Author Topic: All Bitshares, Protoshares, and DNS stolen from my wallet -- at the same time  (Read 46441 times)

0 Members and 1 Guest are viewing this topic.

Offline educatedwarrior

  • Full Member
  • ***
  • Posts: 78
    • View Profile
Let's get together and help out with this.  I will gladly put information in the server to a new wallet and we can see if attendees would be willing to help make you at least partially whole again. 

Sorry this happened and I will gladly add any delegates to the Beyond Bitcoin Delegate Slate who are working on bringing real security solutions to non-technical holders of these chains's tokens.

Your help would be appreciated fuzzy.   That was a devastating hit.  Currently I'm very far away from being even partially whole.  I have received donations from two members so far.. which are very much appreciated.  That's less than 0.1% of my losses.  However I am very optimistic of this community, which seems to be very caring and supportive.

I only desire to be made hole again, and anything above that given back to the community to support "bringing real security solutions ... of these chains's tokens".   
« Last Edit: November 07, 2014, 02:30:30 am by educatedwarrior »
BTSX: codeblooded   |   PTS: PiiQ6ZECCRYawcZFc8ZGbvjuCjCnBVuPjA
BTSX delegate: wallet_approve_delegate codeblooded true

Offline liondani

  • Hero Member
  • *****
  • Posts: 3737
  • Inch by inch, play by play
    • View Profile
    • My detailed info
  • BitShares: liondani
  • GitHub: liondani
Let me just add though - that even in this mode, if your PC is compromised you are not safe, as the produced master key could still be captured. The device won't do the signature, it will just produce the master key, which can be captured on a compromised PC.

Here is an example of how the Yubikey may not protect you if you have malware running on your computer. You use the Yubikey to essentially auto-type a secure passphrase into Keepass and unlock the password manager. You then need to copy your BitShares wallet password from Keepass and paste it into the BitShares client to unlock it. You could have malware running on your computer that simply logs a copy of everything you copy and paste while using the OS. It could then upload the changes to this log to the attacker's server whenever it has internet connection. The malware could also scan your hard drive for something that looks like your Keepass database and your BitShares encrypted wallet private key and upload those to the server as well (worst case scenario the attacker could do this semi-manually with the help of screen captures after they are informed by the malware that the victim has cryptocurrency apps installed on their computer). With the BitShares encrypted wallet private key, the Keepass database, and the Keepass master passphrase which can be trivially bruteforced using the list of copied text from the clipboard log, the attacker could get access to the decrypted BitShares wallet private key and thus access to all of the funds held by all BTS accounts available via the BitShares wallet.

Even on compromised  Computers it's much more difficult for the intruder to get the password when someone has combined these "techniques":

http://keepass.info/help/v2/autotype_obfuscation.html

http://keepass.info/help/kb/sec_desk.html

EDIT: Can somebody explain me how they can get the static password from Yubikey ? It don't work like copy/paste as I know...
« Last Edit: November 06, 2014, 07:49:02 pm by liondani »

Offline fuzzy

Let's get together and help out with this.  I will gladly put information in the server to a new wallet and we can see if attendees would be willing to help make you at least partially whole again. 

Sorry this happened and I will gladly add any delegates to the Beyond Bitcoin Delegate Slate who are working on bringing real security solutions to non-technical holders of these chains's tokens.
WhaleShares==DKP; BitShares is our Community! 
ShareBits and WhaleShares = Love :D

Offline arhag

  • Hero Member
  • *****
  • Posts: 1214
    • View Profile
    • My posts on Steem
  • BitShares: arhag
  • GitHub: arhag
Let me just add though - that even in this mode, if your PC is compromised you are not safe, as the produced master key could still be captured. The device won't do the signature, it will just produce the master key, which can be captured on a compromised PC.

However if the signature happens on another device (e.g. Trezor / mobile cell phone) it is far less likely that it will get hacked.

Just to add to what bitmeat said, all of these supposedly MFA schemes being recommended in this thread are just tiny marginal improvements in security that are insignificant compared to the true MFA security provided by multisig. The multisig security necessary can only be achieved when the BitShares client itself has been upgraded to implement those features. Then, a transaction can be signed by different devices each storing the private key for their part of the signature on the separate devices. The probability of all of the devices being simultaneously compromised is low, which is what provides the security. This is especially true when some of the devices are used specifically for these signing purposes only and do not have an internet connection. An example of such a device would be a Trezor or, more realistically for our purposes, a separate laptop with internet connectivity disabled that boots a live Linux environment from a read-only medium (this is also why offline transaction signing features are necessary for the client).

Here is an example of how the Yubikey may not protect you if you have malware running on your computer. You use the Yubikey to essentially auto-type a secure passphrase into Keepass and unlock the password manager. You then need to copy your BitShares wallet password from Keepass and paste it into the BitShares client to unlock it. You could have malware running on your computer that simply logs a copy of everything you copy and paste while using the OS. It could then upload the changes to this log to the attacker's server whenever it has internet connection. The malware could also scan your hard drive for something that looks like your Keepass database and your BitShares encrypted wallet private key and upload those to the server as well (worst case scenario the attacker could do this semi-manually with the help of screen captures after they are informed by the malware that the victim has cryptocurrency apps installed on their computer). With the BitShares encrypted wallet private key, the Keepass database, and the Keepass master passphrase which can be trivially bruteforced using the list of copied text from the clipboard log, the attacker could get access to the decrypted BitShares wallet private key and thus access to all of the funds held by all BTS accounts available via the BitShares wallet.

Offline bitmeat

  • Hero Member
  • *****
  • Posts: 1116
    • View Profile
Let me just add though - that even in this mode, if your PC is compromised you are not safe, as the produced master key could still be captured. The device won't do the signature, it will just produce the master key, which can be captured on a compromised PC.

However if the signature happens on another device (e.g. Trezor / mobile cell phone) it is far less likely that it will get hacked.

Offline bitmeat

  • Hero Member
  • *****
  • Posts: 1116
    • View Profile
You guys don't understand how Yubikey works. It requires a centralized server that knows the secret and verifies it. Not that it can't be done with crypto, but you will still need to put your trust in a centralized entity. I'd much rather have an app that receives all transaction details over the net and shows it to you on your phone, where you can then decide whether to sign it or not. So even if your PC is compromised you never ever have your private keys exposed on it.

bitmeat, I don't think Yubikey needs a centralized server.   It works with KeePass and doesn't require a centralized server, you just had to install a KeePass plugin.

Here is the source to the plugin - http://keepass.info/extensions/v2/otpkeyprov/OtpKeyProv-2.3-Source.zip
Maybe someone could take a look at the source and implement it in Bitshares ... it is written in Visual C#

Thank you for the clarification! There are two modes, I was referring to the server mode. I see the static master password mode - that's fantastic. Should be easy to implement.

http://keepass.info/help/kb/yubikey.html

Offline educatedwarrior

  • Full Member
  • ***
  • Posts: 78
    • View Profile
You guys don't understand how Yubikey works. It requires a centralized server that knows the secret and verifies it. Not that it can't be done with crypto, but you will still need to put your trust in a centralized entity. I'd much rather have an app that receives all transaction details over the net and shows it to you on your phone, where you can then decide whether to sign it or not. So even if your PC is compromised you never ever have your private keys exposed on it.

bitmeat, I don't think Yubikey needs a centralized server.   It works with KeePass and doesn't require a centralized server, you just had to install a KeePass plugin.

Here is the source to the plugin - http://keepass.info/extensions/v2/otpkeyprov/OtpKeyProv-2.3-Source.zip
Maybe someone could take a look at the source and implement it in Bitshares ... it is written in Visual C#
« Last Edit: November 06, 2014, 03:06:55 am by educatedwarrior »
BTSX: codeblooded   |   PTS: PiiQ6ZECCRYawcZFc8ZGbvjuCjCnBVuPjA
BTSX delegate: wallet_approve_delegate codeblooded true

Offline educatedwarrior

  • Full Member
  • ***
  • Posts: 78
    • View Profile
I took Liondani's recommendation and purchased YubiKee Neo for $50 and using with it with password manager and generator KeePass. Excellent increase in security.
BTSX: codeblooded   |   PTS: PiiQ6ZECCRYawcZFc8ZGbvjuCjCnBVuPjA
BTSX delegate: wallet_approve_delegate codeblooded true

Offline bitmeat

  • Hero Member
  • *****
  • Posts: 1116
    • View Profile
You guys don't understand how Yubikey works. It requires a centralized server that knows the secret and verifies it. Not that it can't be done with crypto, but you will still need to put your trust in a centralized entity. I'd much rather have an app that receives all transaction details over the net and shows it to you on your phone, where you can then decide whether to sign it or not. So even if your PC is compromised you never ever have your private keys exposed on it.

Offline liondani

  • Hero Member
  • *****
  • Posts: 3737
  • Inch by inch, play by play
    • View Profile
    • My detailed info
  • BitShares: liondani
  • GitHub: liondani
@bytemaster
"We provide the YubiKey OTP Validation server for developers looking to integrate the YubiKey OTP Validation with an existing web site or service."
https://www.yubico.com/develop/open-source-software/validation-server/

What about the idea to integrate the YubiKey OTP Validation with our BTS client ?
I am sure the most delegates would be positive to fund such a integration, or not? Am I missing something?

yup or maybe BTS Trezor... i stay in touch with slush and alena from Bitcoin Trezor ...i'll contact them later this week …
+5 to use your connection's...
but my understanding is that the yubikey solution is much cheaper for the end user than the trezor solution...  at least with the current prices... and the degree of security is about the same...   but it would be optimal to have both options in the near future...  Nobody could use the "security" argument against bitshares after that !  It would definitely help a lot  to get to mass adoption ...

Sent from my ALCATEL ONE TOUCH 997D


Offline cass

  • Hero Member
  • *****
  • Posts: 4311
  • /(┬.┬)\
    • View Profile
@bytemaster
"We provide the YubiKey OTP Validation server for developers looking to integrate the YubiKey OTP Validation with an existing web site or service."
https://www.yubico.com/develop/open-source-software/validation-server/

What about the idea to integrate the YubiKey OTP Validation with our BTS client ?
I am sure the most delegates would be positive to fund such a integration, or not? Am I missing something?

yup or maybe BTS Trezor... i stay in touch with slush and alena from Bitcoin Trezor ...i'll contact them later this week …
█║▌║║█  - - -  The quieter you become, the more you are able to hear  - - -  █║▌║║█

Offline educatedwarrior

  • Full Member
  • ***
  • Posts: 78
    • View Profile
@bytemaster
"We provide the YubiKey OTP Validation server for developers looking to integrate the YubiKey OTP Validation with an existing web site or service."
https://www.yubico.com/develop/open-source-software/validation-server/

What about the idea to integrate the YubiKey OTP Validation with our BTS client ?
I am sure the most delegates would be positive to fund such a integration, or not? Am I missing something?

@liondani , integration with YubiKey seems to be a great idea.  Thank you.

Here is a link for using YubiKey + Password manager for applications without YubiKey integration.
https://www.yubico.com/applications/password-management/consumer/keepass/
BTSX: codeblooded   |   PTS: PiiQ6ZECCRYawcZFc8ZGbvjuCjCnBVuPjA
BTSX delegate: wallet_approve_delegate codeblooded true

Offline liondani

  • Hero Member
  • *****
  • Posts: 3737
  • Inch by inch, play by play
    • View Profile
    • My detailed info
  • BitShares: liondani
  • GitHub: liondani
@bytemaster
"We provide the YubiKey OTP Validation server for developers looking to integrate the YubiKey OTP Validation with an existing web site or service."
https://www.yubico.com/develop/open-source-software/validation-server/

What about the idea to integrate the YubiKey OTP Validation with our BTS client ?
I am sure the most delegates would be positive to fund such a integration, or not? Am I missing something?
« Last Edit: November 04, 2014, 07:42:57 am by liondani »

Offline educatedwarrior

  • Full Member
  • ***
  • Posts: 78
    • View Profile
educatedwarrior: did you check your change addresses against the suspect addresses? That would really answer a lot of questions.

One question I have for anyone: Is it possible to change my BTSX and/or PTS wallet password? If so, how?

Code: [Select]
wallet_change_passphrase <passphrase>

Thank you!  :D

I checked the change address in PTS wallet, and the destination address did not match any of the them.   

About changing the wallet password ... If a user has access to an older version of the wallet file the private keys compromised in that file would still be compromised.   Wouldn't the best solution be to make a new wallet instead of changing the password on the old wallet so you do not mistakenly use the compromised private keys?   

OR are you changing the password on your wallet now just to beef up security?
« Last Edit: November 04, 2014, 07:49:33 am by educatedwarrior »
BTSX: codeblooded   |   PTS: PiiQ6ZECCRYawcZFc8ZGbvjuCjCnBVuPjA
BTSX delegate: wallet_approve_delegate codeblooded true

Offline liondani

  • Hero Member
  • *****
  • Posts: 3737
  • Inch by inch, play by play
    • View Profile
    • My detailed info
  • BitShares: liondani
  • GitHub: liondani
  Also, create a complex wallet password that makes a brute force attack difficult to do. 

There should be a keyfile option implemented in next versions of the wallet.

Using classical password in parallel with keyfile stored on usb stick could prevent this type of theft. Small separate stick with many similar files to keyfile used only when accessing wallet is cheap and fast method to at least double security. Wallet file and keyfile must be in different locations (and not on the same usb stick).

Also there is possibility of using 2FA. I know that is pain in the ass, but that could improve security too.

Good luck, I hope this resolves positively for educatedwarrior as well as for BitShares.

 +5%

A good solution for now also is a combination of:

1.yubikey+keepass (password manager) or
2.yubikey+lastpass (password manager)

yuibikey: https://www.yubico.com/
keepass: http://keepass.info/index.html
lastpass: https://lastpass.com/

PS ... with a very strong master-password for the password-manager (created from yubikey) combined with a One-Time Passwords (OATH HOTP)
« Last Edit: January 06, 2015, 08:57:29 pm by liondani »