Bitcoin Forum
October 23, 2017, 09:27:17 PM *
News: Latest stable version of Bitcoin Core: 0.15.0.1  [Torrent]. (New!)
 
   Home   Help Search Donate Login Register  
Pages: « 1 2 3 4 5 [6] 7 »  All
  Print  
Author Topic: my wallets were stolen just now, can any one help me?  (Read 11769 times)
watertech666
Member
**
Offline Offline

Activity: 62



View Profile WWW
August 23, 2013, 03:37:33 PM
 #101

I just changed passphrase for the address  1CzAncjXYjtiXNC4CNAw4RoKdQLoi72xn . Let's see what happen.

Water Filter supplier who accept bitcoin.  http://www.asiawaterfilter.com
1508794037
Hero Member
*
Offline Offline

Posts: 1508794037

View Profile Personal Message (Offline)

Ignore
1508794037
Reply with quote  #2

1508794037
Report to moderator
Advertised sites are not endorsed by the Bitcoin Forum. They may be unsafe, untrustworthy, or illegal in your jurisdiction. Advertise here.
1508794037
Hero Member
*
Offline Offline

Posts: 1508794037

View Profile Personal Message (Offline)

Ignore
1508794037
Reply with quote  #2

1508794037
Report to moderator
Carlos L.
Legendary
*
Offline Offline

Activity: 952


View Profile
August 24, 2013, 10:31:13 PM
 #102

get answer from Jesse James (blockchain.info) as bellow  https://bitcointalk.org/index.php?topic=277595.new

I did a bit more transaction following ... it appears another address implicated with the thief address is 13KLNHPWLtWKTtKtr4fY5pu4Di4aQVLzPf.  This address received a coinad payout on 2013-04-10 07:54:10.

Coinad probably has the guy's email address.  Could be a dead end if their policy prevents them from handing this information out, or if they don't validate email addresses of members, or if he gave them a throwaway address.

Keep in mind, my evidence linking these two addresses is not 100% ... but it's pretty high.

Another possible lead is that the thief seems to think using Satoshi Dice a few times after a heist is an effective laundering technique.  In this transaction he apparently submitted his gambling transaction directly to blockchain.info ... so depending on how much they log, they may have the IP address of the thief.  This could also be a dead end if he's using Tor or some other proxy ... but seeing as he apparently thinks using Satoshi Dice makes tracking stolen coins harder, he probably isn't the brightest hacker in the world.
Thank you Jesse. I have send messenger to coinad.com . Hope to receive their reply soon.
I'm really sorry but I've deleted all CoinAd old backups... This is the second time someone asks me for information for the exact same reason.  Embarrassed
tkone
Full Member
***
Offline Offline

Activity: 168


View Profile
August 25, 2013, 02:34:00 AM
 #103

i never really use the addresses from blockchain.info
if anything i add a watch only address, and when i want to sent i just put in my private key, this way only i have access to the private key,
oh and also the private is store encrypted on a persistent partition of a tails os usb,
this way im only loggin in with tails os, and thats the only way i put my private key in,

im thinkin of gettin a new address, not sure if bitaddress.org is safe to generate me a good secure privatekey ofcourse in tails with a saved version of the website and while im offline too !!!

i think im going to do that soon, and transfer some direct shares to that addresss, leaving me farther away from my money, this way i can just leave it and let it grow,

hmm or maybe use it to circulate more money? we'll see Smiley


edit: it could of been a phising site that was like blockchain, i havent seen one but thats how i got my account on here hacked, from a phising site that looked and was identicle and i just didnt notice i clicked on the link from like a chat somewhere, and thought let me log in to add or w.e.

dont know any other way that they could of stole your keys, i keep my keys offline, this way its even more difficult for me to get to them,


its really not that hard to be safe, make a tails os, boot it, make a persistent drive if u want or not, download bitaddress.org but make sure its a safe one from like github thats been up for a while and everyone trusts it,

then get offline if u want, or save it to persistent so u have a copy of it if needed,
make urself some keys,

now make a new blockchain wallet, dont really matter, ofcourse the more secure your passwords ect. is better but still dont matter,
then add your keys as watch only, and if u want to send anything just boot ur tails and persistent that has the private keys,

and make a transaction add your private key,

this procedure im currently using, im sure there is more safer, like a dedicated offline wallet, that signs transactions offline, and then put those transactions on a usb, and broadcast it from a diff computer to the network, this way your completely offline at alltimes,

but i feel this method i use is easier for now for me, and not so burdensom

didjaydisteele
Member
**
Offline Offline

Activity: 96


All For Bitcoin!


View Profile
August 25, 2013, 01:32:54 PM
 #104

I just changed passphrase for the address  1CzAncjXYjtiXNC4CNAw4RoKdQLoi72xn . Let's see what happen.

The address, that's it!
b!z
Legendary
*
Offline Offline

Activity: 1568



View Profile
August 27, 2013, 11:45:24 AM
 #105

@tkone, the most secure way is to use an offline cold wallet for sure. using online wallets puts you at risk.
MrVivaldi
Jr. Member
*
Offline Offline

Activity: 37



View Profile
August 27, 2013, 06:20:49 PM
 #106

What type of level of security does "http://brainwallet.org/#tx" provide?

Do you think it could result in the heist of ones coins?

A currency dependent on secrecy fears the truth.
cp1
Hero Member
*****
Offline Offline

Activity: 616


Stop using branwallets


View Profile
August 27, 2013, 06:37:40 PM
 #107

Brainwallets are the worst unless you can come up with a really good passphrase (computer generated)

Guide to armory offline install on USB key:  https://bitcointalk.org/index.php?topic=241730.0
MrVivaldi
Jr. Member
*
Offline Offline

Activity: 37



View Profile
August 27, 2013, 06:40:08 PM
 #108

Thank you for your reply CP1. My question was more specifically wether their way of creating raw transactions was unsecure.

A currency dependent on secrecy fears the truth.
cp1
Hero Member
*****
Offline Offline

Activity: 616


Stop using branwallets


View Profile
August 27, 2013, 08:20:09 PM
 #109

Oh sorry I misunderstood.  I think there was a problem with using it offline with java that gave bad random number generation, but that should be fixed now.  But I use armory to do all my offline transaction generation, so I'm not really up to date on web based methods.

Guide to armory offline install on USB key:  https://bitcointalk.org/index.php?topic=241730.0
Mark_Twain
Full Member
***
Offline Offline

Activity: 180



View Profile
December 17, 2013, 06:06:23 AM
 #110

Just had 10BTC ripped off from my Blockchain.info wallet without my consent!

Situation explained here:

https://bitcointalk.org/index.php?topic=373612.msg4004705#msg4004705

Litecoins donations: LUNrACL2GoC8RhHqJbd4k2GnqX2xjixooY
Bitcoins donations: 1AWcSjq96oa5tqLyqPG2U729AzGPZW9aW4
Exther
Jr. Member
*
Offline Offline

Activity: 45

#MASTERCOIN-FAUCET-OTS:#36F2567C#


View Profile
December 17, 2013, 03:21:08 PM
 #111

Still trying to figure out how the thief accessed account if you had google authenticator activated?

bryant.coleman
Legendary
*
Offline Offline

Activity: 1582



View Profile
December 17, 2013, 04:04:33 PM
 #112

Which is absurd. What chance does bitcoin have if people can't use it on their home PC for fear of theft?

Online wallets and clients need 2FA and maybe online banking style "enter letters 3, 5 and 7 from your password" to help improve security.

For anyone moving coins around - buying and selling, day trading, etc - paper wallets or offline storage really isn't practical.

That is a good proposal. This will eliminate the problem with keyloggers as well. Recently I am hearing a lot of horror stories from people who are using Blockchain.info wallets. They should really improve their security.

                               
           ░▓█████████████████▓░
          ▒▓██▓▓▓▓▓▓▓▓▓▓▒▓▒▒▒██▓▒░
      ░▒▓███▓                 ▒██▓▓▒░░    ░
▓▒███████▓▒        ░▒▒▒▒▒▒▒░    ░▓▓▓██▓▓▓▒▓
▒░██▒░░         ▒▓▓▓▓▒▒▒▒▓▓██▓▒     ░ ▒▓▓░▓
░▒▓█▒         ▒█▓▓▒▒▒▒▒▒▒▓▓▓████▓▓▒   ▒█▓▒▒
 ▒░██        ██▒▒▒▒▒▒▒▒▒▒▒▒▒░▒▒░██▒   ██▒▒
 ▓░▓█▒      ██▒▒▒▒▒▒░▒░░▒▒▒░░▒▓██▓   ▒██░▒
 ░▓░█▓     ▓█▓▒░▒▒▒▒▒▒▒░░░▒▒▓▓▓▓▓▒   ██░▓░
  ▓▒▒█▓  ▓▒█▓▒▒▓▓▒░▒░░░▒▒▒▒▒▒▒▒ █▒  ██▓░▓
   █░▒█▓ ▓███▓▒▒░░▒▒▒▒▒▒▒▒▒▒▒░ ▓█  ██▓ ▓
    █░▓█▓ ░██▓███▓▓▒▒▒▒▒▒▒░▒▒▓██  ██▓░▓
    ░█░▒██  ░ ░▓███████▓██████▒  ██▒░▓
      █▒░██▓      ░▒▒▓▓▓▓▒▒░   ▓██░▒▓
       ▓▓░▒██▒               ▒██▓░▓▓
        ░█▓░▓██▒           ▒██▓░▓█░
          ▒█▓░▓██▓       ▓██▓▒▓█▒
            ▒█▓▒▒███░ ▒███▒▒▓█▒
              ▒██▓▒▓███▓▒▒██▒
                ░▓██▒▒▒███░
                   ▒███▒














BurtW
Legendary
*
Offline Offline

Activity: 2058

All paid signature campaigns should be banned.


View Profile WWW
December 17, 2013, 04:22:22 PM
 #113

Which is absurd. What chance does bitcoin have if people can't use it on their home PC for fear of theft?

Online wallets and clients need 2FA and maybe online banking style "enter letters 3, 5 and 7 from your password" to help improve security.

For anyone moving coins around - buying and selling, day trading, etc - paper wallets or offline storage really isn't practical.

That is a good proposal. This will eliminate the problem with keyloggers as well. Recently I am hearing a lot of horror stories from people who are using Blockchain.info wallets. They should really improve their security.
Blockchain.info is one of the most secure wallets there is if used properly.

If you have a keylogger on your system then all wallets (and all bank accounts, and PayPal, etc.) are vulnerable.

You can tie Blockchain to a single IP address, you can log all IPs of all accesses, you can use various forms of 2FA.  The list goes on.  I have been using if for years with no issues.  Having said that I also keep most of my coins offline.

You must use a very good > 20 character very random password, enable 2FA, etc.

Our family was terrorized by Homeland Security.  Read all about it here:  http://www.jmwagner.com/ and http://www.burtw.com/  Any donations to help us recover from the $300,000 in legal fees and forced donations to the Federal Asset Forfeiture slush fund are greatly appreciated!
cp1
Hero Member
*****
Offline Offline

Activity: 616


Stop using branwallets


View Profile
December 17, 2013, 06:08:23 PM
 #114

I think the problem usually turns out to be wallet backups sent to your compromised email account.

Guide to armory offline install on USB key:  https://bitcointalk.org/index.php?topic=241730.0
BurtW
Legendary
*
Offline Offline

Activity: 2058

All paid signature campaigns should be banned.


View Profile WWW
December 17, 2013, 06:48:50 PM
 #115

I think the problem usually turns out to be wallet backups sent to your compromised email account.
This may be a possibility in Mark_Twain's case.

Our family was terrorized by Homeland Security.  Read all about it here:  http://www.jmwagner.com/ and http://www.burtw.com/  Any donations to help us recover from the $300,000 in legal fees and forced donations to the Federal Asset Forfeiture slush fund are greatly appreciated!
hilariousandco
I can't restore accounts.
Global Moderator
Legendary
*
Offline Offline

Activity: 1442


How does one bitcoin?


View Profile WWW
December 17, 2013, 08:03:39 PM
 #116

Which is absurd. What chance does bitcoin have if people can't use it on their home PC for fear of theft?

Online wallets and clients need 2FA and maybe online banking style "enter letters 3, 5 and 7 from your password" to help improve security.

For anyone moving coins around - buying and selling, day trading, etc - paper wallets or offline storage really isn't practical.

That is a good proposal. This will eliminate the problem with keyloggers as well.

This is definitely a good idea. Keyloggers are probably the easiest way to get at your password.

Like others have said, I recommend Linux. I moved from windows about a year ago and never looked back. Was getting far too many viruses.


bryant.coleman
Legendary
*
Offline Offline

Activity: 1582



View Profile
December 18, 2013, 09:57:33 AM
 #117

Blockchain.info is one of the most secure wallets there is if used properly.

If you have a keylogger on your system then all wallets (and all bank accounts, and PayPal, etc.) are vulnerable.

You can tie Blockchain to a single IP address, you can log all IPs of all accesses, you can use various forms of 2FA.  The list goes on.  I have been using if for years with no issues.  Having said that I also keep most of my coins offline.

You must use a very good > 20 character very random password, enable 2FA, etc.

If our IP changes without warning, then we might not be able to log-in.

BTW.... how can we see the log of all accesses in Blockchain.info?

                               
           ░▓█████████████████▓░
          ▒▓██▓▓▓▓▓▓▓▓▓▓▒▓▒▒▒██▓▒░
      ░▒▓███▓                 ▒██▓▓▒░░    ░
▓▒███████▓▒        ░▒▒▒▒▒▒▒░    ░▓▓▓██▓▓▓▒▓
▒░██▒░░         ▒▓▓▓▓▒▒▒▒▓▓██▓▒     ░ ▒▓▓░▓
░▒▓█▒         ▒█▓▓▒▒▒▒▒▒▒▓▓▓████▓▓▒   ▒█▓▒▒
 ▒░██        ██▒▒▒▒▒▒▒▒▒▒▒▒▒░▒▒░██▒   ██▒▒
 ▓░▓█▒      ██▒▒▒▒▒▒░▒░░▒▒▒░░▒▓██▓   ▒██░▒
 ░▓░█▓     ▓█▓▒░▒▒▒▒▒▒▒░░░▒▒▓▓▓▓▓▒   ██░▓░
  ▓▒▒█▓  ▓▒█▓▒▒▓▓▒░▒░░░▒▒▒▒▒▒▒▒ █▒  ██▓░▓
   █░▒█▓ ▓███▓▒▒░░▒▒▒▒▒▒▒▒▒▒▒░ ▓█  ██▓ ▓
    █░▓█▓ ░██▓███▓▓▒▒▒▒▒▒▒░▒▒▓██  ██▓░▓
    ░█░▒██  ░ ░▓███████▓██████▒  ██▒░▓
      █▒░██▓      ░▒▒▓▓▓▓▒▒░   ▓██░▒▓
       ▓▓░▒██▒               ▒██▓░▓▓
        ░█▓░▓██▒           ▒██▓░▓█░
          ▒█▓░▓██▓       ▓██▓▒▓█▒
            ▒█▓▒▒███░ ▒███▒▒▓█▒
              ▒██▓▒▓███▓▒▒██▒
                ░▓██▒▒▒███░
                   ▒███▒














BurtW
Legendary
*
Offline Offline

Activity: 2058

All paid signature campaigns should be banned.


View Profile WWW
December 18, 2013, 12:24:11 PM
 #118

Blockchain.info is one of the most secure wallets there is if used properly.

If you have a keylogger on your system then all wallets (and all bank accounts, and PayPal, etc.) are vulnerable.

You can tie Blockchain to a single IP address, you can log all IPs of all accesses, you can use various forms of 2FA.  The list goes on.  I have been using if for years with no issues.  Having said that I also keep most of my coins offline.

You must use a very good > 20 character very random password, enable 2FA, etc.

If our IP changes without warning, then we might not be able to log-in.

BTW.... how can we see the log of all accesses in Blockchain.info?

Yes, but I think it is disabled by default so you must turn it on:

Wallet Home -> Account Settings -> Continue -> Logging

Select the logging level you desire

Our family was terrorized by Homeland Security.  Read all about it here:  http://www.jmwagner.com/ and http://www.burtw.com/  Any donations to help us recover from the $300,000 in legal fees and forced donations to the Federal Asset Forfeiture slush fund are greatly appreciated!
bitpop
Legendary
*
Offline Offline

Activity: 2156


https://keybase.io/bitpop


View Profile WWW
December 18, 2013, 02:42:00 PM
 #119

How would they steal from a wallet backup?

Reputation  |  PGP  |  DigitalOcean  |  TorGuard  |  Ethereum Classic
Bitcoin: 3DSh6AnmvBpDJFUz2mnLirMLmTMcFs9nDm
Bitmessage: BM-2cXN9j8NFT2n1FxDVQ6HQq4D4MZuuaBFyb
BurtW
Legendary
*
Offline Offline

Activity: 2058

All paid signature campaigns should be banned.


View Profile WWW
December 18, 2013, 03:37:19 PM
 #120

How would they steal from a wallet backup?
If you have the wallet backup all you need to do is decrypt it.  That means guessing the password.  The 2FA does not matter anymore.  There is nothing to slow you down, you can make as many attempts per second as your hardware allows.  Also the password guessing can be done in parallel on multiple machines.

Given a weak password it will crack.

Our family was terrorized by Homeland Security.  Read all about it here:  http://www.jmwagner.com/ and http://www.burtw.com/  Any donations to help us recover from the $300,000 in legal fees and forced donations to the Federal Asset Forfeiture slush fund are greatly appreciated!
Pages: « 1 2 3 4 5 [6] 7 »  All
  Print  
 
Jump to:  

Sponsored by , a Bitcoin-accepting VPN.
Powered by MySQL Powered by PHP Powered by SMF 1.1.19 | SMF © 2006-2009, Simple Machines Valid XHTML 1.0! Valid CSS!