goxed (OP)
Legendary
 Offline
Activity: 1946
Merit: 1006
Bitcoin / Crypto mining Hardware.
|
 |
April 01, 2013, 10:27:26 PM
Last edit: April 01, 2013, 11:12:39 PM by goxed |
|
Somebody stole 7BTC today. No idea how my wallet was leaked. It's a windows 7 machine, not shared with anyone. It is a hot wallet and was not encrypted. Now moving to armory.
Did anyone else see such exploits?
|
Revewing Bitcoin / Crypto mining Hardware.
|
|
|
Mike Christ
aka snapsunny
Legendary
Offline
Activity: 1078
Merit: 1003
|
|
April 01, 2013, 10:30:17 PM |
|
That's lame. Y u no encrypt?
|
|
|
|
goxed (OP)
Legendary
Offline
Activity: 1946
Merit: 1006
Bitcoin / Crypto mining Hardware.
|
|
April 01, 2013, 10:35:28 PM |
|
I know  learnt my lesson. |
Revewing Bitcoin / Crypto mining Hardware.
|
|
|
instaBoost
Member
Offline
Activity: 84
Merit: 10
|
|
April 01, 2013, 10:46:06 PM |
|
I know learnt my lesson. armory up, encrypt up = worry less  |
Donations: 12wqXQuExLnWoWWQy7j35hzBEW91bUz1YS
XRP: rDRho51t4StfNqEWrYKBAteJKyDeo5crZz
|
|
|
Foxpup
Legendary
Offline
Activity: 4535
Merit: 3188
Vile Vixen and Miss Bitcointalk 2021-2023
|
|
April 02, 2013, 04:35:45 AM |
|
windows 7 ... hot wallet ... not encrypted.
This is a perfectly secure setup, and I can think of absolutely no way your wallet could possibly have been compromised. </sarcasm> |
Will pretend to do unspeakable things (while actually eating a taco) for bitcoins: 1K6d1EviQKX3SVKjPYmJGyWBb1avbmCFM4I am not on the scammers' paradise known as Telegram! Do not believe anyone claiming to be me off-forum without a signed message from the above address! Accept no excuses and make no exceptions! |
|
|
goxed (OP)
Legendary
Offline
Activity: 1946
Merit: 1006
Bitcoin / Crypto mining Hardware.
|
|
April 02, 2013, 07:43:17 AM |
|
windows 7 ... hot wallet ... not encrypted.
This is a perfectly secure setup, and I can think of absolutely no way your wallet could possibly have been compromised. </sarcasm> I know, is there a way to track this thief? Here is the transaction https://blockchain.info/address/149kuVmGKWUwsN8bvu4WTthc6mVwEB3A2E |
Revewing Bitcoin / Crypto mining Hardware.
|
|
|
Wardrick
Legendary
Offline
Activity: 1022
Merit: 1000
|
|
April 02, 2013, 08:12:27 AM |
|
Why the hell does Bitcointalk.org go down all the time. I just typed up a long response and clicked submit, and got the "cannot be displayed page" AGAIN. I then click back and it doesn't save my message, ughh  To sum it up, there's a way to track a BTC address to see where they have sent to. That's the closest you'll get to catching him. Maybe he'll have an account with a lot of info attached to one of those sites or places he's sent the BTC to though, but it'd be a long shot. |
|
|
|
|
🏰 TradeFortress 🏰
Bitcoin Veteran
VIP
Legendary
Offline
Activity: 1316
Merit: 1043
👻
|
|
April 02, 2013, 08:32:28 AM |
|
Why the hell does Bitcointalk.org go down all the time. I just typed up a long response and clicked submit, and got the "cannot be displayed page" AGAIN. I then click back and it doesn't save my message, ughh To sum it up, there's a way to track a BTC address to see where they have sent to. That's the closest you'll get to catching him. Maybe he'll have an account with a lot of info attached to one of those sites or places he's sent the BTC to though, but it'd be a long shot. I don't think a scammer/thief is going to send the coins to something like "1TimWheat29c72fjs9 ...". Currently coins are not touched so.. |
|
|
|
|
johnniewalker
Legendary
Offline
Activity: 896
Merit: 1000
|
|
April 02, 2013, 09:29:52 AM |
|
are you referring to Instawallet?
|
|
|
|
|
Wardrick
Legendary
Offline
Activity: 1022
Merit: 1000
|
|
April 02, 2013, 10:57:14 AM |
|
Why the hell does Bitcointalk.org go down all the time. I just typed up a long response and clicked submit, and got the "cannot be displayed page" AGAIN. I then click back and it doesn't save my message, ughh To sum it up, there's a way to track a BTC address to see where they have sent to. That's the closest you'll get to catching him. Maybe he'll have an account with a lot of info attached to one of those sites or places he's sent the BTC to though, but it'd be a long shot. I don't think a scammer/thief is going to send the coins to something like "1TimWheat29c72fjs9 ...". Currently coins are not touched so.. What lol? He could send it to say a gambling site "Bitzino", and then his BTC address is used with an account there with his first and last name. Then with his IP + first and last name I'm pretty sure you could find out the rest. It was just a possibility... |
|
|
|
|
|
greyhawk
|
|
April 02, 2013, 11:00:49 AM |
|
Your conception of "his BTC adress" sounds most interesting. Care to elaborate?
|
|
|
|
|
Raoul Duke
aka psy
Legendary
Offline
Activity: 1358
Merit: 1002
|
|
April 02, 2013, 11:11:25 AM |
|
Why the hell does Bitcointalk.org go down all the time. I just typed up a long response and clicked submit, and got the "cannot be displayed page" AGAIN. I then click back and it doesn't save my message, ughh You should try pressing F5, to resubmit again, instead of clicking back  |
|
|
|
|
Wardrick
Legendary
Offline
Activity: 1022
Merit: 1000
|
|
April 02, 2013, 11:46:03 AM |
|
@Greyhawk. I don't know, I just know there's a way to find the places a BTC address has sent to.
@Psy, I can't the page still comes up as can not be displayed.
|
|
|
|
|
|
greyhawk
|
|
April 02, 2013, 11:54:04 AM |
|
@Greyhawk. I don't know, I just know there's a way to find the places a BTC address has sent to.
You still say " a BTC adress". A bitcoin user can have a thousand BTC adresses or a million. Doesn't matter. Ideally you have new one for each transaction you make. With that at hand it's trivial to loop, split and merge any ill gotten gains through so many adresses that tracing is no longer realistically viable (though still theoretically possible). |
|
|
|
|
caveden
Legendary
Offline
Activity: 1106
Merit: 1004
|
|
April 02, 2013, 12:06:27 PM |
|
If your computer was not shared with anyone, encrypting your wallet would not have saved your coins. If an attacker manages to install something at your computer, this something can simply wait until you type the password in and then your coins are gone.
Encrypting your wallet only protects against physical theft of the media containing the wallet.
Not using Windows is certainly a much strong security approach than encrypting your wallet. You should consider it. Even better: your bitcons should be in a system which never access the Internet. Of course that's not super convenient as of now, so what I normally suggest is keeping two wallets: one offline, and another, with a smaller amount you could afford to lose, in a machine (preferably not Windows) that's used for Internet access.
|
|
|
|
|
goxed (OP)
Legendary
Offline
Activity: 1946
Merit: 1006
Bitcoin / Crypto mining Hardware.
|
|
April 03, 2013, 06:50:41 AM
Last edit: April 03, 2013, 08:03:50 AM by goxed |
|
Can someone from outside the firewall use rpc commands on the bitcoin-qt? I think my bitcoin-qt used upnp top open some ports and was accessible outside the firewall.
|
Revewing Bitcoin / Crypto mining Hardware.
|
|
|
Craftyman
Member
Offline
Activity: 75
Merit: 10
|
|
April 04, 2013, 04:48:08 AM |
|
whats this armory business?
|
|
|
|
Gabi
Legendary
Offline
Activity: 1148
Merit: 1008
If you want to walk on water, get out of the boat
|
|
April 04, 2013, 05:40:51 AM |
|
Can someone from outside the firewall use rpc commands on the bitcoin-qt? I think my bitcoin-qt used upnp top open some ports and was accessible outside the firewall.
Only if you run it as server and use a fail password. |
|
|
|
slippyrocks
Member
Offline
Activity: 69
Merit: 10
respecttheslider
|
|
April 04, 2013, 07:29:01 PM |
|
am using electrum in windows 7 64-bit no problems is a great client
does not download the block chain, is local, can set very low or no fees, has word based seed function to recover
wallet, has a virtual keyboard for password security, and encryption of the wallet file
even loaded it on my kindle hd
also using eset32 antivirus
yes bitcoin-qt with rpc enabled is not good
|
|
|
|
|
|
