Ninjastic
PostEdited versionsQuotes to this post
Post
Topic
Board Bitcoin Discussion
Re: ALL of my bitcoins stolen (Around 60) . What the F*CK.
by
allinvain
on 27/06/2011, 06:48:34 UTC
Quote from: bcearl on June 27, 2011, 06:23:36 AM
Quote from: KnuttyD on June 27, 2011, 05:09:10 AM
Quote from: peach on June 27, 2011, 05:06:19 AM
Sounds very fishy.

If you had it encrypted, any ideas on how it was stolen?

If you're being honest, I'm terribly sorry for your loss. That stinks.

Yea, it does. I had /backups/ encrypted, I should have been clear. Any virus/trojan/person could have just coppied the wallet file from %appdata%/bitcoin.

Encryption cannot protect wallets in use, because your legitimate client has to decrypt it anyway. Encryption is good for backups only.

Yep you're right. Even if the client encrypted the wallet when not in use it eventually has to decrypt it when you want to spend from it. AT that moment it is vulnerable to key logger attack and to any nasty viruses that could are residing in memory (waiting for the opportunity to strike). Someone on a different thread (forget which one) suggested that the client implement a unix style permissions system. Maybe also running the client in it's own chroot (something equivalent in windows) would be a good idea. But in the end it's still quite hard to avoid all avenues of attack. My point is that still the more security measures you can implement the lower the odds that some unclever hacker is easily able to steal your coins.