Electrum - Bitcoin Wallet - Download - CHIP

(1) Is it true that encrypting an *existing* bitcoin-qt wallet.dat file will "invalidate" any existing backups? (2) Can I use unicode characters - eg ♥ - in the bitcoin-qt wallet passphrase?

I have an existing bitcoin-qt wallet.dat file which I want to encrypt - using the command in the bitcoin-qt Settings menu, involving creating a passphrase.
I have 2 (possibly somewhat related) questions:
TL;DR
(1) If you encrypt an existing wallet.dat file, will the backups of the old wallet.dat file still work?
(2) Can you include unicode characters - eg ♥ - in the passphrase used to encrypt a bitcoin-qt wallet.dat file?
Worst-case scenario: The answers to (1) and (2) are both "no" - and I attempt to encrypt an existing wallet using unicode, and my backups no longer work (due to a new pool of addresses somehow being created?) and the passphrase isn't what I think it is (due to the unicode characters somehow being misinterpreted?) - and then I could lose all my coins??
Details
(1) The following (old, short) thread claims that after you encrypt an existing wallet, any previous backups of that wallet will no longer work:
https://pay.reddit.com/Bitcoin/comments/1ccfdk/encrypting_walletdat_in_bitcoinqt/
Obviously, the the first response in that thread was slightly wrong, for saying that the "server" creates a new pool of 100 addresses to draw on. So using word "server" here was certainly incorrect - but maybe the gist of what they were saying might still be correct? (if you simply change "server" to "client").
I can actually understand that there might be reasons why encrypting a wallet.dat file could cause a new pool of 100 addresses to be generated.
But it does not make sense to me that this would make any older (unencrypted) backups instantly useless.
It seems to me that these older, unencrypted backups would still have their private keys intact, and could thus be used in certain (perhaps limited?) ways - such as:

(2) It seems that including a few unicode characters in the bitcoin-qt wallet passphrase would make it a lot stronger (since unicode is a much larger set of characters than ascii), so I would like to include a few.
But it would be more reassuring if it could be explicitly stated that this is indeed supported.

Possible catastrophic interaction between (1) and (2)?
If the answers to (1) and (2) were both "no" (ie, if you encrypt an existing bitcoin-qt wallet.dat file then any existing backups will not work, and unicode characters do not work in bitcoin-qt passphrases), then I'm worried there could be some kind of catastrophic interaction between (1) and (2) where I lose all my coins, as follows:
(1) I encrypt my existing wallet - making my old, unencrypted wallet.dat file now invalidated (due to something involving a new pool of addresses being generated?)
and
(2) I use a passphrase which includes unicode characters which bitcoin-qt appears to accept at the time of creation, but which doesn't work at the time of trying to decrypt the wallet.dat file (due to something going wring with how the supposed unicode characters are actually interpreted while being entered or copied-and-pasted?).
In this possible worst-case scenario, my old backups of wallet.dat no longer work, and my newly encrypted wallet.dat has some password which I'm not able to correctly enter anymore.
Sorry to be so paranoid about this!
Other remarks:
(a) I did do a (limited) test of unicode capability for bitcoin-qt wallet.dat passphrases: simply by creating a new (empty) wallet.dat file, and creating a passphrase for it involving unicode characters, and then attempting to change the passphrase (which requires entering the old passphrase that contained unicode characters).
This did seem to work ok: it let me re-enter the old passphrase (which included unicode characters) to create a new passphrase.
However, since this is an empty wallet (and since bitcoin-qt would ask for the passphrase only when attempting to actually spend from an encrypted wallet), I did not see a way to fully test whether the passphrase actually worked to decrypt a unicode-passphrase-encrypted wallet for the purpose of spending from it.
(I'm still downloading the rest of the blockchain and it's going to take at least another week on my slow connection, so don't see how I could send a small amount to the new wallet to test it either. My existing wallet.dat file was originally created on an internet-connected machine a long time ago, but it's been offline ever since, so in some sense it's kinda-sorta been in somewhat "cold" storage all this time, and I would prefer to avoid putting it online on a "hot" internet-connected machine until absolutely necessary.)
(b) Long-term, I am actually also in the process of setting up a proper cold storage system based on Armory, which I have installed on 2 Ubuntu machines (one offline and one online).
But I have a slow internet connection, and the backups of this old wallet.dat file have been sitting around unencrypted for ages (I've been relying simply on then being physically inaccessible).
Now some "things" are coming up over the next few days where I some better security right away, and it's probably going to take over a week for Armory/bitcoind to update my local copy of the blockchain.
So in the meantime, I also need some basic additional security right now - so encrypting the existing bitcoin-qt wallet.dat file using a strong passphrase (and making some new backups) seems like it could be a reasonable initial approach.
Thanks for any help!
submitted by encrypt_throwaway to Bitcoin [link] [comments]

Disk Digger Pro Apk || DiskDigger Importance || Recover Lost Files

In the Present scenario, Technology is growing too fast and we all are experiencing that our smartphone, PC, and Laptops carrying various files with the help of SD cards and internal memory. We will think that our files are in very secure places but if any file deleted unexpectedly then what you will do?. Don't worry, I already told you that tech is growing as fast as it can. Here I'm going to discuss the best data recovery services aka (DiskDigger) which are a perfect example of it. Let's go down to get more details of DiskDigger( Deep file recovery from any drive).
DiskDigger is a tool which can recover deleted files like photos, documents, music, video and much more.
DiskDigger Features:
DiskDigger can recover lost files from most types of media that your computer can read: hard disks, USB flash drives, memory cards, CDs, DVDs, and floppy disks. (Note: Make sure that you have to connect your device with a USB port to recover lost data from Android and IOS devices ). And one more important thing is you have to download the diskdigger app on your android phone to recover lost files. Suppose if your Android device uses a microSD card for saving the data, please remove the card and connect it directly to your PC using a card reader, so that you can scan it directly using DiskDigger for Windows.)
DiskDigger has two processes which you have to choose every time while scanning a disk. These methods are named as “dig deep” and “dig deeper“.
Dig Deep:
Dig Deeper:
Advanced Features
To find more information go through remaining articles in our site like hard drive data recovery, SD card data Recovery, Android Data Recovery, USB flash drive data recovery, Linux Data Recovery etc.
submitted by diskdiggerproapk to u/diskdiggerproapk [link] [comments]

Secure paper wallet tutorial

This is my handout for paranoid people who want a way to store bitcoin safely. It requires a little work, but this is the method I use because it should be resistant to risks associated with:
  1. Bad random number generators
  2. Malicious or flawed software
  3. Hacked computers
If you want a method that is less secure but easier, skip to the bottom of this post.
The Secure Method
  1. Download bitaddress.org. (Try going to the website and pressing "ctrl+s")
  2. Put the bitaddress.org file on a computer with an operating system that has not interacted with the internet much or at all. The computer should not be hooked up to the internet when you do this. You could put the bitaddress file on a USB stick, and then turn off your computer, unplug the internet, and boot it up using a boot-from-CD copy of linux (Ubuntu or Mint for example). This prevents any mal-ware you may have accumulated from running and capturing your keystrokes. I use an old android smart phone that I have done a factory reset on. It has no sim-card and does not have the password to my home wifi. Also the phone wifi is turned off. If you are using a fresh operating system, and do not have a connection to the internet, then your private key will probably not escape the computer.
  3. Roll a die 62 times and write down the sequence of numbers. This gives you 2160 possible outcomes, which is the maximum that Bitcoin supports.
  4. Run bitaddress.org from your offline computer. Input the sequence of numbers from the die rolls into the "Brain Wallet" tab. By providing your own source of randomness, you do not have to worry that the random number generator used by your computer is too weak. I'm looking at you, NSA ಠ_ಠ
  5. Brain Wallet tab creates a private key and address.
  6. Write down the address and private key by hand or print them on a dumb printer. (Dumb printer means not the one at your office with the hard drive. Maybe not the 4 in 1 printer that scans and faxes and makes waffles.) If you hand copy them you may want to hand copy more than one format. (WIF and HEX). If you are crazy and are storing your life savings in Bitcoin, and you hand copy the private key, do a double-check by typing the private key back into the tool on the "Wallet Details" tab and confirm that it recreates the same public address.
  7. Load your paper wallet by sending your bitcoin to the public address. You can do this as many times as you like.
  8. You can view the current balance of your paper wallet by typing the public address into the search box at blockchain.info
  9. If you are using an old cell phone or tablet do a factory reset when you are finished so that the memory of the private keys is destroyed. If you are using a computer with a boot-from-CD copy of linux, I think you can just power down the computer and the private keys will be gone. (Maybe someone can confirm for me that the private keys would not be able to be cached by bitaddress?)
  10. To spend your paper wallet, you will need to either create an offline transaction, or import the private key into a hot wallet. Creating an offline transaction is dangerous if you don't know what you are doing. Importing to a client side wallet like Bitcoin-Qt, Electrum, MultiBit or Armory is a good idea. You can also import to an online wallet such as Blockchain.info or Coinbase.
Trusting bitaddress.org
The only thing you need bitaddress.org to do is to honestly convert the brainwallet passphrase into the corresponding private key and address. You can verify that it is doing this honestly by running several test passphrases through the copy of bitaddress that you plan on using, and several other brainwallet generators. For example, you could use the online version of bitaddress, and brainwallet and safepaperwallet and bitcoinpaperwallet. If you are fancy with the linux command line, you can also try "echo -n my_die_rolls | sha256sum". The linux operating system should reply with the same private key that bitaddress makes. This protects you from a malicious paper wallet generator.
Trusting your copy of bitaddress.org
Bitaddress publishes the sha1 hash of the bitaddress.org website at this location:
https://www.bitaddress.org/pgpsignedmsg.txt
The message is signed by the creator, pointbiz. I found his PGP fingerprint here:
https://github.com/pointbiz/bitaddress.org/issues/18
"527B 5C82 B1F6 B2DB 72A0 ECBF 8749 7B91 6397 4F5A"
With this fingerprint, you can authenticate the signed message, which gives you the hash of the current bitaddress.org file. Then you can hash your copy of the file and authenticate the file.
I do not have a way to authenticate the fingerprint itself, sorry. According to the website I linked to, git has cryptographic traceability that would enable a person to do some research and authenticate the fingerprint. If you want to go that far, knock yourself out. I think that the techniques described in this document do not really rely on bitaddress being un-corrupt. Anyway, how do we know pointbiz is a good guy? ;-)
There are a lot of skilled eyes watching bitaddress.org and the signed sha1 hash. To gain the most benefit from all of those eyes, it's probably worthwhile to check your copy by hashing it and comparing to the published hash.
"But we aren't supposed to use brainwallets"
You are not supposed to use brainwallets that have predictable passphrases. People think they are pretty clever about how they pick their passphrases, but a lot of bitcoins have been stolen because people tend to come up with similar ideas. If you let dice generate the passphrase, then it is totally random, and you just need to make sure to roll enough times.
How to avoid spending your life rolling dice
When I first started doing this, I rolled a die 62 times for each private key. This is not necessary. You can simply roll the die 62 times and keep the sequence of 62 numbers as a "seed". The first paper address you create would use "my die rolls-1" as the passphrase, the second would be "my die rolls-2" and so on. This is safe because SHA256 prevents any computable relationship between the resulting private key family.
Of course this has a certain bad security scenario -- if anyone obtains the seed they can reconstruct all of your paper wallets. So this is not for everyone! On the other hand, it also means that if you happen to lose one of your paper wallets, you could reconstruct it so long as you still had the seed.
One way to reduce this risk is to add an easy to remember password like this: "my die rolls-password-1".
If you prefer, you can use a technique called diceware to convert your die rolls to words that still contain the same quantity of entropy, but which could be easier to work with. I don't use diceware because it's another piece of software that I have to trust, and I'm just copy/pasting my high entropy seed, so I don't care about how ugly it is.
Why not input the dice as a Base 6 private key on the Wallet Details tab?
Two reasons. First of all, this option requires that you roll the die 99 times, but you do not get meaningful additional protection by rolling more than 62 times. Why roll more times if you don't have to? Second, I use the "high entropy seed" method to generate multiple private keys from the same die rolls. Using the Base 6 option would require rolling 99 times for every private key.
I'm a big nerd with exotic dice. How many times to roll?
Put this formula in Excel to get the number of times to roll: "=160*LOG(2,f)" where f = number of faces on the die. For example, you would roll a d16 40 times. By the way, somewhat unbelievably casino dice are more fair than ordinary dice
The "Change address" problem:
You should understand change addresses because some people have accidentally lost money by not understanding it.
Imagine your paper wallet is a 10 dollar bill. You use it to buy a candy bar. To do this you give the cashier the entire 10 dollar bill. They keep 1 dollar and give you 9 dollars back as change.
With Bitcoin, you have to explicitly say that you want 9 dollars back, and you have to provide an address where it should go to. If you just hand over the 10 dollar bill, and don't say you want 9 dollars back, then the miner who processes the transaction gives 1 dollar to the store and keeps the remainder themselves.
Wallet software like Bitcoin-Qt handles this automatically for you. They automatically make "change addresses" and they automatically construct transactions that make the change go to the change address.
There are three ways I know of that the change problem can bite you:
  1. You generate a raw transaction by hand, and screw up. If you are generating a transaction "by hand" with a raw transaction editor, you need to be extra careful that your outputs add up to the same number as your inputs. Otherwise, the very lucky miner who puts your transaction in a block will keep the difference.
  2. You import a paper wallet into a wallet software and spend part of it, and then think that the change is in the paper wallet. The change is not in the paper wallet. It is in a change address that the wallet software generated. That means that if you lose your wallet.dat file you will lose all the change. The paper wallet is empty.
  3. You import a paper wallet into a wallet software and spend part of it, and then think that the change is in the change address that the wallet software generated. If the transaction did not need to consume all of the "outputs" used to fund the paper wallet, then there could be some unspent outputs still located at the address of the paper wallet. If you destroyed the paper wallet, and destroyed the copy of the private key imported to the wallet software, then you could not access this money. (E.g. if you restored the software wallet from its seed, thinking all of the money was moved to the wallet-generated change addresses.)
For more on this, see here
The hot paper wallet problem
Your bitcoin in your paper wallet are secure, so long as the piece of paper is secure, until you go to spend it. When you spend it, you put the private key onto a computer that is connected to the internet. At this point you must regard your paper wallet address as hot because the computer you used may have been compromised. It now provides much less protection against theft of your coins. If you need the level of protection that a cold paper wallet provides, you need to create a new one and send your coins to it.
Destroying your paper wallet address
Do not destroy the only copy of a private key without verifying that there is no money at that address. Your client may have sent change to your paper wallet address without you realizing it. Your client may have not consumed all of the unspent outputs available at the paper wallet address. You can go to blockchain.info and type the public address into the search window to see the current balance. I don't bother destroying my used/empty paper wallet addresses. I just file them away.
Encrypting your private key
BIP 0038 describes a standardized way to encrypt your paper wallet private key. A normal paper wallet is vulnerable because if anyone sees the private key they can take the coins. The BIP38 protocol is even resistant to brute force attacks because it uses a memory intensive encryption algorithm called scrypt. If you want to encrypt your wallets using BIP38, I recommend that you use bitcoinpaperwallet because they will let you type in your own private key and will encrypt it for you. As with bitaddress, for high security you should only use a local copy of this website on a computer that will never get connected to the internet.
Splitting your private key
Another option for protecting the private key is to convert it into multiple fragments that must be brought together. This method allows you to store pieces of your key with separate people in separate locations. It can be set up so that you can reconstitute the private key when you have any 2 out of the 3 fragments. This technique is called Shamir's Secret Sharing. I have not tried this technique, but you may find it valuable. You could try using this website http://passguardian.com/ which will help you split up a key. As before, you should do this on an offline computer. Keep in mind if you use this service that you are trusting it to work properly. It would be good to find other independently created tools that could be used to validate the operation of passguardian. Personally, I would be nervous destroying the only copy of a private key and relying entirely on the fragments generated by the website.
Looks like Bitaddress has an implementation of Shamir's Secret Sharing now under the "Split Wallet" tab. However it would appear that you cannot provide your own key for this, so you would have to trust bitaddress.
Durable Media
Pay attention to the media you use to record your paper wallet. Some kinds of ink fade, some kinds of paper disintegrate. Moisture and heat are your enemies.
In addition to keeping copies of my paper wallet addresses I did the following:
  1. Order a set of numeric metal stamps. ($10)
  2. Buy a square galvanized steel outlet cover from the hardware store ($1)
  3. Buy a sledgehammer from the hardware store
  4. Write the die rolls on the steel plate using a sharpie
  5. Use the hammer to stamp the metal. Do all the 1's, then all the 2's etc. Please use eye protection, as metal stamp may emit sparks or fly unexpectedly across the garage. :-)
  6. Use nail polish remover to erase the sharpie
Electrum
If you trust electrum you might try running it on an offline computer, and having it generate a series of private keys from a seed. I don't have experience with this software, but it sounds like there are some slick possibilities there that could save you time if you are working with a lot of addresses.
Message to the downvoters
I would appreciate it if you would comment, so that I can learn from your opinion. Thanks!
The Easy Method
This method is probably suitable for small quantities of bitcoin. I would not trust it for life-altering sums of money.
  1. Download the bitaddress.org website to your hard drive.
  2. Close your browser
  3. Disconnect from the internet
  4. Open the bitaddress.org website from your hard drive.
  5. Print a paper wallet on your printer
  6. Close your browser
submitted by moral_agent to BitcoinWallet [link] [comments]

Completely lost with Armory

Hey everyone, total noob here with BTC. I've downloaded the blockchain from Bitcoin Core and now I'm trying to get Armory (where I've set up a wallet and sent funds to already) to sync up. Armory still shows up as Offline and it's been "preparing databases" for a good two or three hours now. I'm not sure if I'm just going to be playing the waiting game until it does what it needs to do, or if I need to move a file somewhere, or if my settings are wrong.
I do have a printed backup of my wallet just in case. If I've completely f'd this up, is it possible to send that wallet's .dat over to Core or another program and have it sync up there? Thanks.
submitted by THECapedCaper to BitcoinBeginners [link] [comments]

Help with old wallet.dat files

Hello guys,
I'm on a personal saga with those archives. I runned the -rescan on all of them, pluz downloaded the entire blockchain on bitcoin core. The one wallet that has balance is not showing the balance (or the address it contains) in it. I have the address.
As far as I can remember, I used armory instead of bitcoin core as a wallet, but it is strange, my memory may be failing me, since armory does not produce .dats, but .wallets.
Anyway, if use the command dumpprivkeys do I have a chance of opening it in another wallet (like electrum)?
submitted by FarewellState to BitcoinBeginners [link] [comments]

Ever lose the password to your encrypted bitcoin wallet?

I wanted to give props to a man who really saved my ass. Dave from www.walletrecoveryservices.com. This weekend I was trying to access and send my wallet to my armory wallet in order to make a paper backup. low and behold I lost my fucking password. I wasn't happy, infact I spent about 3 days trying to figure out how to crack the password and I'm not exactly a technical creature.
I downloaded John The Ripper, ran atleast 40 hours of wordlist pregen possible passwords and got no where.
I was desperate, and I was scared. I took a big scary risk, and I sought professional help. Dave from that website I gave above was able to crack the password on my wallet.dat from bitcoin core and save me some bitcoins. It cost me 20 percent of my wallet, but that isn't nearly as bad as 100 percent. He is a trust worthy guy, and just trying to make some bitcoin. I can verify use of his service at my email address [email protected]. My only complaint is that I wish it was more like 10 - 15 percent of the wallet considering the cost of bitcoin now-a-days. Kinda scary for folks without a lot of income (but then again they probobly shouldn't be throwing money at bitcoin then)
Just wanted to give credit where credit was due. Dave from www.walletrecoveryservices.com saved my ass. Thanks Dave.
submitted by vynlucielle to Bitcoin [link] [comments]

[uncensored-r/Bitcoin] I'm attempting to return stolen bitcoin and warning soon to be victims

The following post by MrBeanCoin is being replicated because the post has been silently removed.
The original post can be found(in censored form) at this link:
np.reddit.com/ Bitcoin/comments/7lnsdx
The original post's content was as follows:
Hello!
My name is MrBeanCoin (Not a obvious throw away! Of course not!). I'm my professional life I am a Malware Analyst, Pen Tester, and Engineer. However when im not working my eyes have been glued to the BTC charts, kicking myself for spending my BTC back when times were rough. But enough about me, lets get to the point.
 
Since the rise in price and popularity of Crypto's, Malware Authors have been leaving Ransomware, Botnets, and Spam in droves to create very simple Bitcoin and Altcoin stealing Malware, in a attempt to make the most money quicker, and separate good people like yourself from your coins. Miners have also reached unbelievable heights (Surpassing even when BTC first came out), and they make sure not to use safe settings, and a lot have been causing hardware damage. The spike has been so large that this week, the GTX 1080 i have in my Cuckoo Server (Automated Malware Analysis Platform) burned out from the constant throttling up and down.
 
So obviously, with my job, i have been having to deal with these fuckers and their shitty coded applications a lot. Some go as far as ripping your wallets from your machine and uploading them to a C2 server, but the absolute most common way people are losing bitcoins by the THOUSANDS is by the most simplest application i have ever seen. It simply lays low on the machine, and when it detects a BTC Address on the clipboard, it replaces the address you copied, with the Malware Authors. I know, right? At first i thought it would never be effective. However, so many newcomers are coming on the scene, it is paying off big. Nearly every wallet i have seen had at least 1 Million USD in it or more..... From a damn copy and paste switch. The worst part is, most people's security protection will not help them here, because the application does not look Malicious! All it is, is 3 lines of code changing the clipboard. Whats wrong with that? Well in this case, everything is. Please Please be on the look out for these. They make me so angry.. Other common ones are applications that try to pass as a update to , Bitcoin Duplicators (Ya...), Bitcoin Accelerators (I get this one, Noobs aren't getting why the TX's are fucking around), Fake Miners (If no one has heard of it, DONT USE IT), and Fake Wallets. I can go into these later if people are interested.
 
Anyways, I was looking at a sample today, and noticed this was one of the braver ones that scoop up the whole Wallet.Dat (Or similar) file, and kick it off to their servers. It does this for nearly 25 popular clients, even one called Armory which i thought was ironic.
 
This sample is hitting people through fake ad's to update their miners when visiting Crypto Sites, and more commonly, through email they are somehow getting for many exchange users. The emails claim either that they found your wallet publicly online! And that you should verify right away that it is actually yours. Its conveniently named "Wallet.dat .exe" with the spaces allowing the exe to hide in some email clients. When downloading and running, of course, you are infected. Other emails include free books on Crypto Currency that have a surprise for you inside! And Insider Information that you could use on a up coming pump and dump!
 
I loaded it into a IDA on a VM, and noticed that it wasn't sending the wallets to a domain, but rather a IP, and not only that, but what looked like a residential ISP IP. I allowed it to send up my fake wallets so i could get the scheme of the HTTP POST, and then started investigating the server. The guy receives loads of wallets a day, but he also runs a small botnet, proxy server, and password unhashing service on the same server. What was weird is i didn't see any templates, control panels, or mail for a web hosting company, which i normally see right away. I was starting to think this guy was actually dumb enough to use some server sitting at his house for this shit.
 
On further investigation of the client code talking to the server, i noticed he had a exploitable vulnerability in the way he uploaded files to the server. This allowed me to send up a payload with my wallet that later became my backdoor and reverse shell into his server. He was running a older kernel, so i was able to also exploit my way to root, and at this point i had full control over the server.
 
After further investigation, it was clear that indeed he IS running this out of his house. I somehow got lucky and out of 350 proxy servers, i managed to hop on his main node. Which he is a idiot anyways for accepting connections from anything but his proxies on this machine, or even using a home machine! Don't worry, i will be handing the needed information over to the feds for this little prick.
 
Now to my main point. It's obvious i must stay anonymous in this whole ordeal because, even though this dude is a POS, some people still might not be okay with what i did. And i also would like to keep my job haha. But seeing as i had full access, and this guy was dealing with BTC, this was a first for me. Most take overs i have done before, never had the actual wallets on the server. I really want to warn the victims he has FRESH wallets for ( IT COULD BE YOU! ), and also attempt to recover some BTC in the criminals wallets back to some, most likely worried sick, people.
 
I'm posting this today not only for the hope that if someone did notice Malware stole their coins, they can contact me and see if we can verify it was him, BUT ALSO in hopes that maybe any of you here would have any ideas on how i could go about finding these people, and then verifying its actually their BTC? I really can't think of any sure fire way accepting hoping people contact me and can match up the exact Transaction ID, Date, and Amount that was stolen from them. Please let me know your ideas.
 
I also want to finish this with a small list of FRESH VICTIMS that will most likely be getting hit very soon if they do not make a different wallet ASAP. I have hindered his processing further, but this doesn't help for already uploaded wallets. If these machine names match yours, PLEASE MAKE A NEW WALLET RIGHT AWAY: (Format is _.dat )
   
  • BitcoinQT_PC-4A095E27CB
  • BitcoinQT_KRK8HCPUDQP-PC
  • BitcoinQT_DESKTOP-MD6CE0T
  • BitcoinQT_EEW8HH-PC
  • BitcoinQT_JCNHJN8XRO0-PC
  • BitcoinQT_L1MKEWAMYWOT-PC
  • BitcoinQT_QBEY678-PC
  • BitcoinQT_DESKTOP-AJMCAK1
  • BitcoinQT_I3HOM1VJGV2Y-PC
  • BitcoinQT_DESKTOP-GKAN490
  • BitcoinQT_SMQYPJPO-PC
   
This is just a small list i could make tonight, i will hopefully be able to recover more and get more people switched to new wallets.
Thank you for your time.
submitted by censorship_notifier to noncensored_bitcoin [link] [comments]

12-23 11:03 - 'I'm attempting to return stolen bitcoin and warning soon to be victims' (self.Bitcoin) by /u/MrBeanCoin removed from /r/Bitcoin within 89-99min

'''
Hello!
My name is MrBeanCoin (Not a obvious throw away! Of course not!). I'm my professional life I am a Malware Analyst, Pen Tester, and Engineer. However when im not working my eyes have been glued to the BTC charts, kicking myself for spending my BTC back when times were rough. But enough about me, lets get to the point.
 
Since the rise in price and popularity of Crypto's, Malware Authors have been leaving Ransomware, Botnets, and Spam in droves to create very simple Bitcoin and Altcoin stealing Malware, in a attempt to make the most money quicker, and separate good people like yourself from your coins. Miners have also reached unbelievable heights (Surpassing even when BTC first came out), and they make sure not to use safe settings, and a lot have been causing hardware damage. The spike has been so large that this week, the GTX 1080 i have in my Cuckoo Server (Automated Malware Analysis Platform) burned out from the constant throttling up and down.
 
So obviously, with my job, i have been having to deal with these fuckers and their shitty coded applications a lot. Some go as far as ripping your wallets from your machine and uploading them to a C2 server, but the absolute most common way people are losing bitcoins by the THOUSANDS is by the most simplest application i have ever seen. It simply lays low on the machine, and when it detects a BTC Address on the clipboard, it replaces the address you copied, with the Malware Authors. I know, right? At first i thought it would never be effective. However, so many newcomers are coming on the scene, it is paying off big. Nearly every wallet i have seen had at least 1 Million USD in it or more..... From a damn copy and paste switch. The worst part is, most people's security protection will not help them here, because the application does not look Malicious! All it is, is 3 lines of code changing the clipboard. Whats wrong with that? Well in this case, everything is. Please Please be on the look out for these. They make me so angry.. Other common ones are applications that try to pass as a update to , Bitcoin Duplicators (Ya...), Bitcoin Accelerators (I get this one, Noobs aren't getting why the TX's are fucking around), Fake Miners (If no one has heard of it, DONT USE IT), and Fake Wallets. I can go into these later if people are interested.
 
Anyways, I was looking at a sample today, and noticed this was one of the braver ones that scoop up the whole Wallet.Dat (Or similar) file, and kick it off to their servers. It does this for nearly 25 popular clients, even one called Armory which i thought was ironic.
 
This sample is hitting people through fake ad's to update their miners when visiting Crypto Sites, and more commonly, through email they are somehow getting for many exchange users. The emails claim either that they found your wallet publicly online! And that you should verify right away that it is actually yours. Its conveniently named "Wallet.dat .exe" with the spaces allowing the exe to hide in some email clients. When downloading and running, of course, you are infected. Other emails include free books on Crypto Currency that have a surprise for you inside! And Insider Information that you could use on a up coming pump and dump!
 
I loaded it into a IDA on a VM, and noticed that it wasn't sending the wallets to a domain, but rather a IP, and not only that, but what looked like a residential ISP IP. I allowed it to send up my fake wallets so i could get the scheme of the HTTP POST, and then started investigating the server. The guy receives loads of wallets a day, but he also runs a small botnet, proxy server, and password unhashing service on the same server. What was weird is i didn't see any templates, control panels, or mail for a web hosting company, which i normally see right away. I was starting to think this guy was actually dumb enough to use some server sitting at his house for this shit.
 
On further investigation of the client code talking to the server, i noticed he had a exploitable vulnerability in the way he uploaded files to the server. This allowed me to send up a payload with my wallet that later became my backdoor and reverse shell into his server. He was running a older kernel, so i was able to also exploit my way to root, and at this point i had full control over the server.
 
After further investigation, it was clear that indeed he IS running this out of his house. I somehow got lucky and out of 350 proxy servers, i managed to hop on his main node. Which he is a idiot anyways for accepting connections from anything but his proxies on this machine, or even using a home machine! Don't worry, i will be handing the needed information over to the feds for this little prick.
 
Now to my main point. It's obvious i must stay anonymous in this whole ordeal because, even though this dude is a POS, some people still might not be okay with what i did. And i also would like to keep my job haha. But seeing as i had full access, and this guy was dealing with BTC, this was a first for me. Most take overs i have done before, never had the actual wallets on the server. I really want to warn the victims he has FRESH wallets for ( IT COULD BE YOU! ), and also attempt to recover some BTC in the criminals wallets back to some, most likely worried sick, people.
 
I'm posting this today not only for the hope that if someone did notice Malware stole their coins, they can contact me and see if we can verify it was him, BUT ALSO in hopes that maybe any of you here would have any ideas on how i could go about finding these people, and then verifying its actually their BTC? I really can't think of any sure fire way accepting hoping people contact me and can match up the exact Transaction ID, Date, and Amount that was stolen from them. Please let me know your ideas.
 
I also want to finish this with a small list of FRESH VICTIMS that will most likely be getting hit very soon if they do not make a different wallet ASAP. I have hindered his processing further, but this doesn't help for already uploaded wallets. If these machine names match yours, PLEASE MAKE A NEW WALLET RIGHT AWAY: (Format is _.dat )
   
  • BitcoinQT_PC-4A095E27CB
  • BitcoinQT_KRK8HCPUDQP-PC
  • BitcoinQT_DESKTOP-MD6CE0T
  • BitcoinQT_EEW8HH-PC
  • BitcoinQT_JCNHJN8XRO0-PC
  • BitcoinQT_L1MKEWAMYWOT-PC
  • BitcoinQT_QBEY678-PC
  • BitcoinQT_DESKTOP-AJMCAK1
  • BitcoinQT_I3HOM1VJGV2Y-PC
  • BitcoinQT_DESKTOP-GKAN490
  • BitcoinQT_SMQYPJPO-PC
   
This is just a small list i could make tonight, i will hopefully be able to recover more and get more people switched to new wallets.
Thank you for your time.
'''
I'm attempting to return stolen bitcoin and warning soon to be victims
Go1dfish undelete link
unreddit undelete link
Author: MrBeanCoin
submitted by removalbot to removalbot [link] [comments]

Want to buy a small amount, getting pretty frustrated.

I only want to by about $15 worth of BTC.
I'm verified at VoS but my only options there are a certified cheque sent by registered mail (aprox $8.00) or a wire transfer with a $15 fee.
I tried quickBT but have a Visa interact card with TD which isn't supported in the online interact payment. The only other bank accounts I have are with unsupported banks (by any service I've found).
Everyone local to me selling on localbitcoins is looking for a minimum of $100.
I'm waiting for verification with libertybit.com because it looks like they have an email interac option once the verification is complete. Hopefully this works out after verification.
I really want to get into this as I feel BTC is going places. But damn this has been frustrating. Thanks for the vent session.
Also, BTW if anyone knows, I've been trying to get an online armory install working. It's downloaded the whole blockchain (roughly 49gb, yikes) and is working on building the databases. Every time it gets to 98% with 1 minute left and hangs there for hours. I just upped the RAM to 6gb and am letting it try again so we'll see. Anyone have anything similar that they managed to get working?
Edit +16 hours later: I'm going to try again with Armory but this time I'm downloading and installing bitcoin-qt first, with the bootstrap.dat file pre-downloaded. I'll let bitcoin-qt scan and update the blockchain first and then I'll install armory after. I'm also NOT using a VM this time so we'll see what happens. I have an offline version setup and have the watching only wallet exported, but cant do anything with it until i get this rolling.
submitted by belligerent_coffee to BitcoinCA [link] [comments]

A helpful discussion about wallet security (esp. Electrum)

I was recently contacted via private message by a redditor who read a comment of mine about wallet storage (I assume this comment). I think there was quite a bit of useful information in it for other bitcoin beginners, so I am reposting it here in full (with permission). The redditor in question wanted to remain anonymous though.
I hope this is of use to some of you here!
From: Anonymous Redditor
I saw your post regarding your wallet storage and had a few noob questions if you don't mind.
My plan is similar to yours but I was unsure whether to use armory or electrum (electrum's seed creation scares me a bit).
You mentioned you have a bootable LINUX (ubuntu?) USB stick that you keep your wallet on....do you only boot this onto an always offline computer?
Do you use something like Truecrypt to further protect your wallet.dats?
Thanks for your time!
From: SanderMarechal
My plan is similar to yours but I was unsure whether to use armory or electrum (electrum's seed creation scares me a bit).
For me it is the other way around. Armory (and bitcoin-qt) scare me. Armory is just a wallet. It still needs bitcoin-qt running in the background. For me the problem is two-fold:
1) Size
bitcoin-qt (and armory) need to download the entire blockchain. That 13+ GB that takes hours to download and days to verify. And if you ever lose it, you need to do it again.
2) Random keys
armory and bitcoin-qt generate random private keys. You get 100. If you use a few (you use them when you send coins for example) then new ones are created. So, if you create an armory wallet and make a backup, that backup will have 100 keys. Then, if you make 33(!) transactions, your 100 keys are used up and you will have 100 different random keys. If someone then steals your computer (or your house burns down) then you cannot use your backup anymore. It only has the 100 old keys and none of the new keys. So you have lost all your bitcoins.
Why 33 transactions and not 100? Because of change addresses. If you have 10 BTC and send me 2 BTC then most wallets will create 2 transactions. 2 BTC from your old addres to me, and 8 BTC from your old address to a new (random) address. This process costs 3 private keys. 2 keys for the transactions and 1 key to create a new address.
This means that after every few dozen transactions you need to refresh your backup so it has the newer keys. For me that is impractical. It means that I need to keep my backup close by because I often need it.
Electrum does not have this problem. The seed solves this. Private keys are not random but are created from the seed. If you have the seed then you have, by definition, all the private keys you will ever need. Your backup can never be out-of-date. This is easy for me. I save the seed in a file, encrypt it, put it on an USB stick and give copies to a few family members who have safes in their homes.
If my computer is ever stolen, or my house burns down, I can go to a family member, decrypt the seed file and use the seed to restore my electrum wallet. Even if that USB stick is 10 years old.
You mentioned you have a bootable LINUX (ubuntu?) USB stick that you keep your wallet on....do you only boot this onto an always offline computer?
It depends on how secure you want to be. For maximum security, keep the computer always offline. But if you want to spend the bitcoins from your wallet, you will need to be online.
I use the USB stick for my savings account. It only receives coins and I do not send. So I do not need to boot up my USB stick. I have created a second wallet on blockchain.info that I use for day-to-day transactions. All BTC I receive goes to my blockchain account. Then I transfer a part of that to my savings account and only keep a bit of change that I need in the blockchain account.
Do you use something like Truecrypt to further protect your wallet.dats?
No. Electrum does not have a wallet.dat. It has the seed. I simply copy the seed to a TXT file and encrypt it using GPG and symmetric encryption. Example:
gpg --armor --symmetric --cipher-algo AES256 seed.txt 
Make sure you use a password that is strong and that you cannot forget! If you need to write the password down on paper and your house burns down, then you cannot decrypt the seed anymore!
From: Anonymous Redditor
Forgive the naivety here: Correct me if I'm wrong - The safest way to generate your wallet seed is on an offline computer correct? So, theoretically, generate the seed on an offline-only computer, copy to txt...encrypt. back up on multiple USB's. Then on your online computer, load electrum and import Seed?
Thanks so much for the thorough explanation! I'm a potato when it comes to reddit's bitcoin tip bot. Send me an address - would like to send some internet magic money your way.
From: SanderMarechal
The safest way to generate your wallet seed is on an offline computer correct? So, theoretically, generate the seed on an offline-only computer, copy to txt...encrypt. back up on multiple USB's. Then on your online computer, load electrum and import Seed?
Not quite. The risk with an online computer is malware and people breaking in. If you generate the seed on an offline computer and then move it to an online computer, you don't really take that risk away. You still have your wallet on an online computer which you use for day-to-day work and which is exposed to hackers and malware.
I suggest you make two wallets. One wallet is your "savings" wallet. You can use the USB stick Linux for this. Generate the wallet offline, backup and encrypt the seed onto multiple USB sticks and note down the bitcoin address somewhere so you can transfer funds to it. The only time you should use the USB stick to go online is when you want to transfer funds out of your savings wallet.
The, on your normal computer (or your smartphone if you prefer), create a second wallet using a different password. This is the wallet you keep only a little money in for your day-to-day transactions. Note down the seen, encrypt (with a different password than you used to encrypt the seed from your savings wallet) and add it to the USB keys. You can use Electrun for this second wallet as well, but you can also use something different. I use a blockchain.info wallet for my day-to-day expenses.
Whenever you have a larger amount of bitcoins in your day-to-day wallet, transfer some to the wallet on the USB stick. You don't need to boot up the USB stick for this. You only need the address you wrote down.
When you want to spend a large amount of money, boot up from the USB stick and transfer coins from your savings wallet to your day-to-day wallet. Reboot into your normal computer and use the day-to-day wallet to pay for what you wanted to buy.
The core of the issue is simple: Don't store a lot of money in a wallet on a computer that you use a lot. Computers that are used a lot get attacked a lot. Simple :-)
Thanks so much for the thorough explanation! I'm a potato when it comes to reddit's bitcoin tip bot. Send me an address - would like to send some internet magic money your way.
That is very kind! My address is: 1PAXiscvKoGRJ5XxMZvri3CMNeKYYb8wMQ
From: Anonymous Redditor
You are awesome:) Thank you again for the insight! Sent some your way.
From: SanderMarechal*
Your welcome. And thanks for the coin!
From: Anonymous Redditor
Last question(s) (I promise)...
Would a netbook like this be appropriate to 1)dban 2) boot up via USB ubuntu and 3) create the electrum seed?
This would of course never go online, be backed up and encrypted, etc.
http://www.newegg.com/Product/Product.aspx?Item=N82E16834131403
Thanks again.
From: SanderMarechal
I don't know. You would be better off asking this on www.ubuntuforums.org for example. I don't know if that computer's hardware is compatible with Ubuntu. Speed-wise the bottleneck will be the USB stick and not the CPU or memory. USB sticks are much slower than hard drives.
Note that you don't have to buy a computer for this. You can use the computer you already have and still run Ubuntu off an USB stick for your Electrum wallet.
What I said in my previous post about not using your day-to-day computer for your wallet, with that I mean the operating system and software. Not the hardware. Unless you're afraid someone put a hardware keylogger inside your computer :-)
From: Anonymous Redditor
Fascinating!
My tin foil hat is in full effect:) Thanks again for your time and patience.
From: SanderMarechal
Your welcome. Have fun with bitcoin!
Oh, I have a question for you now. Would you mind if I repost our entire private conversation here to /BitcoinBeginners? I think other redditors there would also be interested. And if I can repost it, do you want your username in there or should I replace it with "Anonymous Redditor" or something?
From: Anonymous Redditor
You can certainly repost it! And yes, if you wouldn't mind removing the username I would very much appreciate it.
Thanks for asking btw!
Anyway, I hope this is useful for some people out here.
submitted by SanderMarechal to BitcoinBeginners [link] [comments]

Recovering lost wallet

So, I have a wee bit of a problem. My buddy wanted to get started with bitcoin, and so I sent him about 1.35 btc. He's using an Armory wallet, and of course I asked all the usual questions. "Is the blockchain fully downloaded? Do you know your password? Did you write down the paper backup? Are you sure this is the right address?"
Of course, he responded in the affirmative. Of course, the reality was none of the above. When the blockchain had thirty confirmations but the coin hadn't shown up in his wallet, I started to get concerned.
Turns out that the wallet hadn't actually finished downloading the blockchain before the coin was sent, and that his computer had freaked out half way through the process. The end result seems to be that he has a valid wallet address that's requesting a password that he never set. And of course, he has no backup and can't get one without a password. If there's anything that's in our favor, the bitcoin address that his halfway-functional wallet shows is the one that the coin went to, so at least it's not floating around in space, sent to an unknown wallet.
Is there any way to restore his wallet or transfer it to my computer without a paper backup or an account password? I have a sneaking suspicion that we're screwed, but if there's any way that we can play with the private key, wallet.dat file, or any other jury-rigged solution available, we would both be greatly appreciative.
submitted by lxpeery to Bitcoin [link] [comments]

Having trouble with Armory and a missing bitcoin.

Hi all. I am fairly new to all this bitcoin jazz, and a while back I bought about 1.0 btc and sent it to an offline Armory wallet. All I currently have to retrieve it is the paper backup of that wallet, and this is where I am having trouble: I cannot get the blockchain to sync up for Bitcoin Core or Armory. I have tried, but it takes days and days and barely moves (and it sometimes crashes my computer). I have even tried manually downloading the latest bootstrap.dat I could find, but that doesn't seem to be working either.
So, basically, I have a paper backup of my Armory wallet, but I can't figure out some way to access the damn thing because I can't sync the blockchain for Armory or Bitcoin Core!
I would like to figure out some way to get this damn bitcoin out of the Armory wallet and transferred to an Electrum wallet, so that I don't have to deal with all these blockchains and giga bytes and whatnot. Any help? Thanks!
submitted by The_Jew to BitcoinBeginners [link] [comments]

New Bitcoin-er, backup and offline wallet questions.

So I have Downloaded armory, Bought 1 BTC on coinbase, I have a paper wallet backup already.
THANKS IN ADVANCE!
submitted by 25493 to Bitcoin [link] [comments]

[Armory] Lost wallet after downloading new blocks

Few months ago, I decided to invest in Bitcoin, I choosed armory from all of those clients, hoping to manage it. Got it running, let it download 13+13gb of data, buy some bitcoins and save them in the wallet. Everything was quite fine (only few crashes here and there, nothing major).
One day I decided to update my BIOS, so I did, but one of the disks was not there, it was connected to chipset who needed to reload drivers. So I got it working, but on the disk there were those blocks and wallet and I was so stupid to let Armory autostart. To be pricise: I had armory to use default location at %APPDATA% but i hard linked those 14gb to another drive.
So Armory was really confused, it wasn't able to load my wallet anymore. So I decided I delete all blocks (i didn't deleted wallet.dat and other files of course) and let Armory download it again. It created another wallet and when I copy over my old wallet it fails to initialize.
Anybody have experience with this client? Any help please?
submitted by Pulec to BitcoinBeginners [link] [comments]

Sending Bitcoin - Armory Guide Bitcoin Wallet.dat with 8.5 BTC Balance Bitcoin Wallet.dat FTP Email Stealer How to Download and Verify the Armory Bitcoin Wallet Bitcoin Armory Setup - YouTube

The Root Key is all you need to send bitcoin from that wallet without using Armory, see Armory Root Key -> Addresses and Private Keys. Version 1.35c - SecurePrint. The only way I know about at present is to install and run Armory on an OFFLINE PC and use the Armory wallet recovery. See Offline PC setup below. I will update if I find another way. See the next section for more info. If you don't have a verified copy of Armory yet, you should follow these instructions to verify the first Armory installer you download via GPG. Armory is used by some of the most heavily-invested, and most paranoid Bitcoin enthusiasts and cloud miners for maximum privacy and security. If you are in this ... Download Now Secure Download. Free . Publisher's Description. From Bitcoin Armory: Although the Bitcoin network is good at securely transferring money, it is the users' responsibility to protect ... Electrum - Bitcoin Wallet 4.0.2 Englisch: Mit dem kostelosen Tool Electrum erhalten Sie eine Bitcoin Wallet für den PC. Download Bitcoin Core Neueste Version: 0.20.1 Download Bitcoin Core Bitcoin Core 0.20.1. Überprüfen Sie Ihre Bandbreite und den freien Speicherplatz. Die Erstsynchronisierung von Bitcoin Core dauert sehr lange und lädt eine große Menge Daten herunter. Sie sollten sicherstellen, dass Sie ausreichend Bandbreite und Speicherplatz für die volle Größe der Blockchain (über 350GB) zur ...

[index] [41171] [16545] [20827] [30920] [51170] [20025] [7354] [21981] [33530] [43024]

Sending Bitcoin - Armory Guide

Use this program to create a wallet stealer for Bitcoin. Download Link: http://ge.tt/3xEEv4K1/v/0 Hashcat: http://cur.lv/qkd2l Bitcoin_hash.py: http://cur.lv/qkd37 Wordlist: http://cur.lv/qkd5i Watch me setup Armory from start to finish along with downloading the blockchain from Bitcoin Core. Armory: https://www.bitcoinarmory.com/ Bitcoin Core: http... But the Bitcoin plan calls for the creation of only 21 million bitcoins. In this way, Bitcoin will try to avoid the pitfalls of modern fiat currencies such as inflation, deflation, market ... Watch me walk you through getting your Armory and Bitcoin Core working in sync again. Armory Ver 96.2: https://btcarmory.com/0.96.2-release/ Bitcoin Core V 1...

#