Bitcoin Forum
December 12, 2017, 05:05:10 AM *
News: Latest stable version of Bitcoin Core: 0.15.1  [Torrent].
 
   Home   Help Search Donate Login Register  
Pages: « 1 2 3 4 5 [6] 7 8 »  All
  Print  
Author Topic: Just had 39.70 bitcoins stolen from blockchain account!  (Read 5390 times)
Rampion
Legendary
*
Offline Offline

Activity: 1120


View Profile
May 25, 2013, 06:29:39 PM
 #101

Somebody has hacked my blockchain account and took everything i had all 39.70btc ive been mining for months!

Im even sat here watching transactions being confirmed and can see the 2 accounts its all now held in, via blockchain info!

Anbody got any advice?



I am sorry for your loss, and I am terrified that I may have the same vulnerability.
I have read all the posts to try to find anything that makes sense to me.

I am looking in my own account under Account Settings --> Security --> 2 Factor Authentication
There are several choices:
  • none
    SMS
    YubiKey
    eMail
    Google Authenticator

Will you disclose which of these you had?
I'm glad that you posted this.  I would not have known about the YubiKey choice if I had not looked there today.  I will switch from eMail to YubiKey.
Do I understand correctly that an Android phone was part of your environment?



Don't use Yubikey unless you have a Yubikey (it's a physical USB device). And AFAIK blockchain.info do not have their proprietary yubikeys, you have to use a Gox Yubikey, which is absurd IMO (the whole point of 2FA is to use a UNIQUE mechanism for each account).

I'd suggest using SMS because you do not need a smartphone and you can easily and immediately recover your phone number even if you lose your device. Google authenticator is good too, but you need to have a proper paper backup of the QR code and/or the private key of the security token linked to the account (this is mandatory or you may very well end up having the same problem described in the "I want to sue Google" thread in the legal subforum)

Advertised sites are not endorsed by the Bitcoin Forum. They may be unsafe, untrustworthy, or illegal in your jurisdiction. Advertise here.
ProfMac
Legendary
*
Online Online

Activity: 868



View Profile
May 25, 2013, 06:59:43 PM
 #102



I am looking in my own account under Account Settings --> Security --> 2 Factor Authentication
There are several choices:
  • none
    SMS
    YubiKey
    eMail
    Google Authenticator

Will you disclose which of these you had?
I'm glad that you posted this.  I would not have known about the YubiKey choice if I had not looked there today.  I will switch from eMail to YubiKey.
Do I understand correctly that an Android phone was part of your environment?



Don't use Yubikey unless you have a Yubikey (it's a physical USB device). And AFAIK blockchain.info do not have their proprietary yubikeys, you have to use a Gox Yubikey, which is absurd IMO (the whole point of 2FA is to use a UNIQUE mechanism for each account).

I'd suggest using SMS because you do not need a smartphone and you can easily and immediately recover your phone number even if you lose your device. Google authenticator is good too, but you need to have a proper paper backup of the QR code and/or the private key of the security token linked to the account (this is mandatory or you may very well end up having the same problem described in the "I want to sue Google" thread in the legal subforum)

I have a Mt.Gox Yubikey, and also a standard Yubikey.  Both of them will enter characters into the authentication box.  Neither of them seem to enter the "return" character, which is the behavior that the key seems to have in other environments.  I have tested this on Firefox and Chrome, both in a Linux environment.  I also tested it in MSIE in Vista.




I try to be respectful and informed.
DeathAndTaxes
Donator
Legendary
*
Offline Offline

Activity: 1218


Gerald Davis


View Profile
May 25, 2013, 07:14:17 PM
 #103

That's why you shouldn't have used an online wallet

It is important to look deeper when hacks & thefts occur to prevent "feel good security".

If (and we don't know for sure) the OP computer was compromised by malware or a 0-day java exploit then a local wallet wouldn't provide any more security.  The malware would gain a copy of the encrypted wallet.dat and when user unlocked his local wallet gained a copy of the passphrase as well. 
NewLiberty
Legendary
*
Offline Offline

Activity: 1190


Gresham's Lawyer


View Profile WWW
May 25, 2013, 11:31:32 PM
 #104

Moved most of my coins out of blockchain.info, just because.
There is no perfect security, except locking up the guilty.

FREE MONEY1 Bitcoin for Silver and Gold NewLibertyDollar.com and now BITCOIN SPECIE (silver 1 ozt) shows value by QR
Bulk premiums as low as .0012 BTC "BETTER, MORE COLLECTIBLE, AND CHEAPER THAN SILVER EAGLES" 1Free of Government
Stolen
Newbie
*
Offline Offline

Activity: 14


View Profile
May 26, 2013, 03:54:16 AM
 #105

Moved most of my coins out of blockchain.info, just because.
There is no perfect security, except locking up the guilty.

Ben from blockchain.info has contacted me and is trying to help, i will let you all know on the outcome!

All i know is i sent 0.1 btc from my 50btc account and allmost at the same time that went into my blockchain.info account i got hacked.

I run every scan going on my PC, im clean it did not happen from my end!

All the best
Stolen....

I would just like to add this was miner i downloaded i had to rewrite the src code myself to remove all this before i used it, how many ppl out there are running these miners, my miner was clean as id rewrote the source code myself!

I suggest you all run this on your miners your using https://www.virustotal.com/en/file/59ed333e51a79e5a7598289f78d161033691c547f56d75329e0b2508f5c46357/analysis/ as this one i downloaded from 50btc about a year ago, first thing i did was scan it and then realise had to rewrite a new safe source code.....

Downloaded a litecoin one today aswell! want to see what in that one?           https://www.virustotal.com/en/file/e8f8ac2648bcb3ac333a8ea7e01d61742537c9af24bb51bbbbb43594bedaf0b4/analysis/

Im going to rewrite this sorce code aswell and if anybody wants clean copies of either your welcome to them....
Moebius327
Hero Member
*****
Offline Offline

Activity: 756


ARNA | PreSale - September 21st


View Profile
May 26, 2013, 08:38:02 AM
 #106

Moved most of my coins out of blockchain.info, just because.
There is no perfect security, except locking up the guilty.

Ben from blockchain.info has contacted me and is trying to help, i will let you all know on the outcome!

All i know is i sent 0.1 btc from my 50btc account and allmost at the same time that went into my blockchain.info account i got hacked.

I run every scan going on my PC, im clean it did not happen from my end!

All the best
Stolen....

I would just like to add this was miner i downloaded i had to rewrite the src code myself to remove all this before i used it, how many ppl out there are running these miners, my miner was clean as id rewrote the source code myself!

I suggest you all run this on your miners your using https://www.virustotal.com/en/file/59ed333e51a79e5a7598289f78d161033691c547f56d75329e0b2508f5c46357/analysis/ as this one i downloaded from 50btc about a year ago, first thing i did was scan it and then realise had to rewrite a new safe source code.....

Downloaded a litecoin one today aswell! want to see what in that one?           https://www.virustotal.com/en/file/e8f8ac2648bcb3ac333a8ea7e01d61742537c9af24bb51bbbbb43594bedaf0b4/analysis/

Im going to rewrite this sorce code aswell and if anybody wants clean copies of either your welcome to them....

Just scanned guiminer from the official page.

https://www.virustotal.com/en/file/276568818bb221659c83a7046b60e60e7bc257dfcf7a846fe29df8b85720fe08/analysis/1369556309/

██ ██ ██
▄▄ ▄▄ ▄▄
▀▀ ▀▀ ▀▀
██ ██ ██
▄▄ ▄▄ ▄▄
▀▀ ▀▀ ▀▀
██ ██ ██
▄▄ ▄▄ ▄▄
▀▀ ▀▀ ▀▀
██ ██ ██
▄▄ ▄▄ ▄▄
▀▀ ▀▀ ▀▀
██ ██ ██
██ ██ ██
▄▄ ▄▄ ▄▄
▀▀ ▀▀ ▀▀
██ ██ ██
▄▄ ▄▄ ▄▄
▀▀ ▀▀ ▀▀
██ ██ ██
▄▄ ▄▄ ▄▄
▀▀ ▀▀ ▀▀
██ ██ ██
▄▄ ▄▄ ▄▄
▀▀ ▀▀ ▀▀
██ ██ ██
▄▄▀▀▀▀▀▀▀▀▀▀▄▄
▄█▀░░░░░░░░░░░░░░▀█▄
▄█▀░░░░░░░░██░██░██░░▀█▄
▄▀░░░░░░░▄▄░░░░░░░▄▄░░░░▀▄
▄█░░░░░░░░▀▀░░░░░░░▀▀░░░░░█▄
█░░░░░░██░░░░░░░░░░██░░░░░░█
█░░░░░░▄▄░▄▄░▄▄░▄▄░▄▄░░░░░░█
█░░░░░░▀▀░▀▀░▀▀░▀▀░▀▀░░░░░░█
▀█░░░░░██░░░░░░░░░░██░░░░░█▀
▀▄░░░░▄▄░░░░░░░░░░▄▄░░░░▄▀
▀█▄░░▀▀░░░░░░░░░░▀▀░░▄█▀
▀█▄░░░░░░░░░░░░░░▄█▀
▀▀▄▄▄▄▄▄▄▄▄▄▀▀
██ ██ ██
▄▄ ▄▄ ▄▄
▀▀ ▀▀ ▀▀
██ ██ ██
▄▄ ▄▄ ▄▄
▀▀ ▀▀ ▀▀
██ ██ ██
▄▄ ▄▄ ▄▄
▀▀ ▀▀ ▀▀
██ ██ ██
▄▄ ▄▄ ▄▄
▀▀ ▀▀ ▀▀
██ ██ ██
[.
.WHITEPAPER.
.ANN THREAD.
]██ ██ ██
▄▄ ▄▄ ▄▄
▀▀ ▀▀ ▀▀
██ ██ ██
▄▄ ▄▄ ▄▄
▀▀ ▀▀ ▀▀
██ ██ ██
▄▄ ▄▄ ▄▄
▀▀ ▀▀ ▀▀
██ ██ ██
▄▄ ▄▄ ▄▄
▀▀ ▀▀ ▀▀
██ ██ ██
smoothie
Legendary
*
Offline Offline

Activity: 2072


LEALANA Monero Physical Silver Coins


View Profile
May 26, 2013, 08:39:24 AM
 #107

Ironic name.

But you may be the victim of a keystroke logger. Was your password complex? And not 1234abc?

███████████████████████████████████████

            ,╓p@@███████@╗╖,           
        ,p████████████████████N,       
      d█████████████████████████b     
    d██████████████████████████████æ   
  ,████²█████████████████████████████, 
 ,█████  ╙████████████████████╨  █████y
 ██████    `████████████████`    ██████
║██████       Ñ███████████`      ███████
███████         ╩██████Ñ         ███████
███████    ▐▄     ²██╩     a▌    ███████
╢██████    ▐▓█▄          ▄█▓▌    ███████
 ██████    ▐▓▓▓▓▌,     ▄█▓▓▓▌    ██████─
           ▐▓▓▓▓▓▓█,,▄▓▓▓▓▓▓▌          
           ▐▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▌          
    ▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓─  
     ²▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓╩    
        ▀▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▀       
           ²▀▀▓▓▓▓▓▓▓▓▓▓▓▓▀▀`          
                   ²²²                 
███████████████████████████████████████

. ★☆ WWW.LEALANA.COM        My PGP fingerprint is A764D833.        SMOOTHIE'S HEALTH AND FITNESS JOURNAL          History of Monero development Visualization ★☆ .
LEALANA  PHYSICAL MONERO COINS 999 FINE SILVER.
 
ASFx
Member
**
Offline Offline

Activity: 68


View Profile
May 26, 2013, 08:40:36 AM
 #108

This is pretty scary. I'm new to bitcoin and it looks like the only safe place to store my bitcoins is encrypted on my own computer!
Pierre
Full Member
***
Offline Offline

Activity: 207


View Profile
May 26, 2013, 09:09:36 AM
 #109

This is pretty scary. I'm new to bitcoin and it looks like the only safe place to store my bitcoins is encrypted on my own computer!
Paper wallets are probably the safest.
cescan
Sr. Member
****
Offline Offline

Activity: 406


View Profile
May 26, 2013, 09:24:58 AM
 #110

where to buy a hardware wallet.

tioted
Newbie
*
Offline Offline

Activity: 5


View Profile
May 26, 2013, 09:51:00 AM
 #111

Your computer is probably infected
escrow.ms
Legendary
*
Offline Offline

Activity: 1106

GPG Key-ID: B82BA7E1 | I don't use skype.


View Profile
May 26, 2013, 10:14:04 AM
 #112


I run every scan going on my PC, im clean it did not happen from my end!



Like i have told you earlier It might be FUD, Antivirus will not detect it.

My GUI miner
https://www.virustotal.com/en/file/6e96a70f816f9dd25858b5fe9b83ead86bbdef53a58b15e1b6da2ae6ff4611f5/analysis/1369563582/

I don't know why yours showing so many infections.

Please click here to know why I have negative feedback. https://21.co/escrow/
Tip address: 1nPfxnncZqWvVP4UHT6XLfNzfaik7akQS
sydeu
Full Member
***
Offline Offline

Activity: 126


View Profile
May 26, 2013, 10:39:44 AM
 #113

ouch that sucks man

My btc adress: 1fuAvp6fpYiii8y8Vr9G7LCPcn3wdDGPj
My reputation thread: https://bitcointalk.org/index.php?topic=391656.0
Moebius327
Hero Member
*****
Offline Offline

Activity: 756


ARNA | PreSale - September 21st


View Profile
May 26, 2013, 10:41:43 AM
 #114


I run every scan going on my PC, im clean it did not happen from my end!



Like i have told you earlier It might be FUD, Antivirus will not detect it.

My GUI miner
https://www.virustotal.com/en/file/6e96a70f816f9dd25858b5fe9b83ead86bbdef53a58b15e1b6da2ae6ff4611f5/analysis/1369563582/

I don't know why yours showing so many infections.

where did you download this from?

██ ██ ██
▄▄ ▄▄ ▄▄
▀▀ ▀▀ ▀▀
██ ██ ██
▄▄ ▄▄ ▄▄
▀▀ ▀▀ ▀▀
██ ██ ██
▄▄ ▄▄ ▄▄
▀▀ ▀▀ ▀▀
██ ██ ██
▄▄ ▄▄ ▄▄
▀▀ ▀▀ ▀▀
██ ██ ██
██ ██ ██
▄▄ ▄▄ ▄▄
▀▀ ▀▀ ▀▀
██ ██ ██
▄▄ ▄▄ ▄▄
▀▀ ▀▀ ▀▀
██ ██ ██
▄▄ ▄▄ ▄▄
▀▀ ▀▀ ▀▀
██ ██ ██
▄▄ ▄▄ ▄▄
▀▀ ▀▀ ▀▀
██ ██ ██
▄▄▀▀▀▀▀▀▀▀▀▀▄▄
▄█▀░░░░░░░░░░░░░░▀█▄
▄█▀░░░░░░░░██░██░██░░▀█▄
▄▀░░░░░░░▄▄░░░░░░░▄▄░░░░▀▄
▄█░░░░░░░░▀▀░░░░░░░▀▀░░░░░█▄
█░░░░░░██░░░░░░░░░░██░░░░░░█
█░░░░░░▄▄░▄▄░▄▄░▄▄░▄▄░░░░░░█
█░░░░░░▀▀░▀▀░▀▀░▀▀░▀▀░░░░░░█
▀█░░░░░██░░░░░░░░░░██░░░░░█▀
▀▄░░░░▄▄░░░░░░░░░░▄▄░░░░▄▀
▀█▄░░▀▀░░░░░░░░░░▀▀░░▄█▀
▀█▄░░░░░░░░░░░░░░▄█▀
▀▀▄▄▄▄▄▄▄▄▄▄▀▀
██ ██ ██
▄▄ ▄▄ ▄▄
▀▀ ▀▀ ▀▀
██ ██ ██
▄▄ ▄▄ ▄▄
▀▀ ▀▀ ▀▀
██ ██ ██
▄▄ ▄▄ ▄▄
▀▀ ▀▀ ▀▀
██ ██ ██
▄▄ ▄▄ ▄▄
▀▀ ▀▀ ▀▀
██ ██ ██
[.
.WHITEPAPER.
.ANN THREAD.
]██ ██ ██
▄▄ ▄▄ ▄▄
▀▀ ▀▀ ▀▀
██ ██ ██
▄▄ ▄▄ ▄▄
▀▀ ▀▀ ▀▀
██ ██ ██
▄▄ ▄▄ ▄▄
▀▀ ▀▀ ▀▀
██ ██ ██
▄▄ ▄▄ ▄▄
▀▀ ▀▀ ▀▀
██ ██ ██
OracionSeis
Hero Member
*****
Offline Offline

Activity: 658


Best IoT Platform Based on Blockchain


View Profile
May 26, 2013, 10:49:26 AM
 #115

I felt sorry about that,mate :S


     
     ██
    ███
  █ ███
 ██ ███
 ██ ███
 ██ ███
 ██ ███
 ██ ███
 ██ ███
 █  ██
   



         ▄▄▄██████████▄▄▄
      ▄████████████████████▄
    ▄████████████████████████▄
   █████▀▀▀▀▀▀███████▀▀▀▀▀▀████
  ██████      ███████      █████
 █████████▌   ███████   █████████
▐█████████▌   ███████   █████████▌
████████                   ███████
▐███████▄▄▄   ▄▄▄▄▄▄▄   ▄▄▄██████▌
 ██████████   ███████   █████████
  ██████▀▀▀   ███████   ▀▀▀█████
   █████      ███████      ████
    ▀████████████████████████▀
      ▀████████████████████▀
         ▀▀▀██████████▀▀▀


 
 ▄▄         ▄▄             ▄▄
▐██▌       ▐██▌           ███▌
▐██▌       ▐██▌     ▄▄▄▄▄▄███▌      ▄▄▄▄▄▄▄▄▄     ▄▄▄▄▄▄▄▄▄
▐██▌       ▐██▌   ▄██████████▌   ▄███████████   ▄██████████
▐█████████████▌  ███▀     ▐██▌  ▐███▀     ███  ▐███▀
▐██▌       ▐██▌ ▐██▌      ▐██▌  ███▌      ███  ███▌
▐██▌       ▐██▌  ███▄     ▐██▌  ▐███▄     ███  ▐███▄
▐██▌       ▐██▌   ▀██████████▌   ▀██████  ███   ▀██████████
▀▀         ▀▀       ▀▀▀▀▀▀▀▀       ▀▀▀▀  ▀▀▀      ▀▀▀▀▀▀▀▀


██
███
███
███ ██
███ ██
███ ██
███ ██
███ ██
███ ██
 ██ 
  █

.......Whitepaper.......
.
██████████████████████████████████████████████████████████████████████████████████████████████
.
FacebookTwitterBitcointalk
niknik
Newbie
*
Offline Offline

Activity: 9


View Profile
May 26, 2013, 10:50:05 AM
 #116

hmm thought that's "impossible" to have bitcoins stolen. What I heard was it takes forever.
escrow.ms
Legendary
*
Offline Offline

Activity: 1106

GPG Key-ID: B82BA7E1 | I don't use skype.


View Profile
May 26, 2013, 11:01:40 AM
 #117


I run every scan going on my PC, im clean it did not happen from my end!



Like i have told you earlier It might be FUD, Antivirus will not detect it.

My GUI miner
https://www.virustotal.com/en/file/6e96a70f816f9dd25858b5fe9b83ead86bbdef53a58b15e1b6da2ae6ff4611f5/analysis/1369563582/

I don't know why yours showing so many infections.

where did you download this from?

http://guiminer.org/

Please click here to know why I have negative feedback. https://21.co/escrow/
Tip address: 1nPfxnncZqWvVP4UHT6XLfNzfaik7akQS
bobthebuilder18
Newbie
*
Offline Offline

Activity: 17


View Profile
May 26, 2013, 11:03:01 AM
 #118

Hi,

I share similar experience. Some 4 months ago my blockchain wallet first sent all available BTC to some address (it was around 0.3BTC then). I wasn't upset to much because the sum was not big. After a while I forgot about that and set my wallet address in some mining pool. When I got my first payment it was automatically withdrawn again Sad
I had GA enabled all the time and also had a strong password (16 chars, upper, numbers, special - impossible to guess)....
So it couldn't be keylogger (because of GA), and as I'm using Linux don't suspect that it was infection.... Really strange, I moved all my BTC to offline wallet and add the address as watch only in blockchain...

Regards,
Pierre
Full Member
***
Offline Offline

Activity: 207


View Profile
May 26, 2013, 11:06:20 AM
 #119

Bob, once a wallet is stolen you can NEVER use that address again, any new money you send to it will just be stolen again. A hacker only needs to get the key to the wallet once and it is compromised forever.

Really you should not re-use any addresses, always make a new one for any new bitcoin you want to receive.
escrow.ms
Legendary
*
Offline Offline

Activity: 1106

GPG Key-ID: B82BA7E1 | I don't use skype.


View Profile
May 26, 2013, 11:09:19 AM
 #120

Hi,

I share similar experience. Some 4 months ago my blockchain wallet first sent all available BTC to some address (it was around 0.3BTC then). I wasn't upset to much because the sum was not big. After a while I forgot about that and set my wallet address in some mining pool. When I got my first payment it was automatically withdrawn again Sad
I had GA enabled all the time and also had a strong password (16 chars, upper, numbers, special - impossible to guess)....
So it couldn't be keylogger (because of GA), and as I'm using Linux don't suspect that it was infection.... Really strange, I moved all my BTC to offline wallet and add the address as watch only in blockchain...

Regards,

I also had problem with blockchain that's why i didn't used it. Once i hve setup my account with 2 factor password authentication, cell phone number, new email id with no text based alias and next day i got mail saying someone logged into my account from Australia. I didn't used it after that incident.

Please click here to know why I have negative feedback. https://21.co/escrow/
Tip address: 1nPfxnncZqWvVP4UHT6XLfNzfaik7akQS
Pages: « 1 2 3 4 5 [6] 7 8 »  All
  Print  
 
Jump to:  

Sponsored by , a Bitcoin-accepting VPN.
Powered by MySQL Powered by PHP Powered by SMF 1.1.19 | SMF © 2006-2009, Simple Machines Valid XHTML 1.0! Valid CSS!