Pages:
Author

Topic: Hackers Nab $16 Million Worth of BTC Through Wallet Exploit - page 2. (Read 484 times)

hero member
Activity: 1680
Merit: 655
Lesson: Don't install or use older versions of wallets even if it's not Electrum

Sa akin mga nakita in the past masasabi ko na hindi lang ito ang naging kaso sa pagnanakaw gamit ang lumang version ng Electrum. From what I have seen people who mostly use the older/outdated versions of Electrum are the most vulnerable, why? Hackers mainly target outdated versions of Electrum and try to hijack it by putting a notice for the users that they need to update to a "newer version" of Electrum in order to access their wallet. Yung "newer version" na ito is yung malicious version na gawa ng mga scammer na kung saan once na ilagay mo yung private keys mo ay mayayari ka na. Kaya always practice to update your Electrum application as well as read some announcements found in their website, crucial announcements are always announced by them right after the header of their website, just like this one.

legendary
Activity: 2576
Merit: 1655
As @ mk4 said, hindi talaga problema to ng Electrum, again ang problema eh masyadong nag trust dun sa link na pwedeng i download ang latest Electrum without verifying. So another lesson para sa tin to, magkaroon din tayo ng magandang safety practice. Bumili ng hardware wallet, kung limpak limpak na BTC ang hawak natin. Regardless yung iblock ng Binance ung address, gagagawa lang ng bagong address yang hacker, gagamit ng mixer para maitago ang identity nya.
sr. member
Activity: 1330
Merit: 326

 
 My nabasa akong thread ng ganitong issue dito sa forum. It's possible daw na ang na download nyang update ay may malware na kasama. Prone daw ang old version ng electrum sa ganitong issue. Well, im not sure about it. You can read and check it out here;
 
 - https://bitcointalksearch.org/topic/electrum-update-a-trader-lost-1400-btc-5272416
 
 Sad to say pero irreversible na ang transaction at hindi na mababawi ng may ari ang stored bitcoin nya.
member
Activity: 166
Merit: 15
it is mainly the fault of the owner. if you have that kind of btc sitting around in a free wallet, the least thing you can do is to buy the hardware wallet or visit your account as often as possible.


On the other hand, it seems that the hacker who stole the btc has a binance account according to report.  Binance had already blacklisted the addresses involved.

https://cointelegraph.com/news/binance-may-know-who-is-behind-the-1-400-btc-electrum-wallet-hack
mk4
legendary
Activity: 2870
Merit: 3873
Paldo.io 🤖
Kaso diba wala naman certain time para sa isang confirmation? Pero I imagine lang, may mga circumstansces ba na it would take a several days just to have a single confirmation?

Completely depends sa fees na ginamit ng hacker. And yes, pwedeng days ang transaction kung sobrang baba ng fee na ginamit. Chances are though, dahil pwede ngang maisalba ng victim ung funds through doublespending, chances are, obviously gagamit ng higher fees ung hacker para ma-confirm agad ung transaction at the next block.
sr. member
Activity: 658
Merit: 274
Wish for the rain? Then deal with the mud too.
This is a security issue that electrum conveyed a year ago. May pop-up message na sasabihing: "The current version of Electrum you're using is outdated.. Get it here *insert malicious download link*" then bam, your coins are gone. The only thing na marerevert mo to is to do a double-spend once nanotice mong may outgoing transaction sa wallet mo, and hopefully mababa lang yung fee para hindi agad ma-confirm sa network ito.
Good thing if mano-notice agad 'yon nung user or kung pala-check sila  Undecided. Kaso diba wala naman certain time para sa isang confirmation? Pero I imagine lang, may mga circumstansces ba na it would take a several days just to have a single confirmation? And wala bang RBF options ang electrum? Sorry po for noob question haha   Grin I haven't much use such wallets rin, so 'di ko rin masyado na explore dahil more on custodial wallet (coins.ph) ako.
mk4
legendary
Activity: 2870
Merit: 3873
Paldo.io 🤖
I've been using electrum since 2014. Not a single hack nor exploit was used on my wallets na nagkaroon din ng hefty sum kahit papaano. Naging habit ko muna kasing tumingin sa documentation ng electrum at dito sa forum kung may new releases ba sila, kaya never akong naging victim ng ganitong exploit. Also, nakakatikim lang ng internet yung luma kong laptop every time na need ko kumuha ng funds, so yeah.

Electrum is safe enough for users who are practicing extra caution at marunong tumingin sa community for updates and such. I do not despise having a hardware wallet as clearly that is the superior option, though I just don't see any practical uses of it for me.

Yep. Not necessarily that Electrum is the problem per se; more of that people are using Electrum as their main holdings wallet, on a personal computer. Kahit sabihin nating hindi pala download ng kung ano ano ung isang tao, things can go wrong parin.
legendary
Activity: 3542
Merit: 1352
Cashback 15%
This is a security issue that electrum conveyed a year ago. May pop-up message na sasabihing: "The current version of Electrum you're using is outdated.. Get it here *insert malicious download link*" then bam, your coins are gone. The only thing na marerevert mo to is to do a double-spend once nanotice mong may outgoing transaction sa wallet mo, and hopefully mababa lang yung fee para hindi agad ma-confirm sa network ito.

Ang bitcoin at cryptocurrency industry ang isa sa mga susubukang pasukin ng mga tao, kung saan dito nila matututunan ang pinaka malaking security lesson nila. Crazy to think na may mga taong may ganito karaming bitcoin pero Electrum lang ang gamit nila, hindi man lang gumastos ng konti para bumili ng reputable na hardware wallet.

I've been using electrum since 2014. Not a single hack nor exploit was used on my wallets na nagkaroon din ng hefty sum kahit papaano. Naging habit ko muna kasing tumingin sa documentation ng electrum at dito sa forum kung may new releases ba sila, kaya never akong naging victim ng ganitong exploit. Also, nakakatikim lang ng internet yung luma kong laptop every time na need ko kumuha ng funds, so yeah.

Electrum is safe enough for users who are practicing extra caution at marunong tumingin sa community for updates and such. I do not despise having a hardware wallet as clearly that is the superior option, though I just don't see any practical uses of it for me.
hero member
Activity: 1946
Merit: 502
Hirap na talaga ng panahon ngayon. Dapat dobleng ingat. Madiskarte na ang mga hackers/scammers. Dapat talaga i-update palagi ang app/website lalo na pag may mga security updates.

Hackers Nab $16 Million In BTC Through Bitcoin Wallet Exploit
Ang gagaling ng mga hackers ngayon need tlaga ng matinding security, hindi lng sa mga online wallets pati sana exchanges. Nakakalungkot kapag ung pinagpaguran mo eh kukunin lng ng ibang tao.
sr. member
Activity: 644
Merit: 364
In Code We Trust
Kung papansinin, matagal na iniwan ng user ang kanilang bitcoin kumbaga, long term hodling, ibig sabihin ba nito,may risk din talaga kung mag hohodl tayo ng bitcoin? Especially kung mapag iiwanan tayo ng mga updates sa software na ginagamit natin? what about compatibility issues? imagine, kung bibili tayo ng hardware wallet para mag imbak ng BTC for about 10 years at isstore ito sa sobrang safe na place, mayroon kayang kasiguraduhan na compatible parin ang firmware at software na nakainstall sa laptop natin at siguradong maacccess padin ang bitcoins?

nag tataka lang ako dahil old electrum software ang na download niya base sa OP, kaya nag prompt ang new update pero nakuha padin ang BTC's nya.
mk4
legendary
Activity: 2870
Merit: 3873
Paldo.io 🤖
Ang bitcoin at cryptocurrency industry ang isa sa mga susubukang pasukin ng mga tao, kung saan dito nila matututunan ang pinaka malaking security lesson nila. Crazy to think na may mga taong may ganito karaming bitcoin pero Electrum lang ang gamit nila, hindi man lang gumastos ng konti para bumili ng reputable na hardware wallet.

member
Activity: 166
Merit: 15
Hirap na talaga ng panahon ngayon. Dapat dobleng ingat. Madiskarte na ang mga hackers/scammers. Dapat talaga i-update palagi ang app/website lalo na pag may mga security updates.

Hackers Nab $16 Million In BTC Through Bitcoin Wallet Exploit
Pages:
Jump to: