Re: Bitcoins stolen from my Multibit wallet while off and password protected
Huh. I was actually tech lead of the team at Google that implemented the anti-hacking feature you saw. Good to know it's still working!
Your password sounds strong, but was it ever used for anything else? In particular, was it used for any websites? The fact that someone knows the password to your Google account strongly implies to me that it's due to a hack or password leak from somewhere rather than an issue with MultiBit itself, but we still should get to the bottom of it.
Making a backup doesn't reduce the risk of getting hacked, it increases it, because to hack a wallet you need both the password AND the wallet file itself. So the more copies of the wallet that are lying around the easier it is to satisfy the second condition.
Did you import any keys to your MultiBit wallet from anywhere, or did MultiBit generate them?
The ps output you posted is truncated. It's really the last column that's most important. You can send it to me in a private message if you want.
I wonder if we need to bump up the encryption strength. Ideally it would take several seconds to decrypt the wallet and I don't remember MultiBit taking that long.
Your password sounds strong, but was it ever used for anything else? In particular, was it used for any websites? The fact that someone knows the password to your Google account strongly implies to me that it's due to a hack or password leak from somewhere rather than an issue with MultiBit itself, but we still should get to the bottom of it.
Making a backup doesn't reduce the risk of getting hacked, it increases it, because to hack a wallet you need both the password AND the wallet file itself. So the more copies of the wallet that are lying around the easier it is to satisfy the second condition.
Did you import any keys to your MultiBit wallet from anywhere, or did MultiBit generate them?
The ps output you posted is truncated. It's really the last column that's most important. You can send it to me in a private message if you want.
I wonder if we need to bump up the encryption strength. Ideally it would take several seconds to decrypt the wallet and I don't remember MultiBit taking that long.
I can only thank you for implementing this feature then, It saved me several time already in the last year
Your feeling of being a leak from some website where I used the password sounds reasonable to me. It still remains the mystery of someone doing the transfer remotely, while the Wallet was close, however perhaps this is mystery just for me, given my lack of technical knowledge?!
I have several passwords however the Multibit password I used was not unique, was one of the 3-4 passwords I'm usually using - despite this one being the last created, just few months ago.
No, I did not import any key to Multibit, neither Multibit generated them.
I've sent you in a private the ps outbut again...
Thanks for your interest Mike, really appreciated.
PS: I presume this IP address of the "hacker" does not helps us a lot in tracking anyone or anything ??