AliceWonderMiscreations
|
|
February 18, 2016, 07:30:58 AM |
|
Once a month for the same amount seems like you are signed up for a monthly service of some sort.
Bingo
|
I hereby reserve the right to sometimes be wrong
|
|
|
AliceWonderMiscreations
|
|
February 18, 2016, 07:33:03 AM |
|
what doesnt make sense to me is the fact that if you were hacked , why not just wipe your wallet? why take 30 twice?
^^ this... it's one thing when people steal credit cards and try not to make gigantic purchases so that it doesn't get frozen and you don't notice, but with a bitcoin wallet there isn't really much risk of getting caught or getting in trouble, so I don't see why they wouldn't just take everything at once. I'm guessing you haven't been hacked, but I could be wrong. Some web wallets have a setting where 2fa is only required for large amounts or multiple repeated payments. Attackers of web wallets may be withdrawing small amounts periodically to avoid 2fa. But I don't think that happened here. I think he signed up for a periodic thing.
|
I hereby reserve the right to sometimes be wrong
|
|
|
aarons6
Legendary
Offline
Activity: 1736
Merit: 1006
|
|
February 18, 2016, 08:01:36 AM |
|
what doesnt make sense to me is the fact that if you were hacked , why not just wipe your wallet? why take 30 twice?
^^ this... it's one thing when people steal credit cards and try not to make gigantic purchases so that it doesn't get frozen and you don't notice, but with a bitcoin wallet there isn't really much risk of getting caught or getting in trouble, so I don't see why they wouldn't just take everything at once. I'm guessing you haven't been hacked, but I could be wrong. Some web wallets have a setting where 2fa is only required for large amounts or multiple repeated payments. Attackers of web wallets may be withdrawing small amounts periodically to avoid 2fa. But I don't think that happened here. I think he signed up for a periodic thing. how can something you sign up for pull bitcoin from a wallet.. dont you have to send it?
|
|
|
|
btcltccoins
|
|
February 18, 2016, 08:42:57 AM |
|
The first thing is that you should make your wallet with a very strong password and never share it with anyone. Moving your coins in the cold storage is a good idea only if you don't have to use that regularly .
|
|
|
|
AliceWonderMiscreations
|
|
February 18, 2016, 08:45:09 AM |
|
what doesnt make sense to me is the fact that if you were hacked , why not just wipe your wallet? why take 30 twice?
^^ this... it's one thing when people steal credit cards and try not to make gigantic purchases so that it doesn't get frozen and you don't notice, but with a bitcoin wallet there isn't really much risk of getting caught or getting in trouble, so I don't see why they wouldn't just take everything at once. I'm guessing you haven't been hacked, but I could be wrong. Some web wallets have a setting where 2fa is only required for large amounts or multiple repeated payments. Attackers of web wallets may be withdrawing small amounts periodically to avoid 2fa. But I don't think that happened here. I think he signed up for a periodic thing. how can something you sign up for pull bitcoin from a wallet.. dont you have to send it? With web wallets, the web wallet has the private key so they can send on your behalf.
|
I hereby reserve the right to sometimes be wrong
|
|
|
btcltccoins
|
|
February 18, 2016, 08:52:21 AM |
|
But for the private key they have to get login first. Where and how can they get our passwords ?
|
|
|
|
aarons6
Legendary
Offline
Activity: 1736
Merit: 1006
|
|
February 18, 2016, 09:13:04 AM |
|
what doesnt make sense to me is the fact that if you were hacked , why not just wipe your wallet? why take 30 twice?
^^ this... it's one thing when people steal credit cards and try not to make gigantic purchases so that it doesn't get frozen and you don't notice, but with a bitcoin wallet there isn't really much risk of getting caught or getting in trouble, so I don't see why they wouldn't just take everything at once. I'm guessing you haven't been hacked, but I could be wrong. Some web wallets have a setting where 2fa is only required for large amounts or multiple repeated payments. Attackers of web wallets may be withdrawing small amounts periodically to avoid 2fa. But I don't think that happened here. I think he signed up for a periodic thing. how can something you sign up for pull bitcoin from a wallet.. dont you have to send it? With web wallets, the web wallet has the private key so they can send on your behalf. i dont believe this.. web wallets may have your private key, but its encrypted with your password seed.. they cannot know this..
|
|
|
|
Mickeyb
|
|
February 18, 2016, 09:15:13 AM |
|
i dont believe this.. web wallets may have your private key, but its encrypted with your password seed.. they cannot know this..
And you are aware of this 'fact' how exactly?
|
|
|
|
aarons6
Legendary
Offline
Activity: 1736
Merit: 1006
|
|
February 18, 2016, 09:23:26 AM |
|
i dont believe this.. web wallets may have your private key, but its encrypted with your password seed.. they cannot know this..
And you are aware of this 'fact' how exactly? common sense? show me a web wallet that doesnt encrypt your keys.
|
|
|
|
AliceWonderMiscreations
|
|
February 18, 2016, 10:02:59 AM |
|
what doesnt make sense to me is the fact that if you were hacked , why not just wipe your wallet? why take 30 twice?
^^ this... it's one thing when people steal credit cards and try not to make gigantic purchases so that it doesn't get frozen and you don't notice, but with a bitcoin wallet there isn't really much risk of getting caught or getting in trouble, so I don't see why they wouldn't just take everything at once. I'm guessing you haven't been hacked, but I could be wrong. Some web wallets have a setting where 2fa is only required for large amounts or multiple repeated payments. Attackers of web wallets may be withdrawing small amounts periodically to avoid 2fa. But I don't think that happened here. I think he signed up for a periodic thing. how can something you sign up for pull bitcoin from a wallet.. dont you have to send it? With web wallets, the web wallet has the private key so they can send on your behalf. i dont believe this.. web wallets may have your private key, but its encrypted with your password seed.. they cannot know this.. So when I set up coinbase to automatically sell $200 worth of bitcoins once a month, and it does it without me logging in, how exactly is it doing this? No I haven't configured it to do this, but I can. I don't know how all the web wallets work, but with coinbase only the coins you have in their so-called "vault" require some type of pass phrase to unlock. The normal account, the private keys are not tied to your login password or a passphrase. I don't use their vault, I use cold addresses instead for similar purpose, so all my currency at coinbase (which I keep small) could be spent by someone who got into my account - though large amounts or several small amounts trigger 2FA but single small amounts don't (mainly because I don't need it to, I keep less than 1 BTC there)
|
I hereby reserve the right to sometimes be wrong
|
|
|
partysaurus
|
|
February 18, 2016, 10:12:56 AM |
|
what doesnt make sense to me is the fact that if you were hacked , why not just wipe your wallet? why take 30 twice?
had the same thought it would be so easy to just clear the whole wallet instead he/she took 30 at the time wtf? :S
|
|
|
|
aarons6
Legendary
Offline
Activity: 1736
Merit: 1006
|
|
February 18, 2016, 10:13:52 AM |
|
what doesnt make sense to me is the fact that if you were hacked , why not just wipe your wallet? why take 30 twice?
^^ this... it's one thing when people steal credit cards and try not to make gigantic purchases so that it doesn't get frozen and you don't notice, but with a bitcoin wallet there isn't really much risk of getting caught or getting in trouble, so I don't see why they wouldn't just take everything at once. I'm guessing you haven't been hacked, but I could be wrong. Some web wallets have a setting where 2fa is only required for large amounts or multiple repeated payments. Attackers of web wallets may be withdrawing small amounts periodically to avoid 2fa. But I don't think that happened here. I think he signed up for a periodic thing. how can something you sign up for pull bitcoin from a wallet.. dont you have to send it? With web wallets, the web wallet has the private key so they can send on your behalf. i dont believe this.. web wallets may have your private key, but its encrypted with your password seed.. they cannot know this.. So when I set up coinbase to automatically sell $200 worth of bitcoins once a month, and it does it without me logging in, how exactly is it doing this? No I haven't configured it to do this, but I can. I don't know how all the web wallets work, but with coinbase only the coins you have in their so-called "vault" require some type of pass phrase to unlock. The normal account, the private keys are not tied to your login password or a passphrase. I don't use their vault, I use cold addresses instead for similar purpose, so all my currency at coinbase (which I keep small) could be spent by someone who got into my account - though large amounts or several small amounts trigger 2FA but single small amounts don't (mainly because I don't need it to, I keep less than 1 BTC there) isnt coinbase an exchange? ive personally never used them, but your coins are probably in their hot wallet. meaning you dont have any private keys for them. they have a vault, that you move your coins to.. which you own the keys to, but i am fairly certain it will be encrypted.
|
|
|
|
aarons6
Legendary
Offline
Activity: 1736
Merit: 1006
|
|
February 18, 2016, 10:44:07 AM |
|
On another note, the blockchain address said the coins were sent to the middle of the Gulf of Guinea. Yeah, definitely wasn't me....
hah i just noticed this.. that map has nothing to do with the address YOUR coins were sent to.. its the node's ip that saw the transaction first and relayed it to the rest of the network. its almost never accurate tho. which is why it shows in the middle of the water.
|
|
|
|
martinacar
|
|
February 18, 2016, 02:08:46 PM |
|
It is not good to be hacked. That is very bad. But you must secure your stuff good with good passwords. I think you should not tell everyone what you have. Otherwise they are interested in you and then you will going to hack you.
|
|
|
|
gregyoung14
|
|
February 18, 2016, 02:42:08 PM |
|
It is not good to be hacked. That is very bad. But you must secure your stuff good with good passwords. I think you should not tell everyone what you have. Otherwise they are interested in you and then you will going to hack you.
While hacking is not a simple task. I must agree that it can actually be that simple if you dont protect your user credentials your passwords emails etc. You can't really trust anything nowadays you now.
|
|
|
|
Pursuer
Legendary
Offline
Activity: 1638
Merit: 1163
Where is my ring of blades...
|
|
February 18, 2016, 03:12:19 PM |
|
........ So when I set up coinbase to automatically sell $200 worth of bitcoins once a month, and it does it without me logging in, how exactly is it doing this?
No I haven't configured it to do this, but I can.
I don't know how all the web wallets work, but with coinbase only the coins you have in their so-called "vault" require some type of pass phrase to unlock. The normal account, the private keys are not tied to your login password or a passphrase.
I don't use their vault, I use cold addresses instead for similar purpose, so all my currency at coinbase (which I keep small) could be spent by someone who got into my account - though large amounts or several small amounts trigger 2FA but single small amounts don't (mainly because I don't need it to, I keep less than 1 BTC there)
web wallets are different from each other. a service like coinbase is something like what you said. (I don't know if they have the auto pay option) but assuming you set such option they deduct the amount from your "account" not bitcoin address. in wallets like coinbase AFAIK you don't have access to a single bitcoin address/private key they have all the access and you only have an account. but other web wallets like Blockchain.info is different. they don't have any access to your funds/private keys the wallet is created in your browser, encrypted in your browser, decrypted in there too and they are only keeping an encrypted version of it on their servers with no access to your funds whatsoever. this is what people usually don't know about these services.
|
Only Bitcoin
|
|
|
thejaytiesto
Legendary
Offline
Activity: 1358
Merit: 1014
|
|
February 18, 2016, 06:27:34 PM |
|
Honestly after lossing money 2 times like that I would consider that im getting hacked, I would remove your entire hard disk and install an OS from scratch, if you use windows don't forget that it's useless unless you install a firewall and decent av and anti malware at least.
|
|
|
|
AliceWonderMiscreations
|
|
February 18, 2016, 06:43:07 PM |
|
........ So when I set up coinbase to automatically sell $200 worth of bitcoins once a month, and it does it without me logging in, how exactly is it doing this?
No I haven't configured it to do this, but I can.
I don't know how all the web wallets work, but with coinbase only the coins you have in their so-called "vault" require some type of pass phrase to unlock. The normal account, the private keys are not tied to your login password or a passphrase.
I don't use their vault, I use cold addresses instead for similar purpose, so all my currency at coinbase (which I keep small) could be spent by someone who got into my account - though large amounts or several small amounts trigger 2FA but single small amounts don't (mainly because I don't need it to, I keep less than 1 BTC there)
web wallets are different from each other. a service like coinbase is something like what you said. (I don't know if they have the auto pay option) but assuming you set such option they deduct the amount from your "account" not bitcoin address. in wallets like coinbase AFAIK you don't have access to a single bitcoin address/private key they have all the access and you only have an account. but other web wallets like Blockchain.info is different. they don't have any access to your funds/private keys the wallet is created in your browser, encrypted in your browser, decrypted in there too and they are only keeping an encrypted version of it on their servers with no access to your funds whatsoever. this is what people usually don't know about these services. The OP never said they were taken from a private address he controlled.
|
I hereby reserve the right to sometimes be wrong
|
|
|
PakistanHockeyfan
Member
Offline
Activity: 98
Merit: 10
|
|
February 18, 2016, 07:16:54 PM |
|
Contact the platform you made your wallet on.
|
|
|
|
ronald98
|
|
February 18, 2016, 08:33:20 PM |
|
If there is ever a suspicious outgoing transaction in any of your wallets, switch wallets immediately!
The first thing you should do is make sure it won't happen again. In the worst case if you don't trust your computer fully, send it to an exchange with 2fa enabled. That way, even if you are keylogged, the coins will be protected (note I do not recommend storing coins in exchange, but in this case with low value it may be ok temporarily).
If you were really hacked, the hacker might have left coins in there in the hopes that you might refill it again so he could take more. Definately change to a new wallet with a new private key.
That's good advice, but don't use your phone to enable 2fa on an exchange if its been connected to your computer. Use a phone that's never been connected to the potentially infected computer in case your computer managed to infect your phone. It's better being safe than sorry.
|
|
|
|
|