Wallet Hack on 4/25

[franky1]

can someone please explain this to me nicely,

cold storage.

hot wallet.

please give me the definition and an example

the only wallet i have is the encrypted on on my client.
thanks just trying to figure this out and learn

best cold storage:
make a brain wallet. never import it into a bitcoin client. and simply deposit funds into the public address.. store it safely on paper in a fireproof safe.. thats about as cold as you can get

hot wallet
private key is imported into a wallet and is connected to the internet. whereby a rogue webhost or a hacker can get to the API calls to empty the wallet of funds.

[1713961761]

1713961761

[1713961761]

1713961761

[jerethdaminer]

im guessing by wallet your refering to an address genrated but never stored anywhere digital then typed in when needed?

and whats the private public key parts , sorry i know im dense

[Shinobi]

I read a thread like this and it just blows my mind that anyone thinks that Bitcoin will ever move away from a fringe casino hobby.

[silvereagle]

I read a thread like this and it just blows my mind that anyone thinks that Bitcoin will ever move away from a fringe casino hobby.

I would side with you at times on this Shinobi, but then you need to really step back and realize the lack of understanding of most things that people engage with on a daily basis.  You use VISA and pay your bill at the end of every month, but very very very few people understand the mechanics behind credit card transactions, payments via the ACH rails or anything else involved with day to day financial life in 2013.  Yet there are trillions of dollars spent each year by people typing in their passwords to online bank accounts and pull pieces of plastic out of their wallet that is representative of fiat money (which is a whole other rabbit hole altogether). 

I think there is something behind this, otherwise I wouldn't be wasting my time here. What will happen (and you can see it starting slowly) is that VC money, independent development and ingenuity with start to develop tools that will isolate the average end user from the complexity while still giving them the benefit fo the technology.  It has already begun with services like blockchain.info aggregating wallets and providing cloud based services.  It will eventually progress to hardware based tools (similar to the RSA key fob many people used to have at offices) and move on from there.  Long BTC public addresses will be replaced by alias services (how? I'm not sure, but they will) and people will slowly become accustomed to using this a method of money transport.  I could certainly be mistaken but it has attracted enough interest and has engaged enough people's aspirations that even if the current instance of BTC doesn't make it to prime-time, something similar will.

I once read that all it takes is for 10% of the population to be extremely excited about something (whether it be a fashion, technology, fad, etc) and it will become mainstream (given the average persons indifference and apathy).  While I don't think we're at the tipping point yet, the ideals behind this project is resonant enough with a population in turmoil to energize that portion of the population and turn this truly into a movement.

[johnyj]

Yes, this is an area need improvement, currently the usage of the wallet is still too complex and dangerous. Maybe bitcoin will never be used by the majority, it seems many people really cannot/don't have time to take care the security of their own money, they have to rely on some secure money storage service like a bank

[coblee]

Any leads on what could have caused this? Or who the thief is?

Will reimbursing affected users be considered?

I am collecting all the information I can, still not clear of the exact root cause. There are a number a blockchain.info wallets compromised in this transaction but i'm not sure it is exclusively blockchain wallets, some of the input addresses look like wallets from other clients (i.e. they use change addresses and transactions are not shown as being relayed by blockchain). More data points are needed.

I am not convinced this has anything to do with Android. I've seen some chatter about brute-forcing attacks against blockchain.info wallets. Is it possible some older wallets have passwords that aren't strong enough? The b.i KDF is SHA1 repeated only a handful of times, iirc, because JavaScript is slow.

I think it is possible to rule out an android problem, several users have stated they do not use an android app.

Brute forcing is a possibility but I remain sceptical about the feasibility of brute forcing 10 character passwords. A 10 character password, 10 rounds of pbkdF2 with 36 possible characters at 5 million guesses per second would take 80,000 days to search the entire key space. I'm not sure it even possible to achieve 5 million guesses per second http://arstechnica.com/security/2012/12/25-gpu-cluster-cracks-every-standard-windows-password-in-6-hours/ estimates rates significantly lower speeds (if  pbkdF2 can be considered close to bcrypt speed). That is for one wallet as well, this seems to be multiple wallets in parallel. All wallets have a unique salt so precomputed dictionary attack shouldn't be possible. Also I have setup several wallets with deliberately weak passwords that are unemptied.

All users affected so far have had JAVA enabled possibly this is the result of some malware spread through a java applet. I can't find the post now but there was a report of a malicious Java applet designed to collect wallet data.

Other possibilities are XSS or a leak of passwords from another site although there is is no direct evidence of this.

piuk, how are you generating keys for wallets? Is it possible it's not random enough and someone has just been able to find the keys by brute forcing the seed to your RNG? bitaddress.org uses mouse movements to add more randomness and it doesn't seem like you do something like that.

[Shinobi]

Thank you for the thoughtful reply. What I think, however, that you are missing in your comparison between BTC and electronic fiat  payment systems - and which is absolutely fundamental to why such fiat systems hold consumer confidence - is that there are "consumer protections" built-in to the electronic fiat infrastructure: reversibility of transfers, limited liability for fraud, etc. Whether we admit it to it or not, we use our credit cards with confidence because of the transaction protection built-in (and for which we admittedly pay a steep price in the form of high interest rates).

Admittedly, the transaction of fiat in its traditional form as cold, hard cash does not carry this benefit, and in this way, is identical to BTC in irreversibility. But BTC shares the worst of both worlds - the ease of theft introduced by the digital medium in which it exists and through which it is transferred and the fact that, for all practical purposes, it only exists in this medium.

The average person knows how to protect paper currency - hiding it in his pocket. If the average corporation continues to struggling with preserving data integrity, how can we expect an individual to safeguard his/her Bitcoins or, as importantly, feel comfortable enough in the safety of the medium to invest significant value?

This is why I feel that Bitcoin's success will have to come at the hands of a well-funding backing that can develop mature infrastructure. If we rely on a room of engineers in an office suite in Tokyo to be the de facto standard of security, along with a few open-source/not-for-profit organizations, then there really isn't much to offer the mainstream. But of course, this flies in the face of the anarcho-libertarian wet dream of a decentralized currency.

I would side with you at times on this Shinobi, but then you need to really step back and realize the lack of understanding of most things that people engage with on a daily basis.  You use VISA and pay your bill at the end of every month, but very very very few people understand the mechanics behind credit card transactions, payments via the ACH rails or anything else involved with day to day financial life in 2013.  Yet there are trillions of dollars spent each year by people typing in their passwords to online bank accounts and pull pieces of plastic out of their wallet that is representative of fiat money (which is a whole other rabbit hole altogether).

[abbyd]

I am not convinced this has anything to do with Android. I've seen some chatter about brute-forcing attacks against blockchain.info wallets. Is it possible some older wallets have passwords that aren't strong enough? The b.i KDF is SHA1 repeated only a handful of times, iirc, because JavaScript is slow.

I think it is possible to rule out an android problem, several users have stated they do not use an android app.

Brute forcing is a possibility but I remain sceptical

All users affected so far have had JAVA enabled possibly this is the result of some malware spread through a java applet. I can't find the post now but there was a report of a malicious Java applet designed to collect wallet data.

Other possibilities are XSS or a leak of passwords from another site although there is is no direct evidence of this.

piuk, how are you generating keys for wallets? Is it possible it's not random enough and someone has just been able to find the keys by brute forcing the seed to your RNG? bitaddress.org uses mouse movements to add more randomness and it doesn't seem like you do something like that.

Easiest to implement would be XSS - just about every site seems to be vulnerable these days due to browsers and webapps sucking. I would look for that first.

Java is a giant POS - useless other than as an attack vector - even Macfags got 0wned via Java last year. I have no doubt there are hundreds of zero-days lurking...

If blockchain passwords are only SHA1-hashed, depending on the seed, if somebody got ahold of the DB passwords could be cracked using rainbow tables.

[tvbcof]

Yes, this is an area need improvement, currently the usage of the wallet is still too complex and dangerous. Maybe bitcoin will never be used by the majority, it seems many people really cannot/don't have time to take care the security of their own money, they have to rely on some secure money storage service like a bank

I think that the problem is not so much ignorance as it is that computers (including various devices) and networks are not designed for keeping information private.  Indeed, the trend is strongly in exactly the opposite direction (think Carrier IQ.)
 
If a person's pics from the wedding they attended the weekend before were as valuable as BTC there would be few which remain private for very long.  It is unlikely that things are going to turn around simply because it is needed to make Bitcoin safe for users.  Probably just the opposite in fact.  OTOH, I do expect that if Bitcoin is not quashed in it's early phases, there will be large and competent service providers who will kindly take care of user's BTC for them, and will likely do it...um..."for free" as is the case with e-mail, social media, etc, etc.  Problem solved.

[silvereagle]

So, interesting development this morning.  I shut down the wallet I had with blockchain.info yesterday after it was potentially compromised and decided to just start with a fresh new wallet hosted there.  Very strong password, different identifier.  Java not installed on my machine and scanned for malware.

Received this this morning -- from blockchain.info notification:

Authorize log-in attempt
An attempt to login to your blockchain.info wallet was made from an unknown browser. Please confirm the following details are correct:
Time: 2013-04-27 07:17:42
IP Address: 77.109.138.42 (Switzerland)
User Agent: Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US; rv:1. Gecko/20051111 Firefox/1.5
If the above details are correct please use the following login link:
https://blockchain.info/wallet/[blocked out for obvious reasons]
If this login attempt was made by you this email can be safely ignored however you may wish to change your wallet alias.

and this...

An attempt to login to your blockchain.info wallet was made from an unknown browser. Please confirm the following details are correct:
Time: 2013-04-27 08:38:09
IP Address: 5.9.121.38 (Germany)
User Agent: Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US; rv:1. Gecko/20051111 Firefox/1.5
If the above details are correct please use the following login link:
https://blockchain.info/wallet/[blocked out for obvious reasons]
If this login attempt was made by you this email can be safely ignored however you may wish to change your wallet alias.

Apparently there is still some sort of malware out there attempting to hack the blockchain.info service.  Machine was clean when I set this new wallet up, only way I think they could've possibly found the address is through scanning potential aliases.  Admittedly, my alias is a plain word so possible they could've just tried brute force finding an alias that would lead them to identifier and tried to log in from there.  Otherwise, can't imagine how they would've gotten it.  Just a lead for PIUK to follow if he's interested in trying to button up security on the site.

[Newar]

I probably missed it, but had any of the involved accounts 2FA enabled?

[phatsphere]

Admittedly, my alias is a plain word so possible they could've just tried brute force finding an alias …

that could be quite true. blockchain.info should monitor access/ip patterns to spot such attempts.

more importantly, i stronly suggest to enable two factor authentication. (and if you use email, think about the email security … gmail has 2FA too)

[juhakall]

Someone tried to login to my blockchain.info wallet, too. I don't have any coins there and can't even access it myself (lost the password), but the timing is curious.

Code:

Authorize log-in attempt

An attempt to login to your blockchain.info wallet was made from an unknown browser. Please confirm the following details are correct:

Time: 2013-04-27 10:35:24
IP Address: 91.37.37.166 (Germany)
User Agent: Apache-HttpClient/4.2.3 (java 1.5)

If the above details are correct please use the following login link:

https://blockchain.info/wallet/1496c01a-95a3-78e7-9b31-eadfab3eb580

If this login attempt was made by you this email can be safely ignored however you may wish to change your wallet alias.

The alias for that identifier is my username here, so it might be a coincidence. Just thought I'd let you know, in the off chance that this is related and might help. This is the first time I received such an email, even though I made that wallet last year IIRC.

[jubalix]

Unfortunately I think more users are likely to be affected by this transaction.

Any users who own an address used in the above transaction (https://blockchain.info/tx/89f8223bc1d9140889496dea843df1854f17aee35b8ac5006ec1efee2ba5bd80) please could you answer the following questions:

• Do you have a bitcoin app on your android phone?
• Do you have a blockchain.info wallet holding the address in question?
• If you have a blockchain wallet do you use a public alias the same as your bitcointalk, bitcoin-otc or irc username?
• Do you have accounts on one of the following sites: BTC-e, bitcoin-central or mining.bitcoin.cz?
• Do you reuse the same wallet password on different websites (specifically the above sites)?
• Do you read the BTC-e chat box?
• Does your browser have Java enabled? http://isjavaenabled.com

so you seem to think they are getting passwords and usernames and alot of people use the same on diff sites...!

[jubalix]

there's going to be some unhappy people in the next 48 hrs.

I note with the email I received, it checked out as me at my computer from my IP....??

maybe my computer is infected?

the times appeared to be consistent with my own login...not malware...




but I do not run java

[mandelbert]

I got this email too:

----
Authorize log-in attempt

An attempt to login to your blockchain.info wallet was made from an unknown browser. Please confirm the following details are correct:

Time: 2013-04-26 22:03:19
IP Address: 46.167.245.50 (Czech Republic)
User Agent: Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US; rv:1.8) Gecko/20051111 Firefox/1.5

If the above details are correct please use the following login link:

https://blockchain.info/wallet/<removed>

If this login attempt was made by you this email can be safely ignored however you may wish to change your wallet alias.
----

I don't have any coins there, so good luck with that. However, I used a common word as the wallet identifier, as some other people here apparently did. I am guessing someone is blindly trying weak identifier/password combinations.

[kkay]

I too have received 5 "login requests" in the past few days 1 from sweden and 4 from the USA. Too bad someone already hacked into my wallet and took my .5 btc on 4-21. They can have the .00000004 for all I care.

.5 hacked and sent to 1DvySR2sgb1iZHBePQ9H3Vv1PoVYrDsF5A


login requests from USA IP
USA Time: 2013-04-27 20:56:57
IP Address: 69.40.145.118

login request from Sweden on the  26th
Time: 2013-04-26 20:48:33
IP Address: 194.132.32.42 (Sweden)

[silvereagle]

so you seem to think they are getting passwords and usernames and alot of people use the same on diff sites...!

that wouldn't be the case with me though Jubalix - I used a unique alias and unique password on blockchain.info - couldn't have pulled it from anywhere else.

[jubalix]

so you seem to think they are getting passwords and usernames and alot of people use the same on diff sites...!

that wouldn't be the case with me though Jubalix - I used a unique alias and unique password on blockchain.info - couldn't have pulled it from anywhere else.

okay....then the injected javascript or sever-side client re direct hack

[Meni Rosenfeld]

Update - after speaking some more with my affected customer I am no longer convinced his password was indeed strong enough.

Maybe passwords were brute-forced after all? silvereagle - just how strong was your password?

Will be happy to hear about any progress in figuring this out.