Wallet Hack on 4/25

[SgtSpike]

...Sign a message with any one of the addresses from which your funds were supposedly stolen.

How does one even do that?

I'm not sure that it's possible in blockchain.info, but in the QT client, there's a button that says "sign message" or something like that.

[Anenome5]

I was asked to run Java last time I logged in to Blockchain.info. Is this supposed to happen? Think I'll transfer my Bitcoins to a paperwallet to be on the safe side...

o_O people still have Java installed? After the latest problems I ditched that sh!t and haven't looked back. How many zero-days is it responsible for now? 105% of them?

[Anenome5]

I am not convinced this has anything to do with Android. I've seen some chatter about brute-forcing attacks against blockchain.info wallets. Is it possible some older wallets have passwords that aren't strong enough? The b.i KDF is SHA1 repeated only a handful of times, iirc, because JavaScript is slow.

Is it possible someone found a way to download all wallets from blockchain.info and just started bruting 'em? Maybe someone found a list of identifiers and is just pulling them as they have time. They did have those security issues recently...

[qxzn]

OP, might make sense for a thread like this to be called "blockchain.info hack" instead of "bitcoin hack". The latter is somewhat misleading.

[Anenome5]

...Sign a message with any one of the addresses from which your funds were supposedly stolen.

How does one even do that?

I'm not sure that it's possible in blockchain.info, but in the QT client, there's a button that says "sign message" or something like that.

I see, thanks. I'd entirely overlooked that, but in retrospect it's always been a feature that one can prove identity via ownership of an address.

[piuk]

Any leads on what could have caused this? Or who the thief is?

Will reimbursing affected users be considered?

I am collecting all the information I can, still not clear of the exact root cause. There are a number a blockchain.info wallets compromised in this transaction but i'm not sure it is exclusively blockchain wallets, some of the input addresses look like wallets from other clients (i.e. they use change addresses and transactions are not shown as being relayed by blockchain). More data points are needed.

I am not convinced this has anything to do with Android. I've seen some chatter about brute-forcing attacks against blockchain.info wallets. Is it possible some older wallets have passwords that aren't strong enough? The b.i KDF is SHA1 repeated only a handful of times, iirc, because JavaScript is slow.

I think it is possible to rule out an android problem, several users have stated they do not use an android app.

Brute forcing is a possibility but I remain sceptical about the feasibility of brute forcing 10 character passwords. A 10 character password, 10 rounds of pbkdF2 with 36 possible characters at 5 million guesses per second would take 80,000 days to search the entire key space. I'm not sure it even possible to achieve 5 million guesses per second http://arstechnica.com/security/2012/12/25-gpu-cluster-cracks-every-standard-windows-password-in-6-hours/ estimates rates significantly lower speeds (if  pbkdF2 can be considered close to bcrypt speed). That is for one wallet as well, this seems to be multiple wallets in parallel. All wallets have a unique salt so precomputed dictionary attack shouldn't be possible. Also I have setup several wallets with deliberately weak passwords that are unemptied.

All users affected so far have had JAVA enabled possibly this is the result of some malware spread through a java applet. I can't find the post now but there was a report of a malicious Java applet designed to collect wallet data.

Other possibilities are XSS or a leak of passwords from another site although there is is no direct evidence of this.

[silvereagle]

For 0.78 BTC you just got a very inexpensive lesson in security.  Don't let those coins be spent for naught.

Agree.  Already had cold storage so was trying to be diligent, just hadn't moved since withdrawing from BTC-e.  Definitely have learned a lesson.  Keep hot balances low and only access bitcoin-qt from clean/sandboxed computer that I don't do my daily surfing on to avoid any type of java/javascript exploits.  Recommend the same for others.

[silvereagle]

OP, might make sense for a thread like this to be called "blockchain.info hack" instead of "bitcoin hack". The latter is somewhat misleading.

Yeah, can I change it after the fact?  Realized that after I did it and it's definitely misleading.  Nothing wrong with the protocol or bitcoin in general - more apropot would be wallet hack.

[silvereagle]

For 0.78 BTC you just got a very inexpensive lesson in security.  Don't let those coins be spent for naught.

Agree.  Already had cold storage so was trying to be diligent, just hadn't moved since withdrawing from BTC-e.  Definitely have learned a lesson.  Keep hot balances low and only access bitcoin-qt from clean/sandboxed computer that I don't do my daily surfing on to avoid any type of java/javascript exploits.  Recommend the same for others.

I also just uninstalled java from my machine.

[qxzn]

OP, might make sense for a thread like this to be called "blockchain.info hack" instead of "bitcoin hack". The latter is somewhat misleading.

Yeah, can I change it after the fact?  Realized that after I did it and it's definitely misleading.  Nothing wrong with the protocol or bitcoin in general - more apropot would be wallet hack.

I think you can just edit your original post (at the top of this thread), and change the subject.

[silvereagle]

OP, might make sense for a thread like this to be called "blockchain.info hack" instead of "bitcoin hack". The latter is somewhat misleading.

Yeah, can I change it after the fact?  Realized that after I did it and it's definitely misleading.  Nothing wrong with the protocol or bitcoin in general - more apropot would be wallet hack.

I think you can just edit your original post (at the top of this thread), and change the subject.

Tried to change original post.  Dont' want to single out blockchain.info as source in fairness to piuk as it could've easily been a java exploit - don't think we've gotten to bottom of it yet.

[tvbcof]

For 0.78 BTC you just got a very inexpensive lesson in security.  Don't let those coins be spent for naught.

Agree.  Already had cold storage so was trying to be diligent, just hadn't moved since withdrawing from BTC-e.  Definitely have learned a lesson.  Keep hot balances low and only access bitcoin-qt from clean/sandboxed computer that I don't do my daily surfing on to avoid any type of java/javascript exploits.  Recommend the same for others.

I also just uninstalled java from my machine.

I re-imaged my Windows laptop from the recovery partition to get rid of it (and the creepy taskbar it installed on my browser.)  But my Windows machine is used irregularly for limited things which are not practical on my main workstations so it was relatively easy for me to do.   Backed up what few interesting docs I had in mega.co.nz before performing this action.

Now I don't even like to allow Microsoft or HP to install updates.  Since phone vendors are so willing to pre-install rootkits, and OS vendors seem happy to make that possible, it seems likely to me that commercial laptop and workstation vendors would be happy to follow suit.  The momentum behind the trend to make the Internet significantly more invasive seems to be building at an alarming rate.

---

BTW, so far my blockchain.info wallet seems fine in spite of the phone hack and gmail theft.  This seems to lend strength to the idea that the issue of this thread is not Android related.

[qxzn]

OP, might make sense for a thread like this to be called "blockchain.info hack" instead of "bitcoin hack". The latter is somewhat misleading.

Yeah, can I change it after the fact?  Realized that after I did it and it's definitely misleading.  Nothing wrong with the protocol or bitcoin in general - more apropot would be wallet hack.

I think you can just edit your original post (at the top of this thread), and change the subject.

Tried to change original post.  Dont' want to single out blockchain.info as source in fairness to piuk as it could've easily been a java exploit - don't think we've gotten to bottom of it yet.

Looks to me like it worked. "Wallet Hack" seems like an appropriate choice.

[niko]

Does not seem like Android is involved at all. In fact, I am not aware of any Android-related Bitcoin thefts in all these years.

Unless I am missing something, the common denominator here is Java.

I did notice a Windows update last week - one lone security patch, outside of regular schedule - which only provided the usual "an issue has been identified that may allow a remote attacker blah blah". Does anyone know what kind of hole was patched?

[bitcoinminer]

"Dropped your wallet on the sidewalk" seems more appropriate than "Wallet stolen"

[Meatpile]

Does not seem like Android is involved at all. In fact, I am not aware of any Android-related Bitcoin thefts in all these years.

Unless I am missing something, the common denominator here is Java.

I did notice a Windows update last week - one lone security patch, outside of regular schedule - which only provided the usual "an issue has been identified that may allow a remote attacker blah blah". Does anyone know what kind of hole was patched?

Android runs almost exclusively in a java virtual machine

[zebedee]

I am not convinced this has anything to do with Android. I've seen some chatter about brute-forcing attacks against blockchain.info wallets. Is it possible some older wallets have passwords that aren't strong enough? The b.i KDF is SHA1 repeated only a handful of times, iirc, because JavaScript is slow.

Is it possible someone found a way to download all wallets from blockchain.info and just started bruting 'em? Maybe someone found a list of identifiers and is just pulling them as they have time. They did have those security issues recently...

I think this is the most likely explanation.  My friend also had coins stolen, and apart form Java which I don't know the answer to, she'd be a no to all the questions.

[organofcorti]

Does not seem like Android is involved at all. In fact, I am not aware of any Android-related Bitcoin thefts in all these years.

Unless I am missing something, the common denominator here is Java.

I did notice a Windows update last week - one lone security patch, outside of regular schedule - which only provided the usual "an issue has been identified that may allow a remote attacker blah blah". Does anyone know what kind of hole was patched?

Android runs almost exclusively in a java virtual machine

Android's not at risk from this sort of Java exploit. Other hacks are different matter - usually from installing something dodgy nd giving it permissions it shouldn't have.

[jerethdaminer]

can someone please explain this to me nicely,

cold storage.

hot wallet.

please give me the definition and an example

the only wallet i have is the encrypted on on my client.
thanks just trying to figure this out and learn

[franky1]

since the addition of the bitcoin:// uri in windows. do any of those that have lost funds do any "free bitcoin" faucets regularly.

i remember last year there was one that actually made my QT client start running.

also

check all the programs installed EG the miners, drivers, etc that are not from the official websites. even check if you have a trading bot that was not created, compiled by yourself.

there was a guy named litecoin trader that hade a closed source trading bot. his version one last year was very very "iffy" and he soon went quiet when questioning him. he now has a version 2 which is also closed source.

do any of you use a trading bot for btc-e / mtgox?