Ninjastic
PostEdited versionsQuotes to this post
Post
Topic
Board Service Discussion
Re: If you used Brainwallet.org - MUST READ! - Security Breach!
by
ymgve
on 06/07/2013, 13:54:18 UTC
I did a small investigation some time ago to see how widespread the problem was, and these were the results:

 - Sent 0.001 BTC to an address generated with a password you will find in any top 10 common password list. Taken immediately.
 - Sent 0.001 BTC to an address generated with a six digit password. Taken immediately.
 - Sent 0.001 BTC to an address generated with the same six digit password as above, but with Point Conversion set to "Compressed". Untouched.
 - Sent 0.001 BTC to an address generated with an upper/lower/digit six character randomly generated password, normal Point Conversion. Untouched.

Someone is definitely out there grabbing things from weak-passworded wallets, but even a six-character random password thwarts them.


Edit:
Mechs, tell us which password you used. It's already compromised, so there should be no harm in revealing it.
If you can't reveal it because you use that password in multiple places then guess what - that's how they got your password in the first place - by stealing it from some other place you used it.