JeevesNZ (OP)
Newbie
Offline
Activity: 17
Merit: 0
|
|
August 06, 2011, 12:55:45 AM |
|
So on the 22nd of July I deposited $200 into my Liberty Reserve account from Mt Gox. I left in in there as I was going to do a 2nd deposit a little later from Mt Gox of another $200. This I did on 1st of Aug.
I logged into Liberty Reserve after doing this, to find my first $200 gone. It was taken on the 30th of July by transferring to account "U6695754 (wale)".
I had no idea how this had happened. Mr LR password was unique and not saved anywhere.
Here's why I think Liberty Reserve themselves stole the money:
1) This person has been regularly logging in from a different IP address (193.104.186.80). Every time I logged in, I would get sent an email to confirm my login becuase I was logging in from a different IP address. How come I didn't get these emails when HE logged in?
2) After discovering the first theft, I changed all passwords and PINs to do with LR, and I did not leave them anywhere. I never used my keyboard to type them out so a key logger could not have got it.
3) I setup email notification for everything I could in the LR settings. I also turned the IP sensitivity to "high".
4) The 2nd transfer came through last night, and within 5 hours this person had logged in and taken the money - even with a new password and everything! I got no email (apart from an email saying the deposit had come in...but it was night time local time for me so I was asleep) saying about the login from a different IP or no email about the withdrawel.
My 4 months of mining (Only 1 video card) has now been completly wiped out, short of 2 or 3 coins left in my Mt Gox account.
I sent an email to LR right after the first theft with no response, so I am holding no hope of getting my money back.
It's no wonder Bitcoin is failing so bad. It's impossible to keep shit safe.
|
|
|
|
bitrebel
|
|
August 06, 2011, 12:58:38 AM |
|
this really has nothing to do with bitcoin, and you're adding bitcoin to the mix.
|
Why does Bitrebel have 65+ Ignores? Because Bitrebel says things that some people do not want YOU to hear.
|
|
|
Serge
Legendary
Offline
Activity: 1050
Merit: 1000
|
|
August 06, 2011, 12:59:59 AM |
|
> It's no wonder Bitcoin is failing so bad. It's impossible to keep shit safe.
what does bitcoin have to do with your incident at LR?
|
|
|
|
MemoryDealers
VIP
Legendary
Offline
Activity: 1052
Merit: 1155
|
|
August 06, 2011, 01:02:29 AM |
|
Agreed. This is a Liberty Reserve problem, not a Bitcoin problem.
|
|
|
|
jackjack
Legendary
Offline
Activity: 1176
Merit: 1257
May Bitcoin be touched by his Noodly Appendage
|
|
August 06, 2011, 01:02:49 AM |
|
It's no wonder Bitcoin is failing so bad. It's impossible to keep shit safe.
Lolwut? So on the 4th of August I went to the metro I tall guy stole all my money It's no wonder Bitcoin is failing so bad. It's impossible to keep shit safe.
|
Own address: 19QkqAza7BHFTuoz9N8UQkryP4E9jHo4N3 - Pywallet support: 1AQDfx22pKGgXnUZFL1e4UKos3QqvRzNh5 - Bitcointalk++ script support: 1Pxeccscj1ygseTdSV1qUqQCanp2B2NMM2 Pywallet: instructions. Encrypted wallet support, export/import keys/addresses, backup wallets, export/import CSV data from/into wallet, merge wallets, delete/import addresses and transactions, recover altcoins sent to bitcoin addresses, sign/verify messages and files with Bitcoin addresses, recover deleted wallets, etc.
|
|
|
Yuusha
|
|
August 06, 2011, 01:12:03 AM |
|
I find it hilarious how you think LR would want to steal your $200.
|
|
|
|
ffuentes
Member
Offline
Activity: 70
Merit: 10
Only a curious passer-by / FirstBits: 13zsc1
|
|
August 06, 2011, 01:14:19 AM |
|
Cool Story Bro.
|
|
|
|
bitrebel
|
|
August 06, 2011, 01:15:11 AM |
|
I think it's hilarious how you think LR would want to steal your $200.
Bitcoins tried to steal my dollars more than a few times
|
Why does Bitrebel have 65+ Ignores? Because Bitrebel says things that some people do not want YOU to hear.
|
|
|
Yuusha
|
|
August 06, 2011, 01:15:49 AM |
|
I think it's hilarious how you think LR would want to steal your $200.
Bitcoins tried to steal my dollars more than a few times It ate my children, too. Or maybe I just never had any. Hmm.
|
|
|
|
wumpus
|
|
August 06, 2011, 01:32:37 AM |
|
They killed my kittens too
|
Bitcoin Core developer [PGP] Warning: For most, coin loss is a larger risk than coin theft. A disk can die any time. Regularly back up your wallet through File → Backup Wallet to an external storage or the (encrypted!) cloud. Use a separate offline wallet for storing larger amounts.
|
|
|
Yuusha
|
|
August 06, 2011, 01:34:13 AM |
|
And my pet turtle.
|
|
|
|
jackjack
Legendary
Offline
Activity: 1176
Merit: 1257
May Bitcoin be touched by his Noodly Appendage
|
|
August 06, 2011, 01:36:11 AM |
|
The question is 'What Bitcoin didn't killed?'
|
Own address: 19QkqAza7BHFTuoz9N8UQkryP4E9jHo4N3 - Pywallet support: 1AQDfx22pKGgXnUZFL1e4UKos3QqvRzNh5 - Bitcointalk++ script support: 1Pxeccscj1ygseTdSV1qUqQCanp2B2NMM2 Pywallet: instructions. Encrypted wallet support, export/import keys/addresses, backup wallets, export/import CSV data from/into wallet, merge wallets, delete/import addresses and transactions, recover altcoins sent to bitcoin addresses, sign/verify messages and files with Bitcoin addresses, recover deleted wallets, etc.
|
|
|
|
indicasteve
|
|
August 06, 2011, 02:07:00 AM |
|
Your email was hacked: 1) This person has been regularly logging in from a different IP address (193.104.186.80). Every time I logged in, I would get sent an email to confirm my login becuase I was logging in from a different IP address. How come I didn't get these emails when HE logged in? You were not getting them because the hacker was deleting them from your inbox every time he was active. 2) After discovering the first theft, I changed all passwords and PINs to do with LR, and I did not leave them anywhere. I never used my keyboard to type them out so a key logger could not have got it. Fine...you changed all your LR passwords...but not your email password?
|
|
|
|
Phinnaeus Gage
Legendary
Offline
Activity: 1918
Merit: 1570
Bitcoin: An Idea Worth Spending
|
|
August 06, 2011, 04:15:19 AM |
|
I have posted 315 times, therefore you'll have no choice but to believe what I'm about to tell you. I just purchased a new computer for the sole purpose of using it for Bitcoin. Within 30 minutes of having it turn on, but not yet hooked to the internet, the following happened. Somebody, but I won't mention any names, transferred X BTC (the sum doesn't matter) into my wallet of which, upon seeing it for the first time, I didn't know I own. I thought I was protected by not being hooked to the internet. Boy, was I wrong. Lesson learned! Here is the picture of the wallet:Here is the picture of some of the bitcoins in the wallet:To prove that I have filed a report, I provide this community the police composite sketch of the person in question: If you believe that this person is a member of this forum, please contact the... (I opted to end the joke at the ellipsis).
|
|
|
|
Vince Torres
|
|
August 06, 2011, 05:09:04 AM |
|
If you are using windows you might be infected with zeus or spyeye.
|
Namecoin.com .bit domain registrar. Register a new .bit domain for just $1! BTC: 1LpKzg24NHmrxLZbnVphcstV3s7uA8cSnT LTC: LWHswCFRPouCXTNiT8B9HUVnGrae9eojVg
|
|
|
Stephen Gornick
Legendary
Offline
Activity: 2506
Merit: 1010
|
|
August 06, 2011, 06:31:32 AM |
|
2) After discovering the first theft, I changed all passwords and PINs to do with LR, and I did not leave them anywhere. I never used my keyboard to type them out so a key logger could not have got it. From the hindsight is 20/20 department: If you had discovered that some unauthorized access (particularly theft) had occurred, your mindset should have switched to assuming that you have a compromised system. Then with that assumption you then work towards regaining a secure environment before doing anything else from that point on. After I was initially thinking that Liberty Reserve's on-screen keypad and other security measures were pretty decent, I then learned how they were all easily circumvented by a skilled attacker. See for more info: - http://bitcointalk.org/index.php?topic=2574.0It is unfortunate that Liberty Reserve does not employ a multi-factor authentication such as those in use by Mt. Gox (YubiKey), TradeHill (DuoSecurity), Camp BX (SMS Text Message), and others. If they had, you would likely still have your LR funds. Now, going forward, you still probably want to assume that your system has been compromised and has been in that compromised state for at least a week now. I'm not a security professional though. Perhaps someone else here can recommend how best to proceed from here.
|
|
|
|
Kermee
|
|
August 06, 2011, 06:34:03 AM |
|
2) After discovering the first theft, I changed all passwords and PINs to do with LR, and I did not leave them anywhere. I never used my keyboard to type them out so a key logger could not have got it. Fine...you changed all your LR passwords...but not your email password?+1... million Cheers, Kermee
|
|
|
|
|