KanoPool since 2014 🐈 - PPLNS and Solo 0.5% fee - Worldwide - 2438 blocks

[-ck]

Hey everyone.I had the same password at my kano pool as at the wallet I was reciving payments from kano and looks like someone hacked my wallet and stole my funds from the wallet: https://bitcointalk.org/index.php?topic=1323910.new#new
Please KANO, your password database might be at risk

Your home machine may be hacked, keystroke recorder.

It can't be my PC, since I have more wallets, only the one linked on kano.is and had the same password as kano.is username got hacked.

That doesn't explain how they got ACCESS to your wallet if they just had your password. What sort of wallet was it?

[vortexz]

I have lost all the funds that I mined from since I got my miners
What could have caused this ?

[VirosaGITS]

I have lost all the funds that I mined from since I got my miners
What could have caused this ?

Like ck said, just them having your password would not give them access to your wallet. They would actually need your wallet as well, which mean your computer would have to been compromised either with rdp or someone received your password AND your wallet with a malware that keylogged and stole your wallet file.

Kano.is have absolutely no way to access your wallet, this means it is on your end.

[kano]

Hey everyone.I had the same password at my kano pool as at the wallet I was reciving payments from kano and looks like someone hacked my wallet and stole my funds from the wallet: https://bitcointalk.org/index.php?topic=1323910.new#new
Please KANO, your password database might be at risk

My database is not at risk.

If people have been silly enough to use the same password here, as on some other site that has been hacked, then their account may be at risk if they don't use 2fa and their username is somehow matchable with a username here so that someone could try that other hacked username and password here and they were the same.
There is ZERO I can do about this since I cannot stop you from using the same username and password here as at some other site.

Even I don't (and can't) know what the passwords are here.
If you check the CKPool code, you will see it stores a hashed, salted, hashed again hash of the password.
The password is not logged anywhere, I cannot see it anywhere.
It is "POST"ed, over https, to the php script and then hashed.
No one ever sees it here on kano.is and I never know what it is.

If you are saying that your wallet got hacked into on some other site, well that's unfortunate, but has nothing at all to do with security at kano.is.

I send your coins to the address you have at the time we find a block.
If you change that address, you will get an email.
I also check that you get the email, yep I know too much about how everything works.

[bitsolutions]

I have lost all the funds that I mined from since I got my miners
What could have caused this ?

Maybe they got all your saved passwords from your browser and used those to access the wallet.

[vortexz]

is there ANY way someone could help me trace who stole my funds and try to recover them ?
Please ...

KANO can you please verify if someone else logged into my account from another IP adress ?

[VirosaGITS]

is there ANY way someone could help me trace who stole my funds and try to recover them ?
Please ...

Nearly impossible. Check where the coins went, search for the btc address in google. If you return 0 matches, you have pretty much 0 chance in the world to ever recover it. Even if you track it back to a user on the forum, you're still not getting your coins back.

[firetreeactual]

is there ANY way someone could help me trace who stole my funds and try to recover them ?
Please ...

Nearly impossible. Check where the coins went, search for the btc address in google. If you return 0 matches, you have pretty much 0 chance in the world to ever recover it. Even if you track it back to a user on the forum, you're still not getting your coins back.

Ditto. It IS impossible. That's one of the strongest assets of BTC is its anonymity...but that brings responsibility for minding one's own "stuff." Your coins are gone, and even if by some miracle you figured out who hacked your wallet (and it did indeed have to be on your end, and not associated with kano.is) you'll never be able to prove they're your coins.

I'm sympathetic. Read my older posts about having lost 1.5K BTC back in the day. Figure how much they'd be worth today. It happens, but frankly it isn't Kano's problem, my friend. I wish you the best.

[soma909]

is there ANY way someone could help me trace who stole my funds and try to recover them ?
Please ...

KANO can you please verify if someone else logged into my account from another IP adress ?

What kind of mining hardware and wallet are you using? As has been mentioned previously it's probably not a good idea to be re-using passwords.... If you are using any cloud / rented hashing power be sure not to enter your ckpool password there either, you can point rented miners at the pool without using your account password.

[kano]

...
KANO can you please verify if someone else logged into my account from another IP address ?

I will not deal with this via the forum.

You need to send me an email (from your pool email address) to the address you get all the messages from the pool and we'll discuss such details there.

I'll be able to get recent access logs easily enough and give them to you in email.

If you request from there to temporarily stop payments so they end up in your dust fund, that can be arranged also
(though that may mean I've got to reprocess these current payments )

If you do not have a permanent static IP address when you access kano.is then we may have some issues to deal with.

[edonkey]

vortexz, did you also use the same password on f2pool? There was a warning on their site a few days indicating that if you used the same password on f2pool as other sites, you might be at risk.

It wasn't clear if this meant that f2pool's account passwords were hacked, or if it was just a general warning.

But in any case, you really should not use the same password on multiple sites, especially when money is involved. Sorry that this advice comes too late...

[vortexz]

yes, lesson learned now.
had to learn it the hard way
and no, i've never used f2pool

[bittalc1]

yes, lesson learned now.
had to learn it the hard way
and no, i've never used f2pool

And please install some malware cleaner, like mawarebytes and kaspersky, see what they will tell you. Hope you find what caused the problem. Just curious, what type of wallet you were useing?

[vortexz]

multibit.
anyone can recommend me a safer wallet ? maybe something with mail confirmation to approve an transaction ?

[bittalc1]

multibit.
anyone can recommend me a safer wallet ? maybe something with mail confirmation to approve an transaction ?

The best is offline wallet aka paper one. Try armory, you ca ln sign transactions from offline computer. It is preaty secure, but please read all about it and learn how to use it online and offline.

[hawkfish007]

multibit.
anyone can recommend me a safer wallet ? maybe something with mail confirmation to approve an transaction ?

I use Coinbase. It notifies me when there is a deposit with USD value (great for accounting) or withdrawals. Allows use of 2FA.

[soma909]

multibit.
anyone can recommend me a safer wallet ? maybe something with mail confirmation to approve an transaction ?

MultiBit should be fine...... I use it on a Linux machine (with a 30+ character password) - I can't really see how someone could make transactions from your wallet without physical access to your PC or unless it has been compromised in some way..... What OS are you running? And are you sure the payout address wasn't altered somewhere else - ie. on the miner or in your ckpool settings.....

[vortexz]

multibit.
anyone can recommend me a safer wallet ? maybe something with mail confirmation to approve an transaction ?

MultiBit should be fine...... I use it on a Linux machine (with a 30+ character password) - I can't really see how someone could make transactions from your wallet without physical access to your PC or unless it has been compromised in some way..... What OS are you running? And are you sure the payout address wasn't altered somewhere else - ie. on the miner or in your ckpool settings.....

what do you mean by "altered" ?

[vh]

multibit.
anyone can recommend me a safer wallet ? maybe something with mail confirmation to approve an transaction ?

MultiBit should be fine...... I use it on a Linux machine (with a 30+ character password) - I can't really see how someone could make transactions from your wallet without physical access to your PC or unless it has been compromised in some way..... What OS are you running? And are you sure the payout address wasn't altered somewhere else - ie. on the miner or in your ckpool settings.....

more specifically access to private keys.   

access to your wallet (with passphrase)
access to a cached copy of your keys while moving them from a to b.
use of an online vanity address generator.

[soma909]

multibit.
anyone can recommend me a safer wallet ? maybe something with mail confirmation to approve an transaction ?

MultiBit should be fine...... I use it on a Linux machine (with a 30+ character password) - I can't really see how someone could make transactions from your wallet without physical access to your PC or unless it has been compromised in some way..... What OS are you running? And are you sure the payout address wasn't altered somewhere else - ie. on the miner or in your ckpool settings.....

what do you mean by "altered" ?

For example, if you are using an S3/5/7 etc someone could theoretically change the settings and mine wherever they want, or if someone has used your password to access your ckpool account they could have changed the payout address. But I think what you are saying is that someone has accessed your multibit wallet and transferred funds out....? Correct?