Bitcoin Forum
December 10, 2016, 05:02:55 PM *
News: To be able to use the next phase of the beta forum software, please ensure that your email address is correct/functional.
 
   Home   Help Search Donate Login Register  
Pages: « 1 2 3 4 5 6 7 8 9 [10] 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 »
  Print  
Author Topic: I just got hacked - any help is welcome! (25,000 BTC stolen)  (Read 343668 times)
bitjet
Hero Member
*****
Offline Offline

Activity: 556


View Profile
June 14, 2011, 04:56:46 AM
 #181

but let's be honest the wallet should be encrypted.

I completely agree. There should be a password that needs to be punched in on an onscreen pas with the mouse to prevent keystroke detectors from accessing the pass.

Looks like I am going to start a new wallet and distribute the brunt of my coins to an offline wallet on a usb stick. I have only a fraction of what you lost but I have not much else these days. I would be very very upset if this happened to me. Sorry man. I guess this really says something about having all of your eggs in one basket so to speak. 
1481389375
Hero Member
*
Offline Offline

Posts: 1481389375

View Profile Personal Message (Offline)

Ignore
1481389375
Reply with quote  #2

1481389375
Report to moderator
Advertised sites are not endorsed by the Bitcoin Forum. They may be unsafe, untrustworthy, or illegal in your jurisdiction. Advertise here.
1481389375
Hero Member
*
Offline Offline

Posts: 1481389375

View Profile Personal Message (Offline)

Ignore
1481389375
Reply with quote  #2

1481389375
Report to moderator
1481389375
Hero Member
*
Offline Offline

Posts: 1481389375

View Profile Personal Message (Offline)

Ignore
1481389375
Reply with quote  #2

1481389375
Report to moderator
Bind
Sr. Member
****
Offline Offline

Activity: 252

DO NOT ACCEPT PAYPAL FOR BTC YOU WILL GET BURNED


View Profile
June 14, 2011, 04:58:35 AM
 #182

its a wallet, and much like you own money wallet or purse, you need to secure it.

if you have 25k in your money wallet and leave it sitting on the living room table and hutch at the front door with the doors UNLOCKED, someone that breaks in can steal it quite easily. You going to blame the banks because someone stole your cash out of your wallet from your unlocked home ?

hello ?

Its up to you to secure your wallet and house.

Just like its up to you to secure whats housing your wallet ... you computer.

The onus is on you, not bitcoin, to secure your computer. Bitcoin cant secure your computer. Bitcoin is not a system security program. If you want that go run a system security suite (that probably would have protected you from intrusion in the first place). It sends and receives secure encrypted data. Thats it.  Its not a system security suite. Now if they ever make a change that allows additional wallet security, like making you type in a password before each and every manual send transaction, then you (or others) would be complaining what a pain in the ass THAT is because its inconvenient.

All over these forums and specifically on the bitcoin how to info and help section is everything you need to do it. They explain it and the risk in exhausting detail. What more do you want ?

This is NOT a bitcoin issue.

This is an issue where the user didnt secure his wallet and the house his wallet is sitting in.

Those of you who disagree go read the help how to and info section.

You shouldnt even be using bitcoin without knowing all of that information, but no, you just wanted to jump right in (or ignore that information) because of your greed and apathy and disinterest in learning or doing what you need to know and do, and now you blame bitcoin for it.



"... He is no fool who parts with that which he cannot keep, when he is sure to be recompensed with that which he cannot lose ..."

"... history disseminated to the masses is written by those who win battles and wars and murder their heroes ..."


1Dr3ig3EoBnPWq8JZrRTi8Hfp53Kj
SlaveInDebt
Hero Member
*****
Offline Offline

Activity: 701


Your Minion


View Profile
June 14, 2011, 05:06:07 AM
 #183

At least Allinvain takes responsibility for his lose. Hearing some of you proclaim that someone else should make an effort to protect yourselves is laughable. Be responsible for yourself and handle your accounts. It's been said many a time even in this thread how one can take precautions against theft. Do you lock your car? Put valuable's in a safe or bank? Then you should have enough understanding that you're responsible for securing your possessions not someone else, same applies to bitcoin. Now I will back off and admit that more automated measures for security of personal accounts would be beneficial and attractive for gaining more bitcoin user's.

"A banker is a fellow who lends you his umbrella when the sun is shining, but wants it back the minute it begins to rain." - Mark Twain
Dude65535
Full Member
***
Offline Offline

Activity: 126


View Profile
June 14, 2011, 05:10:01 AM
 #184

The only security measure that matters is to run bitcoin on a secure machine. If the machine is secure no security need be built into the client. If the machine is infected no security in the software can protect you. All the hacker has to do is sit back and wait for you provide whatever is needed to bypass the security.

If you have more in bitcoins that you would be comfortable carrying as cash in your pocket or leaving sitting on your night stand, you need to set up bitcoins equivalent of a safe. A one use machine with full system encryption and no regular connection to any network. Create a second wallet on that machine and send most of your bitcoins to it. For best security don't ever connect it to the internet. If you need to send bitcoins from the safe to your spending wallet disconnect your home network from the internet and let your 2 copies of bitcoin just talk to each other. Once the safe has sent the transaction to your main computer shut down the safe and connect to the internet again. Your main machine will resend the transaction and then it can get in a block. You still need to create multiple encrypted backups of your safe's wallet.dat file to protect against hardware failure.

1DCj8ZwGZXQqQhgv6eUEnWgsxo8BTMj3mT
mouse
Jr. Member
*
Offline Offline

Activity: 56



View Profile
June 14, 2011, 05:11:28 AM
 #185

bind security detractors, I don't think you get it.

Lets take the same group of people in 2 parallel universes. In universe A they use software A. It just so happens that, in universe A, there is an error rate of about 2%. Now in universe B, we have the same users, but they use software B. There, the error rate is about 12%.

In EVERY SINGLE CASE (yes I'm using caps), BAR NONE, you can point to a user action in universe B that caused the error. REGARDLESS of this truth, software B is clearly inferior to software A, and, I would argue, is (to some degree) responsible for those extra errors, since its the only variable between each universe.

P.S. bitcoin doesn't have feelings that need to be defended.

Any intelligent fool can make things bigger, more complex and more violent. It takes a touch of genius and a lot of courage to move in the opposite direction.
Bind
Sr. Member
****
Offline Offline

Activity: 252

DO NOT ACCEPT PAYPAL FOR BTC YOU WILL GET BURNED


View Profile
June 14, 2011, 05:21:27 AM
 #186

bind security detractors, I don't think you get it.

Lets take the same group of people in 2 parallel universes. In universe A they use software A. It just so happens that, in universe A, there is an error rate of about 2%. Now in universe B, we have the same users, but they use software B. There, the error rate is about 12%.

In EVERY SINGLE CASE (yes I'm using caps), BAR NONE, you can point to a user action in universe B that caused the error. REGARDLESS of this truth, software B is clearly inferior to software A, and, I would argue, is responsible for those extra errors, since its the only variable between each universe.

P.S. bitcoin doesn't have feelings that need to be defended.

fortunately we do not have to deal with 2 theoretical universes factoring in obtuse theories.

we have one where bitcoin and personal responsibility reside

in our real universe, there are no errors here besides the ones bitcoin users make (by inaction) who do not secure their property and finances as exhaustively promoted, suggested, and listed on the page they need the download the program, and on this forum.

I have not defended bitcoin.

If bitcoin did anything wrong or were neglegent I would have been on them like white on rice too.

personal responsibility goes a long way.

now perhaps incidents like this will enable a more inconvenient form of wallet protection from bitcoin ... who knows ... personally I dont think its needed ... I know I am safe because I research and read things i am interested in and dont ignore the in-your-face security alerts and precautions plastered all over this domain and forum ... but thats just me ... a simple guy with a brain and an attention span longer than a toddlers' with eyes that can see whats in front of me.

"... He is no fool who parts with that which he cannot keep, when he is sure to be recompensed with that which he cannot lose ..."

"... history disseminated to the masses is written by those who win battles and wars and murder their heroes ..."


1Dr3ig3EoBnPWq8JZrRTi8Hfp53Kj
Hawkix
Hero Member
*****
Offline Offline

Activity: 517



View Profile WWW
June 14, 2011, 05:28:48 AM
 #187

Immediately:

1. ask Slush to get IP which changed your payout address
2. contact MagicalTux to inform him about what happened to you
3. perform a complete disk image of your working PC, ASAP (use PartImage from Live CD) so it can be later analyzed for possible installed trojans etc.
   


Donations: 1Hawkix7GHym6SM98ii5vSHHShA3FUgpV6
http://btcportal.net/ - All about Bitcoin - coming soon!
mouse
Jr. Member
*
Offline Offline

Activity: 56



View Profile
June 14, 2011, 05:40:49 AM
 #188

I think were derailing this thread's original discussion somewhat, even though its a natural segue, so I'm going to leave it there.

Any intelligent fool can make things bigger, more complex and more violent. It takes a touch of genius and a lot of courage to move in the opposite direction.
testerx
Sr. Member
****
Offline Offline

Activity: 444


View Profile
June 14, 2011, 05:43:35 AM
 #189

Your best chance at solving this mystery is to focus on your hacked machine, how it was accessed, any malware that is on it. Mostly it sounds like you didn't secure your machine properly, in which case your chance of fixing this disaster will sadly be very small.

I believe it must have been a virus of some sorts. Yes you are right. I don't think I can do anything at this point. Format and reinstall windows is the best I can do, and from there on not ever use windows for any security sensitive sites/systems.
I don't think windows is to blame, you say that you ran an anti-virus and found stuff...why would you not have been running antivirus all along to prevent infection in the first place?!  Basic computer security is a must for this kind of thing.

One of the problems here though is that in the normal world when you have $500,000 you don't have it sitting around in cash, you place it in a bank account where your deposits aren't just backed by the bank but are further re-insured by governments.  Here there are no banks so everyone ends up having to build their own digital bank vault of sorts.  Unfortunately as it is the currency is best used by not only very experienced but also rather paranoid computer users.

In real life we don't just expect everyone to be able to safeguard all their life savings by putting in a wallet in their living room.  Maybe we need to start bitcoin banks of sorts-you transfer your money into a bank where the people running it use optimal security procedures.  Of course the downside is that if someone manages to hack one of the banks things are even worse but if the banks were universally accepted they could easily mark money as being "dirty".  In addition these banks could publish a checkable database of stolen money that can be checked against with a client program when accepting any transaction so nobody will accept stolen cash (making it pointless to steal), or even automatically accept and forward it back to the rightful owner, etc.

I guess the closest thing right now are the exchanges though a bank should have some kind of 3rd party insurance backing them up much like in real life, as well as regular bank level website security procedures-the anti-phishing image verification checks, double passwords with non-keyboard password entry (to prevent keylogging), new computer IP address telephone pin verifications (calls you to verify that this new computer IP address is yours), etc.  Banks use these sorts of things to prevent people from just transferring tons of money out of your account, and even then if that happens they'll revert the transactions if your account is compromised.  Frankly it's rather insane to have everyone hold hundreds of thousands of dollars in their private wallets.  And with an incorporated bank you also have an entity you can sue for recovery in case something does happen.

Honestly it might be best to transfer your funds into one or more exchange accounts then log in daily to make sure nothing funny is going on, and reporting it immediately if something funny has gone down.  Because even if someone has sold your BTC's for cash, the money transfers out aren't immediate and they can work with the transfer services to get the transactions reversed, so there's definitely a time window where recovery is relatively easy to accomplish.  Of course optimally we'd have way better organized and supported exchanges than we have right now, you basically need something on the level of a real-world bank.
Bind
Sr. Member
****
Offline Offline

Activity: 252

DO NOT ACCEPT PAYPAL FOR BTC YOU WILL GET BURNED


View Profile
June 14, 2011, 06:01:40 AM
 #190

Whats to stop  a scammer from lying and claiming they were ripped off then ?

Whats the evidentiary criteria ?

Sure the transactions exist, but what does that prove in and of itself ?

that the transactions exist ?

Anyone can log into a website through tor or another proxy and change those details. Even the real account holder  in an effort to solidify the claim.

How do we know they were not legitimate, other than taking someones word on it, who might have ulterior motives ?

There is a reason BitCoin is designed the way it is with reversible anonymous transactions.

"... He is no fool who parts with that which he cannot keep, when he is sure to be recompensed with that which he cannot lose ..."

"... history disseminated to the masses is written by those who win battles and wars and murder their heroes ..."


1Dr3ig3EoBnPWq8JZrRTi8Hfp53Kj
PcChip
Sr. Member
****
Offline Offline

Activity: 294



View Profile
June 14, 2011, 06:02:29 AM
 #191

After reading through all ten pages, I have a theory (just like everyone else has their own theory)

At first I thought it was due to dropbox employees scanning their files for *wallet.dat, but after seeing someone else have their money stolen to the exact same address, it's obvious that was not the case.

The only logical explanation is exactly what user "koin" posted a few pages back:

Quote
If I were an unethical hacker looking for loot, I would find (or buy) a zero day exploit that would allow me to gain entry to a windows pc
the list of 20,000 bitcoin nodes is here: https://smsz.net/btcStats/bitcoin.kml
i'ld start through that list until i found that i had access to a whale and send funds from that wallet to a safe address.
because attacking all the nodes would expose me, i'ld stop after finding the whale.  and to not cause the bitcoin price to crash and as a result my loot become worth much less, i would not sell everything all at once.
i would cash out enough to be content and then sit quietly.
i'ld also keep copies of any other wallets that i came across while looking for the whale, so that at some point in the future withdrawal from those could be made at will.
this is all totally a hypothetical, but describes what could be going on here very well.


Somebody, or an organized cyber-criminal-gang most likely, setup basically an AutoRooter-for-BitCoin® that uses an 0-day (or one that's still new enough to work for many windows boxes), that loads a list of ip address known to be running the bitcoin client (and therefore 99% likely to have a wallet.dat on the hard drive), and then systematically tries to execute the exploit to each IP.  After gaining entry (bind shell, reverse shell, tftp, etc) the script or program then simply copies the wallet.dat to the attacker's local computer where it can be loaded into the local bitcoin client, and coins may be spent at will.

We will start seeing more and more of this now that files on people's computers can be worth hundreds of thousands of dollars.

All rates with Phoenix 1.50 / PhatK
------------------------------------------------------------------------------------------------------------------------------
5850 - 400 MH/s  |  5850 - 355 MH/s | 5830 - 310 MH/s  |  GTX570 - 115 MH/s | 5770 - 210 MH/s | 5770 - 200 MH/s
bcearl
Full Member
***
Offline Offline

Activity: 168



View Profile
June 14, 2011, 06:03:00 AM
 #192

Whats to stop  a scammer from lying and claiming they were ripped off then ?

Whats the evidentiary criteria ?

Sure the transactions exist, but what does that prove in and of itself ?

that the transactions exist ?

Anyone can log into a website through tor or another proxy and change those details. Even the real account holder  in an effort to solidify the claim.

How do we know they were not legitimate, other than taking someones word on it, who might have ulterior motives ?

There is a reason BitCoin is designed the way it is with reversible anonymous transactions.

The OP can prove that he has the private keys to the account the money was stolen from.


That means that we have two people claiming property, which is way better than nothing.

Misspelling protects against dictionary attacks NOT
Dude65535
Full Member
***
Offline Offline

Activity: 126


View Profile
June 14, 2011, 06:07:09 AM
 #193

The OP can prove that he has the private keys to the account the money was stolen from.


That means that we have two people claiming property, which is way better than nothing.

The issue is not proving he owns the addresses the bitcoins came from, the problem is he has no way of proving that he does not own the addresses the bitcoin went to.

1DCj8ZwGZXQqQhgv6eUEnWgsxo8BTMj3mT
bcearl
Full Member
***
Offline Offline

Activity: 168



View Profile
June 14, 2011, 06:10:31 AM
 #194

The OP can prove that he has the private keys to the account the money was stolen from.


That means that we have two people claiming property, which is way better than nothing.

The issue is not proving he owns the addresses the bitcoins came from, the problem is he has no way of proving that he does not own the addresses the bitcoin went to.

That could be a problem, but it isn't when it is directly associated with an MtGox account. This seems to be the case here.

Misspelling protects against dictionary attacks NOT
phillipsjk
Legendary
*
Offline Offline

Activity: 1008

Let the chips fall where they may.


View Profile WWW
June 14, 2011, 06:15:53 AM
 #195

While it's true that allinvain could have taken measures that would probably have avoided this, it still doesn't change the fact that as things currently stand the system is very difficult, if not impossible, to secure for the 'average joe', and this security DOES NOT come setup already out of the box. Suggestions of manually setting up laptops with multiple different encrypted (with 3rd party software no less) wallets or other such talk is FAR beyond anything the average consumer is willing to do to use this system.

Bitcoin is still an experiment. We don't know if the miners will leave en mass when the block reward drops after about 210000 blocks (For example). As far as I can tell, the Bitcoin protocol is sound. It is the client that is not ready for the masses.

For example, the default client still requires transaction fees if the transaction is less than 0.01 BTC; that decision was made when Bitcoins were worth far less than $1 USD each. Similarly, the default client can't encrypt the wallet and then prompt the user for the passphrase when needed: the wallet is needed for processing transactions. Even my CPU miner has a 1 in 50,000 chance of processing a block in a given day. A prerequisite for a wallet encrypted by default is a "thin" client that does not process transactions directly. The default client is halfway there now: no longer hashing by default.

This past month, I started using GnuPG. My private key is encrypted on the disk. My e-mail client only remembers the passphrase for a limited period of time, so encryption is doable. However, I have set my key to expire in 13 months. If I forget my passphrase, it is inconvenient, but I won't really lose any money. With wallets encrypted by default, the "average joe" will either forget the passphrase or chose a simple one that can be brute-forced using the victim's own computer.

As others (and I) have pointed out, all bets are off if the computer is insecure to start with.




James' OpenPGP public key fingerprint: EB14 9E5B F80C 1F2D 3EBE  0A2F B3DE 81FF 7B9D 5160
koin
Legendary
*
Offline Offline

Activity: 874


View Profile
June 14, 2011, 06:25:40 AM
 #196

hadn't i just heard that contrary to claims, bitcoins are not anonymous.  that the long arm of the law can find out who used bitcoins and for what purpose?

i'm guessing it just isn't as easy as it sounds.
SlaveInDebt
Hero Member
*****
Offline Offline

Activity: 701


Your Minion


View Profile
June 14, 2011, 06:35:47 AM
 #197

hadn't i just heard that contrary to claims, bitcoins are not anonymous.  that the long arm of the law can find out who used bitcoins and for what purpose?

i'm guessing it just isn't as easy as it sounds.

When no one has incentive for the time, effort, and knowledge yes. It can be done however.

"A banker is a fellow who lends you his umbrella when the sun is shining, but wants it back the minute it begins to rain." - Mark Twain
bcearl
Full Member
***
Offline Offline

Activity: 168



View Profile
June 14, 2011, 06:37:00 AM
 #198

hadn't i just heard that contrary to claims, bitcoins are not anonymous.  that the long arm of the law can find out who used bitcoins and for what purpose?

i'm guessing it just isn't as easy as it sounds.

Coins are not anonymous, but users can be, when they are aware of how to not leave traces.

Misspelling protects against dictionary attacks NOT
Maxxx
Member
**
Offline Offline

Activity: 70



View Profile
June 14, 2011, 06:38:03 AM
 #199


3. perform a complete disk image of your working PC, ASAP (use PartImage from Live CD) so it can be later analyzed for possible installed trojans etc.

I recommend FTK Imager as well. Perform a physical acquisition, you can do it on a live system as well. That is an industry standard method. You can also grab an image of your memory on a live system with it.

Time is money. This means that if you have spare time, you can use it to make money.

Modular, open, and stack-able miner case.
peak
Jr. Member
*
Offline Offline

Activity: 37


View Profile
June 14, 2011, 06:43:25 AM
 #200

I think the thief could be an early reader of this post after he successfully transfer your money.
Pages: « 1 2 3 4 5 6 7 8 9 [10] 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 »
  Print  
 
Jump to:  

Sponsored by , a Bitcoin-accepting VPN.
Powered by MySQL Powered by PHP Powered by SMF 1.1.19 | SMF © 2006-2009, Simple Machines Valid XHTML 1.0! Valid CSS!