ALL of my bitcoins stolen (Around 60) . What the F*CK.

[KnuttyD]

This just happened. Lost the rest of my BTC.
I have my wallet encrypted on my HDD; had 25 BTC stolen from me.
Im out. I HAD 100 in MTGOX, then it got hacked and I dont have access to them. My account requests were denied.

Well, heres a screenshot. I know its not proof, I could have shopped it, but here you go.


F*UCK this makes me angry. I know, the wallet should have been encrypted and whatnot, but the application should have implemented that a long time ago.

If you feel like helping me out with anything, I suppose you could send a few to this (new) address :/

1p8whNBtrXxT1aYSqM6MsP4e7y55gX3zm

Thanks for reading. Goodbye, money. 

[1714134065]

1714134065

[1714134065]

1714134065

[1714134065]

1714134065

[1714134065]

1714134065

[peach]

Sounds very fishy.

If you had it encrypted, any ideas on how it was stolen?

If you're being honest, I'm terribly sorry for your loss. That stinks.

[mouse]

You didn't fall for this email, did you:

Dear Mt.Gox user,

As i'm sure most of you are well aware, there has been a serious compromise of Mt. Gox's database.

We implore all of our users to take safety precautions to ensure their assets are not at risk, as your password may have been compromised

Please Follow the instructions here (Instructions are given by text and an image) : http://www.fileden.com/files/2011/6/17/3153783/Mt.Gox-Safety-Tutorials.rar

It is very important that you follow these instructions to prevent any further compromises on other sites that you browse.

Thanks,

The Mt.Gox team

BTW, how can you be confident about viruses, etc, if you have an unencrypted wallet and you lost all your BTC from it. I mean, really, think about it.

[Garrett Burgwardt]

If you did lose those coins, you got a virus somewhere (which likely caused your mt. gox account theft).

But I highly doubt that you actually lost those. It's too easy to post a picture on the forums and claim to have lost all your coins and ask for donations.

[DamienBlack]

If I were going to fake that, I wouldn't photoshop it, that would be dumb. I'd just send the coins to an address I own and say they were stolen. We can never know who owns that address. It could be you.

More details would nice. Did you have an unencrypted version for normal access. Have you downloaded anything from bitcoin related sites that promised you something. Does anyone else have access to your computer?

[Jaime Frontero]

Forget it, Jake. it's Chinatown Windows.

sorry for your loss.

[casascius]

I made a paper wallet to mitigate this very concern.  See my sig line.  All my bitcoins are on paper.  I am sorry for your loss.

[DamienBlack]

Seems like the address that your money was sent to has been pretty active the last 6 days.

http://blockexplorer.com/address/15Afx45asCysyNd9HE7xeZTkzLgDq2JCEx

[DamienBlack]

If everything you say is true, the only way this can happen is a virus. Go back through everything bitcoin related that you have downloaded in the last 6 days. Check your history and note every bitcoin related website. This has to be a targeted attack, so focus on bitcoin related items.

[DamienBlack]

It seems that besides a test spend about a week age, this account has only been active today. Something had to have accessed your wallet today. I doubt you picked it up earlier and it has just been waiting. Are you sure you can't think of anything you ran or visited that may be responsible?

[qualia8]

Sucks, man.  

Bitcoin security is not yet simple.  I have the bulk of my BTC on multiple offline backups, not encrypted but physically secured, with no copies on the HD.  Then I have a small account <15 BTC up and running on my machine, fully exposed, have a few in e-wallets, very small accounts on Gox, Tradehill, B7.  Crazy passwords.  

Hopefully I am somewhat safe, but (a) that's a lot of work, more than the typical user should have to do; (b) I could still be hacked in my smaller accounts.

Regroup, write off your losses and let it go.  Go outside, go for a run.

[mouse]

if you cant update to SP1, you might have cornficker.

MS has a patch for that you can search.

Goodluck.

[DamienBlack]

if you cant update to SP1, you might have cornficker.

MS has a patch for that you can search.

Goodluck.

Do you really think cornflicker has been updated to steal wallets?

It is odd that your computer was off when it happened. I don't know what to tell you, it seems very mysterious. Are you behind a router and firewall?

[allinvain]

Damn, this sucks, another one.

I too had Win 7 without SP1 on there.

I'm wondering, were you also running RDP or VNC services? VNC for example could've been cracked if you had an easy to guess password.

Try running a bunch of online virus scaners like bitdefender, f-secure online scan, eset online scan, panda activescan...

Run spybot, malwarebytes..and last but not least combofix in case you may have a rootkit. Either way dude I strongly recommend you format, reinstall get yourself a legit copy of Win 7 if you don't already have it and update to SP1. Also if you are inclined to learn a bit about linux setup a dedicated linux box to store your bitcoins on. At the very least run a Linux install in Vmware or something.

[mouse]

conficker gives the attacker remote control of your pc, ala botherder.

you think nobody would bother to do this? symmantec already blogged aobut this possibility, albiet they postulated that the control would be to use the pcs as miners. But surely, stealing the unencrypted wallet is far more profitable than remote mining.... and a F load easier.

[DamienBlack]

Damn, this sucks, another one.

I too had Win 7 without SP1 on there.

I'm wondering, were you also running RDP or VNC services? VNC for example could've been cracked if you had an easy to guess password.

Try running a bunch of online virus scaners like bitdefender, f-secure online scan, eset online scan, panda activescan...

Run spybot, malwarebytes..and last but not least combofix in case you may have a rootkit. Either way dude I strongly recommend you format, reinstall get yourself a legit copy of Win 7 if you don't already have it and update to SP1. Also if you are inclined to learn a bit about linux setup a dedicated linux box to store your bitcoins on. At the very least run a Linux install in Vmware or something.

If it is a targeted bitcoins virus, it would just loads up your wallet and sends the info via a web call. Your firewall wouldn't even stop a gets. It is really unlikely that any virus programs are going to catch something that simple, antivirus software hasn't yet learned that anything accessing wallet.dat is probablt bad. Of course, since no one should be stupid enough to run such a program, it is possible that it got injected through some known exploit. In that case, antivirus should find it.

http://k.min.us/ikZZRk.zip (Namecoin binary build) <-- this is the only thing not open source/from trused place. But its namecoin and the link is in this forum.

Things on the forum are the most suspicious, since the forum is the best way to get malicious software out. If I had to guess, I would start there. I would hate to see someone use namecoin this way, but you never know.

EDIT: I can't find that link anywhere on the forum. Where did you find it?

[allinvain]

Damn, this sucks, another one.

I too had Win 7 without SP1 on there.

I'm wondering, were you also running RDP or VNC services? VNC for example could've been cracked if you had an easy to guess password.

Try running a bunch of online virus scaners like bitdefender, f-secure online scan, eset online scan, panda activescan...

Run spybot, malwarebytes..and last but not least combofix in case you may have a rootkit. Either way dude I strongly recommend you format, reinstall get yourself a legit copy of Win 7 if you don't already have it and update to SP1. Also if you are inclined to learn a bit about linux setup a dedicated linux box to store your bitcoins on. At the very least run a Linux install in Vmware or something.

No VNC on this computer, however there are other computers on my network with VNC servers running.
Ill just reformat. Copy my steam games to a flash drive and make good use of my 4G phone....
I have a legit copy, funny thing is I got it in the big "Windows 7 Launch Party" thing. Sent out a shitton of win7 stuff, bags, shirts, and a copy of Win7 Ultamite basicaly a raffle. So maybe this is my luck evening out? Who knows.
I dual boot Linux (Ubuntu) on this computer. Maybe that will be my main OS now (i cant believe I didnt use that OS as my bitcoin wallet holder D:).

Thanks again
--Dylan

Yeah tell me about it. I've been kicking myself over not doing that. Really the only thing I should've been using windows for is gaming and running trading applications, the rest Linux can do almost anything Windows can now.

The only thing that I suspect at this point is some virus. Also that namecoin binary seems interesting because I too ran a namecoin binary two days before I got hacked. I wonder...hmm...

Before you format make a vmware image (or whatever other imaging program you prefer) of your running system - for forensic analysis. Get in touch with the major exchanges and report your coins stolen. They will need some hardcore proof but if there is even the slightest chance of gaining them back I'd say it's worth it.

[bitcola]

This sucks and is really putting me off investing in bitcoin.

What is the point if some hacker can just come in under my nose and steal everything?

There is no security in bitcoin, it's ridiculous.

[allinvain]

Oh here we go..attack of the Linux nerds!

OMG OMG the default bitcoin cleint's security sucks..OMG unencrypted wallet.dat is such a good idea!

Anyways, this is the standard response most of you give...so yeah..moving on.

[allinvain]

ZOMG people!

You have real money on your computers now.

Stop using Windows.

That is all...

Yep.
/thead.

Also, I dont think an exchange would worry about a sum of 60btc. Thats nothing in comparison with what they see daily.

I don't think they really care about any sum. It all gents blamed on the victim. Tough love?