The thread:
http://www.reddit.com/r/Bitcoin/comments/1czrua/just_lost_160_btc_from_address_managed_with/I was wondering if someone more versed in security could comment on it. Some users seem to think that he mismanaged and the coins got sent to a "change" address still under his control, while the OP insists that this isn't the case here, and someone actually managed to bypass both his password protection and 2-factor security, possibly through an Android wallet App. Needless to say, such news scares the shit out of us.
This underscores the fact that bitcoin isn't ready for mainstream, as the simplest and most secure way to store bitcoin wealth is still more trouble and more technical that what most people are prepared to implement (i.e. offline, air-gapped private keys with encrypted and physical backups).
Right now, I wouldn't be pairing blockchain.info wallets with mobile devices. I actually do pair a blockchain.info wallet with my iPhone, but that account only watches addresses associated with offline private keys. I cannot spend from it, and neither could anyone else.