Bitcoin Forum
November 15, 2024, 07:13:13 AM *
News: Check out the artwork 1Dq created to commemorate this forum's 15th anniversary
 
   Home   Help Search Login Register More  
Pages: [1] 2 »  All
  Print  
Author Topic: Thieves, Govts and Mistakes  (Read 2370 times)
mishrahsigni (OP)
Newbie
*
Offline Offline

Activity: 44
Merit: 0


View Profile
July 13, 2013, 01:30:26 AM
 #1

Well, this is depressing...  After i lost 100 BTC to the Polish/German government/banks when Bitcoins-24 was shutdown [1], and someone managing to discover my BTE-E password [2] and took another 100 BTC from me, I moved all my coins to Blockchain, with double passwords (one to get in, another to withdraw)... passwords I have never used before or written down anywhere... very good passwords.  Sadly, I can not use Yubikey or 2-pass auth here in Argentina.  Nevertheless, I get a message from blockchain at midnight two nights ago saying "Withdrawal from your account".. Of course, I look and yes, the account has been completely wiped out by some address that appears in the ocean off the west African coast.  Once upon a time I had 500 BTC.  Between what has been lost (hard drive crash with no backup), commandeered by TPTB, and stolen,  I am left with 25 coins.   

I am not the only person with this story.  the one big question mark I have about the future of bitcoins is for all the cryptology involved in 'securing' the coin, they seem to be about as secure a gold bars under my mattress. 


[1] has ANYONE received anything of their BTC back? I know they keep saying "we are working on it", but I kinda think they are full 'o crap.  I think they are refunding the euros but just keeping the BTC and blatantly screwing their BTC clients because they know there is little or nothing that can be done to them.  But with actual money they can be prosecuted.  So they return the money and simply steal the BTC.

[2] my BTC-E account was emptied at 8pm, then 20 minutes later, my Vircurex account (which used the same password) was emptied, and there were failed attempts to log into other account.  My theory is they managed to steal my username/passwd from BTC-E then use dthat same combo on every exchange out there, and they managed to get lucky with Vircurex, and not with the others.  I asked BTC-E if they had been hacked, and they said nothing at all had happened, but a quick search will show that BTC-E seems to be a favorite for thieves and hackers.




CasinoBit
Sr. Member
****
Offline Offline

Activity: 364
Merit: 250



View Profile
July 13, 2013, 01:54:40 AM
 #2

I have been thinking of producing other more effective methods of bitcoin transfer myself, the internet is simply too unpredictable for the average person to handle along with the "chaotically" liberating nature of Bitcoins.

Let me guess, you have probably fallen into one of those BTC-E phishing sites. Probably the one where they demand you watch a really important video (don't even remember the phishing sites excuse for this) and ask you to login before you do that.

It really is amazing to burst the bubble of the average crypto nerd, pretty much this:
justusranvier
Legendary
*
Offline Offline

Activity: 1400
Merit: 1013



View Profile
July 13, 2013, 01:56:41 AM
 #3

The way to prevent this is to keep all your coins that you aren't currently spending in cold storage, with paper backups.
Twerka
Full Member
***
Offline Offline

Activity: 154
Merit: 100


View Profile
July 13, 2013, 02:09:02 AM
 #4

You made a lot of mistakes, the first one was to TRUST on a system.

You trusted Bitcoins-24, do you know who they are? Giving something of value to anybody is always a risk, even giving it to the bank. You are from Argentina, where you had a bank run on 2001, banks stole dollars from people, and the minister give the people "peso" instead of his dollars.

Then you trusted on BlockChain, even when they say they have security, you can't be sure if they really are keeping your coins safe. Misteriously they can say "uppsss, our system was hacked" and say "bye bye" to you (ex-) coins.

Then you trust on Yubikey, a third party security system. What happens if it fails? And 2-pass auth? The one controlled by G00?


The answer was always, do not trust on somebody, you should keep your coins for yourself. Cold storage, print the code, or remember it. And trust no one.

The worst enemy of Bitcoin is Mt.Gox exchange.
ralree
Hero Member
*****
Offline Offline

Activity: 518
Merit: 500


Manateeeeeeees


View Profile
July 13, 2013, 02:09:12 AM
 #5

Yes.  Don't keep large amounts on exchanges for long periods of time (I'd say 1 day max) - it's a really bad idea for various reasons.  At least keep them on a local encrypted wallet.  Also, don't go to BTC-E with javascript, flash or java on in your browser - people have gotten keylogged before that way and lost wallets.

1MANaTeEZoH4YkgMYz61E5y4s9BYhAuUjG
Chaoskampf
Full Member
***
Offline Offline

Activity: 182
Merit: 100


order in numbers


View Profile
July 13, 2013, 02:10:47 AM
 #6

The way to prevent this is to keep all your coins that you aren't currently spending in cold storage, with paper backups.

The good old fashioned way.
Garr255
Legendary
*
Offline Offline

Activity: 938
Merit: 1000


What's a GPU?


View Profile
July 13, 2013, 02:15:31 AM
 #7

I have been thinking of producing other more effective methods of bitcoin transfer myself, the internet is simply too unpredictable for the average person to handle along with the "chaotically" liberating nature of Bitcoins.

Let me guess, you have probably fallen into one of those BTC-E phishing sites. Probably the one where they demand you watch a really important video (don't even remember the phishing sites excuse for this) and ask you to login before you do that.

It really is amazing to burst the bubble of the average crypto nerd, pretty much this:


Solution to that comic: http://en.wikipedia.org/wiki/Deniable_encryption

“First they ignore you, then they laugh at you, then they fight you, then you win.”  -- Mahatma Gandhi

Average time between signing on to bitcointalk: Two weeks. Please don't expect responses any faster than that!
franky1
Legendary
*
Offline Offline

Activity: 4410
Merit: 4766



View Profile
July 13, 2013, 02:20:10 AM
 #8

also, dont download stuff that you have not compiled yourself or came from legitimate corporations own DVD..

if you want to play cracked games and torrent downloaded crap, dont do it on the same computer you use to store your funds

I DO NOT TRADE OR ACT AS ESCROW ON THIS FORUM EVER.
Please do your own research & respect what is written here as both opinion & information gleaned from experience. many people replying with insults but no on-topic content substance, automatically are 'facepalmed' and yawned at
Snail2
Legendary
*
Offline Offline

Activity: 1512
Merit: 1000



View Profile
July 13, 2013, 09:17:59 PM
 #9

also, dont download stuff that you have not compiled yourself or came from legitimate corporations own DVD..

if you want to play cracked games and torrent downloaded crap, dont do it on the same computer you use to store your funds

...or run it at last in a virtual machine.
Gabi
Legendary
*
Offline Offline

Activity: 1148
Merit: 1008


If you want to walk on water, get out of the boat


View Profile
July 13, 2013, 09:23:43 PM
 #10

Get a hardware wallet, problem solved

DublinBrian
Full Member
***
Offline Offline

Activity: 197
Merit: 100


View Profile
July 14, 2013, 09:20:49 AM
 #11

I moved all my coins to Blockchain, with double passwords (one to get in, another to withdraw)... passwords I have never used before or written down anywhere... very good passwords.  Sadly, I can not use Yubikey or 2-pass auth here in Argentina.  Nevertheless, I get a message from blockchain at midnight two nights ago saying "Withdrawal from your account".. Of course, I look and yes, the account has been completely wiped out by some address that appears in the ocean off the west African coast. 
It sounds like theres a keylogger on your device thats capturing all your passwords. What kind of device did you use to access the acccounts?

Other people have reported passwords being lifted from Android devices. I would not use an Android device to access high value bitcoin accounts. Any amount more than 20BTC should be kept offline.

BTW the address "off the west african coast" is latitude 0, longitude 0, which is the default location for blockchain when the originating IP is unknown.
freedomno1
Legendary
*
Offline Offline

Activity: 1820
Merit: 1090


Learning the troll avoidance button :)


View Profile
July 14, 2013, 09:41:48 AM
 #12

First things first get some good software and Web of Trust WOT or siteadvisor
Malwarebytes spybot s@d avast/antivir or nod32 at least
The first line of defense is the most important
After that the second line of defense
Still it is an unusual case get 2FA as well while your at it and use a coldwallet for your bitcoins the hardware one aka Armory
Once you clear your pc of all viruses malware and rootkits

With your luck your better off just buying direct asicminer shares from a legit seller instead of holding bitcoins somewhere else and hoping it stays blue chip Smiley
Or btc-tc with its maximum daily withdrawal limit and hope they catch it going to a weird address and checking it up for you
I also hope you get your bitcoin back

Believing in Bitcoins and it's ability to change the world
Raoul Duke
aka psy
Legendary
*
Offline Offline

Activity: 1358
Merit: 1002



View Profile
July 14, 2013, 09:48:05 AM
 #13

About Bitcoin-24: I had 20 BTC in there when it went down. Got them when they opened to allow withdrawals, a couple weeks after. I hope you get your BTC back!
goldlyre
Hero Member
*****
Offline Offline

Activity: 1112
Merit: 512


View Profile
July 14, 2013, 10:17:07 AM
 #14

The way to prevent this is to keep all your coins that you aren't currently spending in cold storage, with paper backups.
It seems to me that the Armory is down long ago (Usability Issue). Without Armory what other option can I take in order to make a really good offline wallet with proofed paper backup? Thanks.
Kuroth
Full Member
***
Offline Offline

Activity: 196
Merit: 100



View Profile WWW
July 14, 2013, 02:55:57 PM
 #15

The way to prevent this is to keep all your coins that you aren't currently spending in cold storage, with paper backups.
It seems to me that the Armory is down long ago (Usability Issue). Without Armory what other option can I take in order to make a really good offline wallet with proofed paper backup? Thanks.


I have this same question..  How do you do a Cold Storage?   Do I just put all my BTC I want to keep in my wallet on my PC and then copy that wallet to a USB drive(Maybe 2 or them?) and then delete the wallet on my PC and I now have cold storage?

And what is meant by back it up with paper?

Please explain or point me to a good thread on the subject..


  Thanks!

justusranvier
Legendary
*
Offline Offline

Activity: 1400
Merit: 1013



View Profile
July 14, 2013, 03:40:04 PM
 #16

It seems to me that the Armory is down long ago (Usability Issue).
You need a modern computer with a decent amount of RAM to run Armory, but if you've got enough Bitcoins to worry about losing them then it shouldn't be a problem to spend a couple of them to upgrade your computer if necessary.

I have this same question..  How do you do a Cold Storage?   Do I just put all my BTC I want to keep in my wallet on my PC and then copy that wallet to a USB drive(Maybe 2 or them?) and then delete the wallet on my PC and I now have cold storage?

And what is meant by back it up with paper?

Please explain or point me to a good thread on the subject..
https://bitcoinarmory.com/using-offline-wallets-in-armory/
mishrahsigni (OP)
Newbie
*
Offline Offline

Activity: 44
Merit: 0


View Profile
July 17, 2013, 05:33:15 PM
 #17

It sounds like theres a keylogger on your device thats capturing all your passwords. What kind of device did you use to access the acccounts?

Other people have reported passwords being lifted from Android devices. I would not use an Android device to access high value bitcoin accounts. Any amount more than 20BTC should be kept offline.

BTW the address "off the west african coast" is latitude 0, longitude 0, which is the default location for blockchain when the originating IP is unknown.

I only access with hardwired linux box.  I have no bitcoin info on my android, except for my blockchain.info app, which I rarely use but absolutely have not used sined i changed my password a month before they were hacked.  yes, i suspected that keylogger as well, but a) I can not imagine how that would have been possible to install on my linux box 2) the 2nd withdrawal password on blockchain.info uses a virtual keyboard specifically so keylogger can not see the password.

ah... interesting about 0,0.  makes sense. thanks

honestly I am not sure how much I trust ANY of the exchanges.  They are all vulnerable to hackers and greed.  If someone at blockchain decided to empty my account (and, occasionally some other persons account), they can easily say "hey, you should have used better passwords/security/etc/etc' and there is nothing the victim can do.  As bitcoins are not even money, I dount you could even get any real attention on such acts.  Although i think that is a .01% possibility of what happened to my bitcoins, I think there is a 50% chance that is what happened with BTC-E and a 99.9999% chance that (or something very similar) this happened with Bitcoin-24
mishrahsigni (OP)
Newbie
*
Offline Offline

Activity: 44
Merit: 0


View Profile
July 17, 2013, 05:46:06 PM
 #18

About Bitcoin-24: I had 20 BTC in there when it went down. Got them when they opened to allow withdrawals, a couple weeks after. I hope you get your BTC back!

Damn!  Just bad luck for me, I guess, cause I still ain't seen hide nor hair of any of my 100 'disappeared' coins, and my attempt to withdraw when that was made available simply responded with a "you coins will be returned within 24 hours".  At this point it is clear that have no plans sice then, nor made any effort, to refund.. 

I am curious, did you have any euros in your account as well?  Because if you did, that supports my conspiracy theory that they took care of (only) clients that had the right to go to official legal channels.

Raoul Duke
aka psy
Legendary
*
Offline Offline

Activity: 1358
Merit: 1002



View Profile
July 17, 2013, 05:51:25 PM
 #19

About Bitcoin-24: I had 20 BTC in there when it went down. Got them when they opened to allow withdrawals, a couple weeks after. I hope you get your BTC back!
I am curious, did you have any euros in your account as well?  Because if you did, that supports my conspiracy theory that they took care of (only) clients that had the right to go to official legal channels.

Nope, no Euros whatsoever. Only had 21 BTC in there if I'm not mistaken. Only unsure about how many BTC. That I had zero Euros I'm positive Wink
acoindr
Legendary
*
Offline Offline

Activity: 1050
Merit: 1002


View Profile
July 17, 2013, 05:58:18 PM
 #20

Damn!  Just bad luck for me, I guess, cause I still ain't seen hide nor hair of any of my 100 'disappeared' coins, and my attempt to withdraw when that was made available simply responded with a "you coins will be returned within 24 hours".  At this point it is clear that have no plans sice then, nor made any effort, to refund..  

Did you try contacting them directly? I mean not through an account withdrawal. Sometimes when a service is dealing with problems a lot gets lost in communication. It may be that they know about your claim and have no intention to honor it. Then again it may be your claim got lost in all the confusion. I'd try contacting them directly if at all possible for that many BTC.
Pages: [1] 2 »  All
  Print  
 
Jump to:  

Powered by MySQL Powered by PHP Powered by SMF 1.1.19 | SMF © 2006-2009, Simple Machines Valid XHTML 1.0! Valid CSS!