Heads up! Someone is trying to hack into Blockchain.info wallets

[Trader Steve]

FYI: I tried logging into my blockchain account from my desktop (Mac) the other day and received a message that my account was locked for 4 hours due to too many login attempts. I knew something was amiss as I had not tried to access my account in days (I then accessed my Blockchain wallet from my mobile app and transferred the funds to an offline wallet).

Yesterday, after closing my desktop browser and attempting to open my blockchain wallet again, I received the following script notification:

*** Serious Error - Javascript inconsistencies found. Maybe malicious -
Do not Login! Please contact support@pi.uk.com

I had previously downloaded and installed the browser plug-in that checks the script so I suspect this was its way of notifying me of a script problem. I had also previously set up my 2-factor authentication so I believe this was able to protect me. I use the Firefox browser.

Now again this morning I received an email notifying me that a login attempt was made at 12:05 AM this morning.

Has anyone else had this issue? Anyway, not sure what to do next. I've emailed piuk on Friday but have not heard anything back yet.

[cypherdoc]

Steve, use Armory!

[Trader Steve]

Steve, use Armory!

Yes, it is time!

[lulzplzkthx]

FYI: I tried logging into my blockchain account from my desktop (Mac) the other day and received a message that my account was locked for 4 hours due to too many login attempts. I knew something was amiss as I had not tried to access my account in days (I then accessed my Blockchain wallet from my mobile app and transferred the funds to an offline wallet).

Yesterday, after closing my desktop browser and attempting to open my blockchain wallet again, I received the following script notification:

*** Serious Error - Javascript inconsistencies found. Maybe malicious -
Do not Login! Please contact support@pi.uk.com

I had previously downloaded and installed the browser plug-in that checks the script so I suspect this was its way of notifying me of a script problem. I had also previously set up my 2-factor authentication so I believe this was able to protect me. I use the Firefox browser.

Now again this morning I received an email notifying me that a login attempt was made at 12:05 AM this morning.

Has anyone else had this issue? Anyway, not sure what to do next. I've emailed piuk on Friday but have not heard anything back yet.

I tried logging on from my phone last night and was getting a few messages about my IP being banned due to invalid login attempts. It definitely wasn't me. Switched to wifi and it worked fine.

[piuk]

I've emailed piuk on Friday but have not heard anything back yet.

I cannot find your email, please send me your wallet identifier to help@blockchain.info

[piuk]

After some discussion with Steve it appears someone may have attempted to login to his wallet however they were unable to pass the two factor authentication test. I believe he has moved the coins elsewhere now anyway.

I had previously downloaded and installed the browser plug-in that checks the script so I suspect this was its way of notifying me of a script problem.

Sometimes the verifier can throw erroneous warnings if there is a problem downloading any of the scripts. If an error is displayed try refreshing the page, if it keeps appearing there may be a problem but otherwise the error can be ignored.

------

There are currently no known specific threats to any wallet or the site in general.

[nethead]

FYI: I tried logging into my blockchain account from my desktop (Mac) the other day and received a message that my account was locked for 4 hours due to too many login attempts. I knew something was amiss as I had not tried to access my account in days (I then accessed my Blockchain wallet from my mobile app and transferred the funds to an offline wallet).

Yesterday, after closing my desktop browser and attempting to open my blockchain wallet again, I received the following script notification:

*** Serious Error - Javascript inconsistencies found. Maybe malicious -
Do not Login! Please contact support@pi.uk.com

I had previously downloaded and installed the browser plug-in that checks the script so I suspect this was its way of notifying me of a script problem. I had also previously set up my 2-factor authentication so I believe this was able to protect me. I use the Firefox browser.

Now again this morning I received an email notifying me that a login attempt was made at 12:05 AM this morning.

Has anyone else had this issue? Anyway, not sure what to do next. I've emailed piuk on Friday but have not heard anything back yet.

I got a similar error when i first got blockchain wallet. I do not think its a "hacking" attempt, my case was that blockchain didnt mail the 2factor validation, and i tried to login 3-4 times so i stayed locked out of my wallet for some hours, my btc havent been touched by anyone, and after those few hours everything was back to normal

[BlackLilac Jordan]

There is a blockchain.info phishing site on a .info misspell domain, watch out. I almost fell for it once, it's fairly well done and looks almost exactly like the real site, but the form looks slightly different and it's not on https. I will try to find the exact domain. If you typed in your identifier and password there once without noticing, they may have tried to get in to your account but were foiled by the 2-factor auth.

[Stephen Gornick]

There is a blockchain.info phishing site on a .info misspell domain, watch out. I almost fell for it once,

Wow, yes there is.  Omit the c in block,  i.e.,  Blok*

[🏰 TradeFortress 🏰]

After some discussion with Steve it appears someone may have attempted to login to his wallet however they were unable to pass the two factor authentication test. I believe he has moved the coins elsewhere now anyway.

I had previously downloaded and installed the browser plug-in that checks the script so I suspect this was its way of notifying me of a script problem.

Sometimes the verifier can throw erroneous warnings if there is a problem downloading any of the scripts. If an error is displayed try refreshing the page, if it keeps appearing there may be a problem but otherwise the error can be ignored.

The verifier is essentially ineffective.

[niko]

There is a blockchain.info phishing site on a .info misspell domain, watch out. I almost fell for it once,

Wow, yes there is.  Omit the c in block,  i.e.,  Blok*

I just tried it out, somewhere along the way it redirected me to blockchain.info. 

[Stephen Gornick]

I just tried it out, somewhere along the way it redirected me to blockchain.info. 

Now it is using an iframe. 
 serialsforyou (dot) info (slash) securelog32

I'm not sure what the applet and/or windows executables are doing (view source) but definitely not anything you want.

[niko]

I just tried it out, somewhere along the way it redirected me to blockchain.info. 

Now it is using an iframe. 
 serialsforyou (dot) info (slash) securelog32

I'm not sure what the applet and/or windows executables are doing (view source) but definitely not anything you want.

Nasty. Isn't this something Piuk should take down? Copyright, if nothing else.