lonari (OP)
Newbie
 Offline
Activity: 9
Merit: 0
|
 |
November 01, 2014, 05:14:05 PM |
|
Was accessing my wallet from Tor and then suddenly, 1.84100102 BTC was transferred to 1FJxeqyAAkxjbV5ijh3CnNkbgdu8zCVsY7
2FA was always enabled. Using google auth.
Do I have any recourse?
|
|
|
|
|
|
|
|
|
|
|
|
|
Advertised sites are not endorsed by the Bitcoin Forum. They may be unsafe, untrustworthy, or illegal in your jurisdiction.
|
letyouearn
Legendary
Offline
Activity: 1722
Merit: 1014
|
|
November 01, 2014, 05:54:13 PM |
|
How is it possible buddy ? How can anyone stole bitcoins from ur blockchain wallet without knowing ur identifier and password . I am totally confused about this issue. If this is really happening, then i have to stop using blockchain and have to transfer my all funds to a secure btc wallet.
|
|
|
|
lonari (OP)
Newbie
Offline
Activity: 9
Merit: 0
|
|
November 01, 2014, 06:18:06 PM |
|
i think it has something to do with malicious Tor exit nodes. so whatever you do, don't use Tor with web wallets  |
|
|
|
|
|
PolarPoint
|
|
November 01, 2014, 06:19:26 PM |
|
You should search the forum about blockchain.info wallets and tor. You are not the only one with funds stolen. Tor and web wallets don't mix.
|
|
|
|
|
cma3
Newbie
Offline
Activity: 56
Merit: 0
|
|
November 01, 2014, 06:22:17 PM |
|
|
|
|
|
|
xcapator
Sr. Member
Offline
Activity: 322
Merit: 252
Here I Am !!
|
|
November 01, 2014, 11:04:33 PM |
|
Do not use TOR to access your wallet / blockchain.info, I believe you were the victim of man-in-the-middle attack, there is known POODLE vulnerability in TSL/SSL that's being exploited in TOR network similar thread : https://bitcointalk.org/index.php?topic=828238.0 |
|
|
|
lonari (OP)
Newbie
Offline
Activity: 9
Merit: 0
|
|
November 02, 2014, 06:13:38 AM |
|
i know it's not a huge amount, but do I have any recourse?
|
|
|
|
|
TheNinja
Member
Offline
Activity: 70
Merit: 10
★777Coin.com★ Fun BTC Casino!
|
|
November 02, 2014, 06:46:28 AM |
|
1.8 BTC isn't a huge amount?...Damn I wish I had that much. It's hard to get it back...particularly due to the nature of cryptocurrency
|
|
|
|
|
Domino
|
|
November 02, 2014, 07:59:27 AM |
|
i know it's not a huge amount, but do I have any recourse?
Bitcoin transcation is irreversible and I am afraid you won't be able to get your bitcoin back. |
|
|
|
pooya87
Legendary
Offline
Activity: 3430
Merit: 10491
|
|
November 02, 2014, 10:18:57 AM |
|
Was accessing my wallet from Tor and then suddenly, 1.84100102 BTC was transferred to 1FJxeqyAAkxjbV5ijh3CnNkbgdu8zCVsY7
2FA was always enabled. Using google auth.
Do I have any recourse?
how is this possible, i see a lot of posts about losing bitcoins while using Tor but all of them have one thing in common: they don't have 2FA. are you sure you didn't mess up like using wrong recipient address |
.
.BLACKJACK ♠ FUN. | | | ███▄██████
██████████████▀
████████████
█████████████████
████████████████▄▄
░█████████████▀░▀▀
██████████████████
░██████████████
█████████████████▄
░██████████████▀
████████████
███████████████░██
██████████ | | CRYPTO CASINO &
SPORTS BETTING | | │ | | │ | ▄▄███████▄▄
▄███████████████▄
███████████████████
█████████████████████
███████████████████████
█████████████████████████
█████████████████████████
█████████████████████████
███████████████████████
█████████████████████
███████████████████
▀███████████████▀
███████████████████ | | .
|
|
|
|
HQLD
Newbie
Offline
Activity: 13
Merit: 0
|
|
November 02, 2014, 10:54:14 AM |
|
I also know someboy who have had the same experience. If the exit node is running by a criminal you may loose all your coins.
|
|
|
|
|
|
thompete
|
|
November 02, 2014, 10:57:08 AM |
|
Was accessing my wallet from Tor and then suddenly, 1.84100102 BTC was transferred to 1FJxeqyAAkxjbV5ijh3CnNkbgdu8zCVsY7
2FA was always enabled. Using google auth.
Do I have any recourse?
how is this possible, i see a lot of posts about losing bitcoins while using Tor but all of them have one thing in common: they don't have 2FA. are you sure you didn't mess up like using wrong recipient address It has to do something with javascript and tor running along. There are a lot of security issues doing it, and there have been several cases of this happening. |
|
|
|
Spoetnik
Legendary
Offline
Activity: 1540
Merit: 1011
FUD Philanthropist™
|
|
November 02, 2014, 11:01:14 AM |
|
I also know someboy who have had the same experience. If the exit node is running by a criminal you may loose all your coins.
far more likely than a man in the middle attack. |
FUD first & ask questions later™ |
|
|
Gleb Goodston
Newbie
Offline
Activity: 39
Merit: 0
|
|
November 02, 2014, 06:39:42 PM |
|
Yes Tor & any online wallet don't mix & you should expect to lose everything. Never access with Tor you will regret it. It's the same with emails and other things too.
|
|
|
|
|
|
hamza171
|
|
November 03, 2014, 12:03:49 AM |
|
So how is TOR safe if someone can do this?
|
|
|
|
|
|
MystPhysX
|
|
November 04, 2014, 05:58:33 AM |
|
So how is TOR safe if someone can do this?
This is using the POODLE exploit, it's genius. Only way to stop it is to disable SSL 3.0 on both ends. So using TOR only makes the MITM part easier, it's not that TOR is the only way to accomplish this. |
|
|
|
kruhft
Newbie
Offline
Activity: 5
Merit: 0
|
|
November 04, 2014, 06:20:56 AM |
|
Was accessing my wallet from Tor and then suddenly, 1.84100102 BTC was transferred to 1FJxeqyAAkxjbV5ijh3CnNkbgdu8zCVsY7
2FA was always enabled. Using google auth.
Do I have any recourse?
Looks like whoever it is has been pretty active: https://blockchain.info/address/1FJxeqyAAkxjbV5ijh3CnNkbgdu8zCVsY7 |
|
|
|
|
|
|
ranochigo
Legendary
Offline
Activity: 2954
Merit: 4158
|
|
November 04, 2014, 12:09:28 PM |
|
So how is TOR safe if someone can do this?
Tor is pretty safe as long as you download all the updates. The latest Tor update disabled SSL3 and it is not possible to MITM attack with the newest version. |
.
.HUGE. | | | | | | █▀▀▀▀
█
█
█
█
█
█
█
█
█
█
█
█▄▄▄▄ | ▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀
.
CASINO & SPORTSBOOK
▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄ | ▀▀▀▀█
█
█
█
█
█
█
█
█
█
█
█
▄▄▄▄█ | | |
|
|
|
|
marcelus
|
|
November 05, 2014, 06:32:26 PM |
|
So how is TOR safe if someone can do this?
Tor is pretty safe as long as you download all the updates. The latest Tor update disabled SSL3 and it is not possible to MITM attack with the newest version. It's exit nodes that are the problem. |
|
|
|
|
|
PolarPoint
|
|
November 05, 2014, 07:11:02 PM |
|
Tor is pretty safe as long as you download all the updates. The latest Tor update disabled SSL3 and it is not possible to MITM attack with the newest version.
I don't know Tor enough to be criticising it, but the whole idea seems rather unsafe. I don't feel comfortable with typing any passwords in it. |
|
|
|
|
Tstar
Legendary
Offline
Activity: 1176
Merit: 1005
Decentralized Asset Management Platform
|
|
November 06, 2014, 07:37:55 AM |
|
people who using TOR to access blockchain faced this problem
it was an issue with exit node on tor network
|
|
|
|
ranochigo
Legendary
Offline
Activity: 2954
Merit: 4158
|
|
November 06, 2014, 07:48:21 AM |
|
Tor is pretty safe as long as you download all the updates. The latest Tor update disabled SSL3 and it is not possible to MITM attack with the newest version.
I don't know Tor enough to be criticising it, but the whole idea seems rather unsafe. I don't feel comfortable with typing any passwords in it. Traffic coming out of tor exit nodes are unencrypted. Rogue exit nodes can potential capture unencrypted information transmitted using HTTP instead of HTTPS. Alternatively, vulnerbilities in HTTPS can allow those exit nodes to see encrypted information and capture your passwords. |
.
.HUGE. | | | | | | █▀▀▀▀
█
█
█
█
█
█
█
█
█
█
█
█▄▄▄▄ | ▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀
.
CASINO & SPORTSBOOK
▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄ | ▀▀▀▀█
█
█
█
█
█
█
█
█
█
█
█
▄▄▄▄█ | | |
|
|
|
|
P4man
|
|
November 06, 2014, 08:40:06 AM |
|
blockchain uses https (obviously). If there is a problem with that, a man in the middle attack wouldnt be confined to tor at all. Anyone who could snoop your traffic would be able to steal your coins, and that would be problematic to put it mildly.
|
|
|
|
dooglus
Legendary
Offline
Activity: 2940
Merit: 1330
|
|
November 06, 2014, 07:45:22 PM |
|
blockchain uses https (obviously). If there is a problem with that, a man in the middle attack wouldnt be confined to tor at all. Anyone who could snoop your traffic would be able to steal your coins, and that would be problematic to put it mildly.
That's not true. In order to use the POODLE exploit you need to be able to modify the stream, not just read it. The problem is only with webservers which allow SSL3. Everyone should disable SSL3 to prevent the attack. blockchain.info uses cloudflare, which seems to mean they don't use SSL3 - which leaves me wonder how this attack is being successful. |
| Just-Dice | ██
██████████
██████████████████
██████████████████████████
██████████████████████████████
██████████████████████████████
██████████████████████████████
██████████████████████████████
██████████████████████████████
██████████████████████████████
██████████████████████████████
██████████████████████████████
██████████████████████████████
██████████████████████
██████████████
██████ | Play or Invest | ██
██████████
██████████████████
██████████████████████████
██████████████████████████████
██████████████████████████████
██████████████████████████████
██████████████████████████████
██████████████████████████████
██████████████████████████████
██████████████████████████████
██████████████████████████████
██████████████████████████████
██████████████████████
██████████████
██████ | 1% House Edge |
|
|
|
|
