[Information Request]Someone tried to login into my blockchain wallet

[stingers]

Someone recently tried to target my blockchain wallet. Here are some of the details. :

Time: 2016-02-13 05:08:13
IP Address: 195.211.192.206 (Russian Federation)
Browser: Chrome 15
User Agent: Mozilla/5.0 (Linux x86_64) AppleWebKit/560.0 (KHTML, like Gecko) Chrome/15.024.208 Safari/560

Cab someone get me more on this?  I have no link with anyone from Russian federation. Does this I.P seem known to anyone else out there?

[A73841]

some info maybe it helps you out

http://www.ip-adress.com/ip_tracer/195.211.192.206

[freebitcoin.co]

its most likely a proxy/vpn ip addresss

[BitcoinSupremo]

Doesn't it feel strange that all these strange things happens to one and only one online wallet, 99% of the cases is blockchain.info . Well after reading other stories here, I raise a reasonable doubt, why people should continue using it 

[Your Point Is Invalid]

Doesn't it feel strange that all these strange things happens to one and only one online wallet, 99% of the cases is blockchain.info . Well after reading other stories here, I raise a reasonable doubt, why people should continue using it 

if 99% of people use blockchain.info then 99% of the time issues raised are going to be about them
OP just save your private keys, create a new wallet and import the keys to the new wallet, the hacker probably has your identifier

[stingers]

Doesn't it feel strange that all these strange things happens to one and only one online wallet, 99% of the cases is blockchain.info . Well after reading other stories here, I raise a reasonable doubt, why people should continue using it 

No it doesn't feel strange. There are thieves all over the world and this is like a natural thing to happen.

Doesn't it feel strange that all these strange things happens to one and only one online wallet, 99% of the cases is blockchain.info . Well after reading other stories here, I raise a reasonable doubt, why people should continue using it 

if 99% of people use blockchain.info then 99% of the time issues raised are going to be about them
OP just save your private keys, create a new wallet and import the keys to the new wallet, the hacker probably has your identifier

Well yes, I am going to do that. But I was more worried about that how was he able to access my identifier and if he has my password too. Till now I have almost checked all my accounts(gmail etc ), none has been compromised. I wonder why did he try my blockchain.

[A73841]

are you sure that there is no maleware on your computer?

or maybe there is just random identifers on the net and yours was one of them

[Quickseller]

IMO, it is highly unlikely that this person will ever be found, especially considering the number of hackers that are based in Russia

It does appear however that your blockchain.info identifier has been compromised and you should no longer actively use the identifier, addresses/private keys contained in that wallet, nor any HD seeds contained in that wallet. At an absolute minimum, you should create a new blockchain.info wallet, backup the private keys/seed associated with that wallet and send any BTC in the wallet that had the hacking attempt to your newly created wallet. (A better solution however would be to stop using a web wallet and use a wallet like electrum).

In addition to the possibility of having malware, it is possible that someone was able to access your email address that received an email from blockchain.info with your identifier.

[Laosai]

Doesn't it feel strange that all these strange things happens to one and only one online wallet, 99% of the cases is blockchain.info . Well after reading other stories here, I raise a reasonable doubt, why people should continue using it 

if 99% of people use blockchain.info then 99% of the time issues raised are going to be about them
OP just save your private keys, create a new wallet and import the keys to the new wallet, the hacker probably has your identifier

Good point but I'm not sure it's the real ratio. We should have a ledger somewhere to note all those kind of attacks to be sure on which is the most targeted.

[james.lent]

Same thing just happened to me :



Damn KGBs 

[mexxer-2]

Same thing just happened to me :

[img ]https://i.imgur.com/0QjNx2x.png?1[/img]

Damn KGBs 

Same here too, didn't use blockchain anyway. @QS it seems the hacker only knows the wallet-identifiers and is just brute-forcing as I did get an email only to confirm the login.

[james.lent]

Same thing just happened to me :

[img ]https://i.imgur.com/0QjNx2x.png?1[/img]

Damn KGBs 

Same here too, didn't use blockchain anyway. @QS it seems the hacker only knows the wallet-identifiers and is just brute-forcing as I did get an email only to confirm the login.

Yeah i wonder how did they get the wallet-identifiers. I rarely use blockchain though. Been using localbitcoins for some years now 

[thugster]

Just google up that IP. Its already showing that IP belongs to a hacker and also, that IP has IIS 7 running. So maybe someone can get out more info out of IIS7 thing?

[stingers]

Okay great! Now everyone is being targeted(relieved to hear that I wasn't the only one being targeted). Blockchain guys should do something about it. They need to somehow stop the guys from brute forcing usernames, why can't they have some captchas if a users is acting in a fishy manner?  

[james.lent]

Okay great! Now everyone is being targeted(relieved to hear that I wasn't the only one being targeted). Blockchain guys should do something about it. They need to somehow stop the guys from brute forcing usernames, why can't they have some captchas if a users is acting in a fishy manner?  

There must be a blockchain identifier dump somewhere on the deep web, gotta do some searching later. It's better to change all your email passwords too. No more blockchain wallets for me thats for sure.

[Your Point Is Invalid]

Okay great! Now everyone is being targeted(relieved to hear that I wasn't the only one being targeted). Blockchain guys should do something about it. They need to somehow stop the guys from brute forcing usernames, why can't they have some captchas if a users is acting in a fishy manner?  

There is no need, they cant do anything with just our identifiers, they would need to hack the password and they would also need to hack into our email to validate the login attempt

[A73841]

i just got some email that there was a login attempt to my wallet and this wallet is just 1 week old because i did try out blockchain.info

[Slunt]

Did any of you have your alias as your username here or some sort of simple dictionary word? Wouldn't surprise me if hackers were using bots to try get hits on usernames and then focusing on the ones they find.

Doesn't it feel strange that all these strange things happens to one and only one online wallet, 99% of the cases is blockchain.info . Well after reading other stories here, I raise a reasonable doubt, why people should continue using it 

If you can't keep your funds safe then using a desktop wallet wont be any good either. At least blockchain.info has several security features that prevent a hacker getting in. Even if they had your password and identifyer they wouldnt be able to get in without confirming via email and 2-factor if you have that set up which you should have and even then they wouldn't be able to spend the funds if you had a second password on.

[BitcoinSupremo]

Did any of you have your alias as your username here or some sort of simple dictionary word? Wouldn't surprise me if hackers were using bots to try get hits on usernames and then focusing on the ones they find.

Doesn't it feel strange that all these strange things happens to one and only one online wallet, 99% of the cases is blockchain.info . Well after reading other stories here, I raise a reasonable doubt, why people should continue using it 

If you can't keep your funds safe then using a desktop wallet wont be any good either. At least blockchain.info has several security features that prevent a hacker getting in. Even if they had your password and identifyer they wouldnt be able to get in without confirming via email and 2-factor if you have that set up which you should have and even then they wouldn't be able to spend the funds if you had a second password on.

If hackers brute forces it, he probably have the private keys, the best practice to follow is to create a new wallet, after you format your PC if you don't have any important documents there. If so create a new wallet straight after you have installed windows. Keep a copy of the private keys in a safe place, enable 2fa and email confirmation. And don't share your identifier in any other pc rather than this. Keep this as secure as you can with antivirus and antispyware.

Above all this, a wallet like Electrum is easy to maintain. Suppose you have just installed windows. Save electrum seed in a document in some safe place like USB or external HDD. Put a strong password to it, then start using it, chances of you getting hacked are very very small this way.
Never open that USB or external HDD in a infected PC. You can do more than this, but this is pretty basic things you need to know to have above normal security.

[Mickeyb]

If hackers brute forces it, he probably have the private keys, the best practice to follow is to create a new wallet, after you format your PC if you don't have any important documents there.

The OP is talking about Blockchain.info a web-based wallet service, so you obviously don't enter your priv key rather your password.