Ninjastic
PostEdited versionsQuotes to this post
Post
Topic
Board Bitcoin Technical Support
Re: I GOT HACKED AND LOST 1 MILLION
by
af_newbie
on 12/01/2019, 15:17:25 UTC
Quote from: Valerian77 on December 05, 2018, 11:11:17 PM
Quote from: Harkorede on December 05, 2018, 10:49:53 PM
OMG! That's enormous!, sorry for your loss, it would be of great help if you could elaborate where coins where held, is it a multi wallet(If Yes, which wallet ?) how it happen or what you could think have happened ? A malware installation, phishing site and or anything that is more specific.

The coins were held in these locations (order corresponding to the list in my first posting):

Currency   Place
DASH      Qt-Wallet on Laptop
BCH      ElectronCash on Laptop
BTC      Binance.com
BTC      Kraken.com
NEM      Simplewallet on Laptop
BURST   Desktop wallet on Laptop
BTC      Exodus wallet on Laptop
OmiseGo   Exodus wallet on Laptop
LTC      Exodus wallet on Laptop
BCH      Exodus wallet on Laptop
DASH      Exodus wallet on Laptop

Basically it was a stupid combination of failures. I use Windows 10 and tried to claim BTCP and BCD. Both with the Electrum version for their blockchains.
I used the same long password for different things - especially my password safe had the same pw as the DASH QT wallet. So after I started the Electrum clients (which I tested before with Defender, SuperAntiSpyware and www.virustotal.com) I had to do a little thing in DASHQT - that was it - the one of the wallets, most likely BCD, spied my password through a keylogger and the hacker had access to everything.
(there is no need to discuss the stupidity of using Win10, same passwords many times, storing 2FA codes in password safes or testing new software on a vulnerable system)

I feel sorry for you.  It can happen to anyone.  Problem is you had too many altcoin wallets on your machine.  You should have only run bitcoin.org core offline wallet compiled from sources.  

You should have used a dedicated, clean machine to access your coins or online accounts. And never web browse or install anything on that machine.  QT Wallets should be encrypted and stored on removable USB drives, only connected when sending.  Blockchains should be updated with dummy wallets.  You should have run 'core' wallet apps, not use online or third party wallets.  The 2FA devices should be dedicated hardware (old phones) and not connected to any network.  Why in the world did you use password safes?  BCD?  Really?  I did not even know they existed, I would not bother with any bitcoin splits.  I recovered BTG/BCH but this was done on an old PC with BTC moved to another wallet after the fork and before the recovery attempt.  I would not trust any wallet other than bitcoin.org core wallet.  If you're really paranoid, inspect the sources, compile from sources on a dedicated dev machine.

This is everyone's worst nightmare.  

Spend some money on dedicated 'POS' equipment and never touch it unless you move coins or access exchange accounts.  And keep the wallet, blockchain backup on multiple devices in multiple physical locations.

This just shows you, bitcoin is still in an early adoption phase.  It is still not for everyone.

PS. Why would anyone keep all these altcoins is beyond me?  Store your money in BTC in bitcoin.org core wallet and forget all the BS coins.