Bitcoin Forum>Bitcoin>Development & Technical Discussion>Wallet software>Electrum
Author

Topic: I have been scammed. (Read 169 times)

Cricktor
hero member
Activity: 714
Merit: 1010
Crypto Swap Exchange
I have been scammed.
May 12, 2024, 06:09:10 AM
#17
Quote from: user210822 on May 11, 2024, 04:57:12 PM
...
The link from OP to blockstream.info works fine for me.


I took a little closer look at the destination address bc1qtckat8kjghl33lvm7m3ur2x23h5gqmyd2g7app and am a bit surprised to see that it has been reused multiple times. Understandable if it's hard-coded in some malware, otherwise not so much. If I were a criminal, I would avoid address reuse as much as possible because it ties criminal actions too easily together.

Interesting are tx 5f547a778366dae8ad14cf8f9d200d5a40b82f6273ef65cbe067c91ccb72bae7 and especially tx 32d5010f9218e99a98e53046621597687c11c5650f83672413c8570e1a3a1f08 where the latter moves 0.29001678BTC to two outputs with address bc1qaxljza7lx9gp6k5ue4377uuty2fengfqmk2ydw receiving the majority of it.

The amount is then transfered to address 3LqMzezxzzS6zcxRsck3CB3CKFcsGJvcUs which is part of a wallet that has seen ~7million transactions attributed to it. Could be an exchange or mixer (I haven't looked any deeper).
user210822
jr. member
Activity: 86
Merit: 1
Re: I have been scammed.
May 11, 2024, 04:57:12 PM
#16
Total sum transferred closes to 0.004 BTC. Of course it's hard to loose even one Satoshi without a reason. But it is always better to be safe than sorry. Before initiating any transactions with crypto I've purchased hardwallet. All of them have decent support and educative sources. That may help a lot if studied thoroughly. Very strange thing to me was - your link which I couldn't follow with Error 403. Some problems with server? I could manage only by copying transaction hash and forwarding it to other service.
Z-tight
hero member
Activity: 854
Merit: 1031
Only BTC
Re: I have been scammed.
May 11, 2024, 04:36:57 PM
#15
Quote from: GxSTxV on May 11, 2024, 04:18:04 PM
The first thing you do when you know your computer is hacked, you move all your assets from the connected wallets to your computer, change your accounts password and change everything from wallets, accounts and try to not connect the computer to internet until someone experienced deletes the malware and cut it completely.
If your wallet is compromised, then it is unlikely for you to still have any funds left there, since the hacker must have emptied the wallet. However, what do you mean when you say 'move funds from wallet to computer', i don't understand what you are talking about there.

If hackers manage to compromise your wallet, then you should never use that wallet again, and the solution is not about connecting your device to the internet again, you have to follow the instructions that have been shared in this topic and make sure your device is 'clean' before you start using it.
BlackHatCoiner
legendary
Activity: 1512
Merit: 7340
Farewell, Leo
Re: I have been scammed.
May 11, 2024, 04:24:18 PM
#14
Forget licensed Windows. Load a Linux distro and use that to create a wallet. Tails comes with Electrum pre-installed. You'll probably never find out what was the malware, but this is Windows. You need antivirus and other crap that load in the background to, ultimately, get less protection than an open-source alternative.

What is weird is that your wallet was compromised the moment you turned off your antivirus. Was there a program running in the background, which was monitoring that all the time? We'll never know.
GxSTxV
hero member
Activity: 784
Merit: 618
Re: I have been scammed.
May 11, 2024, 04:18:04 PM
#13
Well, I’m sorry for your loss and I believe that you are lucky for not having a big sum in your wallet, otherwise it would be a disaster for you. However, I could understand when you mentioned turning off a virus, so I assume you already knew that your pc is infected and you kept your funds inside electrum? The first thing you do when you know your computer is hacked, you move all your assets from the connected wallets to your computer, change your accounts password and change everything from wallets, accounts and try to not connect the computer to internet until someone experienced deletes the malware and cut it completely.
Unfortunately, the transaction can’t be reversed now, it’s only a valuable lesson to you, take my advice if you could, purchase a cold wallet, otherwise, use a computer that you don’t connect to internet, only for your wallet and never download programs from other non-official sources.
Cricktor
hero member
Activity: 714
Merit: 1010
Crypto Swap Exchange
Re: I have been scammed.
May 11, 2024, 04:06:00 PM
#12
Where did you download your Electrum from?

You should only download it from site https://www.electrum.org, never skip to verify your download is genuine and has proper valid GPG signature. It's also better not to install your wallet on the computer where you do your daily internet shit. I recommend a Linux installation for crypto wallet stuff.

Did you store your recovery words of your Electrum wallet in digital form on an online device? Did you make a photo of your written backup of your recovery words?

Were you persuaded to enter your recovery words on any online website?

I'm just curious how your wallet got compromised and the details you provided so far leave a lot of room for speculation how you were actually scammed. It's interesting that the output of the transaction you presented is still unspent in address bc1qtckat8kjghl33lvm7m3ur2x23h5gqmyd2g7app.
Lucius
legendary
Activity: 3234
Merit: 5637
Blackjack.fun-Free Raffle-Join&Win $50🎲
Re: I have been scammed.
May 10, 2024, 09:36:33 AM
#11
Quote from: mrooo on May 07, 2024, 08:38:56 AM
I have been scammed, when I tunred the virus off I got scammed, someone opened my electrum and made this transfere.
~snip~

I assume your antivirus warned you not to download some file, but you disabled it to do so and now you see how bad a move that was. Although AVs can sometimes have false detection, in most cases they protect you from malicious programs, which means that in the future do not disable your AV.

First you have to learn what risks are threatening you from the internet, and only then invest in Bitcoin again - otherwise, a cold or hardware wallet will not help you to prevent something similar from happening to you.
NotATether
legendary
Activity: 1568
Merit: 6660
bitcoincleanup.com / bitmixlist.org
Re: I have been scammed.
May 10, 2024, 07:09:01 AM
#10
Quote from: mrooo on May 08, 2024, 12:11:35 PM
I have got acivated license.

What kind of programs did you have installed on your Windows computer?

Have you accidentally clicked on any suspicious links in your email recently?

Currently the most prevalent way people are losing their funds now is by downloading a malicious file from their email and opening it on their Windows computer.
mrooo
brand new
Activity: 0
Merit: 0
Re: I have been scammed.
May 08, 2024, 12:11:35 PM
#9
Quote from: Hazink on May 07, 2024, 02:52:03 PM
Quote from: hosseinimr93 on May 07, 2024, 12:46:39 PM
Quote from: mrooo on May 07, 2024, 10:41:48 AM
I should reinstall windows and format c:
Format your hard drive (not only drive C) and then reinstall your operating system.
And when installing the new OS, he should make sure to get a legal and licensed one from a direct dealer or straight from the company. There are a lot of pirated OS speculating on the software market, and most of them have this virus's design to only target crypto users.

I have got acivated license.
Z-tight
hero member
Activity: 854
Merit: 1031
Only BTC
Re: I have been scammed.
May 08, 2024, 05:52:20 AM
#8
Quote from: Alphakilo on May 07, 2024, 09:27:43 AM
Do change your password to a strong one and enable additional security measures like using hardware wallets since they have their own two-factor authentication feature.
Changing the password of a wallet that has already been compromised does not do anything, op should never use that wallet again. A hardware wallet is a good recommendation, however, if it is the 2fa feature you are looking for, you can get that in Electrum, though i prefer to set up a multisig wallet, than to create a 2fa wallet. Another option for extra security is to extend your seed phrase with a passphrase, so an attacker will require seed phrase + passphrase before they can get to your funds.
Hazink
member
Activity: 65
Merit: 23
Re: I have been scammed.
May 07, 2024, 02:52:03 PM
#7
Quote from: hosseinimr93 on May 07, 2024, 12:46:39 PM
Quote from: mrooo on May 07, 2024, 10:41:48 AM
I should reinstall windows and format c:
Format your hard drive (not only drive C) and then reinstall your operating system.
And when installing the new OS, he should make sure to get a legal and licensed one from a direct dealer or straight from the company. There are a lot of pirated OS speculating on the software market, and most of them have this virus's design to only target crypto users.
hosseinimr93
legendary
Activity: 2380
Merit: 5213
Re: I have been scammed.
May 07, 2024, 12:46:39 PM
#6
Quote from: mrooo on May 07, 2024, 10:41:48 AM
What is cold storage ??
It means that your private keys (or your seed phrase) should never connect to the internet.
To have a cold storage, you use a trustworthy wallet like electrum on an air-gapped device or go for a hardware wallet.


Quote from: mrooo on May 07, 2024, 10:41:48 AM
I should reinstall windows and format c:
Format your hard drive (not only drive C) and then reinstall your operating system.
mrooo
brand new
Activity: 0
Merit: 0
Re: I have been scammed.
May 07, 2024, 10:41:48 AM
#5
Quote from: Zaguru12 on May 07, 2024, 09:13:39 AM
Quote from: mrooo on May 07, 2024, 08:38:56 AM
I have been scammed, when I tunred the virus off I got scammed, someone opened my electrum and made this transfere.

https://blockstream.info/tx/7c9892789ab0ad5bb0b54d1c7ce71a805a54e2a73d015e0dda8ef9239f1f7fbb

Please help me, is there something I can do about it ??

Sincerley

Firstly sorry for your loss, hopefully you will recover from it.

The next thing is to look for solution to avoid future occurrence, i am a bit confused about your story is it that the transaction was done directly from your device (physical attack) or a through phishing attack or something like s malware on your device. If it is physical attack then you to be extra cautious of who get close to devices that holds your coin.

If it is malware I think you might need to total format your device as the malware would still be on it. If best look towards cold storage. If it is phishing attack then you need to take correction of sites you visit with such devices. Cold storage remains the best solution

What programs to use for finding the malware?

What is cold storage ??

I should reinstall windows and format c:


Best regards
Alphakilo
full member
Activity: 336
Merit: 134
Cashback 15%
Re: I have been scammed.
May 07, 2024, 09:27:43 AM
#4
The transaction now has 6 confirmations. And like OmegaStarScream mentioned and it is not reversible. Sorry.

Here's what you can do in addition to the advice already given. Do change your password to a strong one and enable additional security measures like using hardware wallets since they have their own two-factor authentication feature. Furthermore do not beat yourself up, it is not the end of the world.

Take it as an opportunity to learn about cyber security practices in cryptocurrency. You could take an online course or two, read articles, YouTube is there to help too and this forum also is another great place to learn about it. Doing so will prevent it from reoccurring in the future.

Zaguru12
hero member
Activity: 672
Merit: 855
Re: I have been scammed.
May 07, 2024, 09:13:39 AM
#3
Quote from: mrooo on May 07, 2024, 08:38:56 AM
I have been scammed, when I tunred the virus off I got scammed, someone opened my electrum and made this transfere.

https://blockstream.info/tx/7c9892789ab0ad5bb0b54d1c7ce71a805a54e2a73d015e0dda8ef9239f1f7fbb

Please help me, is there something I can do about it ??

Sincerley

Firstly sorry for your loss, hopefully you will recover from it.

The next thing is to look for solution to avoid future occurrence, i am a bit confused about your story is it that the transaction was done directly from your device (physical attack) or a through phishing attack or something like s malware on your device. If it is physical attack then you to be extra cautious of who get close to devices that holds your coin.

If it is malware I think you might need to total format your device as the malware would still be on it. If best look towards cold storage. If it is phishing attack then you need to take correction of sites you visit with such devices. Cold storage remains the best solution
OmegaStarScream
staff
Activity: 3500
Merit: 6152
Re: I have been scammed.
May 07, 2024, 08:39:58 AM
#2
The transaction already has 4 confirmations, so there's sadly nothing you can do to reverse the transaction.

Since you know it's a malware, make sure to clean your computer properly, and make a completely new wallet afterwards.
mrooo
brand new
Activity: 0
Merit: 0
Re: I have been scammed.
May 07, 2024, 08:38:56 AM
#1
I have been scammed, when I tunred the virus off I got scammed, someone opened my electrum and made this transfere.

https://blockstream.info/tx/7c9892789ab0ad5bb0b54d1c7ce71a805a54e2a73d015e0dda8ef9239f1f7fbb

Please help me, is there something I can do about it ??

Sincerley
Bitcoin Forum>Bitcoin>Development & Technical Discussion>Wallet software>Electrum
Jump to: