Bitcoin Forum
November 06, 2024, 05:19:01 AM *
News: Latest Bitcoin Core release: 28.0 [Torrent]
 
   Home   Help Search Login Register More  
Pages: [1] 2 3 4 5 6 7 »  All
  Print  
Author Topic: I've just been robbed :-(  (Read 19257 times)
Cdecker (OP)
Hero Member
*****
Offline Offline

Activity: 489
Merit: 505



View Profile WWW
September 28, 2012, 08:10:39 PM
 #1

Well, just to prove that even long time members are not secure from being stupid. My wallet has just been cleared out:


At first I thought maybe it's just an old transaction that has only now been submitted, but I can't find any wallet of mine that owns those keys.

I had my wallet encrypted, but this was apparently an old backup of my wallet that I must have stored somewhere.

Any tips on what to do next? I'm still a bit fuzzy about the details. Can we blacklist those funds somehow?

Want to see what developers are chatting about? http://bitcoinstats.com/irc/bitcoin-dev/logs/
Bitcoin-OTC Rating
eb3full
VIP
Full Member
*
Offline Offline

Activity: 198
Merit: 101


View Profile
September 28, 2012, 08:11:26 PM
 #2

You're pretty much screwed. :\

"With four parameters I can fit an elephant, and with five I can make him wiggle his trunk." John von Neumann
buy me beer: 1HG9cBBYME4HUVhfAqQvW9Vqwh3PLioHcU
Cdecker (OP)
Hero Member
*****
Offline Offline

Activity: 489
Merit: 505



View Profile WWW
September 28, 2012, 08:12:50 PM
 #3

You're pretty much screwed. :\
Yep, that much I knew already.

Want to see what developers are chatting about? http://bitcoinstats.com/irc/bitcoin-dev/logs/
Bitcoin-OTC Rating
augustocroppo
VIP
Hero Member
*
Offline Offline

Activity: 756
Merit: 504


View Profile
September 28, 2012, 08:17:42 PM
 #4


Any tips on what to do next? I'm still a bit fuzzy about the details. Can we blacklist those funds somehow?

Before any further steps to investigate the transactions, you have to prove that you owned the stolen funds.
wachtwoord
Legendary
*
Offline Offline

Activity: 2338
Merit: 1136


View Profile
September 28, 2012, 08:18:02 PM
 #5

I feel bad for you Sad
Severian
Sr. Member
****
Offline Offline

Activity: 476
Merit: 250



View Profile
September 28, 2012, 08:19:15 PM
 #6

That sucks, bro.

If it's any consolation (probably not), I heard a story on this forum once about a guy that formatted a drive with tens of thousands of coins on it. He said the worst part was his wife knowing about it.
Cdecker (OP)
Hero Member
*****
Offline Offline

Activity: 489
Merit: 505



View Profile WWW
September 28, 2012, 08:19:15 PM
 #7

Before any further steps to investigate the transactions, you have to prove that you owned the stolen funds.
Well that shouldn't be too hard, I can sign a message with the private key belonging to one of the addresses. But I don't see that doing any good.

Want to see what developers are chatting about? http://bitcoinstats.com/irc/bitcoin-dev/logs/
Bitcoin-OTC Rating
Spekulatius
Legendary
*
Offline Offline

Activity: 1022
Merit: 1000



View Profile
September 28, 2012, 08:41:20 PM
 #8

Is this incident somehow related to this?:

Well I was wondering how long it would take for people to notice. It's me Cheesy

And no I am not putting lots of hashing power to the network, notice that it just says "relayed by" and not "mined by". I'm performing some measurements, paper is due in a few weeks.
BC12345
Newbie
*
Offline Offline

Activity: 57
Merit: 0


View Profile
September 28, 2012, 08:42:30 PM
Last edit: September 28, 2012, 08:53:53 PM by BC12345
 #9

It might just be a coincidence and will not improve your situation, but there was a discussion today

https://bitcointalk.org/index.php?topic=113654.40

and then someone found this

http://82.130.102.160/

Probably because of the name "BitThief", people started speculating over the purpose of this program so I posted a link to your members page at the ethz to point out that this program is not related to bitcoins. A few minutes later I replaced the link with the following

http://bitthief.ethz.ch/

This happened about an hour before the transaction of your funds. As I said before, this might be a coincidence but I am really sorry if I have drawn attention to you and your funds.
flatfly
Legendary
*
Offline Offline

Activity: 1092
Merit: 1016

760930


View Profile
September 28, 2012, 08:43:00 PM
 #10

Is your computer infected? Did you notice anything unusual?  Did you run a full AV scan?
jgarzik
Legendary
*
Offline Offline

Activity: 1596
Merit: 1100


View Profile
September 28, 2012, 08:44:30 PM
 #11

Any tips on what to do next? I'm still a bit fuzzy about the details. Can we blacklist those funds somehow?

Figure out how it happened, gather details, file a police and FBI cybercrimes report.

Make sure the method of theft is not still open.


Jeff Garzik, Bloq CEO, former bitcoin core dev team; opinions are my own.
Visit bloq.com / metronome.io
Donations / tip jar: 1BrufViLKnSWtuWGkryPsKsxonV2NQ7Tcj
apetersson
Hero Member
*****
Offline Offline

Activity: 668
Merit: 501



View Profile
September 28, 2012, 08:49:49 PM
 #12

was there any connection with the university IP and the wallet?
caffeinewriter
Hero Member
*****
Offline Offline

Activity: 532
Merit: 500



View Profile
September 28, 2012, 08:56:47 PM
Last edit: September 28, 2012, 09:15:07 PM by caffeinewriter
 #13

It might just be a coincidence and will not improve your situation, but there was a discussion today

https://bitcointalk.org/index.php?topic=113654.40

and then someone found this

http://82.130.102.160/

Probably because of the name "BitThief", people started speculating over the purpose of this program so I posted a link to your members page at the ethz to point out that this programm is not related to bitcoins. A few minutes later I replaced the link with the following

http://bitthief.ethz.ch/

This happened about an hour before the transaction of your funds. As I said before, this might be a coincidence but I am really sorry if I have drawn attention to you and your funds.

Downloaded, ran in a sandbox, no processes spawned except for BitThief itself, which is a purely leeching torrent client. Stupid and pointless, but not a wallet stealer. Running in ANUBIS to see if I missed something locally.

And here's something to cheer you up.

UPDATE:

Yeah, BitThief does jack shit with bitcoins. The only similarity it shares is that it's P2P

Atlas
Jr. Member
*
Offline Offline

Activity: 56
Merit: 1


View Profile
September 28, 2012, 09:01:27 PM
 #14

Cry, OP. Just let it all out.

You're not getting a dime back. The FBI won't care.
markm
Legendary
*
Offline Offline

Activity: 2996
Merit: 1121



View Profile WWW
September 28, 2012, 09:06:57 PM
 #15

An old backup you stored somewhere?

What does that actually mean?

You gave the staff of some remote file storage site a free unencrypted copy of your wallet yet are surprised they took the coins?

Or what?

-MarkM-

Browser-launched Crossfire client now online (select CrossCiv server for Galactic  Milieu)
Free website hosting with PHP, MySQL etc: http://hosting.knotwork.com/
Gyrsur
Legendary
*
Offline Offline

Activity: 2856
Merit: 1520


Bitcoin Legal Tender Countries: 2 of 206


View Profile WWW
September 28, 2012, 09:14:56 PM
 #16

if you have a copy of your unencrypted wallet.dat somewhere and you encrypt it LATER all your private keys are UNSECURED which you had in the wallet until the encryption task happened.

420
Hero Member
*****
Offline Offline

Activity: 756
Merit: 500



View Profile
September 28, 2012, 09:20:45 PM
 #17

if you have a copy of your unencrypted wallet.dat somewhere and you encrypt it LATER all your private keys are UNSECURED which you had in the wallet until the encryption task happened.

Would be great to hear him confirm this was the case that he had all that before encryption

Donations: 1JVhKjUKSjBd7fPXQJsBs5P3Yphk38AqPr - TIPS
the hacks, the hacks, secure your bits!
kokojie
Legendary
*
Offline Offline

Activity: 1806
Merit: 1003



View Profile
September 28, 2012, 09:21:06 PM
 #18

So, you stored your wallet in plaintext at somewhere other people may be able to access, and surprised someone robbed you?

btc: 15sFnThw58hiGHYXyUAasgfauifTEB1ZF6
Gyrsur
Legendary
*
Offline Offline

Activity: 2856
Merit: 1520


Bitcoin Legal Tender Countries: 2 of 206


View Profile WWW
September 28, 2012, 09:25:36 PM
 #19

if you have a copy of your unencrypted wallet.dat somewhere and you encrypt it LATER all your private keys are UNSECURED which you had in the wallet until the encryption task happened.

Would be great to hear him confirm this was the case that he had all that before encryption

it doesn't matter how many coins you have, ALL your coins are unsecured which you receive with this private key(s) also the coins you might receive in the future!

Cdecker (OP)
Hero Member
*****
Offline Offline

Activity: 489
Merit: 505



View Profile WWW
September 28, 2012, 09:26:40 PM
 #20

Nevermind the other Thread, as I already explained it's part of my research, I myself am 82.130.102.160, and yes we developed BitThief, so that's not it.

I think showing up on blockchain.info actually put a huge target on my back. I see a few connection to my notebook from Russian domains and the big surprise: they are able to log in...
They must have somehow gotten my password or

[...few minutes later ...]

sorry had to kill the network connection, whoever it was they were still logged in on my machine...

Want to see what developers are chatting about? http://bitcoinstats.com/irc/bitcoin-dev/logs/
Bitcoin-OTC Rating
Pages: [1] 2 3 4 5 6 7 »  All
  Print  
 
Jump to:  

Powered by MySQL Powered by PHP Powered by SMF 1.1.19 | SMF © 2006-2009, Simple Machines Valid XHTML 1.0! Valid CSS!