Bitcoin Forum
November 11, 2024, 07:46:20 PM *
News: Latest Bitcoin Core release: 28.0 [Torrent]
 
   Home   Help Search Login Register More  
Pages: « 1 [2] 3 4 5 »  All
  Print  
Author Topic: Brain Wallet hacked, suspect bitcoin talk hackers.  (Read 5564 times)
chessnut (OP)
Legendary
*
Offline Offline

Activity: 924
Merit: 1001



View Profile
May 29, 2015, 12:25:12 PM
 #21

@OP I have one more question:

Did you not change your forum password after the hack?
Theymos made it clear that it is better to change your password to be on the safe side.

I did change my password asap after the hack.

After the forum hack or your wallet hack?
If it was after the forum hack, then why didn't you change your wallet password as well?

-snip-

As such, you should change your password here and anywhere else you used that same password. You should disable your secret question and assume that the attacker now knows your answer to your secret question. You should prepare to receive phishing emails at your forum email address.

-snip-

Well, silly me, I should have changed it. But having received that email saying the hacker probably only had a hash of my password I thought it would be fine since the brain wallet was furthermore in the form of passwordpasswordpassword. The address was emptied just hours after I deposited the funds. I had deposited 0.1btc beforehand without trouble. spooky.

rtrtcrypto
Hero Member
*****
Offline Offline

Activity: 627
Merit: 500


View Profile
May 29, 2015, 12:30:29 PM
 #22

When generating a brain wallet, you MUST use something like DICEWARE and have at least 96 bits of entropy. Only then will you be "safe".

Your password had very low entropy - it was just a matter of time. Repeating words in patterns does NOTHING against an attack.

Password123 and the same repeated 10x is worthless.
Moebius327
Hero Member
*****
Offline Offline

Activity: 770
Merit: 500



View Profile
May 29, 2015, 12:33:56 PM
 #23

I am sorry you lost so much bitcoins, but you should have immediately changed your brainwallet after the site went offline.

After all cracking brain wallets is easy if you have a the right "dictionary". Let's say the hacker managed to crack 50% of all easy to crack bitcointalk passwords and put them in his "dictionary". Then he tried different possibilities of all the passwords:

cracked: password
try: passwordpwassword, PASSWORDPASSWORD, passwordpasswordpassword, passwordpasswordpasswordpassword, password1password2password3, etc.


I am sure you are not the only one who lost some bitcoins this way.

Don't use the same password twice. Don't use a similar passwords.
chessnut (OP)
Legendary
*
Offline Offline

Activity: 924
Merit: 1001



View Profile
May 29, 2015, 12:38:46 PM
 #24

When generating a brain wallet, you MUST use something like DICEWARE and have at least 96 bits of entropy. Only then will you be "safe".

Your password had very low entropy - it was just a matter of time. Repeating words in patterns does NOTHING against an attack.

Password123 and the same repeated 10x is worthless.

I know that Password123 is literally worthless, but are you saying that a stronger password such as YankeeDoodle123 is useless too? surely a password like YankeeDoodle123YankeeDoodle123YankeeDoodle123 would be very unlikely to be hacked?? and three times the password would mean at least 3x the difficulty to hack no? if hackers need to combine every password in multiples of three they must be doing 3x the work (which is already a lot in the case of YankeeDoodle123!?)

CIYAM
Legendary
*
Offline Offline

Activity: 1890
Merit: 1086


Ian Knowles - CIYAM Lead Developer


View Profile WWW
May 29, 2015, 12:42:20 PM
 #25

When generating a brain wallet, you MUST use something like DICEWARE and have at least 96 bits of entropy. Only then will you be "safe".

I have a still unhacked brainwallet that I created back in 2012 using "my own brain" so I think MUST in regards to DICEWARE or the like is overstating things a tad (recommended might be a more reasonable way to put it).

Your password had very low entropy - it was just a matter of time. Repeating words in patterns does NOTHING against an attack.

Password123 and the same repeated 10x is worthless.

That of course depends upon the method being used to brute force your password but very simple patterns such as repeating once or twice are not going to help much (as presumably was the case here).

With CIYAM anyone can create 100% generated C++ web applications in literally minutes.

GPG Public Key | 1ciyam3htJit1feGa26p2wQ4aw6KFTejU
chessnut (OP)
Legendary
*
Offline Offline

Activity: 924
Merit: 1001



View Profile
May 29, 2015, 12:43:47 PM
 #26

I am sorry you lost so much bitcoins, but you should have immediately changed your brainwallet after the site went offline.

After all cracking brain wallets is easy if you have a the right "dictionary". Let's say the hacker managed to crack 50% of all easy to crack bitcointalk passwords and put them in his "dictionary". Then he tried different possibilities of all the passwords:

cracked: password
try: passwordpwassword, PASSWORDPASSWORD, passwordpasswordpassword, passwordpasswordpasswordpassword, password1password2password3, etc.


I am sure you are not the only one who lost some bitcoins this way.

Don't use the same password twice. Don't use a similar passwords.

Thanks.

I guess this must have been the case, although it still seems so unlikely to me that people would even try this while there are so many possible combinations of passwords.

louise123
Sr. Member
****
Offline Offline

Activity: 462
Merit: 250



View Profile
May 29, 2015, 12:44:23 PM
 #27

Can I ask why you used bitaddress.org to create an address instead of creating one in Bitcoin Core?

Also, it doesn't seem like the usual brainwallet hack.
So it must either be that your PC is compromised, bitaddress is compromised or the forum hacker(s).

I lean towards the first case scenario.

██████
███
███
███
███
███
███
███
███
███
███
███
███
                ▄███
             ▄███▌ █
            ▀▀▀██▄  █
          ▄███▄▄ ▀▀▀█
         █ █████▀▀▀▄▄
        ▄██ ███▄    █
       ▐███▀   ▀█   █
       ████     █   █
      ▄██▀▄█▄▄▄█▀   █
      ▀▄▄███▌      █
  ▄▄▄▀▀▀████       █
▄▀    ██ ██       █
▐▌     ██▌▐▌      ▀▄
█      ██ █         ▀▄
█      █▀▄▌          █
█   ▄▀█▄██           █
█ ▄▀      ▀▀▄▄▀▄     █
▀▀             █    █
              █  ▄▀
              ▀▄█
     ▀█████████████▄▄
 ▀ ▀▀▀███████████████▌
  ▀ ▀▀▀▀██▀▀▀▀▀▀██████         ▄███████▄      ▄▄███████▄    ▄███▄    ▄███▄ ▄███▄      ▄███▄
▀ ▀▀▀▀█████▄▄▄▄▄▄█████▌       ▄████▀▀▀████▄   ▐████▀▀█████   ▀████▄ ▄████▀ █████▄    ▄█████
   ▀▀███████████████▀       █████     ████▌          ████▌    ▀████████▀    █████▄  ▄█████▌
  ▀ ▀████████████████▀ ▀    ██████████████▌   ▄▄██████████     ▄██████▄      █████▄▄█████▌
    ██████      ██▀▀▀▀▀▀▀ ▀ █████▀▀▀▀▀▀▀▀    █████▀▀▀█████    ▄████████▄      ██████████▌
    ██████▄▄▄▄▄▄██████▄ ▄    ████▄▄   ▄▄█▄   ████▄  ▄█████ ▄█████▀▀█████▄     ████████▌
    █████████████████▀        ▀███████████   ▀████████████  ████▀    ▀████      ██████▌
    ██████████████▀▀             ▀▀▀▀▀▀▀       ▀▀▀▀▀▀ ▀▀▀    ▀▀        ▀▀        █████
                                                                               ▄█████
                                                                           ▄███████▀
                                                                           ▀████▀▀
███
███
███
███
███
███
███
███
███
███
███
███
██████
|█████████████████
███████████████████
█████████████████████
███████████████████████
███████████████████████
███████████████████████
███████████████████████
███████████████████████
███████████████████████
███████████████████████
███████████████████████
███████████████████████
███████████████████████
  WHITEPAPER 
 LIGHTPAPER
|Instant Deposit
✓ 24/7 Support
Referral Program
Havelivi
Hero Member
*****
Offline Offline

Activity: 896
Merit: 1000



View Profile
May 29, 2015, 12:45:24 PM
 #28

I am sorry you lost so much bitcoins, but you should have immediately changed your brainwallet after the site went offline.

After all cracking brain wallets is easy if you have a the right "dictionary". Let's say the hacker managed to crack 50% of all easy to crack bitcointalk passwords and put them in his "dictionary". Then he tried different possibilities of all the passwords:

cracked: password
try: passwordpwassword, PASSWORDPASSWORD, passwordpasswordpassword, passwordpasswordpasswordpassword, password1password2password3, etc.


I am sure you are not the only one who lost some bitcoins this way.

Don't use the same password twice. Don't use a similar passwords.

i think that kind of password is not good choice for online use when you have some coins in a address, as i use 4 different kind of passwords and make them in a combination like my favorite place, car,food and day with mix of 5 letters for example : 1paris2honda3burger4weekend5 ... i think that kind of combination more secure to use.
louise123
Sr. Member
****
Offline Offline

Activity: 462
Merit: 250



View Profile
May 29, 2015, 12:49:38 PM
 #29

I am sorry you lost so much bitcoins, but you should have immediately changed your brainwallet after the site went offline.

After all cracking brain wallets is easy if you have a the right "dictionary". Let's say the hacker managed to crack 50% of all easy to crack bitcointalk passwords and put them in his "dictionary". Then he tried different possibilities of all the passwords:

cracked: password
try: passwordpwassword, PASSWORDPASSWORD, passwordpasswordpassword, passwordpasswordpasswordpassword, password1password2password3, etc.


I am sure you are not the only one who lost some bitcoins this way.

Don't use the same password twice. Don't use a similar passwords.

i think that kind of password is not good choice for online use when you have some coins in a address, as i use 4 different kind of passwords and make them in a combination like my favorite place, car,food and day with mix of 5 letters for example : 1paris2honda3burger4weekend5 ... i think that kind of combination more secure to use.

Adding special characters like: ! # @ $ & etc also makes a password stronger.
Also try and add it in the middle, e.g.: PaS#sW@o$r&d!

And of course the usual combo of upper-lower case and numbers

██████
███
███
███
███
███
███
███
███
███
███
███
███
                ▄███
             ▄███▌ █
            ▀▀▀██▄  █
          ▄███▄▄ ▀▀▀█
         █ █████▀▀▀▄▄
        ▄██ ███▄    █
       ▐███▀   ▀█   █
       ████     █   █
      ▄██▀▄█▄▄▄█▀   █
      ▀▄▄███▌      █
  ▄▄▄▀▀▀████       █
▄▀    ██ ██       █
▐▌     ██▌▐▌      ▀▄
█      ██ █         ▀▄
█      █▀▄▌          █
█   ▄▀█▄██           █
█ ▄▀      ▀▀▄▄▀▄     █
▀▀             █    █
              █  ▄▀
              ▀▄█
     ▀█████████████▄▄
 ▀ ▀▀▀███████████████▌
  ▀ ▀▀▀▀██▀▀▀▀▀▀██████         ▄███████▄      ▄▄███████▄    ▄███▄    ▄███▄ ▄███▄      ▄███▄
▀ ▀▀▀▀█████▄▄▄▄▄▄█████▌       ▄████▀▀▀████▄   ▐████▀▀█████   ▀████▄ ▄████▀ █████▄    ▄█████
   ▀▀███████████████▀       █████     ████▌          ████▌    ▀████████▀    █████▄  ▄█████▌
  ▀ ▀████████████████▀ ▀    ██████████████▌   ▄▄██████████     ▄██████▄      █████▄▄█████▌
    ██████      ██▀▀▀▀▀▀▀ ▀ █████▀▀▀▀▀▀▀▀    █████▀▀▀█████    ▄████████▄      ██████████▌
    ██████▄▄▄▄▄▄██████▄ ▄    ████▄▄   ▄▄█▄   ████▄  ▄█████ ▄█████▀▀█████▄     ████████▌
    █████████████████▀        ▀███████████   ▀████████████  ████▀    ▀████      ██████▌
    ██████████████▀▀             ▀▀▀▀▀▀▀       ▀▀▀▀▀▀ ▀▀▀    ▀▀        ▀▀        █████
                                                                               ▄█████
                                                                           ▄███████▀
                                                                           ▀████▀▀
███
███
███
███
███
███
███
███
███
███
███
███
██████
|█████████████████
███████████████████
█████████████████████
███████████████████████
███████████████████████
███████████████████████
███████████████████████
███████████████████████
███████████████████████
███████████████████████
███████████████████████
███████████████████████
███████████████████████
  WHITEPAPER 
 LIGHTPAPER
|Instant Deposit
✓ 24/7 Support
Referral Program
chessnut (OP)
Legendary
*
Offline Offline

Activity: 924
Merit: 1001



View Profile
May 29, 2015, 12:53:45 PM
 #30

Can I ask why you used bitaddress.org to create an address instead of creating one in Bitcoin Core?

Also, it doesn't seem like the usual brainwallet hack.
So it must either be that your PC is compromised, bitaddress is compromised or the forum hacker(s).

I lean towards the first case scenario.

I didnt know that you can use bitcoin core to generate brain wallets. Im interested in that.

Im also worried that my computer is compromised, but I have made some bait wallets with some btc in them in a similar fashion and so far nothing. I have another brain wallet generated on bitaddress.com from a few months back which is uncompromised too.


bronan
Hero Member
*****
Offline Offline

Activity: 774
Merit: 500


Lazy Lurker Reads Alot


View Profile
May 29, 2015, 12:57:00 PM
 #31

Sorry for your loss.

It might be that the hackers have used the forum to get this kinda information.
But on the other hand if it was not related to the forum hack, it could happen easily if you used the same password elsewhere.
What browser did you use and does it have plugins installed or toolbars ?
If so are you sure they can not be used as keyloggers ?
In any case the btc is gone forever, and there is nothing anyone can do about it.
 
louise123
Sr. Member
****
Offline Offline

Activity: 462
Merit: 250



View Profile
May 29, 2015, 01:04:12 PM
 #32

Can I ask why you used bitaddress.org to create an address instead of creating one in Bitcoin Core?

Also, it doesn't seem like the usual brainwallet hack.
So it must either be that your PC is compromised, bitaddress is compromised or the forum hacker(s).

I lean towards the first case scenario.

I didnt know that you can use bitcoin core to generate brain wallets. Im interested in that.

Im also worried that my computer is compromised, but I have made some bait wallets with some btc in them in a similar fashion and so far nothing. I have another brain wallet generated on bitaddress.com from a few months back which is uncompromised too.



No, AFAIK Bitcoin Core can generate a new standard address (for the moment), not a brainwallet address.
If you want brainwallet address the I would suggest you actually download the github files and create addresses from an offline computer that is never to access the internet.

██████
███
███
███
███
███
███
███
███
███
███
███
███
                ▄███
             ▄███▌ █
            ▀▀▀██▄  █
          ▄███▄▄ ▀▀▀█
         █ █████▀▀▀▄▄
        ▄██ ███▄    █
       ▐███▀   ▀█   █
       ████     █   █
      ▄██▀▄█▄▄▄█▀   █
      ▀▄▄███▌      █
  ▄▄▄▀▀▀████       █
▄▀    ██ ██       █
▐▌     ██▌▐▌      ▀▄
█      ██ █         ▀▄
█      █▀▄▌          █
█   ▄▀█▄██           █
█ ▄▀      ▀▀▄▄▀▄     █
▀▀             █    █
              █  ▄▀
              ▀▄█
     ▀█████████████▄▄
 ▀ ▀▀▀███████████████▌
  ▀ ▀▀▀▀██▀▀▀▀▀▀██████         ▄███████▄      ▄▄███████▄    ▄███▄    ▄███▄ ▄███▄      ▄███▄
▀ ▀▀▀▀█████▄▄▄▄▄▄█████▌       ▄████▀▀▀████▄   ▐████▀▀█████   ▀████▄ ▄████▀ █████▄    ▄█████
   ▀▀███████████████▀       █████     ████▌          ████▌    ▀████████▀    █████▄  ▄█████▌
  ▀ ▀████████████████▀ ▀    ██████████████▌   ▄▄██████████     ▄██████▄      █████▄▄█████▌
    ██████      ██▀▀▀▀▀▀▀ ▀ █████▀▀▀▀▀▀▀▀    █████▀▀▀█████    ▄████████▄      ██████████▌
    ██████▄▄▄▄▄▄██████▄ ▄    ████▄▄   ▄▄█▄   ████▄  ▄█████ ▄█████▀▀█████▄     ████████▌
    █████████████████▀        ▀███████████   ▀████████████  ████▀    ▀████      ██████▌
    ██████████████▀▀             ▀▀▀▀▀▀▀       ▀▀▀▀▀▀ ▀▀▀    ▀▀        ▀▀        █████
                                                                               ▄█████
                                                                           ▄███████▀
                                                                           ▀████▀▀
███
███
███
███
███
███
███
███
███
███
███
███
██████
|█████████████████
███████████████████
█████████████████████
███████████████████████
███████████████████████
███████████████████████
███████████████████████
███████████████████████
███████████████████████
███████████████████████
███████████████████████
███████████████████████
███████████████████████
  WHITEPAPER 
 LIGHTPAPER
|Instant Deposit
✓ 24/7 Support
Referral Program
chessnut (OP)
Legendary
*
Offline Offline

Activity: 924
Merit: 1001



View Profile
May 29, 2015, 01:06:28 PM
 #33

Sorry for your loss.

It might be that the hackers have used the forum to get this kinda information.
But on the other hand if it was not related to the forum hack, it could happen easily if you used the same password elsewhere.
What browser did you use and does it have plugins installed or toolbars ?
If so are you sure they can not be used as keyloggers ?
In any case the btc is gone forever, and there is nothing anyone can do about it.
 

Thx mate,

I have used the password elsewhere, but I think it was secure up until the hack.

Im using mozilla firefox. Never had troubles with it before. On firefox Im using FVD speed Dial. Java and adobe are installed on my computer for things like multibit and youtube etc.... Im not computer savy so no im not sure anything cant be used as key loggers but I have developed trust in Linux systems. Is that wrong?

louise123
Sr. Member
****
Offline Offline

Activity: 462
Merit: 250



View Profile
May 29, 2015, 01:06:50 PM
 #34

I am sorry you lost so much bitcoins, but you should have immediately changed your brainwallet after the site went offline.

After all cracking brain wallets is easy if you have a the right "dictionary". Let's say the hacker managed to crack 50% of all easy to crack bitcointalk passwords and put them in his "dictionary". Then he tried different possibilities of all the passwords:

cracked: password
try: passwordpwassword, PASSWORDPASSWORD, passwordpasswordpassword, passwordpasswordpasswordpassword, password1password2password3, etc.


I am sure you are not the only one who lost some bitcoins this way.

Don't use the same password twice. Don't use a similar passwords.

i think that kind of password is not good choice for online use when you have some coins in a address, as i use 4 different kind of passwords and make them in a combination like my favorite place, car,food and day with mix of 5 letters for example : 1paris2honda3burger4weekend5 ... i think that kind of combination more secure to use.



Adding special characters like: ! # @ $ & etc also makes a password stronger.
Also try and add it in the middle, e.g.: PaS#sW@o$r&d!

And of course the usual combo of upper-lower case and numbers
True, using special characters make it several orders of magnitude harder to crack, the problem is,you need at least 12 different words for a decent amount of protection. There are high chances that you eventually forget about 1 word. Brainwallets are tempting but im still scared to forget the seed password, and typing it defeats the purpose of a brain wallet.

I know what you mean.
Personally I just use Bitcoin Core.
i have a cold wallet which I can send funds to and a wallet I use for everything else (small amounts)

██████
███
███
███
███
███
███
███
███
███
███
███
███
                ▄███
             ▄███▌ █
            ▀▀▀██▄  █
          ▄███▄▄ ▀▀▀█
         █ █████▀▀▀▄▄
        ▄██ ███▄    █
       ▐███▀   ▀█   █
       ████     █   █
      ▄██▀▄█▄▄▄█▀   █
      ▀▄▄███▌      █
  ▄▄▄▀▀▀████       █
▄▀    ██ ██       █
▐▌     ██▌▐▌      ▀▄
█      ██ █         ▀▄
█      █▀▄▌          █
█   ▄▀█▄██           █
█ ▄▀      ▀▀▄▄▀▄     █
▀▀             █    █
              █  ▄▀
              ▀▄█
     ▀█████████████▄▄
 ▀ ▀▀▀███████████████▌
  ▀ ▀▀▀▀██▀▀▀▀▀▀██████         ▄███████▄      ▄▄███████▄    ▄███▄    ▄███▄ ▄███▄      ▄███▄
▀ ▀▀▀▀█████▄▄▄▄▄▄█████▌       ▄████▀▀▀████▄   ▐████▀▀█████   ▀████▄ ▄████▀ █████▄    ▄█████
   ▀▀███████████████▀       █████     ████▌          ████▌    ▀████████▀    █████▄  ▄█████▌
  ▀ ▀████████████████▀ ▀    ██████████████▌   ▄▄██████████     ▄██████▄      █████▄▄█████▌
    ██████      ██▀▀▀▀▀▀▀ ▀ █████▀▀▀▀▀▀▀▀    █████▀▀▀█████    ▄████████▄      ██████████▌
    ██████▄▄▄▄▄▄██████▄ ▄    ████▄▄   ▄▄█▄   ████▄  ▄█████ ▄█████▀▀█████▄     ████████▌
    █████████████████▀        ▀███████████   ▀████████████  ████▀    ▀████      ██████▌
    ██████████████▀▀             ▀▀▀▀▀▀▀       ▀▀▀▀▀▀ ▀▀▀    ▀▀        ▀▀        █████
                                                                               ▄█████
                                                                           ▄███████▀
                                                                           ▀████▀▀
███
███
███
███
███
███
███
███
███
███
███
███
██████
|█████████████████
███████████████████
█████████████████████
███████████████████████
███████████████████████
███████████████████████
███████████████████████
███████████████████████
███████████████████████
███████████████████████
███████████████████████
███████████████████████
███████████████████████
  WHITEPAPER 
 LIGHTPAPER
|Instant Deposit
✓ 24/7 Support
Referral Program
louise123
Sr. Member
****
Offline Offline

Activity: 462
Merit: 250



View Profile
May 29, 2015, 01:09:33 PM
 #35

Sorry for your loss.

It might be that the hackers have used the forum to get this kinda information.
But on the other hand if it was not related to the forum hack, it could happen easily if you used the same password elsewhere.
What browser did you use and does it have plugins installed or toolbars ?
If so are you sure they can not be used as keyloggers ?
In any case the btc is gone forever, and there is nothing anyone can do about it.
 

Thx mate,

I have used the password elsewhere, but I think it was secure up until the hack.

Im using mozilla firefox. Never had troubles with it before. On firefox Im using FVD speed Dial. Java and adobe are installed on my computer for things like multibit and youtube etc.... Im not computer savy so no im not sure anything cant be used as key loggers but I have developed trust in Linux systems. Is that wrong?

It's not about Linux.
It could be a malicious website you have visited running a malicious script.
That script could do many things, one of them is to install a backdoor to your system.

You should always scan links you are uncertain of with virustotal.com
And even then, you are still not 100% safe.

██████
███
███
███
███
███
███
███
███
███
███
███
███
                ▄███
             ▄███▌ █
            ▀▀▀██▄  █
          ▄███▄▄ ▀▀▀█
         █ █████▀▀▀▄▄
        ▄██ ███▄    █
       ▐███▀   ▀█   █
       ████     █   █
      ▄██▀▄█▄▄▄█▀   █
      ▀▄▄███▌      █
  ▄▄▄▀▀▀████       █
▄▀    ██ ██       █
▐▌     ██▌▐▌      ▀▄
█      ██ █         ▀▄
█      █▀▄▌          █
█   ▄▀█▄██           █
█ ▄▀      ▀▀▄▄▀▄     █
▀▀             █    █
              █  ▄▀
              ▀▄█
     ▀█████████████▄▄
 ▀ ▀▀▀███████████████▌
  ▀ ▀▀▀▀██▀▀▀▀▀▀██████         ▄███████▄      ▄▄███████▄    ▄███▄    ▄███▄ ▄███▄      ▄███▄
▀ ▀▀▀▀█████▄▄▄▄▄▄█████▌       ▄████▀▀▀████▄   ▐████▀▀█████   ▀████▄ ▄████▀ █████▄    ▄█████
   ▀▀███████████████▀       █████     ████▌          ████▌    ▀████████▀    █████▄  ▄█████▌
  ▀ ▀████████████████▀ ▀    ██████████████▌   ▄▄██████████     ▄██████▄      █████▄▄█████▌
    ██████      ██▀▀▀▀▀▀▀ ▀ █████▀▀▀▀▀▀▀▀    █████▀▀▀█████    ▄████████▄      ██████████▌
    ██████▄▄▄▄▄▄██████▄ ▄    ████▄▄   ▄▄█▄   ████▄  ▄█████ ▄█████▀▀█████▄     ████████▌
    █████████████████▀        ▀███████████   ▀████████████  ████▀    ▀████      ██████▌
    ██████████████▀▀             ▀▀▀▀▀▀▀       ▀▀▀▀▀▀ ▀▀▀    ▀▀        ▀▀        █████
                                                                               ▄█████
                                                                           ▄███████▀
                                                                           ▀████▀▀
███
███
███
███
███
███
███
███
███
███
███
███
██████
|█████████████████
███████████████████
█████████████████████
███████████████████████
███████████████████████
███████████████████████
███████████████████████
███████████████████████
███████████████████████
███████████████████████
███████████████████████
███████████████████████
███████████████████████
  WHITEPAPER 
 LIGHTPAPER
|Instant Deposit
✓ 24/7 Support
Referral Program
chessnut (OP)
Legendary
*
Offline Offline

Activity: 924
Merit: 1001



View Profile
May 29, 2015, 01:12:38 PM
 #36

Sorry for your loss.

It might be that the hackers have used the forum to get this kinda information.
But on the other hand if it was not related to the forum hack, it could happen easily if you used the same password elsewhere.
What browser did you use and does it have plugins installed or toolbars ?
If so are you sure they can not be used as keyloggers ?
In any case the btc is gone forever, and there is nothing anyone can do about it.
 

Thx mate,

I have used the password elsewhere, but I think it was secure up until the hack.

Im using mozilla firefox. Never had troubles with it before. On firefox Im using FVD speed Dial. Java and adobe are installed on my computer for things like multibit and youtube etc.... Im not computer savy so no im not sure anything cant be used as key loggers but I have developed trust in Linux systems. Is that wrong?

It's not about Linux.
It could be a malicious website you have visited running a malicious script.
That script could do many things, one of them is to install a backdoor to your system.

You should always scan links you are uncertain of with virustotal.com
And even then, you are still not 100% safe.

That sounds bad, but I dont understand how it could get around root access in linux? it is not a simple mission to do anything like that surely??

Amph
Legendary
*
Offline Offline

Activity: 3248
Merit: 1070



View Profile
May 29, 2015, 01:18:58 PM
 #37

Sorry for your loss.

It might be that the hackers have used the forum to get this kinda information.
But on the other hand if it was not related to the forum hack, it could happen easily if you used the same password elsewhere.
What browser did you use and does it have plugins installed or toolbars ?
If so are you sure they can not be used as keyloggers ?
In any case the btc is gone forever, and there is nothing anyone can do about it.
 

Thx mate,

I have used the password elsewhere, but I think it was secure up until the hack.

Im using mozilla firefox. Never had troubles with it before. On firefox Im using FVD speed Dial. Java and adobe are installed on my computer for things like multibit and youtube etc.... Im not computer savy so no im not sure anything cant be used as key loggers but I have developed trust in Linux systems. Is that wrong?

It's not about Linux.
It could be a malicious website you have visited running a malicious script.
That script could do many things, one of them is to install a backdoor to your system.

You should always scan links you are uncertain of with virustotal.com
And even then, you are still not 100% safe.

That sounds bad, but I dont understand how it could get around root access in linux? it is not a simple mission to do anything like that surely??

having java installed will surely help the hacker, when you click on some random ad that hide a malicious scrypt

also i think you should use chrome, is far more secure
louise123
Sr. Member
****
Offline Offline

Activity: 462
Merit: 250



View Profile
May 29, 2015, 01:31:11 PM
 #38

Sorry for your loss.

It might be that the hackers have used the forum to get this kinda information.
But on the other hand if it was not related to the forum hack, it could happen easily if you used the same password elsewhere.
What browser did you use and does it have plugins installed or toolbars ?
If so are you sure they can not be used as keyloggers ?
In any case the btc is gone forever, and there is nothing anyone can do about it.
 

Thx mate,

I have used the password elsewhere, but I think it was secure up until the hack.

Im using mozilla firefox. Never had troubles with it before. On firefox Im using FVD speed Dial. Java and adobe are installed on my computer for things like multibit and youtube etc.... Im not computer savy so no im not sure anything cant be used as key loggers but I have developed trust in Linux systems. Is that wrong?

It's not about Linux.
It could be a malicious website you have visited running a malicious script.
That script could do many things, one of them is to install a backdoor to your system.

You should always scan links you are uncertain of with virustotal.com
And even then, you are still not 100% safe.

That sounds bad, but I dont understand how it could get around root access in linux? it is not a simple mission to do anything like that surely??

Not simple, but doable.
Haven't you ever wondered why so many newbie accounts in the forums posting suspicious links?
Because it is exactly that, suspicious links.

And now that I mention it, did you click on any links in the forum lately from newbies?

EDIT: That does not mean that Sr. or Hero members are credible.
If you head over to the digital goods section you will see quite a few of them for sale.

██████
███
███
███
███
███
███
███
███
███
███
███
███
                ▄███
             ▄███▌ █
            ▀▀▀██▄  █
          ▄███▄▄ ▀▀▀█
         █ █████▀▀▀▄▄
        ▄██ ███▄    █
       ▐███▀   ▀█   █
       ████     █   █
      ▄██▀▄█▄▄▄█▀   █
      ▀▄▄███▌      █
  ▄▄▄▀▀▀████       █
▄▀    ██ ██       █
▐▌     ██▌▐▌      ▀▄
█      ██ █         ▀▄
█      █▀▄▌          █
█   ▄▀█▄██           █
█ ▄▀      ▀▀▄▄▀▄     █
▀▀             █    █
              █  ▄▀
              ▀▄█
     ▀█████████████▄▄
 ▀ ▀▀▀███████████████▌
  ▀ ▀▀▀▀██▀▀▀▀▀▀██████         ▄███████▄      ▄▄███████▄    ▄███▄    ▄███▄ ▄███▄      ▄███▄
▀ ▀▀▀▀█████▄▄▄▄▄▄█████▌       ▄████▀▀▀████▄   ▐████▀▀█████   ▀████▄ ▄████▀ █████▄    ▄█████
   ▀▀███████████████▀       █████     ████▌          ████▌    ▀████████▀    █████▄  ▄█████▌
  ▀ ▀████████████████▀ ▀    ██████████████▌   ▄▄██████████     ▄██████▄      █████▄▄█████▌
    ██████      ██▀▀▀▀▀▀▀ ▀ █████▀▀▀▀▀▀▀▀    █████▀▀▀█████    ▄████████▄      ██████████▌
    ██████▄▄▄▄▄▄██████▄ ▄    ████▄▄   ▄▄█▄   ████▄  ▄█████ ▄█████▀▀█████▄     ████████▌
    █████████████████▀        ▀███████████   ▀████████████  ████▀    ▀████      ██████▌
    ██████████████▀▀             ▀▀▀▀▀▀▀       ▀▀▀▀▀▀ ▀▀▀    ▀▀        ▀▀        █████
                                                                               ▄█████
                                                                           ▄███████▀
                                                                           ▀████▀▀
███
███
███
███
███
███
███
███
███
███
███
███
██████
|█████████████████
███████████████████
█████████████████████
███████████████████████
███████████████████████
███████████████████████
███████████████████████
███████████████████████
███████████████████████
███████████████████████
███████████████████████
███████████████████████
███████████████████████
  WHITEPAPER 
 LIGHTPAPER
|Instant Deposit
✓ 24/7 Support
Referral Program
jonald_fyookball
Legendary
*
Offline Offline

Activity: 1302
Merit: 1008


Core dev leaves me neg feedback #abuse #political


View Profile
May 29, 2015, 01:50:26 PM
 #39

After this experience you should go to the highest level of security,
which is true cold storage.  You generate your keys on a machine
that has never been online and never will be, and use physical
coins/dice to generate entropy. 

BillyBobZorton
Legendary
*
Offline Offline

Activity: 1204
Merit: 1028


View Profile
May 29, 2015, 02:12:13 PM
 #40

After this experience you should go to the highest level of security,
which is true cold storage.  You generate your keys on a machine
that has never been online and never will be, and use physical
coins/dice to generate entropy. 

Well, the Winklevoss brothers use Brain Wallet, or at last that's what i've seen on the latest interview. I would never store all of my wallets on a brain walled tho, just "spending money" like you do with Mycellium etc (im hoping no one stores their main stack Mycellium..)
Pages: « 1 [2] 3 4 5 »  All
  Print  
 
Jump to:  

Powered by MySQL Powered by PHP Powered by SMF 1.1.19 | SMF © 2006-2009, Simple Machines Valid XHTML 1.0! Valid CSS!