Bitcoin Forum
December 11, 2016, 12:20:05 PM *
News: Latest stable version of Bitcoin Core: 0.13.1  [Torrent].
 
   Home   Help Search Donate Login Register  
Pages: [1]
  Print  
Author Topic: We need a standard template for "I was hacked" threads  (Read 930 times)
Capitan
Member
**
Offline Offline

Activity: 112


View Profile
June 30, 2011, 12:44:41 AM
 #1

Those threads go nowhere. The OP's never provide enough info, and the same back and forth questions get asked in each thread. THe OP's never seem to give enough info to figure out what happened.

This is common enough now that it's in everyone's best interest to adopt a standard template/script of how an "I was hacked" thread should look, and what info should be included in the OP of each one of those threads. I'm not a security expert at all but I will take a rough stab at starting it off:


Required Info:
Screenshot of wallet showing the unauthorized transactions, and the ones before and after it
Address(es) where BTC were stolen from
Address(es) where stolen BTC were transferred to

List of all places on which wallet.dat were stored, including:
OS of machine, version, bitness (32/64 bit), etc
Any software firewall on the machine? What kind of policies are in place?
Is the machine behind a router with hardware firewall? If so, describe security measures in place/ firewall policies.
Stored in plain text/truecrypt/protected zip/encrypted drive/etc?
Is the machine a VM?
Describe security software setup of the machine (AV, anti-malware, etc). Are these services doing real time protection?
What browser(s) do you use? What kind of security precautions are taken for browsing (noscript, adblock, private mode browsing, etc)?
What files have been downloaded recently? (Note, this is probably a useless question because your machine could have been compromised long before you got into bitcoin)


Has the hacked wallet ever been stored in the cloud (dropbox, google docs, transfered via any email service, etc)?
Are the passwords for any of the machines, or cloud services on which the wallet has ever been stored shared with any of your other passwords?
How strong are the passwords? Describe char length, and what mixture of chars are used
Was hacked PC on when the hack took place?

Can you check your bitcoin client Debug logs for more info?
Can you check your router/firewall logs for any suspicious traffic?


I doubt I will have time to maintain this, so I would appreciate if someone else would like to take over creating & maintaining an standard "I was hacked" post template.
1481458805
Hero Member
*
Offline Offline

Posts: 1481458805

View Profile Personal Message (Offline)

Ignore
1481458805
Reply with quote  #2

1481458805
Report to moderator
Advertised sites are not endorsed by the Bitcoin Forum. They may be unsafe, untrustworthy, or illegal in your jurisdiction. Advertise here.
1481458805
Hero Member
*
Offline Offline

Posts: 1481458805

View Profile Personal Message (Offline)

Ignore
1481458805
Reply with quote  #2

1481458805
Report to moderator
1481458805
Hero Member
*
Offline Offline

Posts: 1481458805

View Profile Personal Message (Offline)

Ignore
1481458805
Reply with quote  #2

1481458805
Report to moderator
BitcoinPorn
Hero Member
*****
Offline Offline

Activity: 560


Posts: 69


View Profile WWW
June 30, 2011, 12:53:29 AM
 #2

+1 +2

qualia8
Full Member
***
Offline Offline

Activity: 140


View Profile
June 30, 2011, 06:05:16 AM
 #3

+1

Sad that they are so common we need a template.
digigalt
Jr. Member
*
Offline Offline

Activity: 58


View Profile
June 30, 2011, 06:07:25 AM
 #4

Why? If this is a crypto-currency that's designed from the ground up for anonymity, then threads about stolen Bitcoins are pointless. You'll never catch the person who stole the coins. If you do, you have no recourse to get them back.
fascistmuffin
Jr. Member
*
Offline Offline

Activity: 56



View Profile
June 30, 2011, 06:10:54 AM
 #5

I have a suggested method to make this very easy:

1. Write post to notepad.
2. Print completed post.
3. File printed post in file #13 (aka Trash Can)
4. Exit notepad. Be sure to click "don't save" when exiting.

I feel like most "I was hacked" posts are either trolls or people who made an obvious mistake and don't want to fess up to it (i.e. downloading a miner promising 3 million MH/s). And what the hell are we supposed to do when/if we find said hacker? Tell them to give it back (lol)?
myrkul
Hero Member
*****
Offline Offline

Activity: 532


FIAT LIBERTAS RVAT CAELVM


View Profile WWW
June 30, 2011, 06:17:52 AM
 #6

I have a suggested method to make this very easy:

1. Write post to notepad.
2. Print completed post.
3. File printed post in file #13 (aka Trash Can)
4. Exit notepad. Be sure to click "don't save" when exiting.

I feel like most "I was hacked" posts are either trolls or people who made an obvious mistake and don't want to fess up to it (i.e. downloading a miner promising 3 million MH/s). And what the hell are we supposed to do when/if we find said hacker? Tell them to give it back (lol)?

+9000

BTC1MYRkuLv4XPBa6bGnYAronz55grPAGcxja
Need Dispute resolution? Public Key ID: 0x11D341CF
No person has the right to initiate force, threat of force, or fraud against another person or their property. VIM VI REPELLERE LICET
qualia8
Full Member
***
Offline Offline

Activity: 140


View Profile
June 30, 2011, 06:18:50 AM
 #7

The threads can be instructive for others and scare people into taking more precautions.

Also, people are going to emote when they lose their life savings.  It's human nature, you aspy freaks!

Cheesy
Capitan
Member
**
Offline Offline

Activity: 112


View Profile
June 30, 2011, 06:21:15 AM
 #8

Why? If this is a crypto-currency that's designed from the ground up for anonymity, then threads about stolen Bitcoins are pointless. You'll never catch the person who stole the coins. If you do, you have no recourse to get them back.

1. The main point is to figure out how people are getting hacked (assuming the claims are true) so everyone in the community can benefit from the knowledge to make themselves more secure.

2. A possible secondary point is to find out as much as possible about the people stealing the BTC. Who knows, that info might end up being useful somehow, if only to expose those thieves.


Capitan
Member
**
Offline Offline

Activity: 112


View Profile
June 30, 2011, 06:23:39 AM
 #9

Flaming those posters to provide the appropriate info or stfu would either discourage the ones who are trolling, or if they are telling the truth, help everyone out by getting closer to figuring out the security mistakes they are making.
Pages: [1]
  Print  
 
Jump to:  

Sponsored by , a Bitcoin-accepting VPN.
Powered by MySQL Powered by PHP Powered by SMF 1.1.19 | SMF © 2006-2009, Simple Machines Valid XHTML 1.0! Valid CSS!