Page 1 of 2 12 LastLast
Results 1 to 10 of 16

Thread: Hacking Team broke Bitcoin secrecy by targeting crucial wallet file

  1. #1
    Silver
    Join Date
    Jul 2015
    Posts
    84
    Thanks
    75
    Thanked 87 Times in 44 Posts

    Hacking Team broke Bitcoin secrecy by targeting crucial wallet file

    Not BTC being cracked per se. But still doesn't make me feel comfortable in believing in it.

    Hacking Team broke Bitcoin secrecy by targeting crucial wallet file

    by Cyrus Farivar - Jul 14, 2015 8:25am EDT

    Turns out, going after someone’s Bitcoin transactions is much easier than you might think. After all, as the saying goes, once you’re pwned, you’re pwned.

    After Hacking Team, the Italian spyware vendor, was hacked earlier this month, and 400GB of its internal data was released, Ars reviewed many internal e-mails from the company. These documents clearly illustrate how simply Hacking Team's "Money Module" worked, and they provide a small glimpse into which customers were particularly interested in it.

    In general, the Italian spyware company sold (and hopes to continue to sell) software that allowed targets to be surreptitiously surveilled as they used computers or smartphones, and its clientele included law enforcement agencies worldwide. Back in January 2014, Hacking Team internally announced a new feature as part of its version 9.2 upgrade to its Remote Control System suite, and the new iteration would include a way to "track cryptocurrencies, such as BitCoin [sic], and all the related information."

    The Money Module also included support for Bitcoin alternatives including Litecoin, Feathercoin, and Namecoin.

    Nicholas Weaver, a researcher at the International Computer Science Institute in Berkeley, California, went through the same e-mails. He says that such a feature "shouldn’t be surprising."

    "It is straightforward to grab the wallet.dat and related files and for malcode to get the password for this file when the user accesses their bitcoins," he told Ars by e-mail. "Similarly, one can also search for Bitcoin-related keywords in e-mail messages and other content on their computer. And once you have a copy of the wallet.dat file, you have the entire transaction history (as Ross Ulbricht can attest to)."

    The wallet.dat file contains a user’s private keys, so when combined with the public transactions posted to the blockchain, Bitcoin’s shroud of secrecy is removed. In short, the attacker gets the keys to the kingdom.
    That’s very close to what American federal authorities did to prove that Ross Ulbricht’s Bitcoin transactions were the same as Dread Pirate Roberts’ transactions. The biggest difference is that the FBI didn’t need to digitally infiltrate a computer in that case—they had physically seized Ulbricht's device, still running, during an infamous raid at the San Francisco library.

    Using Hacking Team's solution, it wouldn’t matter if a target had encrypted wallet.dat, nor if he or she was using an online wallet (such as Coinbase.com). The company's embedded keylogger would surely capture the relevant password. And as one leaked company e-mail explained, the Money Module feature automatically exported this data to the "evidence" portion of the Remote Control System software.

    A job well done

    Hacking Team's Alberto Ornaghi, a software architect, e-mailed his colleagues in Italian with a few more details:

    Hi all,

    from the 9.2 backend will support the new module MONEY for all platforms. We keep track of transactions in crypto-currencies targets (see history of silk-road) and in the demo we can also make a bitcoin transaction to buy drugs and see in the form of correlation to those who got that money (DEA: anyone interested? : P)

    the information we can get are: addressbook (list of all contacts and local accounts of the target), files (the wallet itself, containing the money and spend it for private keys), transactions (transaction history in/out of the target , useful for making correlations).
    A few days later, Daniele Milan, the company’s operations manager, wrote:

    I’m sure all of you heard about BitCoin, however here is some relevant context to position them in your pitch: cryptocurrencies are a way to make untraceable transactions, and we all know that criminals love to easily launder, move, and invest black money. [Law enforcement agencies], by using our Intelligence module combined with this new capability, can correlate the usage of cryptocurrencies, defeating the financial opacity they provide.
    Hours later, CEO David Vincenzetti responded: "Well done!!!"

    Egyptian, Saudi authorities interested in Bitcoin tracking

    At the moment, no one knows the comprehensive list of who installed or used Money Module Version 9.2 in early 2014. But leaked e-mails show that both the Egyptian Ministry of Defense and the Saudi Ministry of the Interior e-mailed Hacking Team with support questions. Both countries rank quite low on Freedom House’s 2014 "Freedom on the Net" list.

    Hacking Team e-mails also reveal that Vincenzetti himself was quite skeptical on the entire concept of Bitcoin even before his company’s introduction of Money Module. He wrote:

    A currency offering close to total anonymity is obviously the currency of choice for ransoms of all kinds. This is just one of the reasons for Bitcoin should never become a monetary standard.
    In February 2014, he also told his e-mail list:

    Bitcoin as it is now has no future. But this does not imply that virtual currencies don’t have a future. That is, a modification of the actual Bitcoiin [sic], something different, fully traceable and supported by clearing houses and the global financial system as a whole might have a future.
    In May 2015, after Ross Ulbricht was sentenced to life in prison as a result of being convicted of running Silk Road, Vincenzetti again opined on Bitcoin:

    An exemplary punishment. This is just. This is the Justice we need.

    The DARKNET is 99% used for all kinds of illegal, criminal activities. BitCoin and its "evolutions" are key to DARKNET’s anonymity. Regardless some investors and a few irresponsible entrepreneurs are speculating on these.
    http://arstechnica.com/security/2015...l-wallet-file/

  2. #2
    Iridium Jewboo's Avatar
    Join Date
    Feb 2013
    Posts
    9,985
    Thanks
    5,777
    Thanked 7,912 Times in 4,284 Posts

    Re: Hacking Team broke Bitcoin secrecy by targeting crucial wallet file

    https://americanviewtoday.files.word.../emp.jpg?w=700


    EMP burst and your Bitcoins go poof forever. For.......ever.
    I'm the infamous Fred of GIM - Jewboo kindly turned over his account to me.

  3. The Following User Says Thank You to Jewboo For This Useful Post:

    Hillbilly (10th December 2016)

  4. #3
    Moderator madfranks's Avatar
    Join Date
    Apr 2010
    Posts
    11,761
    Thanks
    7,376
    Thanked 8,034 Times in 4,008 Posts

    Re: Hacking Team broke Bitcoin secrecy by targeting crucial wallet file

    Quote Originally Posted by Jewboo View Post

    EMP burst and your Bitcoins go poof forever. For.......ever.
    No they won't. As long as the internet exists, you'll have them. An emp over portions of the USA won't destroy that.
    "Liberty is so creative, and the government is so stupid, that I’m very optimistic about the future"
    - Lew Rockwell

  5. #4
    Unobtanium EE_'s Avatar
    Join Date
    Apr 2010
    Posts
    16,263
    Thanks
    1,086
    Thanked 7,956 Times in 4,576 Posts

    Re: Hacking Team broke Bitcoin secrecy by targeting crucial wallet file

    The most attractive thing about crypto payment digits is that they are outside any laws protecting them. That makes them fair game to steal them and more power to you if you can.
    I equate them to little more then leaving a bag of your money in a crowded shopping mall, your expensive bicycle in a black neighborhood unlocked, or a classic 64 Chevy Impala parked in a Mexican neighborhood overnight. Who is to blame if they come up missing?

    The second thing, is a chance to make money betting on cryptos, to win more.
    DON'T TAKE THE VACCINE!

    THE SHIT HAS HIT THE FAN!

  6. #5
    Dangerous Donald Neuro's Avatar
    Join Date
    Apr 2010
    Location
    Absurdistan
    Posts
    21,221
    Thanks
    8,798
    Thanked 7,785 Times in 4,994 Posts

    Re: Hacking Team broke Bitcoin secrecy by targeting crucial wallet file

    Quote Originally Posted by Jewboo View Post
    https://americanviewtoday.files.word.../emp.jpg?w=700


    EMP burst and your Bitcoins go poof forever. For.......ever.
    It would pretty much mean reversal to 18th century technology, without the 18th century infrastructure. Whether you had bitcoins or not is not going to matter one iota... Many other valuables would be worthless too.

    You may be able to convince the grocery store clerk to accept your pre-64 dime in exchange for some canned salmon!

  7. #6
    Iridium Jewboo's Avatar
    Join Date
    Feb 2013
    Posts
    9,985
    Thanks
    5,777
    Thanked 7,912 Times in 4,284 Posts

    Re: Hacking Team broke Bitcoin secrecy by targeting crucial wallet file

    Quote Originally Posted by Neuro View Post
    It would pretty much mean reversal to 18th century technology, without the 18th century infrastructure. Whether you had bitcoins or not is not going to matter one iota... Many other valuables would be worthless too. You may be able to convince the grocery store clerk to accept your pre-64 dime in exchange for some canned salmon!

    https://bowtielaw.files.wordpress.co...humbdrive1.jpg https://i.ytimg.com/vi/lL-2xT3GKTU/hqdefault.jpg


    Bitcoin = Poof


    I'm the infamous Fred of GIM - Jewboo kindly turned over his account to me.

  8. #7
    Unobtanium Shami-Amourae's Avatar
    Join Date
    Apr 2010
    Location
    Idaho
    Posts
    14,677
    Thanks
    3,186
    Thanked 7,980 Times in 4,537 Posts

    Re: Hacking Team broke Bitcoin secrecy by targeting crucial wallet file

    Quote Originally Posted by Jewboo View Post

    EMP burst and your Bitcoins go poof forever. For.......ever.
    +1 what MadFranks said.

    As long as someone is operating a Bitcoin client in the world your Bitcoins still exist if you still have your key.

    You'd have to basically wipe out the entire Internet and every computer, hard drive, flash drive and so on with all this data and networking.


    It's not going to happen.


    You can have a Paper Wallet too if you're afraid of EMP.
    https://chrispacia.files.wordpress.c...per-wallet.jpg
    https://bitcoinpaperwallet.com/

  9. #8
    Unobtanium crimethink's Avatar
    Join Date
    Sep 2014
    Location
    Mystery Babylon
    Posts
    13,482
    Thanks
    9,400
    Thanked 6,806 Times in 4,311 Posts

    Re: Hacking Team broke Bitcoin secrecy by targeting crucial wallet file

    Unsinkable Titanic.

    Unbreakable Bitcoin.
    The night has come upon us, and we have but two choices: to fear it, or to face it bravely while looking to the Light that cannot be overcome. John 8:12

  10. The Following User Says Thank You to crimethink For This Useful Post:

    Hillbilly (10th December 2016)

  11. #9
    Dangerous Donald Neuro's Avatar
    Join Date
    Apr 2010
    Location
    Absurdistan
    Posts
    21,221
    Thanks
    8,798
    Thanked 7,785 Times in 4,994 Posts

    Re: Hacking Team broke Bitcoin secrecy by targeting crucial wallet file

    Quote Originally Posted by Shami-Amourae View Post
    +1 what MadFranks said.

    As long as someone is operating a Bitcoin client in the world your Bitcoins still exist if you still have your key.

    You'd have to basically wipe out the entire Internet and every computer, hard drive, flash drive and so on with all this data and networking.


    It's not going to happen.


    You can have a Paper Wallet too if you're afraid of EMP.
    https://chrispacia.files.wordpress.c...per-wallet.jpg
    https://bitcoinpaperwallet.com/
    How do you plan on cashing in your paper bitcoin being in 18th Century United States?

  12. #10
    Dangerous Donald Neuro's Avatar
    Join Date
    Apr 2010
    Location
    Absurdistan
    Posts
    21,221
    Thanks
    8,798
    Thanked 7,785 Times in 4,994 Posts

    Re: Hacking Team broke Bitcoin secrecy by targeting crucial wallet file

    Damn don't you have anything smaller than that Gold coin? But how about I give you five cans of salmon and a roll of toilet paper for it?

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •