Bitcoin Forum
November 07, 2024, 06:59:43 PM *
News: Latest Bitcoin Core release: 28.0 [Torrent]
 
   Home   Help Search Login Register More  
Pages: « 1 2 3 4 5 [6] 7 8 9 »  All
  Print  
Author Topic: 63.73 BTC Hacked - Blockchain.info secured by 2FA - Starting security podcast?  (Read 15021 times)
statdude (OP)
Legendary
*
Offline Offline

Activity: 1498
Merit: 1000


View Profile
November 28, 2014, 08:52:20 PM
 #101

To the hacker:

I do have your login IP address and .edu email domain from a European country with Google.

I will be investigating this to the fullest extent allowable by law. Please contact me if you don't want this.

▄█▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀█▄
█ ███████████████████████ █
█ █████     █ ▀██████████ █
█ █████     █   ▀████████ █
█ █████  ██ █     ▀██████ █

█ █████  ▀▀ █▄▄▄▄▄▄▄█████ █
█ █████  ▄▄▄▄▄▄▄▄▄  █████ █
█ █████  ▄▄▄▄▄▄▄▄▄  █████ █
█ █████  ▄▄▄▄▄▄▄▄▄  █████ █
█ █████  ▄▄▄▄▄▄▄▄▄  █████ █
█ █████             █████ █
█ ███████████████████████ █
▀█▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄█▀
  Website
    Twitter
      Gitlab
      Reddit
    Telegram
Whitepaper
  ▄█▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀█▄
█ ███████████████████████ █
█ ███████████████████████ █
█ ███▄    ███████▀   ▄███ █
█ ████▌    █████▀    ████ █
█ ████▌     ███▀     ████ █
█ ████▌▐█    █▀ █    ████ █
█ ████▌▐██     ██    ████ █
█ ████▌▐███   ███    ████ █
█ ███▀  ▀███ ███▀    ▀███ █
█ ███████████████████████ █
█ ███████████████████████ █
▀█▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄█▀
BitCoinDream
Legendary
*
Offline Offline

Activity: 2394
Merit: 1216

The revolution will be digital


View Profile
November 28, 2014, 09:11:06 PM
 #102

You can send dust with a public note in blockchain.info, viewable by all.

It appears my gmail was logged into on 22-Nov. Google was supposed to send me a security notification to my phone and email, yet I received neither?

Also, how is my gmail logged into when it has 2FA Google Auth activated???





I think your blockchain.info 2FA was based on gmail and gmail 2FA was based on SMS verification. Am i correct ?

Remember remember the 5th of November
Legendary
*
Offline Offline

Activity: 1862
Merit: 1011

Reverse engineer from time to time


View Profile
November 28, 2014, 09:14:09 PM
 #103

Could it be that his 2FA email did come, but the attacker deleted it?

BTC:1AiCRMxgf1ptVQwx6hDuKMu4f7F27QmJC2
inBitweTrust
Hero Member
*****
Offline Offline

Activity: 658
Merit: 501



View Profile
November 28, 2014, 09:17:45 PM
 #104

Also, how is my gmail logged into when it has 2FA Google Auth activated???

I sent you the link how one can bypass Gmail 2FA.

https://www.duosecurity.com/blog/bypassing-googles-two-factor-authentication

Just one method, but there are probably other ways. This technique allows one to access without notification.


Could it be that his 2FA email did come, but the attacker deleted it?

I think he is referring to Gmails 2FA through the google authenticator app on his cell and not blockchains email 2FA.

magicmexican
Hero Member
*****
Offline Offline

Activity: 812
Merit: 1000



View Profile
November 28, 2014, 09:20:04 PM
 #105

To the hacker:

I do have your login IP address and .edu email domain from a European country with Google.

I will be investigating this to the fullest extent allowable by law. Please contact me if you don't want this.

Best of luck. But your chances look really slim.

Maybe try to negotiate with him and give him 10% or something to have any shot at getting it back.
AltcoinInvestor
Sr. Member
****
Offline Offline

Activity: 294
Merit: 250



View Profile
November 28, 2014, 09:20:51 PM
 #106

Well, sorry dude. I don't think you can get your btc back.

This is why I only use "bitcoin core" wallet. I don't trust any online wallet or exchange...
inBitweTrust
Hero Member
*****
Offline Offline

Activity: 658
Merit: 501



View Profile
November 28, 2014, 09:24:18 PM
 #107

To the hacker:

I do have your login IP address and .edu email domain from a European country with Google.

I will be investigating this to the fullest extent allowable by law. Please contact me if you don't want this.

Next step is to contact the authorities in Luxembourg and subpoena the records of the ISP.
That is enough money to pursue and you already have at least one lead so If I were the hacker
I would try and negotiate a deal soon.

amorphia
Newbie
*
Offline Offline

Activity: 28
Merit: 0


View Profile
November 28, 2014, 09:29:39 PM
 #108

I've made a quick guide to fully securing coins on Blockchain.info for beginners as these horror stories really upset me: https://bitcointalk.org/index.php?topic=876492

Very nice of you creating that thread, very usefull for newbies. After my little loss of btc last summer i start using spybot for keylogers and rootkit scan and 2fa sms to a simple phone, smartphones sucks. I also use virtual keyboard while typing passwords.

I'm really sorry for the OP who lost such a big amount of BTC and wish cancer to the thief and spend all his stolen funds to doctors. Rot in hell!!!
wpalczynski
Legendary
*
Offline Offline

Activity: 1456
Merit: 1000



View Profile
November 28, 2014, 09:41:25 PM
 #109

I don't even think a 50/50 split agreement would persuade the thief to return the money, after all, he is a thief and planned this theft.  I know there was a link in one of the posts of this thread to a case where the thief did return 50% of the coins, I wonder what the circumstances were in that case, what coerced him to return half the coins.

To the hacker:

I do have your login IP address and .edu email domain from a European country with Google.

I will be investigating this to the fullest extent allowable by law. Please contact me if you don't want this.

Best of luck. But your chances look really slim.

Maybe try to negotiate with him and give him 10% or something to have any shot at getting it back.

10%  haha try 50/50 split and it might get returned

TKeenan
Hero Member
*****
Offline Offline

Activity: 874
Merit: 1000



View Profile
November 28, 2014, 09:41:55 PM
 #110

To the hacker:

I do have your login IP address and .edu email domain from a European country with Google.

I will be investigating this to the fullest extent allowable by law. Please contact me if you don't want this.
Wow! that should scare him into submission.  You don't deal much with Russians - do you?
magicmexican
Hero Member
*****
Offline Offline

Activity: 812
Merit: 1000



View Profile
November 28, 2014, 09:45:47 PM
 #111

To the hacker:

I do have your login IP address and .edu email domain from a European country with Google.

I will be investigating this to the fullest extent allowable by law. Please contact me if you don't want this.
Wow! that should scare him into submission.  You don't deal much with Russians - do you?

If the hacker is Russian, the chances to get 0.000001 btc back are 0%. But if he is located somewhere in Europe - there is a slight tiny chance.
TKeenan
Hero Member
*****
Offline Offline

Activity: 874
Merit: 1000



View Profile
November 28, 2014, 11:11:25 PM
 #112

To the hacker:

I do have your login IP address and .edu email domain from a European country with Google.

I will be investigating this to the fullest extent allowable by law. Please contact me if you don't want this.
Wow! that should scare him into submission.  You don't deal much with Russians - do you?

If the hacker is Russian, the chances to get 0.000001 btc back are 0%. But if he is located somewhere in Europe - there is a slight tiny chance.
If the hacker is Russian, your mom will lose her bitcoins next. 
b!z
Legendary
*
Offline Offline

Activity: 1582
Merit: 1010



View Profile
November 28, 2014, 11:15:36 PM
 #113

Sorry to hear about your loss, statdude.
deluxeCITY
Hero Member
*****
Offline Offline

Activity: 532
Merit: 500



View Profile
November 28, 2014, 11:50:44 PM
 #114

I don't even think a 50/50 split agreement would persuade the thief to return the money, after all, he is a thief and planned this theft.  I know there was a link in one of the posts of this thread to a case where the thief did return 50% of the coins, I wonder what the circumstances were in that case, what coerced him to return half the coins.

To the hacker:

I do have your login IP address and .edu email domain from a European country with Google.

I will be investigating this to the fullest extent allowable by law. Please contact me if you don't want this.

Best of luck. But your chances look really slim.

Maybe try to negotiate with him and give him 10% or something to have any shot at getting it back.

10%  haha try 50/50 split and it might get returned
There is likely no split that would potentially compel a thief to return the OP's stolen bitcoin (assuming he is telling the truth), unless he left behind some evidence of his identity. If there was some level of evidence then it would potentially be possible the thief would return some percentage of the stolen money depending on what laws were potentially broken and how likely the evidence would potentially lead to the hacker's actual identity, in exchange for the OP agreeing not to contact law enforcement and agree to not press charges (and to not testify in the event that law enforcement does get involved)
fr4nkthetank
Legendary
*
Offline Offline

Activity: 2294
Merit: 1182


Now the money is free, and so the people will be


View Profile
November 28, 2014, 11:59:47 PM
 #115

Help...
I am not sure if someone accessed a backup of my wallet somewhere... All my BTC was stolen via a single blockchain transaction

43d9ecf12e25a0bcc6c655660d604cdff800f726dc42f68b08cea8fc1d61a3c4

sent to here

https://blockchain.info/address/1L8zn4BJs2B4a4pxN4HBaNKEgaowpa3857

if anyone has help or can apply any forensics... i am more than willing to pay a bounty to recover some of these funds... thank you...

skype me at "thestatdude"

many of these coins were purchased via credit card and i have hardly afford to lose them... please help..

sometimes credit cards pay back for stolen stuff, look in the terms and conditions
ScryptAsic
Hero Member
*****
Offline Offline

Activity: 647
Merit: 501


GainerCoin.com 🔥 Masternode coin 🔥


View Profile WWW
November 29, 2014, 12:14:03 AM
 #116

To the hacker:

I do have your login IP address and .edu email domain from a European country with Google.

I will be investigating this to the fullest extent allowable by law. Please contact me if you don't want this.

Next step is to contact the authorities in Luxembourg and subpoena the records of the ISP.
That is enough money to pursue and you already have at least one lead so If I were the hacker
I would try and negotiate a deal soon.
I would say that the hacker almost certainly used some kind of VPN or socks5 proxy to connect to the OP's blockchain wallet and the email account was likely hacked or compromised. Unfortunately these are generally common elements that many bitcoin related thefts have
ed_teech
Hero Member
*****
Offline Offline

Activity: 508
Merit: 500


Jahaha


View Profile
November 29, 2014, 06:40:26 AM
 #117

 Sad I just heard and I am deeply sorry stat. I hope you can recover them soon.
KingOfSports
Hero Member
*****
Offline Offline

Activity: 602
Merit: 500

Acc bought - used solely for signature testing


View Profile
November 29, 2014, 07:29:50 AM
 #118

Help...
I am not sure if someone accessed a backup of my wallet somewhere... All my BTC was stolen via a single blockchain transaction

43d9ecf12e25a0bcc6c655660d604cdff800f726dc42f68b08cea8fc1d61a3c4

sent to here

https://blockchain.info/address/1L8zn4BJs2B4a4pxN4HBaNKEgaowpa3857

if anyone has help or can apply any forensics... i am more than willing to pay a bounty to recover some of these funds... thank you...

skype me at "thestatdude"

many of these coins were purchased via credit card and i have hardly afford to lose them... please help..
In reference to your kind messages to me two weeks ago - this is karma.

As the lovely names you called me in PM, this "insert negative name here" now has 20 BTC more than you and not a single penny of debt. Credit card, ew? Why ever invest on credit cards when this market is known for thievery and hacking? The overall EV of that decision was definitely -EV, I think you didn't run the numbers or "stats" well enough on that decision way back and now its costing you. Have fun talking to those CC companies and debt collectors... Smiley

.







.
LiteCoinGuy
Legendary
*
Offline Offline

Activity: 1148
Merit: 1014


In Satoshi I Trust


View Profile WWW
November 29, 2014, 08:25:34 AM
 #119

Thanks for the comments guys... PLEASE send dust to these addresses with a public comment marking them back to this thread..I have been trying to do so but it will not work for some reason. I am doing anything I can to get these coins labeled for all to see.



hopefully before the Zerocash release  Lips sealed

https://bitcointalk.org/index.php?topic=362468.msg3878992#msg3878992

BitCoinNutJob
Legendary
*
Offline Offline

Activity: 1316
Merit: 1000


View Profile
November 29, 2014, 04:00:35 PM
 #120

To the hacker:

I do have your login IP address and .edu email domain from a European country with Google.

I will be investigating this to the fullest extent allowable by law. Please contact me if you don't want this.

Best of luck. But your chances look really slim.

Maybe try to negotiate with him and give him 10% or something to have any shot at getting it back.

Yeah 10% you have no chance the hacker would rather take the risk, you are looking at 50/50 or 60/40.  If the hacker is reading just do a deal with the person you hacked, you taught them a lesson on security, you made some money and they wont be chasing you all your life.  Win win all round.
Pages: « 1 2 3 4 5 [6] 7 8 9 »  All
  Print  
 
Jump to:  

Powered by MySQL Powered by PHP Powered by SMF 1.1.19 | SMF © 2006-2009, Simple Machines Valid XHTML 1.0! Valid CSS!