|
tzortz
|
 |
October 14, 2014, 04:09:02 PM |
|
I have lost too, but not that amount.
I hope you find it soon.
|
All is Mine!
1H7LUdfx9AFTMSXPsCBror3RDk57zgnc2R
|
|
|
|
pitiflin
|
|
October 14, 2014, 09:14:44 PM |
|
I lost 2 BTC in a similar way, using coinbase+tor
I got a "this connection is untrusted" message and when I refreshed the window the BTC were gone...
Since then I use Armory. But the funny thing is that for small amounts I changed to blockhain + tor...
|
|
|
|
rokkyroad
Legendary
 Offline
Activity: 1090
Merit: 1000
|
|
October 14, 2014, 09:49:55 PM |
|
Spend the money and use a good VPN service.
Don't trust Tor with finances. Tor is fine for anonymity but not security.
Sorry for your loss.
|
" If you have to spam and shout to justify your existence then you are a shit coin." TaunSew
|
|
|
|
FattyMcButterpants
|
|
October 14, 2014, 11:22:32 PM |
|
... Then there was an error message pop up, he closed it and refreshed the wallet page...
That probably was probably a key moment. Exactly. They were key logging him or had hijacked the computer and then transferred the money out. It is doubtful it was a MITM attack while using TOR when the easier method is to just have owned his computer. (Of course it is possible, just very unlikely). I also agree. A man in the middle attack is really not feasible with TOR. One theory as to what could have happened (besides spreading FUD) to the OP is that he went on a hidden wikki, looking for a .onion version of blockchain.info, clicked on a fake blockchian.info link (hidden wikki is littered with these kinds of phishing sites), entered his identifier and password, then the person behind the phishing .onion site was able to login to blockchain and steal the OP's bitcon. IMO the OP is spreading FUD more likely then not. I don't see why the OP would be paranoid enough to use TOR when dealing with bitcoin but isn't paranoid enough to want to use cold storage |
|
|
|
|
|
pitiflin
|
|
October 14, 2014, 11:25:39 PM |
|
... Then there was an error message pop up, he closed it and refreshed the wallet page...
That probably was probably a key moment. Exactly. They were key logging him or had hijacked the computer and then transferred the money out. It is doubtful it was a MITM attack while using TOR when the easier method is to just have owned his computer. (Of course it is possible, just very unlikely). I also agree. A man in the middle attack is really not feasible with TOR. One theory as to what could have happened (besides spreading FUD) to the OP is that he went on a hidden wikki, looking for a .onion version of blockchain.info, clicked on a fake blockchian.info link (hidden wikki is littered with these kinds of phishing sites), entered his identifier and password, then the person behind the phishing .onion site was able to login to blockchain and steal the OP's bitcon. IMO the OP is spreading FUD more likely then not. I don't see why the OP would be paranoid enough to use TOR when dealing with bitcoin but isn't paranoid enough to want to use cold storage It happened the same thing to me using coinbase.com and I didn't use the hidden wiki to access coinbase. There is people literally living from stealing BTC you shouldn't underestimate these people |
|
|
|
|
|
|
|
cr1776
Legendary
Offline
Activity: 4214
Merit: 1313
|
|
October 16, 2014, 12:22:19 AM |
|
With the recently announced POODLE flaw, I think that is probably it. Particularly when you see "certificate doesn't match" etc. |
|
|
|
|
btcduke
Member
Offline
Activity: 70
Merit: 10
★Bitin.io★ - Instant Exchange
|
|
October 16, 2014, 12:31:49 AM |
|
Is it really? Thought of the lost coins won't be found forever, I feel a little sad.
|
|
|
|
|
scarsbergholden
|
|
October 16, 2014, 01:31:10 AM |
|
... Then there was an error message pop up, he closed it and refreshed the wallet page...
That probably was probably a key moment. Exactly. They were key logging him or had hijacked the computer and then transferred the money out. It is doubtful it was a MITM attack while using TOR when the easier method is to just have owned his computer. (Of course it is possible, just very unlikely). I also agree. A man in the middle attack is really not feasible with TOR. One theory as to what could have happened (besides spreading FUD) to the OP is that he went on a hidden wikki, looking for a .onion version of blockchain.info, clicked on a fake blockchian.info link (hidden wikki is littered with these kinds of phishing sites), entered his identifier and password, then the person behind the phishing .onion site was able to login to blockchain and steal the OP's bitcon. IMO the OP is spreading FUD more likely then not. I don't see why the OP would be paranoid enough to use TOR when dealing with bitcoin but isn't paranoid enough to want to use cold storage It happened the same thing to me using coinbase.com and I didn't use the hidden wiki to access coinbase. There is people literally living from stealing BTC you shouldn't underestimate these people Why would you use TOR to access coinbase? They already know your identity and your bank account details therefore there is little reason to try to hide your identity to access coinbase it has been reported that POODLE has exploited a SSLv3 vulnerability so it is, in theory possible that an attacker launched a zero day attack against the OP |
|
|
|
|
Jamacn
|
|
October 16, 2014, 03:37:30 AM |
|
Bitcoin biggest enemy is not the government? Is hacker?
|
|
|
|
|
zhouqi_cn
Member
Offline
Activity: 65
Merit: 10
|
|
October 16, 2014, 04:09:15 AM |
|
Why not use cold wallet?
|
比太钱包(Bither)比太钱包 - 易用、安全的比特币钱包! Bither - a simple and secure Bitcoin wallet!
|
|
|
|
luv2drnkbr
|
|
October 16, 2014, 07:45:43 AM |
|
Unfortunately OP, this is a common occurance. Malicious Tor exit nodes are redirecting requests to known bitcoin wallets and exchanges to their own malicious version and stealing coins. Even in SSL connections. Always verify the SSL certificate fingerprint and make sure it is correct when you are doing Bitcoin related things on Tor.
|
|
|
|
|
omegaflare
|
|
October 16, 2014, 08:34:03 AM |
|
can't believe that owner of 775 btc who is too lazy to protect his/her btc ....should more careful it's too shocking news he lost almost 236740$ it can change one's whole life....
other guys lost much more and they studied "computer science"  actualy we dont know anything about this case. i doubt it was because if Tor. i think it was his shitty computer (maleware etc). You summed it up perfectly. |
|
|
|
|
omegaflare
|
|
October 16, 2014, 08:34:42 AM |
|
probably a man-in-the-middle attack performed by a TOR exit node.
just a reminder that in general it is not a good idea to use TOR to access
clearnet (that is, "normal" web addresses, as opposed to TOR hidden services).
What TOR makes secure in this case is the connection to the so-called TOR exit
node, which connects for you to your destination address, and sends you
the data back over the TOR network, thus acting as a proxy. However, you are effectively trusting
the exit node not to fiddle with the data it forwards. Since the exit node can be
anybody (you can set up one, too), there is really no reason to trust it.
In particular, they can redirct your blockchain.info request to a fake site,
or strip your communication of its SSL and read all of it.
If you still want to use TOR to access clear net, and want to make this secure,
you have to download and install SSL certificates of every site you are going to use, in this
case of blockchain.info .
HTTPS everywhere is suppose to resolve this issue, no? |
|
|
|
Argwai96
Legendary
Offline
Activity: 1036
Merit: 1000
Thug for life!
|
|
October 17, 2014, 12:00:57 AM |
|
Unfortunately OP, this is a common occurance. Malicious Tor exit nodes are redirecting requests to known bitcoin wallets and exchanges to their own malicious version and stealing coins. Even in SSL connections. Always verify the SSL certificate fingerprint and make sure it is correct when you are doing Bitcoin related things on Tor.
Even with SSL, Poodle has been shown to be able to perform a MITM attack against users. Checking the SSL certificate would not necessarily have stopped this attack |
|
|
|
|
|
pitiflin
|
|
October 18, 2014, 11:53:46 AM |
|
... Then there was an error message pop up, he closed it and refreshed the wallet page...
That probably was probably a key moment. Exactly. They were key logging him or had hijacked the computer and then transferred the money out. It is doubtful it was a MITM attack while using TOR when the easier method is to just have owned his computer. (Of course it is possible, just very unlikely). I also agree. A man in the middle attack is really not feasible with TOR. One theory as to what could have happened (besides spreading FUD) to the OP is that he went on a hidden wikki, looking for a .onion version of blockchain.info, clicked on a fake blockchian.info link (hidden wikki is littered with these kinds of phishing sites), entered his identifier and password, then the person behind the phishing .onion site was able to login to blockchain and steal the OP's bitcon. IMO the OP is spreading FUD more likely then not. I don't see why the OP would be paranoid enough to use TOR when dealing with bitcoin but isn't paranoid enough to want to use cold storage It happened the same thing to me using coinbase.com and I didn't use the hidden wiki to access coinbase. There is people literally living from stealing BTC you shouldn't underestimate these people Why would you use TOR to access coinbase? They already know your identity and your bank account details therefore there is little reason to try to hide your identity to access coinbase it has been reported that POODLE has exploited a SSLv3 vulnerability so it is, in theory possible that an attacker launched a zero day attack against the OP I didn't give them any ID, just an email address. By the way, someone stole from my blockchain with double authentification and a second password when sending funds... using it via TOR I think blockchain is having an attack or something like that. Do you know any wallet that Works good with TOR? Or would you recommend me generate new wallets from my cold wallet in Armory? Fucking blockchain... |
|
|
|
crazyjack
Legendary
Offline
Activity: 1315
Merit: 1002
|
|
October 18, 2014, 11:56:33 AM |
|
at the end all BTC will be lost and hacked until forgotten.... that is why there is no future in current system...
|
|
|
|
|
|
pitiflin
|
|
October 18, 2014, 11:59:34 AM |
|
at the end all BTC will be lost and hacked until forgotten.... that is why there is no future in current system...
It looks like it... security is key. I've lost 4 BTC in total in different attacks, and I'm no newbie. People can't expect the average user to use Armory offline wallets and shit like that. (Which I do anyway) Something must be found quickly. |
|
|
|
|
scarsbergholden
|
|
October 18, 2014, 12:04:06 PM |
|
... Then there was an error message pop up, he closed it and refreshed the wallet page...
That probably was probably a key moment. Exactly. They were key logging him or had hijacked the computer and then transferred the money out. It is doubtful it was a MITM attack while using TOR when the easier method is to just have owned his computer. (Of course it is possible, just very unlikely). I also agree. A man in the middle attack is really not feasible with TOR. One theory as to what could have happened (besides spreading FUD) to the OP is that he went on a hidden wikki, looking for a .onion version of blockchain.info, clicked on a fake blockchian.info link (hidden wikki is littered with these kinds of phishing sites), entered his identifier and password, then the person behind the phishing .onion site was able to login to blockchain and steal the OP's bitcon. IMO the OP is spreading FUD more likely then not. I don't see why the OP would be paranoid enough to use TOR when dealing with bitcoin but isn't paranoid enough to want to use cold storage It happened the same thing to me using coinbase.com and I didn't use the hidden wiki to access coinbase. There is people literally living from stealing BTC you shouldn't underestimate these people Why would you use TOR to access coinbase? They already know your identity and your bank account details therefore there is little reason to try to hide your identity to access coinbase it has been reported that POODLE has exploited a SSLv3 vulnerability so it is, in theory possible that an attacker launched a zero day attack against the OP I didn't give them any ID, just an email address. By the way, someone stole from my blockchain with double authentification and a second password when sending funds... using it via TOR I think blockchain is having an attack or something like that. Do you know any wallet that Works good with TOR? Or would you recommend me generate new wallets from my cold wallet in Armory? Fucking blockchain... When you access your blockchain.info wallet (via TOR or otherwise) you are essentially downloading the private keys to your browser as blockchain.info stores your private keys in encrypted format. When you log in you essentially telling blockchain which encrypted file to send you and you will decrypt it. If someone were to modify the blockchain code via a MITM attack they could make it so the decryption key (aka your password) will be sent to them (along with your identifier) so they can decrypt your wallet file stored on blockchain.info. To get around this potential vulnerability you could use a wallet that always has your private keys stored locally. A few examples would include QT, multibit and armory. The only time that TOR would be involved is when you use your client to push a TX to the network. |
|
|
|
|
