!!!! FTC just heisted out of wallet on Mac OSX
-
Before generating a new wallet for your computer you need to make sure that you do not have an infection. Even with an encrypted wallet the coins may not be safe if there is a keylogger on your computer.
If you just store your coins long term you could always generate a paper wallet. Ideally you do this on a computer that has never been connected to the Internet. You install the client, generate a key and get the private key from the client. You then take a copy of the public key and print your private key to store safely, then you wipe the drive and reinstall the OS. There are plenty of guides online for generating a paper wallet.
This may be a bit over the top, especially if you spend Feathercoins on a regular basis. Make sure that you have good anti-virus, your operating system is fully up-to-date and always encrypt your wallet. Personally I have my wallets encrypted on an Oracle VirtualBox VM. I like to live dangerously and back my encrypted wallets up to Google Drive in a passworded RAR but do have two factor authentication on my Google account.
-
[quote name=“Bushstar” post=“56333” timestamp=“1391198504”]
Before generating a new wallet for your computer you need to make sure that you do not have an infection. Even with an encrypted wallet the coins may not be safe if there is a keylogger on your computer.If you just store your coins long term you could always generate a paper wallet. Ideally you do this on a computer that has never been connected to the Internet. You install the client, generate a key and get the private key from the client. You then take a copy of the public key and print your private key to store safely, then you wipe the drive and reinstall the OS. There are plenty of guides online for generating a paper wallet.
This may be a bit over the top, especially if you spend Feathercoins on a regular basis. Make sure that you have good anti-virus, your operating system is fully up-to-date and always encrypt your wallet. Personally I have my wallets encrypted on an Oracle VirtualBox VM. I like to live dangerously and back my encrypted wallets up to Google Drive in a passworded RAR but do have two factor authentication on my Google account.
[/quote]Thanks again. Doing full scan, killed old wallet files and generated new ones, encrypted, and hope to move forward ok.
-
[quote name=“travwill” post=“56336” timestamp=“1391199436”]
[quote author=Bushstar link=topic=7346.msg56333#msg56333 date=1391198504]
Before generating a new wallet for your computer you need to make sure that you do not have an infection. Even with an encrypted wallet the coins may not be safe if there is a keylogger on your computer.If you just store your coins long term you could always generate a paper wallet. Ideally you do this on a computer that has never been connected to the Internet. You install the client, generate a key and get the private key from the client. You then take a copy of the public key and print your private key to store safely, then you wipe the drive and reinstall the OS. There are plenty of guides online for generating a paper wallet.
This may be a bit over the top, especially if you spend Feathercoins on a regular basis. Make sure that you have good anti-virus, your operating system is fully up-to-date and always encrypt your wallet. Personally I have my wallets encrypted on an Oracle VirtualBox VM. I like to live dangerously and back my encrypted wallets up to Google Drive in a passworded RAR but do have two factor authentication on my Google account.
[/quote]Thanks again. Doing full scan, killed old wallet files and generated new ones, encrypted, and hope to move forward ok.
[/quote]Do nothing on the same machine with same configuration until you find the reason how your coins were lost.
-
After reading this thought would double check mine, just noticed when updating your wallet to a newer software it’s takes the encryption off and need to re encrypt.
-
[quote name=“Drjones” post=“56345” timestamp=“1391202764”]
After reading this thought would double check mine, just noticed when updating your wallet to a newer software it’s takes the encryption off and need to re encrypt.
[/quote]It should not take the encryption off. This would be a neat trick for unencrypting wallets without a password :)
-
As I see that’s strange i encrypted litecoin wallet same time as feather but now checking and for some reason encryption padlock logo has gone off litecoin wallet after last update?
-
Is there an option to unencrypt anywhere, just re done and got my padlock :D
Very strange how it went as didn’t send any coins out of the wallet so didn’t type pass phrase in or anything hmmz
-
[quote name=“MrFeathers” post=“56348” timestamp=“1391203346”]
[quote author=mharrison link=topic=7346.msg56328#msg56328 date=1391196285]
[quote]Also it is impossible that anyone generated your private key by random.[/quote]Not impossible. I have been lucky enough to generate private keys to addresses that has had activity before. Very highly unlikely… Yes. Impossibly … No. It is the luck of the draw.
[/quote]I’m sorry but you are mistaken. The probability of what you claim to have accomplished is so small that it is essentially impossible. you would have to be the first person on this earth that has accomplished this. The probability is 2^160. There have never been any cases of address collision among ANY of the coins ever created.
read: [url=https://bitcointalk.org/index.php?topic=52569.0]https://bitcointalk.org/index.php?topic=52569.0[/url]
[url=https://bitcointalk.org/index.php?topic=104461.0]https://bitcointalk.org/index.php?topic=104461.0[/url]
[/quote]it can happen. especially if anyone figures out how to weaponize all those ASICs by making them do partial work.
-
Well, Mac is clean after multiple scans and wallets are now encrypted, my very dumb mistake. I believe I had an unknown replication of my wallet data file backups back themselves up to my Dropbox account while I was copying some other work files also :-( Had to be it.
So the address below is where the their sent my 11721 FTC coins. There is no way to get these back?
Kinda stinks that in crypto if this is the case, there is no way to reverse a transaction or remove it from block chain if it is truly criminal activity - maybe that is one pro of banks!
1 Not yet redeemed 11721 6tRgpmcXzBZD6kuybJzDjeMgXnJXFEAwZ7 DUP HASH160 20:a12e…445e EQUALVERIFY CHECKSIG
-
[quote name=“travwill” post=“56767” timestamp=“1391403450”]
…
Kinda stinks that in crypto if this is the case, there is no way to reverse a transaction or remove it from block chain if it is truly criminal activity - maybe that is one pro of banks!1 Not yet redeemed 11721 6tRgpmcXzBZD6kuybJzDjeMgXnJXFEAwZ7 DUP HASH160 20:a12e…445e EQUALVERIFY CHECKSIG
[/quote]It’s a feature of all cryptos, that transactions are non-reverse and of course there are drawbacks, like in your case.
Just deem your Crypto-wallet like a normal wallet full of $$$$$$$.
If that is lost or stolen the chance to get the money back is comparable to the chance you get your cryptos back, that’s life.And yes, it’s a pro for the banks to have reverse transactions and also this has drawbacks, as many sellers on Ebay can proove. ;)
-
[quote name=“zerodrama” post=“56354” timestamp=“1391208867”]
[quote author=MrFeathers link=topic=7346.msg56348#msg56348 date=1391203346]
[quote author=mharrison link=topic=7346.msg56328#msg56328 date=1391196285]
[quote]Also it is impossible that anyone generated your private key by random.[/quote]Not impossible. I have been lucky enough to generate private keys to addresses that has had activity before. Very highly unlikely… Yes. Impossibly … No. It is the luck of the draw.
[/quote]I’m sorry but you are mistaken. The probability of what you claim to have accomplished is so small that it is essentially impossible. you would have to be the first person on this earth that has accomplished this. The probability is 2^160. There have never been any cases of address collision among ANY of the coins ever created.
read: [url=https://bitcointalk.org/index.php?topic=52569.0]https://bitcointalk.org/index.php?topic=52569.0[/url]
[url=https://bitcointalk.org/index.php?topic=104461.0]https://bitcointalk.org/index.php?topic=104461.0[/url]
[/quote]it can happen. especially if anyone figures out how to weaponize all those ASICs by making them do partial work.
[/quote]If you could figure that out, you could break all of Bitcoin rather trivially by zeroing in on a key. Hash function are purposefully designed to make partial work irrelevant, because a different start work state will always result in a radically different intermediate work state making any partial work inherently useless. It’s like saying, “If anyone figures out how to make waffles by replicating infinite batter using zero energy and a waffle iron plugged into the wall.” It doesn’t work that way because it violates the laws of physics, or in the case of partial work hashes, of math… specifically the SHA family of hash functions. Break that one, and Bitcoin is the least of your concern.
-
If you insist on keeping a wallet on the computer, at least move the .dat file to a TrueCrypt drive - you can even install the client under the TrueCrypt drive. Or install it under a Virtual machine with TrueCrypt that has limited scope. Make sure the wallet is encrypted. Before opening make sure PC is clean.
-
travwill: I am very sorry for your loss of coins.
Even though your loss might be from the dropbox account. I would not trust your Mac. Anti-virus are definitely not a guaranty that your computer is virus free.
You can either re-install OS X after backup up your wallets to re-import them later. (Assuming there are no EFI rootkits installed on the Mac).
Better move your money to other wallets either on paper or on another computer dedicated to coins (always keeping a minimum of coins on a running computer).The recommendations for VMs are valid, they increase the difficulty of getting access to the wallets from a backdoor, but they remain exposed.
For encrypted partitions, they are essentially accessible from the backdoor when they are mounted (software is running). It is of use only when your computer is powered off.
-
People on Reddit are reporting that Macupdate and download.com have software that is malware infected, on the Mac, that is stealing coins out of wallets:
http://www.reddit.com/r/Bitcoin/comments/1xnm1v/os_x_users_beware_downloadcom_and_macupdatecom/
Wow. Looks like the “security through obscurity” ride Apple had is over, and in the worst possible way (actual accumulated wealth as opposed to, say, stealing processing power for proxies or ad clicks or mining or whatever).
I am honestly depressed by this. People I know that have been working in IT forever are talking to me like “no! Really? I mean–no!”, just absolutely incredulous.