Author

Topic: Bitcoin 'successfully' transferred to an invalid bitcoin address (Read 253 times)

legendary
Activity: 1624
Merit: 2481
OP lost money, he is angry, frustrated, maybe sad. All of that is understandable. When he reads the above post of yours and the rest he will realize that he made a series of mistakes that led to the loss of funds. 

I wish this would be the case.

A lot of people lose funds through multiple mistakes in a row, but quite a high percentage of them never sees themselves at fault.
They will keep blaming electrum (or any other wallet/service/whatever).

The majority of user here just want to get rich. They don't understand BTC and neither how to securely store their coins.
Instead of learning the basics on how to secure digital information, they just do whatever they are told on their colorful screen.

That's also one reason why it still is a long way until we reach mass adoption.
We need idiot-proof hardware wallets built into smartphones with double- or triple checking of each transactions. If then someone is going to lose funds by sending them to a wrong address.. well.. then they can't be helped anymore.
legendary
Activity: 2730
Merit: 7065
But.. electrum is at fault ?
Of course not.
OP lost money, he is angry, frustrated, maybe sad. All of that is understandable. When he reads the above post of yours and the rest he will realize that he made a series of mistakes that led to the loss of funds.  Not just one mistake but several of them. It is sad but it is just the way it is.

'Don't hate the game, hate the player'!
In this case the Electrum developers gave us this app for free to use all of its features that suit our needs.
Scammers took advantage of certain flaws to their advantage...
hero member
Activity: 1358
Merit: 851
I wouldn't be surprised if people behind Electrum were behind this scam.
The above statement by bob123 is enough to prove that no one other than a random hacker and you are responsible for the loss. Hacking isn't a new issue, not in cryptocurrency environment but all over the internet. Only your awareness can save you from being a target of the hacker.
As far as I know, there's no pop-up is displayed if electrum released a new version, you have to download it manually. You are probably using electrum before me, you must have known about this issue.
I would like to alert you on another issue, copy-paste malware, it can change your copied address into the hackers and thus you will send in hacker's address instead of yours. Don't bother checking the address before releasing the coin.
legendary
Activity: 1624
Merit: 2481
I can't believe Electrum is such an irresponsible and crappy organization.

There is no organization.
It is an open-source project without any company/organization behind it.



They have let scam messages to be displayed on an officially installed software and are allowing the website electrumproject.org to be operated without doing anything about it.

They allowed the server you are connected to to display a message.

There are countless fake-sites which are impersonating the electrum site. They can file a complaint for each they find. And they don't have to.

This wouldn't have happened at all if you would have verified the signature, which everyone recommends you to do.
Additionally, everyone recommends you to not download electrum from anywhere else than the original site.


So, to summarize:
  • You didn't check the website you downloaded electrum from
  • You didn't verify the signature of the file
  • You didn't update electrum for more than 6 months
  • You clicked on a random link and installed a software without checking the internet (which takes less than 1 minute to find out version 4.0 is scam)

But.. electrum is at fault ?



I wouldn't be surprised if people behind Electrum were behind this scam.

 Roll Eyes
legendary
Activity: 2730
Merit: 7065
...and are allowing the website electrumproject.org to be operated without doing anything about it.
I am sorry you lost money but what can Electrum do regarding a fake website? Similar websites get taken down and the scammers create new ones. There are phishing sites of bitcointalk but you can not hold bitcointalk responsible if you enter your data on such a site and get your account details stolen.

You are right about the fact that such a vulnerability should not have happened in the first place and should have been discovered by the developers. Unfortunately they are human like the rest of us and didn't know about it. Other vulnerabilities can be found in the future that is why it is important to keep your eyes open and make proper research before doing anything you could regret.   
legendary
Activity: 3234
Merit: 5637
Blackjack.fun-Free Raffle-Join&Win $50🎲
fentanyl08, too bad that you did not read anything about Electrum on this forum before you make update, you are member for a 2 month or something like that. Warning is posted on the first board in Important Announcements -> https://bitcointalksearch.org/topic/electrum-vulnerability-allows-arbitrary-messages-phishing-5090097

It's no consolation for you, but you are not the only one who is deceived by this hacker trick. I say that Electrum should fix this exploit before has been discovered by hackers, but it is also true that only proper way for download Electrum is from their site, and after that to verify files.

legendary
Activity: 1876
Merit: 3132
I can't believe Electrum is such an irresponsible and crappy organization. They have let scam messages to be displayed on an officially installed software and are allowing the website electrumproject.org to be operated without doing anything about it.

Since when Electrum is an organization? Bugs are common in any kind of software. The problem has been fixed in an update. In most cases, users are at fault for not paying enough attention to what they are doing (simply checking the website address would make everything clear). Taking down a website in not as simple as you might think, especially if you are not a large company.
legendary
Activity: 2268
Merit: 18748
They have let scam messages to be displayed on an officially installed software and are allowing the website electrumproject.org to be operated without doing anything about it.
All software has bugs which can be exploited. People get hacked via vulnerabilities in their browser or their operating system all the time. To think that a piece of software you are using is infallible is naive at best.

This bug was patched very quickly after being discovered. This was months ago. The Electrum website gives clearly instructions on how to update Electrum properly, where to download from, and how to verify, including a warning right across the top of the landing page to not download Electrum from other sources.

The fake site that is being displayed is constantly changing. You can have a look at this Github page here and find about 10 different fake addresses: https://github.com/spesmilo/electrum/issues/5183. Whenever one gets shutdown, the hackers simply open up another one, and count on people using outdated software to follow it blindly, and download, install and run their malware without doing any basic checks.
jr. member
Activity: 51
Merit: 3
I can't believe Electrum is such an irresponsible and crappy organization. They have let scam messages to be displayed on an officially installed software and are allowing the website electrumproject.org to be operated without doing anything about it.
I wouldn't be surprised if people behind Electrum were behind this scam.
legendary
Activity: 2758
Merit: 6830
I was trying to pay a Bitpay invoice. I opened the invoice in Electrum app and tried to pay it but I couldn't pay the invoice as an error prompt appeared that I have an outdated version of Electrum. I clicked on the link to install the newer version https://prnt.sc/p2ys86
I contacted the Bitpay support with this address but they say it doesn't belong to them.
You got scammed. The message was fake and was resulted from a vulnerability on Electrum versions older than 3.3; Unfortunately, your coins are gone and there isn't anything you can do. :/

The address is valid btw. It's just that it is owned by the hacker (that made you download an malicious fake Electrum wallet). Notice the URL "http://electrumproject.org < SCAM". The ONLY legit website Electrum has is Electrum.org.

I suggest that you do a clean format on your PC, because there is a chance you are infected.
jr. member
Activity: 51
Merit: 3
I was trying to pay a Bitpay.com invoice and opened the invoice in Electrum-BTC desktop wallet. I don't know how, but somehow that transaction got sent to and invalid address bc1qcygs9dl4pqw6atc4yqudrzd76p3r9cp6xp2kny
The transaction should be returned if the address is not even a valid bitcoin address (it has non-supported characters right?) but it appears that the transaction is already confirmed Huh
This isn't a invalid address. It's a new format which some services don't support yet, thus, they think it is invalid. But it can receive and send Bitcoins normally.


The wallet prompted me to install an update before sending the transaction and I'm pretty sure it was official electrum-btc website.
Were you using a version older than 3.3 when this happened? From where exactly did you download the file?

And to which address you were trying to send? Was it to another wallet, exchange, service, etc...?
I was trying to pay a Bitpay invoice. I opened the invoice in Electrum app and tried to pay it but I couldn't pay the invoice as an error prompt appeared that I have an outdated version of Electrum. I clicked on the link to install the newer version https://prnt.sc/p2ys86
I contacted the Bitpay support with this address but they say it doesn't belong to them.
legendary
Activity: 2730
Merit: 7065
P.S
 The wallet prompted me to install an update before sending the transaction and I'm pretty sure it was official electrum-btc website.
Check your browsing history. I am quite certain that you didn't download the update from the official site but a phishing site. Yes, the notification did appear on the official software but the link leads to a third party website. This bug has already been fixed and the notifications don't appear in the newer versions of Electrum.
 
Sounds like a well known phishing attempt that has been around for a long time where users are instructed to download a fake Electrum 4.0 version which doesn't exist. Use this incident to improve your online habits and only download from official sources verifying the signatures of the downloaded files before doing anything else.
full member
Activity: 602
Merit: 116
I just searched for the mentioned address on google and found the link below.
https://github.com/spesmilo/electrum/issues/5072
There is a same issue with the address which your bitcoins has sent to. So, there is no doubt this address belongs to a hacker.
Electrum's official website is https://electrum.org/ and you have likely used another link. You should check the address before you start to downlaod any file. You should also verify the signatures.
legendary
Activity: 2758
Merit: 6830
I was trying to pay a Bitpay.com invoice and opened the invoice in Electrum-BTC desktop wallet. I don't know how, but somehow that transaction got sent to and invalid address bc1qcygs9dl4pqw6atc4yqudrzd76p3r9cp6xp2kny
The transaction should be returned if the address is not even a valid bitcoin address (it has non-supported characters right?) but it appears that the transaction is already confirmed Huh
This isn't a invalid address. It's a new format which some services don't support yet, thus, they think it is invalid. But it can receive and send Bitcoins normally.


The wallet prompted me to install an update before sending the transaction and I'm pretty sure it was official electrum-btc website.
Were you using a version older than 3.3 when this happened? From where exactly did you download the file?

And to which address you were trying to send? Was it to another wallet, exchange, service, etc...?
legendary
Activity: 2800
Merit: 2736
Farewell LEO: o_e_l_e_o
P.S
 The wallet prompted me to install an update before sending the transaction and I'm pretty sure it was official electrum-btc website.
Unfortunately you were attacked by the hackers. This was spotted few months ago and it's already known by the bitcoin community from long time. I am sorry that you never heard of it before and you became another victim of that hacker.

Sorry for your lose. I suggest you to update your Electrum from their official site: https://electrum.org/#download

Verify the signature and install it.

You can not do anything about it except moving on.
jr. member
Activity: 51
Merit: 3
I was trying to pay a Bitpay.com invoice and opened the invoice in Electrum-BTC desktop wallet. I don't know how, but somehow that transaction got sent to and invalid address bc1qcygs9dl4pqw6atc4yqudrzd76p3r9cp6xp2kny
The transaction should be returned if the address is not even a valid bitcoin address (it has non-supported characters right?) but it appears that the transaction is already confirmed Huh
Transaction id 1cdc45c6f92430d021f387af6564353cb90281da4ee8e1e9721387ad05874c45
Please help me out there

P.S
 The wallet prompted me to install an update before sending the transaction and I'm pretty sure it was official electrum-btc website.
Jump to: