Ninjastic
PostEdited versionsQuotes to this post
Post
Topic
Board Service Discussion
Re: WARNING: 100 BTC disappeared when deposited at Primedice
by
DiceMiner
on 03/10/2014, 00:45:13 UTC
Quote from: grux on October 02, 2014, 08:39:57 PM
Quote from: DiceMiner on October 02, 2014, 06:58:49 AM
Quote from: Stunna on September 30, 2014, 04:46:05 AM
Quote from: Nobitcoin on September 30, 2014, 04:39:38 AM
Interesting information what with Apple users saying that their computers are virus / malware free with this discovery you have to be careful whatever os your using... Feel for you 100btc is a lot to go missing  Shocked

All I can say is there is no issue with the security of primedice, I'm hoping OP will consider editing his post within the next few days with the full story of what happened. I'm not going to share what happened without permission but once he explains you will understand why I've chosen not to.

There are users who choose to store hundreds of coins on their account at one time and have had zero issues, if you have any fear just enable 2FA and as long as your PC is secure you should be good.


Hi, OP here.
Stunna has been incredibly helpful in the situation so far. The current theory is that a thief must have compromised my account by brute-forcing my weak password. Since there would be no way for anyone on the outside to know exactly when I had been online at PD (since I did not make any bets or make my presence known in the chatroom on the day of the theft), they must have been monitoring the blockchain for large deposits from my personal wallet to my PD address somehow. Possibly through the use of some script? I have no clue...  Sad

I have to hand it to the thief for having enough technical know-how and impeccable timing to pull off the withdrawal in the incredibly small (literally 2 minute) window between confirmation and my first attempted bet.

If anyone out there has seen this type of theft before, PLEASE LET US KNOW any details you have, as this is the first time I have seen anything like it.

Now that 2FA is available, hopefully this will be the last time.

Thanks,
DiceMiner


Don't mean to prod, but you haven't answer my question from before about what greasemonkey scripts you are running. The "scripts" you named were browser plugins, not actual scripts that you paste into greasemonkey and run.


Look I don't know what else to tell you. Honestly, I don't remember when I installed Greasemonkey, or exactly why. What I listed previously is what I am running now. If it were truly a malware problem, why would the thieves chose such a circuitous way of stealing my BTC? Why not take them directly from my wallet?

Anyhow, I am trying not to pollute this thread with any [possibly unrelated] cross-talk. If something minor jumps out at you, please let me or somebody know via IM. If you've found a smoking gun, please share.