From this thread http://ift.tt/1c9hpzD
I got nailed good, and I have no idea when where or how. I'm not a risky clicker and I'm pretty good at seeing fake/phising sites.
I checked the computers that I've used to access the blockchain and they all came up clean.
No java exploits, malware, backdoors, Trojans, loaders, etc were found
No abnormal logins in the logs on teamviewer or dropbox or crashplan.
Computers passed the website check for botnet's and possible vulnerabilities http://ift.tt/OKpz7i
No strange hits on my firewall logs
No unknown computers accessed my network via wired or wireless
Gmail account had no strange logins
blockchain support said " Feb 28 09:52 I am sorry to hear of these transactions that you did not initiate. You may have some type of malware on your computer that resulted in your funds being stolen, because your private information was somehow obtained. There's also the possibility that you visited a phishing site posing as blockchain.info. By design, Blockchain.info never has access to users' accounts or bitcoins. If you keep your password and private key backups secure, then your bitcoins are safe with blockchain.info. I would highly advise against ever using this compromised address again (or any of the addresses in the wallet), as someone else clearly has the private keys in it. I wish more could be done to get your funds back to you, but the nature of bitcoin makes it nearly impossible. "
Basically whoever did it, or however they did it kicked my ass. I am a computer professional and I generally know my shit. My best guess is that they did do it via the browser. That day the only sites I visited were blog.coinkite.com and this subreddit.
I guess if you are using the blockchain.info site, make sure you have 2FA (I did) and the double password (I did not) Also, avoid the backup to anything but a USB stick. It seems like everyone who's gotten owned has been because they downloaded or emailed themselves a backup. I've not got a nice weekend ahead of reformatting 3 computers. I'll probably also send a few bitcents to that address again and see what happens.
tldr: After 20+ hours of checking my computers, email accounts, backup accounts and network for security issues, I found none of them to be compromised. Best guess is a website somehow grabbed my private key via a java exploit or phish. Also kudos to whoever did it, you got me good.
My takeaway from this: Dedicated airgap computer with wallet. paper storage, one time use addresses, no more blockchain. Price paid for lesson: 1btc
edit I wrote some tips for those who might not have known about some of the security features and issues with blockchain.info
submitted by CyberSol
[link] [22 commentaires]
from Bitcoin http://ift.tt/1eH7hsk
Aucun commentaire:
Enregistrer un commentaire