Topic: All my BTC were stolen from QT desktop wallet by this individual (Read 2665 times)

Is this guy still active?

11.76. Well over $7k worth

This is very true. Its important to keep a watchful eye at all times and not to get complacent

For the most part, yes, all it takes is common sense. But every once in a while, even the most sensible people can make a lapse in judgment.

what if i told you i run win7 on a comp with about 30 different wallets; no antivirus, no firewall, no nothing.
last time i did a reinstall was 2.5 years ago, and was never infected.
all it takes is common sence, and u will never pick up infection (unless there realy is a zero-day exploit lol)

Windows is actually the worst choice of OS for security, especially if you do not have Anti Virus. Next time, move a portion of your coins to cold storage so it cannot be stolen.

my thoughts exactly, anyway I would go into cold storage. Is definatly safe from hackers. Some how many BTC did you lose?

Everyone learned from mistake. I also learned a lesson not to store my bitcoin on exchange even if it has big name. I lost significant bitcoin on Mt Gox.

Many malware are targeting Bitcoin wallet now. Windows system especially Windows XP and older are not supported by Microsoft anymore. This system are vulnerable to malware. Don't use it for important task (bitcoin wallet, online transaction, server)

Everyone really should look into a wallet or wallet service with good reviews and multi-factor authentication.  If you have a unencrypted wallet file on your computer it's just trouble waiting to happen. 

I am sorry for your loss, I hope others read this and use multi-authenticaiton and encryption.

Great sleuthing.  I imagined he was french (as another victim described him( and yes the NZB file reminds me of something i downloaded on usenet that was supposed to be a movie file and instead ended up being an executable that i clicked on, but then nothing seemed to happen.  I will follow up on this.  Much appreciated and will keep you in mind for compensation.

Sorry to hear about the lost coins.

Why are you running kaspersky and avg at the same time though? You shouldn't be running 2 antivirus's like that at the same time.

Often times they can negate each other. Then neither one is effective at catching anything. Just run kaspersky, make sure it is up to date and run a full scan.

You can also try running adwcleaner http://www.bleepingcomputer.com/download/adwcleaner/ and combofix http://www.bleepingcomputer.com/download/combofix/.

You should not be using the same wallet anymore until you figure out what happened on your machine(or at all really). At this point consider the machine that had the BTC stollen from compromised.

It may not be a bad idea to change passwords on any accounts you have as you may have a keylogger. Clean your computer first before changing the passwords as if you have a keylogger it will capture the new passwords too.

Hopefully you can get all of this figured out.

It's a bit of a stretch but here is what I came up with:

Tazja is known as tazbox on a hackers forum (http://jomgegar.com/)
16th post in this topic shows tazbox probably is up to no good/linked to bitcoin (http://jomgegar.com/topic/2801-question-about-bitcoin/?hl=tazbox)

Then if we look a bit further we find this topic about tazja being a hacker: https://bitcointalksearch.org/topic/guess-i-got-hacked-543660
If you look at post 18, you see a post of bitdonkey. He stated he also got hacked by tazja.
If we look up bitdonkey's post we see this post about him purchasing a VPS host: https://bitcointalksearch.org/topic/m.5598973

Domain is tazbox. As stated previously, that is the username of Tazja. So either bitdonkey is tazja, or he wanted to make a website dedicated to his own hacker?

The extension of the domainname is not stated, but let's assume it's .fr, as he is french. Then we come up with:
contact:     Dubas Julien
address:     18, place de la mairie
address:     07200 Aubenas
country:     FR
phone:       +33 7 53 76 03 40
e-mail:      [email protected]
Possible second email: [email protected]

And what if we search for taznact? Then this comes up as first result:
Antivirus scan for ... - VirusTotal
https://www.virustotal.com/latest-report.html?resource...
SHA256: 6debde863fce2217b8e7e8a58dd948f00c441eb15d5cba30a5a7103d469e07b8. File name: Taznact.exe. Detection ratio: 24 / 47. Analysis date ...


So the domainname tazbox.fr is now linked to not only sha256, but also to a file with the name taznact.exe (same as his email) which most likely contains a virus.

And the virus made you lose your bitcoin.
By the way, he seems to spread his virus through NZB (download website).
Look at his uploaded files: http://www.nzbking.com/poster/[email protected]%20(Taznact)/

Hope this helps!

If you manage to get your btc back, this is my address for a donation:
btc:1AHkjqevi3DcebECujHFAbJjLad58Dqt6A

hehe, funny guy.

Yeah, that's not gonna happen. When Bitcoins are gone they're gone. That's the greatest feature of Bitcoin - irreversible transactions and no fraud controls. Those stupid bankers would return your funds by crediting your debit card and prosecute the criminal.

the wallet had passphrase encryption.  Not sure about the firewall.  Kasperski and AVG were on and nether triggered.   ran Malwarebytes.org scan and it did flag a bunch of stuff that the AV programs missed.  Certainly learned a lesson about importance of paper wallets.   

this character has posted to this community in the past.  I am hopeful moderators can DOXX him and hopefully together we can shame/coerce the guy to return the coins.

Sorry to hear your loss.
I can see that you have already made a post in "service" to provide a bounty. Good luck.

harsh man, to many hackers about you got be carefull.

how do these key loggers ect get past the router do they use upnp? or just go down a known open port like 80?

How did you get your Bitcoins stolen? I would try to get a DOX of this guy.

Did you encrypt your wallet with password?

Next time don't use Windows. Use Mac OS X or GNU/Linux. If you store large amount of bitcoin, you may use cold storage / paper wallet.

Sorry for your loss OP.

May I ask what do these detectives do exactly, can they reverse the payment or do they just track who was responsible for this sort of stuff and provide their whereabouts? And when they do, what happens after that?