Blockchain.info acount hacked while using yubikey....

[dunand]

From what I'm reading in this thread the computer of the OP was hacked with a keylogger or the OP was reusing a password from another site.

[casascius]

Google Authenticator should be used instead.  It is drop-dead easy to implement.

This is the entirety of the code needed to compute a Google Authenticator 6-digit code in C#, given the 10-byte secret and the current time.  This is like 20 lines of code at the most!

Code:

    /// <summary>
    /// Calculates the current One Time Password for a secret.
    /// </summary>
    public static string CalculateOneTimePassword(byte[] Secret, Int64 currentUnixTimestamp) {
        if (Secret==null || Secret.Length != 10) return null;

        Int64 Timestamp;
        byte[] Hmac;
    
        int Offset;
        int OneTimePassword;

        // https://tools.ietf.org/html/rfc4226
        Timestamp = Convert.ToInt64(currentUnixTimestamp / 30L);
        var data = BitConverter.GetBytes(Timestamp).Reverse().ToArray();
        Hmac = new HMACSHA1(Secret).ComputeHash(data);
        Offset = Hmac.Last() & 0x0F;
        OneTimePassword = (
            ((Hmac[Offset + 0] & 0x7f) << 24) |
            ((Hmac[Offset + 1] & 0xff) << 16) |
            ((Hmac[Offset + 2] & 0xff) << 8) |
            (Hmac[Offset + 3] & 0xff)
                ) % 1000000;
        return OneTimePassword.ToString("000000");
    }

The 10-byte secret is a randomly generated number, and can be programmed into the user's phone by showing an on-screen QR code of the following format:

otpauth://totp/USERLOGINNAMEHERE?secret=SECRETHERE

where USERLOGINNAMEHERE is text that will be shown to the user to identify their account, and SECRETHERE is the 10 bytes converted into Base32 using the following alphabet: ABCDEFGHIJKLMNOPQRSTUVWXYZ234567 (yields a 16-character string, 'A' has the value 0)

[ChipGeek]

1) If I am using a NON-MtGox Yubikey on my Blockchain.info wallet, is this still (relatively) secure?  Or would using google authenticator be more secure?

2) If someone obtains a backup copy of my Blockchain.info wallet, do they need BOTH my password and Yubikey, or just my password?


Note to OP:  Sorry about loosing your BTC.  The only good that comes from it is that hopefully we can all learn from it and try to prevent it from happening again.

[ArticMine]

This is just another example of a frustrated user of a complicated system that leaves in disgust because of his inability to use it properly. This isn’t the fault of the user it’s the fault of the training program.
 
The one major difference I can see between open source systems and centrally controlled closed systems is the control of the information and user support. Both types of systems can deliver excellent quality but open source lacks a central point of instruction and authority over training for new users. This needs to change.

This ignores the root cause of the problem. It is not the user or lack of training. It is Microsoft Windows which is a propriety operating system. It is even unclear if the Yubikey (apparently incorrectly used) or the backup wallet was compromised. The reality here is that many new users will loose their bitcoins if they use Microsoft Windows as their Operating System. Two factor authentication can help but as this case sadly demonstrates it is not foolproof.

At a very fundamental level a propriety operating system with over 90% market share worldwide is incompatible with bitcoin as the security of bitcoin is ultimately predicated on each individual user having complete control over their computing experience while propriety software is about the exact opposite. Be it Apple's walled garden or Microsoft's centralized control over people's computers the direction that propriety software has taken is very much about centralized control. For example with the recently released Windows 8 RT. Microsoft has complete control over which software is installed on a particular computer or device.

Centralizing control over the training of new bitcoin users in order to accommodate Microsoft or Apple is simply not the answer.

[jl2012]

This is just another example of a frustrated user of a complicated system that leaves in disgust because of his inability to use it properly. This isn’t the fault of the user it’s the fault of the training program.
 
The one major difference I can see between open source systems and centrally controlled closed systems is the control of the information and user support. Both types of systems can deliver excellent quality but open source lacks a central point of instruction and authority over training for new users. This needs to change.

This ignores the root cause of the problem. It is not the user or lack of training. It is Microsoft Windows which is a propriety operating system. It is even unclear if the Yubikey (apparently incorrectly used) or the backup wallet was compromised. The reality here is that many new users will loose their bitcoins if they use Microsoft Windows as their Operating System. Two factor authentication can help but as this case sadly demonstrates it is not foolproof.

At a very fundamental level a propriety operating system with over 90% market share worldwide is incompatible with bitcoin as the security of bitcoin is ultimately predicated on each individual user having complete control over their computing experience while propriety software is about the exact opposite. Be it Apple's walled garden or Microsoft's centralized control over people's computers the direction that propriety software has taken is very much about centralized control. For example with the recently released Windows 8 RT. Microsoft has complete control over which software is installed on a particular computer or device.

Centralizing control over the training of new bitcoin users in order to accommodate Microsoft or Apple is simply not the answer.

I use Windows and bitcoin without any problem. All of my coins are under cold storage and my mtgox account is secured by 2-factor authenication. There is noting wrong to use propriety OS. Linux looks safer simply because less people use it and it's not efficient to hack it for stealing coins. If a Linux user misuses the system (downloading warez or storing unencrypted wallet improperly), their coins will get stolen some day. By they way, I don't think mtgox and bitcoinica are running on Windows but both got hacked

[Kris]

Google Authenticator should be used instead.  It is drop-dead easy to implement.

This is the entirety of the code needed to compute a Google Authenticator 6-digit code in C#, given the 10-byte secret and the current time.  This is like 20 lines of code at the most!

Code:

    /// <summary>
    /// Calculates the current One Time Password for a secret.
    /// </summary>
    public static string CalculateOneTimePassword(byte[] Secret, Int64 currentUnixTimestamp) {
        if (Secret==null || Secret.Length != 10) return null;

        Int64 Timestamp;
        byte[] Hmac;
    
        int Offset;
        int OneTimePassword;

        // https://tools.ietf.org/html/rfc4226
        Timestamp = Convert.ToInt64(currentUnixTimestamp / 30L);
        var data = BitConverter.GetBytes(Timestamp).Reverse().ToArray();
        Hmac = new HMACSHA1(Secret).ComputeHash(data);
        Offset = Hmac.Last() & 0x0F;
        OneTimePassword = (
            ((Hmac[Offset + 0] & 0x7f) << 24) |
            ((Hmac[Offset + 1] & 0xff) << 16) |
            ((Hmac[Offset + 2] & 0xff) << 8) |
            (Hmac[Offset + 3] & 0xff)
                ) % 1000000;
        return OneTimePassword.ToString("000000");
    }

The 10-byte secret is a randomly generated number, and can be programmed into the user's phone by showing an on-screen QR code of the following format:

otpauth://totp/USERLOGINNAMEHERE?secret=SECRETHERE

where USERLOGINNAMEHERE is text that will be shown to the user to identify their account, and SECRETHERE is the 10 bytes converted into Base32 using the following alphabet: ABCDEFGHIJKLMNOPQRSTUVWXYZ234567 (yields a 16-character string, 'A' has the value 0)

Indeed, it seems to do the job. I most admit that I use both Google two-factor authentication on my iPhone to sign in, just a random seed on the image in case anyone wondered.

I then use Secure Card which I have printed out, because this will hide the secure card in the system so I only have it on paper as well, before I am granted access to my account and to send bitcoins.

Could be I am a little paranoid but with all the hacks and cracks you read about, I am in the state of mind that better safe then sorry.



-

aadje93, sorry for your loss. Is there anything I can do to help you out?

[SgtSpike]

Does the online backups of your wallet need the MtGox Yubikey to be decrypted?  If not maybe some hacked your email, Dropbox or Google Drive?  Otherwise the thief must be someone you know.

+1 to this...

[ArticMine]

This is just another example of a frustrated user of a complicated system that leaves in disgust because of his inability to use it properly. This isn’t the fault of the user it’s the fault of the training program.
 
The one major difference I can see between open source systems and centrally controlled closed systems is the control of the information and user support. Both types of systems can deliver excellent quality but open source lacks a central point of instruction and authority over training for new users. This needs to change.

This ignores the root cause of the problem. It is not the user or lack of training. It is Microsoft Windows which is a propriety operating system. It is even unclear if the Yubikey (apparently incorrectly used) or the backup wallet was compromised. The reality here is that many new users will loose their bitcoins if they use Microsoft Windows as their Operating System. Two factor authentication can help but as this case sadly demonstrates it is not foolproof.

At a very fundamental level a propriety operating system with over 90% market share worldwide is incompatible with bitcoin as the security of bitcoin is ultimately predicated on each individual user having complete control over their computing experience while propriety software is about the exact opposite. Be it Apple's walled garden or Microsoft's centralized control over people's computers the direction that propriety software has taken is very much about centralized control. For example with the recently released Windows 8 RT. Microsoft has complete control over which software is installed on a particular computer or device.

Centralizing control over the training of new bitcoin users in order to accommodate Microsoft or Apple is simply not the answer.

I use Windows and bitcoin without any problem. All of my coins are under cold storage and my mtgox account is secured by 2-factor authenication. There is noting wrong to use propriety OS. Linux looks safer simply because less people use it and it's not efficient to hack it for stealing coins. If a Linux user misuses the system (downloading warez or storing unencrypted wallet improperly), their coins will get stolen some day. By they way, I don't think mtgox and bitcoinica are running on Windows but both got hacked

Yes one can secure Microsoft Windows, but it takes considerable effort and technical expertise. The average consumer's Microsoft Windows computer is more often than not infected with all sorts of rootkits and malware. It is far simpler in these situations to simply ditch Windows and use GNU/Linux. Cold storage can also provide a false sense of security because the moment one needs to move coins then one is exposed.

GNU/Linux is way safer that Microsoft Windows when it comes to malware. There are many reasons that come down to the design of the OS, (it was designed form the ground up as a multi user OS, Windows was not), and the culture, (most GNU/Linux users download their software from trusted repositories, do not run as root, and have no motivation at all to download warez even if warez that actually runs natively on GNU/Linux even exists!). The entire Free Software / Open Source model of software development is far more secure since there is no opportunity for "security by obscurity". The latter is very popular with propriety software vendors. DRM for example is entirely based on security by obscurity.

There is a lot wrong with using a propriety OS with bitcoin, particularly one that has over 90% market share since that creates a massive single point of failure for a very large portion of the bitcoin network. If a Microsoft Windows related attack were to hit the bitcoin network, bitcoin's chance of survival will likely rest with those of us who have chosen to run bitcoin nodes and mining on GNU/Linux.

As for the MTGox and Bitcoinica hacks we are talking about servers being compromised because of less than optimal security procedures of the server administrators. This has nothing to do with the issue at hand here, namely malware on consumer computers.

[MeSarah]

Here is a security suggestion I'm not sure I've seen. Don't click on links in Bitcoin forums unless your absolutely sure the link is to a reputable web site. Hover over the link to make certain your going to the site you think your going to. Never click on links that use url shorteners. Good luck Aadje93.

[ArticMine]

Here is a security suggestion I'm not sure I've seen. Don't click on links in Bitcoin forums unless your absolutely sure the link is to a reputable web site. Hover over the link to make certain your going to the site you think your going to. Never click on links that use url shorteners. Good luck Aadje93.

Hovering over a URL before clicking on it is a very good idea if the source of the URL is in any way suspicious. I do it all the time with spam emails. In many cases the URL ends with .exe (Windows executable!).

[ArticMine]

Perhaps that’s the solution then. Remove all need for understanding or training. Only release the client to the public on a proprietary devise.

That is not bitcoin at all. It is more like MintChip. http://mintchipchallenge.com/. Bitcoin is about putting the end user in control and for that one needs a Free Libre Open Source Software OS.

[DeathAndTaxes]

From what I'm reading in this thread the computer of the OP was hacked with a keylogger or the OP was reusing a password from another site.

However that is the WHOLE POINT of 2FACTOR.  If you use a strong password and your computer is never compromised you never need the second factor.   For blockchain.info to offer a "second factor" which can be compromised in the same manner as the first one is just poor design.  If the user for example was using google authenticator (which he may have used if blockchain.info DIDN'T offer a weak re-use of MtGox yubikey) a compromised system wouldn't mean a compromised google authenticator.

[ArticMine]

From what I'm reading in this thread the computer of the OP was hacked with a keylogger or the OP was reusing a password from another site.

However that is the WHOLE POINT of 2FACTOR.  If you use a strong password and your computer is never compromised you never need the second factor.   For blockchain.info to offer a "second factor" which can be compromised in the same manner as the first one is just poor design.  If the user for example was using google authenticator (which he may have used if blockchain.info DIDN'T offer a weak re-use of MtGox yubikey) a compromised system wouldn't mean a compromised google authenticator.

This is not clear to me at all. The OP's backup wallet could have been compromised by a Windows based keylogger.

[DeathAndTaxes]

From what I'm reading in this thread the computer of the OP was hacked with a keylogger or the OP was reusing a password from another site.

However that is the WHOLE POINT of 2FACTOR.  If you use a strong password and your computer is never compromised you never need the second factor.   For blockchain.info to offer a "second factor" which can be compromised in the same manner as the first one is just poor design.  If the user for example was using google authenticator (which he may have used if blockchain.info DIDN'T offer a weak re-use of MtGox yubikey) a compromised system wouldn't mean a compromised google authenticator.

This is not clear to me at all. The OP's backup wallet could have been compromised by a Windows based keylogger.

Even if true it doesn't change the fact that having a "2 factor" method which can be compromised along with the 1st factor is stupid.  How the user was hack doesn't change the vulnerability.

[beckspace]

2) If someone obtains a backup copy of my Blockchain.info wallet, do they need BOTH my password and Yubikey, or just my password?

Does the online backups of your wallet need the MtGox Yubikey to be decrypted?

The backups doens't need the Yubikey to be decrypted, and from what I know, neither another form of 2-factor. You're only relying on your passphrase complexity. Big alert for false sense of security, IMO.

[piuk]

Upon checking the past few days of access logs the OP's wallet was only accessed from his home IP and browser. Also the transaction in question was not made through the My Wallet interface (once a hacker has access to an account I don't know why they would go to the trouble of exporting the private keys before emptying the wallet).

This leads me to believe the most probable scenario is the Users dropbox account was compromised and the wallet backup taken directly from there. Prehaps reusing the same password somewhere else?

I have disabled Mt.Gox yubikeys for new wallets now. It was introduced before Google Authenticator and SMS two factor authentication were available, these are better options now.

[Daily Anarchist]

It's reasons like this that make me glad I got rid of Windows.

Question:

I routinely get emailed backups of my wallet. How securely do I need to keep those backups? If somebody gains access to my backup, what else do they need in order to steal all of my coins? My passphrase, right?

If that's the case then I really only need to worry about keyloggers getting my passphrase. But since I'm using Linux, the chances of that happening are close to nil, right?

[matthewh3]

It's reasons like this that make me glad I got rid of Windows.

Question:

I routinely get emailed backups of my wallet. How securely do I need to keep those backups? If somebody gains access to my backup, what else do they need in order to steal all of my coins? My passphrase, right?

If that's the case then I really only need to worry about keyloggers getting my passphrase. But since I'm using Linux, the chances of that happening are close to nil, right?

As long as you only download software from secure trusted repositories yes.  Unless possibly there was some kind of browser based attack using Java or something maybe.

[ArticMine]

Perhaps that’s the solution then. Remove all need for understanding or training. Only release the client to the public on a proprietary devise.

That is not bitcoin at all. It is more like MintChip. http://mintchipchallenge.com/. Bitcoin is about putting the end user in control and for that one needs a Free Libre Open Source Software OS.

Oh, so you don’t ever want the average person using Bitcoin. You would prefer to have Bitcoin remain the money of the nerd fringe element?

I never said such a thing; however if Bitcoin were to reach the level of penetration of GNU/linux on the desktop 1% market share the BTC / USD exchange rate would be in the neighborhood of 1 BTC = 10000 USD. We have a very long way to go with the "nerd fringe element" alone.

How stupid of me. You are absolutely right. You would never want soccer moms that buy mountains of useless crap every single day using Bitcoin. That would suck. Let’s make sure it stays nice and fucking complicated.

What I do not want to see is the average soccer mom losing their money, be it BTC, CAD, USD, EUR because of the sheer incompetence of a multinational corporation. Microsoft Windows is by far more difficult to use, secure and maintain than a modern GNU/Linux distribution such as Ubuntu. The average soccer mom is likely already mining bitcoins for the profit of some criminal botnet because of Microsoft Windows so in a sense they are already using bitcoin, they just do not realize it yet. The reason I know this is because I have removed bitcoin mining malware from the computer of a "soccer mom" who had no idea what bitcoin was.

[ArticMine]

I never said such a thing; however if Bitcoin were to reach the level of penetration of GNU/linux on the desktop 1% market share the BTC / USD exchange rate would be in the neighborhood of 1 BTC = 10000 USD.

1% of Linux users would be ~620,000 people, I don't think that'd bring us anywhere near 10,000USD/BTC.

I have disabled Mt.Gox yubikeys for new wallets now.

A good move. I had chosen Mt Gox YubiKey over Google Authenticator initially as I assumed Blockchain.info was checking the OTP's correctly.

Also, slightly off-topic, but I noticed Ireland (my country) is missing from the country list for SMS authentication & phone deposit, are the phone networks in Ireland not supported by your sites SMS carrier?

Just to clarify I mean 1% of the the world money supply which would put Bitcoin use when compared to Government currencies in a market share comparable to GNU/Linux on the desktop. The most conservative estimates of the GNU/Linux on the desktop market share is 1%