VNC TO STEAL BITCOIN CLIENT BALANCE?

[zurzon]

Somebody reported that their bitcoin balance in their client had been stolen and sent to an anonymous address.

I don't remember what thread that was, so don't suggest posting in that thread as some trolling thread cop would.

It occurred to me that it would be possible to steal somebody's balance with a VNC connection to somebody's computer.

I was playing around with TightVNC and had it installed on my computer and running as a server, when somebody from Canada tried to access my computer using their TightVNC client.

What amazed me was they didn't need a password and username.

I think it was a back door in the software.

I blocked the access attempt with my firewall software, and after that, I removed the VNC software.

If the firewall hadn't been in place, who ever it was would have gained access to my computer.

If he had, it would have been a simple matter for him to access my bitcoin client and send my entire balance to his payment address.

[lysol]

Since you blocked the connection at your software firewall level, I'd say they didn't even get to the password stage. There are plenty of people/bots/scripts that scan ranges of addresses for open SSH, VNC, etc. I doubt it was anything targeted at you specifically.

[zurzon]

Since you blocked the connection at your software firewall level, I'd say they didn't even get to the password stage. There are plenty of people/bots/scripts that scan ranges of addresses for open SSH, VNC, etc. I doubt it was anything targeted at you specifically.

Possibly.

[lysol]

The simplest explanation is most likely true. Since your software firewall stopped anything from happening on the connection right after the TCP handshake, it isn't possible that the VNC handshake even took place. Unless your software firewall is exceptionally strange.