Bitcoin Forum
December 07, 2016, 10:11:32 PM *
News: To be able to use the next phase of the beta forum software, please ensure that your email address is correct/functional.
 
   Home   Help Search Donate Login Register  
Pages: [1] 2 3 4 5 6 »  All
  Print  
Author Topic: 135 BTC Stolen from my Deepbit account!!!!!!!!  (Read 13161 times)
MemoryDealers
VIP
Legendary
*
Offline Offline

Activity: 1006



View Profile WWW
May 14, 2011, 03:09:06 PM
 #1

--------------------UPDATE----------------------

I just head that the thief logged in from IP address:
94.75.217.249
"Mozilla/5.0 (Windows NT 5.1; rv:2.0.1) Gecko/20100101 Firefox/4.0.1"

--------------------------------------------------

Please help!
I woke up this morning,  logged into my deepbit account at 7:35AM PST on 5-14-2011 to see how things were going,  and someone had transfered all my bitcoins to address:
15YaS8ux9u6YUrS6DmdTZa1NaLecNNNCKT  and set it continue to send to that address as soon as my account received even 0.01 additional bitcoins.

My password was a combination of letters and numbers,  and I assumed it was reasonably secure.  (perhaps not)
The only people who knew my password,  were myself,  and a couple of other employees at MemoryDealers, and all of them say they did not change anything.

The following information comes up in that address in the block explorer:


Address 15YaS8ux9u6YUrS6DmdTZa1NaLecNNNCKT

Short link: http://blockexplorer.com/a/2tZky3pBUi
First seen?: Block 123886 (2011-05-14 12:43:27)
Received transactions: 3
Received BTC: 136.59
Sent transactions: 0
Sent BTC: 0
Hash160?: 31d94e8645d5e7f93ad8deeefe69a0a911bd9589
Public key?:
Unknown (not seen yet)
Ledger?

Note: While the last "balance" is the accurate number of bitcoins available to this address, it is likely not the balance available to this person. Every time a transaction is sent, some bitcoins are usually sent back to yourself at a new address (not included in the Bitcoin UI), which makes the balance of a single address misleading. See the wiki for more info on transactions.

Transaction?   Block?   Amount?   Type?   From/To?   Balance?
766fbbe67c...   Block 123886 (2011-05-14 12:43:27)   135.22   Received: Address   
1BA6dEx8crnnRJUhvRVC9mcS2avedYhNxp
1Hfc2GazJs9Us4ra4GVzxqPHkoUiCV3hd1
13E7hWrF71Exyq9rPCaXXaUCnkeG7MbBiD
135.22
a63ccc1fa7...   Block 123893 (2011-05-14 13:19:59)   0.56   Received: Address   
1F6eBtUW6LKmyfiLuR8hLQqf3j2ZesRWdc
135.78
fdef32a895...   Block 123910 (2011-05-14 14:35:03)   0.81   Received: Address   
1CSDXowgDPh3thjVX1p1gZrqA6fV3AKaT
136.59

Does anyone know how I can try to track down who stole my bitcoins and where they went?!!!!!

Any help/insight would be greatly appreciated!


Roger Ver
Memory Dealers.com, Inc.
3350 Scott Blvd.
Building #32
Santa Clara, CA 95054
USA
 
Phone:+1 408 486 5650
Fax: +1 408 486 5653
Email: roger@memorydealers.com
Aim: rogerkver
MSN: roger@memorydealers.com

For all yor networking needs visit:
http://www.memorydealers.com

1481148692
Hero Member
*
Offline Offline

Posts: 1481148692

View Profile Personal Message (Offline)

Ignore
1481148692
Reply with quote  #2

1481148692
Report to moderator
Advertised sites are not endorsed by the Bitcoin Forum. They may be unsafe, untrustworthy, or illegal in your jurisdiction. Advertise here.
1481148692
Hero Member
*
Offline Offline

Posts: 1481148692

View Profile Personal Message (Offline)

Ignore
1481148692
Reply with quote  #2

1481148692
Report to moderator
kiba
Legendary
*
Offline Offline

Activity: 980


View Profile
May 14, 2011, 03:12:41 PM
 #2

Beware of other people using your accounts.

Drifter
Sr. Member
****
Offline Offline

Activity: 367


View Profile
May 14, 2011, 03:15:22 PM
 #3

The only people who knew my password,  were myself,  and a couple of other employees at MemoryDealers, and all of them say they did not change anything.

Well, that's a giant red flag. An employee realizing it would be very hard to track might have prompted the theft.

MemoryDealers
VIP
Legendary
*
Offline Offline

Activity: 1006



View Profile WWW
May 14, 2011, 03:17:14 PM
 #4

Beware of other people using your accounts.

I agree,  but they are both trusted long term employees 5+ years who I trust.


I am guessing that deepbit maybe susceptible to a brute force password hacking attack.
You seem to be able to try as many incorrect passwords on the site in a row as you want.
I hope they put a delay after 3 failed log in attempts.

Does anyone have the contact info for the admin at deepbit?
I am hoping they have some kind of log for whoever logged into my account.

vuce
Sr. Member
****
Offline Offline

Activity: 476


View Profile
May 14, 2011, 03:17:41 PM
 #5

I think this is a lost cause. I don't know what you were thinking leaving 130 coins on deepbit.
MemoryDealers
VIP
Legendary
*
Offline Offline

Activity: 1006



View Profile WWW
May 14, 2011, 03:19:53 PM
 #6

I think this is a lost cause. I don't know what you were thinking leaving 130 coins on deepbit.

I was trying not to keep all my eggs in one basket.

edd
Donator
Legendary
*
Offline Offline

Activity: 1372



View Profile WWW
May 14, 2011, 03:20:55 PM
 #7

The only people who knew my password,  were myself,  and a couple of other employees at MemoryDealers, and all of them say they did not change anything.

Well, that's a giant red flag. An employee realizing it would be very hard to track might have prompted the theft.

Even if they are all completely honest and trustworthy, the chance that someone isn't 100% vigilant in protecting the info rises exponentially with every person.

Still around.
BioMike
Legendary
*
Offline Offline

Activity: 1257


View Profile
May 14, 2011, 03:23:18 PM
 #8

For all you know they wrote the password down, so they couldn't forget it and the cleaning lady found the note below the keyboard.
cartwright
Newbie
*
Offline Offline

Activity: 6


View Profile
May 14, 2011, 03:23:27 PM
 #9

I recommend using Eligius. They take no fees and you provide an address for payments when you start it and nobody can change the address without accessing your computer.
MemoryDealers
VIP
Legendary
*
Offline Offline

Activity: 1006



View Profile WWW
May 14, 2011, 03:25:15 PM
 #10

I have since changed the password,  and I am currently the only person on the planet who knows it.

Does deepbit have any sort of a log of what IP addresses log into each account?
I think that might be my only chance of having any info at all as to who took my bitcoins.
If the IP address is one in the same town as my business,  I will know the theft was related to one of the employees who knew the password.

If the IP address is in some far off country,  then I know it was just some random hacker.

Any other thoughts on how I can find additional information?

mewantsbitcoins
Full Member
***
Offline Offline

Activity: 126


View Profile
May 14, 2011, 03:26:39 PM
 #11

All I have to say is look for somebody who had physical access to the computer where you logged onto deepbit(and no, when you close the web browser it does not log you out of deepbit) or someone who had the access to the computer from which the mining was done.
Although it's trivial to get username/password for anyone on the network, I doubt anyone at random would be trying that stuff. It's someone from your circle

Any security cameras where the computers are?
bittersweet
Full Member
***
Offline Offline

Activity: 224



View Profile
May 14, 2011, 03:26:50 PM
 #12

Ask Deepbit about IP of people who logged on your account.

My Bitcoin address: 1DjTsAYP3xR4ymcTUKNuFa5aHt42q2VgSg
Mike Hearn
Legendary
*
Offline Offline

Activity: 1526


View Profile
May 14, 2011, 03:31:57 PM
 #13

Lack of brute forcing protection might be it.

If anyone is setting up Bitcoin related services where hacking is a risk, I'd strongly recommend using Google or Facebook authentication instead of rolling your own. These companies have solved problems like brute forcing attacks a long time ago and are now also dealing with cases where your password is stolen. For example Google offers two-factor authentication, for free!
MemoryDealers
VIP
Legendary
*
Offline Offline

Activity: 1006



View Profile WWW
May 14, 2011, 03:33:56 PM
 #14

Ask Deepbit about IP of people who logged on your account.

This is exactly what I would like to do.
Does anyone have their contact info?   I don't see any on their website.

Thanks!

SATOSHl
Newbie
*
Offline Offline

Activity: 19


View Profile
May 14, 2011, 03:36:24 PM
 #15

do u use the same password for any other website? that website could use it against u.
MemoryDealers
VIP
Legendary
*
Offline Offline

Activity: 1006



View Profile WWW
May 14, 2011, 03:38:16 PM
 #16

do u use the same password for any other website? that website could use it against u.

I was also concerned with that when  I first set up deepbit,  so I chose a password that was unique to only that website.

casascius
Mike Caldwell
VIP
Legendary
*
Offline Offline

Activity: 1344


The Casascius 1oz 10BTC Silver Round (w/ Gold B)


View Profile WWW
May 14, 2011, 03:44:32 PM
 #17


I was trying not to keep all my eggs in one basket.

Sorry to hear of this misfortune.

For everyone's benefit, here is the safest, 100% hacker proof way to store Bitcoins, and a great basket to put them in.

1. Set up a computer that has no access to the Internet whatsoever.

2. Install and run Bitcoin on it (from removable media, e.g. USB flash memory stick).  Copy the first auto-generated address you see into a blank Notepad text file, and save it on your USB stick.  There is no need to wait for the block chain to download (which shouldn't be happening anyway if you're offline)

3. Back up the wallet.dat file it creates onto your USB stick.  Better yet, do it onto two USB sticks.  It's located at %APPDATA%\Bitcoin\wallet.dat.  Keep both copies safe and secure.

4. Send all your Bitcoins to that address you generated and saved in step 2.  Use Block Explorer to keep track of your balance.

5. Format the hard drive of the computer, or at least delete your wallet.dat from it, or never connect it to the internet.

Main point: The software doesn't have to talk to the network for you to receive bitcoins.  By providing no means for your private keys to be reached from the Internet, they cannot be remotely stolen by anyone.

When ready to spend:

1. Go into a brand new installation of the Bitcoin software, and exit it completely (so it's not on your taskbar, etc.)

2. Go into the %APPDATA%\Bitcoin folder and delete all files with the extension .DAT.

3. Copy your prized wallet.dat into the folder

4. Restart Bitcoin and let it rebuild everything.  Coins will appear when the block chain is downloaded (possibly hours).

5. Spend like normal.

Companies claiming they got hacked and lost your coins sounds like fraud so perfect it could be called fashionable.  I never believe them.  If I ever experience the misfortune of a real intrusion, I declare I have been honest about the way I have managed the keys in Casascius Coins.  I maintain no ability to recover or reproduce the keys, not even under limitless duress or total intrusion.  Remember that trusting strangers with your coins without any recourse is, as a matter of principle, not a best practice.  Don't keep coins online. Use paper wallets instead.
xf2_org
Member
**
Offline Offline

Activity: 70


View Profile
May 14, 2011, 03:48:31 PM
 #18

Ask Deepbit about IP of people who logged on your account.

+1 agreed

Any decent site keeps a record of IP addresses accessing each account.


And do not store bitcoins at a pool server, store them in your own, secure wallet!

mewantsbitcoins
Full Member
***
Offline Offline

Activity: 126


View Profile
May 14, 2011, 03:50:47 PM
 #19

It would be funny if one of the trusted employees log into deepbit from their home  Grin Although I still think it's much simpler than this
jimbobway
Legendary
*
Offline Offline

Activity: 1380



View Profile
May 14, 2011, 03:52:21 PM
 #20

do u use the same password for any other website? that website could use it against u.

I was also concerned with that when  I first set up deepbit,  so I chose a password that was unique to only that website.

Also, if you are using 'MemoryDealers' as your user name or your email address that you display publicly then I suggest you use a non-well-known email address.

░░░░░░░░░██████░░░░░░░░░░░░▄▄▄
░░███░░██████░░░░░▄▄▄▄▄░░██
░░███░░█████████████
░░░░░░░░██████▀▀██████████
░░░░░░░░██████░░░░░██████████
░░░░░░▄▄▄▄▄▄░░░▄▄▄░░░░███████
░░░░░██████░░░███░░░░███████
░░░░░██████░░░███
░░░░░███████▄▄▄▄▄████████
░░░░░████████████████████
░░▄▄▄▄▄░░█████░░░░█████████
█████░░█████░░░░█████████
█████░░░░░░░░░░░░█████████
█████░░░░░░░░░░░░░█████████

START GETTING PAID FOR YOUR ATTENTION!
███████████████████████████████████████████████████████████████████████████████████████████████████████████████████████████████████████████████████████████████████████████████████████████████████████████████████████████████████████████████████████████████████████████████████████████████████████████████████████████████████████████████████████████████████████████████████████████████████████████████████████████████
JUSTICE IN THE WORLD OF ONLINE ADVERTISING!

BUY MASS COIN 】【 ICO PROSPECTUS
VISIT OUR WEBSITE
TWITTER 】【 FACEBOOK 】【 TELEGRAM

Pages: [1] 2 3 4 5 6 »  All
  Print  
 
Jump to:  

Sponsored by , a Bitcoin-accepting VPN.
Powered by MySQL Powered by PHP Powered by SMF 1.1.19 | SMF © 2006-2009, Simple Machines Valid XHTML 1.0! Valid CSS!