Bitcoin Forum
December 08, 2016, 06:12:41 PM *
News: To be able to use the next phase of the beta forum software, please ensure that your email address is correct/functional.
 
   Home   Help Search Donate Login Register  
Pages: [1]
  Print  
Author Topic: VNC TO STEAL BITCOIN CLIENT BALANCE?  (Read 706 times)
zurzon
Newbie
*
Offline Offline

Activity: 14



View Profile
June 14, 2011, 09:57:42 PM
 #1

Somebody reported that their bitcoin balance in their client had been stolen and sent to an anonymous address.

I don't remember what thread that was, so don't suggest posting in that thread as some trolling thread cop would.

It occurred to me that it would be possible to steal somebody's balance with a VNC connection to somebody's computer.

I was playing around with TightVNC and had it installed on my computer and running as a server, when somebody from Canada tried to access my computer using their TightVNC client.

What amazed me was they didn't need a password and username.

I think it was a back door in the software.

I blocked the access attempt with my firewall software, and after that, I removed the VNC software.

If the firewall hadn't been in place, who ever it was would have gained access to my computer.

If he had, it would have been a simple matter for him to access my bitcoin client and send my entire balance to his payment address.

BITCOIN SECRETS
1481220761
Hero Member
*
Offline Offline

Posts: 1481220761

View Profile Personal Message (Offline)

Ignore
1481220761
Reply with quote  #2

1481220761
Report to moderator
1481220761
Hero Member
*
Offline Offline

Posts: 1481220761

View Profile Personal Message (Offline)

Ignore
1481220761
Reply with quote  #2

1481220761
Report to moderator
1481220761
Hero Member
*
Offline Offline

Posts: 1481220761

View Profile Personal Message (Offline)

Ignore
1481220761
Reply with quote  #2

1481220761
Report to moderator
There are several different types of Bitcoin clients. Header-only clients like MultiBit trust that the majority of mining power is honest for the purposes of enforcing network rules such as the 21 million BTC limit. Full clients do not trust miners in this way.
Advertised sites are not endorsed by the Bitcoin Forum. They may be unsafe, untrustworthy, or illegal in your jurisdiction. Advertise here.
1481220761
Hero Member
*
Offline Offline

Posts: 1481220761

View Profile Personal Message (Offline)

Ignore
1481220761
Reply with quote  #2

1481220761
Report to moderator
1481220761
Hero Member
*
Offline Offline

Posts: 1481220761

View Profile Personal Message (Offline)

Ignore
1481220761
Reply with quote  #2

1481220761
Report to moderator
lysol
Newbie
*
Offline Offline

Activity: 5


View Profile WWW
June 14, 2011, 10:05:43 PM
 #2

Since you blocked the connection at your software firewall level, I'd say they didn't even get to the password stage. There are plenty of people/bots/scripts that scan ranges of addresses for open SSH, VNC, etc. I doubt it was anything targeted at you specifically.
zurzon
Newbie
*
Offline Offline

Activity: 14



View Profile
June 14, 2011, 10:18:22 PM
 #3

Since you blocked the connection at your software firewall level, I'd say they didn't even get to the password stage. There are plenty of people/bots/scripts that scan ranges of addresses for open SSH, VNC, etc. I doubt it was anything targeted at you specifically.

Possibly.

BITCOIN SECRETS
lysol
Newbie
*
Offline Offline

Activity: 5


View Profile WWW
June 14, 2011, 10:30:53 PM
 #4

The simplest explanation is most likely true. Since your software firewall stopped anything from happening on the connection right after the TCP handshake, it isn't possible that the VNC handshake even took place. Unless your software firewall is exceptionally strange.
Pages: [1]
  Print  
 
Jump to:  

Sponsored by , a Bitcoin-accepting VPN.
Powered by MySQL Powered by PHP Powered by SMF 1.1.19 | SMF © 2006-2009, Simple Machines Valid XHTML 1.0! Valid CSS!