Saturday, 6 January 2018

Ethereum: Help! I've been mugged!

So in the early hours of 27th December I was mugged, and the assailant got away with goods worth over £5,000.


The good news is that I was fast asleep at the time, and nobody was harmed.


However, I probably need to back-track and work out what went wrong with my security measures.


Thankfully the mugging (with the emphasis on "mug") was a virtual attack, rather than a physical one.

screen-shot of the transactions, indicating my sudden loss of ETH

Some hyena transferred my ETH into another account. Rather strangely, they took 6.8 ETH first, and then the small remaining balance as a second transaction. Why not take it in one go? The transfer costs would have been smaller.

Using etherscan.io, you can click on the new owners Public Key in the statement and follow its progress. But this does not help. The rules of the game are quite simple: when its gone, its gone!

To add insult to injury, I then checked my Ether Classic tokens.



God! this guy was thorough. He's taken the lot!

So how was it done


I don't know how this guy got away with the swag, but here are a few points;

  1. computer security; has my computer been compromised? Has some low-life gained access to my computer files and found the necessary keys in that JSON file I left laying around?
  2. a leaky wallet; I generated my paper wallet via MyEtherWallet. I'm quite happy that this JavaScript based web page runs locally, and therefore should not pose a security risk.
  3. a transaction problem; back in March I tried to buy some BAT (Basic Attention Tokens) but the purchase failed as they had already sold-out. I think I must have submitted my Private Key either directly or via a JSON file transfer.
  4. Bittylicious; about 5 days before my ETH/ETC tokens were stolen, I'd been on Bittylicious with a view to buying a few quids worth of ETH. I backed out of this when I discovered how high the asking price was, so I'm pretty sure I only entered the Public Key.
  5. I published my Private Key; certain members of my family were keen to point out that I may have given too much information away in this earlier post. Although most of the printed key has been wiped out and the QR code has been seriously vandalised, it may be that someone has spent a long time trying to reconstruct it. They would then have had to use brute-force before finding the right code and gaining access to my dosh!

I guess I'll never know the answer (...unless the culprit has the cheek to post the method in the comments below). But I'd suggest that if you are using simple wallets, have at least two; one to hold transfer funds, the other to hold your main stake of ETH.

That way you will only have a relatively small amount that you use for transactions, and if something goes wrong, you should not lose the lot!

No comments:

Post a Comment