Bitcoin Forum
December 08, 2016, 11:58:20 AM *
News: Latest stable version of Bitcoin Core: 0.13.1  [Torrent].
 
   Home   Help Search Donate Login Register  
Pages: « 1 2 3 4 5 6 7 8 [9] 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 »
  Print  
Author Topic: I just got hacked - any help is welcome! (25,000 BTC stolen)  (Read 343477 times)
bitcoinBull
Legendary
*
Offline Offline

Activity: 826


rippleFanatic


View Profile
June 14, 2011, 01:52:11 AM
 #161

Your numbers don't add up.

So far you've only said that you lost "a very large chunk" from this address: 1J18yk7D353z3gRVcdbS7PV5Q8h5w6oWWG.

The receiving address (1KPTdMb6p7H3YCwsyFqrEmKGmsHqe1Q3jg) indeed had 25,000 but only 3522 were received from said address.


How much did you lose and from which addresses?

College of Bucking Bulls Knowledge
1481198300
Hero Member
*
Offline Offline

Posts: 1481198300

View Profile Personal Message (Offline)

Ignore
1481198300
Reply with quote  #2

1481198300
Report to moderator
1481198300
Hero Member
*
Offline Offline

Posts: 1481198300

View Profile Personal Message (Offline)

Ignore
1481198300
Reply with quote  #2

1481198300
Report to moderator
Advertised sites are not endorsed by the Bitcoin Forum. They may be unsafe, untrustworthy, or illegal in your jurisdiction. Advertise here.
allinvain
Legendary
*
Offline Offline

Activity: 2002



View Profile
June 14, 2011, 01:52:35 AM
 #162

Your numbers don't add up.

So far you've only said that you lost "a very large chunk" from this address: 1J18yk7D353z3gRVcdbS7PV5Q8h5w6oWWG.

The receiving address (1KPTdMb6p7H3YCwsyFqrEmKGmsHqe1Q3jg) indeed had 25,000 but only 3522 were received from said address.


How much did you lose and from which addresses?
Well guys, I am taking a break from the forum. My fingers hurt from all this typing, and I got real life to deal with.

Thanks for all those who have wished me the best.

Cheers!

Dude65535
Full Member
***
Offline Offline

Activity: 126


View Profile
June 14, 2011, 01:55:05 AM
 #163

Since a new address is created for each coin generation during solo mining, you had created many more than 100 new addresses. Two things you could do to see if it was a backup that was compromised instead of your pc.

See if any of the coins that were left behind shared an address with coins that were stolen, if some shared an address then the attacker just went for a round number. If no addresses are shared it might have been a backup that was the problem.

If you sort through all 400+ inputs on the hackers transaction and look for the 101st newest first seen on date, that would give you the approximate time the backup was created.

1DCj8ZwGZXQqQhgv6eUEnWgsxo8BTMj3mT
allinvain
Legendary
*
Offline Offline

Activity: 2002



View Profile
June 14, 2011, 02:05:03 AM
 #164

Your numbers don't add up.

So far you've only said that you lost "a very large chunk" from this address: 1J18yk7D353z3gRVcdbS7PV5Q8h5w6oWWG.

The receiving address (1KPTdMb6p7H3YCwsyFqrEmKGmsHqe1Q3jg) indeed had 25,000 but only 3522 were received from said address.


How much did you lose and from which addresses?

Sorry, I never mentioned ...but it has been mentioned by people in the thread..all you had to do was read the blockchain.

It was 25K BTC.

Well the rest could come from my other private keys? That 1J18 address is the one I used most frequently..I kept on reusing that on mining sites so I knew where my mining profits came from...

Here is a screenshot:



Uploaded with ImageShack.us

and..



and..



Uploaded with ImageShack.us

Uploaded with ImageShack.us

The last screenshot is from my slush account..you can see the person changing my payout address..and the payout amounts match what you see in the screenshot..I dunno how much more I can show that this is indeed is my account...

ohwell ok I'm out of here..



Maged
Legendary
*
Offline Offline

Activity: 1260


View Profile
June 14, 2011, 02:13:18 AM
 #165

The highlighted transaction here looks like it hit MtGox:
http://blockexplorer.com/tx/d878b5784c2c1f6642d83faeab86e97faba758b2733a572d181ee823faf54278#o1

Someone, get MagicalTux on IRC.

phillipsjk
Legendary
*
Offline Offline

Activity: 1008

Let the chips fall where they may.


View Profile WWW
June 14, 2011, 02:57:23 AM
 #166

It can't be "exploitable c code" in the client. Allinvein's pool payout address was changed. Someone had completely compromised his system, but he is saying anti-virus software has found nothing. Something able to compromise his system so thoroughly would have used a know vector, and the anti virus would find it.

Not true. Modern computers are so complex that nobody knows them from top to bottom. The abstraction layers are not proven correct. Every time the "abstraction leaks", you have a potential security breach. Anti-virus software just uses a dictionary of known malware. If a popular, well-known anti-virus (like symmantec)  is used, the attacker can even take the time to test their malware against the antivirus software to see if it is detected.

In general, if we want to use crypto-currency in our lifetime (before computers are really ready), we need to build a list of "best practices" to keep your wallet safe.

The list may include:

  • If your wallet is compromised, (posted on dropbox, 4chan, etc) don't erase it: send all the coins to a new wallet instead.
  • keep your savings wallet on an encrypted partition. Some have suggested not even connecting the computer with the saving wallet to a network (just copy the address manually).
  • Keep encrypted back-ups in an off-site location. Keep the passphrase in an offsite location as well, preferably separate from your wallet.
  • Take steps to secure you computer: most probably put this off. For the record, I think anything requiring "Updates" (Including Windows and certain GNU/Linux distros, most graphical browsers) is inherently insecure. Undocumented hardware like those GPUs you use for mining are also a security risk.

James' OpenPGP public key fingerprint: EB14 9E5B F80C 1F2D 3EBE  0A2F B3DE 81FF 7B9D 5160
dayfall
Sr. Member
****
Offline Offline

Activity: 312



View Profile
June 14, 2011, 03:06:17 AM
 #167

I tell, you the recent fall in prices make me reconsider how much some of us could stand to loose.  And this story got me to finally make a secure wallet.

I am very interested in learning how this theft was done.
SgtSpike
Legendary
*
Offline Offline

Activity: 1344



View Profile
June 14, 2011, 03:32:31 AM
 #168

So this was definitely not a meatspace attack, since two completely different individuals were attacked, with the monies sent to the same bitcoin address.

It was also definitely not due to the unencrypted dropbox upload.  Stealing a dropbox file and stealing MtGox account info are two very different things.

I would say, with a high level of certainty, that this was a targeted hacker or malware attack.

Stay vigilant, fellow bitcoiners.
Bind
Sr. Member
****
Offline Offline

Activity: 252

DO NOT ACCEPT PAYPAL FOR BTC YOU WILL GET BURNED


View Profile
June 14, 2011, 03:53:28 AM
 #169

Again I am so very sorry for your loss, but anyone with even the most rudimentary photoshop skills can manipulate and alter a image screenshot.

There is absolutely no way, other than legal and judicial means, for you to get your money back, and anyone who helps you through exchanges and such are themselves stealing from others because there is no certifiable concrete documented evidence of the theft.

Additionally because of the anonymity and security build into the bitcoin system, there is plausible deniability as exemplified by the core teams development posts and released project information.

Supposition, conjecture, and coincidence ARE NOT PROOF.

Thinking or knowing something is a lot different than proving it.


"... He is no fool who parts with that which he cannot keep, when he is sure to be recompensed with that which he cannot lose ..."

"... history disseminated to the masses is written by those who win battles and wars and murder their heroes ..."


1Dr3ig3EoBnPWq8JZrRTi8Hfp53Kj
Chick
Member
**
Offline Offline

Activity: 70


View Profile
June 14, 2011, 03:59:48 AM
 #170

Again I am so very sorry for your loss, but anyone with even the most rudimentary photoshop skills can manipulate and alter a image screenshot.

There is absolutely no way, other than legal and judicial means, for you to get your money back, and anyone who helps you through exchanges and such are themselves stealing from others because there is no certifiable concrete documented evidence of the theft.

Additionally because of the anonymity and security build into the bitcoin system, there is plausible deniability as exemplified by the core teams development posts and released project information.

Supposition, conjecture, and coincidence ARE NOT PROOF.

Thinking or knowing something is a lot different than proving it.



Who would use photoshop for website text manipulation?

innervisi0nn
Member
**
Offline Offline

Activity: 98


Tutorials, guidelines, optimizations for all!


View Profile
June 14, 2011, 04:03:39 AM
 #171

how are you generating 50 coins per day? (or am i crazy?)

bitcool
Legendary
*
Offline Offline

Activity: 1441

Live and enjoy experiments


View Profile
June 14, 2011, 04:04:59 AM
 #172

how are you generating 50 coins per day? (or am i crazy?)
read the date: 6/8/2010
innervisi0nn
Member
**
Offline Offline

Activity: 98


Tutorials, guidelines, optimizations for all!


View Profile
June 14, 2011, 04:06:38 AM
 #173

how are you generating 50 coins per day? (or am i crazy?)
read the date: 6/8/2010

stupid me :X sorry. goodluck to you (allinvain) - time to look into more security measures on all my rigs now =\

allinvain
Legendary
*
Offline Offline

Activity: 2002



View Profile
June 14, 2011, 04:14:25 AM
 #174

They're not manipulated images but I had a feeling some of you would think that. I can get slush and maybe a few others to corroborate me. In the end it doesn't matter any more. I'm going to step back from this forum for a bit. I'll keep an eye on the thread but not participate. There is nothing more that I can add to this so far.

innervisi0nn
Member
**
Offline Offline

Activity: 98


Tutorials, guidelines, optimizations for all!


View Profile
June 14, 2011, 04:17:00 AM
 #175

They're not manipulated images but I had a feeling some of you would think that. I can get slush and maybe a few others to corroborate me. In the end it doesn't matter any more. I'm going to step back from this forum for a bit. I'll keep an eye on the thread but not participate. There is nothing more that I can add to this so far.

dont get me wrong, i didnt pay attention to the date =\
sorry pal...get in touch with mtgox and some of the pool operators (tyco (deepbit) (dinox (swepool) etc.. and see if they can help

casascius
Mike Caldwell
VIP
Legendary
*
Offline Offline

Activity: 1344


The Casascius 1oz 10BTC Silver Round (w/ Gold B)


View Profile WWW
June 14, 2011, 04:31:59 AM
 #176

...because there is no certifiable concrete documented evidence of the theft.

He can prove possession of the private keys by receiving a small amount and resending it to a specific address upon request.  The amount would have to be very arbitrary and not coincide with any other coins in his wallet for the same amount, to ensure that when he sent the same amount out, he would be sending out the same transaction.

Companies claiming they got hacked and lost your coins sounds like fraud so perfect it could be called fashionable.  I never believe them.  If I ever experience the misfortune of a real intrusion, I declare I have been honest about the way I have managed the keys in Casascius Coins.  I maintain no ability to recover or reproduce the keys, not even under limitless duress or total intrusion.  Remember that trusting strangers with your coins without any recourse is, as a matter of principle, not a best practice.  Don't keep coins online. Use paper wallets instead.
mouse
Jr. Member
*
Offline Offline

Activity: 56



View Profile
June 14, 2011, 04:32:46 AM
 #177

If anyone thinks this isn't a problem with the bitcoin system, they're deluding themselves.

While it's true that allinvain could have taken measures that would probably have avoided this, it still doesn't change the fact that as things currently stand the system is very difficult, if not impossible, to secure for the 'average joe', and this security DOES NOT come setup already out of the box. Suggestions of manually setting up laptops with multiple different encrypted (with 3rd party software no less) wallets or other such talk is FAR beyond anything the average consumer is willing to do to use this system.

Whether you want to hear this or not, my professional opinion is that unless security is built into the bitcoin system, and the system activly tries to protect users from themselves, it won't work. And by professional, I mean I've spent several years working for a few Government agencies where I've focussed mostly on usability and good UI design to reducing error rates for various high profile systems, etc.

Think about this - if EVERY user has to take steps X, Y, and Z in order to use the system safely, then steps X, Y, and Z must be built into the system.

Any intelligent fool can make things bigger, more complex and more violent. It takes a touch of genius and a lot of courage to move in the opposite direction.
bcearl
Full Member
***
Offline Offline

Activity: 168



View Profile
June 14, 2011, 04:37:58 AM
 #178

What do I get if I get your money back?
Is there hope after all?

1. mtgox has the money

2. our victim can at least prove that he also has the private key of the account where the money got stolen from.

Misspelling protects against dictionary attacks NOT
SgtSpike
Legendary
*
Offline Offline

Activity: 1344



View Profile
June 14, 2011, 04:41:31 AM
 #179

Think about this - if EVERY user has to take steps X, Y, and Z in order to use the system safely, then steps X, Y, and Z must be built into the system.
This, most definitely, I agree with.
Capitan
Member
**
Offline Offline

Activity: 112


View Profile
June 14, 2011, 04:42:01 AM
 #180

I agree with mouse. Securing the wallet, and everything else possible (I don't know what to demand security on specifically, because I'm not an encryption or security expert) is the single most important thing that needs to be done in the bitcoin world right now. I am still shocked when I read a forum post saying that one of the developers said that securing the wallet was low priority.

You aren't gonna get multiple chances with bitcoin. If it experiences one catastrophic failure, that could be enough to scare people away for good. I have no bitcoins to my name right now but as soon as I do I will pledge some to a bounty on securing the wallet, and a security audit of the entire toolchain. That includes pools, miners, clients, and wallet security. If any coders here are legitametly GOOD if not GREAT security programmers, they should set up to work on that. Or people should recruit their friends who are experts in the arena to contribute.

I said this in another thread. Cryptocurrency with a plain text wallet. Is that a joke?
Pages: « 1 2 3 4 5 6 7 8 [9] 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 »
  Print  
 
Jump to:  

Sponsored by , a Bitcoin-accepting VPN.
Powered by MySQL Powered by PHP Powered by SMF 1.1.19 | SMF © 2006-2009, Simple Machines Valid XHTML 1.0! Valid CSS!