juju
|
|
July 11, 2014, 04:23:36 PM |
|
Electrum password alone isn't sufficient (assuming the attacker got it through your dropbox plain text file), he'd also need a copy of the electrum wallet file. Any idea how that was accessed?
If I understand the OP correctly, both the wallet file and a plaintext txt with the password were on a dropbox volume. I don't use electrum but the way I understand it is the wallet is constructed from the 12 word seed. That's why I asked Klee for kleerification... (*snort* sorry) There's a password that secures your wallet file, and there's the master seed. With the seed, you're able to access the funds all by itself, but with the electrum password alone, you still need the wallet. They had both.. EDIT: Apologies for not replying but I am trying to manage a mess here (format the computers, contacts with authorities, phone/skype calls etc).. Doesn't dropbox use 2-factor? Yes but you need to turn this on, and its not on by default so the likelyhood that it was on is slim. Additionally if anyone is reading this on top of the 2 factor, you can manage which machines/devices have access to your files so you can see what machines are actively syncing. My sincerest condolences to the OP, Storing the seed needed to take the wallet on dropbox seems unsafe but probably worked well enough for him for quite sometime. I am sure many people have already suggested it but you should build a machine that does not have a network card or network drivers then generate an Offline Wallet. This is really only a good solution if you intend to rarely ever use the coins because preforming the offline transactions takes a tiny bit of extra time and requires two computers and a fully updated blockchain.
|
|
|
|
AliceWonder
|
|
July 11, 2014, 04:30:07 PM |
|
I have no idea how to help you but I'm sorry it happened and I hope the thief is caught and prosecuted with you getting as much of it back as possible.
|
|
|
|
RocketSingh
Legendary
Offline
Activity: 1662
Merit: 1050
|
|
July 11, 2014, 04:35:51 PM |
|
Electrum password alone isn't sufficient (assuming the attacker got it through your dropbox plain text file), he'd also need a copy of the electrum wallet file. Any idea how that was accessed?
If I understand the OP correctly, both the wallet file and a plaintext txt with the password were on a dropbox volume. I don't use electrum but the way I understand it is the wallet is constructed from the 12 word seed. That's why I asked Klee for kleerification... (*snort* sorry) There's a password that secures your wallet file, and there's the master seed. With the seed, you're able to access the funds all by itself, but with the electrum password alone, you still need the wallet. They had both.. EDIT: Apologies for not replying but I am trying to manage a mess here (format the computers, contacts with authorities, phone/skype calls etc).. Heyyyyyyy ...DONT format. Keep the evidence !!!
|
|
|
|
dlowings
|
|
July 11, 2014, 04:37:03 PM |
|
The stolen BTC are still in the
14DZ3Yjb39sDTMwKd19Ly4PK15BKZfLXWZ 1CEQCaXZuKx3bPRySUFvCpXthWAnExukFb
Shame there is no way in the protocol to reject transaction from these ID's
Really? And how would that work in practice? Should we have a world Bitcoin court that decides which ID's were blacklisted and which transactions should be rejected? Surely, someone posting that they were hacked on a Bitcoin message board would not be enough to blacklist coins, would it? I don't think people think through the details when they propose such silly ideas. I'm sorry for your loss, OP. Spot on. You will also note that Klee himself never asked for such a short sighted thing. It does however help that he's a well respected member of the community (BTC and NXT), donated some of his holdings, etc. It looks like the community has his back. Whether that's enough to recover the coins is another matter of course. I hope he gets it back… but the problem is this…. should only the people with the most bitcoin be the only ones who get their bitcoin back from criminals ? does the little guy get equal support when he don't have the resources to offer the same type of bounty ? who is it that is , "short sighted" ?
|
BTC donations welcome:- 1BrersvQubEKt4m2hBXDNvU1B4RiYe6J4i - Feel free to visit wiki.chainminer.com for free hardware listings, and mining info. - IRC on freenode #wiki.chainminer.com
|
|
|
|
Meuh6879
Legendary
Offline
Activity: 1512
Merit: 1012
|
|
July 11, 2014, 04:39:11 PM |
|
Heyyyyyyy ...DONT format. Keep the evidence !!!
Why ? ... police can help ? No ... because is not money ...
|
|
|
|
BawsyBoss
|
|
July 11, 2014, 04:44:15 PM |
|
Wow, it hurt me just looking at this. The tricky part is going to be tracking it beyond a mixer.
|
Forever strong.
|
|
|
Sindelar1938
|
|
July 11, 2014, 04:53:07 PM |
|
Holy crap! All the best bagging the mofo who robbed you though I guess the odds are low
|
|
|
|
KimNam
|
|
July 11, 2014, 04:54:50 PM |
|
that's huge money so sorry for OP loss there will be epic if someone can trace and catch the hacker
|
|
|
|
musician
|
|
July 11, 2014, 04:59:31 PM |
|
Heyyyyyyy ...DONT format. Keep the evidence !!!
Why ? ... police can help ? No ... because is not money ... Cars, TVs, computers are not money either and police can help.
|
|
|
|
haploid23
Legendary
Offline
Activity: 812
Merit: 1002
|
|
July 11, 2014, 05:00:08 PM |
|
My goodness that's a huge amount of BTC stolen. Storing plain text access to your wallet, ONLINE... but I guess it's too late for the lecture.
Make an image of your hard drive/ssd before you do anything else. There is a slim chance that the leftover evidence could lead to the capture. The more you use that same machine, the more the data gets overwritten.
|
|
|
|
leezay
Full Member
Offline
Activity: 363
Merit: 100
SWISSREALCOIN - FIRST REAL ESTATE CRYPTO TOKEN
|
|
July 11, 2014, 05:00:17 PM |
|
Electrum password alone isn't sufficient (assuming the attacker got it through your dropbox plain text file), he'd also need a copy of the electrum wallet file. Any idea how that was accessed?
If I understand the OP correctly, both the wallet file and a plaintext txt with the password were on a dropbox volume. I don't use electrum but the way I understand it is the wallet is constructed from the 12 word seed. That's why I asked Klee for kleerification... (*snort* sorry) There's a password that secures your wallet file, and there's the master seed. With the seed, you're able to access the funds all by itself, but with the electrum password alone, you still need the wallet. They had both.. EDIT: Apologies for not replying but I am trying to manage a mess here (format the computers, contacts with authorities, phone/skype calls etc).. Doesn't dropbox use 2-factor? 2-factor is useless against inside job.
|
|
|
|
ibminer
Legendary
Offline
Activity: 1879
Merit: 2921
Goonies never say die.
|
|
July 11, 2014, 05:02:07 PM |
|
Well this is an awful story. No point in lecturing, you should be aware of the mistakes you made based on the former posts.
I would not format the machine, but it might not be a bad idea to take it offline if you have any other sensitive information on it but it sounds like this all took place on dropbox.
Do you access dropbox from work or through any corporate/company firewall or anything where others could watch your traffic and/or remotely access your machine?
|
|
|
|
Dread Pirate Roberts
|
|
July 11, 2014, 05:03:22 PM |
|
make sure check what you download anything or click anything when you download it ? like fake application . fake ebook . or fake Pdf of ebook or sync youre email to another website ? if you do it please pm me what the application you download . i can tracking who's created the application or ebook or the website and contact to the real they ISP (internet service provider) and contact IT of country case of million money and tell them the case .
glad to see this thread . i know what you feel now .
|
|
|
|
BurtW
Legendary
Offline
Activity: 2646
Merit: 1137
All paid signature campaigns should be banned.
|
|
July 11, 2014, 05:08:33 PM |
|
Attempted a BTC tag. You owe me $2 so far
|
Our family was terrorized by Homeland Security. Read all about it here: http://www.jmwagner.com/ and http://www.burtw.com/ Any donations to help us recover from the $300,000 in legal fees and forced donations to the Federal Asset Forfeiture slush fund are greatly appreciated!
|
|
|
o48o
Legendary
Offline
Activity: 3010
Merit: 1154
Leading Crypto Sports Betting & Casino Platform
|
|
July 11, 2014, 05:09:55 PM |
|
When i grow up i want to be an internet detective.
|
..Stake.com.. | | | ▄████████████████████████████████████▄ ██ ▄▄▄▄▄▄▄▄▄▄ ▄▄▄▄▄▄▄▄▄▄ ██ ▄████▄ ██ ▀▀▀▀▀▀▀▀▀▀ ██████████ ▀▀▀▀▀▀▀▀▀▀ ██ ██████ ██ ██████████ ██ ██ ██████████ ██ ▀██▀ ██ ██ ██ ██████ ██ ██ ██ ██ ██ ██ ██████ ██ █████ ███ ██████ ██ ████▄ ██ ██ █████ ███ ████ ████ █████ ███ ████████ ██ ████ ████ ██████████ ████ ████ ████▀ ██ ██████████ ▄▄▄▄▄▄▄▄▄▄ ██████████ ██ ██ ▀▀▀▀▀▀▀▀▀▀ ██ ▀█████████▀ ▄████████████▄ ▀█████████▀ ▄▄▄▄▄▄▄▄▄▄▄▄███ ██ ██ ███▄▄▄▄▄▄▄▄▄▄▄▄ ██████████████████████████████████████████ | | | | | | ▄▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▄ █ ▄▀▄ █▀▀█▀▄▄ █ █▀█ █ ▐ ▐▌ █ ▄██▄ █ ▌ █ █ ▄██████▄ █ ▌ ▐▌ █ ██████████ █ ▐ █ █ ▐██████████▌ █ ▐ ▐▌ █ ▀▀██████▀▀ █ ▌ █ █ ▄▄▄██▄▄▄ █ ▌▐▌ █ █▐ █ █ █▐▐▌ █ █▐█ ▀▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▀█ | | | | | | ▄▄█████████▄▄ ▄██▀▀▀▀█████▀▀▀▀██▄ ▄█▀ ▐█▌ ▀█▄ ██ ▐█▌ ██ ████▄ ▄█████▄ ▄████ ████████▄███████████▄████████ ███▀ █████████████ ▀███ ██ ███████████ ██ ▀█▄ █████████ ▄█▀ ▀█▄ ▄██▀▀▀▀▀▀▀██▄ ▄▄▄█▀ ▀███████ ███████▀ ▀█████▄ ▄█████▀ ▀▀▀███▄▄▄███▀▀▀ | | | ..PLAY NOW.. |
|
|
|
joshraban76
|
|
July 11, 2014, 05:10:09 PM |
|
I can't even imagine what that feels like. I wish you luck man.
|
|
|
|
keithers
Legendary
Offline
Activity: 1456
Merit: 1001
This is the land of wolves now & you're not a wolf
|
|
July 11, 2014, 05:12:49 PM |
|
That is crazy money to lose I am really sorry...I hope you can somehow manage to figure it out... IMO it seems like it could have been someone that knows you (if you took the standard pre-cautionary measures)
|
|
|
|
kokojie
Legendary
Offline
Activity: 1806
Merit: 1003
|
|
July 11, 2014, 05:14:33 PM |
|
How did the thief get your encrypted wallet? did you also backup your wallet on the same dropbox account where you stored password in plaintext?
|
btc: 15sFnThw58hiGHYXyUAasgfauifTEB1ZF6
|
|
|
RocketSingh
Legendary
Offline
Activity: 1662
Merit: 1050
|
|
July 11, 2014, 05:16:29 PM |
|
Heyyyyyyy ...DONT format. Keep the evidence !!!
Why ? ... police can help ? No ... because is not money ... It is required to keep so that he may take help of some cyber expert to find out the IP trace of the attacker. Probably the anti-virus software running on his machine already has it.
|
|
|
|
|