!!!! FTC just heisted out of wallet on Mac OSX
-
Here was TX INFO!
Status: 179 confirmations
Date: 1/31/14 04:46
To: 6tRgpmcXzBZD6kuybJzDjeMgXnJXFEAwZ7
Debit: -11721.00 FTC
Transaction fee: -0.135 FTC
Net amount: -11721.135 FTC
Transaction ID: cf1b9527e689c08c14bedb06a4304f9b4587ae2295040ae31e5b5d417a631165 -
Was your wallet.dat encrypted?
-
I don’t think so, no, but not sure how anyone would get a hold of it still.
-
Hi Trav,
Did you sort this out?. They were paid into your address on 31st from a pool wallet? Are you on a multipool? Or is that an exchange
Or
you sent 0.18 and received the change…
6vsxBpmQ4jUrwF1qzo3g4TKV2R7UqcopjN:Change was sent to 6tRgpmcXzBZD6kuybJzDjeMgXnJXFEAwZ7
-
Not sure I follow. I am part of a pool but this was a transaction today at 4AM my time that transferred OUT of my wallet for the 11721 FTC - not sure how someone could initiate a transfer from my wallet on computer sitting here at home in our network. :-(
This has me really down on the whole crypto-FTC thing - not sure I’ll keep up mining anymore or even buy more. Suck!
Looks like that address 6tRgpmcXzBZD6kuybJzDjeMgXnJXFEAwZ7 has 2 transfers into it just recently is all - some crook!
-
So would this most likely have been 1) someone that learned of my IP from post on this site for example, or 2) someone who would have got my IP/address (address doesn’t make sense) from BTCE for example? I’m still dumbfounded how someone pulled this off!
-
Really gutted for you mate, that is a shocker. Would of thought though with that many coins in one wallet you would at the very least had it encrypted. Maybe even put the bulk of them in a physical offline wallet …
-
Most likely is that you computer is infected with a coin stealing virus. Do you have anti virus and have you run a full scan?
http://www.sophos.com/en-us/products/free-tools/sophos-antivirus-for-mac-home-edition.aspx
Do you have any backups of you wallet online and could these have been compromised?
What version of OS X are you running?
-
[quote name=“Bushstar” post=“56322” timestamp=“1391193990”]
Most likely is that you computer is infected with a coin stealing virus. Do you have anti virus and have you run a full scan?http://www.sophos.com/en-us/products/free-tools/sophos-antivirus-for-mac-home-edition.aspx
Do you have any backups of you wallet online and could these have been compromised?
What version of OS X are you running?
[/quote]Thanks, running 10.9.
So, going forward, advice to encrypt of course but should I go ahead and delete current clients and wallet files and create new wallets with new keys and encrypt?
-
I’m so sorry Trav, this is not how things are supposed to work. With the raise in value, so comes the rise in those willing to break rules to help themselves.
Security regarding all of this is paramount, I’m curious to hear the end result of how it happened.
-
was your client online?
-
Sorry to hear about this it really sucks to have all the effort from mining all of those coins just stolen from you, its a hard lesson and it’s a shame you had to learn it in this way.
I keep most of my coins in cold wallets and I’d suggest you do the same, just generate 10 or 20 address and key pairs and then print a hard copy and keep it safe and also burn a copy to a CD and keep it safe, then just keep a list of the addresses only on your computer and use these to distribute your coins evenly across them.if you want to be ultra paranoid you can use a virtual machine to create the keys and then destroy the VM when you have your hard copy and CD saved. The result is your machine can be compromised but there is nothing on it that will allow them to steal your coins as your private keys are all kept offline, using multiple cold wallets just mitigates against anyone being lucky enough to generate your key which is almost impossible but if it did happen you would only lose a small percentage of your holdings, it also means you don’t have to take 100% of your coins out of cold storage if you only need a smaller amount.
Treat your coins as if they are worth a $1000 dollars each because someday they just might be.
-
Before generating a new wallet for your computer you need to make sure that you do not have an infection. Even with an encrypted wallet the coins may not be safe if there is a keylogger on your computer.
If you just store your coins long term you could always generate a paper wallet. Ideally you do this on a computer that has never been connected to the Internet. You install the client, generate a key and get the private key from the client. You then take a copy of the public key and print your private key to store safely, then you wipe the drive and reinstall the OS. There are plenty of guides online for generating a paper wallet.
This may be a bit over the top, especially if you spend Feathercoins on a regular basis. Make sure that you have good anti-virus, your operating system is fully up-to-date and always encrypt your wallet. Personally I have my wallets encrypted on an Oracle VirtualBox VM. I like to live dangerously and back my encrypted wallets up to Google Drive in a passworded RAR but do have two factor authentication on my Google account.
-
[quote name=“Bushstar” post=“56333” timestamp=“1391198504”]
Before generating a new wallet for your computer you need to make sure that you do not have an infection. Even with an encrypted wallet the coins may not be safe if there is a keylogger on your computer.If you just store your coins long term you could always generate a paper wallet. Ideally you do this on a computer that has never been connected to the Internet. You install the client, generate a key and get the private key from the client. You then take a copy of the public key and print your private key to store safely, then you wipe the drive and reinstall the OS. There are plenty of guides online for generating a paper wallet.
This may be a bit over the top, especially if you spend Feathercoins on a regular basis. Make sure that you have good anti-virus, your operating system is fully up-to-date and always encrypt your wallet. Personally I have my wallets encrypted on an Oracle VirtualBox VM. I like to live dangerously and back my encrypted wallets up to Google Drive in a passworded RAR but do have two factor authentication on my Google account.
[/quote]Thanks again. Doing full scan, killed old wallet files and generated new ones, encrypted, and hope to move forward ok.
-
[quote name=“travwill” post=“56336” timestamp=“1391199436”]
[quote author=Bushstar link=topic=7346.msg56333#msg56333 date=1391198504]
Before generating a new wallet for your computer you need to make sure that you do not have an infection. Even with an encrypted wallet the coins may not be safe if there is a keylogger on your computer.If you just store your coins long term you could always generate a paper wallet. Ideally you do this on a computer that has never been connected to the Internet. You install the client, generate a key and get the private key from the client. You then take a copy of the public key and print your private key to store safely, then you wipe the drive and reinstall the OS. There are plenty of guides online for generating a paper wallet.
This may be a bit over the top, especially if you spend Feathercoins on a regular basis. Make sure that you have good anti-virus, your operating system is fully up-to-date and always encrypt your wallet. Personally I have my wallets encrypted on an Oracle VirtualBox VM. I like to live dangerously and back my encrypted wallets up to Google Drive in a passworded RAR but do have two factor authentication on my Google account.
[/quote]Thanks again. Doing full scan, killed old wallet files and generated new ones, encrypted, and hope to move forward ok.
[/quote]Do nothing on the same machine with same configuration until you find the reason how your coins were lost.
-
After reading this thought would double check mine, just noticed when updating your wallet to a newer software it’s takes the encryption off and need to re encrypt.
-
[quote name=“Drjones” post=“56345” timestamp=“1391202764”]
After reading this thought would double check mine, just noticed when updating your wallet to a newer software it’s takes the encryption off and need to re encrypt.
[/quote]It should not take the encryption off. This would be a neat trick for unencrypting wallets without a password :)
-
As I see that’s strange i encrypted litecoin wallet same time as feather but now checking and for some reason encryption padlock logo has gone off litecoin wallet after last update?
-
Is there an option to unencrypt anywhere, just re done and got my padlock :D
Very strange how it went as didn’t send any coins out of the wallet so didn’t type pass phrase in or anything hmmz
-
[quote name=“MrFeathers” post=“56348” timestamp=“1391203346”]
[quote author=mharrison link=topic=7346.msg56328#msg56328 date=1391196285]
[quote]Also it is impossible that anyone generated your private key by random.[/quote]Not impossible. I have been lucky enough to generate private keys to addresses that has had activity before. Very highly unlikely… Yes. Impossibly … No. It is the luck of the draw.
[/quote]I’m sorry but you are mistaken. The probability of what you claim to have accomplished is so small that it is essentially impossible. you would have to be the first person on this earth that has accomplished this. The probability is 2^160. There have never been any cases of address collision among ANY of the coins ever created.
read: [url=https://bitcointalk.org/index.php?topic=52569.0]https://bitcointalk.org/index.php?topic=52569.0[/url]
[url=https://bitcointalk.org/index.php?topic=104461.0]https://bitcointalk.org/index.php?topic=104461.0[/url]
[/quote]it can happen. especially if anyone figures out how to weaponize all those ASICs by making them do partial work.
