Question about wallet hacking

[flik68]

I just had my blockchain.info wallet hacked, and my coins stolen.

Blockchain does not know how it happened and is investigating.

Here's what is known so far:

1) My identifier, pneumonic and password were all stored offline and separately.
2) My password was alphanumeric
3) They were never shared with anyone - EVER
4) I did not have my wallet setup so backups were sent to me by email
5) The wallet did not have an email address associated with it
6) Somehow, a hacker was able to gain access to my wallet and move my coins out - twice over 3 days (i did not realize what was happening and moved more coins into the wallet, which were moved out during a 2nd incursion)

I can see where the coins were sent to.

I know my tracing options are limited but I would like to try anyway.

How much can I learn from the address the coins were sent to?
Can I learn which company owns the wallet they were sent to? Blockchain? Bitstamp? Bitfog?

[greyhawk]

hehe, "company" 

[flik68]

hehe, "company" 

sorry for the noob-ness but what do you mean greyhawk

[cp1]

hehe, "company" 

sorry for the noob-ness but what do you mean greyhawk

It's unlikely that someone who steals from online wallets would hold their coins in an online wallet.

Did you ever have a backup in any form?  You may just have a keylogger.

[kwukduck]

Sounds like there could be a RAT in your PC.

[EternalWingsofGod]

I just had my blockchain.info wallet hacked, and my coins stolen.

Blockchain does not know how it happened and is investigating.

Here's what is known so far:

1) My identifier, pneumonic and password were all stored offline and separately.
2) My password was alphanumeric
3) They were never shared with anyone - EVER
4) I did not have my wallet setup so backups were sent to me by email
5) The wallet did not have an email address associated with it
6) Somehow, a hacker was able to gain access to my wallet and move my coins out - twice over 3 days (i did not realize what was happening and moved more coins into the wallet, which were moved out during a 2nd incursion)

I can see where the coins were sent to.

I know my tracing options are limited but I would like to try anyway.

How much can I learn from the address the coins were sent to?
Can I learn which company owns the wallet they were sent to? Blockchain? Bitstamp? Bitfog?

It's a phishing hack someone made a fake blockchain site
https://bitcointalk.org/index.php?topic=533055.msg5911301#msg5911301

[franky1]

I just had my blockchain.info wallet hacked, and my coins stolen.

Blockchain does not know how it happened and is investigating.

Here's what is known so far:

1) My identifier, pneumonic and password were all stored offline and separately.
2) My password was alphanumeric
3) They were never shared with anyone - EVER
4) I did not have my wallet setup so backups were sent to me by email
5) The wallet did not have an email address associated with it
6) Somehow, a hacker was able to gain access to my wallet and move my coins out - twice over 3 days (i did not realize what was happening and moved more coins into the wallet, which were moved out during a 2nd incursion)

I can see where the coins were sent to.

I know my tracing options are limited but I would like to try anyway.

How much can I learn from the address the coins were sent to?
Can I learn which company owns the wallet they were sent to? Blockchain? Bitstamp? Bitfog?

imagine if you had coins in there for months. if it happened in minutes to a day after you logged in, its more chance that you have a key logger that they used to grab your wallet identifier and password.

if you havnt logged into blockchain.info for a while its more change they got uor wallet backup via your gmail

[EternalWingsofGod]

I just had my blockchain.info wallet hacked, and my coins stolen.

Blockchain does not know how it happened and is investigating.

It's a phishing hack someone made a fake blockchain site
https://bitcointalk.org/index.php?topic=533055.msg5911301#msg5911301

Adding the twitter thread since I am fairly certain that was the cause
https://twitter.com/blockchain/status/448589906458079232

[mjc]

What type of Multi Factor authentication were you using?  If none then all the hacker needed was a key logger on your system.

[sssubito]

Alphanumeric pw? I hope it wasn't something like: 123wizzarD
Leaked password lists show so much ingenious creativity...

Was your pw absolutely unique, never used before somewhere else?

How about security status of your computer and your email account and it's pw complexity?

So many questions remain unanswered by your minimal info.

[DeathAndTaxes]

Since you have already been hacked care to share the exact password (you should never use it for anything else anyways)?
People could point out how secure it really is.

Was the password ever used anywhere else?
Did you have 2FA enabled?
Have you checked your system for malware?

Can I learn which company owns the wallet they were sent to? Blockchain? Bitstamp? Bitfog?

Smart people don't use wallets "owned" by other people.  The thief could have sent the coins anywhere.  To a desktop Bitcoin-Core (QT) wallet, or even a paper wallet for safekeeping.

[ning]

...
... were all stored offline and separately.
...

Things need to be used online can be exposed when being used online even if they are stored offline.

[drippx]

Why not use electrum? I'm not familiar with the blockchain wallet but isn't that browser based? Probably a java hack or something

[bananahoho]

Why not use electrum? I'm not familiar with the blockchain wallet but isn't that browser based? Probably a java hack or something

The use of Blockchain and Inputs and other online bitcoin wallets very suitable for beginners. But Blockchain like online wallet is built on a web server, if the server was hacked so always appear safe hidden trouble.

[Zeeks]

If you are going to keep your Bitcoin in online wallets you may as well stick to fiat and keep your money in banks. It's safer there.

[softron]

If ur sure u dont have email with your account, maybe the hacker was able to access your browser files.

[BitCoinDream]

I just had my blockchain.info wallet hacked, and my coins stolen.

Blockchain does not know how it happened and is investigating.

Here's what is known so far:

1) My identifier, pneumonic and password were all stored offline and separately.
2) My password was alphanumeric
3) They were never shared with anyone - EVER
4) I did not have my wallet setup so backups were sent to me by email
5) The wallet did not have an email address associated with it
6) Somehow, a hacker was able to gain access to my wallet and move my coins out - twice over 3 days (i did not realize what was happening and moved more coins into the wallet, which were moved out during a 2nd incursion)

I can see where the coins were sent to.

I know my tracing options are limited but I would like to try anyway.

How much can I learn from the address the coins were sent to?
Can I learn which company owns the wallet they were sent to? Blockchain? Bitstamp? Bitfog?

Can u please confirm the following 2 things ?

1. U did not use BlockChain.com.

2. U did not create any vanity address.

[spazzdla]

hehe, "company" 

sorry for the noob-ness but what do you mean greyhawk

You got malewared son... it's not fun at all :S...  I hope this doesn't turn you off bitcoin and you learn a bunch about how vicious virus's can be and what protection is required to keep you safe.

Download malewarebits, if there is maleware, your computer must be formated.  People will claim it  can be cleaned, BULL S*** it has to be formated.

[flik68]

after careful examination of my PC, no malware or keyloggers were detected.

[khjghki44f]

Sounds like there could be a RAT in your PC.

Should be the Trojan virus on your computer in the above, and then by others to steal personal information.