I think I might have had my BTC stolen? Really need advice

[sammoocow]

I just opened the client, and I have a transaction of -23.20 to an unknown address (it is not recognized by block explorer), that I did not make. It has 0 confirmations. Will not downloading the block chain do anything? Is there anyway to stop this? Or should I just download it and see what happens? :|

EDIT: And I am running on a Mac.

EDIT2: Now it is showing up on block explorer. http://blockexplorer.com/address/1KqNXG7wVcuxhB56mCr7mcGG1FqF1RHs7n

Am I just screwed?

[1713428173]

1713428173

[1713428173]

1713428173

[1713428173]

1713428173

[nazgulnarsil]

even though I don't store my wallets in plaintext these topics make me nervous.

[sammoocow]

So if it says it's gone, it's really gone and I can't do anything.. correct?

[IamFuzzles]

Does anyone have access to your computer? These coins were in your wallet right, not in a mtgox account thing? (not sure what to call it right now, haven't used it really)

[tito13kfm]

So if it says it's gone, it's really gone and I can't do anything.. correct?

This is correct

[sammoocow]

I think they were taken from my Gmail. I was stupid enough to put it there unencrypted, because they were not worth very much when I first uploaded them.. and I just never got around to it.

Does anyone have any information about this IP address: 65.183.151.13

[IamFuzzles]

I think they were taken from my Gmail. I was stupid enough to put it there unencrypted, because they were not worth very much when I first uploaded them.. and I just never got around to it.

Does anyone have any information about this IP address: 65.183.151.13

The wallet.dat was on your email server unencrypted? Anyone have access to that account or a computer you might have used the account on? How secure are your passwords?

[tito13kfm]

IP address [?]:    65.183.151.13 [Whois] [Reverse IP]
IP country code:    US
IP address country:    ip address flag United States
IP address state:    Vermont
IP address city:    Burlington
IP postcode:    05401
IP address latitude:    44.4929
IP address longitude:    -73.2253
ISP of this IP [?]:    Burlington Telecom
Organization:    Burlington Telecom
Host of this IP: [?]:    saito.countshockula.com

Contact their abuse department with the information and time your email was accessed.  My guess though is that this is a compromised account and the thief is not the persons associated with that IP at the time of the attack.

Edit: There is a website running at http://65.183.151.13/

Also responding on port 22 for SSH

Lol.. 111 is responding as well.. He's not that bright.

[sammoocow]

I thought my password was secure, but I guess not.

I am contacting Burlington Telecom right now but they don't seem that legit to me... This sucks.

EDIT: Wow, what a strange website. Do those open ports mean anything to my situation?

[tito13kfm]

http://www.networksolutions.com/whois-search/countshockula.com

More info

Edit2: Leon Johnson works for the ISP and is the one who registered the domain.  So he may have the information you are looking for

http://www.jigsaw.com/BC.xhtml?contactId=12877237&lastName=Johnson

I thought my password was secure, but I guess not.

I am contacting Burlington Telecom right now but they don't seem that legit to me... This sucks.

EDIT: Wow, what a strange website. Do those open ports mean anything to my situation?

Not unless you know of a specific portmap vulnerability, or can figure out his linux login/password

[sammoocow]

Wow, thanks a lot. Very handy information. Hopefully I can at least contact whoever stole from me.

[tito13kfm]

Abuse report info for Burlingtontelecom

OrgAbusePhone:  +1-802-540-0007
OrgAbuseEmail:  Abuse@burlingtontelecom.com

[sammoocow]

I already sent an email. I will call tomorrow if they don't respond by then. I guess I've learned an important lesson about encrypting :/. Really beating myself up over this. But still hopefully I can contact whoever stole from me. For now I'm just going to try to sleep it off. Thanks for the help everybody.

[allinvain]

I have a pet theory that the Anon/LulzSec folks are hard at work screwing bitcoiners over...all for lulz no doubt!

[tito13kfm]

I have a pet theory that the Anon/LulzSec folks are hard at work screwing bitcoiners over...all for lulz no doubt!

Wow, you didn't jump off a bridge?

Fuck LulzSec, seriously.

They accomplish absolutely nothing except screwing over normal people.  I hope they all die a slow painful death.

[allinvain]

I have a pet theory that the Anon/LulzSec folks are hard at work screwing bitcoiners over...all for lulz no doubt!

Wow, you didn't jump off a bridge?

Fuck LulzSec, seriously.

They accomplish absolutely nothing except screwing over normal people.  I hope they all die a slow painful death.

One of the addresses to which some of my stolen btc went belongs to them.

Someone else had their mtgox account hacked and btc sent to the very same address..

There is a trail of crime here. This is a concerted attack on bitcoin users.

[rezin777]

One of the addresses to which some of my stolen btc went belongs to them.

How many?

[FreeMoney]

I have a pet theory that the Anon/LulzSec folks are hard at work screwing bitcoiners over...all for lulz no doubt!

Wow, you didn't jump off a bridge?

Fuck LulzSec, seriously.

They accomplish absolutely nothing except screwing over normal people.  I hope they all die a slow painful death.

One of the addresses to which some of my stolen btc went belongs to them.

Someone else had their mtgox account hacked and btc sent to the very same address..

There is a trail of crime here. This is a concerted attack on bitcoin users.

Man, I feel bad for you, but give that a rest. Some funds went to a donation address, big deal. You don't know anything.

[bcearl]

At least this will do some good:

Waking people up from the delusion that Apple products have any other security value than the jails and chains for their customers.

[TraderTimm]

I want all these threads to die in a fire.

Not before they are put up as warnings for keeping personal security, though.