Author

Topic: Help - Bitcoin Stealer - Electrum4.0 (Read 183 times)

member
Activity: 322
Merit: 20
Donating 10% to charity
March 14, 2019, 10:32:46 AM
#12
Electrum warned about those phishing links in their download section for Linux, it's where i'm sure they did.

Be careful with those, consider that the cost of the lesson. Be careful with phishing links, anywhere. It's not only about crypto but any financial system.

You also have to look after your information, since for you it might not seem like much. But hackers send them in a bulk in the dark web/dark net. They know how to monetize information just like ad companies, just with different methodologies.
jr. member
Activity: 378
Merit: 4
March 14, 2019, 10:08:07 AM
#11
im sorry about your lose my friend.i hope its not a huge amount.even it is, you better do some research before take an action as you experienced it with that.
legendary
Activity: 3066
Merit: 1312
March 14, 2019, 10:03:40 AM
#10
The transaction is not confirmed. Maybe somebody more familiar with RBF can help OP very quick?

Edit: OP, in order to recover your funds you need a new transaction from that wallet that send the coins elsewhere. Your current wallet is compromised so you'll need a new wallet (from electrum.org !!) on a clean computer. And a RBF tx should send the money to the clean wallet. Unfortunately I've never needed RBF so I don't know how to build it.
No, there is no way to recover his funds if the transaction is broadcasted. RBF is only used for increasing the miner's fee and it's nothing to do with this transaction.

Let's hope that his transaction will be rejected by the network if no one mines the block that includes this transaction the funds will going back to his wallet.
Op should remove the Electrum 4.0 in his PC because it's a fake wallet the latest version of electrum is currently Electrum-3.3.4.

The hacker used 2.4sat/byte for the fee, although it is a small fee but I dont think it will be rejected by the network. There are many other transactions using such low fees. Currently there are more than 2400 unconfirmed transcation with 1-2sat/byte as the fee. Approximately will be confirmed within 3-39 blocks or up to 8 hours.
Perhaps what is suggested by Coding Enthusiast is the best thing to do as soon as possible. Hopefully he can get his btc back by that suggested ways. Although the chance is small but it is still worth to try instead of doing nothing.
hero member
Activity: 1582
Merit: 670
March 14, 2019, 09:59:05 AM
#9
If you are fast and a little lucky you can stop this. But it will only work as long as the other transaction (51ff1786...) is not confirmed.
1. Go to https://electrum.org/download.html and download the latest wallet version, verify its signature and install it.
2. Import your seed and let it sync (you may not need to do this, you just have to open the newly installed wallet.)
3. [Important]From menu select File > New/restore option and follow the steps to create a new wallet. You have to create a new wallet to get a new address because your other wallet with all its addresses (even the ones you generate in the future) are compromised.
4. Select a new address from the new wallet and go back to other (old/hacked) wallet and send all your coins to this new address. [Important]Set the fee to 45 satoshi/byte. This amount is according to mempool about 15 satoshi/byte higher than the minimum for high priority transactions and you want to get your new tx confirmed as fast as possible.

P.S. I doubt that the hacker is watching the mempool for double spends but if they are then you have to repeat step 4 with a higher fee in an arms race to get your transaction confirmed faster than the hacker.
And good luck.


Unfortunately, there is no return after such transactions. I hope you find a way to get it back. Once stolen my 0.03 BTC and I didn't get it back.
legendary
Activity: 3472
Merit: 3217
Playbet.io - Crypto Casino and Sportsbook
March 14, 2019, 09:44:34 AM
#8
The transaction is not confirmed. Maybe somebody more familiar with RBF can help OP very quick?

Edit: OP, in order to recover your funds you need a new transaction from that wallet that send the coins elsewhere. Your current wallet is compromised so you'll need a new wallet (from electrum.org !!) on a clean computer. And a RBF tx should send the money to the clean wallet. Unfortunately I've never needed RBF so I don't know how to build it.
No, there is no way to recover his funds if the transaction is broadcasted. RBF is only used for increasing the miner's fee and it's nothing to do with this transaction.

Let's hope that his transaction will be rejected by the network if no one mines the block that includes this transaction the funds will going back to his wallet.
Op should remove the Electrum 4.0 in his PC because it's a fake wallet the latest version of electrum is currently Electrum-3.3.4.


Edit: Before you follow the method by Coding Enthusiast you must fully remove the electrum 4.0 from your machine because if you just install the 3.3.4 wallet his method is useless.

To fully remove the fake Electrum 4.0 you need a 3rd party advanced uninstaller to delete all traces and registered registry. Use this tool IObit Uninstaller
Then after uninstalled the fake electrum restarts your PC and install the correct Electrum version which is Electrum-3.3.4 from electrum.org . If you are lucky then you can send your bitcoin with a higher fee and send it to a new wallet.
legendary
Activity: 1042
Merit: 2805
Bitcoin and C♯ Enthusiast
March 14, 2019, 09:34:28 AM
#7
If you are fast and a little lucky you can stop this. But it will only work as long as the other transaction (51ff1786...) is not confirmed.
1. Go to https://electrum.org/download.html and download the latest wallet version, verify its signature and install it.
2. Import your seed and let it sync (you may not need to do this, you just have to open the newly installed wallet.)
3. [Important]From menu select File > New/restore option and follow the steps to create a new wallet. You have to create a new wallet to get a new address because your other wallet with all its addresses (even the ones you generate in the future) are compromised.
4. Select a new address from the new wallet and go back to other (old/hacked) wallet and send all your coins to this new address. [Important]Set the fee to 45 satoshi/byte. This amount is according to mempool about 15 satoshi/byte higher than the minimum for high priority transactions and you want to get your new tx confirmed as fast as possible.

P.S. I doubt that the hacker is watching the mempool for double spends but if they are then you have to repeat step 4 with a higher fee in an arms race to get your transaction confirmed faster than the hacker.
And good luck.
legendary
Activity: 2030
Merit: 1573
CLEAN non GPL infringing code made in Rust lang
March 14, 2019, 09:12:44 AM
#6
hello

sorry my english isn't the best.

I had download the fake wallet Electrum 4.0 this was hackt and all my bitcoins are in this transaction.

I have keys and seed of my wallet, but I dont know how I can stop this transaction, to get the bitcoins back.

This does not exist, you downloaded a fake wallet designed to steal bitcoin.

True Electrum is located in https://electrum.org/

Last version is currently 3.3.4.

All bitcoin transactions are final, nothing can be recovered once your broadcast gets 1 confirmation in the blockchain.

You should format that computer and start from zero, i recommend you use Linux.

This forum contains an Electrum Wallet sub-forum where you can inquire more information.

Moral of the story: Stop downloading programs to handle money without double checking first. This is a problem that has been occurring to windows users for decades, and its not even related to Bitcoin, its called phishing. There is no excuse if you install a trojan or malware when its because of your own actions. Electrum is not at fault here, there have been phishing attacks from email and the web since at least the 90ies.

Yes there is a slight chance to save funds if you hurry and send them to another address using a higher fee, before it gets confirmed. To do that just download true Electrum (from a clean computer) recover your wallet using the seed words and do the transaction, do this real quick. Good luck.
legendary
Activity: 3668
Merit: 6382
Looking for campaign manager? Contact icopress!
March 14, 2019, 09:07:34 AM
#5
The transaction is not confirmed. Maybe somebody more familiar with RBF can help OP very quick?

Edit: OP, in order to recover your funds you need a new transaction from that wallet that send the coins elsewhere. Your current wallet is compromised so you'll need a new wallet (from electrum.org !!) on a clean computer. And a RBF tx should send the money to the clean wallet. Unfortunately I've never needed RBF so I don't know how to build it.
newbie
Activity: 2
Merit: 0
March 14, 2019, 09:03:40 AM
#4
Hello

PLease Help

Here are my Bitcoins:
51ff178629f0d67267f91fe25061879bd5bc378569ccecac05fdd86352c5859c

Please Help

Compua

hello

sorry my english isn't the best.

I had download the fake wallet Electrum 4.0 this was hackt and all my bitcoins are in this transaction.

I have keys and seed of my wallet, but I dont know how I can stop this transaction, to get the bitcoins back.

legendary
Activity: 1638
Merit: 1163
Where is my ring of blades...
March 14, 2019, 09:00:06 AM
#3
unfortunately there is nothing you can do about it because bitcoin transactions are irreversible.

the wallet installer that you have downloaded here is a fake Electrum and is using version number "4.0" to fool people into downloading it. otherwise the "real" electrum does not have that version yet.

just cut your losses and next time try to only install legitimate bitcoin related software from legitimate sources and always demand a digital signature if they don't have it already and then verify those signatures before installing the applications.
sr. member
Activity: 2296
Merit: 470
Telegram: @jperryC
March 14, 2019, 08:58:42 AM
#2
Welcome to the forum, it's seems that you've been scammed isn't? but in order for those who're experts or professional here (if there are some) you should provide complete information like what exactly happened? how much is it. etc. I think there are some users here who helps you to track scammers through bitcoin transaction but you needed to pay their fee... but for now please give more details on what happened.
newbie
Activity: 2
Merit: 0
March 14, 2019, 08:40:37 AM
#1
Hello

PLease Help

Here are my Bitcoins:
51ff178629f0d67267f91fe25061879bd5bc378569ccecac05fdd86352c5859c

Please Help

Compua
Jump to: