Bitcoin Forum
November 06, 2024, 05:05:37 PM *
News: Latest Bitcoin Core release: 28.0 [Torrent]
 
   Home   Help Search Login Register More  
Pages: « 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 [17] 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 »
  Print  
Author Topic: I just got hacked - any help is welcome! (25,000 BTC stolen)  (Read 381798 times)
CharlieContent
Full Member
***
Offline Offline

Activity: 210
Merit: 100


View Profile
June 15, 2011, 10:44:53 PM
 #321

A newbie who can't post in this forum has identified that the address your coins went to is a donation receiving address of LulzSec:

http://forum.bitcoin.org/index.php?topic=17386.msg223015
It wasn't LulzSec. That press release was a fake copy.

Real press release:
http://pastebin.com/i5M0LB58
Fake:
http://pastebin.com/88nGp508

True, that press release is fake, but look at the thief's BlockExplorer record: http://blockexplorer.com/address/1KPTdMb6p7H3YCwsyFqrEmKGmsHqe1Q3jg

One of the sent transactions from this wallet goes to 176LRX4WRWD5LWDMbhr94ptb2MW9varCZP
And what is this wallet? The GENUINE LulzSec donation wallet.

So we can surmise that the thief is at least sympathetic to LulzSec if not directly linked, which would give weight to this guys claims: http://twitter.com/#!/Anonakomis . He is a guy affiliated with LulzSec. On this twitter account, he boasts about being responsible for the theft, and how he has donated a small amount from it to LulzSec.

Fuck, I feel like Poirot.
bbit
Legendary
*
Offline Offline

Activity: 1330
Merit: 1000


Bitcoin


View Profile
June 15, 2011, 10:58:05 PM
 #322

Clearly this guy was the one that stole the coins? : http://twitter.com/#!/Anonakomis   

Other articles:

http://venturebeat.com/2011/06/15/thief-steals-bitcoins/

http://anteyekon4myst.visibli.com/share/LS0rrX

http://arstechnica.com/tech-policy/news/2011/06/bitcoin-the-decentralized-virtual-currencyrisky-currency-500000-bitcoin-heist-raises-questions.ars?comments=1&p=21761375#comment-21761375


           █████████████████     ████████
          █████████████████     ████████
         █████████████████     ████████
        █████████████████     ████████
       ████████              ████████
      ████████              ████████
     ████████     ███████  ████████     ████████
    ████████     █████████████████     ████████
   ████████     █████████████████     ████████
  ████████     █████████████████     ████████
 ████████     █████████████████     ████████
████████     ████████  ███████     ████████
            ████████              ████████
           ████████              ████████
          ████████     █████████████████
         ████████     █████████████████
        ████████     █████████████████
       ████████     █████████████████
▄▄
██
██
██
██
██
██
██
██
██
██     
██
██
▬▬ THE LARGEST & MOST TRUSTED ▬▬
      BITCOIN SPORTSBOOK     
   ▄▄
██
██
██
██
██
██
██
██
██
██     
██
██
             ▄▄▄▄▀▀▀▀▄
     ▄▄▄▄▀▀▀▀        ▀▄▄▄▄           
▄▀▀▀▀                 █   ▀▀▀▀▀▀▀▄▄
█                    ▀▄          █
 █   ▀▌     ██▄        █          █               
 ▀▄        ▐████▄       █        █
  █        ███████▄     ▀▄       █
   █      ▐████▄█████████████████████▄
   ▀▄     ███████▀                  ▀██
    █      ▀█████    ▄▄        ▄▄    ██
     █       ▀███   ████      ████   ██
     ▀▄        ██    ▀▀        ▀▀    ██
      █        ██        ▄██▄        ██
       █       ██        ▀██▀        ██
       ▀▄      ██    ▄▄        ▄▄    ██
        █      ██   ████      ████   ██
         █▄▄▄▄▀██    ▀▀        ▀▀    ██
               ██▄                  ▄██
                ▀████████████████████▀




  CASINO  ●  DICE  ●  POKER   
▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀
   24 hour Customer Support   

▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀
CharlieContent
Full Member
***
Offline Offline

Activity: 210
Merit: 100


View Profile
June 15, 2011, 11:06:08 PM
 #323

Clearly this guy was the one that stole the coins? : http://twitter.com/#!/Anonakomis   

Well...maybe. This guy is also a known attention seeker. He might have seen the thief donate to LulzSec and decided it was a good opportunity to claim responsibility and increase his rep. Or maybe he's telling the truth and it was him.
Nescio
Jr. Member
*
Offline Offline

Activity: 56
Merit: 1


View Profile
June 16, 2011, 12:10:30 AM
 #324

So we can surmise that the thief is at least sympathetic to LulzSec if not directly linked, which would give weight to this guys claims: http://twitter.com/#!/Anonakomis . He is a guy affiliated with LulzSec. On this twitter account, he boasts about being responsible for the theft, and how he has donated a small amount from it to LulzSec.

Fuck, I feel like Poirot.

Ah, the French dude! Tongue

Funny guy too, sending 9.11 BTC Smiley I guess you can apply for that amount at least, though it's little consolation compared to the main sum.

I'm really curious now whether this eminently trackable thing is not just PR toward the man, or is this only supposed to be the case when you have their network sifting resources? If so then Bitcoin is anonymous if users are in trouble but transparent to centralized evil, which is the worst of both worlds.. On the other hand, that would be the best case scenario from a gov perspective, which might help convince them not to squash it. Hmm..

BTW, Twitter already caved in the super injunction case, so it shouldn't be too hard to get more info on that particular user. Although he's probably behind proxies etc. if he's any relation of LulzSec anyway.
Aggro
Donator
Sr. Member
*
Offline Offline

Activity: 296
Merit: 250



View Profile
June 16, 2011, 12:25:58 AM
 #325

Hi everyone. I am totally devastated today. I just woke up to see a very large chunk of my bitcoin balance gone to the following address:


1KPTdMb6p7H3YCwsyFqrEmKGmsHqe1Q3jg

Transaction date: 6/13/2011 12:52 (EST)


I feel like killing myself now. This get me so f'ing pissed off. If only the wallet file was encrypted on the HD. I do feel like this is my fault somehow for now moving that money to a separate non windows computer. I backed up my wallet.dat file religiously and encrypted it but that does not do me much good when someone or some trojan or something has direct access to my computer somehow.

The transaction sent belongs rightfully to this address: 1J18yk7D353z3gRVcdbS7PV5Q8h5w6oWWG

Block explorer is down so I cannot even see where the funds went.

I tried restoring an earler backup of my wallet but naturally that does not work because the transaction has already been validated.

Needles to say I feel like I have lost faith in bitcoin.

Anyone have any ideas what I can do besides just jump off a bridge?!


Without wanting to start a O/S flame war, this is a clear example why I ran away from windows in 2007 when I got USD 1,200 stolen from my E-Gold account due to an exploit in Internet explorer. Since then, it has been Linux and Mac for me, and have never looked back.

This is also another example as to WHY bitcoins should be treated as paper cash: You wouldn't leave a pile of USD 500,000 in cash laying on your living room. If you have that amount of paper cash, you would either build a suitable vault on your house, or secure your cash off site (ie. a bank security box, etc...), otherwise the first crackhead that brakes into your house owns your cash.

jimbobway
Legendary
*
Offline Offline

Activity: 1304
Merit: 1015



View Profile
June 16, 2011, 01:49:28 AM
 #326

allinvain, I am not sure if this question was asked yet (I skimmed through this thread) but did you use anti-virus software?
error
Hero Member
*****
Offline Offline

Activity: 588
Merit: 500



View Profile
June 16, 2011, 02:05:25 AM
 #327

Some moron just admitted to stealing half a million bucks on Twitter?! Time to call your local FBI office.

3KzNGwzRZ6SimWuFAgh4TnXzHpruHMZmV8
DavinciJ15
Hero Member
*****
Offline Offline

Activity: 780
Merit: 510


Bitcoin - helping to end bankster enslavement.


View Profile WWW
June 16, 2011, 02:15:46 AM
 #328

Your best chance at solving this mystery is to focus on your hacked machine, how it was accessed, any malware that is on it. Mostly it sounds like you didn't secure your machine properly, in which case your chance of fixing this disaster will sadly be very small.

I believe it must have been a virus of some sorts. Yes you are right. I don't think I can do anything at this point. Format and reinstall windows is the best I can do, and from there on not ever use windows for any security sensitive sites/systems.
Don't format your windows compute it's evidence that someone can use to find the perps!  Use vmware conversion program to convert it to a VM so you have all the logs and events.  But if you can keep the HD as they may have only deleted a evidence file and not obliterated it thus you could undelete the file.

MY GOD KEEP THAT HD!
MoonShadow
Legendary
*
Offline Offline

Activity: 1708
Merit: 1010



View Profile
June 16, 2011, 02:24:56 AM
 #329

Some moron just admitted to stealing half a million bucks on Twitter?! Time to call your local FBI office.

Yeah, really.  That's at least as damning as some guy bragging in a bar to the drunk next to him.

"The powers of financial capitalism had another far-reaching aim, nothing less than to create a world system of financial control in private hands able to dominate the political system of each country and the economy of the world as a whole. This system was to be controlled in a feudalist fashion by the central banks of the world acting in concert, by secret agreements arrived at in frequent meetings and conferences. The apex of the systems was to be the Bank for International Settlements in Basel, Switzerland, a private bank owned and controlled by the world's central banks which were themselves private corporations. Each central bank...sought to dominate its government by its ability to control Treasury loans, to manipulate foreign exchanges, to influence the level of economic activity in the country, and to influence cooperative politicians by subsequent economic rewards in the business world."

- Carroll Quigley, CFR member, mentor to Bill Clinton, from 'Tragedy And Hope'
mjsbuddha
Sr. Member
****
Offline Offline

Activity: 336
Merit: 250


yung lean


View Profile
June 16, 2011, 02:25:00 AM
 #330

Some moron just admitted to stealing half a million bucks on Twitter?! Time to call your local FBI office.

agreed. theft of $500,000 in assets is a huge deal. you wouldn't get that from holding up a moderately sized bank. this has gotten a fair amount of attention and someone is going to jail for it for a long time. doesn't even matter if its the right person. nothing scares the people in power more then the concept of their money being stolen.
CharlieContent
Full Member
***
Offline Offline

Activity: 210
Merit: 100


View Profile
June 16, 2011, 02:53:57 AM
 #331

Ah, the French dude! Tongue

Poirot is Belgian. Tongue
Chimel
Newbie
*
Offline Offline

Activity: 13
Merit: 0


View Profile
June 16, 2011, 02:58:52 AM
 #332

From now on I'm going to store them on a dedicated bitcoin wallet machine with linux on it
It's a good first step, but it's still putting all your eggs in the same basket. You need to diversify. Even if you want to keep bitcoins as an investment or to promote the system, you need to invest at least one out of each two bitcoins mined into a different portfolio. Be it gold, real estate, remunerated savings account, stocks, venture capitalism, more mining rigs, take your pick. And don't forget to give 10% to charities!  
MoonShadow
Legendary
*
Offline Offline

Activity: 1708
Merit: 1010



View Profile
June 16, 2011, 03:22:32 AM
 #333

From now on I'm going to store them on a dedicated bitcoin wallet machine with linux on it
It's a good first step, but it's still putting all your eggs in the same basket. You need to diversify. Even if you want to keep bitcoins as an investment or to promote the system, you need to invest at least one out of each two bitcoins mined into a different portfolio. Be it gold, real estate, remunerated savings account, stocks, venture capitalism, more mining rigs, take your pick. And don't forget to give 10% to charities!  

Or you could just put a majority of your coins onto couple of cheap thumbdrives, encrypt them, and put one in a safety deposit box and another in a bubble wrap envelope with your last will and testament.

"The powers of financial capitalism had another far-reaching aim, nothing less than to create a world system of financial control in private hands able to dominate the political system of each country and the economy of the world as a whole. This system was to be controlled in a feudalist fashion by the central banks of the world acting in concert, by secret agreements arrived at in frequent meetings and conferences. The apex of the systems was to be the Bank for International Settlements in Basel, Switzerland, a private bank owned and controlled by the world's central banks which were themselves private corporations. Each central bank...sought to dominate its government by its ability to control Treasury loans, to manipulate foreign exchanges, to influence the level of economic activity in the country, and to influence cooperative politicians by subsequent economic rewards in the business world."

- Carroll Quigley, CFR member, mentor to Bill Clinton, from 'Tragedy And Hope'
allinvain (OP)
Legendary
*
Offline Offline

Activity: 3080
Merit: 1083



View Profile WWW
June 16, 2011, 03:24:15 AM
 #334

none of that helps against a compromised machine.

Actually, it does.
You may fool an attacker into thinking that he hacked all the layers, while he only hacked top 2 of them.
Security by obscurity + surprise element.

It will still happily grab all of your TrueCrypt passwords, your mouse movements, all the fractal windows you have open etc.

Who needs mouse movements when you can connect to a (virtual) machine using  encrypted VNC connection ?
The possibilities are endless. VM is just the beginning of the things you can do.

there have been exploits for detecting and getting out of a VM (exactly because people expect VMs to be safe).

Not all of the exploits work on all kinds of VM's.
Also, a possible attacker may not be prepared for task of this level of complexity.

The only way you can be secure is by using a separate, clean, minimal installation on different hardware from the daily use, net connected machine.

This is certainly the best way, but having a hall of mirrors is also useful when you are only using single machine.
As I said, "the possibilities are endless. VM is just the beginning of things you can do".

Generally my thinking is that you can create multiple levels of complexity and every one of the makes it more difficult for the attacker to hack you.

You know what guys, if we expect the average joe to have to learn to become a security expert just to use bitcoin, then bitcoin is pretty much doomed. If not it will just remain an anarchistic/libertarian geek's version of paypal. Or it could just piss off the government who will use this as an excuse to go after the exchangers/users because of claims that stolen bitcoin funds could be used to fund terrorism.


allinvain (OP)
Legendary
*
Offline Offline

Activity: 3080
Merit: 1083



View Profile WWW
June 16, 2011, 03:25:08 AM
Merited by nutildah (1)
 #335

@Allinvain - Bitcoins are apparently very traceble.  Check this out....

This article has some very interesting information.
http://www.forexyard.com/en/news/Bitcoin-exchanges-offer-anti-money-laundering-aid-2011-06-15T220113Z

"Karpeles [MagicalTux] said Bitcoin transactions were in fact traceable. He said that while the system had been built to be anonymous, it was "really easy to track Bitcoins across the network."

"Donald Norman, the co-founder of a London-based consultancy that serves Bitcoin exchanges, said that a data file existed which reflected the complete history of Bitcoin transactions, so that "the ownership of every single coin is completely known and traceable."


I hope that someone still has this data file and is continually expanding it.

rezin777
Full Member
***
Offline Offline

Activity: 154
Merit: 100


View Profile
June 16, 2011, 03:27:32 AM
 #336

@Allinvain - Bitcoins are apparently very traceble.  Check this out....

This article has some very interesting information.
http://www.forexyard.com/en/news/Bitcoin-exchanges-offer-anti-money-laundering-aid-2011-06-15T220113Z

"Karpeles [MagicalTux] said Bitcoin transactions were in fact traceable. He said that while the system had been built to be anonymous, it was "really easy to track Bitcoins across the network."

"Donald Norman, the co-founder of a London-based consultancy that serves Bitcoin exchanges, said that a data file existed which reflected the complete history of Bitcoin transactions, so that "the ownership of every single coin is completely known and traceable."


I hope that someone still has this data file and is continually expanding it.

The block chain? Although he's mad if he thinks that ownership can be traced beyond this address has this amount of Bitcoin. Of course, some addresses can be linked to the owners, but certainly not all.
MoonShadow
Legendary
*
Offline Offline

Activity: 1708
Merit: 1010



View Profile
June 16, 2011, 03:29:48 AM
 #337


You know what guys, if we expect the average joe to have to learn to become a security expert just to use bitcoin, then bitcoin is pretty much doomed.


Nonsense.  It just means that those who are good at security will become the new guardians of the realm.  Bitcoin was never really meant to be used at the protocol level by Joe Six Pack.  There will be geeks who write secure wallet systems for android and such that let Joe use bitcoins in daily life as an abstract means to pay with his mobile phone or over the Internet securely.  We don't really want one single client with one security model, because if it has flaws they all willl.  We want a bunch of clients, each doing security in a different way.  The bazzar, not the cathedral.

"The powers of financial capitalism had another far-reaching aim, nothing less than to create a world system of financial control in private hands able to dominate the political system of each country and the economy of the world as a whole. This system was to be controlled in a feudalist fashion by the central banks of the world acting in concert, by secret agreements arrived at in frequent meetings and conferences. The apex of the systems was to be the Bank for International Settlements in Basel, Switzerland, a private bank owned and controlled by the world's central banks which were themselves private corporations. Each central bank...sought to dominate its government by its ability to control Treasury loans, to manipulate foreign exchanges, to influence the level of economic activity in the country, and to influence cooperative politicians by subsequent economic rewards in the business world."

- Carroll Quigley, CFR member, mentor to Bill Clinton, from 'Tragedy And Hope'
rezin777
Full Member
***
Offline Offline

Activity: 154
Merit: 100


View Profile
June 16, 2011, 03:29:59 AM
 #338



You know what guys, if we expect the average joe to have to learn to become a security expert just to use bitcoin, then bitcoin is pretty much doomed. If not it will just remain an anarchistic/libertarian geek's version of paypal. Or it could just piss off the government who will use this as an excuse to go after the exchangers/users because of claims that stolen bitcoin funds could be used to fund terrorism.



All this proves is there is a market for a layer on top of Bitcoin to provide security without the "average joe" having to make any effort. Thankfully, those who do want to make the effort won't require this layer.

In time, someone will provide a security solution for the "average joe". And they will get rich doing it.
allinvain (OP)
Legendary
*
Offline Offline

Activity: 3080
Merit: 1083



View Profile WWW
June 16, 2011, 03:33:39 AM
 #339

allinvain, I am not sure if this question was asked yet (I skimmed through this thread) but did you use anti-virus software?

Yes, I used Symantec Antivirus and I regularly ran malwarebytes, spybot, bitdefender online scan, f-secure online scan, and eset online scan. I was behind a router's hardware firewall with only a few needed ports open.

allinvain (OP)
Legendary
*
Offline Offline

Activity: 3080
Merit: 1083



View Profile WWW
June 16, 2011, 03:36:52 AM
 #340

Some moron just admitted to stealing half a million bucks on Twitter?! Time to call your local FBI office.

agreed. theft of $500,000 in assets is a huge deal. you wouldn't get that from holding up a moderately sized bank. this has gotten a fair amount of attention and someone is going to jail for it for a long time. doesn't even matter if its the right person. nothing scares the people in power more then the concept of their money being stolen.

I'm going to get in touch with the RCMP who I hope will co-ordinate with FBI, InterPol and all the other international police agencies that can get involved.

Pages: « 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 [17] 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 »
  Print  
 
Jump to:  

Powered by MySQL Powered by PHP Powered by SMF 1.1.19 | SMF © 2006-2009, Simple Machines Valid XHTML 1.0! Valid CSS!