Bitcoin Forum
November 12, 2024, 06:24:09 AM *
News: Latest Bitcoin Core release: 28.0 [Torrent]
 
   Home   Help Search Login Register More  
Pages: [1] 2 »  All
  Print  
Author Topic: My Bitcoins stolen...  (Read 1623 times)
Linuxxl (OP)
Newbie
*
Offline Offline

Activity: 6
Merit: 0


View Profile
November 06, 2013, 02:48:43 PM
 #1

As I noticed that the bitcoin price is rising over last month, I wanted to sell some for extra pocket money...
Upon opening my bitcoin client I found out most of them were gone...

On 16-9-2013 20:15 11.79406039 BTC were withdrawn from my Bitcoin wallet to the following address 18nVNeiaQ22ajSzV9i3jce5VqQL4VJqEJt

Trying to accept my loss, struggling with anger, sadness and most of all the fact that I do not have a clue how "they" did it...
Since I'm not expecting to see any of my GPU produced coins again, I would like to try and make my loss a lesson for any other (honest) bitcoin owner.

I hope this community can help me find out what I did wrong, and what would be the method most likely used to do the job.
The answer might be very obvious to some of you, but with the knowledge I posses I can't figure out where I've gone wrong.

My situation: (In which of course my new wallet won't be...)

My wallet was stored (encrypted) on my local server. The password is stored on a USB thumbdrive using KeePass in a TrueCrypt partition.
My server runs Windows Server 2008 R2
My PC runs Windows 8 SP1, both having all updates installed.
My Bitcoin-QT software was version 0.8.3
I've never used my browser on my server.
My PC uses FireFox, the only add-on I could think of that would improve my security would be Ghostery.
I access my server using Remote Desktop or Clover, witch enables tab browsing. I mainly use it for storage, downloading and streaming.

I feel so stupid and really don't have a clue on how they got to me. Please help me out, so I can make sure this won't happen again.
conspirosphere.tk
Legendary
*
Offline Offline

Activity: 2352
Merit: 1064


Bitcoin is antisemitic


View Profile
November 06, 2013, 03:04:01 PM
 #2

was the password easy/short/dictionary?
do anyone else knew about it?
"local server" was serving anything on the internets?
Dealazer
Member
**
Offline Offline

Activity: 97
Merit: 10


View Profile WWW
November 06, 2013, 03:05:34 PM
 #3

First of all we need to know what kinda place your wallet was at, as you should know inputs.io does give back the stolen property in some means, only if it's able too see the stolen goods taken to that address at very many transactions going to that account.

Also having to scan your computer with bitdefender and Ad-aware by lavasoft, that can peek into discovery of some keyloggers. But again as I know the best solution for home computer is using ZoneAlarm Firewall, from that point some keyloggers cannot get inside.

I'm really sorry about your encounter with hackers, thieves. But there might be some precautions that you did not keep. As for iputs.io it got hacked recently all those who had amounts there could easly loose them.

My website full of music -->  www.dealazer.com
RodeoX
Legendary
*
Offline Offline

Activity: 3066
Merit: 1147


The revolution will be monetized!


View Profile
November 06, 2013, 03:15:58 PM
 #4

sorry to hear this man. First thing to know is that you did nothing "wrong". It was the thief who did a wrong.
From what you said, I would be most suspicious of remote desktop.  But as the value of btc goes up, so does the sophistication of thieves. Security will be an ongoing problem in bitcoin. I think keeping all but a small amount of coins in cold storage is the best option now.

The gospel according to Satoshi - https://bitcoin.org/bitcoin.pdf
Free bitcoin in ? - Stay tuned for this years Bitcoin hunt!
Linuxxl (OP)
Newbie
*
Offline Offline

Activity: 6
Merit: 0


View Profile
November 06, 2013, 03:17:04 PM
 #5

Thanks for your responses.

@conspirosphere
The password is 228 Bits and was generated by the pw generator that KeePass supplies.
My server is only used for streaming within my network, and downloading via torrents or usenet.

@Dealazer
My wallet was in the default location.
The reason I did not have any anti-virus (ect.) protection was because at the time I installed my server I could not find a free software that would allow installation on a server.
I will try bitdefender and Ad-Aware.
About inputs.io, what does that have to do with my sitiation? I did not use that wallet...? What am I missing here?
greyhawk
Hero Member
*****
Offline Offline

Activity: 952
Merit: 1009


View Profile
November 06, 2013, 03:22:52 PM
 #6

About inputs.io, what does that have to do with my sitiation? I did not use that wallet...? What am I missing here?

Nothing. He just has no idea what he's talking about.
JessicaSe
Legendary
*
Offline Offline

Activity: 840
Merit: 1000



View Profile
November 06, 2013, 03:23:20 PM
 #7

As I noticed that the bitcoin price is rising over last month, I wanted to sell some for extra pocket money...
Upon opening my bitcoin client I found out most of them were gone...

On 16-9-2013 20:15 11.79406039 BTC were withdrawn from my Bitcoin wallet to the following address 18nVNeiaQ22ajSzV9i3jce5VqQL4VJqEJt

Trying to accept my loss, struggling with anger, sadness and most of all the fact that I do not have a clue how "they" did it...
Since I'm not expecting to see any of my GPU produced coins again, I would like to try and make my loss a lesson for any other (honest) bitcoin owner.

I hope this community can help me find out what I did wrong, and what would be the method most likely used to do the job.
The answer might be very obvious to some of you, but with the knowledge I posses I can't figure out where I've gone wrong.

My situation: (In which of course my new wallet won't be...)

My wallet was stored (encrypted) on my local server. The password is stored on a USB thumbdrive using KeePass in a TrueCrypt partition.
My server runs Windows Server 2008 R2
My PC runs Windows 8 SP1, both having all updates installed.
My Bitcoin-QT software was version 0.8.3
I've never used my browser on my server.
My PC uses FireFox, the only add-on I could think of that would improve my security would be Ghostery.
I access my server using Remote Desktop or Clover, witch enables tab browsing. I mainly use it for storage, downloading and streaming.

I feel so stupid and really don't have a clue on how they got to me. Please help me out, so I can make sure this won't happen again.

hm.. seems secured.... KeePass is the problem maybe?
JessicaSe
Legendary
*
Offline Offline

Activity: 840
Merit: 1000



View Profile
November 06, 2013, 03:24:40 PM
 #8

About inputs.io, what does that have to do with my sitiation? I did not use that wallet...? What am I missing here?

Nothing. He just has no idea what he's talking about.

inputs.io is an online wallet, I would say Bitcoin-qt should be more secure compare to inputs...
capnjames
Newbie
*
Offline Offline

Activity: 27
Merit: 0


View Profile
November 06, 2013, 03:26:04 PM
 #9

Damn, pretty tight security operation and they still got you...
No idea how they got you, but sorry for your loss.
joeyjoe
Full Member
***
Offline Offline

Activity: 224
Merit: 100


View Profile
November 06, 2013, 03:30:15 PM
 #10

Hate to be the one to say but I call BS

Bitcoin PHP programmer for hire! (HTML / CSS / JQuery / AJAX / .NET).
The 4ner
aka newbitcoinqtuser
Hero Member
*****
Offline Offline

Activity: 602
Merit: 500


R.I.P Silk Road 1.0


View Profile
November 06, 2013, 03:31:26 PM
 #11

Would the client version have been the problem? I know from what Gavin had mentioned there were several serious issues with
the older version and as a result he issued another update of the app almost immediately after having released Bitcoin-Qt version 0.8.4.

The latest version is 0.8.5
The 4ner
aka newbitcoinqtuser
Hero Member
*****
Offline Offline

Activity: 602
Merit: 500


R.I.P Silk Road 1.0


View Profile
November 06, 2013, 03:32:00 PM
 #12

Hate to be the one to say but I call BS

Huh? What do you mean?
joeyjoe
Full Member
***
Offline Offline

Activity: 224
Merit: 100


View Profile
November 06, 2013, 03:35:34 PM
 #13

Have to go back to work but I'll explain later

Bitcoin PHP programmer for hire! (HTML / CSS / JQuery / AJAX / .NET).
sushi
Full Member
***
Offline Offline

Activity: 238
Merit: 100

ASIC Myth Buster


View Profile
November 06, 2013, 03:36:01 PM
 #14

Seems like whoever took your coins, they re-distributed quite a few times in so many chunks


>>> PM me for New ASIC Miner's Info.  We will go check it out <<<
FEEL GENEROUS TODAY?  ==> 1AHNusc3BQA2QJCokySAQ1Qtymr1ZyAG6P
Linuxxl (OP)
Newbie
*
Offline Offline

Activity: 6
Merit: 0


View Profile
November 06, 2013, 04:17:13 PM
 #15

Have to go back to work but I'll explain later

Please do so. I'm really curious why you think this is "BS"...

For those who did try to cuntribute anything usefull to this topic, I thank you.
Ardenyham
Legendary
*
Offline Offline

Activity: 980
Merit: 1000

Don't Hesitate to Tip me for My Helps and Guides.


View Profile
November 06, 2013, 04:26:03 PM
 #16

My server is only used for streaming within my network, and downloading via torrents or usenet.
The reason I did not have any anti-virus (ect.) protection was because at the time I installed my server I could not find a free software that would allow installation on a server.


Server connected to internet without anti-virus and firewall and running torrents ?

Seems hackable to me, it might be the problem
conspirosphere.tk
Legendary
*
Offline Offline

Activity: 2352
Merit: 1064


Bitcoin is antisemitic


View Profile
November 06, 2013, 04:49:40 PM
 #17

Server connected to internet without anti-virus and firewall and running torrents ?

Seems hackable to me, it might be the problem

and the encrypted wallet?
that takes a keylogger or an insider
Raoul Duke
aka psy
Legendary
*
Offline Offline

Activity: 1358
Merit: 1002



View Profile
November 06, 2013, 04:58:18 PM
 #18

My server is only used for streaming within my network, and downloading via torrents or usenet.
The reason I did not have any anti-virus (ect.) protection was because at the time I installed my server I could not find a free software that would allow installation on a server.


Windows Server connected to internet without anti-virus and firewall, with Remote Desktop enabled and running torrents ?

Seems hackable to me, it might be the problem

FTFY Cheesy
Recipe for disaster!
Dealazer
Member
**
Offline Offline

Activity: 97
Merit: 10


View Profile WWW
November 06, 2013, 05:00:25 PM
 #19

Ad-Aware by lavasoft.com will most likely make an display of all keyloggers available on the internet. As for bitdefender it would not display what was inside computer.
As for the wallet it's connected through email if you in most cases used the same email at places where bitcoin talk is available, but in most cases that could not happen since your wallet code was unbreakable for most hackers.

Is then your wallet trustable?, does it contain trustworthy wallet security?, in most cases it can be insider of the firm that has the wallet for you.

My website full of music -->  www.dealazer.com
marketorder
Sr. Member
****
Offline Offline

Activity: 375
Merit: 250


View Profile
November 06, 2013, 05:01:44 PM
 #20

1st security issue is that you're running windows

2nd you're running downloadable torrents off of you're server

3rd You had no firewall and a p2p torrent operation

4th I'm sure you told someone that runs your server about the coins they likely stole it
Pages: [1] 2 »  All
  Print  
 
Jump to:  

Powered by MySQL Powered by PHP Powered by SMF 1.1.19 | SMF © 2006-2009, Simple Machines Valid XHTML 1.0! Valid CSS!