JorgeStolfi (OP)
|
|
August 24, 2014, 01:56:30 PM |
|
Moving off-topic discussion from the Tezor thread: yesterday was some BTC stollen from my wallet (PC). I dont know how or who or how did this happened. [ ... ]
Impossible to say, as you don't know how they were stolen. [ ... ] All I can found that BTC was sent to 183u3xkUUqpVwJmmLqqt14cchS5Mu9CQk7 and then to 17gH1u6VJwhVD9cWR59jfeinLMzag2GZ43 .. but I had some secure things like firewall antispam .. .etc. on my computer .. but i looks it is not enough .. So I hope trezor will make it safe for next time. Were you handling that wallet when the first transaction happened, or shortly before? No, only incoming trancaction All i See is one transaction few hours befonr. Do you use Dropbox or some other external storage?
No external (Inet) devices .. only my own NAS with firewall and restricted IPs Was the wallet totally emptied, or only part of it?
tottlly empty after that attack What software/hardware did you use to generate your private keys?
sorry but I dont understand this queston. Do you mean passwords? Or what type of keys? I meant, what software do you use to handle your wallet. How did you create the private keys of the accounts that were emptied.
|
Academic interest in bitcoin only. Not owner, not trader, very skeptical of its longterm success.
|
|
|
BurtW
Legendary
Offline
Activity: 2646
Merit: 1137
All paid signature campaigns should be banned.
|
|
August 24, 2014, 01:58:53 PM |
|
What wallet were you using?
|
Our family was terrorized by Homeland Security. Read all about it here: http://www.jmwagner.com/ and http://www.burtw.com/ Any donations to help us recover from the $300,000 in legal fees and forced donations to the Federal Asset Forfeiture slush fund are greatly appreciated!
|
|
|
Slesh
Member
Offline
Activity: 103
Merit: 10
|
|
August 24, 2014, 03:33:56 PM |
|
What wallet were you using?
I'm using Bitcoin Core 64 bit. (now v0.9.2.1 - QT ver. 5.2.0)
|
|
|
|
BurtW
Legendary
Offline
Activity: 2646
Merit: 1137
All paid signature campaigns should be banned.
|
|
August 24, 2014, 05:01:45 PM |
|
What wallet were you using?
I'm using Bitcoin Core 64 bit. (now v0.9.2.1 - QT ver. 5.2.0) Did you have it password protected? If so was it a long, random password or a short common one?
|
Our family was terrorized by Homeland Security. Read all about it here: http://www.jmwagner.com/ and http://www.burtw.com/ Any donations to help us recover from the $300,000 in legal fees and forced donations to the Federal Asset Forfeiture slush fund are greatly appreciated!
|
|
|
Slesh
Member
Offline
Activity: 103
Merit: 10
|
|
August 24, 2014, 05:16:13 PM |
|
What wallet were you using?
I'm using Bitcoin Core 64 bit. (now v0.9.2.1 - QT ver. 5.2.0) Did you have it password protected? If so was it a long, random password or a short common one? Protected with passwd. 8 characters (each different, some lettes, some digits...etc.).. that's why I dont know how this could happened.
|
|
|
|
BurtW
Legendary
Offline
Activity: 2646
Merit: 1137
All paid signature campaigns should be banned.
|
|
August 24, 2014, 05:29:34 PM |
|
What wallet were you using?
I'm using Bitcoin Core 64 bit. (now v0.9.2.1 - QT ver. 5.2.0) Did you have it password protected? If so was it a long, random password or a short common one? Protected with passwd. 8 characters (each different, some lettes, some digits...etc.).. that's why I dont know how this could happened. Relatively weak and easy to crack assuming someone got your encrypted wallet.dat file and could set it up in a dedicated machine to brute force it. Can you think of how anyone might have gotten your wallet.dat file? (I use 32 character random passwords generated by LastPass).
|
Our family was terrorized by Homeland Security. Read all about it here: http://www.jmwagner.com/ and http://www.burtw.com/ Any donations to help us recover from the $300,000 in legal fees and forced donations to the Federal Asset Forfeiture slush fund are greatly appreciated!
|
|
|
Rannasha
|
|
August 24, 2014, 05:46:15 PM |
|
What wallet were you using?
I'm using Bitcoin Core 64 bit. (now v0.9.2.1 - QT ver. 5.2.0) Did you have it password protected? If so was it a long, random password or a short common one? Protected with passwd. 8 characters (each different, some lettes, some digits...etc.).. that's why I dont know how this could happened. Relatively weak and easy to crack assuming someone got your encrypted wallet.dat file and could set it up in a dedicated machine to brute force it. Can you think of how anyone might have gotten your wallet.dat file? (I use 32 character random passwords generated by LastPass). Or it was just a keylogger. This is typically the cause of these kinds of thefts.
|
|
|
|
Slesh
Member
Offline
Activity: 103
Merit: 10
|
|
August 24, 2014, 05:55:01 PM |
|
What wallet were you using?
I'm using Bitcoin Core 64 bit. (now v0.9.2.1 - QT ver. 5.2.0) Did you have it password protected? If so was it a long, random password or a short common one? Protected with passwd. 8 characters (each different, some lettes, some digits...etc.).. that's why I dont know how this could happened. Relatively weak and easy to crack assuming someone got your encrypted wallet.dat file and could set it up in a dedicated machine to brute force it. Can you think of how anyone might have gotten your wallet.dat file? (I use 32 character random passwords generated by LastPass). Or it was just a keylogger. This is typically the cause of these kinds of thefts. Who knows. Do I have to delete this wallet and set new one? I am afraid setting new psswd is not enough. ..
|
|
|
|
JorgeStolfi (OP)
|
|
August 24, 2014, 06:14:27 PM |
|
Or it was just a keylogger. This is typically the cause of these kinds of thefts.
Who knows. Do I have to delete this wallet and set new one? I am afraid setting new psswd is not enough. .. If it was a keylogger, that will not do. As I understand, the safest is to use a separate computer, not connected to the internet, to store your wallet and sign transactions. A Trezor may be just as good, although you must be careful when updating its firmware.
|
Academic interest in bitcoin only. Not owner, not trader, very skeptical of its longterm success.
|
|
|
Slesh
Member
Offline
Activity: 103
Merit: 10
|
|
August 24, 2014, 06:42:45 PM |
|
Or it was just a keylogger. This is typically the cause of these kinds of thefts.
Who knows. Do I have to delete this wallet and set new one? I am afraid setting new psswd is not enough. .. If it was a keylogger, that will not do. As I understand, the safest is to use a separate computer, not connected to the internet, to store your wallet and sign transactions. A Trezor may be just as good, although you must be careful when updating its firmware. Yes .. I decide to do it like this. Change passwd to 24 letters. Move wallet do other location and connect to Inet only when I will want to use it.....this was a little bit expensive lesson.
|
|
|
|
BurtW
Legendary
Offline
Activity: 2646
Merit: 1137
All paid signature campaigns should be banned.
|
|
August 24, 2014, 06:44:48 PM |
|
Or it was just a keylogger. This is typically the cause of these kinds of thefts.
Who knows. Do I have to delete this wallet and set new one? I am afraid setting new psswd is not enough. .. If it was a keylogger, that will not do. As I understand, the safest is to use a separate computer, not connected to the internet, to store your wallet and sign transactions. A Trezor may be just as good, although you must be careful when updating its firmware. Yes .. I decide to do it like this. Change passwd to 24 letters. Move wallet do other location and connect to Inet only when I will want to use it.....this was a little bit expensive lesson. The Trezor is only $120. I have several. Great hardware wallet. Safe from a lot of the "run of the mill" attacks. Nothing is perfect but it is very safe and will be getting even safer as time goes on.
|
Our family was terrorized by Homeland Security. Read all about it here: http://www.jmwagner.com/ and http://www.burtw.com/ Any donations to help us recover from the $300,000 in legal fees and forced donations to the Federal Asset Forfeiture slush fund are greatly appreciated!
|
|
|
JorgeStolfi (OP)
|
|
August 24, 2014, 06:54:42 PM |
|
If it was a keylogger, that will not do. As I understand, the safest is to use a separate computer, not connected to the internet, to store your wallet and sign transactions.
Yes .. I decide to do it like this. [ ... ]Move wallet do other location and connect to Inet only when I will want to use it..... That is still a bit dangerous. The safest procedure is to never connect that computer to the internet, transfer the transaction data to it by USB stick, and transfer the signed transaction back to the main computer in the same way. I don't think that there is a sufficiently safe way to carry several thousand dollars in bitcoin outside your home. If you do not control the physical environment where you sign the transactions, there seem to be ways to steal your bitcoins, even of you use a Trezor.
|
Academic interest in bitcoin only. Not owner, not trader, very skeptical of its longterm success.
|
|
|
Slesh
Member
Offline
Activity: 103
Merit: 10
|
|
August 24, 2014, 07:07:10 PM |
|
If it was a keylogger, that will not do. As I understand, the safest is to use a separate computer, not connected to the internet, to store your wallet and sign transactions.
Yes .. I decide to do it like this. [ ... ]Move wallet do other location and connect to Inet only when I will want to use it..... That is still a bit dangerous. The safest procedure is to never connect that computer to the internet, transfer the transaction data to it by USB stick, and transfer the signed transaction back to the main computer in the same way. I don't think that there is a sufficiently safe way to carry several thousand dollars in bitcoin outside your home. If you do not control the physical environment where you sign the transactions, there seem to be ways to steal your bitcoins, even of you use a Trezor. The computer and NAS isin my home, hidden on local network. No dat file outside. Maybe i did not catch the idea of Trezor, but lets imagine that I will have one standalone computer with wallet. I need to connect to internet to get incoming tansactions. Or not? Than what exactly tresor do? I thought that Tresor only sign the transaction. Because where is the 20 GB blockchain info? Second thing is that I maybe should delete this wallet at all and start with new wallet on other computer, because maybe someone use the copy of it. Is there any chance to find out that someone use copy od my wallet? What will you do as the best secure solution?
|
|
|
|
JorgeStolfi (OP)
|
|
August 24, 2014, 08:29:17 PM |
|
Maybe i did not catch the idea of Trezor, but lets imagine that I will have one standalone computer with wallet. I need to connect to internet to get incoming tansactions. Or not? Than what exactly tresor do? I thought that Tresor only sign the transaction. Because where is the 20 GB blockchain info?
You will do most of your account management and processing on the computer that is connected to the internet. Only when it is time to sign a transaction, you will transfer the transaction data to the other computer that has your wallet, sign the transaction there, transfer the signed transaction back to the first computer, and broadcast it from there. The Trezor basically replaces that second computer. It keeps your private keys, signs transaction that are passed to it by your primary computer through the USB port, and returns the signed transactions to the primary computer. [/quote] Is there any chance to find out that someone use copy od my wallet? What will you do as the best secure solution?
I cannot help you there. As it says in my signature, I do not own bitcoins -- mainly for other reasons, but for this reason too: bitcoins are easy to steal, and once stolen there is nothing one can do, no none to help, and no hope of ever getting them back. There is no way of knowing whether someone has a copy of your wallet, but that is very likely. (The alternative is that a malicious software in your computer sent out the transaction on its own, without sending your wallet to the thief.) Definitely, you should never use those addresses and private keys again.
|
Academic interest in bitcoin only. Not owner, not trader, very skeptical of its longterm success.
|
|
|
BurtW
Legendary
Offline
Activity: 2646
Merit: 1137
All paid signature campaigns should be banned.
|
|
August 24, 2014, 08:34:59 PM |
|
The basic idea of the Trezor is that the private keys never leave the device and cannot be read from the device. So as stated above the trezor is your second "offline" computer. It keeps your private keys very private and untouchable and it signs the transactions with those private keys. Another nice thing is that once you backup the Trezor seed (and keep it very, very safe) you never have to do another backup.
|
Our family was terrorized by Homeland Security. Read all about it here: http://www.jmwagner.com/ and http://www.burtw.com/ Any donations to help us recover from the $300,000 in legal fees and forced donations to the Federal Asset Forfeiture slush fund are greatly appreciated!
|
|
|
ajas
Member
Offline
Activity: 130
Merit: 58
|
|
August 25, 2014, 09:09:17 PM |
|
We all must be aware that some people try to get our bitcoins.
Recently somebody (not me) tried to change my password on a bitcoin echange site, but fortunatly did not succeed.
I also got an email related to bitcoin with a .jar attachment. I dont know what is inside as I didn't open it. But they know my email adress and that I own bitcoins.
So: Use 2 factor authentification, offline wallets, Trezor, ... Only keep small amounts of btc online.
|
|
|
|
ForgottenPassword
|
|
August 25, 2014, 09:13:02 PM |
|
If your wallet has been hacked and it was only stored on your computer, you should assume the attacker has compromised your computer. You could have any kind of malware on your PC now. Generating a new wallet file will NOT be enough, you need to do a full OS reinstall and then generate a new wallet.
Did you install any software on your PC recently? anything bitcoin-related (price tickers, widgets, altcoins)? where did you download your wallet software from?
|
|
|
|
Slesh
Member
Offline
Activity: 103
Merit: 10
|
|
August 25, 2014, 09:27:51 PM |
|
If your wallet has been hacked and it was only stored on your computer, you should assume the attacker has compromised your computer. You could have any kind of malware on your PC now. Generating a new wallet file will NOT be enough, you need to do a full OS reinstall and then generate a new wallet.
Did you install any software on your PC recently? anything bitcoin-related (price tickers, widgets, altcoins)? where did you download your wallet software from?
I have lot of sw on my PC. So i take new laptop with new OS ane crate new wallet. This laptop is dedicated only to BTC. So i think this topic should be closed. I have no clue how this could happened. No security alarm of any security SW. I oly saw that adress 17gH1u6VJwhVD9cWR59jfeinLMzag2GZ43 belongs to some hackers/thieves beacuse I am not the only one who was robbed... https://www.bitcoinregime.com/2014/07/07/stolen-bitcoins-and-releated-account/
|
|
|
|
ForgottenPassword
|
|
August 25, 2014, 09:35:32 PM |
|
I have lot of sw on my PC. So i take new laptop with new OS ane crate new wallet. This laptop is dedicated only to BTC. So i think this topic should be closed. I have no clue how this could happened. No security alarm of any security SW. I oly saw that adress 17gH1u6VJwhVD9cWR59jfeinLMzag2GZ43 belongs to some hackers/thieves beacuse I am not the only one who was robbed... https://www.bitcoinregime.com/2014/07/07/stolen-bitcoins-and-releated-account/That address belongs to a mixing service. The hacker used it to make it harder to track the BTC. Anti-virus software is easily defeated, that should be a "last resort". You could still have malware, so be careful. Using a dedicated laptop is a good idea but I would recommend you use it as a offline wallet. Keep it offline at all times (physically take out the WiFi card and bluetooth if you can) and transfer signed transactions via USB stick to a computer connected to the internet. Here are two clients that support offline wallets: http://bitcoinarmory.comForum section for this client here: https://bitcointalk.org/index.php?board=97.0This client does need a full copy of the blockchain plus its own database so uses up 50GB of space on your online PC. http://electrum.orgForum section: https://bitcointalk.org/index.php?board=98.0This is an SPV wallet, doesn't need a copy of the blockchain but it tells your peers what addresses you own so it has weaker privacy than Armory.
|
|
|
|
OhShei8e
Legendary
Offline
Activity: 1792
Merit: 1059
|
|
August 25, 2014, 09:44:25 PM |
|
I have no clue how this could happened. No security alarm of any security SW.
Do you use snakeoil?
|
|
|
|
Slesh
Member
Offline
Activity: 103
Merit: 10
|
|
August 25, 2014, 09:50:22 PM |
|
I have no clue how this could happened. No security alarm of any security SW.
Do you use snakeoil? ?? what is it? I mean SW like firewall (on router, NAS, PC) - there was no alarms logs and antivir with antispam ..
|
|
|
|
honolululu
Member
Offline
Activity: 103
Merit: 10
|
|
August 26, 2014, 06:39:10 AM |
|
I have no clue how this could happened. No security alarm of any security SW.
Do you use snakeoil? ?? what is it? I mean SW like firewall (on router, NAS, PC) - there was no alarms logs and antivir with antispam .. I think they were trying to say that firewalls and antivirus can help once in a while, you need to control access to your wallet by unplugging from the internet completely. It is kind of a hassle for sure, but so is losing coins.
|
|
|
|
|