Pages:
Author

Topic: Electrum Wallet (Read 2649 times)

legendary
Activity: 2758
Merit: 6830
December 16, 2017, 11:21:12 AM
#39
Ok, maybe I have to explain what just happened with me -

I used electrum-2.9.3 to send some small amount 0.015 to 149xne93ppwQLww733hNnGmFqj51rNPjBC

I've checked all (sum, fee etc) all was correct but money were sent also to 144BdLLSifbZJEmqnHy8i1QkRdrxxHeFf3

see https://btc.com/ebdd24ff41f92aeef948133e788487e4ce1019eae85949c6be6455e27fbb38cf

I downloaded Electrum from OFFICIAL SITE https://www.electrumsource.org/#download for Windows Standalone.

And used cold storage for my wallet.

I'm shocked.
Except that this "electrumsource.org" is a scam and not the official website.

THE ONLY WEBSITE YOU SHOULD USE TO DOWNLOAD ELECTRUM IS https://electrum.org/ - OTHERS ARE A SCAM!

As I expected, it was your fault (it's always the user's fault). There is nothing wrong with Electrum.
newbie
Activity: 2
Merit: 0
December 16, 2017, 11:14:50 AM
#38
Ok, maybe I have to explain what just happened with me -

I used electrum-2.9.3 to send some small amount 0.015 to 149xne93ppwQLww733hNnGmFqj51rNPjBC

I've checked all (sum, fee etc) all was correct but money were sent also to 144BdLLSifbZJEmqnHy8i1QkRdrxxHeFf3

see https://btc.com/ebdd24ff41f92aeef948133e788487e4ce1019eae85949c6be6455e27fbb38cf

I downloaded Electrum from OFFICIAL SITE https://www.electrumsource.org/#download for Windows Standalone.

And used cold storage for my wallet.

I'm shocked.

newbie
Activity: 2
Merit: 0
December 16, 2017, 10:48:55 AM
#37
Thes same just happened with me !!!! Don't use Electrum for a while.
My money were stolen to this address: https://blockchain.info/address/144BdLLSifbZJEmqnHy8i1QkRdrxxHeFf3
sr. member
Activity: 484
Merit: 250
July 15, 2017, 11:30:52 AM
#36
I sent 10.8+ bitcoin to my Electrum wallet from bitfinex.. as soon as it hit my electrum wallet it sent automatically to another address that I don't own. The time stamps were identical times from when it entered my wallet and when it sent out.. I downloaded the wallet from https://electrum.org/#download

I restarted the wallet and tried to enter my password many times.. its saying wrong password now.

https://blockchain.info/address/17MxKujaf2sFtGzX36tSkVFXwkJCDsSS8J

This really looks like an automatic function built into the wallet to steal coins.


What is going on here?
Silly, I laughed at the title of this article, how an electrum wallet could stole your bitcoin, it was rated as one of the most reliable and secure wallets. I believe you are having some confusion.
full member
Activity: 157
Merit: 113
July 15, 2017, 09:18:39 AM
#35
This address is on the last page of directory.io, the private key is thus well-known.
Seriously - you have used it knowing that?!
legendary
Activity: 3710
Merit: 1586
July 01, 2017, 06:54:14 AM
#34
I am guessing he might of installed some shitcoin wallet on this computer which put some pre-created wallets into his ~APPDATA~/Roaming directories and the hacker just needs to wait for a transaction.

So far 2 people were tricked. The first guy was tricked 4 months ago.

Check your ~APPDATA~/Roaming and see if you got other wallets in there that shouldn't be there.

Reason for the double spends is because maybe someone else installed the virus who was a professional, and knew that other people might send funds to those addresses and since he knew the private key, he started listening in on those addresses also.

The malware theory doesn't make sense because the address' private key wasn't secret. Just google the address and you'll see that the private key for this address is public knowledge. What would be the point of infecting a computer with malware just to send the money to an open vault so to speak?
legendary
Activity: 3808
Merit: 1723
July 01, 2017, 03:03:32 AM
#33
I am guessing he might of installed some shitcoin wallet on this computer which put some pre-created wallets into his ~APPDATA~/Roaming directories and the hacker just needs to wait for a transaction.

So far 2 people were tricked. The first guy was tricked 4 months ago.

Check your ~APPDATA~/Roaming and see if you got other wallets in there that shouldn't be there.

Reason for the double spends is because maybe someone else installed the virus who was a professional, and knew that other people might send funds to those addresses and since he knew the private key, he started listening in on those addresses also.
legendary
Activity: 3710
Merit: 1586
June 30, 2017, 11:26:59 PM
#32
Guys I downloaded from the official website the installer: https://electrum.org/#download

I did this today.. it's not like I forgot, I still have the exe in my download history on firefox.

This is what's weird.. it's like something placed the Wallet.dat into my roaming folder so when I started electrum it never asked me to create the wallet, I just foolishly thought I had installed electrum at an earlier date. Like I said I had seen 4 transactions and just assumed it was from me doing stuff awhile back. Either that or some one had stolen my wallet.dat awhile back.

Seems like I just sent away $27,000 to some random person thinking it was my own safe key..


what a nightmare.


This is sort of what happened but why would a malware author create a wallet file containing an address with a publicly known private key? If he does that he can't guarantee that he will get the money. Anyone could steal from such an address. Are you sure you didn't create this wallet file yourself in the past when browsing directory.io? Perhaps you were having a bit of fun trying out some of those private keys listed there.

What happens when you go to wallet menu > seed on this wallet. I'm guessing the seed option is grayed out because this wallet only contains imported private keys from directory.io's last page.

Since version 2.0 electrum has only generated compressed private keys. This address uses an uncompressed private key which is long obsolete.
legendary
Activity: 3472
Merit: 10611
June 30, 2017, 10:11:18 PM
#31
which one of those links did you click to download? tell us so we can double check the link
did you check the signature of the file after you downloaded it? if you don't know how, say what OS you are running so we can explain how.

if the above is true then the only reason is the #2. that Danny said.
It can not be #2 because the address that the money sent too is already an old address with known public key . So it is prob number #1


yes but i said if the two criteria i mentioned were met then it would be #2.
and it is not a complicated malware either. it can be a simple code that doesn't even have to run in the background. it just runs once and injects a wallet file called "Default_wallet" in the directory. the format of the wallet file is in a way that contains that key as its primary receive address.
legendary
Activity: 3808
Merit: 1723
June 30, 2017, 06:25:49 PM
#30
Hmm...

When you search the BTC address he used. Google returns the private key from directory.io

Maybe the google spider bot is scanning all the private keys in existance and someone uses a bot too see if any results from directory.io return a valid address with funds

No idea whats going on exactly because why would malware reuse a private key thats public?
sr. member
Activity: 840
Merit: 266
June 30, 2017, 05:14:02 AM
#29
- snip -
Maybe try to get in touch with allprivatekeys .com maybe they can help you because they have this address listed with its private key .

There is nothing they can do.  The bitcoins are spent and confirmed to address 1qxtRzvB8fsXyQjtiGDF56hC6GewTez4x.  Only the person that has access to the private key for 1qxtRzvB8fsXyQjtiGDF56hC6GewTez4x can do anything with those bitcoins.
Well i do agree with you the only one that can get his money back is 1qxtRzvB8fsXyQjtiGDF56hC6GewTez4x owner   . I mean they can help him to know what happen since they have the address listed there . They may know what really happened .
 

which one of those links did you click to download? tell us so we can double check the link
did you check the signature of the file after you downloaded it? if you don't know how, say what OS you are running so we can explain how.

if the above is true then the only reason is the #2. that Danny said.
It can not be #2 because the address that the money sent too is already an old address with known public key . So it is prob number #1
full member
Activity: 184
Merit: 100
June 29, 2017, 10:33:08 PM
#28
which one of those links did you click to download? tell us so we can double check the link
did you check the signature of the file after you downloaded it? if you don't know how, say what OS you are running so we can explain how.

if the above is true then the only reason is the #2. that Danny said.

Yes
legendary
Activity: 3472
Merit: 10611
June 29, 2017, 10:26:21 PM
#27
which one of those links did you click to download? tell us so we can double check the link
did you check the signature of the file after you downloaded it? if you don't know how, say what OS you are running so we can explain how.

if the above is true then the only reason is the #2. that Danny said.
full member
Activity: 184
Merit: 100
June 29, 2017, 10:22:26 PM
#26



what a nightmare.
sr. member
Activity: 378
Merit: 250
June 29, 2017, 10:09:46 PM
#25
Not likely. Electrum is one of the most reputed and trusted wallets in the Bitcoin community. I don't think that they would destroy their entire reputation just for 10Bitcoin. There are 2 things that could have gone wrong.

You could have downloaded a tampered version of Electrum. This may have had a malicious file imprinted in it. Did you download it from the official Electrum website?

Another reason could be a trojan or some other hidden file hacked your computer. A hacker could have remotely implanted a virus in your computer and redirected your Bitcoin to another address.
vh
hero member
Activity: 699
Merit: 666
June 29, 2017, 09:57:20 PM
#24
Based on the transaction from 4 months ago and that particular destination address of the tx, (after a little googling) you can come to the conclusion the private key to that address was bot monitored, even at that time.  

How it ended up in your wallet is still an open matter of concern, esp. if you didn't import it in yourself by mistake.
legendary
Activity: 3514
Merit: 4895
June 29, 2017, 09:42:38 PM
#23
Doesn't Electrum have you make a 12 word seed or something that it derives all your private keys from?

It makes it for you, but is has you record it.

Did you use a common or literary phrase as your seed?

That's not how it works.

If so, I'm sure bots would be watching addresses hashed from those seed words.

Electrum doesn't hash the seed words.
newbie
Activity: 19
Merit: 0
June 29, 2017, 09:34:33 PM
#22
Doesn't Electrum have you make a 12 word seed or something that it derives all your private keys from?  Did you use a common or literary phrase as your seed?  If so, I'm sure bots would be watching addresses hashed from those seed words.
legendary
Activity: 3514
Merit: 4895
June 29, 2017, 09:26:23 PM
#21
- snip -
Maybe try to get in touch with allprivatekeys .com maybe they can help you because they have this address listed with its private key .

There is nothing they can do.  The bitcoins are spent and confirmed to address 1qxtRzvB8fsXyQjtiGDF56hC6GewTez4x.  Only the person that has access to the private key for 1qxtRzvB8fsXyQjtiGDF56hC6GewTez4x can do anything with those bitcoins.
sr. member
Activity: 840
Merit: 266
June 29, 2017, 09:24:03 PM
#20
I am very sorry for what happened to you it is really a lot of money . I have go throw all posts and from what i see it is most likely you downloaded a fake
electrum app what makes me think that is the password part because if you just happen to sent to wrong address you would have still be able to login to your wallet the way your password did not work anymore means it was prob fake electrum wallet from the start . But there is another part to this is . A fake wallet that have pre installed addresses why the hacker put an address that its private key is known to public !! that is really strange .

Take a look into this : https://bitaps.com/17MxKujaf2sFtGzX36tSkVFXwkJCDsSS8J look close to this there is 2 double spent after each other and 4 months ago same thing 2 double spent which make me think it is a script not just someone was online and sent as fast as he saw you btc . But still if this is a script why it use an address that have its private key known .

Maybe try to get in touch with allprivatekeys .com maybe they can help you because they have this address listed with its private key .
Pages:
Jump to: