Bitcoin Forum
December 16, 2018, 02:37:07 AM *
News: Latest Bitcoin Core release: 0.17.0 [Torrent].
 
   Home   Help Search Login Register More  
Pages: « 1 [2] 3 4 »  All
  Print  
Author Topic: I GOT HACKED AND LOST 1 MILLION  (Read 1483 times)
MagicByt3
Member
**
Offline Offline

Activity: 112
Merit: 25

Ten Zehn Dix 十 दस


View Profile
December 06, 2018, 12:01:07 PM
 #21

Meanwhile I checked the RDP logs on my system in  
%SystemRoot%\System32\Winevt\Logs\Microsoft-Windows-TerminalServices-LocalSessionManager%4Operational.evtx

It shows some entries on Dec 4th which do not exactly match the time of the hack. But there are also messages going back six months. The setting of RDP is turned off


They may have connected before the hack and just been sitting waiting though if there is entry for the 4th I would assume that indeed was the attackers connecting unless you use RDP yourself.
I think the RDP logs only show the initial connection from the peer to host.


edit :  after thought possibly they connected with RDP first them infected you with some other type or RAT or malware from the RDP connection.  Is also highly possible.

I don't need Legendary status.   I'm already Legendary!
Blessed is the man who finds wisdom..
1544927827
Hero Member
*
Offline Offline

Posts: 1544927827

View Profile Personal Message (Offline)

Ignore
1544927827
Reply with quote  #2

1544927827
Report to moderator
1544927827
Hero Member
*
Offline Offline

Posts: 1544927827

View Profile Personal Message (Offline)

Ignore
1544927827
Reply with quote  #2

1544927827
Report to moderator
1544927827
Hero Member
*
Offline Offline

Posts: 1544927827

View Profile Personal Message (Offline)

Ignore
1544927827
Reply with quote  #2

1544927827
Report to moderator
Advertised sites are not endorsed by the Bitcoin Forum. They may be unsafe, untrustworthy, or illegal in your jurisdiction. Advertise here.
mjglqw
Sr. Member
****
Online Online

Activity: 784
Merit: 453


https://coinsources.io/trading-investing 📈


View Profile WWW
December 06, 2018, 12:43:57 PM
 #22

...
Can you please give us more information on this? What do you mean by "password safe"? Was it a mere .txt file? Or were you using a password manager? If so, what password manager specifically?
It was Safe+ :  https://tinyurl.com/ycmetl2n
I was just in the  process of changing to Keypass because the developer of Safe+ seems to have abondanded his work. But it did a good job so far and I think this is very likely not the hacker.
Oh damn. I'm not saying that it's the reason why you got hacked, but that app looks not-so-trustworthy in my opinion. How did you end up with that password manager? There are a few decent ones that should've ranked higher on Google Play Store.

Valerian77
Sr. Member
****
Offline Offline

Activity: 422
Merit: 254


View Profile
December 06, 2018, 12:51:06 PM
 #23

edit :  after thought possibly they connected with RDP first them infected you with some other type or RAT or malware from the RDP connection.  Is also highly possible.

hm yes - if that is the case then my system is still open like anything - at least meanwhile I installed  https://www.spyshelter.com  to see if anything dubious is going on - but probably I will have to change to a newly setup system - at least remaining cryptos are on a ledger now and 2FA backup codes are on paper only
Lucius
Legendary
*
Offline Offline

Activity: 1260
Merit: 1081


Fortis Fortuna Adiuvat


View Profile WWW
December 06, 2018, 04:35:34 PM
 #24

edit :  after thought possibly they connected with RDP first them infected you with some other type or RAT or malware from the RDP connection.  Is also highly possible.

hm yes - if that is the case then my system is still open like anything - at least meanwhile I installed  https://www.spyshelter.com  to see if anything dubious is going on - but probably I will have to change to a newly setup system - at least remaining cryptos are on a ledger now and 2FA backup codes are on paper only

I'm sorry for your loss, this was an expensive paid price of your negligence + extremely poor attitude to safety. As you have noticed, for part of the stolen coins are very likely responsible BCD and BTCP fake wallets - when you put your seed there, all BTC and BCH (if they shared same seed) are very easily stolen.

If you think you've been targeted attacked, ask yourself who all know you had that kind of coins in your possession ? Family, friends, acquaintances, girlfriend...

In any case you should all report to the police, this is big money and you do not have to reconcile that it's all over and money lost. Too bad that you did not use HW before, when it is obvious that you have it in possession.

Valerian77
Sr. Member
****
Offline Offline

Activity: 422
Merit: 254


View Profile
December 06, 2018, 07:24:35 PM
 #25

...
In any case you should all report to the police, this is big money and you do not have to reconcile that it's all over and money lost. Too bad that you did not use HW before, when it is obvious that you have it in possession.

I was on the step to move everything out of the Laptop.

By the way - the hacker group (I strongly assume it was an organized group) came from the same location which is mentioned here:
https://anti-hacker-alliance.com/index.php?ip=46.166.165.80

The company Cherry Servers replied to my email request on the case:

Quote
Dear Sir,

Despite the best intentions, I'm afraid we cannot help you in this situation. We do not reveal any information about services associated with our prior or current clients to third parties. As our company is registered in Lithuania, we are only accountable to local law enforcement agencies in Lithuania and can only reveal such information to them when obliged to do so by local law or when a Lithuanian court order is received.
Sounds like they face this situation not the first time.
MS69
Newbie
*
Offline Offline

Activity: 42
Merit: 0


View Profile
December 06, 2018, 08:31:51 PM
 #26

...
In any case you should all report to the police, this is big money and you do not have to reconcile that it's all over and money lost. Too bad that you did not use HW before, when it is obvious that you have it in possession.

I was on the step to move everything out of the Laptop.

By the way - the hacker group (I strongly assume it was an organized group) came from the same location which is mentioned here:
https://anti-hacker-alliance.com/index.php?ip=46.166.165.80

The company Cherry Servers replied to my email request on the case:

Quote
Dear Sir,

Despite the best intentions, I'm afraid we cannot help you in this situation. We do not reveal any information about services associated with our prior or current clients to third parties. As our company is registered in Lithuania, we are only accountable to local law enforcement agencies in Lithuania and can only reveal such information to them when obliged to do so by local law or when a Lithuanian court order is received.
Sounds like they face this situation not the first time.
I am from the same country, maybe i could help you. I have found something interesting while browsing on google. Will update you later on
Valerian77
Sr. Member
****
Offline Offline

Activity: 422
Merit: 254


View Profile
December 07, 2018, 12:26:08 AM
 #27

I am from the same country, maybe i could help you. I have found something interesting while browsing on google. Will update you later on
ok - the bounty is 10% of the recovered sum
Get-Paid.com
Sr. Member
****
Offline Offline

Activity: 557
Merit: 267



View Profile WWW
December 07, 2018, 05:06:45 AM
 #28

Is it okay to ask why did you keep so much money in Cryptos and not in the bank? Did you have any thoughts of redeeming these Crypos to cash and saving the cash in your bank or in other ways of storing cash perhaps in several bank accounts, stocks, savings, fixed deposits etc.?

If you have more than just $1m that you lost - would you be doing it now after this incident?

Hope these questions are not too personal.

          ▄▄█████████▄
      ▄████████████████▌
    ▄████████████████▀▀  ▄▄▄▄
   █████████████▀▀▀ ▄▄█████████
  █████████▀▀▀ ▄▄███████████████
   ███▀▀▀ ▄▄█████████████████████
    ▄▄▄███████████████████████████
▄███████████████████████████████▀
███████████████████████████▀▀▀
▀████████████████████▀▀▀ ▄▄▄███
▀██████████████▀▀▀ ▄▄██████████
  ▀█████████▀▀ ▄▄██████████████▌
    ▀███▀▀ ▄▄█████████████████▀
          █████████████████▀▀
           ▀████████████▀▀

    ▄▄▄▄▄      ▄▄▖      ▄▄▄▄▄       ▄▄▄       ▄▄▄  ▄▄▄        ▄▄▄  ▄▄▄▄▄▄▄▄▄▄▄   
 ▄█████████▄   ██▌   ▄█████████▄    ███       ███  ███        ███  ████████████▄
████▀    ▀███  ██▌  ████▀    ▀███   ███       ███  ███        ███  ███▌     ▀███▌
▀███▄▄         ██▌  ▀███▄▄          ███       ███  ███        ███  ███▌     ▄███▌
  ▀█████▄▄     ▀▀▘    ▀█████▄▄      █████████████  ███        ███  ████████████▀
     ▀▀████▄   ██▌       ▀▀████▄    ███▀▀▀▀▀▀▀███  ███        ███  ███▛▀▀▀▀▀████
▄▄▄      ▀███  ██▌  ▄▄▄,     ▀███   ███       ███  ███▙      ▟███  ███▌      ███▌
████▄▄  ▄███▌  ██▌  ████▄▄  ▄███▌   ███       ███  ▐████▙▄▄▟████▌  ███▙▄▄▄▄▄████
 ▀▀████████▀   ██▌   ▀▀███████▀     ███       ███   ▝▀████████▀▘   ███████████▀ 

SECURITY INTELLIGENT SYSTEMS


▰▰▰▰▰▰▰▰▰▰▰▰▰▰▰▰▰▰▰▰▰▰▰▰
STEEL Ecosystem by SISHUB
▰▰▰▰▰▰▰▰▰▰▰▰▰▰▰▰▰▰▰▰▰▰▰▰


.
BountyTelegramYoutube
FacebookTwitterReddit
▰▰▰▰▰ Presentation ▰▰▰▰▰
.


bones261
Legendary
*
Online Online

Activity: 1400
Merit: 1204



View Profile
December 07, 2018, 06:22:44 AM
 #29

Is it okay to ask why did you keep so much money in Cryptos and not in the bank? Did you have any thoughts of redeeming these Crypos to cash and saving the cash in your bank or in other ways of storing cash perhaps in several bank accounts, stocks, savings, fixed deposits etc.?

If you have more than just $1m that you lost - would you be doing it now after this incident?

Hope these questions are not too personal.


The OPs most major holding was 9000 dash. I suspect the OP had multiple Masternodes and probably fared quite well since 2012. I hope this wasn't all the accumulation and profits. It's a shame the OP probably picked up malware while trying to claim forked coins. That's why the only forked coins that I have claimed are the ones that my Trezor did for me. I may be missing out, but it isn't worth losing my coins.
Get-Paid.com
Sr. Member
****
Offline Offline

Activity: 557
Merit: 267



View Profile WWW
December 07, 2018, 07:27:06 AM
 #30

Is it okay to ask why did you keep so much money in Cryptos and not in the bank? Did you have any thoughts of redeeming these Crypos to cash and saving the cash in your bank or in other ways of storing cash perhaps in several bank accounts, stocks, savings, fixed deposits etc.?

If you have more than just $1m that you lost - would you be doing it now after this incident?

Hope these questions are not too personal.


The OPs most major holding was 9000 dash. I suspect the OP had multiple Masternodes and probably fared quite well since 2012. I hope this wasn't all the accumulation and profits. It's a shame the OP probably picked up malware while trying to claim forked coins. That's why the only forked coins that I have claimed are the ones that my Trezor did for me. I may be missing out, but it isn't worth losing my coins.

How do you accumulate/earn 9000 dash?
Even if it takes several years that's a quite large amount of money.

          ▄▄█████████▄
      ▄████████████████▌
    ▄████████████████▀▀  ▄▄▄▄
   █████████████▀▀▀ ▄▄█████████
  █████████▀▀▀ ▄▄███████████████
   ███▀▀▀ ▄▄█████████████████████
    ▄▄▄███████████████████████████
▄███████████████████████████████▀
███████████████████████████▀▀▀
▀████████████████████▀▀▀ ▄▄▄███
▀██████████████▀▀▀ ▄▄██████████
  ▀█████████▀▀ ▄▄██████████████▌
    ▀███▀▀ ▄▄█████████████████▀
          █████████████████▀▀
           ▀████████████▀▀

    ▄▄▄▄▄      ▄▄▖      ▄▄▄▄▄       ▄▄▄       ▄▄▄  ▄▄▄        ▄▄▄  ▄▄▄▄▄▄▄▄▄▄▄   
 ▄█████████▄   ██▌   ▄█████████▄    ███       ███  ███        ███  ████████████▄
████▀    ▀███  ██▌  ████▀    ▀███   ███       ███  ███        ███  ███▌     ▀███▌
▀███▄▄         ██▌  ▀███▄▄          ███       ███  ███        ███  ███▌     ▄███▌
  ▀█████▄▄     ▀▀▘    ▀█████▄▄      █████████████  ███        ███  ████████████▀
     ▀▀████▄   ██▌       ▀▀████▄    ███▀▀▀▀▀▀▀███  ███        ███  ███▛▀▀▀▀▀████
▄▄▄      ▀███  ██▌  ▄▄▄,     ▀███   ███       ███  ███▙      ▟███  ███▌      ███▌
████▄▄  ▄███▌  ██▌  ████▄▄  ▄███▌   ███       ███  ▐████▙▄▄▟████▌  ███▙▄▄▄▄▄████
 ▀▀████████▀   ██▌   ▀▀███████▀     ███       ███   ▝▀████████▀▘   ███████████▀ 

SECURITY INTELLIGENT SYSTEMS


▰▰▰▰▰▰▰▰▰▰▰▰▰▰▰▰▰▰▰▰▰▰▰▰
STEEL Ecosystem by SISHUB
▰▰▰▰▰▰▰▰▰▰▰▰▰▰▰▰▰▰▰▰▰▰▰▰


.
BountyTelegramYoutube
FacebookTwitterReddit
▰▰▰▰▰ Presentation ▰▰▰▰▰
.


bones261
Legendary
*
Online Online

Activity: 1400
Merit: 1204



View Profile
December 07, 2018, 08:01:39 AM
 #31


The OPs most major holding was 9000 dash. I suspect the OP had multiple Masternodes and probably fared quite well since 2012. I hope this wasn't all the accumulation and profits. It's a shame the OP probably picked up malware while trying to claim forked coins. That's why the only forked coins that I have claimed are the ones that my Trezor did for me. I may be missing out, but it isn't worth losing my coins.

How do you accumulate/earn 9000 dash?
Even if it takes several years that's a quite large amount of money.


The OP started in crypto at the latest in 2012. Even with lots of mistakes along the way, I'm sure it would have been mostly gravy at this point. Unfortunately, some ne'er do well helped themselves to his years' worth of blood, sweat, and tears. Also, I see from your profile that you started at the latest in 2015. Prices back then were dirt cheap compared to today's prices.
bitarmor
Newbie
*
Offline Offline

Activity: 14
Merit: 8


View Profile WWW
December 07, 2018, 09:35:50 AM
 #32

Maybe Lithuania is a safe haven for these kind of guys. I believed Cherry Servers should have at least tried to render some help. It is more reason why they have an abuse contact.
The length of time it would take to get their local judiciary system involved is enough time for the hackers to cover their tracks if they are as smart as I think.
I pinged their IP today; there's a response. I guess they are still online!
o_solo_miner
Legendary
*
Offline Offline

Activity: 1034
Merit: 1011


-> morgen, ist heute, schon gestern <-


View Profile
December 07, 2018, 08:45:38 PM
 #33

My ears burning even though this wasn't mine. They must have planned this properly, to have emptied out all of those wallets and accounts quickly while you were away.

I was not away - they did it very quickly and I could literally see how they drained my wallets.  Huh

 Shocked What a nightmare, real horror!

I hope you get some response from the Luthetian police (for the provider).


PS:
(Mach doch mal einen Thread im Deutschen Bereich, das ist dort sicher auch von Interesse)

http://ckpool.org "THE Pool" from the creator of CGMiner & CKPool / Payout System:SPLNS / ZERO FEE!
------------------------------------------- join now -----------------------------------------------
http://solo.ckpool.org for Solominers with the best block notify system
jackg
Copper Member
Legendary
*
Offline Offline

Activity: 1218
Merit: 1146


bc1qdj5v2q8p398rdy6sexc0fapk4hcq0p54xz56ez


View Profile
December 07, 2018, 09:45:44 PM
Merited by bones261 (1)
 #34

Meanwhile I checked the RDP logs on my system in   
%SystemRoot%\System32\Winevt\Logs\Microsoft-Windows-TerminalServices-LocalSessionManager%4Operational.evtx

It shows some entries on Dec 4th which do not exactly match the time of the hack. But there are also messages going back six months. The setting of RDP is turned off

Maybe you’ve been targeted for a few other things in the past too then.
I think it’s probably best for you to uninstall and reinstall your os. Maybe even on s differnt hard drive to ensure nothing else is damaged. It’s likely they changed the logs during the hack so it wasn’t so it wasn’t as blatant. Maybe there’s more hidden than we know that they got access to...

Initscri
Hero Member
*****
Offline Offline

Activity: 826
Merit: 574


Make winning bets on sports with Sportsbet.io!


View Profile WWW
December 08, 2018, 12:28:28 AM
 #35

Sorry to hear, I'm sorry for your loss.

I did some research into the IP address itself, and the server IP does have reported abuse here: https://cymon.io/46.166.160.28
I believe that suggests that at one point there was a DNS record for surge.loadedhost.net pointed to that IP. There's no guarantee this was the same company, but it may be a lead.

I'd probably contact Cymon to get more information on this / for them to confirm.

The domain has since been de-registered, but you may be able to get Whois History: http://research.domaintools.com/research/whois-history/search/?q=loadedhost.net

And IDK if loadedhost.com is connected to them, but there is some information here: https://www.lowendtalk.com/discussion/13365/loadedhost-com-dramathread
Phone number is NIgerian.

Hope this helps!

   ▄▄██████▄▄
  ████████████
███▄▄
 ██████████████▀▀▀██▄
████████████████   ▀██▄
████████████████     ▀██
██████████████       ██▌
██████████████        ▐██
██▌▀▀██████▀▀         ▐██
▐██                   ██▌
 ██▄                 ▄██
  ▀██▄             ▄██▀
    ▀██▄▄▄     ▄▄▄██▀
      ▀▀█████████▀▀





███████████████████████████
███████████▀▀         ▀▀███
████████▀   ▄▄██▄  ▀█▄  ▀██
██████▀  ▄████████▄  ▀█  ██
████▀  ▄██████▄▀  ██▄    ██
███▀  ██████▄▀  ▄▀████▄  ██
██▀  █████▄▀  ▄▀██████  ▄██
██  ▀███▄▀  ▄▀███████  ▄███
██    ▀██▄▄▀███████▀  ▄████
██  █▄  ▀████████▀  ▄██████
██▄  ▀█▄  ▀██▀▀   ▄████████
███▄▄         ▄▄███████████
███████████████████████████
███████████████████████████
████████▀▀       ▀▀████████
█████▀   ▄ ▀███▀ ▄   ▀█████
████  ▄████▄ ▀ ▄████▄  ████
███  ▄ ▀███▀ ▄ ▀███▀ ▄  ███
██  ▄██ ▀▀ ▄███▄ ▀▀ ██▄  ██
██  █▀ ▄█ ███████ █▄ ▀█  ██
██   ▄███▄ █████ ▄███▄   ██
███  ████▀ ▄▄▄▄▄ ▀████  ███
████  ▀ ▄ ▀█████▀ ▄ ▀  ████
█████▄  ▀▀▄ ███ ▄▀▀  ▄█████
████████▄▄       ▄▄████████
███████████████████████████
████████     INDUSTRY LEADING BITCOIN SPORTSBOOK     ████████
LIVE
STREAMING
DAILY PRICE
BOOSTS
LIVE DEALER
CASINO
FAST & SECURE
PAYMENTS
███████████████████████████
████████▀▀       ▀▀████████
█████▀  ▄█▄  ▀  ▄▄   ▀█████
████  ▄  ▀    ▀█████▄  ████
███  ▀█▀   ▀█▄   ▀▀██▄  ███
██  ▄    █▄  ▀██▄▄  ▀█▄  ██
██  █▀ ▄  ▀█▄  ▀███▄  ▀  ██
██    ▄██  ▀██▄  ▀███▄   ██
███  ▀████  ▀███▄  ▀█▀  ███
████  ▀████  ▀████▄    ████
█████▄   ▀▀█▄  ▀▀▀   ▄█████
████████▄▄       ▄▄████████
███████████████████████████
███████████████████████████
████████▀▀ █████ ▀▀████████
█████▀    ▄█████▄    ▀█████
██████▄▄█▀▀ ▄▄▄ ▀▀█▄▄██████
███▀███▀ ▄███▀███▄ ▀███▀███
██   █ ▄██▀     ▀██▄ █   ██
██   █ ██         ██ █   ██
██   █ ▀██▄▄█ █▄▄██▀ █   ██
███▄███▄ ▀██▄▄▄██▀ ▄███▄███
██████▀▀█▄▄ ▀▀▀ ▄▄█▀▀██████
█████▄    ▀█████▀    ▄█████
████████▄▄ █████ ▄▄████████
███████████████████████████





..WIN WITH US!..
Valerian77
Sr. Member
****
Offline Offline

Activity: 422
Merit: 254


View Profile
December 08, 2018, 01:32:23 AM
 #36

Sorry to hear, I'm sorry for your loss.

I did some research into the IP address itself, and the server IP does have reported abuse here: https://cymon.io/46.166.160.28
I believe that suggests that at one point there was a DNS record for surge.loadedhost.net pointed to that IP. There's no guarantee this was the same company, but it may be a lead.

I'd probably contact Cymon to get more information on this / for them to confirm.

The domain has since been de-registered, but you may be able to get Whois History: http://research.domaintools.com/research/whois-history/search/?q=loadedhost.net

And IDK if loadedhost.com is connected to them, but there is some information here: https://www.lowendtalk.com/discussion/13365/loadedhost-com-dramathread
Phone number is NIgerian.

Hope this helps!

the IP was   46.166.160.158   - but your gues seems to be in the same range:    https://anti-hacker-alliance.com/index.php?ip=46.166.165.80
Initscri
Hero Member
*****
Offline Offline

Activity: 826
Merit: 574


Make winning bets on sports with Sportsbet.io!


View Profile WWW
December 08, 2018, 01:49:16 AM
 #37

Sorry to hear, I'm sorry for your loss.

I did some research into the IP address itself, and the server IP does have reported abuse here: https://cymon.io/46.166.160.28
I believe that suggests that at one point there was a DNS record for surge.loadedhost.net pointed to that IP. There's no guarantee this was the same company, but it may be a lead.

I'd probably contact Cymon to get more information on this / for them to confirm.

The domain has since been de-registered, but you may be able to get Whois History: http://research.domaintools.com/research/whois-history/search/?q=loadedhost.net

And IDK if loadedhost.com is connected to them, but there is some information here: https://www.lowendtalk.com/discussion/13365/loadedhost-com-dramathread
Phone number is NIgerian.

Hope this helps!

the IP was   46.166.160.158   - but your gues seems to be in the same range:    https://anti-hacker-alliance.com/index.php?ip=46.166.165.80

Oops, apologies, didn't realise the change. Must've found the something similar within the range.
I'll keep looking.

   ▄▄██████▄▄
  ████████████
███▄▄
 ██████████████▀▀▀██▄
████████████████   ▀██▄
████████████████     ▀██
██████████████       ██▌
██████████████        ▐██
██▌▀▀██████▀▀         ▐██
▐██                   ██▌
 ██▄                 ▄██
  ▀██▄             ▄██▀
    ▀██▄▄▄     ▄▄▄██▀
      ▀▀█████████▀▀





███████████████████████████
███████████▀▀         ▀▀███
████████▀   ▄▄██▄  ▀█▄  ▀██
██████▀  ▄████████▄  ▀█  ██
████▀  ▄██████▄▀  ██▄    ██
███▀  ██████▄▀  ▄▀████▄  ██
██▀  █████▄▀  ▄▀██████  ▄██
██  ▀███▄▀  ▄▀███████  ▄███
██    ▀██▄▄▀███████▀  ▄████
██  █▄  ▀████████▀  ▄██████
██▄  ▀█▄  ▀██▀▀   ▄████████
███▄▄         ▄▄███████████
███████████████████████████
███████████████████████████
████████▀▀       ▀▀████████
█████▀   ▄ ▀███▀ ▄   ▀█████
████  ▄████▄ ▀ ▄████▄  ████
███  ▄ ▀███▀ ▄ ▀███▀ ▄  ███
██  ▄██ ▀▀ ▄███▄ ▀▀ ██▄  ██
██  █▀ ▄█ ███████ █▄ ▀█  ██
██   ▄███▄ █████ ▄███▄   ██
███  ████▀ ▄▄▄▄▄ ▀████  ███
████  ▀ ▄ ▀█████▀ ▄ ▀  ████
█████▄  ▀▀▄ ███ ▄▀▀  ▄█████
████████▄▄       ▄▄████████
███████████████████████████
████████     INDUSTRY LEADING BITCOIN SPORTSBOOK     ████████
LIVE
STREAMING
DAILY PRICE
BOOSTS
LIVE DEALER
CASINO
FAST & SECURE
PAYMENTS
███████████████████████████
████████▀▀       ▀▀████████
█████▀  ▄█▄  ▀  ▄▄   ▀█████
████  ▄  ▀    ▀█████▄  ████
███  ▀█▀   ▀█▄   ▀▀██▄  ███
██  ▄    █▄  ▀██▄▄  ▀█▄  ██
██  █▀ ▄  ▀█▄  ▀███▄  ▀  ██
██    ▄██  ▀██▄  ▀███▄   ██
███  ▀████  ▀███▄  ▀█▀  ███
████  ▀████  ▀████▄    ████
█████▄   ▀▀█▄  ▀▀▀   ▄█████
████████▄▄       ▄▄████████
███████████████████████████
███████████████████████████
████████▀▀ █████ ▀▀████████
█████▀    ▄█████▄    ▀█████
██████▄▄█▀▀ ▄▄▄ ▀▀█▄▄██████
███▀███▀ ▄███▀███▄ ▀███▀███
██   █ ▄██▀     ▀██▄ █   ██
██   █ ██         ██ █   ██
██   █ ▀██▄▄█ █▄▄██▀ █   ██
███▄███▄ ▀██▄▄▄██▀ ▄███▄███
██████▀▀█▄▄ ▀▀▀ ▄▄█▀▀██████
█████▄    ▀█████▀    ▄█████
████████▄▄ █████ ▄▄████████
███████████████████████████





..WIN WITH US!..
brokepenguin01
Newbie
*
Offline Offline

Activity: 1
Merit: 0


View Profile
December 08, 2018, 08:56:41 AM
 #38

I just signed up to ask some questions relating to your loss. By any chance did you:

1. Tell anyone you had that much money?
2. Tell anyone where it was stored?
3. Shared the email address online?
4. Chat with anyone about your accumulation/holdings?
5. Recently clicked/opened any weird emails/messages (these can contain the virus/backdoor especially in attachments)?
6. Any friends/co-workers/relatives that know about your wealth?
7. Any changes in network? Systems/security? Wifi?
8. Any suspicious nearby passers near your residence? Parked vehicles? Anyone near a cafe with access to wifi/laptops?
9. Any recent encounters? New website registrations?

These are some things to think about and you may want to retrace your steps to find out how this happened! Sorry I am not much help at this point.
Valerian77
Sr. Member
****
Offline Offline

Activity: 422
Merit: 254


View Profile
December 08, 2018, 11:54:28 AM
 #39

I just signed up to ask some questions relating to your loss. By any chance did you:

1. Tell anyone you had that much money?
2. Tell anyone where it was stored?
3. Shared the email address online?
4. Chat with anyone about your accumulation/holdings?
5. Recently clicked/opened any weird emails/messages (these can contain the virus/backdoor especially in attachments)?
6. Any friends/co-workers/relatives that know about your wealth?
7. Any changes in network? Systems/security? Wifi?
8. Any suspicious nearby passers near your residence? Parked vehicles? Anyone near a cafe with access to wifi/laptops?
9. Any recent encounters? New website registrations?

These are some things to think about and you may want to retrace your steps to find out how this happened! Sorry I am not much help at this point.

1 no
2 no
3 Huh
4 no
5 no - but most likely an infected BCD wallet was the culprit
6 no
7 no
8 lol no
9 all´the time

every hacker needs a door into your system. Even if I would talk about these things with my neighbour they were not able to hack my computer. As I said before most likely the hacker was an organized crime gang, well prepared and they used this BCD wallet as a door into my system. It could have turned on RDP for them and started keylogging. So they were able to achieve total control over my system.
There are theoretically other vulnerabilities - but these guys acted very professionally and very quickly. They even cleaned up their traces after their "work" - that was the reason Google identified them as intruders and closed my account.
Lucius
Legendary
*
Offline Offline

Activity: 1260
Merit: 1081


Fortis Fortuna Adiuvat


View Profile WWW
December 08, 2018, 02:38:48 PM
 #40

...
In any case you should all report to the police, this is big money and you do not have to reconcile that it's all over and money lost. Too bad that you did not use HW before, when it is obvious that you have it in possession.
I was on the step to move everything out of the Laptop.
By the way - the hacker group (I strongly assume it was an organized group) came from the same location which is mentioned here:
https://anti-hacker-alliance.com/index.php?ip=46.166.165.80
The company Cherry Servers replied to my email request on the case:
Quote
Dear Sir,
Despite the best intentions, I'm afraid we cannot help you in this situation. We do not reveal any information about services associated with our prior or current clients to third parties. As our company is registered in Lithuania, we are only accountable to local law enforcement agencies in Lithuania and can only reveal such information to them when obliged to do so by local law or when a Lithuanian court order is received.
Sounds like they face this situation not the first time.

So it's your best chance to do something to report you case directly to Lithuania police, in a way to get some good lawyer maybe. Lithuania is also member of EU, so if you are also from EU there may be some legal mechanisms through which you could also take legal action.

Lithuania is also member country of Interpol, maybe they can do something to help you track hackers.

I'm interested did you trying to track stolen coins on block expolorers? In some cases they can be tracked to exchanges, and in some cases they can freeze such coins if there is any doubt about corrupt actions.

Pages: « 1 [2] 3 4 »  All
  Print  
 
Jump to:  

Sponsored by , a Bitcoin-accepting VPN.
Powered by MySQL Powered by PHP Powered by SMF 1.1.19 | SMF © 2006-2009, Simple Machines Valid XHTML 1.0! Valid CSS!