Rampion
Legendary
 Offline
Activity: 1120
Merit: 1000
|
 |
May 25, 2013, 06:29:39 PM |
|
Somebody has hacked my blockchain account and took everything i had all 39.70btc ive been mining for months!
Im even sat here watching transactions being confirmed and can see the 2 accounts its all now held in, via blockchain info!
Anbody got any advice?
I am sorry for your loss, and I am terrified that I may have the same vulnerability. I have read all the posts to try to find anything that makes sense to me. I am looking in my own account under Account Settings --> Security --> 2 Factor Authentication There are several choices: - none
SMS
YubiKey
eMail
Google Authenticator
Will you disclose which of these you had? I'm glad that you posted this. I would not have known about the YubiKey choice if I had not looked there today. I will switch from eMail to YubiKey. Do I understand correctly that an Android phone was part of your environment? Don't use Yubikey unless you have a Yubikey (it's a physical USB device). And AFAIK blockchain.info do not have their proprietary yubikeys, you have to use a Gox Yubikey, which is absurd IMO (the whole point of 2FA is to use a UNIQUE mechanism for each account). I'd suggest using SMS because you do not need a smartphone and you can easily and immediately recover your phone number even if you lose your device. Google authenticator is good too, but you need to have a proper paper backup of the QR code and/or the private key of the security token linked to the account (this is mandatory or you may very well end up having the same problem described in the "I want to sue Google" thread in the legal subforum) |
|
|
|
|
|
Advertised sites are not endorsed by the Bitcoin Forum. They may be unsafe, untrustworthy, or illegal in your jurisdiction. Advertise here.
|
ProfMac
Legendary
 Online
Activity: 1092
Merit: 1000
|
|
May 25, 2013, 06:59:43 PM |
|
I am looking in my own account under Account Settings --> Security --> 2 Factor Authentication There are several choices: - none
SMS
YubiKey
eMail
Google Authenticator
Will you disclose which of these you had? I'm glad that you posted this. I would not have known about the YubiKey choice if I had not looked there today. I will switch from eMail to YubiKey. Do I understand correctly that an Android phone was part of your environment? Don't use Yubikey unless you have a Yubikey (it's a physical USB device). And AFAIK blockchain.info do not have their proprietary yubikeys, you have to use a Gox Yubikey, which is absurd IMO (the whole point of 2FA is to use a UNIQUE mechanism for each account). I'd suggest using SMS because you do not need a smartphone and you can easily and immediately recover your phone number even if you lose your device. Google authenticator is good too, but you need to have a proper paper backup of the QR code and/or the private key of the security token linked to the account (this is mandatory or you may very well end up having the same problem described in the "I want to sue Google" thread in the legal subforum) I have a Mt.Gox Yubikey, and also a standard Yubikey. Both of them will enter characters into the authentication box. Neither of them seem to enter the "return" character, which is the behavior that the key seems to have in other environments. I have tested this on Firefox and Chrome, both in a Linux environment. I also tested it in MSIE in Vista. |
I try to be respectful and informed.
|
|
|
DeathAndTaxes
Donator
Legendary
Offline
Activity: 1218
Merit: 1005
Gerald Davis
|
|
May 25, 2013, 07:14:17 PM |
|
That's why you shouldn't have used an online wallet
It is important to look deeper when hacks & thefts occur to prevent "feel good security". If (and we don't know for sure) the OP computer was compromised by malware or a 0-day java exploit then a local wallet wouldn't provide any more security. The malware would gain a copy of the encrypted wallet.dat and when user unlocked his local wallet gained a copy of the passphrase as well. |
|
|
|
|
NewLiberty
Legendary
Offline
Activity: 1204
Merit: 1001
Gresham's Lawyer
|
|
May 25, 2013, 11:31:32 PM |
|
Moved most of my coins out of blockchain.info, just because.
There is no perfect security, except locking up the guilty.
|
|
|
|
Stolen
Newbie
Offline
Activity: 14
Merit: 0
|
|
May 26, 2013, 03:54:16 AM |
|
Moved most of my coins out of blockchain.info, just because.
There is no perfect security, except locking up the guilty.
Ben from blockchain.info has contacted me and is trying to help, i will let you all know on the outcome! All i know is i sent 0.1 btc from my 50btc account and allmost at the same time that went into my blockchain.info account i got hacked. I run every scan going on my PC, im clean it did not happen from my end! All the best Stolen.... I would just like to add this was miner i downloaded i had to rewrite the src code myself to remove all this before i used it, how many ppl out there are running these miners, my miner was clean as id rewrote the source code myself! I suggest you all run this on your miners your using https://www.virustotal.com/en/file/59ed333e51a79e5a7598289f78d161033691c547f56d75329e0b2508f5c46357/analysis/ as this one i downloaded from 50btc about a year ago, first thing i did was scan it and then realise had to rewrite a new safe source code..... Downloaded a litecoin one today aswell! want to see what in that one? https://www.virustotal.com/en/file/e8f8ac2648bcb3ac333a8ea7e01d61742537c9af24bb51bbbbb43594bedaf0b4/analysis/Im going to rewrite this sorce code aswell and if anybody wants clean copies of either your welcome to them.... |
|
|
|
|
|
Moebius327
|
|
May 26, 2013, 08:38:02 AM |
|
Moved most of my coins out of blockchain.info, just because.
There is no perfect security, except locking up the guilty.
Ben from blockchain.info has contacted me and is trying to help, i will let you all know on the outcome! All i know is i sent 0.1 btc from my 50btc account and allmost at the same time that went into my blockchain.info account i got hacked. I run every scan going on my PC, im clean it did not happen from my end! All the best Stolen.... I would just like to add this was miner i downloaded i had to rewrite the src code myself to remove all this before i used it, how many ppl out there are running these miners, my miner was clean as id rewrote the source code myself! I suggest you all run this on your miners your using https://www.virustotal.com/en/file/59ed333e51a79e5a7598289f78d161033691c547f56d75329e0b2508f5c46357/analysis/ as this one i downloaded from 50btc about a year ago, first thing i did was scan it and then realise had to rewrite a new safe source code..... Downloaded a litecoin one today aswell! want to see what in that one? https://www.virustotal.com/en/file/e8f8ac2648bcb3ac333a8ea7e01d61742537c9af24bb51bbbbb43594bedaf0b4/analysis/ Im going to rewrite this sorce code aswell and if anybody wants clean copies of either your welcome to them.... Just scanned guiminer from the official page. https://www.virustotal.com/en/file/276568818bb221659c83a7046b60e60e7bc257dfcf7a846fe29df8b85720fe08/analysis/1369556309/ |
██ ██ ██
▄▄ ▄▄ ▄▄
▀▀ ▀▀ ▀▀
██ ██ ██
▄▄ ▄▄ ▄▄
▀▀ ▀▀ ▀▀
██ ██ ██
▄▄ ▄▄ ▄▄
▀▀ ▀▀ ▀▀
██ ██ ██
▄▄ ▄▄ ▄▄
▀▀ ▀▀ ▀▀
██ ██ ██ | | | | ██ ██ ██
▄▄ ▄▄ ▄▄
▀▀ ▀▀ ▀▀
██ ██ ██
▄▄ ▄▄ ▄▄
▀▀ ▀▀ ▀▀
██ ██ ██
▄▄ ▄▄ ▄▄
▀▀ ▀▀ ▀▀
██ ██ ██
▄▄ ▄▄ ▄▄
▀▀ ▀▀ ▀▀
██ ██ ██ | | | | | | | | ██ ██ ██
▄▄ ▄▄ ▄▄
▀▀ ▀▀ ▀▀
██ ██ ██
▄▄ ▄▄ ▄▄
▀▀ ▀▀ ▀▀
██ ██ ██
▄▄ ▄▄ ▄▄
▀▀ ▀▀ ▀▀
██ ██ ██
▄▄ ▄▄ ▄▄
▀▀ ▀▀ ▀▀
██ ██ ██ | | [ | .
.WHITEPAPER.
.ANN THREAD. | ] | | | | ██ ██ ██
▄▄ ▄▄ ▄▄
▀▀ ▀▀ ▀▀
██ ██ ██
▄▄ ▄▄ ▄▄
▀▀ ▀▀ ▀▀
██ ██ ██
▄▄ ▄▄ ▄▄
▀▀ ▀▀ ▀▀
██ ██ ██
▄▄ ▄▄ ▄▄
▀▀ ▀▀ ▀▀
██ ██ ██ |
|
|
|
smoothie
Legendary
Offline
Activity: 2100
Merit: 1003
LEALANA Monero Physical Silver Coins
|
|
May 26, 2013, 08:39:24 AM |
|
Ironic name.
But you may be the victim of a keystroke logger. Was your password complex? And not 1234abc?
|
███████████████████████████████████████
,╓p@@███████@╗╖,
,p████████████████████N,
d█████████████████████████b
d██████████████████████████████æ
,████²█████████████████████████████,
,█████ ╙████████████████████╨ █████y
██████ `████████████████` ██████
║██████ Ñ███████████` ███████
███████ ╩██████Ñ ███████
███████ ▐▄ ²██╩ a▌ ███████
╢██████ ▐▓█▄ ▄█▓▌ ███████
██████ ▐▓▓▓▓▌, ▄█▓▓▓▌ ██████─
▐▓▓▓▓▓▓█,,▄▓▓▓▓▓▓▌
▐▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▌
▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓─
²▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓╩
▀▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▀
²▀▀▓▓▓▓▓▓▓▓▓▓▓▓▀▀`
²²²
███████████████████████████████████████
| . ★☆ WWW.LEALANA.COM My PGP fingerprint is A764D833. SMOOTHIE'S HEALTH AND FITNESS JOURNAL History of Monero development Visualization ★☆ .
LEALANA PHYSICAL MONERO COINS 999 FINE SILVER.
|
|
|
|
ASFx
Member
Offline
Activity: 68
Merit: 10
|
|
May 26, 2013, 08:40:36 AM |
|
This is pretty scary. I'm new to bitcoin and it looks like the only safe place to store my bitcoins is encrypted on my own computer!
|
|
|
|
|
|
Pierre
|
|
May 26, 2013, 09:09:36 AM |
|
This is pretty scary. I'm new to bitcoin and it looks like the only safe place to store my bitcoins is encrypted on my own computer!
Paper wallets are probably the safest. |
|
|
|
|
|
cescan
|
|
May 26, 2013, 09:24:58 AM |
|
where to buy a hardware wallet.
|
|
|
|
tioted
Newbie
Offline
Activity: 5
Merit: 0
|
|
May 26, 2013, 09:51:00 AM |
|
Your computer is probably infected
|
|
|
|
|
|
|
|
sydeu
|
|
May 26, 2013, 10:39:44 AM |
|
ouch that sucks man
|
|
|
|
|
Moebius327
|
|
May 26, 2013, 10:41:43 AM |
|
where did you download this from? |
██ ██ ██
▄▄ ▄▄ ▄▄
▀▀ ▀▀ ▀▀
██ ██ ██
▄▄ ▄▄ ▄▄
▀▀ ▀▀ ▀▀
██ ██ ██
▄▄ ▄▄ ▄▄
▀▀ ▀▀ ▀▀
██ ██ ██
▄▄ ▄▄ ▄▄
▀▀ ▀▀ ▀▀
██ ██ ██ | | | | ██ ██ ██
▄▄ ▄▄ ▄▄
▀▀ ▀▀ ▀▀
██ ██ ██
▄▄ ▄▄ ▄▄
▀▀ ▀▀ ▀▀
██ ██ ██
▄▄ ▄▄ ▄▄
▀▀ ▀▀ ▀▀
██ ██ ██
▄▄ ▄▄ ▄▄
▀▀ ▀▀ ▀▀
██ ██ ██ | | | | | | | | ██ ██ ██
▄▄ ▄▄ ▄▄
▀▀ ▀▀ ▀▀
██ ██ ██
▄▄ ▄▄ ▄▄
▀▀ ▀▀ ▀▀
██ ██ ██
▄▄ ▄▄ ▄▄
▀▀ ▀▀ ▀▀
██ ██ ██
▄▄ ▄▄ ▄▄
▀▀ ▀▀ ▀▀
██ ██ ██ | | [ | .
.WHITEPAPER.
.ANN THREAD. | ] | | | | ██ ██ ██
▄▄ ▄▄ ▄▄
▀▀ ▀▀ ▀▀
██ ██ ██
▄▄ ▄▄ ▄▄
▀▀ ▀▀ ▀▀
██ ██ ██
▄▄ ▄▄ ▄▄
▀▀ ▀▀ ▀▀
██ ██ ██
▄▄ ▄▄ ▄▄
▀▀ ▀▀ ▀▀
██ ██ ██ |
|
|
|
|
OracionSeis
|
|
May 26, 2013, 10:49:26 AM |
|
I felt sorry about that,mate :S
|
|
|
|
|
niknik
Newbie
Offline
Activity: 9
Merit: 0
|
|
May 26, 2013, 10:50:05 AM |
|
hmm thought that's "impossible" to have bitcoins stolen. What I heard was it takes forever.
|
|
|
|
|
escrow.ms
Legendary
Offline
Activity: 1190
Merit: 1002
GPG Key-ID: B82BA7E1 | I don't use skype.
|
|
May 26, 2013, 11:01:40 AM |
|
where did you download this from? |
|
|
|
|
bobthebuilder18
Newbie
Offline
Activity: 17
Merit: 0
|
|
May 26, 2013, 11:03:01 AM |
|
Hi, I share similar experience. Some 4 months ago my blockchain wallet first sent all available BTC to some address (it was around 0.3BTC then). I wasn't upset to much because the sum was not big. After a while I forgot about that and set my wallet address in some mining pool. When I got my first payment it was automatically withdrawn again  I had GA enabled all the time and also had a strong password (16 chars, upper, numbers, special - impossible to guess).... So it couldn't be keylogger (because of GA), and as I'm using Linux don't suspect that it was infection.... Really strange, I moved all my BTC to offline wallet and add the address as watch only in blockchain... Regards, |
|
|
|
|
|
Pierre
|
|
May 26, 2013, 11:06:20 AM |
|
Bob, once a wallet is stolen you can NEVER use that address again, any new money you send to it will just be stolen again. A hacker only needs to get the key to the wallet once and it is compromised forever.
Really you should not re-use any addresses, always make a new one for any new bitcoin you want to receive.
|
|
|
|
|
escrow.ms
Legendary
Offline
Activity: 1190
Merit: 1002
GPG Key-ID: B82BA7E1 | I don't use skype.
|
|
May 26, 2013, 11:09:19 AM |
|
Hi, I share similar experience. Some 4 months ago my blockchain wallet first sent all available BTC to some address (it was around 0.3BTC then). I wasn't upset to much because the sum was not big. After a while I forgot about that and set my wallet address in some mining pool. When I got my first payment it was automatically withdrawn again I had GA enabled all the time and also had a strong password (16 chars, upper, numbers, special - impossible to guess).... So it couldn't be keylogger (because of GA), and as I'm using Linux don't suspect that it was infection.... Really strange, I moved all my BTC to offline wallet and add the address as watch only in blockchain... Regards, I also had problem with blockchain that's why i didn't used it. Once i hve setup my account with 2 factor password authentication, cell phone number, new email id with no text based alias and next day i got mail saying someone logged into my account from Australia. I didn't used it after that incident. |
|
|
|
|
|
