Bitcoin Forum
January 29, 2020, 03:13:39 AM *
News: Latest Bitcoin Core release: 0.19.0.1 [Torrent]
 
   Home   Help Search Login Register More  
Pages: [1]
  Print  
Author Topic: Got hacked last night, need some insight...  (Read 203 times)
fearhf
Newbie
*
Offline Offline

Activity: 7
Merit: 1


View Profile
October 09, 2018, 04:17:33 PM
Merited by OgNasty (1)
 #1

So last night, apparently someone transferred $40 worth of bitcoin out of my account to an address who has not yet spent the funds or sent them to a main wallet.

What I don't understand is

My email that I use has not been logged into for 4 days, I checked the activity and only shows my IP address too.

I have not installed any rats and I definitely do not have a bitcoin clipboard changer on my PC either.

I am extremely savvy about my online security and always know what is a scam and what isn't so there's no way I could have possibly been hacked because I do not visit insecure websites.

This happened last night when I was laying down to sleep, literally watching my screen the entire time, impossible for it to be a rat.

No I don't use 2FA but that doesn't explain how someone from another location could possibly have logged in without verification from the blockchain authorization email especially when they can't steal the cookies of my browser without some sort of program I download, which I haven't at all.





Can anyone give me a valid reason as to how it's possible I could have been breached? I needed this $40 because I literally have $1.22 in my bank account right now, I just wanted to get some food for today and now I can't.

Here's the bitcoin transaction: https://www.blockchain.com/btc/tx/59d972e94a3ff3cf5a9d4e189dd35119c12d1daf941b6492024326883dbd1bab
Advertised sites are not endorsed by the Bitcoin Forum. They may be unsafe, untrustworthy, or illegal in your jurisdiction. Advertise here.
1580267619
Hero Member
*
Offline Offline

Posts: 1580267619

View Profile Personal Message (Offline)

Ignore
1580267619
Reply with quote  #2

1580267619
Report to moderator
1580267619
Hero Member
*
Offline Offline

Posts: 1580267619

View Profile Personal Message (Offline)

Ignore
1580267619
Reply with quote  #2

1580267619
Report to moderator
OmegaStarScream
Staff
Legendary
*
Offline Offline

Activity: 1904
Merit: 1680


Exchange Bitcoin quicky--https://blockchain.com.do


View Profile
October 09, 2018, 04:26:15 PM
Last edit: October 09, 2018, 04:41:39 PM by OmegaStarScream
 #2

The only thing that I can think of right now is that whoever did this connected from another user in your machine (even If you don't have one, It could be created) and that could explain why your email address didn't log any other IP addresses or why you didn't see the mouse moving etc. (assuming you had a RAT).

fearhf
Newbie
*
Offline Offline

Activity: 7
Merit: 1


View Profile
October 09, 2018, 04:32:15 PM
 #3

The only thing that I can think of right now is that whoever did this connected from another user (even If you haven't one, It could be created) and that could explain why your email address didn't log any other IP addresses or why you didn't see the mouse moving etc. (assuming you had a RAT).

Not really possible fortunately. I was definitely not ratted. (I would know if I was ratted because they always have startup in registry or on taskmanager, it would show the connection on wireshark, and from personal experience I know not to download anything no matter what unless it's from a legitimate source.)

The only thing I can truly think of is I possibly got hit with an exploit that could've stolen my browser cookies. I know there's a lot of expensive exploits for easy hacking out there. But really I haven't been on any fake websites or ads that I know of.


Also I should add I have blockchain.info bookmarked and I have never typed in a fake phishing website for it either.

Oh and 1 more thing, I don't save my passwords either and there is no saved in my browser/gmail/ANYTHING.
OmegaStarScream
Staff
Legendary
*
Offline Offline

Activity: 1904
Merit: 1680


Exchange Bitcoin quicky--https://blockchain.com.do


View Profile
October 09, 2018, 04:43:27 PM
 #4

Send me an address that you have full control of, after making sure that your computer is clean, I'll send you a little something.

ETFbitcoin
Legendary
*
Offline Offline

Activity: 1890
Merit: 2172

Use SegWit and enjoy lower fees.


View Profile WWW
October 09, 2018, 04:45:23 PM
 #5

If you definitely sure there's no malware, spyware or similar on your computer, i only can guess 3 things :
1. Your PC was infected in past and the culprit got access to your private key
2. You login to fake blockchain.com website in past
3. If you're sharing your Wi-Fi connection, then perhaps your friends/family could physically access and tamper your PC while you're gone

p.s. If you're extremely savvy, you know you shouldn't use online wallet, but full-nodes wallet or SPV wallet with custom connection configuration.

fearhf
Newbie
*
Offline Offline

Activity: 7
Merit: 1


View Profile
October 09, 2018, 04:54:16 PM
 #6

Send me an address that you have full control of, after making sure that your computer is clean, I'll send you a little something.

Wow, that is very generous...

I have another wallet on a PC I don't even use anymore. I'm gonna go get a haircut real quick and I'll be back to send you the address.


I'm wiping this computer clean as soon as I get home too, just to be safe.
fearhf
Newbie
*
Offline Offline

Activity: 7
Merit: 1


View Profile
October 09, 2018, 06:25:24 PM
 #7

Send me an address that you have full control of, after making sure that your computer is clean, I'll send you a little something.

Here's my coinbase address with all security enabled and I only use this coinbase account on my phone. I can't thank you enough for any amount you give me. It's great to know there's still people out there willing to help in a persons time of need.

3AL2wSUN7s3dnd72Dou1PjHgeFdSLKBgU7

I would like to continue this thread and ask everyone if they have any possible scenarios still. I don't want to make the same mistake twice, if I even made one in the first place. Definitely enabling 2FA and I'm making sure I clear my browser cookies every time I log off now.

Wiping my pc clean right now. Glad I don't have too much to install lol.
fearhf
Newbie
*
Offline Offline

Activity: 7
Merit: 1


View Profile
October 09, 2018, 06:40:14 PM
 #8

If you definitely sure there's no malware, spyware or similar on your computer, i only can guess 3 things :
1. Your PC was infected in past and the culprit got access to your private key
2. You login to fake blockchain.com website in past
3. If you're sharing your Wi-Fi connection, then perhaps your friends/family could physically access and tamper your PC while you're gone

p.s. If you're extremely savvy, you know you shouldn't use online wallet, but full-nodes wallet or SPV wallet with custom connection configuration.

1. Never have I ever been infected when I had a bitcoin wallet -- the last time I was hacked was in 2015 from a rat -- didn't lose anything, I realized almost immediately when my mouse was moving and found a process in task manager. Simply disconnected from internet and deleted the rat.
2. I have blockchain.info (official site) bookmarked and don't type in the browser for blockchain so I couldn't have visited a fake website
3. Not a possible scenario fortunately, I live alone with my father and I was watching my PC when the transaction occurred.


Yeah I realize I shouldn't use an online wallet now, I'm reading a lot of people say it's insecure. Going to switch to Electrum wallet now for sure.
AdolfinWolf
Legendary
*
Offline Offline

Activity: 1288
Merit: 1143


people run from rain but sit in bathtubs of water


View Profile
October 09, 2018, 06:40:31 PM
Merited by Foxpup (3)
 #9

Can anyone give me a valid reason as to how it's possible I could have been breached? I needed this $40 because I literally have $1.22 in my bank account right now, I just wanted to get some food for today and now I can't.

Send me an address that you have full control of, after making sure that your computer is clean, I'll send you a little something.

Facilitating beggars. Uhhhh?

Quote
Wow, that is very generous...

I have another wallet on a PC I don't even use anymore. I'm gonna go get a haircut real quick and I'll be back to send you the address.
Quote
I literally have $1.22 in my bank account right now, I just wanted to get some food for today and now I can't.

If your money management is as bad as your technical skills, i'm not surprised you got "hacked".

Quote
I am extremely savvy about my online security and always know what is a scam and what isn't so there's no way I could have possibly been hacked because I do not visit insecure websites.
Quote
Also I should add I have blockchain.info bookmarked and I have never typed in a fake phishing website for it either.

You're "EXTREMELY" tech savvy (your words, not mine), yet you use Blockchain.info as your main wallet, which has been proven insecure in the past, and is missing so many features compared to other wallets..

Do you have an Anti-Virus tool? You might want to run that and see if it returns anything.

Quote
Wiping my pc clean right now. Glad I don't have too much to install lol.
Which means that you'll probably never find the real cause of your loss of money.. Why even ask at this point? All we can do is give hypothetical scenarios.. How are we supposed to know what you've done to/with your PC?



Quote
1. Never have I ever been infected when I had a bitcoin wallet -- the last time I was hacked was in 2015 from a rat
How exactly are you able to rule this out so easily when it has already happend to you before? How do you know you haven't been Ratted? I'm pretty sure not every R.A.T is as intrusive as you mentioned above.

fearhf
Newbie
*
Offline Offline

Activity: 7
Merit: 1


View Profile
October 09, 2018, 06:49:32 PM
Last edit: October 09, 2018, 07:37:57 PM by fearhf
 #10

Can anyone give me a valid reason as to how it's possible I could have been breached? I needed this $40 because I literally have $1.22 in my bank account right now, I just wanted to get some food for today and now I can't.

Send me an address that you have full control of, after making sure that your computer is clean, I'll send you a little something.

Facilitating beggars. Yikes?

Quote
Wow, that is very generous...

I have another wallet on a PC I don't even use anymore. I'm gonna go get a haircut real quick and I'll be back to send you the address.
Quote
I literally have $1.22 in my bank account right now, I just wanted to get some food for today and now I can't.

If your money management is as bad as your technical skills, i'm not surprised you got "hacked".

Quote
I am extremely savvy about my online security and always know what is a scam and what isn't so there's no way I could have possibly been hacked because I do not visit insecure websites.
Quote
Also I should add I have blockchain.info bookmarked and I have never typed in a fake phishing website for it either.

You're "EXTREMELY" tech savvy (your words, not mine), yet you use Blockchain.info as your main wallet, which has been proven insecure in the past, and is missing so many features compared to other wallets..

Do you have an Anti-Virus tool? You might want to run that and see if it returns anything.

Quote
Wiping my pc clean right now. Glad I don't have too much to install lol.
Which means that you'll probably never find the real cause of your loss of money.. Why even ask at this point? All we can do is give hypothetical scenarios.. How are we supposed to know what you've done to/with your PC?

1. Money management. No, I'm newly turned 18 with pretty much no help from anyone working near minimum wage in an expensive area called Florida. I got laid off of my previous job which stopped me from getting money for a whole month. My first paycheck of my new job was supposed to be here last friday but apparently my check is coming next friday, had to pay a lot of things off which caused me to have like $50 left over which I spent on food.

Not sure why you gotta be a dick for no reason when you don't know the story. He didn't have to offer me money I just wanted to know how I got hacked, where do you see begging?


Edit: oh and I see you're stupid and have me ALL FIGURED OUT and bolded in "Im getting a haircut real quick" like you ASSUME AGAIN that I paid for it somehow -- I HAVE NO MONEY. I have a giftcard for the place with enough left for a few haircuts on it.

Are you sure you're even remotely intelligent? Because intelligent people don't assume things with no basis, they base things off logic. You have no logic.

2. Blockchain is not my main wallet. Stop assuming things. The money was in the blockchain account as I didn't have my phone on me and was going to be sent to my coinbase account.

3. I have multiple anti viruses on my computer, nothing was detected of course.

4. You quit assuming things like it's the victims fault every time like all people do and actually give real answers. You posting this did not help whatsoever just you being a dick for no reason...

"How exactly are you able to rule this out so easily when it has already happend to you before? How do you know you haven't been Ratted? I'm pretty sure not every R.A.T is as intrusive as you mentioned above."

Simple. I don't download shit on this PC. There is no active connections shown when I looked for the rat connection. I was 15 when I got hacked and it wasn't even on the same pc. I learned my lesson.

Oh and I'm very familiar with how rats work, bud. They aren't complicated at all to understand. Anyone with a brain could know they have a rat on their pc. They are all intrusive as I claim, would love to see which rat can possibly sustain a connection to my pc without being able to be located on Wireshark or netstat.

Got it??
AdolfinWolf
Legendary
*
Offline Offline

Activity: 1288
Merit: 1143


people run from rain but sit in bathtubs of water


View Profile
October 09, 2018, 08:29:00 PM
Last edit: October 09, 2018, 08:44:16 PM by AdolfinWolf
 #11

Quote
Not sure why you gotta be a dick for no reason when you don't know the story. He didn't have to offer me money I just wanted to know how I got hacked, where do you see begging?
Quote
Can anyone give me a valid reason as to how it's possible I could have been breached? I needed this $40 because I literally have $1.22 in my bank account right now, I just wanted to get some food for today and now I can't.

I've read hundreds of sob stories on the internet and this forum. Forgive me for being so obnoxious towards yours. However, there really wasn't any reason at all for you to include this. It didn't add anything to the question. -- you just wanted to express how poor you are(were?). Which would beg the question.. why?

Quote
Are you sure you're even remotely intelligent? Because intelligent people don't assume things with no basis, they base things off logic. You have no logic.
I'm sorry i don't know the ins and outs of your personal life. If you get so butthurt about me assuming certain things, maybe you shouldn't express them half-assed?

1. ...

2. ...

3. That would be weird if that's actually the case. Ofcourse i can't assume anything but one would think that there indeed might be another reason for your loss of funds.

Quote
Edit: oh and I see you're stupid and have me ALL FIGURED OUT and bolded in "Im getting a haircut real quick" like you ASSUME AGAIN that I paid for it somehow -- I HAVE NO MONEY. I have a giftcard for the place with enough left for a few haircuts on it.
I think it's reasonably fair that one would somehow pay for a haircut, yes. If you don't want me to make that assumption maybe you should either

A. not include it, as this also was completely unrelated to the question you were asking.
B. explain the ins and outs of how you used a giftcard to pay for your haircut while you have no money for food. -- seems interesting Huh

Or just not get so butthurt about it.

Quote
Oh and I'm very familiar with how rats work, bud. They aren't complicated at all to understand. Anyone with a brain could know they have a rat on their pc. They are all intrusive as I claim, would love to see which rat can possibly sustain a connection to my pc without being able to be located on Wireshark or netstat.

Quote
There is no active connections shown when I looked for the rat connection.
Something here seems slightly flawed to me. But as you're the networking expert here, you probably know it better than i do anyway.




Quote
No I don't use 2FA but that doesn't explain how someone from another location could possibly have logged in without verification from the blockchain authorization email especially when they can't steal the cookies of my browser without some sort of program I download, which I haven't at all.
They somehow got their hands on your seed? One could only assume how/where you stored that, so it might/might not be the reason.

fearhf
Newbie
*
Offline Offline

Activity: 7
Merit: 1


View Profile
October 09, 2018, 09:38:46 PM
Last edit: October 09, 2018, 09:56:04 PM by fearhf
 #12

Quote
Not sure why you gotta be a dick for no reason when you don't know the story. He didn't have to offer me money I just wanted to know how I got hacked, where do you see begging?
Quote
Can anyone give me a valid reason as to how it's possible I could have been breached? I needed this $40 because I literally have $1.22 in my bank account right now, I just wanted to get some food for today and now I can't.

I've read hundreds of sob stories on the internet and this forum. Forgive me for being so obnoxious towards yours. However, there really wasn't any reason at all for you to include this. It didn't add anything to the question. -- you just wanted to express how poor you are(were?). Which would beg the question.. why?

Quote
Are you sure you're even remotely intelligent? Because intelligent people don't assume things with no basis, they base things off logic. You have no logic.
I'm sorry i don't know the ins and outs of your personal life. If you get so butthurt about me assuming certain things, maybe you shouldn't express them half-assed?

1. ...

2. ...

3. That would be weird if that's actually the case. Ofcourse i can't assume anything but one would think that there indeed might be another reason for your loss of funds.

Quote
Edit: oh and I see you're stupid and have me ALL FIGURED OUT and bolded in "Im getting a haircut real quick" like you ASSUME AGAIN that I paid for it somehow -- I HAVE NO MONEY. I have a giftcard for the place with enough left for a few haircuts on it.
I think it's reasonably fair that one would somehow pay for a haircut, yes. If you don't want me to make that assumption maybe you should either

A. not include it, as this also was completely unrelated to the question you were asking.
B. explain the ins and outs of how you used a giftcard to pay for your haircut while you have no money for food. -- seems interesting Huh

Or just not get so butthurt about it.

Quote
Oh and I'm very familiar with how rats work, bud. They aren't complicated at all to understand. Anyone with a brain could know they have a rat on their pc. They are all intrusive as I claim, would love to see which rat can possibly sustain a connection to my pc without being able to be located on Wireshark or netstat.

Quote
There is no active connections shown when I looked for the rat connection.
Something here seems slightly flawed to me. But as you're the networking expert here, you probably know it better than i do anyway.




Quote
No I don't use 2FA but that doesn't explain how someone from another location could possibly have logged in without verification from the blockchain authorization email especially when they can't steal the cookies of my browser without some sort of program I download, which I haven't at all.
They somehow got their hands on your seed? One could only assume how/where you stored that, so it might/might not be the reason.


Just stop embarrassing yourself, please. Jesus christ. I can't believe you even tried to justify your douchebag self. The Admin already sent me the funds and now I can buy myself food without feeling like shit until my next paycheck.

MAYBE YOU SHOULDN'T ASSUME ANYTHING and BASE YOUR THOUGHTS ON LOGIC INSTEAD.

This is my last response to you and I hope to god you stop responding too, because it's cringy to read.

1. If you didn't want me to talk about how poor I am, why are you trying to tell me that I should've explained in more detail WHY I'm poor?
That is NONE of your business and it was irrelevant. If you don't know the fucking ins and outs of my life, why are you trying to fucking assume I have poor money management? Yeah it couldn't of been a billion different things why I'm broke. Money isn't exactly simple to come around to every single person you fucking idiot.

1b. Nice Response douchebag.
2. Nice Response douchebag.
3. Nice Response douchebag. You have no idea what you're talking about. You don't even know how rats work and now you're trying to tell me I have one. Rats can be undetectable from anti-viruses by using a crypter. It's not WEIRD at all. Anti-viruses are useless except for run-time scanning against rats. Once it bypasses run-time scanning you have to find the rat yourself. "Ofcourse i can't assume anything but one would think that there indeed might be another reason for your loss of funds." Oh thanks, didn't know that already. You make me want to blow my head off, I bet you act this way in real life, clueless as fuck to everything around you but thinks he knows everything.


4. It was related to the point, I was trying to explain to the admin that I am leaving and will be back to send the address. I like to be personal and talk like I'm talking to a fucking human being. There is no fucking reasonable conclusion that you could've made because remember, you don't know the ins and outs of my life. Why the fuck are you talking about my life like you actually do know, IF YOU DON'T?

4b. Are you seriously too mentally disabled to know that other people GIFT the ((((GIFT)))) CARD? I received the giftcard from my dad retard!

5. Nothing is flawed you fucking moron. What are you talking about. Explain the (((ins and outs))) of what is flawed, I would love to hear your bullshit. It doesn't take a network expert to know what a fucking connection looks like from a rat. Maybe you should google "Common Sense"
vit05
Hero Member
*****
Offline Offline

Activity: 672
Merit: 525



View Profile
October 10, 2018, 01:07:44 AM
 #13

What account are you talking about? Is it an account in an exchange? Is a wallet like Ellectrum on your pc?

You should be more specific and explain better so that more people can help.

Most people commonly believe that another person has invaded your computer over the internet. But it is much more common for someone to have physical access to the computer. A friend, a relative, or anyone else at any given time.

But, if you really need money to buy food, why would you go out to cut your hair?
bob123
Legendary
*
Offline Offline

Activity: 1134
Merit: 1652



View Profile WWW
October 10, 2018, 07:34:26 AM
 #14

Not really possible fortunately. I was definitely not ratted. (I would know if I was ratted because they always have startup in registry or on taskmanager, it would show the connection on wireshark, and from personal experience I know not to download anything no matter what unless it's from a legitimate source.)

Malware can easily inject itself into different processes (e.g. explorer.exe, the default file explorer in windows - this process is always running).
In this case you also wouldn't see a startup entry.

And regarding wireshark, you would have to inspect all packets very detailed to find something shady. I can't imagine you are wasting multiple hours daily just to check all ip packets.

I wouldn't exclude your computer to be infected at all. It might be relatively unprobable if you are that security-focused, but not impossible.



The only thing I can truly think of is I possibly got hit with an exploit that could've stolen my browser cookies. I know there's a lot of expensive exploits for easy hacking out there. But really I haven't been on any fake websites or ads that I know of.

This could have been done with a simple malware or a browser exploit. But since you didn't visit shady websites (and hopefully also don't have 3rd party addons installed), i'd rather say its malware on your computer.



Also I should add I have blockchain.info bookmarked and I have never typed in a fake phishing website for it either.

That's good. But there are still multiple ways to redirect you to the attackers server (e.g. DNS Spoofing).


In the future, to stay safe.. do NOT use a web wallet. Use a desktop or mobile wallet. Both are way safer and more secure than a web wallet.


Lucius
Legendary
*
Offline Offline

Activity: 1666
Merit: 1487


Fortis Fortuna Adiuvat


View Profile WWW
October 10, 2018, 01:13:15 PM
 #15

What account are you talking about? Is it an account in an exchange? Is a wallet like Ellectrum on your pc?

You should be more specific and explain better so that more people can help.

Most people commonly believe that another person has invaded your computer over the internet. But it is much more common for someone to have physical access to the computer. A friend, a relative, or anyone else at any given time.

But, if you really need money to buy food, why would you go out to cut your hair?

Maybe he is not write that quite clear, but if you read first post and some others from OP it can easily be concluded that he is hacked/lost coins from blockchain online wallet. If you read whole thread than you would not ask about haircut.

Quote
Edit: oh and I see you're stupid and have me ALL FIGURED OUT and bolded in "Im getting a haircut real quick" like you ASSUME AGAIN that I paid for it somehow -- I HAVE NO MONEY. I have a giftcard for the place with enough left for a few haircuts on it.

Regarding hack, OP can be pretty sure that his PC is 100% clean and he did not catch anything bad when surfing on internet - but there is no such thing as 100% online security. Probably he will never find out in what way his account is hacked, but I can say he is also not learn from this case becuse he is again using online wallet.

There is one more possibility how this hack could happen, almost a year ago it was revealed that users get hack on blockchain wallet even if they have 2FA and there is no evidence of log in in their e-mails. The assumption is that there is a clever exploit or a coding error which find private keys on this wallet.

For more info read this threads :

Thoughts on this private key stealing mystery

[PSA] Do NOT use Blockchain.info unless you know your shit. People are losing $$

Pages: [1]
  Print  
 
Jump to:  

Sponsored by , a Bitcoin-accepting VPN.
Powered by MySQL Powered by PHP Powered by SMF 1.1.19 | SMF © 2006-2009, Simple Machines Valid XHTML 1.0! Valid CSS!