Electrum Wallet | Bitcointalksearch.org

TryNinja

legendary

Activity: 2758

Merit: 6830

Quote from: NikolayL on December 16, 2017, 12:14:50 PM

Ok, maybe I have to explain what just happened with me -

I used electrum-2.9.3 to send some small amount 0.015 to 149xne93ppwQLww733hNnGmFqj51rNPjBC

I've checked all (sum, fee etc) all was correct but money were sent also to 144BdLLSifbZJEmqnHy8i1QkRdrxxHeFf3

see https://btc.com/ebdd24ff41f92aeef948133e788487e4ce1019eae85949c6be6455e27fbb38cf

I downloaded Electrum from OFFICIAL SITE https://www.electrumsource.org/#download for Windows Standalone.

And used cold storage for my wallet.

I'm shocked.

Except that this "electrumsource.org" is a scam and not the official website.

THE ONLY WEBSITE YOU SHOULD USE TO DOWNLOAD ELECTRUM IS https://electrum.org/ - OTHERS ARE A SCAM!

As I expected, it was your fault (it's always the user's fault). There is nothing wrong with Electrum.

NikolayL

newbie

Activity: 2

Merit: 0

Ok, maybe I have to explain what just happened with me -

I used electrum-2.9.3 to send some small amount 0.015 to 149xne93ppwQLww733hNnGmFqj51rNPjBC

I've checked all (sum, fee etc) all was correct but money were sent also to 144BdLLSifbZJEmqnHy8i1QkRdrxxHeFf3

see https://btc.com/ebdd24ff41f92aeef948133e788487e4ce1019eae85949c6be6455e27fbb38cf

I downloaded Electrum from OFFICIAL SITE https://www.electrumsource.org/#download for Windows Standalone.

And used cold storage for my wallet.

I'm shocked.

NikolayL

newbie

Activity: 2

Merit: 0

Thes same just happened with me !!!! Don't use Electrum for a while.
My money were stolen to this address: https://blockchain.info/address/144BdLLSifbZJEmqnHy8i1QkRdrxxHeFf3

foxbat

sr. member

Activity: 484

Merit: 250

Quote from: overnightmillionaire on June 29, 2017, 09:05:15 PM

I sent 10.8+ bitcoin to my Electrum wallet from bitfinex.. as soon as it hit my electrum wallet it sent automatically to another address that I don't own. The time stamps were identical times from when it entered my wallet and when it sent out.. I downloaded the wallet from https://electrum.org/#download

I restarted the wallet and tried to enter my password many times.. its saying wrong password now.

https://blockchain.info/address/17MxKujaf2sFtGzX36tSkVFXwkJCDsSS8J

This really looks like an automatic function built into the wallet to steal coins.

What is going on here?

Silly, I laughed at the title of this article, how an electrum wallet could stole your bitcoin, it was rated as one of the most reliable and secure wallets. I believe you are having some confusion.

SopaXT

full member

Activity: 158

Merit: 113

This address is on the last page of directory.io, the private key is thus well-known.
Seriously - you have used it knowing that?!

Abdussamad

legendary

Activity: 3612

Merit: 1564

Quote from: adaseb on July 01, 2017, 04:03:32 AM

I am guessing he might of installed some shitcoin wallet on this computer which put some pre-created wallets into his ~APPDATA~/Roaming directories and the hacker just needs to wait for a transaction.

So far 2 people were tricked. The first guy was tricked 4 months ago.

Check your ~APPDATA~/Roaming and see if you got other wallets in there that shouldn't be there.

Reason for the double spends is because maybe someone else installed the virus who was a professional, and knew that other people might send funds to those addresses and since he knew the private key, he started listening in on those addresses also.

The malware theory doesn't make sense because the address' private key wasn't secret. Just google the address and you'll see that the private key for this address is public knowledge. What would be the point of infecting a computer with malware just to send the money to an open vault so to speak?

adaseb

legendary

Activity: 3738

Merit: 1708

I am guessing he might of installed some shitcoin wallet on this computer which put some pre-created wallets into his ~APPDATA~/Roaming directories and the hacker just needs to wait for a transaction.

So far 2 people were tricked. The first guy was tricked 4 months ago.

Check your ~APPDATA~/Roaming and see if you got other wallets in there that shouldn't be there.

Reason for the double spends is because maybe someone else installed the virus who was a professional, and knew that other people might send funds to those addresses and since he knew the private key, he started listening in on those addresses also.

Abdussamad

legendary

Activity: 3612

Merit: 1564

Quote from: overnightmillionaire on June 29, 2017, 11:22:26 PM

Guys I downloaded from the official website the installer: https://electrum.org/#download

I did this today.. it's not like I forgot, I still have the exe in my download history on firefox.

This is what's weird.. it's like something placed the Wallet.dat into my roaming folder so when I started electrum it never asked me to create the wallet, I just foolishly thought I had installed electrum at an earlier date. Like I said I had seen 4 transactions and just assumed it was from me doing stuff awhile back. Either that or some one had stolen my wallet.dat awhile back.

Seems like I just sent away $27,000 to some random person thinking it was my own safe key..

what a nightmare.

This is sort of what happened but why would a malware author create a wallet file containing an address with a publicly known private key? If he does that he can't guarantee that he will get the money. Anyone could steal from such an address. Are you sure you didn't create this wallet file yourself in the past when browsing directory.io? Perhaps you were having a bit of fun trying out some of those private keys listed there.

What happens when you go to wallet menu > seed on this wallet. I'm guessing the seed option is grayed out because this wallet only contains imported private keys from directory.io's last page.

Since version 2.0 electrum has only generated compressed private keys. This address uses an uncompressed private key which is long obsolete.

pooya87

legendary

Activity: 3472

Merit: 10611

Quote from: khufuking on June 30, 2017, 06:14:02 AM

Quote from: pooya87 on June 29, 2017, 11:26:21 PM

which one of those links did you click to download? tell us so we can double check the link
did you check the signature of the file after you downloaded it? if you don't know how, say what OS you are running so we can explain how.

if the above is true then the only reason is the #2. that Danny said.

It can not be #2 because the address that the money sent too is already an old address with known public key . So it is prob number #1

yes but i said if the two criteria i mentioned were met then it would be #2.
and it is not a complicated malware either. it can be a simple code that doesn't even have to run in the background. it just runs once and injects a wallet file called "Default_wallet" in the directory. the format of the wallet file is in a way that contains that key as its primary receive address.

adaseb

legendary

Activity: 3738

Merit: 1708

Hmm...

When you search the BTC address he used. Google returns the private key from directory.io

Maybe the google spider bot is scanning all the private keys in existance and someone uses a bot too see if any results from directory.io return a valid address with funds

No idea whats going on exactly because why would malware reuse a private key thats public?

khufuking

sr. member

Activity: 840

Merit: 266

Quote from: DannyHamilton on June 29, 2017, 10:26:23 PM

Quote from: khufuking on June 29, 2017, 10:24:03 PM

- snip -
Maybe try to get in touch with allprivatekeys .com maybe they can help you because they have this address listed with its private key .

There is nothing they can do. The bitcoins are spent and confirmed to address 1qxtRzvB8fsXyQjtiGDF56hC6GewTez4x. Only the person that has access to the private key for 1qxtRzvB8fsXyQjtiGDF56hC6GewTez4x can do anything with those bitcoins.

Well i do agree with you the only one that can get his money back is 1qxtRzvB8fsXyQjtiGDF56hC6GewTez4x owner . I mean they can help him to know what happen since they have the address listed there . They may know what really happened .

Quote from: pooya87 on June 29, 2017, 11:26:21 PM

which one of those links did you click to download? tell us so we can double check the link
did you check the signature of the file after you downloaded it? if you don't know how, say what OS you are running so we can explain how.

if the above is true then the only reason is the #2. that Danny said.

It can not be #2 because the address that the money sent too is already an old address with known public key . So it is prob number #1

overnightmillionaire

full member

Activity: 184

Merit: 100

Quote from: pooya87 on June 29, 2017, 11:26:21 PM

which one of those links did you click to download? tell us so we can double check the link
did you check the signature of the file after you downloaded it? if you don't know how, say what OS you are running so we can explain how.

if the above is true then the only reason is the #2. that Danny said.

Yes

pooya87

legendary

Activity: 3472

Merit: 10611

which one of those links did you click to download? tell us so we can double check the link
did you check the signature of the file after you downloaded it? if you don't know how, say what OS you are running so we can explain how.

if the above is true then the only reason is the #2. that Danny said.

overnightmillionaire

full member

Activity: 184

Merit: 100

what a nightmare.

DOGE12321

sr. member

Activity: 378

Merit: 250

Not likely. Electrum is one of the most reputed and trusted wallets in the Bitcoin community. I don't think that they would destroy their entire reputation just for 10Bitcoin. There are 2 things that could have gone wrong.

You could have downloaded a tampered version of Electrum. This may have had a malicious file imprinted in it. Did you download it from the official Electrum website?

Another reason could be a trojan or some other hidden file hacked your computer. A hacker could have remotely implanted a virus in your computer and redirected your Bitcoin to another address.

vh

hero member

Activity: 699

Merit: 666

Based on the transaction from 4 months ago and that particular destination address of the tx, (after a little googling) you can come to the conclusion the private key to that address was bot monitored, even at that time.

How it ended up in your wallet is still an open matter of concern, esp. if you didn't import it in yourself by mistake.

DannyHamilton

legendary

Activity: 3416

Merit: 4658

Quote from: xenotrunksx on June 29, 2017, 10:34:33 PM

Doesn't Electrum have you make a 12 word seed or something that it derives all your private keys from?

It makes it for you, but is has you record it.

Quote from: xenotrunksx on June 29, 2017, 10:34:33 PM

Did you use a common or literary phrase as your seed?

That's not how it works.

Quote from: xenotrunksx on June 29, 2017, 10:34:33 PM

If so, I'm sure bots would be watching addresses hashed from those seed words.

Electrum doesn't hash the seed words.

xenotrunksx

newbie

Activity: 19

Merit: 0

Doesn't Electrum have you make a 12 word seed or something that it derives all your private keys from? Did you use a common or literary phrase as your seed? If so, I'm sure bots would be watching addresses hashed from those seed words.

DannyHamilton

legendary

Activity: 3416

Merit: 4658

Quote from: khufuking on June 29, 2017, 10:24:03 PM

- snip -
Maybe try to get in touch with allprivatekeys .com maybe they can help you because they have this address listed with its private key .

There is nothing they can do. The bitcoins are spent and confirmed to address 1qxtRzvB8fsXyQjtiGDF56hC6GewTez4x. Only the person that has access to the private key for 1qxtRzvB8fsXyQjtiGDF56hC6GewTez4x can do anything with those bitcoins.

khufuking

sr. member

Activity: 840

Merit: 266

I am very sorry for what happened to you it is really a lot of money . I have go throw all posts and from what i see it is most likely you downloaded a fake
electrum app what makes me think that is the password part because if you just happen to sent to wrong address you would have still be able to login to your wallet the way your password did not work anymore means it was prob fake electrum wallet from the start . But there is another part to this is . A fake wallet that have pre installed addresses why the hacker put an address that its private key is known to public !! that is really strange .

Take a look into this : https://bitaps.com/17MxKujaf2sFtGzX36tSkVFXwkJCDsSS8J look close to this there is 2 double spent after each other and 4 months ago same thing 2 double spent which make me think it is a script not just someone was online and sent as fast as he saw you btc . But still if this is a script why it use an address that have its private key known .

Maybe try to get in touch with allprivatekeys .com maybe they can help you because they have this address listed with its private key .

Topic: Electrum Wallet (Read 2634 times)