63.73 BTC Hacked - Blockchain.info secured by 2FA - Starting security podcast?

[statdude]

2fa was just email which does not appear to have been breached, but who knows.
I did just find a keylogger on the PC.
MSDCSC.EXE installed 11/19. that is also the same day as a wallet file mysteriously showed up.

[statdude]

Also just remember that i got a mysterious login on btc-e.
25.11.14 03:33   94.242.246.24   Successful login

This may be the IP address of the hacker.

[jonald_fyookball]

good luck catching the thief.

why didn't you use cold storage ?

[statdude]

good luck catching the thief.

why didn't you use cold storage ?

I meant to. Honestly, I almost always use it. I would have certainly put them in cold storage within the next few days.

I should have obviously done so MUCH sooner.

Searching the suspicious IP address turns up a TOR server. The user of the server with a non-spam email address on that day http://www.stopforumspam.com/ipcheck/94.242.246.24

Turns up " 11/24/2014 14:59   94.242.246.24   bletkorer   nghfgdfd@gmail.com "

[inBitweTrust]

Also just remember that i got a mysterious login on btc-e.
25.11.14 03:33   94.242.246.24   Successful login

This may be the IP address of the hacker.

lu   lu   l   luxembourg   49.610001   6.124000   root sa
Luxembourg   LU   not found   not found   49.750000   6.166700   root SA
LUXEMBOURG   LU   LUXEMBOURG   STEINSEL   49.676941   6.123890   ROOT SA

 ASN    5577
Name    ROOT
Description    root SA,LU
# Peers    7
# IPv4 Origin Ranges    17
# IPv6 Origin Ranges    3
Registrar    RIPE-NCC
Allocation date    May 15, 2009
Country Code    LU


   
Reverse   orion.enn.lu.
Reverse-verified    Yes
Country Code    LU
Country    Luxembourg
Region    Europe
Population    442972
Top-level Domain    LU
IPv4 Ranges    145
IPv6 Ranges    43
Currency    Euro
Currency Code    EUR
IP Range - Start    94.242.192.0
IP Range - End    94.242.255.255
Registrar    RIPE-NCC
Allocation date    Oct 21, 2008

[inBitweTrust]

why didn't you use cold storage ?

Humans in general suck at security from what I have seen. We all are constantly making mistakes and only realize and or acknowledge them after an attack has occurred.

Everyone desperately needs to start using secure hardware wallets and multisig paperwallets - http://mycelium.com/entropy can help.

[Remember remember the 5th of November]

2fa was just email which does not appear to have been breached, but who knows.
I did just find a keylogger on the PC.
MSDCSC.EXE installed 11/19. that is also the same day as a wallet file mysteriously showed up.

Well there is your problem. A keylogger.

[HYPERfuture]

2fa was just email which does not appear to have been breached, but who knows.
I did just find a keylogger on the PC.
MSDCSC.EXE installed 11/19. that is also the same day as a wallet file mysteriously showed up.

Sorry to say your email was probably breached combined with keylogger.

Email isn't true 2FA (unless your email itself has 2FA with google auth or something like that) as it is very easy for an email to become compromised.

Even then you should also use other 2FA.

Sorry for your loss again and good luck.

[johnyj]

2FA should be on different devices, and for 50+ coins I can not imagine storing it in a online wallet

But to be honest, it's still a hassle to use offline storage, especially when you are not an IT guy. It's very difficult to find a balance between ease of use and security, that's also one of the reason that banks exist

[HYPERfuture]

2FA should be on different devices, and for 50+ coins I can not imagine storing it in a online wallet

But to be honest, it's still a hassle to use offline storage, especially when you are not an IT guy. It's very difficult to find a balance between ease of use and security, that's also one of the reason that banks exist

I think Trezor is the easiest secure solution right now.

Multiple 2FA (2FA emails, Yubikeys, google auth, etc) is the way if storing coins online.

[statdude]

How did I get this Keylogger? I am VERY careful and dont install anything that isnt virus checked.

Is is possible my IP Vanish software which uses Tor was compromised?

[alani123]

How did I get this Keylogger? I am VERY careful and dont install anything that isnt virus checked.

Is is possible my IP Vanish software which uses Tor was compromised?

What's the name of this software. Is it created by someone trusted? Let us know.

[rokkyroad]

Why the hell doesn't blockchain info have sms verification for withdrawals? Does anyone? Seems it would save a lot of thievery.

Lots of apps for sms. Google phone number on another device should be pretty effective if one does not have a smart phone.

I cleared out my blockchain account a while back. Might keep a small amount there in the future if they revamp their security.

I would steer clear of Tor for anything sensitive like accessing your email or banking. Its ok for cruising piratebay and flashyourrack if you are at work.

Sorry for the OP's loss.

[Remember remember the 5th of November]

How did I get this Keylogger? I am VERY careful and dont install anything that isnt virus checked.

Is is possible my IP Vanish software which uses Tor was compromised?

LOL, anti-virus do only so much, to truly know if software is safe or not, you need to learn reverse engineering and check out every software. But really, you likely got infected by a Java or Flash applet.

[freedomno1]

sorry man...

Sorry as well, I hope your able to get it back

[BitCoinNutJob]

What the fuck do you want us to do about it faggot?  You dun goofed son.

This isn't reddit, we don't upvote faggots for being retards here.

this post does not represent the majority, security is a learning process, our time is finite

[Business]

2fa was just email which does not appear to have been breached, but who knows.
I did just find a keylogger on the PC.
MSDCSC.EXE installed 11/19. that is also the same day as a wallet file mysteriously showed up.

Sorry about your lost.

I recomend you to use Linux, i use linux and i know my bitcoins are safe this way. i will never found a trojan or a keylogger on my computer, i recomend you to give a chance to linux.

You can keep tracing the transactions, maybe that whay you will find who did it.

Good luck.

[gogxmagog]

I am curious if anyone has ever actually retrieved stolen BTC? are there examples of this happening? where would I look? google is no help.

Sorry to OP though. Not trying to rub salt in your wounds. that is a lot to lose. ouch!

[BitCoinNutJob]

I am curious if anyone has ever actually retrieved stolen BTC? are there examples of this happening? where would I look? google is no help.

Sorry to OP though. Not trying to rub salt in your wounds. that is a lot to lose. ouch!

think this guy ended up doing a deal with the thief to split the coins

http://www.reddit.com/r/Bitcoin/comments/2af2e1/500_btc_bounty_for_the_return_of_androklis/

[statdude]

fact is, i treated my blockchain.info as a WEB wallet, trusting them it was SECURE with 2FA alone.

it was not.

All someone needs can be found by hacking your PC and installing a keylogger.

they need no 2FA whatsoever if they then have your password.