could' have been :

1) Hack bitcointalk and download the hash of all the passwords.

2) Check password hashes against known hashes in rainbow tables and then brute force all combinations up to X letters still missing.

3) If you find a valid password/hash combo try it in brainwallet and see if the address exists. Try many combinations of the password, including stringing multiple copies together. Maybe billions.

4) Empty any funds found.

..

Very harsh my friend.

I use a brainwallet too, but the password is VERY loonnggg.. (over 200 characters symbols/number/characters etc..). not repeated strings. never used in part or in full anywhere else. ever...


..GRUDDDAMMM HACCKKKERRSSS@!!!@£$!
 

Life is Code.
shulio
Legendary
*
Offline Offline

Activity: 1540
Merit: 1016


View Profile
May 29, 2015, 11:43:15 AM
 #10

The hacker could be the one that hacked bitcointalk because most of our password are compromised and I dont see many people claim that they lost their account because of the server compromised. It seems like his target is this, to hack the brain wallet of the bitcoin address that may have the same password with bitcointalk password
franky1
Legendary
*
Offline Offline

Activity: 4172
Merit: 4357



View Profile
May 29, 2015, 11:44:41 AM
 #11

lesson to learn dont use

example123example123example123example123

if anything
3x4mp731233x4mp731233x4mp731233x4mp731233x4mp731233x4mp731233x4mp731233x4mp7312 33x4mp731233x4mp731233x4mp731233x4mp73123
3x4mp731233x4mp731233x4mp731233x4mp731233x4mp731233x4mp731233x4mp731233x4mp7312 33x4mp731233x4mp731233x4mp731233x4mp73123

use really long passphrases and not with dictionary words spelled out exactly as found in the dictionary.

if its not atleast 50 characters long, you might aswell say goodbye to it within a couple months

I DO NOT TRADE OR ACT AS ESCROW ON THIS FORUM EVER.
Please do your own research & respect what is written here as both opinion & information gleaned from experience. many people replying with insults but no on-topic content substance, automatically are 'facepalmed' and yawned at
franky1
Legendary
*
Offline Offline

Activity: 4172
Merit: 4357



View Profile
May 29, 2015, 11:46:17 AM
 #12

The hacker could be the one that hacked bitcointalk because most of our password are compromised and I dont see many people claim that they lost their account because of the server compromised. It seems like his target is this, to hack the brain wallet of the bitcoin address that may have the same password with bitcointalk password

if only websites had some common sense and not store clear-text passwords..

all passwords should be hashes of a password that is converted at login but the cleartext is never stored.

I DO NOT TRADE OR ACT AS ESCROW ON THIS FORUM EVER.
Please do your own research & respect what is written here as both opinion & information gleaned from experience. many people replying with insults but no on-topic content substance, automatically are 'facepalmed' and yawned at
NorrisK
Legendary
*
Offline Offline

Activity: 1946
Merit: 1007



View Profile
May 29, 2015, 11:47:05 AM
 #13

There is also a chance it was bitaddress.org that was compromised but Ive never had that trouble before.

You used the live version of bitaddress or did you download the github repository and created your address from that?
Also, did you scan your PC for keyloggers, trojans, etc?

I used the live version of bitaddress. Im not very computer savy, I dont know how to tell if I have key loggers on my computer. I am using Ubuntu 14.04, be that as it may. Ive never had trouble on linux (except possibly this occasion)

That sucks, I hope you didn't have all of your bitcoin in that one wallet, though obviously 12 bitcoin is a hell of a lot to lose anyway

Bitcointalk should probably use 2fa to protect the users, I can't see much reason not to offer it at least.

Its wasnt too much of my total btc worth, but plenty enough to make me cringe.  Angry I was thinking of buying a new laptop but Im not feeling that rich any more.

[/quote]

I think it is wise to run a good antivirus progrm. I would try hit man pro. It has a 30 day free trial for its full version
 in addition, install hit man pro alert, which monitors and blocks any suspicious browser activity. (I think it blocks stuff like browser hijackers etc).
Jamie_Boulder
Sr. Member
****
Offline Offline

Activity: 378
Merit: 250


View Profile WWW
May 29, 2015, 11:48:23 AM
 #14

Perfect example why everyone should change their passwords on all platforms if they were the same as their bitcointalk one.

Kyraishi
Hero Member
*****
Offline Offline

Activity: 952
Merit: 513



View Profile
May 29, 2015, 11:49:06 AM
 #15

@OP I have one more question:

Did you not change your forum password after the hack?
Theymos made it clear that it is better to change your password to be on the safe side.

chessnut (OP)
Legendary
*
Offline Offline

Activity: 924
Merit: 1001



View Profile
May 29, 2015, 11:54:49 AM
 #16

@OP I have one more question:

Did you not change your forum password after the hack?
Theymos made it clear that it is better to change your password to be on the safe side.

I did change my password asap after the hack.

shulio
Legendary
*
Offline Offline

Activity: 1540
Merit: 1016


View Profile
May 29, 2015, 11:57:11 AM
 #17

The hacker could be the one that hacked bitcointalk because most of our password are compromised and I dont see many people claim that they lost their account because of the server compromised. It seems like his target is this, to hack the brain wallet of the bitcoin address that may have the same password with bitcointalk password

if only websites had some common sense and not store clear-text passwords..

all passwords should be hashes of a password that is converted at login but the cleartext is never stored.

Some website has this feature but I think at bitcointalk, this is not the way they store our password. Because of the server compromised, alot of old VIP account that never posted come back to post . I think this make sense this is the hacker target because if he hack a usual account , theymos can easily restore it back. I guess the hacker hit a jackpot
Lorenzo
Sr. Member
****
Offline Offline

Activity: 406
Merit: 250



View Profile
May 29, 2015, 12:09:02 PM
 #18

The hacker could be the one that hacked bitcointalk because most of our password are compromised and I dont see many people claim that they lost their account because of the server compromised. It seems like his target is this, to hack the brain wallet of the bitcoin address that may have the same password with bitcointalk password

if only websites had some common sense and not store clear-text passwords..

all passwords should be hashes of a password that is converted at login but the cleartext is never stored.

The hacker could be the one that hacked bitcointalk because most of our password are compromised and I dont see many people claim that they lost their account because of the server compromised. It seems like his target is this, to hack the brain wallet of the bitcoin address that may have the same password with bitcointalk password

if only websites had some common sense and not store clear-text passwords..

all passwords should be hashes of a password that is converted at login but the cleartext is never stored.

Some website has this feature but I think at bitcointalk, this is not the way they store our password. Because of the server compromised, alot of old VIP account that never posted come back to post . I think this make sense this is the hacker target because if he hack a usual account , theymos can easily restore it back. I guess the hacker hit a jackpot

Isn't this what BitcoinTalk did though? Passwords were never stored in plaintext but were instead stored in cryptographic hashes. Had this not been the case, there would be far more compromised accounts than what we're seeing right now:

Quote
Compromised password hashes means that your actual passwords have not been revealed but their hash has. What that can do is link passwords across different accounts. For example the most common password hash algorithm is the md5 which is used to store a one way hash of a password. The md5 hash of the password “abc123″ would be “e99a18c428cb38d5f260853678922e03″. It is a good idea to change the password on any accounts that used the same password as your bitcointalk account because an attacker can try to access your alternate accounts by authenticating to the server by sending packets of your hashed password and username.

Link: http://themerkle.com/psa/bitcointalk-server-compromised-due-to-a-social-engineering-attack/

Quote
At 09:00 UTC on 24 of May I received an email telling me that the owner of the server of bitcointalk.org had lost control of among other things the password hashes. Since the passwords were not stored themselves the hacker couldn't get the passwords but could confirm a given word to be a password by comparing its hash to the hashes that were stolen.

Link: http://letstalkbitcoin.com/forum/post/bitcointalk-hacked

An older article:

Quote
Fortunately, Bitcointalk.org stores passwords in cryptographic hashes meaning that clear passwords would not have been leaked to the attacker. Given enough time and energy a determined attacker can still decrypt the passwords; but using hashes is still an excellent practice that gives establishments and forum users enough time to get them changed to help reduce the damage from a password leak.

http://siliconangle.com/blog/2011/09/12/forum-user-passwords-possibly-stolen-in-bitcointalk-org-bill-cosby-hack/
Kyraishi
Hero Member
*****
Offline Offline

Activity: 952
Merit: 513



View Profile
May 29, 2015, 12:15:41 PM
 #19

@OP I have one more question:

Did you not change your forum password after the hack?
Theymos made it clear that it is better to change your password to be on the safe side.

I did change my password asap after the hack.

After the forum hack or your wallet hack?
If it was after the forum hack, then why didn't you change your wallet password as well?

-snip-

As such, you should change your password here and anywhere else you used that same password. You should disable your secret question and assume that the attacker now knows your answer to your secret question. You should prepare to receive phishing emails at your forum email address.

-snip-

cinnamon_carter
Legendary
*
Offline Offline

Activity: 1148
Merit: 1018


It's about time -- All merrit accepted !!!


View Profile WWW
May 29, 2015, 12:17:56 PM
 #20

to use or not to use brain wallet I think is a careful choice you need brainpower to make.

Check out my coin Photon
Merge Mine 5 other Blake 256 coins - 6x your hash power  https://www.blakecoin.org/

The obvious choice is not always the best choice.

LOOK DEEPER - Look into the Blake 256 Family -- CC
Pages: [1] 2 3 4 5 »  All
  Print  
 
Jump to:  

Powered by MySQL Powered by PHP Powered by SMF 1.1.19 | SMF © 2006-2009, Simple Machines Valid XHTML 1.0! Valid CSS!