|
starfishi
|
|
November 28, 2014, 07:07:05 AM |
|
So sorry for your loss. Its easy to say: why havn´t you done this and this. Humans just make mistakes sometimes. Regarding Keyloggers, i use "Keyscrambler" and "Spyshelter", which asks me everytime, when any process wants to start in the background, to confirm. It remembers all my decisions, so its a bit a pain in the ass only in the first 2 weeks, after that its mostly quiet, unless there are new unknown processes. This way it is not only dependent on database-updates and should alert "0-days" also. I used that in addition to my antivirus for a long time, never had a problem. And whenever theres the possibility for 2FA to the phone, certainly i use that. Hopefully this never happens to you again. Good luck.
Oh, and i knock a lot on wood . . .
|
|
|
|
dagi
|
|
November 28, 2014, 07:55:39 AM |
|
Sorry about your loss Did you use any remotedesktop SW like TeamViewer? With email as username?
|
|
|
|
iluvpie60
|
|
November 28, 2014, 08:13:21 AM |
|
Your name on here is statdude, so I assume you are into learning about statistics. Did you ever do a risk assessment on your storage options? Why would you use something where if they know your actual password from a keylogger they get it? Why wouldn't you use a true 2 factor and tie it into your phone also? It also helps to use things that prompt you saying things like "we noticed you haven't logged in from this ip before please verify yourself" which can turn 2fa into 3fa if that question gets sent to another email address just to prove the first challenge question.
|
|
|
|
Amevalentine
|
|
November 28, 2014, 08:34:15 AM |
|
as i seen blockchain protect with email / sms code for every transaction.
if you disable this. it is your fault.
but by your case, its seems you got catch by virus bot. and its look strange that your money is stuck in this address. and nothing action after by the thief. 1HYeQCcAjoHqFwwofBxiurjTqCkMn7a4N6
|
|
|
|
uvt9
|
|
November 28, 2014, 08:51:46 AM |
|
Honestly, not sure what to think. If BC.I was compromised even with 2FA, then this means that there is some exploit going on in BC.I and piuk owes statdude 63btc.
if blockchain.info could be hacked, there would be A LOT more users and bitcoin got stolen. Total number of user reported is only about 20 i think. All someone needs can be found by hacking your PC and installing a keylogger.
they need no 2FA whatsoever if they then have your password.
Hacker still need 2FA (as second password) because knowing password only isn't enough to login (unless you turned off 2FA). In your case you have 2FA sending to your email, so it's obvious to guess the hacker also got access to your email. Why don't you use 2FA on your phone ? Furthermore, if your PC got infected with trojan/keylogger then clearly we can't blame Blockchain.info This is also the reason i laugh at everyone saying Bitcoin is safer than bank. Hacking to a personal computer is much easier than hacking into the bank !!!
|
|
|
|
BigBertie
Newbie
Offline
Activity: 14
Merit: 0
|
|
November 28, 2014, 09:04:48 AM |
|
I am a new bitcoin user that uses blockchain as a wallet. I have used the above advice and gone from the default of 500 iterations to the 20,000 maximum. What makes Bitcoin wallets different to typical online banking ?- And if your on-line bank account is hacked the bank is responsible for the loss. Why is this not the case for bitcoin wallets? I really feel for the stat guy and deplore some of the responses on this read saying he was to blame. Bitcoin will never reach its potential if a newbee has to go through a raft of additional measures to keep their wallets safe. I don't want to f about with Trezors and such, i want to use my wallet like a bank why is this so difficult ??
|
|
|
|
inBitweTrust
|
|
November 28, 2014, 09:23:09 AM |
|
I don't want to f about with Trezors and such, i want to use my wallet like a bank
why is this so difficult ??
Its not difficult. Just get a coinbase or circle wallet with sms 2FA and they provide the security you need from hackers and insurance as well. What they will not protect you from, in actuality they will expose you to, is theft from the state in the form of capital gains taxes when your Bitcoins go up in value.
|
|
|
|
turvarya
|
|
November 28, 2014, 09:57:51 AM |
|
Damn, that is really hard. I am glad, I finally managed to put most of my coins in paper wallets. For me it was just laziness that I postponed that for months.
Do make something clear, since so many people don't seem to understand that. The difference between bitcoin and fiat is, that with bitcoin it is your responsibility how secure they are. That is one reason why banks have hefty fees: They use part of it to ensure security and insurance. You can't have both: no fees and someone else takes care of the security
So, yes, bitcoins are much more secure than a bank, if YOU make them that secure. But it is not that hard to store them securily: Printing out paper wallets is really easy. Protect them with bip38, store one copy at home and one copy at another secure place and you are done with the security.
|
|
|
|
BitCoinNutJob
Legendary
Offline
Activity: 1316
Merit: 1000
|
|
November 28, 2014, 10:05:12 AM |
|
Bank are also scammers and the fees go to a lot of needless jobs now we have blockchain tech
|
|
|
|
jbreher
Legendary
Offline
Activity: 3038
Merit: 1660
lose: unfind ... loose: untight
|
|
November 28, 2014, 10:24:35 AM |
|
, i use linux and i know my bitcoins are safe this way. i will never found a trojan or a keylogger on my computer
Please let me make sure I understand you. Are you saying that just because you use Linux, your Bitcoin are positively secure?
|
Anyone with a campaign ad in their signature -- for an organization with which they are not otherwise affiliated -- is automatically deducted credibility points.
I've been convicted of heresy. Convicted by a mere known extortionist. Read my Trust for details.
|
|
|
bitkilo
Legendary
Offline
Activity: 1638
Merit: 1010
https://www.bitcoin.com/
|
|
November 28, 2014, 10:46:57 AM |
|
I have multible wallets, 3 hot wallets and off line cold storage. I also have signed up for the coinbase vault but yet to use it. Funny thing is the only wallet i had which got hacked was blockchain but it was a very small amount and i didnt have 2fa back then. I would advise like many other members already have is to look into cold storage, usb or paper wallet. If you dont think you know enough about btc security yet then sign up for coinbase vault till you learn more. I know many members won't agree with me on this but its safer from hackers.
|
Not a paid signature, just added to promote Bitcoin.com
|
|
|
Puppet
Legendary
Offline
Activity: 980
Merit: 1040
|
|
November 28, 2014, 11:08:36 AM |
|
Please let me make sure I understand you. Are you saying that just because you use Linux, your Bitcoin are positively secure?
Linux alone isnt enough obviously, but using windows makes your PC positively insecure.
|
|
|
|
|
wpalczynski
Legendary
Offline
Activity: 1456
Merit: 1000
|
|
November 28, 2014, 12:55:18 PM |
|
Thats horrible, sorry to hear that dude. WTF Help... I am not sure if someone accessed a backup of my wallet somewhere... All my BTC was stolen via a single blockchain transaction 43d9ecf12e25a0bcc6c655660d604cdff800f726dc42f68b08cea8fc1d61a3c4 sent to here https://blockchain.info/address/1L8zn4BJs2B4a4pxN4HBaNKEgaowpa3857if anyone has help or can apply any forensics... i am more than willing to pay a bounty to recover some of these funds... thank you... skype me at "thestatdude" many of these coins were purchased via credit card and i have hardly afford to lose them... please help..
|
|
|
|
Hiraga
|
|
November 28, 2014, 02:24:57 PM |
|
Anyone you remember got in the house with your computer unattended?
|
|
|
|
Addition
|
|
November 28, 2014, 02:40:13 PM |
|
fact is, i treated my blockchain.info as a WEB wallet, trusting them it was SECURE with 2FA alone.
it was not.
All someone needs can be found by hacking your PC and installing a keylogger.
they need no 2FA whatsoever if they then have your password.
Sorry for loss man! Is it worth contacting Blockchain Support, if you haven't already done so? Seems like your not the only bitcoiner to fall victim to unauthorised 3rd party applications. Perhaps there's a way for the Blockchain web wallets to run a keylogging sweep? Are Mac users (OSX) better protected in this case or just as susceptible as Windows/Linux users?
|
|
|
|
ethought
Legendary
Offline
Activity: 1316
Merit: 1000
|
|
November 28, 2014, 02:43:59 PM |
|
Are Mac users (OSX) better protected in this case or just as susceptible as Windows/Linux users?
Umm, Linux is in no way as susceptible as Windows. Linux and Mac have similarly strong security - Windows is a joke.
|
|
|
|
Q7
|
|
November 28, 2014, 02:46:40 PM |
|
Seen before similar incidence when other guy also has 2fa authentication enabled but still lost the coin. Keeping in armory and hope for best
|
|
|
|
ethought
Legendary
Offline
Activity: 1316
Merit: 1000
|
|
November 28, 2014, 02:55:09 PM |
|
If you have a Keylogger on your computer the only thing that will stop unauthorised withdrawals is SMS 2fa - which I understand blockchain.info offers.
If you only have email 2fa the hacker just needs to wait until you login to your email service and they have the password. Then they wait until you log into your blockchain.info account and they have all they need. They could even delete the email from your email account after authorising the transaction.
Note, a keylogger will also give someone access to your local wallet passphrase too. It happened to someone I know and they lost a couple hundred thousand dollars worth. Keyloggers are very very dangerous.
What I am not sure about is if a malicious user gets your blockchain.info login details and you have SMS 2Fa activated can they still grab the private key. That would totally defy the purpose of SMS 2fa so I assume not but I am not sure.
|
|
|
|
|