DRKLord
Member
Hey guys,
I'm going to tell you all a story about something really eff'ed up that happened to me recently, and remind you of how important it is to take your computer and financial security seriously to avoid anything like this happening to you. I was sloppy and careless, and I almost lost a good bit of money and put myself, my name and reputation at grave risk. And I'm lucky that I was able to fix the problem and that it didn't get out of hand. I could've lost soooo much more...
About a week ago I had to suddenly leave in the middle of the night and go to the hospital. It was an emergency, so I took off straight for the hospital without a second thought. I ended up having to stay in about 4 full days/nights until I was well enough to be sent home. When I returned home, the first thing I did was get on my PC to check on Darkcoin and crypto stuff. So I go to Cryptsy.com and try to log in... it says invalid password or username. Uh ohhh... what's going on here, Cryptsy?! I try to login to my email to reset my password... invalid password! Now I know something is SERIOUSLY wrong, and it's obvious I've been hacked or my account was somehow compromised and I'm pretty sure that if/when I regain access to my account I'm going to have zero coins left... :-/
So I start trying to figure out what's happened and what's going on... My passwords are always made up of very long strings of pseudo-random alpha-numeric characters of mixed case. Since there are a lot of lengthy and complicated passwords that I use regularly, I save them embedded in a secret text file on my PC. The file is encrypted, and the only way to read it is to know where to find it, open it, decrypt its contents with an extremely complex key and then run the decrypted output through a special script that strips the passwords and data from the block of text. It's quite an elaborate and robust security measure, so I knew that the odds of someone being able to: 1) steal the file 2) crack the encryption 3) steal the reader script 4) brute-force the script key are virtually null -- they had to have gained access another way. I calculated the odds of someone simply brute-forcing my Cryptsy password and, as I'd suspected, it could take many thousands of years of hashing and permutations to break on a high-end machine. So the odds someone brute-forced my Cryptsy AND email passwords were slim to none as well. So how did they do it?
I went over other possibilities... I suppose I'm now a fairly well-known developer and crypto investor, so I knew it was entirely possible I'd been specifically targeted by hackers from the crypto-currency community -- a possibility I've always taken great precautions to guard against. I checked my system for key-loggers, spyware and anything out of the ordinary. As usual, it was 100% clean... I only download things from trusted sources and before using anything I download I always manually verify checksums and check the files for anything malicious... The only recent modification to my system was a simple Windows update, and it had the right checksum and was clean. So how did this happen?! At this point, I realized that it was probably an "inside job" because my security measures are very strong and difficult to get around and there was no breach to be found. After about 10-15 minutes, I hacked back into my own email and changed my password to lock out whoever had broken in. Then I start reading through my inbox... then I see a withdrawal confirmation from Cryptsy for a withdrawal of 1.40093 BTC which took place the morning after I was admitted to the hospital!
After a bit more investigation, I noticed that the last login to my Cryptsy account was from my own external IP address... meaning that whoever made this withdrawal did so on MY freakin network and probably on MY damned PC! The only person I could think of who had the knowledge to do something like this was my girlfriend. But she had been with me the ENTIRE time, and I trust her a lot more than that. This girl has held onto $10K+ in cash for me on several occasions and used to keep an eye on my safe full of gold and silver bullion for me in the past... she'd never stolen a single penny, and has always been trustworthy with money. So I knew she didn't do it and wouldn't do it even if she had the chance. The only other person I could think of who knew about my BTC/DRK holdings at Cryptsy was my mother... but she would never steal my coins either, and she's too computer illiterate to do anything with coins even if she did. However, my mother had been at the house while I was gone and when I went to the hospital I asked her to go shut down my PC for me. So I called her over to try to figure out what went wrong. If anyone could give me some clues, it would be her.
So I asked my mother if she or anyone else had gotten on my PC in my absence. She said no, she never got on it or fooled with anything and no one had been around the house. And she told me that not long after I went into the hospital there was a short 2min power outage that shut my PC off and she had left it off since then -- no one could've used it after that point, because only I know the Windows login password. Then I explained to her what happened and that I suspected the thief had gotten on my computer to access my accounts and steal coins. She was shocked, but she said no one had messed with my computer or had the opportunity to do so. Then I asked her: "Did anyone at ANY point in time since I left to go to the hospital touch my computer whatsoever?" ...
She said that a friend of mine, who we will call "Percy", had come over to my house after I'd left for the hospital to help her take care of a few things. And that as far as she knew, Percy had only used my computer to get online and find out some information about the hospital for her. At that point, I knew it had to be Percy. Not only does Percy know how to use Bitcoin and knows that I'm a dev and investor, Percy knew that I traded on Cryptsy and had coins there. Percy has watched me trade before and knows how it works. And interestingly enough, we'd been told that Percy has been struggling with a drug problem and was a Silk Road user. Bingo! Now I knew who did it and why... I only needed to figure out how. But the answer to that was simple enough. When I took off to leave for the hospital, my PC was left on and my web browser was left open. So my Cryptsy session was still logged in. When Percy heard I had just been rushed to the hospital he pretended that he wanted to help my mother take care of my dog and lock down my house and be a "good friend", but he really just wanted a chance to snoop on my PC for coins in my absence. So he got into my house and onto my PC under a false pretense, pretending he was going to help me by helping my mother deal with my loose ends. When he got on my PC and saw my Cryptsy browser tab open he just proceeded to sell all my DRK and withdrew the BTC proceeds from the sales -- it was around 140.00 DRK, and came out to about 1.4009 BTC. To try to "hide his tracks", he withdrew the coins to a previously unused address and then attempted to bounce them around and then mix them. But with a couple minutes of block-chain analysis I was able to find all 1.4009 BTC. Since the power had flickered off/on an hour or two after Percy was in the house, no one else had access to my PC after he did. And I discovered that the place he sent the coins to was a Silk Road wallet address...
Having figured everything out and found proof Percy was the thief, I called him to confront him... he wasn't aware I was home yet, and I called him from my mother's phone. When he heard my voice on the phone his voice cracked and he got all squeaky and squealy like a little girl -- as I laid out the proof/evidence of his theft to him. I won't go into details, but I got pretty heated and angry during the next minute or two of our conversation and put the fear of God into his ass, lol. I refrained for making any actual threats against him, but made it clear I was going to do whatever it took to bring him down and get my coins back and his thievery would NOT be tolerated! I'm definitely not a Billy Bad-ass UFC fighter type of guy, but I was raised in the hood and I'm a force to be reckoned with... Percy definitely didn't want a physical confrontation over these coins because he knew how that would turn out. So he immediately admitted what he'd done and pleaded with me not to take action against him... he knew I could do a lot of harm to him if I wanted to and I pointed out that I also knew about his illicit purchases online...
About 15 minutes later, I received a Bitcoin-qt notification: Incoming Transaction: 0.70 BTC. He had sent back half of the coin he'd stolen right away. He texted me and said, to paraphrase: "There's half of your coins back. I already spent some of it but please just give me a couple days to pay you back the rest! Please!" So we made some arrangements... He was so afraid of having to see me face-to-face that I had to let him drop money to me by tossing it over my fence or dropping it in a neighbor's mailbox for me, even though I promised to give him temporary ass-whoopin amnesty anytime he was bringing me a payment (I'm a reasonable guy and the DRK Lord is merciful, lol).
I'm going to tell you all a story about something really eff'ed up that happened to me recently, and remind you of how important it is to take your computer and financial security seriously to avoid anything like this happening to you. I was sloppy and careless, and I almost lost a good bit of money and put myself, my name and reputation at grave risk. And I'm lucky that I was able to fix the problem and that it didn't get out of hand. I could've lost soooo much more...
About a week ago I had to suddenly leave in the middle of the night and go to the hospital. It was an emergency, so I took off straight for the hospital without a second thought. I ended up having to stay in about 4 full days/nights until I was well enough to be sent home. When I returned home, the first thing I did was get on my PC to check on Darkcoin and crypto stuff. So I go to Cryptsy.com and try to log in... it says invalid password or username. Uh ohhh... what's going on here, Cryptsy?! I try to login to my email to reset my password... invalid password! Now I know something is SERIOUSLY wrong, and it's obvious I've been hacked or my account was somehow compromised and I'm pretty sure that if/when I regain access to my account I'm going to have zero coins left... :-/
So I start trying to figure out what's happened and what's going on... My passwords are always made up of very long strings of pseudo-random alpha-numeric characters of mixed case. Since there are a lot of lengthy and complicated passwords that I use regularly, I save them embedded in a secret text file on my PC. The file is encrypted, and the only way to read it is to know where to find it, open it, decrypt its contents with an extremely complex key and then run the decrypted output through a special script that strips the passwords and data from the block of text. It's quite an elaborate and robust security measure, so I knew that the odds of someone being able to: 1) steal the file 2) crack the encryption 3) steal the reader script 4) brute-force the script key are virtually null -- they had to have gained access another way. I calculated the odds of someone simply brute-forcing my Cryptsy password and, as I'd suspected, it could take many thousands of years of hashing and permutations to break on a high-end machine. So the odds someone brute-forced my Cryptsy AND email passwords were slim to none as well. So how did they do it?
I went over other possibilities... I suppose I'm now a fairly well-known developer and crypto investor, so I knew it was entirely possible I'd been specifically targeted by hackers from the crypto-currency community -- a possibility I've always taken great precautions to guard against. I checked my system for key-loggers, spyware and anything out of the ordinary. As usual, it was 100% clean... I only download things from trusted sources and before using anything I download I always manually verify checksums and check the files for anything malicious... The only recent modification to my system was a simple Windows update, and it had the right checksum and was clean. So how did this happen?! At this point, I realized that it was probably an "inside job" because my security measures are very strong and difficult to get around and there was no breach to be found. After about 10-15 minutes, I hacked back into my own email and changed my password to lock out whoever had broken in. Then I start reading through my inbox... then I see a withdrawal confirmation from Cryptsy for a withdrawal of 1.40093 BTC which took place the morning after I was admitted to the hospital!
After a bit more investigation, I noticed that the last login to my Cryptsy account was from my own external IP address... meaning that whoever made this withdrawal did so on MY freakin network and probably on MY damned PC! The only person I could think of who had the knowledge to do something like this was my girlfriend. But she had been with me the ENTIRE time, and I trust her a lot more than that. This girl has held onto $10K+ in cash for me on several occasions and used to keep an eye on my safe full of gold and silver bullion for me in the past... she'd never stolen a single penny, and has always been trustworthy with money. So I knew she didn't do it and wouldn't do it even if she had the chance. The only other person I could think of who knew about my BTC/DRK holdings at Cryptsy was my mother... but she would never steal my coins either, and she's too computer illiterate to do anything with coins even if she did. However, my mother had been at the house while I was gone and when I went to the hospital I asked her to go shut down my PC for me. So I called her over to try to figure out what went wrong. If anyone could give me some clues, it would be her.
So I asked my mother if she or anyone else had gotten on my PC in my absence. She said no, she never got on it or fooled with anything and no one had been around the house. And she told me that not long after I went into the hospital there was a short 2min power outage that shut my PC off and she had left it off since then -- no one could've used it after that point, because only I know the Windows login password. Then I explained to her what happened and that I suspected the thief had gotten on my computer to access my accounts and steal coins. She was shocked, but she said no one had messed with my computer or had the opportunity to do so. Then I asked her: "Did anyone at ANY point in time since I left to go to the hospital touch my computer whatsoever?" ...
She said that a friend of mine, who we will call "Percy", had come over to my house after I'd left for the hospital to help her take care of a few things. And that as far as she knew, Percy had only used my computer to get online and find out some information about the hospital for her. At that point, I knew it had to be Percy. Not only does Percy know how to use Bitcoin and knows that I'm a dev and investor, Percy knew that I traded on Cryptsy and had coins there. Percy has watched me trade before and knows how it works. And interestingly enough, we'd been told that Percy has been struggling with a drug problem and was a Silk Road user. Bingo! Now I knew who did it and why... I only needed to figure out how. But the answer to that was simple enough. When I took off to leave for the hospital, my PC was left on and my web browser was left open. So my Cryptsy session was still logged in. When Percy heard I had just been rushed to the hospital he pretended that he wanted to help my mother take care of my dog and lock down my house and be a "good friend", but he really just wanted a chance to snoop on my PC for coins in my absence. So he got into my house and onto my PC under a false pretense, pretending he was going to help me by helping my mother deal with my loose ends. When he got on my PC and saw my Cryptsy browser tab open he just proceeded to sell all my DRK and withdrew the BTC proceeds from the sales -- it was around 140.00 DRK, and came out to about 1.4009 BTC. To try to "hide his tracks", he withdrew the coins to a previously unused address and then attempted to bounce them around and then mix them. But with a couple minutes of block-chain analysis I was able to find all 1.4009 BTC. Since the power had flickered off/on an hour or two after Percy was in the house, no one else had access to my PC after he did. And I discovered that the place he sent the coins to was a Silk Road wallet address...
Having figured everything out and found proof Percy was the thief, I called him to confront him... he wasn't aware I was home yet, and I called him from my mother's phone. When he heard my voice on the phone his voice cracked and he got all squeaky and squealy like a little girl -- as I laid out the proof/evidence of his theft to him. I won't go into details, but I got pretty heated and angry during the next minute or two of our conversation and put the fear of God into his ass, lol. I refrained for making any actual threats against him, but made it clear I was going to do whatever it took to bring him down and get my coins back and his thievery would NOT be tolerated! I'm definitely not a Billy Bad-ass UFC fighter type of guy, but I was raised in the hood and I'm a force to be reckoned with... Percy definitely didn't want a physical confrontation over these coins because he knew how that would turn out. So he immediately admitted what he'd done and pleaded with me not to take action against him... he knew I could do a lot of harm to him if I wanted to and I pointed out that I also knew about his illicit purchases online...
About 15 minutes later, I received a Bitcoin-qt notification: Incoming Transaction: 0.70 BTC. He had sent back half of the coin he'd stolen right away. He texted me and said, to paraphrase: "There's half of your coins back. I already spent some of it but please just give me a couple days to pay you back the rest! Please!" So we made some arrangements... He was so afraid of having to see me face-to-face that I had to let him drop money to me by tossing it over my fence or dropping it in a neighbor's mailbox for me, even though I promised to give him temporary ass-whoopin amnesty anytime he was bringing me a payment (I'm a reasonable guy and the DRK Lord is merciful, lol).
