byter (OP)
Newbie
Offline
Activity: 40
Merit: 0
|
|
October 11, 2013, 07:55:42 AM |
|
Hello,
All my bitcoins are gone from my bitcoin address... Received an e-mail 10 minute ago here:
Transaction reference: 27fb49c7-72d4-4e88-9bb0-d2646d403e97 Date: 2013-10-11 07:43:40 GMT IP: 209.21.68.151
How is that even possible? I have a very strong password and no viruses... Can't be true!
The IP is in California and I am in Switzerland. Jeez....
|
|
|
|
Kluge
Donator
Legendary
Offline
Activity: 1218
Merit: 1015
|
|
October 11, 2013, 08:01:12 AM |
|
Perhaps the credentials of your email account or password manager are compromised?
|
|
|
|
byter (OP)
Newbie
Offline
Activity: 40
Merit: 0
|
|
October 11, 2013, 08:04:57 AM |
|
I thought about that, but would be strange that the guy doesn't even change the password afterwards... And where would he have found my e-mail address?
That's too much to be true...
|
|
|
|
Kluge
Donator
Legendary
Offline
Activity: 1218
Merit: 1015
|
|
October 11, 2013, 08:08:51 AM |
|
I thought about that, but would be strange that the guy doesn't even change the password afterwards... And where would he have found my e-mail address?
That's too much to be true...
Email provider should let you check last few IP addresses which accessed your account so you can double-check. (Usually in a "tools" or sometimes "settings" tab - though with smaller providers, you' may have to email support)
|
|
|
|
byter (OP)
Newbie
Offline
Activity: 40
Merit: 0
|
|
October 11, 2013, 08:22:33 AM |
|
No connections whatsoever outside of Switzerland...
|
|
|
|
byter (OP)
Newbie
Offline
Activity: 40
Merit: 0
|
|
October 11, 2013, 08:27:35 AM |
|
And I guess that MtGox will just tell me that it's my fault of course...
|
|
|
|
byter (OP)
Newbie
Offline
Activity: 40
Merit: 0
|
|
October 11, 2013, 08:28:35 AM |
|
By the way, it was sent to: 155SfFNjcqVZdoHDM6M3uR1hSjJtuW3xRf
If anyone can help finding back the guy, I'll reward!
|
|
|
|
TheButterZone
Legendary
Offline
Activity: 3038
Merit: 1032
RIP Mommy
|
|
October 11, 2013, 08:36:00 AM Last edit: October 11, 2013, 09:01:06 AM by TheButterZone |
|
Well, it's not the first time it's been used... http://blockchain.info/address/155SfFNjcqVZdoHDM6M3uR1hSjJtuW3xRfIf I were MtGox, I'd log the accounts and IPs trying to withdraw to that address, and try to alert the account owners directly before the withdrawals are allowed to execute.
|
Saying that you don't trust someone because of their behavior is completely valid.
|
|
|
greyhawk
|
|
October 11, 2013, 08:38:30 AM |
|
Let me guess. No 2FA? no viruses... How would you even know that?
|
|
|
|
byter (OP)
Newbie
Offline
Activity: 40
Merit: 0
|
|
October 11, 2013, 09:01:22 AM |
|
Let me guess. No 2FA? no viruses... How would you even know that? Because I ran a full check with 4 different anti malware / anti virus tools?
|
|
|
|
greyhawk
|
|
October 11, 2013, 09:15:24 AM |
|
Let me guess. No 2FA? no viruses... How would you even know that? Because I ran a full check with 4 different anti malware / anti virus tools? That would only protect you from common threats, which the highly specialiced trojans/keyloggers out for bitcoin exchange login data most definitely are not. The only way to confidently deny the presence of bitcoin malware is if you'd exclusively accessed exchanges via a fresh and clean VM.
|
|
|
|
viboracecata
Legendary
Offline
Activity: 1316
Merit: 1000
Varanida : Fair & Transparent Digital Ecosystem
|
|
October 11, 2013, 09:23:29 AM |
|
Let me guess. No 2FA? no viruses... How would you even know that? Because I ran a full check with 4 different anti malware / anti virus tools? antivirus tools can not kill the real cracker's backdoors, your PC using habit is the best safeguard for you private information
|
|
|
|
posormo
Member
Offline
Activity: 109
Merit: 10
|
|
October 11, 2013, 12:42:46 PM |
|
Their stealing their money because your to stupid to secure your shit? Interesting. How many btc were taken? Was your password 1234?
|
|
|
|
byter (OP)
Newbie
Offline
Activity: 40
Merit: 0
|
|
October 11, 2013, 12:59:03 PM |
|
Their stealing their money because your to stupid to secure your shit? Interesting. How many btc were taken? Was your password 1234?
No, I have a strong password. 3 BTCs were taken... Not that much but hey, that sucks...
|
|
|
|
posormo
Member
Offline
Activity: 109
Merit: 10
|
|
October 11, 2013, 02:54:23 PM |
|
Their stealing their money because your to stupid to secure your shit? Interesting. How many btc were taken? Was your password 1234?
No, I have a strong password. 3 BTCs were taken... Not that much but hey, that sucks... oh, you have a strong password. that is all you have to say? now I know its your own fault and not theirs. typical end user. ya, they are going to risk it all to steal 3 btc from you. change the thread title to I don't understand how to use a computer, game over.
|
|
|
|
byter (OP)
Newbie
Offline
Activity: 40
Merit: 0
|
|
October 16, 2013, 11:12:23 AM |
|
Well, I actually know how to use a computer...
Anyways, complaint has been open at the FBI, hope they find the guy :-)
At least I have an IP address to start with...
|
|
|
|
Newar
Legendary
Offline
Activity: 1358
Merit: 1001
https://gliph.me/hUF
|
|
October 16, 2013, 11:59:24 AM |
|
Did you have 2FA?
|
|
|
|
hulk
|
|
October 16, 2013, 12:02:01 PM |
|
I believe you don't have 2FA? anyway bye bye 3 BTC. Most likely its hacker and not MTGOX
|
|
|
|
malevolent
can into space
Legendary
Offline
Activity: 3472
Merit: 1724
|
|
October 16, 2013, 08:57:40 PM |
|
That would only protect you from common threats, which the highly specialiced trojans/keyloggers out for bitcoin exchange login data most definitely are not. The only way to confidently deny the presence of bitcoin malware is if you'd exclusively accessed exchanges via a fresh and clean VM.
It wouldn't be enough if the host OS wasn't "fresh and clean" too. It would probably be enough if he used the host OS exclusively for accessing exchanges and the guest OS for other Internet-interacting stuff. Though it may still be sometimes possible to compromise the host OS from the guest OS (or other guests if they aren't properly isolated). http://www.blackhat.com/presentations/bh-usa-09/KORTCHINSKY/BHUSA09-Kortchinsky-Cloudburst-PAPER.pdfhttp://media.blackhat.com/bh-us-11/Elhage/BH_US_11_Elhage_Virtunoid_WP.pdf
|
Signature space available for rent.
|
|
|
|
|