Malicious plugin/scripts stolen your BTC. Now there is nothing to do with it. The next time you store any valuable coins, make sure your system is not compromised and you are fully aware of any malicious/phishing attempts/scripts.
Topic: Bitcoin stolen from Electrum wallet (Read 364 times)
I'm feeling very sorry for you, what had happened to you.
Malicious plugin/scripts stolen your BTC. Now there is nothing to do with it. The next time you store any valuable coins, make sure your system is not compromised and you are fully aware of any malicious/phishing attempts/scripts.
Malicious plugin/scripts stolen your BTC. Now there is nothing to do with it. The next time you store any valuable coins, make sure your system is not compromised and you are fully aware of any malicious/phishing attempts/scripts.
This discussion is nonsense.
Electrum is a very good initiative, but unless it is working on airgapped computer , even a linux, it doesn't share the same security as a hardware wallet.
And you can anytime recover your funds from any wallet, the only thing you need is the private key. This concern about going something wrong with the hardware, doesn't affect your funds. Your coins are in the blockchain, not in the hardware.
Personally i don't like Electrum (and this crazy seed only recognized by electrum, I didn't knew about that... well, i like it even less now)
Electrum is a very good initiative, but unless it is working on airgapped computer , even a linux, it doesn't share the same security as a hardware wallet.
And you can anytime recover your funds from any wallet, the only thing you need is the private key. This concern about going something wrong with the hardware, doesn't affect your funds. Your coins are in the blockchain, not in the hardware.
Personally i don't like Electrum (and this crazy seed only recognized by electrum, I didn't knew about that... well, i like it even less now)
Hardware wallets are specialized, closed source devices that can't be replaced easily.
...
Plus hardware wallets are closed source so I have now way to know how much to trust them
Yes... very closed source... ...
Plus hardware wallets are closed source so I have now way to know how much to trust them
https://github.com/trezor/
https://github.com/LedgerHQ
https://github.com/keepkey
https://github.com/digitalbitbox
That's fine except i'd have to order one and wait.
You DON'T have to order one and wait... you missed the point:Quote
Most (all?) of the hardware wallets use BIP39/44 compatible seeds and can be restored by most HD wallets
It is the equivalent of replacing your PC with other unused PC's you have lying about... you can just restore your hardware wallet into any compatible wallet you want... even Electrum!I don't know why people seem to think that once you migrate to a Hardware wallet, you're locked into?
OK, OK I learned something new today. The reason people think you're locked in probably has to do with poor marketing.
I never really intended to get one because of the the "ooh, shiny" hype going on.
Hardware wallets are specialized, closed source devices that can't be replaced easily.
...
Plus hardware wallets are closed source so I have now way to know how much to trust them
Yes... very closed source... ...
Plus hardware wallets are closed source so I have now way to know how much to trust them
https://github.com/trezor/
https://github.com/LedgerHQ
https://github.com/keepkey
https://github.com/digitalbitbox
That's fine except i'd have to order one and wait.
You DON'T have to order one and wait... you missed the point:Quote
Most (all?) of the hardware wallets use BIP39/44 compatible seeds and can be restored by most HD wallets
It is the equivalent of replacing your PC with other unused PC's you have lying about... you can just restore your hardware wallet into any compatible wallet you want... even Electrum!I don't know why people seem to think that once you migrate to a Hardware wallet, you're locked into?
Isn't your computer also a "hardware device"? What are you going to do when it dies? 
Apples and oranges, my good man. My computer is a garden variety PC which can be easily replaced with one of the other unused ones I have lying about.
Hardware wallets are specialized, closed source devices that can't be replaced easily.
Let me guess, restore your wallet from your seed backup right?
Exactly like what you would do with a hardware wallet... Most (all?) of the hardware wallets use BIP39/44 compatible seeds and can be restored by most HD wallets... Unlike Electrum seeds... which are Electrum only
Exactly like what you would do with a hardware wallet... Most (all?) of the hardware wallets use BIP39/44 compatible seeds and can be restored by most HD wallets... Unlike Electrum seeds... which are Electrum only
That's fine except i'd have to order one and wait.
Plus hardware wallets are closed source so I have now way to know how much to trust them. Electrum is Python and I can run it right from source without an installer.
Regarding hardware wallets: for me the jury's still out. I don't like being dependent on a hardware device in case something goes wrong with it.
Isn't your computer also a "hardware device"? What are you going to do when it dies? Let me guess, restore your wallet from your seed backup right?
Exactly like what you would do with a hardware wallet... Most (all?) of the hardware wallets use BIP39/44 compatible seeds and can be restored by most HD wallets... Unlike Electrum seeds... which are Electrum only
Even using desktop wallets is fine 99% of the time, if you take some basic security precautions.
I wouldn't say 99%.. but it definetely can be somehow safe.
But there are still exploits which simply arent fixed yet and are a perfect entry point for malware targeting crypto user.
There are things which you can't protect yourself from with a desktop wallet.
Additionally the 'basic security precautions' are probably not achievable/doable for 90%+ of the daily windows user.
Regarding hardware wallets: for me the jury's still out. I don't like being dependent on a hardware device in case something goes wrong with it.
Electrum is an open source program that I can run directly from source code without installation. That's very empowering.
Electrum is an open source program that I can run directly from source code without installation. That's very empowering.
You can enjoy the electrum GUI and still have the security of a hardware wallet.
When creating a wallet in electrum you have the choice to add a HW wallet (which will hold the private keys / do the TX signing).
While I really love Linux, advice like this doesn't accomplish anything, makes you sound really elitist.
You can safely use a hardware wallet and be a Windows user. Even using desktop wallets is fine 99% of the time, if you take some basic security precautions.
You can safely use a hardware wallet and be a Windows user. Even using desktop wallets is fine 99% of the time, if you take some basic security precautions.
I'm completely unconcerned with how I sound. I'm only concerned with evidence-based strategies that work.
Usually wallets get hacked because the user installed malware that he downloaded himself, direct attacks are very unlikely, especially if you don't have a big amount of coins.
If you have a big amount of crypto assets, invest in a hardware wallet.
If you have a big amount of crypto assets, invest in a hardware wallet.
Absolutely. I don't have any hard statistics I can quote but it seems likely that 99% of malware is inadvertently installed by the users themeselves.
Regarding hardware wallets: for me the jury's still out. I don't like being dependent on a hardware device in case something goes wrong with it.
Electrum is an open source program that I can run directly from source code without installation. That's very empowering.
Another important thing to note is that an unconfigured Linux desktop might be a bit safer than Windows by default, but it's not completely safe either.
An uninformed Linux user can do much more damage to his own system than an uninformed Windows user
An uninformed Linux user can do much more damage to his own system than an uninformed Windows user
Yup. Like any power tool you can do useful work with it or also cut your own hand off. Taking responsibility for your own actions and safety isn't quick and easy; you have to do actual work.
If you use windows, you need to take a few precautions:
-Use Firefox latest version
-Download uBlock Extension + Decentraleyes Extension
-Download Malware bytes, updated it daily
-Use windows 10, updated it daily/weekly
-Before downloading anything try it here http://virustotal.com/
-Use windows defender updated.
These are very basically steps. If you had follows them, you wouldn't be infect... ublock will block most of those phishing sites and malware bytes will take care of the rest.
Inform Binance and show them all information you have (screenshots, keylogger, eletrum..)
Personally, i don't trust windows wallets. I prefer to use webwallets like blockchain.info or mobile wallets like coinomi or samourai. Even if you computer if infected, you probably woudn't be robbed....
Hardwallet are much better and should be used if you have more than 1 in my opinion.
-Use Firefox latest version
-Download uBlock Extension + Decentraleyes Extension
-Download Malware bytes, updated it daily
-Use windows 10, updated it daily/weekly
-Before downloading anything try it here http://virustotal.com/
-Use windows defender updated.
These are very basically steps. If you had follows them, you wouldn't be infect... ublock will block most of those phishing sites and malware bytes will take care of the rest.
Inform Binance and show them all information you have (screenshots, keylogger, eletrum..)
Personally, i don't trust windows wallets. I prefer to use webwallets like blockchain.info or mobile wallets like coinomi or samourai. Even if you computer if infected, you probably woudn't be robbed....
Hardwallet are much better and should be used if you have more than 1 in my opinion.
I downloaded from the official website, but I found a malware "remcos" on my computer, and they keylogged everything.
I traced the stolen bitcoins to Binance, unsure what I can do from here.
I traced the stolen bitcoins to Binance, unsure what I can do from here.
It doesn't cost you anything to inform Binance and see where it takes you.
Regarding malware, I'm gonna guess you're a Windows user. Stop that and switch all your crypto activities to Linux.
While I really love Linux, advice like this doesn't accomplish anything, makes you sound really elitist.
You can safely use a hardware wallet and be a Windows user. Even using desktop wallets is fine 99% of the time, if you take some basic security precautions.
Usually wallets get hacked because the user installed malware that he downloaded himself, direct attacks are very unlikely, especially if you don't have a big amount of coins.
If you have a big amount of crypto assets, invest in a hardware wallet.
Another important thing to note is that an unconfigured Linux desktop might be a bit safer than Windows by default, but it's not completely safe either.
An uninformed Linux user can do much more damage to his own system than an uninformed Windows user
You were infected either via RAT or someone snickly installed the virus without your knowledge..
best you could do is by re-installing the OS and tightening your securities, do not downloaded anything else unless it really important to you..
Sorry for you loss
best you could do is by re-installing the OS and tightening your securities, do not downloaded anything else unless it really important to you..
Sorry for you loss
Here's something else to consider. I'm a Linux user but you still have to be careful since there *are* Linux exploits. The only reason Windows seems more vulnerable to hacking is that it's low-hanging fruit to hackers i.e. there are way more Windows users than any other OS.
For the truly paranoid, one could use something like Qubes that spins up a fresh VM every time you do something. If a VM instance is infected it doesn't matter because the VM template is always secure in the future.
It sounds like OP's computer was infected with remcos beforehand by a bad actor. Someone with physical access may have installed it or it may have been delivered by a tainted download. Either way, OP has multiple opportunities to tighten up his security.
For the truly paranoid, one could use something like Qubes that spins up a fresh VM every time you do something. If a VM instance is infected it doesn't matter because the VM template is always secure in the future.
It sounds like OP's computer was infected with remcos beforehand by a bad actor. Someone with physical access may have installed it or it may have been delivered by a tainted download. Either way, OP has multiple opportunities to tighten up his security.
Wow. Very good advice on this thread. Some of the interesting ones: use Linux, a hardware wallet when possible, and make sure you always, always check for malware before doing transactions.
I suspect they didn't "hack" your wallet, or your 2FA... they will have keylogged the seed when you had to enter it during wallet setup.
By using the seed they will have been able to restore the 2FA wallet in "disabled" mode, with two private keys in the wallet file, allowing them to create and sign transactions while bypassing TrustedCoin's 2FA system.
An unfortunate, and costly, lesson about the dangers of malware and cryptocurrency
Cryptocurrency can be a harsh mistress.
By using the seed they will have been able to restore the 2FA wallet in "disabled" mode, with two private keys in the wallet file, allowing them to create and sign transactions while bypassing TrustedCoin's 2FA system.
An unfortunate, and costly, lesson about the dangers of malware and cryptocurrency
I traced the stolen bitcoins to Binance, unsure what I can do from here.
Pretty much nothing. I doubt Binance will care and to be honest, aside from "your word", there is no way to prove they were actually "stolen". Yes, they were transferred... but there is no way to prove that this was an unauthorised transfer, as the thief "proved" ownership by signing the transaction with the private keys... Cryptocurrency can be a harsh mistress.
I didn't say the Electrum wallet was infected, but yea my computer was infected by this malware at some point, and they used it to hack my Electrum wallet and withdrew the funds.
Thanks for the answers. I downloaded the software from this page:
https://electrum.org/#download
It is the official version I would say. But they used the REMCOS malware to keylog everything and stole my money like this.
https://electrum.org/#download
It is the official version I would say. But they used the REMCOS malware to keylog everything and stole my money like this.
I guess that they didn't just keylog everything, they also copied some of your files (at least the wallet file).
Since they logged all, they have your password too, so they could access your private keys, even if you had the 2FA.
All in all, your money was not stolen from Electrum. It was stolen .. from you.
Very sad story
You should have really check your computer for viruses before trying to keep one Bitcoin on it...
You're assuming remcos was packaged with Electrum. It's more likely that you were already infected.
Thanks for the answers. I downloaded the software from this page:
https://electrum.org/#download
It is the official version I would say. But they used the REMCOS malware to keylog everything and stole my money like this.
https://electrum.org/#download
It is the official version I would say. But they used the REMCOS malware to keylog everything and stole my money like this.
There are many phishing sites these days, and mostly they are abusing the free service from google or bing ads.
they are promoting a fake electrum because its mostly use by many bitcoin users and they can target and choose only new users with adwords or bing ads. I have basic seo knowledge and I know how to setup the adwords and bing ads I use them for a long time when promoting a whitehat niche so I know those scammers doing..
I already posted a sample of a fake website here in the forum you can check my post here
https://bitcointalksearch.org/topic/m.30441754
I heard someone downloaded a fake electrum, but in LTC version past few days ago and maybe this is the website where you download the electrum.
If the site is different better to share with us the correct website so that we can report it immediately to google or bing ads. to remove this fake website.
they are promoting a fake electrum because its mostly use by many bitcoin users and they can target and choose only new users with adwords or bing ads. I have basic seo knowledge and I know how to setup the adwords and bing ads I use them for a long time when promoting a whitehat niche so I know those scammers doing..
I already posted a sample of a fake website here in the forum you can check my post here
https://bitcointalksearch.org/topic/m.30441754
I heard someone downloaded a fake electrum, but in LTC version past few days ago and maybe this is the website where you download the electrum.
Code:
http://electrumltc.org/
If the site is different better to share with us the correct website so that we can report it immediately to google or bing ads. to remove this fake website.
I downloaded from the official website, but I found a malware "remcos" on my computer, and they keylogged everything.
I traced the stolen bitcoins to Binance, unsure what I can do from here.
I traced the stolen bitcoins to Binance, unsure what I can do from here.
It doesn't cost you anything to inform Binance and see where it takes you.
Regarding malware, I'm gonna guess you're a Windows user. Stop that and switch all your crypto activities to Linux.
Jump to: