Pages:
Author

Topic: I've been hacked (Electrum 4.3.2) - page 7. (Read 12992 times)

legendary
Activity: 2562
Merit: 1177
Telegram: @julerz12
January 10, 2023, 08:02:09 AM
Red tag by icopress is fine everyone, he has all the right to make that judgment, kindly stop bickering about it.

I am trying to wrap my head around how exactly did you manage to get hacked so quickly.

Certainly it was not from a vulnerability in the Electrum wallet. Did you use a weak password or even no password at all?

What else was running on your Windows PC?

[exactly the reason why I do not store any funds on Windows (and Mac) and will never ever do that.]

Yes. It is pretty quick, the funds from Yo!Mix came in on 2023-01-09 18:51 and the whole Electrum wallet got drained on Date: 2023-01-09 21:35

My best guess is the hacker was somehow able to get my password to the wallet and transfer the funds. Probably from a keylogger which I haven't found yet (currently scanning my system).
The only apps that were running at the time were Adobe Photoshop, Telegram, Discord, and Google Chrome. Electrum wasn't even online until around 23:00 (midnight) where I immediately opened it after got notified by Coinomize team that the funds were transferred.


Also, just for everyone's info.
I am currently managing this bounty campaign wherein $4,000 USDT is (again) in my care, sitting on my Ledger wallet (Address)
I have already contacted several escrows including Hhampuz in hopes of being able to transfer these funds to them to act as a new official escrow.

I have also already contacted Coinomize and Yo!Mix so I can partially pay out my debts to them caused by the stolen funds. It isn't much but I hope they'll appreciate it. It's the start of many, I promise.

Note: I was not aware the project team had already transferred the funds, all the negotiations between me and this project team were done weeks ago before the events of today.
legendary
Activity: 1582
Merit: 1057
January 10, 2023, 08:01:05 AM
I am trying to wrap my head around how exactly did you manage to get hacked so quickly.

Certainly it was not from a vulnerability in the Electrum wallet. Did you use a weak password or even no password at all?

What else was running on your Windows PC?

[exactly the reason why I do not store any funds on Windows (and Mac) and will never ever do that.]
Right now is not about of a Electrum code vulnerability like in the past ( see CVE-2018-1000022
CVE-2018-6353) it's about off Electrum "ecosystem" itself .. users can be tricked quite easily when they make an update. That's why  it must be acted with maximum vigilance!

Weak or strong password - it doesn't matter when the hackers are in full control of wallet. The question is how they got that access,  fake update, keylogger, etc. Knowing this, it will prevent other users to get tricked.
legendary
Activity: 1974
Merit: 3049
January 10, 2023, 07:51:20 AM
IMO. Neutral tags in trust are absolutely correct as trust system is about to describe risks of financial interactions with an exact person. No one still knows how funds were lost so there is a risk of recurrence of the same situation and potential partners should be aware of that. It is not about blaming julerz12, it is about informing others. julerz12 probably should use a respected third party for escrow while managing future campaigns to decrease possible risks.

As about red tags. I can't say that they are incorrect. We have a situation with a known damage. But the situation is going on and julerz12 expressed his intention to solve the problem and return what lost. IMO while there are negotiations between the sides and while julerz12 keeps repaying his debts it is too eary to draw a final conclusion. We can leave a negative reviw any time, so why to hurry? Do we expect any new problems at the moment or in the nearest future? I don't think so. Any julerz12's activity will be carefully watched for long long time so there is not too much risk that a potential partner of julerz12 woun't read neutral tags about this situation and nobody will warn about it. So IMO there's no need in red tags while maintaining the current state of affairs.
legendary
Activity: 1568
Merit: 6660
bitcoincleanup.com / bitmixlist.org
January 10, 2023, 07:40:04 AM
I am trying to wrap my head around how exactly did you manage to get hacked so quickly.

Certainly it was not from a vulnerability in the Electrum wallet. Did you use a weak password or even no password at all?

What else was running on your Windows PC?

[exactly the reason why I do not store any funds on Windows (and Mac) and will never ever do that.]
legendary
Activity: 2058
Merit: 1166
January 10, 2023, 07:36:45 AM
For me, everything will depend on how events unfold from now on, if he collaborates and starts a repayment plan I'll give him the benefit of the doubt. If not, I'll support the flag and change the tag.

Most times in these cases we have seen people hide and yet we are seeing him all the time responding and showing his face.

Since I think you have reasonable on positions on many topics, I would be interested in your opinion on "bounty managers red tagging other bounty managers". Whether or not someone is rightfully in that position to do so (DT1 , DT2), most people probably won't deny the fact that there is an additional incentive for a red tag from members of a specific group who are in competition with each other. Taking into account that @julerz12 did apparently rake in some very well paying campaigns that drew a lot of attention from many members of this forum, I am not that surprised that the red tag comes from a bounty manager.

I did expect @Hhampuz to actually do what he did: not red tag and instead offer his service to keep damage to the forum's reputation at a minimum. @icopress went for it and pulled the trigger.

Again, @icopress is in the position to do so, but when I were running a car dealership and fucked up and would have to go to court, I'd probably feel more comfortable if the judge wasn't owning a competing car dealership around the corner of mine. In fact, the judge would probably be rejected because of bias right away. This does not mean that the judge would necessarily make a bad or unfair judgment, but to prevent bias and false incentive discussions from coming up, it is just correct to actually not let that judge have any influence about the outcome of such a court case.

All those who could have given a red tag but didn't and are also not bounty managers actually acted the way I personally thought is the right one for the moment. This is not to say that the tag could be turned into red by @Poker Player, it absolutely could and should. But even though I expected @icopress to go for such a move, I am not sure that was the appropriate action to take here.

legendary
Activity: 3472
Merit: 3507
Crypto Swap Exchange
January 10, 2023, 07:29:30 AM
For me, everything will depend on how events unfold from now on, if he collaborates and starts a repayment plan I'll give him the benefit of the doubt. If not, I'll support the flag and change the tag.

Most times in these cases we have seen people hide and yet we are seeing him all the time responding and showing his face.

I would agree with you, but unfortunately, YoMix doesn't think in that direction. I think he should get a chance to pay off the debt by working until he eventually collects the entire amount. they will allocate new funds for the manager, while at the same time, julerz's reputation will completely sink. I believe that everyone deserves a second chance.

Sometimes, bad days are there to remind us that we have good ones to look forward to. Sad it happened, we'll run new campaign soon managed by Royse777.
legendary
Activity: 1750
Merit: 1329
Top Crypto Casino
January 10, 2023, 07:27:06 AM
Feels sad about your lose Julerz this mistake really makes a hard time to recover its includes the funds, trust and reputation because of this, its time to make a format with your PC I guess you just get a phishing, or malware attack before and the hacker just waiting for your funds to get in, ideal really use the hardware wallet and other security features of the electrum, there's no safe in the internet its not just only for julerz to other people still using the hot wallet this serves too as information to invest to your security.
legendary
Activity: 3304
Merit: 8633
icarus-cards.eu
January 10, 2023, 07:21:24 AM
you can see here in his official service thread how many campaigns julerz12 has already led and also successfully completed and there were also some BTC campaigns also in it
i now ask myself, he has always acted so grossly negligent and all his funds on a hot wallet on his pc always stored?
if so, then he has until last sunday still had luck and yesterday it was then unfortunately so far and he was allegedly 'hacked'...
and as icopress already wrote, i can't understand how you can run a campaign without having at least double secured the funds and built up reserves to compensate a sudden loss as good and as fast as possible again.
i don't want to judge if he was really hacked or if he planned it all somehow, but you can see what a lot of pressure is on a bounty manager when he runs a signature campaign... no matter if for 1-2 weeks or over several months
therefore great respect to all renowned bm's here from the forum and at the same time now also the hint to all best asap to send your funds for your participants on a hardwallet...

just my 2 sats
legendary
Activity: 1582
Merit: 1057
January 10, 2023, 07:17:14 AM
Electrum has a long history of vulnerabilities ( including indirect vulnerabilities ) and many time this wallet got hacked. As you know, because is a lite bitcoin wallet, it needs to connect to servers, If your wallet connects to the network via malicious severs, your money get lost! For these that are new in this, you can find on the internet many attempts and successful attacks against Electrum, and many funds and many funds were stolen. In my opinion, Electrum was and is, the most attacked Bitcoin wallet. You should not understanding me wrong ( I'm using Electrum) but Electrum attracts the hackers (advantages and disadvantages), therfore increased vigilance is always necessary when you use a lite wallet ( and not only! ). Also the most attacks occured  after an update (this is well known thing)

Back in the past, around 2015, my entire system was hacked including the work station, six mining rigs, router, mail account and also Cryptsy account.
The  attackers had full control for several days, until I realized what was happening. They withdrew all the funds on the same day. In that hack I lost around 110k WhiteCoin, 334k DGB, 1300 Dash ( former DarkCoin), 1002 LTC and many other alts .. My BTC was stored on BTC-e exchange ( this account wasn't compromised because on this one the log credentials were stored offline - it was my first exchange which I used).
On Cryptsy exchange were stored around  7 mil Doge and some other alts. All of these were converted in BTC and all of them have been retreated on the attacker BTC address.

Many of you are new in this cryptoworld, even if you are active here on forum for few years...that doesn't mean anything! You should know that everyone is susceptible to being hacked, no matter what's your rank, name, theoretical knowledge etc.. Of course  we must to ensure the maximum security measures but even that it could happen. This is not the gamming world!!  THIS IS CRYPTO!

One mistake and you lose everything without hope for a second chance!
I saw many of you blaming Julerz because o his mistake!! OK! you could do that but It's not OK. Humans make mistakes. It's saddly of course but we can tolerate this. Are we HUMANS?!

I saw many of you with same bussiness like Julerz, blaming him for this mistake.. It's not OK!
Competition is good, but not when someone is knocked down! That fact reveals how weak "we" are.
On this forum, people should help each other especially when such problems arise!
There is room for everyone ( if they are honest of course).

Yesterday was hacked Julerz tomorrow it could be one of you.. You are not a super human!! Nor even Dashjr was a super human! And he is not a "nobody" !! A Bitcoin Core Developer it can be hacked even his funds were stored on a cold wallet!!  According to the judgment of some, Luke should not be anymore a Bitcoin Developer ( even he lost his own funds) right?

Accepting that it was a hack, and also Julerz will manage how to return the stolen funds back to the owners,  I'll not support any red tag !!!
legendary
Activity: 1820
Merit: 2700
Crypto Swap Exchange
January 10, 2023, 07:07:07 AM
I know someone who got hacked automatically transferred the balance in his MetaMask to another wallet. With what happened to you OP, I'm now aware that it could happen with Electrum as well. It would be better to wipe your devices. It might not be the only one infected.

It seems like you are implying that the Electrum wallet software may have some security issues, however there are no such indications at this time. There are probably millions of Electrum users worldwide, and if there were any security issue with any version of the software, it would have likely garnered significant attention and be widely talked about on the internet by now. Moreover, Electrum's open-source nature allows for many independent developers to rigorously inspect each new version after its release, ensuring the software's security.

Even assuming the OP's story is true, there are many possible ways someone could steal his coins. For example, the OP could have left his computer unlocked while he was gone. He could have been infected with malware at any point over the course of many months and even years before he created his new wallet, or the thief could have used a keylogger or clipboard malware to steal the seed phrase. The OP also said that he doesn't use any AV other than the standard windows defender, which is also a big security risk and a lapse in judgment.
legendary
Activity: 1862
Merit: 5154
**In BTC since 2013**
January 10, 2023, 05:54:45 AM
I know someone who got hacked automatically transferred the balance in his MetaMask to another wallet. With what happened to you OP, I'm now aware that it could happen with Electrum as well. It would be better to wipe your devices. It might not be the only one infected.

It's not Electrum's fault. It's the way you use your wallet and computer.
There are many ways to be hacked and you have to be aware of all of them. And try to protect yourself as best you can.
copper member
Activity: 2940
Merit: 1280
https://linktr.ee/crwthopia
January 10, 2023, 05:46:38 AM
It's just now that I saw this from the thread by Woodie - Campaign managers acting as Escrow

It is unfortunate what happened to you, julerz12. It's careless to use a hot wallet for storing significant funds, and I hope you can recover from this setback and repay what is needed.



I know someone who got hacked automatically transferred the balance in his MetaMask to another wallet. With what happened to you OP, I'm now aware that it could happen with Electrum as well. It would be better to wipe your devices. It might not be the only one infected.
legendary
Activity: 1372
Merit: 2017
January 10, 2023, 05:21:21 AM
For me, everything will depend on how events unfold from now on, if he collaborates and starts a repayment plan I'll give him the benefit of the doubt. If not, I'll support the flag and change the tag.

Most times in these cases we have seen people hide and yet we are seeing him all the time responding and showing his face.
legendary
Activity: 1820
Merit: 2700
Crypto Swap Exchange
January 10, 2023, 05:08:58 AM
I believe it is crucial to base our decisions on whether someone deserves a negative tag on his profile on verifiable facts, rather than allowing personal emotions to play a role. These emotions or personal beliefs can be validly discussed, but should not be the basis for our judgment. This approach is the only way to ensure that the Trust system is fair and impartial to all members, rather than allowing personal affection to create a double standard in our decision making.

Given that there is at least one party who has been damaged (financially) and holds the OP responsible for the missing funds (which, in my view, is a reasonable position), it would be callous not to side with them, as they are the clear victims in this situation. Whether the missing funds were the result of hacking or the OP's deliberate actions, we don't have enough evidence to conclude either point at this time, these facts remain unchanged.

YoMix    2023-01-09        SCAM ALERT. Do not put any escrow to any campaign managed by julerz12. Said it was 'stolen' after few hours after transfer. SCAMMER


Now, I don't think that julerz12 had any intentions of stealing the funds for personal gain (it's just my personal opinion though and I could be wrong), and I feel really bad that he's in this tough spot. Nevertheless, regardless of his intent, he still bears a personal responsibility as a bounty manager and an escrow and, in my opinion, must accept the consequences of his negligence. The only path for redemption and vindication for him is to collaborate with the companies that entrusted him with their funds, in order to repay the debts. In doing so, he can demonstrate accountability, and eventually earn back the trust of the community.
legendary
Activity: 1862
Merit: 5154
**In BTC since 2013**
January 10, 2023, 05:02:44 AM
I'd feel very uncomfortable keeping it in a hot wallet. That's what I would do. It's not just hypothetical, I've handled a similar value in a certain Forkcoin, and the only thing that worked at the time was using a hot (Android) wallet. I only used it after sharing my concerns and the owner told me it's okay and he wouldn't blame me, but still I felt very uncomfortable with it. It took the guy a few days to tell me where to send his coins, and it was a huge relieve when I could finally get rid of them.

Totally agree!

One thing is our money, if we lose it we can only regret it. But when it's other people's money, care must be 10x greater, because there's a lot at stake. It's our reputation and our money.

Losing someone's money is something very serious. And it makes us lose double money, other people's money and our money. You have to be very careful.



Quote
I do not agree with opinions in the spirit of "OP gets gets multiple negative feedback -> he's no longer able to earn from his bounty/sig campaigns activity -> creditors get nothing". There are enough examples on the forum when, with reputational losses, users continue to successfully conduct business (the tag will be changed to neutral when the lost/stolen funds are refunded).
From icopress   2023-01-10 : https://bitcointalk.org/index.php?action=trust;u=950662;dt

How is it going to resolve the problem? Because of the tag you left, many campaign mangers will deny him joining their campaign, companies will deny him to give their projects, resulting he is not going to financially benefit from the forum. As per his explanation the forum is his only earning source. sucks but it's reality for him.

Feedback is bit harsh but it serves as a warning to others and lesson for him to learn from.


Although I think it is a bit exaggerated, at this moment, when the situation is still being addressed.

But I understand icopress. He is defending his working class. As a campaign manager, this type of situation can denigrate everyone's work, and make it difficult to attract new advertisers.

Now it's a matter of time, for things to normalize, if the OP keeps his word to refund all the money.
sr. member
Activity: 1022
Merit: 363
January 10, 2023, 04:20:35 AM
Quote
I do not agree with opinions in the spirit of "OP gets gets multiple negative feedback -> he's no longer able to earn from his bounty/sig campaigns activity -> creditors get nothing". There are enough examples on the forum when, with reputational losses, users continue to successfully conduct business (the tag will be changed to neutral when the lost/stolen funds are refunded).
From icopress   2023-01-10 : https://bitcointalk.org/index.php?action=trust;u=950662;dt

How is it going to resolve the problem? Because of the tag you left, many campaign mangers will deny him joining their campaign, companies will deny him to give their projects, resulting he is not going to financially benefit from the forum. As per his explanation the forum is his only earning source. sucks but it's reality for him.

Besides, look at the long history he have in the forum. Think logically (since you are a campaign manager yourself) what benefit it brings him to steal the funds and ruin his long established business. Nothing adds up.

You guys are too triggered to leave a feedback to others no matter neutral or negative or positive. I noticed the tendency especially the users who joined from 2017 and later. Some of you feel you are too much responsible to involve in anything that matters the reputation and jump on quick decision. Have I seen a feedback from LoyceV, yahoo62278, NeuroticFish, Hhampuz or me. All of them read the story so far. Others who are regular in reputation board and older members, don't you think many of them already read it but have they left a feedback yet? No.

It's not always black and white. Someone makes a mistake or became a victim of a bad incident and you all show up, destroy them without giving a chance to redeem. Ultimately you are the ones are causing trouble, liable to lose business for two parties. Both the victims. In the specific case, julerz12 will not be able to generate any revenue, results the two company don't get their lose back. How is your feedback helping a single member in the forum?

What would you feel and do if you are in the same shoe of julerz12? I hope your answer is not going to: You will never be in trouble in your life.

Feedback is bit harsh but it serves as a warning to others and lesson for him to learn from.

And if he's willing to repay back the money which lost from his hand then there are so many ways to do it aside from earning it back on the forum. Maybe one thing he needs right now is to show how serious he is on resolving this big issue.

Although this is unfortunate for julerz but he need to grow up with this and we don't want the same issue to happen on other company so I guess the feedback is fine, icopress will provably erase that feedback once julerz will find way to solve this.
sr. member
Activity: 812
Merit: 436
January 10, 2023, 04:18:43 AM
This looks unbelievable but is the reality of what is ongoing right away, being a campaign manager I don't think giving an excuse for weakness or negligence to secure the means which you handles your employers fund is appropriate and from this, the responsibility lies on the manager's hands to bear or face the consequences to his actions by taking responsibility for a repay except he companies wish to extend linient during the process by lifting off the burden on him after which he might have paid part of it, this is a thing of commitment, if you're not capable of being a campaign manager don't just dabble into it, as far as i know they need to have working experience while being under a manager that they might have learnt managing a campaign from, this is just a pity that a campa got paused even right before starting.
legendary
Activity: 3290
Merit: 16489
Thick-Skinned Gang Leader and Golden Feather 2021
January 10, 2023, 04:00:30 AM
#99
Imagine if you were in such situation, what the fuck would you think you would do considering it is a lot of money for you?
I'd feel very uncomfortable keeping it in a hot wallet. That's what I would do. It's not just hypothetical, I've handled a similar value in a certain Forkcoin, and the only thing that worked at the time was using a hot (Android) wallet. I only used it after sharing my concerns and the owner told me it's okay and he wouldn't blame me, but still I felt very uncomfortable with it. It took the guy a few days to tell me where to send his coins, and it was a huge relieve when I could finally get rid of them.

Using a hot wallet when there you have safer options is negligence (at best).

In this case we see that the two people most affected, those who hired him, give him the benefit of the doubt.
One of them didn't:
Image loading...

I use Electrum mainly for convenience, it allows sending rewards in batches.
As a campaign manager, you're being paid to deal with that little inconvenience. You could easily setup a system with offline signing: create the transaction in a watch-only hot wallet, copy the raw transaction to a system that doesn't have internet (and never bring it online!), verify all addresses, sign the message, and broadcast it from your other system.



Here's the flag type 1 https://bitcointalk.org/index.php?action=trust;flag=3079

Let's up to everyone decide to oppose/support the flag.
Allow me to copy the Trust system descriptions:
Negative feedback:
I've seen an escrow involved in someone losing $50,000, and everyone still trusts him.
I don't think OP, who actually posted the problem by himself, deserves a harsher treatment than the other guy.

But, with a bit of political skills, julerz12 can easily turn icopress' feedback to neutral. All he has to do is discuss with the campaigns he was handling and "convert" the missing money into debt with clear agreements about paying that back, and where that is not possible, maybe lend some money too for covering all this. Loans are neutral feedback. And then he can go on.
This sounds doable, although it's a bit of a loophole. A loan still doesn't mean it really gets paid back, so there's still a chance they've lost their money.

I don't think any kind of flag is appropriate for now to give to: @julerz12 against or support it, although one day it will be needed.

If it's true what happened and experienced by @julerz12 ended in an accident and disaster, not fraud, and he said it happened because of his own carelessness in placing the campaign funds he manages.
Those are all reasons to Support the Type 1 Newbie Warning Flag. It doesn't matter that it's not fraud. You call it an accident, I call using hot wallets for large funds an accident waiting to happen.
jr. member
Activity: 45
Merit: 13
Bisq Market Day - March 20th 2023
January 10, 2023, 03:49:14 AM
#98
Op sorry for your loss, geez $5000 gone into thin air that's so heart breaking. My guess is that your system has been compromised in some ways.
Since both parties involved are not willing to open a scam accusation thread against Op I think julerz12 should look for a way to convince them (yomix & coinomize.bix) or go into an agreement with them on how he's going to pay back if it's to find a real life job to pay back or if he's going to join signature campaign to payback the said money.
He should try as much as possible to sort this out if he wishes to keep his reputation because I have seen so many of Op bounty where he has escrowed altcoins that worth more than $5000 and he still did his work diligently.


I am currently also holding funds to Moonbet.io (an altcoin campaign), those tokens are safe since they are on my ledger but all the BTC funds from my Electrum wallet for Coinomize and YoMix campaigns were all drained.

I think you should try as much as possible to make payout of bounties and signature that has been completed so that you can have more time to face the issue in ground. Please do well to complete other work so that others won't start to think that you plan on doing something with the funds.
legendary
Activity: 2128
Merit: 1775
January 10, 2023, 03:19:53 AM
#97
Here's the flag type 1 https://bitcointalk.org/index.php?action=trust;flag=3079

Let's up to everyone decide to oppose/support the flag.
I don't think any kind of flag is appropriate for now to give to: @julerz12 against or support it, although one day it will be needed.

If it's true what happened and experienced by @julerz12 ended in an accident and disaster, not fraud, and he said it happened because of his own carelessness in placing the campaign funds he manages.

Besides both campaign owners have mentioned something in light of @julerz12.

Don't say that! It's just a "little" money and not the end of the world! We will not open a scam accusation because of something like that. Sure it's not great, but it's not the end of the world as I said. The most important thing is that you straighten it out.

Sometimes, bad days are there to remind us that we have good ones to look forward to. Sad it happened, we'll run new campaign soon managed by Royse777.



The campaign owner just wants to rectify the lost funds and what happened is certain what actually happened, there is no engineering later on or if it is known that the funds were not hacked or something that made the company owner angry.

I think in the case of @julerz12, the consequences and resolution are more to the point between @julerz12, YoMix and @[banned mixer], if they pardon or refund during the campaign contract, Of course we can all understand here and whatever decision the community takes regarding Julerz12 in the future, I think it is rational and reasonable, Flags, warnings and the like.

Because as far as I know hacking incidents can happen unexpectedly and at any time and that can happen to A and B, what is certain is that my hacking case has also experienced it, actually bitter, but bitterness must be swallowed by yourself, be it careless nature or the like.
Pages:
Jump to: