Topic: Help recover stolen bitcoins?? How did it happen? (Read 1913 times)

My name is Tracy Foust
My email is [email protected]
Mobile phone 301-343-0449
office phone 410-990-9506


I was seeking help for my Bittrex account and called this number:

https://www.cryptocustomerreview.com/question/what-is-the-best-way-to-contact-bittrex-customer-support/

The person on the end of the phone line was supposed to assist me in improving my security and instead,
drained my account of all my crypto currency (about $3000.00).   This happened at about 4:00 PM Eastern Standard Time
If there is anything I can do to assist you in investigation this crime, please contact me.
I have been trying to tell as many people as possible.  I subsequently found out that if you search for the number
that I called (   1-888-411-8901   )   It comes up as a Customer Support Number foe many organizations.
Please pass the word about this scam.

Tracy

Very sorry for your loss this exact same incident happend to me last moth in my poloniex account.
there are 2-3 possibility.
1.There are key loggers in your mc.
2.Some hacker have a remote session going on your computer.

In both of the case you need to reformat your computer as sooon as possible.
Blockchain transactions cannot be reversed.Hence i am afraind you have digest this loss.
Stay safe for future.

Try to re-format your PC but turn off your internet connection before you installed and try to disable your LAN connection then proceed,it might someone is trying to hacked your entire system..

"contacting customer service assistance" ?
Smile !!

They cant be of help,not them and not anyone because bitcoin transaction is not reversible. The stolen bitcoin is as good as gone !

Also try a wallet with 2-factor authentication for added security. Use a dedicated cheap clean cellphone that's sole purpose is to generate the codes if you must. Don't let it connect to the internet often aside from syncing. It's not 100% secure as stated here https://sites.cns.utexas.edu/oit-blog/blog/can-two-factor-authentication-be-hacked , but it gives more protection for your wallet. If you don't plan on sending out bitcoins often then use a cold storage wallet.

NO! This is not how to use a "two computer" setup... As soon as you connect that 2nd PC to a network you are potentially exposing it... You want to use the 2nd one completely offline and keep it "air gapped"... No Ethernet, no WiFi, no Bluetooth... Basically no networking functionality (after the OS has been installed).

This wiki entry is probably a little outdated, but explains the concept: https://en.bitcoin.it/wiki/How_to_set_up_a_secure_offline_savings_wallet

Scary stuff, I also vote for hardware wallets as the most secure.

How about a dedicated computer just for holding wallets? we are always upgrading parts, I can probably make a no-frills offline machine just to hold my wallets, and connect to the internet only to send and receive coins.

if you didn't accidentally send on that address maybe have someone know your private key or maybe you login in net cafe that have a keyloggers...reminders to all netcafe user dont forget to clear your history and cache before leaving because some net cafe they install keylogger to copy your password...

Hi sir,

To avoid this type of thing from occurring, you can purchase a hardware wallet. If offers much much greater protection than the method you are using, regardless if your computer is compromised or not. With a legitimate hardware wallet, you are very likely to put the breaks on hackers.

To add to this, a virus is a piece of malware but a piece of malware may not always be a virus. There are other categories such as trojans that cause issues with computers and enter them the same way viruses do.

Most wide-spread malware is protected by antivirus software. There are software that antivirus doesn't trust like some antiviruses don't trust the Bitcoin Core wallet for example.
Antiviruses measure familiarity with code and how widespread it is to determine its safety (signatures used to generate the code are also checked). Higher level languages are not checked as easily by AV software as lower level/intermediate languages are and therefore, getting a piece of software that is cleared by AV to run another piece of software/code that isn't can be a main producer of issues.


That's a good suggestion, the disk needs the operating system completely uninstalling and anything else on the disk completely removed. Then the operating system can be reinstalled and tested with smaller amounts.

---

I would say @OP as this issue has happened to you once, if you stick with Bitcoin, try and change the way you surf the web or change how you store you coins.

The coins seem to have finished up in this address: 1Kefz6BcNjK6MhTrLnr2KAQq8KyPNCeMSS
Keep track of that OP and see if the coins move anywhere else after that (though that might take a while).

This is why i dont really trust completely on anti-viruses which even if i do have AV i dont usually download random things online. Come to think off that they are just the online ones who do made viruses for the sake that they Anti-virus would sell off.(Just my own view). Regarding on op,that was a big loss 0.6 btc is already a big amount if you do see on current price of bitcoin and reversing the transaction isnt possible.Forget those coins and move on.

It is tough to know if your new wallet is compromised or not... you should completely refresh the entire system or reinstallation process.

No, they aren't.


Anti-virus software may try to detect some malware, but it would be impossible for it to detect all malware.

What OS are you running?
Did you do stuff over WiFi recently?

There's a recent WiFi vulnerability. I don't know if it's related or what kind of information can leak, but have a look:
https://www.bleepingcomputer.com/news/security/list-of-firmware-and-driver-updates-for-krack-wpa2-vulnerability/

Nowadays these are practically synonyms, and antiviruses detect both.

You cant do much, unless you know how to monitor your outgoing traffic, there are many softwares which can help you with this. Lookout for strange ips your computer is trying to communicate with, You may get lucky and find your attackers ip, if they are not using any sorts of proxies or vpns. That's your only chance of finding out who was behind the attack. Other than that you can't do much sadly.

In that case, it probably is not a virus.  It is probably malware.  At some point in the past, you may have installed a program that you thought was legitimate, and that program was probably designed to steal your bitcoins.

Have you ever installed any pirated software on your computer?
Have you installed wallets for any altcoins on your computer?

Both of those are very common ways to unknowingly install malware.

The other possibility is that you downloaded software from a phishing site without realizing it.  Some phishing sites can look exactly like the real site.  When was the last time that you downloaded some software from a website?


Malware on your computer can look for an installed wallet. It can then capture your password as you type it.  Once it has your wallet and your password, it can access your private keys and spend your bitcoins.

That's not enough: It's always wise to assume your computer has been compromised, so backup and reinstall before making a new wallet.

Satoshi recommended to never delete a wallet, so just in case: keep your old wallet too, just don't send any coins to it ever again.

Windows can run many virusses that are designed to steal your Bitcoins.

It sucks now, but for future use: create cold storage offline! Writing down a private key from a hot wallet on a piece of paper is much riskier than creating a paper wallet offline from a Linux LIVE CD.

I cannot possibly correct your Microsoft Windows Lifestyle. But allow me to remind you that "anti-virus" programs are a bunch of fraud. Never ever rely on a fraud. They are just windows with progress bars. Most probably your anti-virus is just a trojan. And most of you who uses Windows Operating System have this notion that antivirus programs are legit and you never suspect it. Antivirus program is not a god. Do not worship it. Shift to using Linux and this thing will never happen again. Study LINUX. You will never ever have this problem again. You will not need a stupid antivirus or anti-malware created by fraudsters. To steal your Bitcoins.

But HOW did they know my address? and access my comp? And find My prvate key?

I want these fucking thieves to burn a slow painful death

the drive passed several anti virus scans...

I'm wiping and formating and installing a clean fresh windows now on another comp

This drive is a clone so i must kill it also