|
M4v3R
|
|
August 19, 2013, 05:15:49 PM |
|
You can't spot issues with bad RNG (due to Android or any other future bug) by just eyeballing the signature. The signature won't be identical as the signature is a signing of the hash of the simplified tx. Since any two txs will be different the hash will be different and the signature will be different as well.
I believe you are also incorrect here, DeathAndTaxes. The signature part actually consists out of two numbers: r which is a random number, and s, which is actual signature. Normally, if you have two transactions, you have: Tx 1: R 1, R 1Tx 2: R 2, R 2However if your RNG is flawed and spits out two identical random numbers, it becomes: Tx 1: R, S 1Tx 2: R, S 2And because of that we can calculate the private key used to generate these signatures using equation below: Private key = (e 1*S 2 - e 2*S 1)/(R*(S 1-S 2)) Where e 1 and e 2 are hashes of the transaction, which are also public knowledge. So the point is - you can spot an issue (a specific kind of issue) with the RNG just by looking at the signatures. Source: PS3 hack slides and Nils Schneider's blog
|
|
|
|
rumbitla
Member
Offline
Activity: 98
Merit: 10
|
|
August 19, 2013, 05:15:58 PM |
|
.
|
|
|
|
watertech666 (OP)
|
|
August 19, 2013, 05:18:46 PM |
|
i don't use android phone. i use blockchain.info he stole all btc in these 2 address.
Did you have 2 factor authorization activated on blockchain.info? YES. I Have google authenticator.
|
|
|
|
DeathAndTaxes
Donator
Legendary
Offline
Activity: 1218
Merit: 1079
Gerald Davis
|
|
August 19, 2013, 05:25:44 PM Last edit: August 19, 2013, 05:41:34 PM by DeathAndTaxes |
|
2 address difference password. one of them same password as [REDACTED]
If the attacker is watching you just gave him more accounts to attack. 1) Delete or modify your post above ^ 2) Change those passwords ASAP. NEVER reuse passwords at least not for any account which has monetary value.
|
|
|
|
DeathAndTaxes
Donator
Legendary
Offline
Activity: 1218
Merit: 1079
Gerald Davis
|
|
August 19, 2013, 05:26:51 PM |
|
I believe you are also incorrect here ... In review you are correct. I fixed the post. Thanks.
|
|
|
|
rumbitla
Member
Offline
Activity: 98
Merit: 10
|
|
August 19, 2013, 05:28:39 PM |
|
Since 2-factor-authorization was used, I don't think they did this via the blockchain.info website.
Where are your backups stored?
|
|
|
|
watertech666 (OP)
|
|
August 19, 2013, 05:31:55 PM |
|
Since 2-factor-authorization was used, I don't think they did this via the blockchain.info website.
Where are your backups stored?
my computer.
|
|
|
|
BurtW
Legendary
Offline
Activity: 2646
Merit: 1137
All paid signature campaigns should be banned.
|
|
August 19, 2013, 05:32:06 PM |
|
Oh come on now, don't throw salt in this users wound. If you were driving home from your bank with thousands of dollars in your wallet and armed thieves stole all your cash but one dollar in your front pocket. You'd tell people they stole ALL your money too. I was not trying to make him feel worse than he already does. I consider the fact that the thief left this small amount of BTC and did not take it all a clue.
|
Our family was terrorized by Homeland Security. Read all about it here: http://www.jmwagner.com/ and http://www.burtw.com/ Any donations to help us recover from the $300,000 in legal fees and forced donations to the Federal Asset Forfeiture slush fund are greatly appreciated!
|
|
|
rumbitla
Member
Offline
Activity: 98
Merit: 10
|
|
August 19, 2013, 05:36:36 PM |
|
Since 2-factor-authorization was used, I don't think they did this via the blockchain.info website.
Where are your backups stored?
my computer. Your computer might be compromised and keylogged and your wallet.aes.json file been stolen.
|
|
|
|
DeathAndTaxes
Donator
Legendary
Offline
Activity: 1218
Merit: 1079
Gerald Davis
|
|
August 19, 2013, 05:38:40 PM Last edit: August 19, 2013, 06:08:59 PM by DeathAndTaxes |
|
Since 2-factor-authorization was used, I don't think they did this via the blockchain.info website.
Where are your backups stored?
my computer. If attacker has gained access to your computer he would have access to the backup file and could keylog your passphrase the last time you used it (anywhere you typed it not necessarily just blockchain.info). Password + backup file is all that is needed. blockchain.info 2FA only prevents attacker from using the site not from decrypting a backup. That is the most likely attack scenario however since you reused passwords on multiple sites it is possible (although less likely) the password was compromised from another site. NEVER reuse passwords. If you are going to ignore that advice at a minimum use unique strong passwords for financial sites (banks, paypal, bitcoin exchanges, wallets, etc) as well as any method of resetting password for those sites (i.e. email). Someone hacking your twitter account is much less of a loss than hacking your money.
|
|
|
|
millsdmb
|
|
August 19, 2013, 05:47:45 PM |
|
looks like its all going to dice.
|
|
|
|
Damnsammit
|
|
August 19, 2013, 05:57:03 PM |
|
Holy shit! That's a lot of Bitcoin. Sorry to hear about this
|
|
|
|
acoindr
Legendary
Offline
Activity: 1050
Merit: 1002
|
|
August 19, 2013, 06:18:54 PM |
|
This is the second incident (I'm aware of) with an attacker gaining access to a blockchain.info account. In the earlier one several account balances were moved to a new one in an apparently coordinated operation.
The victims share similarities. If I remember at least one of the victims in the earlier theft used 2FA, and may have kept a local backup. The best guess I have is similar to DeathAndTaxes which is some kind of keylogger, but even that seems to not fit well because there would be reports of other services being burgled.
It's hard to see where the vulnerability is here. We really need those Trezors. In the meantime, once again, if you are keeping more coins stored long term with any online service than you can afford to lose you have too much stored there.
|
|
|
|
|
01BTC10
VIP
Hero Member
Offline
Activity: 756
Merit: 503
|
|
August 19, 2013, 06:22:47 PM |
|
Why is he now playing SD with tiny amount?
|
|
|
|
Elwar
Legendary
Offline
Activity: 3598
Merit: 2386
Viva Ut Vivas
|
|
August 19, 2013, 06:25:03 PM |
|
In the meantime, once again, if you are keeping more coins stored long term with any online service than you can afford to lose you have too much stored there.
Lesson learned for anyone else. Keep large amounts in cold storage. Only use online wallets for day to day spending.
|
First seastead company actually selling sea homes: Ocean Builders https://ocean.builders Of course we accept bitcoin.
|
|
|
acoindr
Legendary
Offline
Activity: 1050
Merit: 1002
|
|
August 19, 2013, 06:32:58 PM |
|
Now that's what I call a safe! I actually consider Trezors about equal to keeping coins offline. That's why I'm so anxious for them. Most people won't bother with the complexity of learning how to keep and manage coins in cold storage. Not only do you have to learn how to do it, but then learn how to spend those coins as well as keep the physical storage medium safe. Trezor allows convenient access to spending coins while keeping them just as safe as cold storage. The task for users is reduced down to learning to use it and managing their backup seed.
|
|
|
|
|
techwtf.
Newbie
Offline
Activity: 2
Merit: 0
|
|
August 19, 2013, 06:38:49 PM |
|
Looks like your pc is compromised. Scan it .
|
|
|
|
|