This only applies to someone that?s running bitcoin on a vps/cloud server which is less then 1% of users
Quote:
Originally Posted by rowan
To elaborate further: that is really all you need to steal someone's Bitcoin balance. You don't need to be able to control the victim's computer/VPS in any way, nor do you need access to the file system. You just need to grab those 32 bytes of private key (for each address) from the victim's (running) Bitcoin client, then import them into your own wallet. The victim no longer has control of the funds once you move them to your own address.
You don't even need to know if any given 32 byte string is a Bitcoin key. You can just import it and let the client figure out if it owns any funds.
|