Bitcoin Forum
November 17, 2024, 11:22:08 AM *
News: Check out the artwork 1Dq created to commemorate this forum's 15th anniversary
 
   Home   Help Search Login Register More  
Pages: « 1 2 3 4 5 [6] 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 »
  Print  
Author Topic: I was hacked (1170btc stolen) - 500btc max BOUNTY  (Read 35690 times)
RawDog
Legendary
*
Offline Offline

Activity: 1596
Merit: 1026



View Profile WWW
July 11, 2014, 07:06:37 PM
 #101

HUGE MONEY  Shocked
Definitely some hard cashish there.  My new yacht only cost a few bucks more than that.  

*Image Removed* *Expletive Removed*  *Obsenity Removed*
What's going on - Slavetards?!!!
Watch my videos: https://www.youtube.com/watch?v=oE43M1Z8Iew  1FuckYouc6zrtHbnqcHdhrSVhcxgpJgfds
jabo38
Legendary
*
Offline Offline

Activity: 1232
Merit: 1001


mining is so 2012-2013


View Profile WWW
July 11, 2014, 07:06:49 PM
 #102

Electrum password alone isn't sufficient (assuming the attacker got it through your dropbox plain text file), he'd also need a copy of the electrum wallet file. Any idea how that was accessed?
If I understand the OP correctly, both the wallet file and a plaintext txt with the password were on a dropbox volume.

I don't use electrum but the way I understand it is the wallet is constructed from the 12 word seed.

That's why I asked Klee for kleerification... (*snort* sorry)

There's a password that secures your wallet file, and there's the master seed. With the seed, you're able to access the funds all by itself, but with the electrum password alone, you still need the wallet.
They had both..

EDIT: Apologies for not replying but I am trying to manage a mess here (format the computers, contacts with authorities, phone/skype calls etc)..

Heyyyyyyy ...DONT format. Keep the evidence !!!

Yes, seriously.  Don't delete anything.

In fact, do the opposite.  

Clone it.  

Take that computer off-line.  Clone to hard drive so you have multiple copies of it.

Then change all passwords and move all your existing accounts.  EVERYTHING.  Start from scratch with clients, passwords and all that.  

Now that all accounts that can be secured are freshly secured, send out the clones of the drive.  

There are some serious hackers that can dive into those clones and possible get some really good clues.  

It is very possible if there was malware, it can be identified, where and who it came from.  

There could be other clues too.  

Your are offering lots of money as a reward, mailing out some extra hard drives is going to help a lot.

EFFV
Sr. Member
****
Offline Offline

Activity: 278
Merit: 250


View Profile
July 11, 2014, 07:09:51 PM
 #103

Electrum password alone isn't sufficient (assuming the attacker got it through your dropbox plain text file), he'd also need a copy of the electrum wallet file. Any idea how that was accessed?
If I understand the OP correctly, both the wallet file and a plaintext txt with the password were on a dropbox volume.

I don't use electrum but the way I understand it is the wallet is constructed from the 12 word seed.

That's why I asked Klee for kleerification... (*snort* sorry)

There's a password that secures your wallet file, and there's the master seed. With the seed, you're able to access the funds all by itself, but with the electrum password alone, you still need the wallet.
They had both..

EDIT: Apologies for not replying but I am trying to manage a mess here (format the computers, contacts with authorities, phone/skype calls etc)..

Heyyyyyyy ...DONT format. Keep the evidence !!!

Yes, seriously.  Don't delete anything.

In fact, do the opposite.  

Clone it.  

Take that computer off-line.  Clone to hard drive so you have multiple copies of it.

Then change all passwords and move all your existing accounts.  EVERYTHING.  Start from scratch with clients, passwords and all that.  

Now that all accounts that can be secured are freshly secured, send out the clones of the drive.  

There are some serious hackers that can dive into those clones and possible get some really good clues.  

It is very possible if there was malware, it can be identified, where and who it came from.  

There could be other clues too.  

Your are offering lots of money as a reward, mailing out some extra hard drives is going to help a lot.


Good Advice.

"A leader is best when people barely know he exists, when his work is done, his aim fulfilled, they will say: we did it ourselves."  -Lao Tzu
My Trust Thread: https://bitcointalk.org/index.php?topic=474589.new#new
PilotofBTC
Legendary
*
Offline Offline

Activity: 1736
Merit: 1001


View Profile
July 11, 2014, 07:18:19 PM
 #104

Not technically advanced to understand you!

What he was suggesting was that someone managed to generate the same address as you. Not only is the probability infinitesimal, but given that you've also lost NXT and assuming they were both on the DB account then it would obviously point to DB as the attack vector.

Dropbox is an assumption. He had a plaintext file with all his passwords in it. He used Electrum, so I assume he has the seed stored in that file too.
Eadeqa
Hero Member
*****
Offline Offline

Activity: 644
Merit: 500


View Profile
July 11, 2014, 07:24:12 PM
 #105

How did the thief get your encrypted wallet? did you also backup your wallet on the same dropbox account where you stored password in plaintext?

He put 12 words electrum seed in a plaint text in dropbox folder. Electrum seeds can be used to recover all addresses. It's a deterministic wallet.

Nomi, Shan, Adnan, Noshi, Nxt, Adn Khn
NXT-GZYP-FMRT-FQ9K-3YQGS
https://github.com/Lafihh/encryptiontest
bitcasino
Sr. Member
****
Offline Offline

Activity: 342
Merit: 250



View Profile
July 11, 2014, 07:30:40 PM
 #106

1170 BTC stolen from a personal wallet and nothing in the news. It won't help to find the hacker....
https://www.google.com/?gws_rd=ssl#q=1170+bitcoin&tbm=nws



Sheldor333
Sr. Member
****
Offline Offline

Activity: 406
Merit: 250


View Profile
July 11, 2014, 07:48:12 PM
 #107

I do recommend you get the word out. Send an email to some of the Bitcoin news networks so they at least write a post about it. If you have any more btc get them safe right away, no excuses.
Other then that I don't think you can get them back to be honest.

Wulfcastle
Hero Member
*****
Offline Offline

Activity: 546
Merit: 500



View Profile WWW
July 11, 2014, 08:02:35 PM
 #108

Here's a proposition :

Mirror your hard drives that were compromised, DO NOT FORMAT THEM. And send all your data to a professional Anti-virus company, Kaspersky/AVG, make them aware of what has happened and about the reward for finding the identity of the hacker, then get the community behind this and get some media publications to carry this story and make as many people as possible aware of this hack and the reward for it. If you get a following big enough, two things could happen the hacker could be pressured into sending back the coins (unlikely) or dump them for USD (very likely). If they dump them for USD and you find their identity everything can be linked to them (through bank account etc) and you can get all your money back.

Why contact an Anti-virus company? Well quite simply they are professionals in this field, if the hackers compromised your computer there's a high chance they could find "breadcrumbs" left by the hackers and pinpoint their location and subsequently their identities. Although there are probably some great detectives here on BCT, I think you'd have a better chance handing over all your compromised HDD's to a professional Ani-virus company.

Also get Roger Ver to tweet about klee's hack and the 500 BTC reward. We all remember what happened to the last hacker which Roger Ver tweeted about.
Wulfcastle
Hero Member
*****
Offline Offline

Activity: 546
Merit: 500



View Profile WWW
July 11, 2014, 08:09:12 PM
Last edit: July 13, 2014, 06:19:35 AM by Wulfcastle
 #109

@OP

Really sorry for your loss.

You need to ask member BurtW what he knows about this address 1CEQCaXZuKx3bPRySUFvCpXthWAnExukFb. He sent 0.00112233 BTC  on 2014-07-11 17:07:52 from 1BurtWEejbnKeBRsvcydJvsNztB1bXV5iQ  tx:73368087a30b59804d35457777debcf30aa72d35895c5c9739f8556453603921

Hope this helps.

Hmmmm, this could be interesting
s1lverbox
Legendary
*
Offline Offline

Activity: 2324
Merit: 1039


View Profile
July 11, 2014, 08:09:37 PM
 #110

I lost due to lost private key 1 btc and it was so painful.
But 1170BTC

Jeesus.

smoothie
Legendary
*
Offline Offline

Activity: 2492
Merit: 1474


LEALANA Bitcoin Grim Reaper


View Profile
July 11, 2014, 08:14:44 PM
 #111

Wow... that's a freaking theft...  The wallet was online I assume?
Electrum - dropbox was compromised (with plain txt for the pwd, I know I know..)

wow just wow...

███████████████████████████████████████

            ,╓p@@███████@╗╖,           
        ,p████████████████████N,       
      d█████████████████████████b     
    d██████████████████████████████æ   
  ,████²█████████████████████████████, 
 ,█████  ╙████████████████████╨  █████y
 ██████    `████████████████`    ██████
║██████       Ñ███████████`      ███████
███████         ╩██████Ñ         ███████
███████    ▐▄     ²██╩     a▌    ███████
╢██████    ▐▓█▄          ▄█▓▌    ███████
 ██████    ▐▓▓▓▓▌,     ▄█▓▓▓▌    ██████─
           ▐▓▓▓▓▓▓█,,▄▓▓▓▓▓▓▌          
           ▐▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▌          
    ▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓─  
     ²▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓╩    
        ▀▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▀       
           ²▀▀▓▓▓▓▓▓▓▓▓▓▓▓▀▀`          
                   ²²²                 
███████████████████████████████████████

. ★☆ WWW.LEALANA.COM        My PGP fingerprint is A764D833.                  History of Monero development Visualization ★☆ .
LEALANA BITCOIN GRIM REAPER SILVER COINS.
 
Ninietz
Member
**
Offline Offline

Activity: 106
Merit: 10


View Profile
July 11, 2014, 08:23:17 PM
 #112

Well I had a friend that had a similar situation, he tried everything to get the BTC back and sorry to say he never got them back... they were long gone.
He did get a couple of offers but all wanted payment in advance... probably scams....

Some of these scammers are unfortunately very smart or very lucky.
BurtW
Legendary
*
Offline Offline

Activity: 2646
Merit: 1138

All paid signature campaigns should be banned.


View Profile WWW
July 11, 2014, 08:30:39 PM
Last edit: July 13, 2014, 01:42:59 AM by BurtW
 #113

@OP

Really sorry for your loss.

You need to ask member BurtW what he knows about this address 1CEQCaXZuKx3bPRySUFvCpXthWAnExukFb. He sent 0.00112233 BTC  on 2014-07-11 17:07:52 from 1BurtWEejbnKeBRsvcydJvsNztB1bXV5iQ  tx:73368087a30b59804d35457777debcf30aa72d35895c5c9739f8556453603921

Hope this helps.

Hmmmm, this could be interesting
What, specifically, do you find interesting?

Our family was terrorized by Homeland Security.  Read all about it here:  http://www.jmwagner.com/ and http://www.burtw.com/  Any donations to help us recover from the $300,000 in legal fees and forced donations to the Federal Asset Forfeiture slush fund are greatly appreciated!
haploid23
Legendary
*
Offline Offline

Activity: 812
Merit: 1002



View Profile WWW
July 11, 2014, 08:32:45 PM
 #114

Some of these scammers are unfortunately very smart or very lucky.

Neither. In this case, it's just negligence on OP's part. Very doubtful to get the btcs back because now it's not that hard to launder and clean off the coins. If they are sent to an exchange and withdrawn to a different wallet, or sent to a mixer, how are you going to follow and recover the coins now?

Guido
Legendary
*
Offline Offline

Activity: 1061
Merit: 1001


View Profile
July 11, 2014, 08:33:07 PM
 #115

did o/p say some was in an exchange? if so they will have i.p
you can force them to give this , I would hope they would give willingly asap if so

once you have that you're cooking on gas
depending ion what jurisdiction they're in they could be looking at some serious jailtime if caught

if I were in this position I would contact Roger Ver, he takes no nonsense, very bright guy and didn't give into the blackmailer.
he may well be able to give advice and publicize for you

good luck

I am Bonkers BTW
Crypto OG
        +
Digital Artist
BurtW
Legendary
*
Offline Offline

Activity: 2646
Merit: 1138

All paid signature campaigns should be banned.


View Profile WWW
July 11, 2014, 08:40:42 PM
 #116

did o/p say some was in an exchange? if so they will have i.p
you can force them to give this , I would hope they would give willingly asap if so

once you have that you're cooking on gas
depending ion what jurisdiction they're in they could be looking at some serious jailtime if caught

if I were in this position I would contact Roger Ver, he takes no nonsense, very bright guy and didn't give into the blackmailer.
he may well be able to give advice and publicize for you

good luck
No, the coins have been split into three addresses so far.  They currently reside in these three addresses:

410 at https://blockchain.info/address/16j6RQrJc3cyGEqe6BtApXkoNZ4Yy5z5Wo
221 at https://blockchain.info/address/12RESwqHjXFigWLiFwPjzg7nsCEBgTjeqQ
539 at https://blockchain.info/address/14DZ3Yjb39sDTMwKd19Ly4PK15BKZfLXWZ


Our family was terrorized by Homeland Security.  Read all about it here:  http://www.jmwagner.com/ and http://www.burtw.com/  Any donations to help us recover from the $300,000 in legal fees and forced donations to the Federal Asset Forfeiture slush fund are greatly appreciated!
Wulfcastle
Hero Member
*****
Offline Offline

Activity: 546
Merit: 500



View Profile WWW
July 11, 2014, 08:41:59 PM
 #117

did o/p say some was in an exchange? if so they will have i.p
you can force them to give this , I would hope they would give willingly asap if so

once you have that you're cooking on gas
depending ion what jurisdiction they're in they could be looking at some serious jailtime if caught

if I were in this position I would contact Roger Ver, he takes no nonsense, very bright guy and didn't give into the blackmailer.
he may well be able to give advice and publicize for you

good luck

I mentioned this a few posts back, get Roger to tweet about this hack and the 500 BTC reward and you'll get tonnes of people looking for this guy.
smoothie
Legendary
*
Offline Offline

Activity: 2492
Merit: 1474


LEALANA Bitcoin Grim Reaper


View Profile
July 11, 2014, 08:51:44 PM
 #118

Back in the day (2012) I kept a copy of my Litecoin wallet in my email as a backup. This was when they were worth much much less in total than now.

Glad I moved the coins in 2012 and did not leave them there.

I think due to all of the hacking and bad news of people losing money to scams and hackings it forced me to be waaaay more cautious with my coins.

Everything is locked down and not easily accessed.

Security is THE most important aspect of Bitcoin.

Sorry for the OP's loss.

I would be willing to send you ONE of my 2013 gold plated 1 oz silver 1 BTC coins (unfunded of course) assembled with the Lealana Bitcoin hologram etc for free sent via regular first-class mail. If you want it of course.

PM me your email so I can get your information.

Aloha,

Smoothie

███████████████████████████████████████

            ,╓p@@███████@╗╖,           
        ,p████████████████████N,       
      d█████████████████████████b     
    d██████████████████████████████æ   
  ,████²█████████████████████████████, 
 ,█████  ╙████████████████████╨  █████y
 ██████    `████████████████`    ██████
║██████       Ñ███████████`      ███████
███████         ╩██████Ñ         ███████
███████    ▐▄     ²██╩     a▌    ███████
╢██████    ▐▓█▄          ▄█▓▌    ███████
 ██████    ▐▓▓▓▓▌,     ▄█▓▓▓▌    ██████─
           ▐▓▓▓▓▓▓█,,▄▓▓▓▓▓▓▌          
           ▐▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▌          
    ▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓─  
     ²▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓╩    
        ▀▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▀       
           ²▀▀▓▓▓▓▓▓▓▓▓▓▓▓▀▀`          
                   ²²²                 
███████████████████████████████████████

. ★☆ WWW.LEALANA.COM        My PGP fingerprint is A764D833.                  History of Monero development Visualization ★☆ .
LEALANA BITCOIN GRIM REAPER SILVER COINS.
 
ThomasVeil
Sr. Member
****
Offline Offline

Activity: 252
Merit: 250


View Profile
July 11, 2014, 08:55:28 PM
 #119

Also get Roger Ver to tweet about klee's hack and the 500 BTC reward. We all remember what happened to the last hacker which Roger Ver tweeted about.

Great idea. I gave it a shot: https://twitter.com/oxpal/status/487696772803096576
If more people ask, maybe he picks it up.
Wulfcastle
Hero Member
*****
Offline Offline

Activity: 546
Merit: 500



View Profile WWW
July 11, 2014, 08:57:23 PM
 #120

Also get Roger Ver to tweet about klee's hack and the 500 BTC reward. We all remember what happened to the last hacker which Roger Ver tweeted about.

Great idea. I gave it a shot: https://twitter.com/oxpal/status/487696772803096576
If more people ask, maybe he picks it up.

Everyone should retweet this or send a tweet to Roger Ver about it. ^^
Pages: « 1 2 3 4 5 [6] 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 »
  Print  
 
Jump to:  

Powered by MySQL Powered by PHP Powered by SMF 1.1.19 | SMF © 2006-2009, Simple Machines Valid XHTML 1.0! Valid CSS!