Stolen funds - be careful

in #blockchain5 years ago

Yesterday afternoon my computer underwent, what seems to be a personal attack. It seems as if the attacker knew exactly what he was doing and has been preparing it for some time.

In the space of a few hours (until I noticed it), 99% of all my funds were stolen. All with a capital A.

To say that I'm upset or that I'm feeling down is not to say half of what I'm feeling right now. But there is nothing I can do now - at all. Of course, I have sent the necessary emails to the exchanges to which I managed to track the transactions (this morning already, doing it on a clear head).

Below are some mistakes that I made, that might help you in the future:

  • The attacker obviously had access to part of or the whole of my password base
  • Some of the ETH tokens that were stolen, were “washed” through IDEX. IDEX cannot help you recover funds obviously.
  • Everything is moved to Binance
  • If you require to transfer any files from one USB to another - never leave them on your PC, even for an hour (I'm talking important files)
  • Never, ever and ever use one address to store more than one asset - never!
  • 2, 3, 4 and even more chain-passwords systems are not enough. Even if they are 256 bit each. Use multi-signature address or cold wallet to store large funds (obviously, do not keep your passwords “warm”)
  • Change passwords more often than you think yo do
  • If for some reason you need to pass a part of, or a password over an unprotected channel (even if it seems like the password is not important, and this is not a password to your funds) change is straight away. 4 - 6 hours later is too late.

I'm not sure why I'm writing this post. But maybe it can help you to intake the above, even though - obvious, a bit more.

Not sure what else to add at this stage. Be careful, even if you think you are.

Sort:  

sorry...it seems funds are not secure on a PC...

Sorry to hear of this hack and loss of funds. So what this a man-in-the-middle attack or a compromised file on USB stick?

Just trying to figure out what led to this illegal access to your computer, or rather how it occurred.

Your recommendations are good... I also recommend not using public wifi ever unless just for browsing and not on an important computer and of course never sending passwords over that wifi network either.

I have also heard of people using their personal wifi but then going hardwire when logging in to accounts just in case.

Also, finally why it is good to use physical wallets such as Ledger Nano only because it requires physical access to the device, even if your computer is compromised.
Hope things work out or get better.

Congratulations @serejandmyself! You have completed the following achievement on the Steem blockchain and have been rewarded with new badge(s) :

<table><tr><td><img src="https://images.hive.blog/768x0/https://steemitimages.com/60x70/http://steemitboard.com/@serejandmyself/posts.png?201908271024" srcset="https://images.hive.blog/768x0/https://steemitimages.com/60x70/http://steemitboard.com/@serejandmyself/posts.png?201908271024 1x, https://images.hive.blog/1536x0/https://steemitimages.com/60x70/http://steemitboard.com/@serejandmyself/posts.png?201908271024 2x" /><td>You published more than 200 posts. Your next target is to reach 250 posts. <p dir="auto"><sub><em>You can view <a href="https://steemitboard.com/@serejandmyself" target="_blank" rel="noreferrer noopener" title="This link will take you away from hive.blog" class="external_link">your badges on your Steem Board and compare to others on the <a href="https://steemitboard.com/ranking/index.php?name=serejandmyself" target="_blank" rel="noreferrer noopener" title="This link will take you away from hive.blog" class="external_link">Steem Ranking<br /> <sub><em>If you no longer want to receive notifications, reply to this comment with the word <code>STOP <p dir="auto">To support your work, I also upvoted your post! <h6><a href="https://v2.steemconnect.com/sign/account-witness-vote?witness=steemitboard&approve=1" target="_blank" rel="noreferrer noopener" title="This link will take you away from hive.blog" class="external_link">Vote for @Steemitboard as a witness to get one more award and increased upvotes!

Жесть! Сочувствую.
Это был просто рабочий комп, не отдельный сервак?