Blockchain Wallet Hacked and Bitcoins Stolen

[jcdmp]

Hello

Last night i saw a message of a Bitcoin transaction from my wallet that i didnt ordered of 9.67 BTC that was almost the total of what i have there.
So i saw that my BTC was been sending to 12bj8u6cKZoYjWksBpuPVMUj8sSkRRc89b wallet!

And im sure my pc wasnt compromissed, and i have 2FA enabled in a Phone i have only for this that dont even have a SIM card inserted, and been looking at my email logs and no one logged from a ip diferent then mine.

I dont open any emails i dont know, never used TOR, i have all instaled that protects me from any kind of malware, i have all the cautions about this as i never been hacked.

After this i had run several anti-malware...anti-troians...anti-rootkits...software, and they found nothing as i expected and again... i have 2FA in a phone without SIM that i use only to storage my 2FA keys so no way the hacker can get that, im 100% sure that the security breach was not on my side!

Blockchain should see the logs has i log always from the same range of IPs.

 - First withdraw - https://blockchain.info/address/12bj8u6cKZoYjWksBpuPVMUj8sSkRRc89b

 - Final Withdraw from the second one - https://blockchain.info/address/12cfKkiK9C3kfyrWeLP3jt76TmX52GDeRx

And my 9 BTC parked there, is the first transaction!

 - Splited withdraw with the rest 0.67 BTC - https://blockchain.info/address/14ceUvczuqTsA1mKYBqtpdQ5cc9mQbQrjC

And im sure more accounts at Blockchain are compromissed as i see more incoming in that last one!

Blockchain keep closing my requestes and replying with burocratic answers like...we are sorry but we do not control the users wallets!

But again i had Google 2FA on a isolated phone that i connect to net trough wifi once per 15 days to update the keys.

Thank a lot for your help and suggestions.

[ik_do]

I just tried to log on to my blockchain wallet from a different country and I had to manually verify via email the logon attempt. So it seems unlikely that someone outside of your vicinity logged into your account without you knowing. Did you have the logging options within blockchain activated? If not then you're not going to be able to tell who did it.

Even so, I don't know if storing 9.67 BTC on a web based wallet is such a great idea.

TBH it is pretty irresponsible of these companies to not restrict outgoing transactions without verification via email at the very least.

[jcdmp]

Hi

I was 200% sure that having Google 2FA enabled i was secure... i was not!

I was moving those 9.67BTC from another place and was not to stay there, but 5 minutes after its confirmation, hacker sent them to the adresses i have described!

[coinpr0n]

Well, that's a pity. Maybe from a wallet backup?

[tadakaluri]

Really an horrible story, which no one want to happen to them.  Is there any way to recover them?

[jcdmp]

Blockchain keep closing my requests without a single sign that will help me at least to get to that IP that have logged to my account!

I never tought that Blockchain would have this kind of behaviour with users.

This just make me feel like they have some kind of responsability in it or they at least would help with the IP.

[ik_do]

Blockchain keep closing my requests without a single sign that will help me at least to get to that IP that have logged to my account!

I never tought that Blockchain would have this kind of behaviour with users.

This just make me feel like they have some kind of responsability in it or they at least would help with the IP.

Did you have logging options enabled on your wallet?

[damiano]

That shit is gone.

Make a new wallet and also disable API key.  I had .2 stolen from me a long time ago so i made a new one..

[pedrog]

How did you store your wallet backup?

[rokkyroad]

That's the trouble with online wallets. Hackers working day and night trying to steal btc.

[tadakaluri]

Blockchain keep closing my requests without a single sign that will help me at least to get to that IP that have logged to my account!

I never tought that Blockchain would have this kind of behaviour with users.

This just make me feel like they have some kind of responsability in it or they at least would help with the IP.

So sad to hear.  They must feel responsibility and need to help you as much as possible to find out the theft.

[sgk]

[...]And im sure more accounts at Blockchain are compromissed as i see more incoming in that last one![...]

From your security measures (protecting your PC, 2FA etc) and this part of your post, it seems to me that this is not a hacked account but something to do on Blockchain.info's side that can cause private keys to be leaked.

This has happened in past with this site and who is to say this isn't one more of the site's vulnerability?

We can only verify when other users have similar issues as yours though.

[zebedee]

TBH it is pretty irresponsible of these companies to not restrict outgoing transactions without verification via email at the very least.

Your mistake is you assume they're creating the transaction, they're not.  Bitcoin doesn't need anyone's authorisation, that's part of the appeal.

[ik_do]

TBH it is pretty irresponsible of these companies to not restrict outgoing transactions without verification via email at the very least.

Your mistake is you assume they're creating the transaction, they're not.  Bitcoin doesn't need anyone's authorisation, that's part of the appeal.

Then run the bitcoin core client?

The advantage of having an email log also is that there can be no question in situations like this--the IP address, browser, time, amount, addresses involved would all be recorded within that users email address.

[zetaray]

How about the email account with a previous backup of your wallet? If hackers have your old wallet backup, they can extract your private keys.

[DeathAndTaxes]

How about the email account with a previous backup of your wallet? If hackers have your old wallet backup, they can extract your private keys.

This.  2FA doesn't apply to backups.   Did you have a backup emailed to yourself?  Stored on your computer?  Sent to dropbox?

[sandykho47bt]

Most likely, they already stike stole wallet backup / secret information when you sign up at blockchain.info
And there are low chances you use fake anti-malware/anti-trojans/anti-rootkits

Or the hackers use man-in-the-middle attack http://en.wikipedia.org/wiki/Man-in-the-middle_attack

[ik_do]

How about the email account with a previous backup of your wallet? If hackers have your old wallet backup, they can extract your private keys.

This.  2FA doesn't apply to backups.   Did you have a backup emailed to yourself?  Stored on your computer?  Sent to dropbox?

2FA does apply to backups if you actually think about security; gmail, dropbox and many other services support 2FA. Of course storing items in plaintext or unencrypted on your harddrive is just asking for trouble.

Nothing is preventing you storing a backup securely using dropbox as long as you use PGP or something else to encrypt it beforehand.

Also, sharing the same email address for every single service is asking for trouble.

[twister]

I dont open any emails i dont know, never used TOR, i have all instaled that protects me from any kind of malware, i have all the cautions about this as i never been hacked.

You forgot to take one of the biggest precautions which is don't keep big amount of your Btc in an on-line wallet. Sorry for your loss but your coins are gone forever.

[jcdmp]

Hello my friends

My email logs dont show any other IP then mine, so my email was not compromissed, and i never emailed my secret key, i had done one backup to email and then downloaded to a pen ages ago so why now?

I had several times, 5, 8 BTC and nothing has happened, why now?

Those 9.67 BTC was months of gathering and now im left with nothing!

And i had Google 2FA in a phone i connect to net trough WiFi once per 15 days to update the keys and dont even have a sim inserted, i got that phone only for this and i tought i was secure!

Already sent a email to the last guy that hacked Blockchain to see if he can help me cause i have my BTC parked in one adress and more time i waste trying Blockchain to help me more far i will be from recovering my BTC.

My 9 BTC "he sent the rest 0.67 BTC to another adress" its parked here!

https://blockchain.info/address/12cfKkiK9C3kfyrWeLP3jt76TmX52GDeRx

That first transaction that came from 12bj8u6cKZoYjWksBpuPVMUj8sSkRRc89b are my 9 BTC!

he sent from my wallet to 12bj8u6cKZoYjWksBpuPVMUj8sSkRRc89b then to 12cfKkiK9C3kfyrWeLP3jt76TmX52GDeRx

thanks a lot for your help