Windows 7
Dr.Web CureIt AV Scanner (download)and VMware from ecypted container running Ubuntu
haveged entropy daemon (how to setup) 
Topic: JUST HAD 0.92329 BTC STOLEN - HOW??? (Read 8361 times)
hero member
Activity: 560
Merit: 509
I prefer Zakir over Muhammed when mentioning me!
It would be really nice if the OP could clarify if this was the case. I'm actually pretty curious, this thread drew quite a lot of attention...
This was most probably a fake story or OP is not what he claims to be. ThomasV summed it up well.
So is this a flaw in Electrum?
I don't think so. There are too many inconsistencies in this story.
- The thief targets a small wallet (0.92 btc), and tags his transaction with "3lectrum Fail" on blockchain.info.
A real a thief in possession of an exploit would target large wallets first, and he would try not to attract attention on his exploit.
- The OP ignores my first request to publish his seed, but calls for donations instead.
- On my second request, the OP says that he is concerned about the security implications of disclosing his seed, which suggests that he still has the seed, or believes he has it.
However, less than one hour later, he said that he has deleted (and even shredded!) the file containing it.
- When I asked the OP if he has paper backup of his seed, he says he has none. Yet, in one of his first posts he said "That's ll the btc I had"
- The OP claims to be "very tech savvy". However, he deletes his wallet file, preventing further investigation.
A tech savvy person would not destroy evidence just after being hacked.
So, either the OP made up that story, or he has no clue about security.
It would be really nice if the OP could clarify if this was the case. I'm actually pretty curious, this thread drew quite a lot of attention...
So is this a flaw in Electrum?
I don't think so. There are too many inconsistencies in this story.
- The thief targets a small wallet (0.92 btc), and tags his transaction with "3lectrum Fail" on blockchain.info.
A real a thief in possession of an exploit would target large wallets first, and he would try not to attract attention on his exploit.
- The OP ignores my first request to publish his seed, but calls for donations instead.
- On my second request, the OP says that he is concerned about the security implications of disclosing his seed, which suggests that he still has the seed, or believes he has it.
However, less than one hour later, he said that he has deleted (and even shredded!) the file containing it.
- When I asked the OP if he has paper backup of his seed, he says he has none. Yet, in one of his first posts he said "That's ll the btc I had"
- The OP claims to be "very tech savvy". However, he deletes his wallet file, preventing further investigation.
A tech savvy person would not destroy evidence just after being hacked.
So, either the OP made up that story, or he has no clue about security.
Maybe this is related to the fake electrum website:
https://bitcointalksearch.org/topic/m.11702869
It most likely is... Seems that the website has been around longer than we thought. The theif has also been getting quite a bit of Bitcoins, judging by his addresses balances.
Yes I think so: the latest download version on the fake site was 2.2!
So is this a flaw in Electrum?
I don't think so. There are too many inconsistencies in this story.
- The thief targets a small wallet (0.92 btc), and tags his transaction with "3lectrum Fail" on blockchain.info.
A real a thief in possession of an exploit would target large wallets first, and he would try not to attract attention on his exploit.
- The OP ignores my first request to publish his seed, but calls for donations instead.
- On my second request, the OP says that he is concerned about the security implications of disclosing his seed, which suggests that he still has the seed, or believes he has it.
However, less than one hour later, he said that he has deleted (and even shredded!) the file containing it.
- When I asked the OP if he has paper backup of his seed, he says he has none. Yet, in one of his first posts he said "That's ll the btc I had"
- The OP claims to be "very tech savvy". However, he deletes his wallet file, preventing further investigation.
A tech savvy person would not destroy evidence just after being hacked.
So, either the OP made up that story, or he has no clue about security.
Maybe this is related to the fake electrum website:
https://bitcointalksearch.org/topic/m.11702869
It most likely is... Seems that the website has been around longer than we thought. The theif has also been getting quite a bit of Bitcoins, judging by his addresses balances.
So is this a flaw in Electrum?
I don't think so. There are too many inconsistencies in this story.
- The thief targets a small wallet (0.92 btc), and tags his transaction with "3lectrum Fail" on blockchain.info.
A real a thief in possession of an exploit would target large wallets first, and he would try not to attract attention on his exploit.
- The OP ignores my first request to publish his seed, but calls for donations instead.
- On my second request, the OP says that he is concerned about the security implications of disclosing his seed, which suggests that he still has the seed, or believes he has it.
However, less than one hour later, he said that he has deleted (and even shredded!) the file containing it.
- When I asked the OP if he has paper backup of his seed, he says he has none. Yet, in one of his first posts he said "That's ll the btc I had"
- The OP claims to be "very tech savvy". However, he deletes his wallet file, preventing further investigation.
A tech savvy person would not destroy evidence just after being hacked.
So, either the OP made up that story, or he has no clue about security.
Maybe this is related to the fake electrum website:
https://bitcointalksearch.org/topic/m.11702869
No! I understand Bitcoin transactions cannot be reversed! I meant to say that even though the coins cannot be pushed back maybe the seed can be recovered with the script 
if he deleted the wallet file and can't remember most of it, it's lost, and not that valuable now that the theft has occurred except for research.
I agree with the latter half of your statement, but not the former. Please read this earlier post....
So is this a flaw in Electrum?
I don't think so. There are too many inconsistencies in this story.
- The thief targets a small wallet (0.92 btc), and tags his transaction with "3lectrum Fail" on blockchain.info.
A real a thief in possession of an exploit would target large wallets first, and he would try not to attract attention on his exploit.
- The OP ignores my first request to publish his seed, but calls for donations instead.
- On my second request, the OP says that he is concerned about the security implications of disclosing his seed, which suggests that he still has the seed, or believes he has it.
However, less than one hour later, he said that he has deleted (and even shredded!) the file containing it.
- When I asked the OP if he has paper backup of his seed, he says he has none. Yet, in one of his first posts he said "That's ll the btc I had"
- The OP claims to be "very tech savvy". However, he deletes his wallet file, preventing further investigation.
A tech savvy person would not destroy evidence just after being hacked.
So, either the OP made up that story, or he has no clue about security.
Think what you will. Never thought I'd be on receiving end of this notorious witch hunting
Thanks
By the way, looks like this wasn't the first time OP said he got hacked:
https://bitcointalksearch.org/topic/10-btc-sent-to-unknown-address-after-downloading-yacoin-202087
Umm.... something suspicious is going on here methinks.
Here is a post he made another time his account got hacked:
TBH there's not a lot anyone could get from this PC and I am pretty reckless with this machine I'll admit! New installs are a regular occurrence.... Of course I was stupid to download those binaries, it's that whole human nature (greed) thing ya know?
https://bitcointalksearch.org/topic/10-btc-sent-to-unknown-address-after-downloading-yacoin-202087
Umm.... something suspicious is going on here methinks.
Here is a post he made another time his account got hacked:
The original minerd code is actually fine. You do have to realize that most antiviruses will flag it as a virus because of Botnet operators.
OP and second post seem to have downloaded minerd that was modified for YAC. If the source code wasn't posted, you shouldn't have downloaded it. Look into compiling source code yourself instead of downloading pre-compiled binaries. ALWAYS CHECK if source code is available.
Could you provide a link to the miner file you downloaded? The bitcointalk thread would be best. It appears as if whoever wrote that code (potentially YAC founder) did it to promote his coin. Did you guys look at the posts that were made to see what they said? Are they promoting the hell out of the coin?
OP and second post seem to have downloaded minerd that was modified for YAC. If the source code wasn't posted, you shouldn't have downloaded it. Look into compiling source code yourself instead of downloading pre-compiled binaries. ALWAYS CHECK if source code is available.
Could you provide a link to the miner file you downloaded? The bitcointalk thread would be best. It appears as if whoever wrote that code (potentially YAC founder) did it to promote his coin. Did you guys look at the posts that were made to see what they said? Are they promoting the hell out of the coin?
TBH there's not a lot anyone could get from this PC and I am pretty reckless with this machine I'll admit! New installs are a regular occurrence.... Of course I was stupid to download those binaries, it's that whole human nature (greed) thing ya know?
Different PC, and my bitcointalk account was compromised through a session hijack. It's just got used to spam the hell out of the forum :/
This computer I'm using at the moment is very secure.
Please stop trying to taint my name. I respect this community and i'll be damned if you start calling me a scammer!
legendary
Activity: 1302
Merit: 1008
Core dev leaves me neg feedback #abuse #political
there's no script that gets your coins back from a thief (assuming story is true which is questionable)
No! I understand Bitcoin transactions cannot be reversed! I meant to say that even though the coins cannot be pushed back maybe the seed can be recovered with the script
if he deleted the wallet file and can't remember most of it, it's lost, and not that valuable now that the theft has occurred except for research.
there's no script that gets your coins back from a thief (assuming story is true which is questionable)
No! I understand Bitcoin transactions cannot be reversed! I meant to say that even though the coins cannot be pushed back maybe the seed can be recovered with the script
legendary
Activity: 1302
Merit: 1008
Core dev leaves me neg feedback #abuse #political
hey so now that all this is resolved and stuff, can you tell me what SWX means? :p
Try replacing the "W" with E and you'll get it
Sarthak, If you have an unencrypted wallet file, you can recover the seed but I think you would need to convert the raw data to a human-readable seed.
I also wrote a script where you can brute force the seed if you know one of the first addresses and had just one of the words in the seed written down incorrectly.
I also wrote a script where you can brute force the seed if you know one of the first addresses and had just one of the words in the seed written down incorrectly.
Well I am not a technical guy and didn't really understand seed,encryption and hashing things! Give the script to OP! maybe it helps
there's no script that gets your coins back from a thief (assuming story is true which is questionable)
hey so now that all this is resolved and stuff, can you tell me what SWX means? :p
Try replacing the "W" with E and you'll get it
Sarthak, If you have an unencrypted wallet file, you can recover the seed but I think you would need to convert the raw data to a human-readable seed.
I also wrote a script where you can brute force the seed if you know one of the first addresses and had just one of the words in the seed written down incorrectly.
I also wrote a script where you can brute force the seed if you know one of the first addresses and had just one of the words in the seed written down incorrectly.
Well I am not a technical guy and didn't really understand seed,encryption and hashing things! Give the script to OP! maybe it helps
Hey OP, what does "SWX" mean? Does it mean anything to you?
Quote
3lectruM fail. More2come SWX
aLL bTc in my handz SWX
aLL bTc in my handz SWX
hey so now that all this is resolved and stuff, can you tell me what SWX means? :p
legendary
Activity: 1302
Merit: 1008
Core dev leaves me neg feedback #abuse #political
So is this a flaw in Electrum?
I don't think so. There are too many inconsistencies in this story.
- The thief targets a small wallet (0.92 btc), and tags his transaction with "3lectrum Fail" on blockchain.info.
A real a thief in possession of an exploit would target large wallets first, and he would try not to attract attention on his exploit.
- The OP ignores my first request to publish his seed, but calls for donations instead.
- On my second request, the OP says that he is concerned about the security implications of disclosing his seed, which suggests that he still has the seed, or believes he has it.
However, less than one hour later, he said that he has deleted (and even shredded!) the file containing it.
- When I asked the OP if he has paper backup of his seed, he says he has none. Yet, in one of his first posts he said "That's ll the btc I had"
- The OP claims to be "very tech savvy". However, he deletes his wallet file, preventing further investigation.
A tech savvy person would not destroy evidence just after being hacked.
So, either the OP made up that story, or he has no clue about security.
His activity seem fishy! Seems like a pretty well made story! BTW btcchris told me seeds can still be recovered! Isnt that true?
Thomas, your genius never fails to delight
Sarthak, If you have an unencrypted wallet file, you can recover the seed but I think you would need to convert the raw data to a human-readable seed.
I also wrote a script where you can brute force the seed if you know one of the first addresses and had just one of the words in the seed written down incorrectly.
So is this a flaw in Electrum?
I don't think so. There are too many inconsistencies in this story.
- The thief targets a small wallet (0.92 btc), and tags his transaction with "3lectrum Fail" on blockchain.info.
A real a thief in possession of an exploit would target large wallets first, and he would try not to attract attention on his exploit.
- The OP ignores my first request to publish his seed, but calls for donations instead.
- On my second request, the OP says that he is concerned about the security implications of disclosing his seed, which suggests that he still has the seed, or believes he has it.
However, less than one hour later, he said that he has deleted (and even shredded!) the file containing it.
- When I asked the OP if he has paper backup of his seed, he says he has none. Yet, in one of his first posts he said "That's ll the btc I had"
- The OP claims to be "very tech savvy". However, he deletes his wallet file, preventing further investigation.
A tech savvy person would not destroy evidence just after being hacked.
So, either the OP made up that story, or he has no clue about security.
His activity seem fishy! Seems like a pretty well made story! BTW btcchris told me seeds can still be recovered! Isnt that true?
So is this a flaw in Electrum?
I don't think so. There are too many inconsistencies in this story.
- The thief targets a small wallet (0.92 btc), and tags his transaction with "3lectrum Fail" on blockchain.info.
A real a thief in possession of an exploit would target large wallets first, and he would try not to attract attention on his exploit.
- The OP ignores my first request to publish his seed, but calls for donations instead.
- On my second request, the OP says that he is concerned about the security implications of disclosing his seed, which suggests that he still has the seed, or believes he has it.
However, less than one hour later, he said that he has deleted (and even shredded!) the file containing it.
- When I asked the OP if he has paper backup of his seed, he says he has none. Yet, in one of his first posts he said "That's ll the btc I had"
- The OP claims to be "very tech savvy". However, he deletes his wallet file, preventing further investigation.
A tech savvy person would not destroy evidence just after being hacked.
So, either the OP made up that story, or he has no clue about security.
By the way, looks like this wasn't the first time OP said he got hacked:
https://bitcointalksearch.org/topic/10-btc-sent-to-unknown-address-after-downloading-yacoin-202087
Umm.... something suspicious is going on here methinks.
It looks like in that case his account was hacked, but no money was stolen. That could have been another attempt to get attentionhttps://bitcointalksearch.org/topic/10-btc-sent-to-unknown-address-after-downloading-yacoin-202087
Umm.... something suspicious is going on here methinks.
I would think it would be unlikely that the account would both get hacked and recovered inside of ~7 hours (the time between the OP was made in that thread and the time it was last edited).
By the way, looks like this wasn't the first time OP said he got hacked:
https://bitcointalksearch.org/topic/10-btc-sent-to-unknown-address-after-downloading-yacoin-202087
Umm.... something suspicious is going on here methinks.
Here is a post he made another time his account got hacked:
TBH there's not a lot anyone could get from this PC and I am pretty reckless with this machine I'll admit! New installs are a regular occurrence.... Of course I was stupid to download those binaries, it's that whole human nature (greed) thing ya know?
https://bitcointalksearch.org/topic/10-btc-sent-to-unknown-address-after-downloading-yacoin-202087
Umm.... something suspicious is going on here methinks.
Here is a post he made another time his account got hacked:
The original minerd code is actually fine. You do have to realize that most antiviruses will flag it as a virus because of Botnet operators.
OP and second post seem to have downloaded minerd that was modified for YAC. If the source code wasn't posted, you shouldn't have downloaded it. Look into compiling source code yourself instead of downloading pre-compiled binaries. ALWAYS CHECK if source code is available.
Could you provide a link to the miner file you downloaded? The bitcointalk thread would be best. It appears as if whoever wrote that code (potentially YAC founder) did it to promote his coin. Did you guys look at the posts that were made to see what they said? Are they promoting the hell out of the coin?
OP and second post seem to have downloaded minerd that was modified for YAC. If the source code wasn't posted, you shouldn't have downloaded it. Look into compiling source code yourself instead of downloading pre-compiled binaries. ALWAYS CHECK if source code is available.
Could you provide a link to the miner file you downloaded? The bitcointalk thread would be best. It appears as if whoever wrote that code (potentially YAC founder) did it to promote his coin. Did you guys look at the posts that were made to see what they said? Are they promoting the hell out of the coin?
TBH there's not a lot anyone could get from this PC and I am pretty reckless with this machine I'll admit! New installs are a regular occurrence.... Of course I was stupid to download those binaries, it's that whole human nature (greed) thing ya know?
In other words, whenever Electrum saves the wallet file, it does a normal delete, and then creates a new wallet file. If OP shredded his wallet file, he only shredded that most recently saved file. Other older copies of the wallet, as deleted by Electrum, might still be on the drive somewhere.
OK! Now I get it! But OP told he is very tech savvy how come he didn't knew about this?
You have the capacity to make a hard thing easy to understand
Jump to: