Bitcoin Forum
December 12, 2017, 05:00:44 PM *
News: Latest stable version of Bitcoin Core: 0.15.1  [Torrent].
 
   Home   Help Search Donate Login Register  
Pages: « 1 2 3 4 [5] 6 7 8 »  All
  Print  
Author Topic: Just had 39.70 bitcoins stolen from blockchain account!  (Read 5392 times)
BCB
CTG
VIP
Legendary
*
Offline Offline

Activity: 1036


BCJ


View Profile
May 24, 2013, 07:58:33 PM
 #81

OP, Sorry for you loss. We've all had some experience with bitcoin loss and or fraud this and it no fun.   Unfortunately wallet security is a real challenge for bitcoiners.   An until we can get wallet security right this is going to be a very large hurdle to greater adoption.  I'm not sure about anyone else but I  get the following email several times a week.


Code:
Authorize log-in attempt

An attempt to login to your blockchain.info wallet was made from an unknown browser. Please confirm the following details are correct:

Time: 2013-05-20 05:47:07
IP Address: 122.150.61.62 (Australia)
User Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 6_1_3 like Mac OS X) AppleWebKit/536.26 (KHTML, like Gecko) Mobile/10B329

So blockchain (as are any other high volume bitcoin businesses) is clearly target.

I think Tangible mentioned it first -  does any know that the blockchain.info OTP is really "ONE TIME."  I know when I started using gox OTP it was actually possible to reuse the OTP for up to 5 minutes after the first successful login which would renter the otp inneffectual for any virus resident on your box (GOX has since fixed the issue).

1513098044
Hero Member
*
Offline Offline

Posts: 1513098044

View Profile Personal Message (Offline)

Ignore
1513098044
Reply with quote  #2

1513098044
Report to moderator
1513098044
Hero Member
*
Offline Offline

Posts: 1513098044

View Profile Personal Message (Offline)

Ignore
1513098044
Reply with quote  #2

1513098044
Report to moderator
Advertised sites are not endorsed by the Bitcoin Forum. They may be unsafe, untrustworthy, or illegal in your jurisdiction. Advertise here.
1513098044
Hero Member
*
Offline Offline

Posts: 1513098044

View Profile Personal Message (Offline)

Ignore
1513098044
Reply with quote  #2

1513098044
Report to moderator
1513098044
Hero Member
*
Offline Offline

Posts: 1513098044

View Profile Personal Message (Offline)

Ignore
1513098044
Reply with quote  #2

1513098044
Report to moderator
NewLiberty
Legendary
*
Online Online

Activity: 1190


Gresham's Lawyer


View Profile WWW
May 24, 2013, 08:05:38 PM
 #82

The hacker caused the hacking.
Stronger defenses might prevent future attempts.

FREE MONEY1 Bitcoin for Silver and Gold NewLibertyDollar.com and now BITCOIN SPECIE (silver 1 ozt) shows value by QR
Bulk premiums as low as .0012 BTC "BETTER, MORE COLLECTIBLE, AND CHEAPER THAN SILVER EAGLES" 1Free of Government
01BTC10
VIP
Hero Member
*
Offline Offline

Activity: 742



View Profile
May 25, 2013, 12:32:09 AM
 #83

Did a test on blockchain.info OTP and they are 1 time use only.
BCB
CTG
VIP
Legendary
*
Offline Offline

Activity: 1036


BCJ


View Profile
May 25, 2013, 12:36:35 AM
 #84

Did a test on blockchain.info OTP and they are 1 time use only.

cool
sublime5447
Hero Member
*****
Offline Offline

Activity: 784



View Profile
May 25, 2013, 01:00:01 AM
 #85

Honestly I hear about people getting robbed from Blockchain all the time - Two-factor auth when using google is not real two-factor, it's an illusion because if one password is compromised by an infected computer so is the other.

The solution is to STOP USING ONLINE WALLETS TO STORE VALUE - If you need to use them for transactional stuff, then do it but keeping 5000usd on blockchain is just screaming rob me.

Plus one it is a hosted wallet not your wallet at any point the operators can cut and run...

COBINHOOD – ZERO TRADING FEE CRYPTOCURRENCY EXCHANGE 
slack
Telegram
DeathAndTaxes
Donator
Legendary
*
Offline Offline

Activity: 1218


Gerald Davis


View Profile
May 25, 2013, 01:00:53 AM
 #86

Honestly I hear about people getting robbed from Blockchain all the time - Two-factor auth when using google is not real two-factor, it's an illusion because if one password is compromised by an infected computer so is the other.

The solution is to STOP USING ONLINE WALLETS TO STORE VALUE - If you need to use them for transactional stuff, then do it but keeping 5000usd on blockchain is just screaming rob me.

Plus one it is a hosted wallet not your wallet at any point the operators can cut and run...

How do they do that exactly?
Pierre
Full Member
***
Offline Offline

Activity: 207


View Profile
May 25, 2013, 01:58:27 AM
 #87

Well, they just change their code to steal your password and BAM you're screwed.
sublime5447
Hero Member
*****
Offline Offline

Activity: 784



View Profile
May 25, 2013, 02:11:14 AM
 #88

Yep I dont know who runs the site but someone has access to the user name and passwords.

COBINHOOD – ZERO TRADING FEE CRYPTOCURRENCY EXCHANGE 
slack
Telegram
MikeyVeez
Full Member
***
Offline Offline

Activity: 196


View Profile
May 25, 2013, 02:12:30 AM
 #89

ohh noez
scintill
Sr. Member
****
Offline Offline

Activity: 448


View Profile WWW
May 25, 2013, 12:03:28 PM
 #90

Yep I dont know who runs the site but someone has access to the user name and passwords.

That's quite the accusation to a site that claims passwords are managed completely client-side (and have decent proof of that: open-source wallet code and in-browser code verifier.)  Do you have any sources for this claim, or original research that makes you believe this?

I do have to admit there is something going on -- assuming the reports aren't false, there has been a rash of unexplained blockchain.info thefts lately.  I'm inclined to trust the site operators, but maybe they have a security hole, or someone has managed to stealth-compromise several systems of people who are pretty savvy.

1SCiN5kqkAbxxwesKMsH9GvyWnWP5YK2W | donations
strellos
Newbie
*
Offline Offline

Activity: 6


View Profile
May 25, 2013, 01:09:43 PM
 #91

bad for you, good for hacker
ranlo
Legendary
*
Offline Offline

Activity: 1610



View Profile
May 25, 2013, 01:10:31 PM
 #92

Did a test on blockchain.info OTP and they are 1 time use only.

What does this mean, exactly? That once you log in, the mechanism (erm, I guess the "confirmation") changes?


 
 

 
 
 
 
 
 
 
 
 
 
 
 
 
 
 




















Earn Devcoins by Writing
daemondazz
Sr. Member
****
Offline Offline

Activity: 420



View Profile
May 25, 2013, 01:17:53 PM
 #93

Did a test on blockchain.info OTP and they are 1 time use only.

What does this mean, exactly? That once you log in, the mechanism (erm, I guess the "confirmation") changes?

That the same code cannot be entered and accepted by the site twice.

Computers, Amateur Radio, Electronics, Aviation - 1dazzrAbMqNu6cUwh2dtYckNygG7jKs8S
BCB
CTG
VIP
Legendary
*
Offline Offline

Activity: 1036


BCJ


View Profile
May 25, 2013, 01:24:14 PM
 #94

An OTP  (one time password) can be generated by Google authentication (http://en.wikipedia.org/wiki/Google_Authenticator) or could be transmitted to your mobile phone by text from the server you are trying to authenticate with.

Once you as the client enter that OTP on the server, the server should immediately invalidate that otp so that it can not be used again by you or an attacker.  With google auth a new pass code, based on time, is generate every minute and should be invalidated every minute or when use by the server.  (some servers allow a slight delay for ease of use).

However if the server you are authenticating with does NOT invalidate the OTP immediately after you enter it correctly,  an attacker with code or a keylogger on your local machine could also log in to your account with the same OTP and gain full access to your secure account.

I tested this on mount gox and an otp replay attack was possible, however they have since patched this.

01BTC10 says he tested this on blockchainwallet.info and this vulnerability does not exist there.

You can try is your self.  If you use otp on any account, long in successfully with one client then open another tab or browser and log in again with the same otp.  Then let time pass.  The longer period of time the server allows you to use the same OTP token the move vulnerable it is.

fortheyu
Newbie
*
Offline Offline

Activity: 5


View Profile
May 25, 2013, 01:28:48 PM
 #95

Only rational cause the comes to my mind would be a keylogger
BCB
CTG
VIP
Legendary
*
Offline Offline

Activity: 1036


BCJ


View Profile
May 25, 2013, 02:25:06 PM
 #96


I PM'd the op for more information yesterday but he didn't respond. It is likely that he had a easily guessable alias, no two factor authentication and an insufficiently strong main password. The way aliases work has changed recently but old accounts with no email associated and easily guessable aliases are most vulnerable.

Without two factor authentication there is no protection from keyloggers or malware. Even with two factor authentication I highly suggest that any coins which don't need to be stored online be stored on a paper wallet. There is dedicated bitcoin stealing malware about (targeting desktop clients as well).

nicktm94
Newbie
*
Offline Offline

Activity: 11



View Profile
May 25, 2013, 02:32:10 PM
 #97

That's why you shouldn't have used an online wallet

----->   The first live betting site for Bitcoins! - BitcoinLiveBets.com (http://BitcoinLiveBets.com)
-------------------------------------------------------------------------
Live betting on many games now available plus thousands of bets for all major sports!
ranlo
Legendary
*
Offline Offline

Activity: 1610



View Profile
May 25, 2013, 04:55:06 PM
 #98

That's why you shouldn't have used an online wallet

Honestly, I think offline wallets are just as dangerous for most people. If they aren't able to keep their online passwords secure, I don't see how they will be able to go through the offline security.


 
 

 
 
 
 
 
 
 
 
 
 
 
 
 
 
 




















Earn Devcoins by Writing
ProfMac
Legendary
*
Offline Offline

Activity: 868



View Profile
May 25, 2013, 06:11:20 PM
 #99

Somebody has hacked my blockchain account and took everything i had all 39.70btc ive been mining for months!

Im even sat here watching transactions being confirmed and can see the 2 accounts its all now held in, via blockchain info!

Anbody got any advice?



I am sorry for your loss, and I am terrified that I may have the same vulnerability.
I have read all the posts to try to find anything that makes sense to me.

I am looking in my own account under Account Settings --> Security --> 2 Factor Authentication
There are several choices:
  • none
    SMS
    YubiKey
    eMail
    Google Authenticator

Will you disclose which of these you had?
I'm glad that you posted this.  I would not have known about the YubiKey choice if I had not looked there today.  I will switch from eMail to YubiKey.
Do I understand correctly that an Android phone was part of your environment?

update:
I cannot seem to activate the YubiKey status.  The YubiKey provides the code into the text box, no other indication of activity happens, and the account is left in the "none" choice, very surprising behavior, I think.


and another thing...
My daughter and I were shot some years ago by her boyfriend.  She died.  A lot of people played "blame the victim" at that time.  The prosecutor had a very clear statement about this:  nothing that she did was bad enough to justify her death.
It is disgusting to blame the victim.  Karma is strong; your own turn will come.



I try to be respectful and informed.
BCB
CTG
VIP
Legendary
*
Offline Offline

Activity: 1036


BCJ


View Profile
May 25, 2013, 06:16:22 PM
 #100

ranlo

I agree

A key logger or local virus has just as much access to your local wallet as to your hosted wallet.

I think the bigger concern for hosted wallets is loss of connectivity and/or unscrupulous/incompetent/or just plain stupid business owners.

(None of which I think applies to blockchain.info who I regard at one of the best if not the best hosted wallet out there.)

But more to your point, secure, complex password, not used on any other site or service is essential.

Hopefully bitcoin will continue to develop more secure (and easy) short and long term storage options.

But you can't get everyone to do that.  Unfortunately (as we've seen here again and again) it take a few hundred or a few thousands or more of loss for user to take bitcoin security seriously.

 
I guarantee you every single person who has suffered a compromise has changed every password, made then unique and enabled 2FA where they can.  Untill then I guess it is just a cost benefit (time/benefit) analysis really.

what have you got to lose (except all your bitcoin).

Pages: « 1 2 3 4 [5] 6 7 8 »  All
  Print  
 
Jump to:  

Sponsored by , a Bitcoin-accepting VPN.
Powered by MySQL Powered by PHP Powered by SMF 1.1.19 | SMF © 2006-2009, Simple Machines Valid XHTML 1.0! Valid CSS!