Bitcoin Forum
April 24, 2019, 01:15:47 AM *
News: Latest Bitcoin Core release: 0.17.1 [Torrent]
 
   Home   Help Search Login Register More  
Pages: [1]
  Print  
Author Topic: Help! 47 mined bitcoins were transferred away?  (Read 855 times)
MissingMyCoins
Newbie
*
Offline Offline

Activity: 3
Merit: 0


View Profile WWW
February 22, 2013, 04:22:44 AM
 #1

I've been mining for a while now, but I opened my wallet and 47.1 bitcoins were transferred away from my encrypted wallet.    Was it hacked somehow?

https://blockchain.info/tx/bf6379b69acbe6e1ea95970dedf858c7908a00ada609a570fd45e558220bcd2c 
1556068547
Hero Member
*
Offline Offline

Posts: 1556068547

View Profile Personal Message (Offline)

Ignore
1556068547
Reply with quote  #2

1556068547
Report to moderator
The forum was founded in 2009 by Satoshi and Sirius. It replaced a SourceForge forum.
Advertised sites are not endorsed by the Bitcoin Forum. They may be unsafe, untrustworthy, or illegal in your jurisdiction. Advertise here.
1556068547
Hero Member
*
Offline Offline

Posts: 1556068547

View Profile Personal Message (Offline)

Ignore
1556068547
Reply with quote  #2

1556068547
Report to moderator
Lethn
Legendary
*
Offline Offline

Activity: 1540
Merit: 1000



View Profile WWW
February 22, 2013, 04:25:35 AM
Last edit: February 22, 2013, 05:24:46 AM by Lethn
 #2

Ouch! Sad if you didn't enter a password and put in an address then it shouldn't have done anything, you may well have been hacked though I'd wait for more knowledgeable guys to come along and look before going in a fetal position and crying like I would. I highly recommend if you ever get that many Bitcoins again you find a way to store them offline immediately, that way it won't happen again, I'm trying to mess around with the client Armory myself because that allows you to do such a thing.
Stephen Gornick
Legendary
*
Offline Offline

Activity: 2506
Merit: 1001


View Profile
February 22, 2013, 06:47:14 AM
 #3

I've been mining for a while now, but I opened my wallet and 47.1 bitcoins were transferred away from my encrypted wallet.    Was it hacked somehow?

https://blockchain.info/tx/bf6379b69acbe6e1ea95970dedf858c7908a00ada609a570fd45e558220bcd2c  

If you are using Bitcoin-Qt or another client with a local wallet then the only transactions you should see spending from addresses in your wallet are transactions that you've initiated.  

If you are using a hosted (shared) EWallet, then the blockchain is the wrong place to be looking to see transactions from the address you use for depositing funds.

So the first question is, what client are you using?


Unichange.me

            █
            █
            █
            █
            █
            █
            █
            █
            █
            █
            █
            █
            █
            █
            █
            █


mrlithium
Newbie
*
Offline Offline

Activity: 46
Merit: 0


View Profile
February 22, 2013, 07:04:40 AM
 #4

Do you live near chicago? Thats where it propagated from. Need more info.!
Stephen Gornick
Legendary
*
Offline Offline

Activity: 2506
Merit: 1001


View Profile
February 22, 2013, 07:18:39 AM
 #5

Do you live near chicago? Thats where it propagated from.

As far as blockchain.info knows, but that's not necessarily accurate.

Unichange.me

            █
            █
            █
            █
            █
            █
            █
            █
            █
            █
            █
            █
            █
            █
            █
            █


fenratha
Newbie
*
Offline Offline

Activity: 8
Merit: 0


View Profile
February 22, 2013, 09:52:33 AM
 #6

wierd. i hope u get them back.
MissingMyCoins
Newbie
*
Offline Offline

Activity: 3
Merit: 0


View Profile WWW
February 22, 2013, 02:22:12 PM
 #7

If you are using Bitcoin-Qt or another client with a local wallet then the only transactions you should see spending from addresses in your wallet are transactions that you've initiated.  
...

So the first question is, what client are you using?

Yes, the native client is the only thing I've ever used. 
Stephen Gornick
Legendary
*
Offline Offline

Activity: 2506
Merit: 1001


View Profile
February 22, 2013, 07:59:21 PM
 #8

If you are using Bitcoin-Qt or another client with a local wallet then the only transactions you should see spending from addresses in your wallet are transactions that you've initiated.  
...

So the first question is, what client are you using?

Yes, the native client is the only thing I've ever used.  

Then there's a problem if there's a spend transaction that wasn't yours.   The first thing to do is assume that system is compromised.   If you have other funds in the wallet you might want to send them to a bitcoin address that is secure (e.g., a blockchain.info/wallet address created from a computer that can be deemed secure.)

An encrypted wallet still doesn't protect you from a replay attack, so if your computer is compromised with a keylogger the attacker would need just a copy of your wallet.dat and the wallet's pass phrase obtained from the keylogging activities.  Or if the compromised system has remote desktop or VNC a compromised system can be accessed remotely to send the funds.

That transaction occurred in January, not sure if that helps in diagnosing what/when/how.

Unichange.me

            █
            █
            █
            █
            █
            █
            █
            █
            █
            █
            █
            █
            █
            █
            █
            █


veteranBtc
Full Member
***
Offline Offline

Activity: 126
Merit: 100



View Profile
February 22, 2013, 10:54:26 PM
 #9

You just lost 1400$, that's sad
Storing bitcoins in offline mode is a good thing (more securely)

casascius
Mike Caldwell
VIP
Legendary
*
Offline Offline

Activity: 1386
Merit: 1042


The Casascius 1oz 10BTC Silver Round (w/ Gold B)


View Profile WWW
February 22, 2013, 11:07:29 PM
 #10

I have never heard of a single bitcoin being stolen from a paper wallet.  Ever.

Paper wallets are the safest place to store your coins that you aren't immediately about to use.  If you spread your stash among ten paper wallets, then unless you plan to spend more than 1/10 of it at once, you'll never run the risk that your whole wallet will get stolen by a mistake or a compromise.

The easiest way to get coins off a paper wallet is to make a throwaway wallet at Blockchain.info, import it, and then send the coins elsewhere.  No confirmation delay, be done in two minutes.  On many computers, Blockchain can scan the QR code through your webcam.

Companies claiming they got hacked and lost your coins sounds like fraud so perfect it could be called fashionable.  I never believe them.  If I ever experience the misfortune of a real intrusion, I declare I have been honest about the way I have managed the keys in Casascius Coins.  I maintain no ability to recover or reproduce the keys, not even under limitless duress or total intrusion.  Remember that trusting strangers with your coins without any recourse is, as a matter of principle, not a best practice.  Don't keep coins online. Use paper or hardware wallets instead.
MissingMyCoins
Newbie
*
Offline Offline

Activity: 3
Merit: 0


View Profile WWW
February 23, 2013, 01:25:22 AM
 #11

I recently fresh installed the machine with the wallet (12/8). It is a htpc, gaming, and bitcoin miner on the side.  The wallet was taken down to about .1 btc, and i've kept it around there since I noticed it.  My password is a long random string stored in an encrypted file which I copy+pasted each time.  Although a good keylogger would have picked that up as well.

My outbound transactions this year were on 5/8 (to bitconica :sad:), 9/24, 11/13, & 12/5.  So unless it was compromised much earlier than pull on 1/13, I don't know know how else it could have happend.  I guess I'll be reloading from scratch this weekend either way.  

The receiving address received a number of smallish transactions on 1/13 hours before mine and then stopped.  Other victims?

https://blockchain.info/address/1PvbGt9kkZikdNkFZDkLGtMgbD8gWMNeor

But the advice on paper wallets will be taken into account going forward.


Stephen Gornick
Legendary
*
Offline Offline

Activity: 2506
Merit: 1001


View Profile
February 23, 2013, 04:59:16 AM
 #12

My password is a long random string stored in an encrypted file which I copy+pasted each time.  Although a good keylogger would have picked that up as well.

Encrypting a wallet doesn't protect any addresses that had already received funds prior to the encryption.  So if you had backups of a wallet that had funds prior to encrypting the wallet keys then anyone with access to the backups could still spend the funds even after you had added the pass phrase encryption.

Is that possibly what occurred?

Unichange.me

            █
            █
            █
            █
            █
            █
            █
            █
            █
            █
            █
            █
            █
            █
            █
            █


hippich
Hero Member
*****
Offline Offline

Activity: 546
Merit: 500


View Profile
April 01, 2013, 04:16:38 AM
 #13

MissingMyCoins, we were hacked by the same guy. He stole over 3k coins years ago from me. Looks like he got some from you and now he moved all funds to withdraw 'em: http://blockchain.info/tx/21ac34ced0f55701b38a3f8e02b9d2b8451db2f0071cd5c761a857d1ac0a78df

Here is my "case" - https://bitcointalk.org/index.php?topic=68066.msg848855#msg848855

Any idea how to tie these to real person? So far I found only single connection - guy *zvs* from this forum running nogleg.com. Some transactions were broadcasted from this nogleg.com and also address near Dallas where he supposedly lives..

Pages: [1]
  Print  
 
Jump to:  

Sponsored by , a Bitcoin-accepting VPN.
Powered by MySQL Powered by PHP Powered by SMF 1.1.19 | SMF © 2006-2009, Simple Machines Valid XHTML 1.0! Valid CSS!