Bitcoin Forum>Economy>Marketplace>Service Discussion>Web Wallets
Pages:
Author

Topic: Bitpay Big Exploit? - 323 btcs sent to unknown address (Read 379 times)

BitMaxz
legendary
Activity: 3206
Merit: 2904
Block halving is coming.
Bitpay Big Exploit? - 323 btcs sent to unknown address
December 12, 2022, 07:25:31 PM
#21
Quote from: huguet2004 on December 12, 2022, 08:57:24 AM
Thanks for the message guys im digging further into this.

Have you tried my suggestion if you still have some balance on other addresses in your copay extracting private keys from your backup seed or wallet.json.aes is I think the best solution to take control of the address that still has funds and transfer it right away to another wallet like Electrum.
Never had any experience using copay but since they have backup seed or file there is still a chance that you can get the remaining funds in your wallet without contacting copay since they said they don't have control of your wallet.

So if I were you start extracting private keys from the seed or backup file before it transfers again to an unknown address.
huguet2004
newbie
Activity: 6
Merit: 0
Re: Bitpay Big Exploit? - 323 btcs sent to unknown address
December 12, 2022, 08:57:24 AM
#20
Thanks for the message guys im digging further into this.

Quote from: rat03gopoh on December 10, 2022, 11:35:51 AM
I find out more about bitpay as your PM.

Thanks Rat03.

Is it possible for you to DM me your telegram?

Cheers!
rat03gopoh
hero member
Activity: 2002
Merit: 633
Your keys, your responsibility
Re: Bitpay Big Exploit? - 323 btcs sent to unknown address
December 10, 2022, 11:35:51 AM
#19
I find out more about bitpay as your PM.

Quote from: huguet2004 on December 08, 2022, 08:59:40 AM
For those who think this was a copay exploit, do you guys have any evidence of that? Any leaked private keys or known bugs?
Of course there is no proof, this is just more probable supposition. After all, bitpay has really experienced exploitation before your case. The email you quoted:
Quote from: huguet2004 on November 29, 2019, 04:07:30 PM
That one was only for Copay, If you used that 1-1 wallet during that time, using the Copay app (not the Bitpay app) and send money on using that version, the key could have been compromised. That was almost 1 year ago, so it seems improbable.

According to news, malware is also spread on bitpay[1].
Quote
The malware was deployed on versions 5.0.2 through 5.1.0 of its Copay and BitPay wallet apps, and could potentially be used to capture private keys to steal bitcoin and bitcoin cash.
So I'm going to stick to the previous assumption that your access key was leaked.


1. https://www.coindesk.com/markets/2018/11/27/fake-developer-sneaks-malicious-code-into-bitpays-copay-wallet/
stompix
legendary
Activity: 2828
Merit: 6108
Jambler.io
Re: Bitpay Big Exploit? - 323 btcs sent to unknown address
December 08, 2022, 07:36:26 PM
#18
Quote from: JeromeTash on December 08, 2022, 05:53:55 PM
Also, how do you come to a conclusion that the few coins spent were moved to mixers? Please educate me.

Breaking into smaller inputs, sending them to addresses that join them together and then splits again into tens of inputs, addresses getting hundred+ BTC in multiple transactions in the same block and then emptying all again in a matter of seconds, that's mixing behavior, no CEX does so.

Quote from: huguet2004 on December 08, 2022, 08:59:40 AM
Also since 2021 without moving, this was made by a professional hacker not someone who had access to my phone or anything.

Or by somebody that got scared at the amount involved and decided to play low and set up his next moves carefully waiting to see if somebody knocks at the door, but probably this bear market is testing his patience with 6 million just in reach so he wanted at least a few of that now! Usually, professional groups try to settle things as soon as possible to reduce the risks of a member jeopardizing everything, plus a volatile market would lead to a lot of infighting.
JeromeTash
legendary
Activity: 2100
Merit: 1208
Heisenberg
Re: Bitpay Big Exploit? - 323 btcs sent to unknown address
December 08, 2022, 05:53:55 PM
#17
Quote from: huguet2004 on December 08, 2022, 08:59:40 AM
Yes guys im aware that he spent coins, i tracked some but he used many mixers.

For those who think this was a copay exploit, do you guys have any evidence of that? Any leaked private keys or known bugs?

Me too im thinking this was a copay exploit/bug since i never shared my PK with anyone, etc. Also since 2021 without moving, this was made by a professional hacker not someone who had access to my phone or anything.
If it was made by a professional scammer, then what's stopping from spending all the coins via a mixer. I mean, there are mixers that can volumes of even 300 BTC if moved in split transactions.

Also, how do you come to a conclusion that the few coins spent were moved to mixers? Please educate me.
huguet2004
newbie
Activity: 6
Merit: 0
Re: Bitpay Big Exploit? - 323 btcs sent to unknown address
December 08, 2022, 08:59:40 AM
#16
Yes guys im aware that he spent coins, i tracked some but he used many mixers.

For those who think this was a copay exploit, do you guys have any evidence of that? Any leaked private keys or known bugs?

Me too im thinking this was a copay exploit/bug since i never shared my PK with anyone, etc. Also since 2021 without moving, this was made by a professional hacker not someone who had access to my phone or anything.
JeromeTash
legendary
Activity: 2100
Merit: 1208
Heisenberg
Re: Bitpay Big Exploit? - 323 btcs sent to unknown address
November 26, 2022, 05:47:58 PM
#15
Quote from: nc50lc on November 13, 2022, 12:33:08 AM
Quote from: huguet2004 on November 12, 2022, 05:16:22 PM
Hey guys, still nothing resolved.
Unfortunately, there's a bad news: your funds in 1CYYS3R6CKD43nCxFbqvEvjr3VUScKswBw is now spent: aeb87b9dc18739dd178a8e9f138d31e614de537b925a8df33d310383b0d237c0
That alone should rule out that it's still in your wallet or caused by a bug that sent it a random address.
The address still has a balance of 277 BTC though (https://mempool.space/address/1CYYS3R6CKD43nCxFbqvEvjr3VUScKswBw). It wasn't all spent. The person just spends 5 or 6 BTC and the change goes back to the address. Maybe the person is doing this to slowly cash out the BTC without risking all of it and having it seized.
rat03gopoh
hero member
Activity: 2002
Merit: 633
Your keys, your responsibility
Re: Bitpay Big Exploit? - 323 btcs sent to unknown address
November 13, 2022, 01:00:53 AM
#14
Quote from: huguet2004 on November 12, 2022, 05:16:22 PM
Hey guys, still nothing resolved.

Anyone heard or had any other copay exploits related issues?

Your problem is at this address, 16Y4jj7LXLU8P7UrYP5VEfCdZ7W3w3xVNh(1st addy) sending to an address not in your control 1CYYS3R6CKD43nCxFbqvEvjr3VUScKswBw(2nd addy). I thought your access key was leaking on your phone without you realizing it.

However I can't say that this is an exploit by hacker as long as the 2nd address still holds most of the bitcoins from your address. Came to the conclusion that this is a bitpay system bug (imo), not an exploit. If you wanna contact support, just ask who controls the 2nd address, this address has done a lot of tx output since you raised this case.
nc50lc
legendary
Activity: 2338
Merit: 5297
Self-proclaimed Genius
Re: Bitpay Big Exploit? - 323 btcs sent to unknown address
November 13, 2022, 12:33:08 AM
#13
Quote from: huguet2004 on November 12, 2022, 05:16:22 PM
Hey guys, still nothing resolved.
Unfortunately, there's a bad news: your funds in 1CYYS3R6CKD43nCxFbqvEvjr3VUScKswBw is now spent: aeb87b9dc18739dd178a8e9f138d31e614de537b925a8df33d310383b0d237c0
That alone should rule out that it's still in your wallet or caused by a bug that sent it a random address.

Since it's obviously spent, someone has access to that address's private keys.
huguet2004
newbie
Activity: 6
Merit: 0
Re: Bitpay Big Exploit? - 323 btcs sent to unknown address
November 12, 2022, 05:16:22 PM
#12
Hey guys, still nothing resolved.

Anyone heard or had any other copay exploits related issues?
Patatas
legendary
Activity: 1750
Merit: 1115
Providing AI/ChatGpt Services - PM!
Re: Bitpay Big Exploit? - 323 btcs sent to unknown address
November 29, 2019, 07:41:33 PM
#11
Quote from: huguet2004 on November 29, 2019, 04:07:30 PM
-snip-
Seems like Copay is trying to hide something from the vague replies they have sent to you. Makes sense that your keys could have compromised or CoPay could have been hacked. The only hope you have is keeping track of how the coins are moved. Watching this thread and tracking the coins.
huguet2004
newbie
Activity: 6
Merit: 0
Re: Bitpay Big Exploit? - 323 btcs sent to unknown address
November 29, 2019, 04:07:30 PM
#10
Nop the issue was not recovered.
That was their last email

My specialist is thinking was a copay bug, my privates keys were impossible to be phiscally stolen and i never hold them online anywhere.


------------------------------------------------

Hello Hugo,

No, I have no news on that case, nor another related user report. We continue to check if we find any security issues on the current builds.

Did you created the wallet in 2017 using the Copay Wallet?
Are you aware of the issue  https://nvd.nist.gov/vuln/detail/CVE-2018-1000851  that affected wallets in Copay from version 5.0.1 to 5.1.0?

That one was only for Copay, If you used that 1-1 wallet during that time, using the Copay app (not the Bitpay app) and send money on using that version, the key could have been compromised. That was almost 1 year ago, so it seems improbable.

Other than that, at the moment we have no other idea of how the keys could have been compromised.
huguet2004
newbie
Activity: 6
Merit: 0
Re: Bitpay Big Exploit? - 323 btcs sent to unknown address
November 29, 2019, 03:47:18 PM
#9
Quote from: Chlotide on November 29, 2019, 07:21:22 AM
Weird things happen
The ~294 BTC still in Bitpay address
https://i.imgur.com/5kFF3Vw.jpg

Seems case is closed since github issue was also closed.

https://github.com/bitpay/copay/issues/10364

OP, how did this story end ? Got the $2.5M back ? (I get chills when just writing that amount...)


Why in bitpay address? the addres 1CYYS3R6CKD43nCxFbqvEvjr3VUScKswBw is not in bitpay
bL4nkcode
copper member
Activity: 2142
Merit: 1305
Limited in number. Limitless in potential.
Re: Bitpay Big Exploit? - 323 btcs sent to unknown address
November 29, 2019, 02:24:03 PM
#8
Hope it's just a bug from bitpay's side and the funds are still on the wallet and can be recovered, coz if not, then that's really a huge loss to begin with.
coupable
hero member
Activity: 2338
Merit: 757
Re: Bitpay Big Exploit? - 323 btcs sent to unknown address
November 29, 2019, 01:35:54 PM
#7
Quote from: Rafilsk on November 29, 2019, 09:13:24 AM
Very strange, I think it's a problem with Copay and they are trying to hide the case.
May be not! Op mentioned that he received this notification in github :
Quote
On 23 Nov 2019, at 19:59, micahriggan <[email protected]> wrote:



Hello, I think you may be okay, from looking at our database I think I see an issue that could be affecting your wallet.


You are receiving this because you authored the thread.
Reply to this email directly, view it on GitHub<#10364?

And he confirmed that he contacted them via this email :
Quote
Hello,

Could you please contact us at [email protected] so we can investigate the issue further.

thanks.

Even bitpay support confirmed the issue, Am really interested to know what should infect a wallet "called trusted" and who is the owner of the receiving address ?
Rafilsk
member
Activity: 125
Merit: 10
Re: Bitpay Big Exploit? - 323 btcs sent to unknown address
November 29, 2019, 09:13:24 AM
#6
The case was not resolved and they ended the topic on the very tin Github.

Very strange, I think it's a problem with Copay and they are trying to hide the case.
Chlotide
full member
Activity: 305
Merit: 106
Re: Bitpay Big Exploit? - 323 btcs sent to unknown address
November 29, 2019, 07:21:22 AM
#5
Weird things happen
The ~294 BTC still in Bitpay address


Seems case is closed since github issue was also closed.

https://github.com/bitpay/copay/issues/10364

OP, how did this story end ? Got the $2.5M back ? (I get chills when just writing that amount...)
BitMaxz
legendary
Activity: 3206
Merit: 2904
Block halving is coming.
Re: Bitpay Big Exploit? - 323 btcs sent to unknown address
November 27, 2019, 04:19:57 PM
#4
Maybe the balance from your copay wallet is sent to a change address connected to your copay wallet just like what they said from here "Where did my funds go in my BitPay wallet?"
Just keep your copay wallet connected and sync properly you will get your balance back from your copay wallet in the new wallet address.

Just in case the balance still doesn't show then try to extract all of your private keys from your copay wallet and import it to other wallets like Electrum wallet. You can follow the guide from here "How do I get the private key from my BitPay or Copay wallet?"

Let's hope that you can find your balance from exported private keys in your Copay wallet and import it to the Electrum wallet.
Make sure to download Electrum from real electrum.org and verify the signature to make sure your wallet is real and not a fake one.
bL4nkcode
copper member
Activity: 2142
Merit: 1305
Limited in number. Limitless in potential.
Re: Bitpay Big Exploit? - 323 btcs sent to unknown address
November 27, 2019, 10:37:41 AM
#3
That's a huge amount to store in a merely mobile wallet even if I have only 1 BTC, I will not risk my funds on mobile wallet/device.

And you sure you never shared your recovery seed to others or saved it somewhere online? It's likely a compromised seed if you defend that your device isn't infected with malware.
nc50lc
legendary
Activity: 2338
Merit: 5297
Self-proclaimed Genius
Re: Bitpay Big Exploit? - 323 btcs sent to unknown address
November 27, 2019, 02:58:51 AM
#2
Quote from: huguet2004 on November 26, 2019, 08:34:05 PM
I've experience what it seems a huge exploit in my copay wallet, with 336.2008 btcs beeing moved out. This is a new phone use only for btc, never in public wifi, never downloaded anything other than essencial apple apps, etc.
You're hodling hundreds of thousands worth of Bitcoins in a mobile device? You should be using a hardware wallet by now.
Anyways, how about your backup, is it safe from hackers or anyone close to you (physically)?
Copay is an HD wallet so one way to get hacked is through your SEED or backup.

Maybe not relevant, but someone just reported the same "hacking" issue to their github repo:Funds lost from wallet #10373
If it isn't your seed or device, they are the only one who can help you with this matter.

For your own protection, do not display your master public key (xpub) in the public
because all of your previous and future transactions/addresses will be visible once it was imported.
Pages:
Bitcoin Forum>Economy>Marketplace>Service Discussion>Web Wallets
Jump to: