Bitcoin Forum
June 26, 2019, 07:33:06 PM *
News: Latest Bitcoin Core release: 0.18.0 [Torrent] (New!)
 
   Home   Help Search Login Register More  
Pages: « 1 [2] 3 »  All
  Print  
Author Topic: ROBBED  (Read 3674 times)
contagion
Newbie
*
Offline Offline

Activity: 28
Merit: 0


View Profile
December 13, 2014, 03:07:25 AM
 #21

STOP USING WINDOWS FFS!


stop browsing the internet or even having browsers installed on any device containing your cryptos.

This is exactly what is holding back Bitcoin.  I now have to have a separate computer for all bitcoin transactions.  And that is unreasonable for the typical sixpack joe.

  The average consumer will just say "heck no, I will just use Visa".

A solution could be a custom ASIC hardware key, wherein the private key is not accessible; it would interface with your (optionally deterministic hierarchical) wallet via USB but you would be require to press a physical button to release signatures.

Wallets would warn when balances are large enough that a hardware key is warranted.

Price could be reduced to a few $ over time.

Is there something like this already available?

I think there are setups for Rasberry Pi for this, but this needs to come down to the consumer level price and plug-and-play simplicity.
1561577586
Hero Member
*
Offline Offline

Posts: 1561577586

View Profile Personal Message (Offline)

Ignore
1561577586
Reply with quote  #2

1561577586
Report to moderator
1561577586
Hero Member
*
Offline Offline

Posts: 1561577586

View Profile Personal Message (Offline)

Ignore
1561577586
Reply with quote  #2

1561577586
Report to moderator
1561577586
Hero Member
*
Offline Offline

Posts: 1561577586

View Profile Personal Message (Offline)

Ignore
1561577586
Reply with quote  #2

1561577586
Report to moderator
Try The Brand New Ethereum Game
50 Last Players Also Win The Bank
Works On Any iOS/Android Device With Standard Browser
Join Us On Telegram To Get Notified When You Can Win
COLOR PIXELS
AND WIN
Advertised sites are not endorsed by the Bitcoin Forum. They may be unsafe, untrustworthy, or illegal in your jurisdiction. Advertise here.
campycoin
Hero Member
*****
Offline Offline

Activity: 700
Merit: 500


Daily Bitcoins for your Paypal/Skrill


View Profile
December 13, 2014, 03:12:37 AM
 #22

OP

I can do chain analysis if you want... from what I can tell so far...

check this https://bitcointalk.org/index.php?topic=99497.23060;wap2

I believe your coins are now here: https://blockchain.info/address/1Bi24CRuXX1irhaQmEVqbMos62iH43FtYJ

I could do more research but it is super time consuming and maybe you can help
campycoin
Hero Member
*****
Offline Offline

Activity: 700
Merit: 500


Daily Bitcoins for your Paypal/Skrill


View Profile
December 13, 2014, 03:14:53 AM
 #23

Wait... now I am confused...  Multibit?  You must enter your pw for any multibit send.  When you click transactions on that wallet in multibit does it show it?  When you say u had a good password do you mean like 16+ characters using all combos?  Or 6 character 15yo3x?
Bitmore
Full Member
***
Offline Offline

Activity: 415
Merit: 100


https://eloncity.io/


View Profile
December 13, 2014, 03:38:11 AM
 #24

OP

I can do chain analysis if you want... from what I can tell so far...

check this https://bitcointalk.org/index.php?topic=99497.23060;wap2

I believe your coins are now here: https://blockchain.info/address/1Bi24CRuXX1irhaQmEVqbMos62iH43FtYJ

I could do more research but it is super time consuming and maybe you can help


Somewhere in this over my head analysis is the answer to the security problem.   And someone a lot smarter than I will get rich.  And God bless 'em.

A super-app some day will address this need.

twister
Hero Member
*****
Offline Offline

Activity: 672
Merit: 501



View Profile WWW
December 13, 2014, 03:54:11 AM
 #25

Wait... now I am confused...  Multibit?  You must enter your pw for any multibit send.  When you click transactions on that wallet in multibit does it show it?  When you say u had a good password do you mean like 16+ characters using all combos?  Or 6 character 15yo3x?

This is what I am wondering, how does hackers steal the passwords, do they have some sort of key loggers, if the wallet and keys were encrypted there's no way to steal those without knowing the password.

 

██████████████████████████████████████████████████████████████
██████████████████████████████████████████████████████████████
██████████████████████████████████████████████████████████████
██████████████████████████████████████████████████████████████
██████████████████████████████████████████████████████████████
█████████████████████████████████████████████████████████████
██████████████████████████████████████████████████████████████
██████████████████████████████████████████████████████████████
██████████████████████████████████████████████████████████████
██████████████████████████████████████████████████████████████
██████████████████████████████████████████████████████████████
██████████████████████████████████████████████████████████████
██████████████████████████████████████████████████████████████
 
Get Free Bitcoin Now!
  ¦¯¦¦¯¦    ¦¯¦¦¯¦    ¦¯¦¦¯¦    ¦¯¦¦¯¦   
0.8%-1% House Edge
[/
gogxmagog
Legendary
*
Offline Offline

Activity: 1190
Merit: 1000


View Profile
December 13, 2014, 03:56:18 AM
 #26

Yeah, it's my own damn fault for leaving those coins in the hot wallet. I guess I let my gaurd down.

My password was 16 characters, numbers and made up words... Not sure how they got past that? My btc in cold storage is untouched, I download a lot of music, and occasionally a movie, however I have been visiting viooz which is a bootleg streaming movie sight from Russia... So I dont know about that...

That's great you found the address but I'm not sure where to go with it? The "security issue" with btc sure won't help with the universal acceptance. I just lost almost 3k$ and I'm fairly careful, no expert, but fairly proficient... If I can get robbed than I would say over 80% of the general population is at far greater risk.
I'm buying a ledger wallet.
MrGreenHat
Full Member
***
Offline Offline

Activity: 173
Merit: 100


View Profile
December 13, 2014, 03:59:29 AM
 #27

Yeah, it's my own damn fault for leaving those coins in the hot wallet. I guess I let my gaurd down.

My password was 16 characters, numbers and made up words... Not sure how they got past that? My btc in cold storage is untouched, I download a lot of music, and occasionally a movie, however I have been visiting viooz which is a bootleg streaming movie sight from Russia... So I dont know about that...

That's great you found the address but I'm not sure where to go with it? The "security issue" with btc sure won't help with the universal acceptance. I just lost almost 3k$ and I'm fairly careful, no expert, but fairly proficient... If I can get robbed than I would say over 80% of the general population is at far greater risk.
I'm buying a ledger wallet.
Yeah, I think this might be where you may have gone wrong, but thats just a guess.
campycoin
Hero Member
*****
Offline Offline

Activity: 700
Merit: 500


Daily Bitcoins for your Paypal/Skrill


View Profile
December 13, 2014, 04:03:39 AM
 #28

Wait... now I am confused...  Multibit?  You must enter your pw for any multibit send.  When you click transactions on that wallet in multibit does it show it?  When you say u had a good password do you mean like 16+ characters using all combos?  Or 6 character 15yo3x?

This is what I am wondering, how does hackers steal the passwords, do they have some sort of key loggers, if the wallet and keys were encrypted there's no way to steal those without knowing the password.

Yeah, impossible if it is a good password.  Wondering how this happened
campycoin
Hero Member
*****
Offline Offline

Activity: 700
Merit: 500


Daily Bitcoins for your Paypal/Skrill


View Profile
December 13, 2014, 04:05:11 AM
 #29

Yeah, it's my own damn fault for leaving those coins in the hot wallet. I guess I let my gaurd down.

My password was 16 characters, numbers and made up words... Not sure how they got past that? My btc in cold storage is untouched, I download a lot of music, and occasionally a movie, however I have been visiting viooz which is a bootleg streaming movie sight from Russia... So I dont know about that...

That's great you found the address but I'm not sure where to go with it? The "security issue" with btc sure won't help with the universal acceptance. I just lost almost 3k$ and I'm fairly careful, no expert, but fairly proficient... If I can get robbed than I would say over 80% of the general population is at far greater risk.
I'm buying a ledger wallet.

Well then you should stop everything you are doing... you have a key logger on your system
BLKMined
Newbie
*
Offline Offline

Activity: 53
Merit: 0


View Profile
December 13, 2014, 04:25:08 AM
 #30

I as well have a Multibit wallet set-up on my P.C. but for some odd reason felt placing money(BTC) in this particlar wallet wasn't right.  Just for hearing of this I will no doubt dispose of it!
Who knows maybe Multibit took advantage from you leaving your account open and took your coins knowing there was no way of finding out???

Face it You got Goxed!
Levitron
Member
**
Offline Offline

Activity: 63
Merit: 10


View Profile
December 13, 2014, 04:36:45 AM
 #31

STOP USING WINDOWS FFS!


Goodluck trying to get the average joes in bitcoin then
activebiz
Hero Member
*****
Offline Offline

Activity: 518
Merit: 500


View Profile
December 13, 2014, 06:51:28 AM
 #32

from the op it looks like your PC was left on and online. I think it must be from some malware gettinginto your PC. if there is a program to view system network logs, u might be able to know exactly what happened. it also best to use Linux with your bitcoin wallets

picolo
Hero Member
*****
Offline Offline

Activity: 966
Merit: 500



View Profile
December 13, 2014, 07:43:12 AM
 #33

Don't just create a new wallet, you need to reformat and reinstall your OS at the very least. You should also change all your passwords.

Did you install anything new recently, in particular anything cryptocurrency related?

Use an other computer with an antivirus when you want to create a new wallet. Paper wallet are saef to hold  bigger amounts of bitcoins.

LiteCoinGuy
Legendary
*
Offline Offline

Activity: 1148
Merit: 1001


In Satoshi I Trust


View Profile WWW
December 13, 2014, 07:47:54 AM
 #34

Yeah, it's my own damn fault for leaving those coins in the hot wallet. I guess I let my gaurd down.

My password was 16 characters, numbers and made up words... Not sure how they got past that? My btc in cold storage is untouched, I download a lot of music, and occasionally a movie, however I have been visiting viooz which is a bootleg streaming movie sight from Russia... So I dont know about that...

That's great you found the address but I'm not sure where to go with it? The "security issue" with btc sure won't help with the universal acceptance. I just lost almost 3k$ and I'm fairly careful, no expert, but fairly proficient... If I can get robbed than I would say over 80% of the general population is at far greater risk.
I'm buying a ledger wallet.


 Smiley good choice. its the first cheap device for a mass market. we need more of these and they will be developed in the next 1-2 years.

and buy a good antivirus-programm like Kaspersky  Wink


gogxmagog
Legendary
*
Offline Offline

Activity: 1190
Merit: 1000


View Profile
December 13, 2014, 07:58:28 AM
 #35

I ran Sophos and it detected one item and deleted it. I don't think it was a key logger because I haven't sent any coins in weeks so no password was keyed in recently. It's just very weird that multibit opened up without me clicking it. All I can think is they cracked the pass with some super duper program or there is a flaw in multibit that allows the pass to be bypassed. I've cold storage for my savings, and they're fine, but ~6 btc is a big loss and I really don't understand IT enough to be 100% sure what I'm doing, like Linux or Ubuntu seem kind of daunting. I'm going to get a hardware wallet and I am never leaving more than 0.5 btc in my hot wallet ever again.
This experience has damaged my faith in btc. Not the tech itself, but the actuality of any regular joe ever trusting it. If btc is so easy to steal the banks will never have to worry.
Levitron
Member
**
Offline Offline

Activity: 63
Merit: 10


View Profile
December 13, 2014, 08:04:51 AM
 #36

What was the virus called? also run malwarebytes
wadili89
Legendary
*
Offline Offline

Activity: 1106
Merit: 1000


View Profile
December 13, 2014, 08:10:24 AM
 #37

It may be the thief got the wallet long back and spent the time till now trying to crack the password.

Its scary how a veteran member gets robbed.
Blazr
Hero Member
*****
Offline Offline

Activity: 882
Merit: 1001



View Profile
December 13, 2014, 08:50:32 AM
 #38

My password was 16 characters, numbers and made up words...

You should obviously change anything else that uses that password and never use it again. Out of curiosity, what was the password? A randomly generated 16char password made up of upper & lower case letters numbers and symbols is around 104bits of entropy which is pretty much impossible to crack, it would definitely cost a hell of a lot more than 6BTC worth of computing power to crack, so I'm curious to see how strong your password really was, if it really is that strong the hacker must have keylogged you when you last entered your password and only just got around to stealing the funds.

Maybe the hacker got a backup of your wallet that wasn't encrypted?

contagion
Newbie
*
Offline Offline

Activity: 28
Merit: 0


View Profile
December 13, 2014, 09:38:39 AM
 #39

I would not assume that antivirus can detect all forms of trojans that can intercept when you type your password. Some keyloggers may intercept keys at the system level and be detected, others may be application specific (e.g. if Multibit is an application or runs in the browser, then a trojan that infects the application or browser) and thus variable and not detected.

The only safe option would be hardware isolation, for hardware microcode that can't be reprogrammed dynamically, i.e. an ASIC not a CPU, since these have reprogrammable microcode (even though only Intel and the NSA are supposed to have the ability to reprogram these, a hacker might figure out how).

A solution could be a custom ASIC hardware key, wherein the private key is not accessible; it would interface with your (optionally deterministic hierarchical) wallet via USB but you would be require to press a physical button to release signatures.

...

Is there something like this already available?


Ah good to see the market is already providing hardware wallets.

I'm buying a ledger wallet.

 Smiley good choice. its the first cheap device for a mass market. we need more of these and they will be developed in the next 1-2 years.
ujka
Hero Member
*****
Offline Offline

Activity: 630
Merit: 500


View Profile
December 13, 2014, 09:47:08 AM
 #40

A solution could be a custom ASIC hardware key, wherein the private key is not accessible; it would interface with your (optionally deterministic hierarchical) wallet via USB but you would be require to press a physical button to release signatures.
Are you describing a Trezor? https://bitcointalk.org/index.php?topic=122438.0
Pages: « 1 [2] 3 »  All
  Print  
 
Jump to:  

Sponsored by , a Bitcoin-accepting VPN.
Powered by MySQL Powered by PHP Powered by SMF 1.1.19 | SMF © 2006-2009, Simple Machines Valid XHTML 1.0! Valid CSS!