meowmeo9 (OP)
Newbie
Offline
Activity: 1
Merit: 0
|
|
October 14, 2014, 10:14:10 PM |
|
How is that possible? I use Tor over block chain and as i logged into my wallet a few hours later all my BTC's were hijacked. I use for only to be secure and never thought it might be a problem. Is there an explanation for this ? I never downloaded anything! so its impossible its a virus. Any one has any ideas how it can happen ? I seen it happened to a few people already.
|
|
|
|
MegaHustlr
|
|
October 14, 2014, 10:19:49 PM |
|
Biggest question: Did you have 2FA?
|
|
|
|
virtualx
|
|
October 14, 2014, 10:22:21 PM |
|
I saw another thread about it. Perhaps it's related with tor or an exploit targeting tor. Which OS are you on?
|
...loteo...
DIGITAL ERA LOTTERY | ║ ║ ║ | | r | ▄▄███████████▄▄ ▄███████████████████▄ ▄███████████████████████▄ ▄██████████████████████████▄ ▄██ ███████▌ ▐██████████████▄ ▐██▌ ▐█▀ ▀█ ▐█▀ ▀██▀ ▀██▌ ▐██ █▌ █▌ ██ ██▌ ██▌ █▌ █▌ ██▌ ▐█▌ ▐█ ▐█ ▐█▌ ▐██ ▄▄▄██ ▐█ ▐██▌ ▐█ ██▄ ▄██ █▄ ██▄ ▄███▌ ▀████████████████████████████▀ ▀██████████████████████████▀ ▀███████████████████████▀ ▀███████████████████▀ ▀▀███████████▀▀
| r | | ║ ║ ║ | RPLAY NOWR
BE A MOON VISITOR! |
[/center]
|
|
|
MGGB
|
|
October 14, 2014, 10:29:02 PM |
|
I also just read somewhere that Tor and Non-Darkweb sites like block-Chain don't work well together, because of security issues, and it did explain why, I can't remember, I will see if I can find the post. Also sorry for your loss, that's a bummer
|
|
|
|
miohtama
Newbie
Offline
Activity: 26
Merit: 0
|
|
October 14, 2014, 10:30:17 PM |
|
How is that possible? I use Tor over block chain and as i logged into my wallet a few hours later all my BTC's were hijacked. I use for only to be secure and never thought it might be a problem. Is there an explanation for this ? I never downloaded anything! so its impossible its a virus. Any one has any ideas how it can happen ? I seen it happened to a few people already.
There are malicious Tor exit nodes targeting Bitcoin services. They will do man-in-the-middle HTTPS attack against your Bitcoin website. This is only successful if you accept the invalid security certificates of the website. The web browser gives a big red warning "DON'T GO TO THIS SITE THE CERTIFICATE DOESN'T MATCH". If the user clicks yes and then the secure connection is compromised and the Tor exit node can steal your Bitcoins. You can read more about the attacks against the Tor users here.Thus, Tor should not be recommended for the users who are not technically-sawy enough to avoid risks like this. Other potential risks and compromises and how to protect yourself against them
|
|
|
|
Meuh6879
Legendary
Offline
Activity: 1512
Merit: 1012
|
|
October 14, 2014, 11:05:05 PM |
|
i logged into my wallet a few hours later Don't use fucking online wallet !
|
|
|
|
kokojie
Legendary
Offline
Activity: 1806
Merit: 1003
|
|
October 14, 2014, 11:05:07 PM |
|
Your TOR session was attacked by malicious exit nodes using "Man in the middle" attack. Always make sure you are using HTTPS with valid certificate, or just don't use TOR for something financial related, use a private VPN/SSH tunnel for this.
|
btc: 15sFnThw58hiGHYXyUAasgfauifTEB1ZF6
|
|
|
el kaka22
Legendary
Offline
Activity: 3696
Merit: 1166
www.Crypto.Games: Multiple coins, multiple games
|
|
October 15, 2014, 03:12:39 AM |
|
i logged into my wallet a few hours later Don't use fucking online wallet ! so where i can get offline wallet ? im new about bitcoin can you shared the link i want use that
|
|
|
|
H.W.Z
|
|
October 15, 2014, 03:31:30 AM |
|
i logged into my wallet a few hours later Don't use fucking online wallet ! so where i can get offline wallet ? im new about bitcoin can you shared the link i want use that go here https://bitcoin.org/enThe official Bitcon website! You can learn a lot of basic knowledge from there and download the wallet.
|
|
|
|
hodap
|
|
October 15, 2014, 03:32:28 AM |
|
Didn't know exit node can comprise a user identity.
Is this exploit being used by government also?
|
|
|
|
Pente
|
|
October 15, 2014, 03:40:12 AM |
|
I wish to thank all the people who have taught me that TOR and online wallets don't mix.
As for 2FA, I did that on my own.
|
|
|
|
niothor
|
|
October 15, 2014, 03:44:33 AM |
|
When you connect to tor you connect to hundreds or thousands of different computers....Hence why your coins were snatched up so quickly. Tor and any place that requires authentication is a bad idea.
|
|
|
|
el kaka22
Legendary
Offline
Activity: 3696
Merit: 1166
www.Crypto.Games: Multiple coins, multiple games
|
|
October 15, 2014, 03:45:26 AM |
|
i logged into my wallet a few hours later Don't use fucking online wallet ! so where i can get offline wallet ? im new about bitcoin can you shared the link i want use that go here https://bitcoin.org/enThe official Bitcon website! You can learn a lot of basic knowledge from there and download the wallet. ok ,, will check it thank yaa
|
|
|
|
KIRAZ
|
|
October 15, 2014, 03:47:57 AM |
|
Why was you using Tor with blockchain i don't even check my email accounts over tor. I'm sure that your session got hijacked because of those tor proxies.
|
|
|
|
dserrano5
Legendary
Offline
Activity: 1974
Merit: 1029
|
|
October 15, 2014, 07:08:40 AM |
|
There are malicious Tor exit nodes targeting Bitcoin services. They will do man-in-the-middle HTTPS attack against your Bitcoin website. This is only successful if you accept the invalid security certificates of the website.
Hopefully the exit nodes doing this would eventually be awarded the BadExit flag so they are no longer chosen as exits. Unfortunately this isn't automatic (yet?) so we'll have to live with this problem.
|
|
|
|
shorena
Copper Member
Legendary
Offline
Activity: 1498
Merit: 1540
No I dont escrow anymore.
|
|
October 15, 2014, 09:01:55 AM Last edit: October 15, 2014, 09:24:31 AM by shorena |
|
Didn't know exit node can comprise a user identity.
Is this exploit being used by government also?
Yes [1] and Tor is aware of it [2]. tl;dr: Tor is used by private individuals who want to conceal their online activity, human rights activists in oppressive regimes such as China and Iran, journalists who want to protect their sources, and even by the U.S. Drug Enforcement Agency in their efforts to infiltrate criminal groups without revealing their identity. The Tor Project is a non-profit charity based in Massachusetts and is primarily funded by government agencies. Thus it is ironic that the Tor Network has become such a high-priority target in the NSA's worldwide surveillance system.
[1] dont worry its in english even though its a german domain http://daserste.ndr.de/panorama/aktuell/NSA-targets-the-privacy-conscious,nsa230.html[2] https://blog.torproject.org/blog/being-targeted-nsaEdit: that FBI operation "torpedo" link I didnt find earlier: www.wired.com/2014/08/operation_torpedo/
|
Im not really here, its just your imagination.
|
|
|
zetaray
|
|
October 15, 2014, 10:20:14 AM |
|
Tor is designed for anonymous browsing, not anonymous banking. You are asking for trouble if you use tor to manage your finances.
|
|
|
|
dothebeats
Legendary
Offline
Activity: 3766
Merit: 1354
|
|
October 15, 2014, 01:40:25 PM |
|
Didn't know exit node can comprise a user identity.
Is this exploit being used by government also?
Yes [1] and Tor is aware of it [2]. tl;dr: Tor is used by private individuals who want to conceal their online activity, human rights activists in oppressive regimes such as China and Iran, journalists who want to protect their sources, and even by the U.S. Drug Enforcement Agency in their efforts to infiltrate criminal groups without revealing their identity. The Tor Project is a non-profit charity based in Massachusetts and is primarily funded by government agencies. Thus it is ironic that the Tor Network has become such a high-priority target in the NSA's worldwide surveillance system.
[1] dont worry its in english even though its a german domain http://daserste.ndr.de/panorama/aktuell/NSA-targets-the-privacy-conscious,nsa230.html[2] https://blog.torproject.org/blog/being-targeted-nsaEdit: that FBI operation "torpedo" link I didnt find earlier: www.wired.com/2014/08/operation_torpedo/Really noob question: If Tor users are aware that the Tor network is always under surveillance by the government, how come most of the dark activities concealed by this not-so-hidden-network at all? Sorry i don't understand much about the Tor's concept. Thanks for the information about the mismatch of Tor and the blockchain. Never knew that using the Tor network may steal my coins.
|
|
|
|
yakuza699
|
|
October 15, 2014, 01:55:27 PM |
|
This thread probably explained how my coins were stolen from blockchain.info as I didn't installed anything on my previous PC but was using TOR. Sorry for you loss I had my coins stolen too but they stole only 0.3 from me I hope you will re-earn them fast.
|
|
|
|
dserrano5
Legendary
Offline
Activity: 1974
Merit: 1029
|
|
October 15, 2014, 02:07:02 PM |
|
Really noob question: If Tor users are aware that the Tor network is always under surveillance by the government, how come most of the dark activities concealed by this not-so-hidden-network at all?
There's a difference between using tor to access the regular internet and using tor to access hidden services. Those are more difficult to wiretap.
|
|
|
|
|