Bitcoin Forum
March 29, 2024, 02:52:50 PM *
News: Latest Bitcoin Core release: 26.0 [Torrent]
 
   Home   Help Search Login Register More  
Pages: « 1 2 3 4 5 6 [7] 8 »  All
  Print  
Author Topic: Just had 39.70 bitcoins stolen from blockchain account!  (Read 5667 times)
wachtwoord
Legendary
*
Offline Offline

Activity: 2324
Merit: 1125


View Profile
May 26, 2013, 12:54:44 PM
 #121

Bob, once a wallet is stolen you can NEVER use that address again, any new money you send to it will just be stolen again. A hacker only needs to get the key to the wallet once and it is compromised forever.

Really you should not re-use any addresses, always make a new one for any new bitcoin you want to receive.

But I thought that it's allright if I input a watch only address (no private key), so I can only see transactions, but cannot send BTC.
Well now I'll probably open a brand new wallet just to be 100% sure...

Thanks,

This is correct. With a watch only wallet no-one can do anything with your Bitcoins because a watch only wallet only contains public keys and lacks the private keys required to make transactions using the addresses in the wallet.

The only thing you lose when someone gains access to your watch only is a lack of privacy: people can determine how many Bitcoins you hold in the wallet and what transactions you made.
1711723970
Hero Member
*
Offline Offline

Posts: 1711723970

View Profile Personal Message (Offline)

Ignore
1711723970
Reply with quote  #2

1711723970
Report to moderator
1711723970
Hero Member
*
Offline Offline

Posts: 1711723970

View Profile Personal Message (Offline)

Ignore
1711723970
Reply with quote  #2

1711723970
Report to moderator
1711723970
Hero Member
*
Offline Offline

Posts: 1711723970

View Profile Personal Message (Offline)

Ignore
1711723970
Reply with quote  #2

1711723970
Report to moderator
The network tries to produce one block per 10 minutes. It does this by automatically adjusting how difficult it is to produce blocks.
Advertised sites are not endorsed by the Bitcoin Forum. They may be unsafe, untrustworthy, or illegal in your jurisdiction.
1711723970
Hero Member
*
Offline Offline

Posts: 1711723970

View Profile Personal Message (Offline)

Ignore
1711723970
Reply with quote  #2

1711723970
Report to moderator
1711723970
Hero Member
*
Offline Offline

Posts: 1711723970

View Profile Personal Message (Offline)

Ignore
1711723970
Reply with quote  #2

1711723970
Report to moderator
1711723970
Hero Member
*
Offline Offline

Posts: 1711723970

View Profile Personal Message (Offline)

Ignore
1711723970
Reply with quote  #2

1711723970
Report to moderator
davidbitcoins
Newbie
*
Offline Offline

Activity: 5
Merit: 0


View Profile
May 26, 2013, 12:57:19 PM
 #122

Whaaat that sucks man!
Hawkix
Hero Member
*****
Offline Offline

Activity: 531
Merit: 505



View Profile WWW
May 26, 2013, 03:29:08 PM
 #123

Watch out for the security of the e-mail address you use in blockchain.info's wallet.

Regardless of 2FA, if you sent your backup to compromised e-mail and your password is weak enough so the attacker (has months to do it) can crack it, all your private keys are exposed. He does not need to logon to blockchain.info to empty your wallet there! The dark net is full of broken e-mails and someone may be monitoring them automatically.

Donations: 1Hawkix7GHym6SM98ii5vSHHShA3FUgpV6
http://btcportal.net/ - All about Bitcoin - coming soon!
Moebius327
Hero Member
*****
Offline Offline

Activity: 770
Merit: 500



View Profile
May 26, 2013, 06:19:13 PM
 #124

Watch out for the security of the e-mail address you use in blockchain.info's wallet.

Regardless of 2FA, if you sent your backup to compromised e-mail and your password is weak enough so the attacker (has months to do it) can crack it, all your private keys are exposed. He does not need to logon to blockchain.info to empty your wallet there! The dark net is full of broken e-mails and someone may be monitoring them automatically.


+1
bobthebuilder18
Newbie
*
Offline Offline

Activity: 17
Merit: 0


View Profile
May 26, 2013, 06:36:29 PM
 #125

So because of all of that I'm now using Armory with strong passphrase and only keep a paper backup in my home. Basically there is now only a risk of a fire, but that's about it (at least I hope) Smiley

BR
BCB
CTG
VIP
Legendary
*
Offline Offline

Activity: 1078
Merit: 1002


BCJ


View Profile
May 26, 2013, 08:54:42 PM
 #126

If your btc value is high store an encrypted back up of your wallet.dat file or a paper wallet in another location.  (bank - work)
scintill
Sr. Member
****
Offline Offline

Activity: 448
Merit: 252


View Profile WWW
May 27, 2013, 12:19:41 AM
 #127

hmm thought that's "impossible" to have bitcoins stolen. What I heard was it takes forever.

It's virtually impossible (takes longer than a human lifespan) to crack a key if you only know an address.  But stealing bitcoins is as easy as stealing private keys off someone's hard drive and cracking any password they have -- with proper security procedures though, that should be just as hard.

1SCiN5kqkAbxxwesKMsH9GvyWnWP5YK2W | donations
Bitcointrrader200
Newbie
*
Offline Offline

Activity: 11
Merit: 0


View Profile
May 27, 2013, 04:06:02 AM
 #128

That really sucks, a tough price to pay for the truth that the internet is probably less safe then the streets...
Pierre
Full Member
***
Offline Offline

Activity: 207
Merit: 100


View Profile
May 27, 2013, 04:49:55 AM
 #129

Paying the iron price
wachtwoord
Legendary
*
Offline Offline

Activity: 2324
Merit: 1125


View Profile
May 27, 2013, 10:28:26 AM
 #130

So because of all of that I'm now using Armory with strong passphrase and only keep a paper backup in my home. Basically there is now only a risk of a fire, but that's about it (at least I hope) Smiley

BR

You can keep a paper backup in a bank safe or on you at all times (out of plain sight, out of things that frequently get stolen) to prevent that. I'm still thinking of something better, but the paper wallet codes are a little long to reliably memorize Smiley
btcshops
Newbie
*
Offline Offline

Activity: 6
Merit: 0



View Profile
May 27, 2013, 11:04:33 AM
 #131

You should have been more careful bro...
ranlo
Legendary
*
Offline Offline

Activity: 1974
Merit: 1007



View Profile
May 27, 2013, 04:03:21 PM
 #132

Bob, once a wallet is stolen you can NEVER use that address again, any new money you send to it will just be stolen again. A hacker only needs to get the key to the wallet once and it is compromised forever.

Really you should not re-use any addresses, always make a new one for any new bitcoin you want to receive.

But I thought that it's allright if I input a watch only address (no private key), so I can only see transactions, but cannot send BTC.
Well now I'll probably open a brand new wallet just to be 100% sure...

Thanks,

This is correct. With a watch only wallet no-one can do anything with your Bitcoins because a watch only wallet only contains public keys and lacks the private keys required to make transactions using the addresses in the wallet.

The only thing you lose when someone gains access to your watch only is a lack of privacy: people can determine how many Bitcoins you hold in the wallet and what transactions you made.

Is using a watch-only wallet just like using the blockchain to keep up with transactions, only cleaner (and inclusive of all your addresses at once)? Or is there some other benefit as well?

https://nanogames.io/i-bctalk-n/
Message for info on how to get kickbacks on sites like Nano (above) and CryptoPlay!
cp1
Hero Member
*****
Offline Offline

Activity: 616
Merit: 500


Stop using branwallets


View Profile
May 27, 2013, 04:08:54 PM
 #133

Google authenticator should work just as well as a yubikey. Just remember to keep a backup of your key, or some one time passwords.

Guide to armory offline install on USB key:  https://bitcointalk.org/index.php?topic=241730.0
Fredidans
Newbie
*
Offline Offline

Activity: 12
Merit: 0


View Profile
May 27, 2013, 04:40:33 PM
 #134

Personnaly i lost 5,5 BTC last year.

Now my wallet is on a crypted usb key
slashnp
Newbie
*
Offline Offline

Activity: 29
Merit: 0



View Profile
May 27, 2013, 05:02:01 PM
 #135

You should keep your wallet on your flashdrive ! Undecided
JayKEy00
Newbie
*
Offline Offline

Activity: 27
Merit: 0



View Profile
May 27, 2013, 05:50:15 PM
Last edit: May 28, 2013, 07:54:01 PM by tysat
 #136

MOD EDIT:
See https://bitcointalk.org/index.php?topic=218040.0 as this site is probably a scam


The best method to save your bitcoins is a paper wallet, here can nobody steal you digital, only physicall and i think this happens less. I used the Bitcoin address generator at www.bitcoin-address.org. I think its the best because its the official bitcoin generator. How can I get my bitcoins now back digital, if i have them on paper? How can I import them?
ndr76
Newbie
*
Offline Offline

Activity: 28
Merit: 0


View Profile
May 27, 2013, 06:06:46 PM
 #137

Consider using cold storage. Just write the private key on a piece of paper and remove it from you computer.
wachtwoord
Legendary
*
Offline Offline

Activity: 2324
Merit: 1125


View Profile
May 27, 2013, 06:14:36 PM
 #138

Bob, once a wallet is stolen you can NEVER use that address again, any new money you send to it will just be stolen again. A hacker only needs to get the key to the wallet once and it is compromised forever.

Really you should not re-use any addresses, always make a new one for any new bitcoin you want to receive.

But I thought that it's allright if I input a watch only address (no private key), so I can only see transactions, but cannot send BTC.
Well now I'll probably open a brand new wallet just to be 100% sure...

Thanks,

This is correct. With a watch only wallet no-one can do anything with your Bitcoins because a watch only wallet only contains public keys and lacks the private keys required to make transactions using the addresses in the wallet.

The only thing you lose when someone gains access to your watch only is a lack of privacy: people can determine how many Bitcoins you hold in the wallet and what transactions you made.

Is using a watch-only wallet just like using the blockchain to keep up with transactions, only cleaner (and inclusive of all your addresses at once)? Or is there some other benefit as well?

No there are no additional benefits Smiley

(And you meant www.blockchain.info, that is not the same as the BlockChain Wink)
ProfMac
Legendary
*
Offline Offline

Activity: 1246
Merit: 1001



View Profile
May 29, 2013, 05:26:07 PM
Last edit: May 29, 2013, 09:21:13 PM by ProfMac
 #139


Don't use Yubikey unless you have a Yubikey (it's a physical USB device). And AFAIK blockchain.info do not have their proprietary yubikeys, you have to use a Gox Yubikey, which is absurd IMO (the whole point of 2FA is to use a UNIQUE mechanism for each account).

I'd suggest using SMS because you do not need a smartphone and you can easily and immediately recover your phone number even if you lose your device. Google authenticator is good too, but you need to have a proper paper backup of the QR code and/or the private key of the security token linked to the account (this is mandatory or you may very well end up having the same problem described in the "I want to sue Google" thread in the legal subforum)

I have a Mt.Gox Yubikey, and also a standard Yubikey.  Both of them will enter characters into the authentication box.  Neither of them seem to enter the "return" character, which is the behavior that the key seems to have in other environments.  I have tested this on Firefox and Chrome, both in a Linux environment.  I also tested it in MSIE in Vista.


My standard Yubikey behaves the same way - the code enters the box but is not saved. I'd really like to use Yubikey as it seems the e-mail 2FA at blockchain lags quite often (I'm using gmail with my own domain). Is the blockchain Yubikey 2FA method working at all? AFAIK only the Mt.Gox ones are not supported for the "new" accounts.


Seems the Yubikey support at blockchain.info was fixed and Yubikey 2FA works now (at least my standard one does).


My standard Yubikey was accepted.
My Mt. Gox Yubikey was rejected.

edited:
I also restricted the account to my IP address.


I try to be respectful and informed.
newmars
Full Member
***
Offline Offline

Activity: 154
Merit: 100


View Profile
May 29, 2013, 05:34:44 PM
 #140

sorry to hear the lost. It may be safer to store in local wallet?
Pages: « 1 2 3 4 5 6 [7] 8 »  All
  Print  
 
Jump to:  

Powered by MySQL Powered by PHP Powered by SMF 1.1.19 | SMF © 2006-2009, Simple Machines Valid XHTML 1.0! Valid CSS!