Topic: I GOT HACKED AND LOST 1 MILLION (Read 25034 times)

I did a follow up and I can now confirm that the scammer's domain is no longer active.
The new GitHub profile was also removed.

Thanks to whoever took their time to report both the domain and the GitHub profile for abuse.

If all parties played their part I have no doubt the scam numbers would fall all round.

People in the forum highlight them but then it is up to others (Github, domain registrar, web host etc) to ensure they do not get a chance to succeed in their scams.

Probably because they're too small of a fish to dedicate law enforcement resources to. This is unfortunately pretty common with internet crime. Don't expect the feds to do anything if you haven't lost significant amounts. (Although in this case, it does seem pretty significant)

It's really up to github to keep removing these projects really, which can be quite difficult if they just keep popping back up under new accounts.

If reported to the the law enforcement agencies why are the domain and Git still active?

Basically Namecheap should remove their account for   "electrumdiamond.org". But it seems to be difficult to contact the Namecheap support at all.

The bastard(s) is(are) still online with a new profile on github called "electrums".
It was made 9 days ago





I hope no one has fallen for their malware so far. I am going to try to report their profile

Any more information on this scam?

You might wanna remove the URL. You never know some might download it, thinking its legit.

and ... the hackers wallet is online again:       http://electrumdiamond.org/

I think Github has kicked them. They have renamed the executable to version 3.0.5.3 and put it into the file system download directory.

disgusting

If this was accurate, you can contact these Exchanges (not customer service) for their cooperation. Kraken may be impossible but Binance might answer you.
An Email containing complete info on your ownership of the addresses' funds, Some personal info and/or Clearance together with a detailed explanation of your statement.

Why? Given that you have the Full Proof of ownership and you can proove that you're not the one who moved the funds,
Exchanges like Binance requires KYC policy to their users and they have the power to point you to any leads to the Culprit.
This can get you to a real person which can be questioned for more leads.
And even if it was withdrawn to a "Mixing" address (unless they tolerate crimes), you can also contact the service provider to provide the final address where the funds (2btc from Binance?) are being held.

But it's been quite long since the hacking incident, I can only assume that it was already laundered as "investments" to micro-earning sites or loans.

I feel sorry for you.  It can happen to anyone.  Problem is you had too many altcoin wallets on your machine.  You should have only run bitcoin.org core offline wallet compiled from sources.  

You should have used a dedicated, clean machine to access your coins or online accounts. And never web browse or install anything on that machine.  QT Wallets should be encrypted and stored on removable USB drives, only connected when sending.  Blockchains should be updated with dummy wallets.  You should have run 'core' wallet apps, not use online or third party wallets.  The 2FA devices should be dedicated hardware (old phones) and not connected to any network.  Why in the world did you use password safes?  BCD?  Really?  I did not even know they existed, I would not bother with any bitcoin splits.  I recovered BTG/BCH but this was done on an old PC with BTC moved to another wallet after the fork and before the recovery attempt.  I would not trust any wallet other than bitcoin.org core wallet.  If you're really paranoid, inspect the sources, compile from sources on a dedicated dev machine.

This is everyone's worst nightmare.  

Spend some money on dedicated 'POS' equipment and never touch it unless you move coins or access exchange accounts.  And keep the wallet, blockchain backup on multiple devices in multiple physical locations.

This just shows you, bitcoin is still in an early adoption phase.  It is still not for everyone.

PS. Why would anyone keep all these altcoins is beyond me?  Store your money in BTC in bitcoin.org core wallet and forget all the BS coins.

Unfortunately most of us use Windows and are so familiar with it, that is has been part of our lives. I've used Linux before but eventually gave it up because Windows has everything I need (apps-wise).

One way to not get hacked besides not keeping 'em on exchanges is to use common sense.

No matter how advanced anti-viruses could be, simply being careless won't protect your system from being compromised.

You could have a super-strong password to any offline wallet(s) but if you managed to get phished, its game over.

Guys, please:
-never tell that you owe crypto
-use VPN
-use Linux
-use cold storage (or at least 2fa without the recovery option)

Antivirus software is pretty much useless against modern keyloggers or virus.  Windows can be really dangrous especially if you use cracked software or single guys

As what have OP said, it was so sad to have been lost on that huge amount. I've learned those replies too it is very informative to avoid us in being to hack. I also used a laptop and all web wallet and Apps wallet are here so I am now aware that it might be lead to hack or any possibilities to be hacked.
Yes, that is good I dea. If we can't afford to buy hardware wallet, then, we separate our wallet to other device just like tablet.

maybe it could be an idea that you say but for some people it will add to the workload, which is still my mind why can it be easily hacked? I am also concerned about this incident, because this value is quite large.

Well, the simplest change to make to more likely avoid such problems is to not use Windows.

Linux is not virus proof, but a much smaller and harder target for hackers.
Ubuntu is simple to install and easy to use.

Windows virus checkers do not detect 'viruses' they detect 'known viruses'
This case clearly shows that.
... and that is by design by McAfee years ago to ensure an ongoing income stream.

Botnets of 100's of 1000's of windows machines are not urban legends, they're fact.

If you wish to reduce you risk storing currency on a computer, use linux, but also understand how to do that safely.

nothing will save you from a smart virus, it can even recover files from a cleaned recycle bin, so only cold storage is necessary

other people not touched yet, but this a large amount was

It is not 100% safe. A low level keylogger or kernel-based keylogger will be able to intercept your keyboard inputs before it gets encrypted.
this solution works better with touch screen inputs not with keyboard inputs.

The best is to combine it with typing some keys via visual keyboard. You can also trick the hacker by adding some random keytrokes (there are softwares that can generate it for you).

It was necessary to use only cold storage that the network machine never saw your private keys http://docs.electrum.org/en/latest/coldstorage.html
But DASH masternodes not working at this mode

NEM can return, please contact the developers

I am not the only victim of these criminals. And I think they did not spy directly on me but on people who downloaded and used their trap like BCD wallet malware.


yes - I should have known it before. Now the damage is there. For sure I will not make that mistake again. And I will not recover from it anytime soon. I worked for many years to get together what has been stolen now.


honestly contacting the authorities is always a good step in this kind of situation. If it helps is another kind of question. I assume that most of these criminals make a failure former or later which directs them into prison. But does it help the victims? Most times not. Anyways it might help to keep some out of this criminal business - like this one:
Russian 'hacking genius' accused of $530 million 'dark web' fraud against Americans posed with tigers and crocodiles before his FBI-ordered arrest