Topic: Coins Stolen from my QT Wallet (Read 2822 times)
sorry about this man!you've probably been robbed. Well, at least it is your experience and you've learned something.
The only Altcoin Clinets software that I have installed of Late.
Were CPUminer, Mined and QT wallet for Maxcoin. All of theses were downloaed from either github or via Twitter links on the Maxcoin release day.
No other software had been installed on my PC since I last used My Bitcoin QT wallet passs phrase to send a Transaction.
PC now rebuilt.
No answer to PM sent to Bitmain.
Big Lesson Learned. ;-)
Were CPUminer, Mined and QT wallet for Maxcoin. All of theses were downloaed from either github or via Twitter links on the Maxcoin release day.
No other software had been installed on my PC since I last used My Bitcoin QT wallet passs phrase to send a Transaction.
PC now rebuilt.
No answer to PM sent to Bitmain.
Big Lesson Learned. ;-)
Oh a Big lesson... Like 11 BTC
HUGE lesson
But don't be sad. Mark K. lost 4000BTC
I hope Bitmain will reply soon.
The only Altcoin Clinets software that I have installed of Late.
Were CPUminer, Mined and QT wallet for Maxcoin. All of theses were downloaed from either github or via Twitter links on the Maxcoin release day.
No other software had been installed on my PC since I last used My Bitcoin QT wallet passs phrase to send a Transaction.
PC now rebuilt.
No answer to PM sent to Bitmain.
Big Lesson Learned. ;-)
Were CPUminer, Mined and QT wallet for Maxcoin. All of theses were downloaed from either github or via Twitter links on the Maxcoin release day.
No other software had been installed on my PC since I last used My Bitcoin QT wallet passs phrase to send a Transaction.
PC now rebuilt.
No answer to PM sent to Bitmain.
Big Lesson Learned. ;-)
Let us know all of your alt coin clients you have installed becuase it seems one of them are a trojan.
Just booted my PC and sync'd my Wallet, only to find I have been robbed.
Status: 310 confirmations
Date: 16/02/2014 03:43
To: 1JJewUpXpBHNDWVqzkKk7kWa7pQzRGfzpG
Debit: -11.24 BTC
Transaction fee: -0.0006 BTC
Net amount: -11.2406 BTC
Transaction ID: df776f8492caaee7004594f9e8b399342e24ce7febd8b79621ac7ded958b78ba
Anyone know of how this can be traced or should I just accepted I have been robbed and their nothing I can do.
Heeeeelp
C_C
Status: 310 confirmations
Date: 16/02/2014 03:43
To: 1JJewUpXpBHNDWVqzkKk7kWa7pQzRGfzpG
Debit: -11.24 BTC
Transaction fee: -0.0006 BTC
Net amount: -11.2406 BTC
Transaction ID: df776f8492caaee7004594f9e8b399342e24ce7febd8b79621ac7ded958b78ba
Anyone know of how this can be traced or should I just accepted I have been robbed and their nothing I can do.
Heeeeelp
C_C
did you get any reply about who was sending your money?
Installed any random altcoin clients lately? Another member reporting that may be the culprit.
Is there a list of alt coin clients that could be the culprit ?
Thanks,
If I followed it correctly, your coins seem to have gone to 1QB8Ds5KbGYBLQa5RyDQ2sVUeSKWf7qgkZ, which I believe is bitmain's. Looks like your stolen coins are being used to buy antminers.
Contact bitmain??
Contact bitmain??
I found an indication the address is controlled by Bitmain:
Where do you get 3500 orders? I only see 1618 transactions in their main wallet and a bunch of them are from before the price dropped.
https://blockchain.info/da/address/1QB8Ds5KbGYBLQa5RyDQ2sVUeSKWf7qgkZ
Considering they had(have?) 400TH online and is supposed to ship out 500TH(rough estimate, I know) I think the odds of them running dry is kinda low - I don't think they would have their entire stock online. Even though around 100 new transactions have popped up during the last 24h...
https://blockchain.info/da/address/1QB8Ds5KbGYBLQa5RyDQ2sVUeSKWf7qgkZ
Considering they had(have?) 400TH online and is supposed to ship out 500TH(rough estimate, I know) I think the odds of them running dry is kinda low - I don't think they would have their entire stock online. Even though around 100 new transactions have popped up during the last 24h...
Paper Wallets are the safest way to go, and they are actually much easier than any video or instructions out there show.
On your loss: Follow your money on the blockchain, and Google every wallet number until it links with a verified account, then present the info to the proper authority, which varies upon geographical location.
also... http://cseweb.ucsd.edu/~smeiklejohn/
she can help you by using a new btc tracking algorithm she is developing.
Good luck.
On your loss: Follow your money on the blockchain, and Google every wallet number until it links with a verified account, then present the info to the proper authority, which varies upon geographical location.
also... http://cseweb.ucsd.edu/~smeiklejohn/
she can help you by using a new btc tracking algorithm she is developing.
Good luck.
PC Windows 8
Possible Malware in Maxcoin Clients that I had downloaded.
But still don't understand that if Malware / Keyloggers were the reason. Theses were downloaded after the last time I had used (sent some bitcoins) my QT wallet password.
Is there still a risk even if your wallet is encrypted , I need to think of some better security.
Router is a BT HomeHub 5.
Will be rebuilding PC later today or tomorrow.
At lease KNC are keeping my other coins safe for me ;-) hope they haven't spent them on anything foolish.
Possible Malware in Maxcoin Clients that I had downloaded.
But still don't understand that if Malware / Keyloggers were the reason. Theses were downloaded after the last time I had used (sent some bitcoins) my QT wallet password.
Is there still a risk even if your wallet is encrypted , I need to think of some better security.
Router is a BT HomeHub 5.
Will be rebuilding PC later today or tomorrow.
At lease KNC are keeping my other coins safe for me ;-) hope they haven't spent them on anything foolish.
Do you have a Mac? There's a bitcoin stealing trojan out there: http://www.securemac.com/CoinThief-BitCoin-Trojan-Horse-MacOSX.php. I'm sorry to hear about your loss, man.
BTW, my Malwarebytes sometimes block outgoing connections originated from Qt Client 0.8.6, for example:
IP-BLOCK 93.115.84.122 (Type: outgoing, Port: 56233, Process: bitcoin-qt.exe)
If anyone knows about this, please share your knowledge.
Thanks!
https://www.projecthoneypot.org/ip_93.115.84.122 IP-BLOCK 93.115.84.122 (Type: outgoing, Port: 56233, Process: bitcoin-qt.exe)
If anyone knows about this, please share your knowledge.
Thanks!
You should contact Augusto Croppo, he has helped members to detect and recover lost from CTS Miner cheating.
PM him at https://bitcointalksearch.org/user/augustocroppo-50315
BTW, my Malwarebytes sometimes block outgoing connections originated from Qt Client 0.8.6, for example:
IP-BLOCK 93.115.84.122 (Type: outgoing, Port: 56233, Process: bitcoin-qt.exe)
If anyone knows about this, please share your knowledge.
Thanks!
PM him at https://bitcointalksearch.org/user/augustocroppo-50315
BTW, my Malwarebytes sometimes block outgoing connections originated from Qt Client 0.8.6, for example:
IP-BLOCK 93.115.84.122 (Type: outgoing, Port: 56233, Process: bitcoin-qt.exe)
If anyone knows about this, please share your knowledge.
Thanks!
Installed any random altcoin clients lately? Another member reporting that may be the culprit.
Would having an encrypted wallet backup that one could drop onto the blockchain.info wallet recovery page be of any use in recovering the bitcoins?
I sometimes wonder about AI. Consider the address: 1JJewUpXpBHNDWVqzkKk7kWa7pQzRGfzpG
How often would a string happen containing Jew and kkk?
How often would a string happen containing Jew and kkk?
I feel really bad for you, the advice I give is if you have coins in your wallet that you have no intention of using in the short term,
put them in a paper wallet.
put them in a paper wallet.
May I ask what router you use? I'm wondering if it's related to the Linksys Exxx router exploit. The exploit was aired on hackernews. If you have a Linksys router among those listed, the hacker could have gained access to the router then to your network. Although if he hacked your very ling QT password then I suppose he could have hacked the router without the exploit.
The following story is only by way of rumor and probably isn't true. There was this matoza ball soup shop and the owners were banking a nice penny every year like clockwork. The owner had a safe in his bedroom. Somehow the owner's daughter's boyfriend got the combination and removed a lot of cash. He was found killed with a bullet to the head according to rumor.
Do you have a daughter with a boyfriend having computer skills?
The following story is only by way of rumor and probably isn't true. There was this matoza ball soup shop and the owners were banking a nice penny every year like clockwork. The owner had a safe in his bedroom. Somehow the owner's daughter's boyfriend got the combination and removed a lot of cash. He was found killed with a bullet to the head according to rumor.
Do you have a daughter with a boyfriend having computer skills?
Encrypted from day 1 with a Strong Password. Only backups are on two separate Pen drives.
Pen drives not moved or used since I did the backup.
If it was a Key-logger, I last entered the Key 22/01/2014 why wait so long to steal ?
Pen drives not moved or used since I did the backup.
If it was a Key-logger, I last entered the Key 22/01/2014 why wait so long to steal ?
Possible. But Not used the Wallet for over a Month, so not typed my Key(password) since 22/01/2014.
Was the wallet encrypted from day one? No chance of an forgotten unencrypted backup sitting in a Dropbox account?
If I followed it correctly, your coins seem to have gone to 1QB8Ds5KbGYBLQa5RyDQ2sVUeSKWf7qgkZ, which I believe is bitmain's. Looks like your stolen coins are being used to buy antminers.
Contact bitmain??
Contact bitmain??
Follow it a bit further. It looks like a few transactions down it gets split three ways.
Jump to: