Pages:
Author

Topic: JUST HAD 0.92329 BTC STOLEN - HOW??? (Read 8369 times)

LZ
legendary
Activity: 1722
Merit: 1072
P2P Cryptocurrency
hero member
Activity: 560
Merit: 509
I prefer Zakir over Muhammed when mentioning me!
June 26, 2015, 01:45:01 PM
It would be really nice if the OP could clarify if this was the case. I'm actually pretty curious, this thread drew quite a lot of attention...

This was most probably a fake story or OP is not what he claims to be. ThomasV summed it up well.

So is this a flaw in Electrum?

I don't think so. There are too many inconsistencies in this story.

 - The thief targets a small wallet (0.92 btc), and tags his transaction with "3lectrum Fail" on blockchain.info.
   A real a thief in possession of an exploit would target large wallets first, and he would try not to attract attention on his exploit.
 - The OP ignores my first request to publish his seed, but calls for donations instead.
 - On my second request, the OP says that he is concerned about the security implications of disclosing his seed, which suggests that he still has the seed, or believes he has it.
   However, less than one hour later, he said that he has deleted (and even shredded!) the file containing it.
 - When I asked the OP if he has paper backup of his seed, he says he has none. Yet, in one of his first posts he said "That's ll the btc I had"
 - The OP claims to be "very tech savvy". However, he deletes his wallet file, preventing further investigation.
   A tech savvy person would not destroy evidence just after being hacked.

So, either the OP made up that story, or he has no clue about security.

legendary
Activity: 1512
Merit: 1012
June 26, 2015, 01:36:09 PM
It would be really nice if the OP could clarify if this was the case. I'm actually pretty curious, this thread drew quite a lot of attention...
legendary
Activity: 924
Merit: 1000
June 25, 2015, 05:21:36 PM
So is this a flaw in Electrum?

I don't think so. There are too many inconsistencies in this story.

 - The thief targets a small wallet (0.92 btc), and tags his transaction with "3lectrum Fail" on blockchain.info.
   A real a thief in possession of an exploit would target large wallets first, and he would try not to attract attention on his exploit.
 - The OP ignores my first request to publish his seed, but calls for donations instead.
 - On my second request, the OP says that he is concerned about the security implications of disclosing his seed, which suggests that he still has the seed, or believes he has it.
   However, less than one hour later, he said that he has deleted (and even shredded!) the file containing it.
 - When I asked the OP if he has paper backup of his seed, he says he has none. Yet, in one of his first posts he said "That's ll the btc I had"
 - The OP claims to be "very tech savvy". However, he deletes his wallet file, preventing further investigation.
   A tech savvy person would not destroy evidence just after being hacked.

So, either the OP made up that story, or he has no clue about security.


Maybe this is related to the fake electrum website:

https://bitcointalksearch.org/topic/m.11702869

It most likely is... Seems that the website has been around longer than we thought. The theif has also been getting quite a bit of Bitcoins, judging by his addresses balances.

Yes I think so: the latest download version on the fake site was 2.2!
legendary
Activity: 1512
Merit: 1012
June 25, 2015, 11:27:39 AM
So is this a flaw in Electrum?

I don't think so. There are too many inconsistencies in this story.

 - The thief targets a small wallet (0.92 btc), and tags his transaction with "3lectrum Fail" on blockchain.info.
   A real a thief in possession of an exploit would target large wallets first, and he would try not to attract attention on his exploit.
 - The OP ignores my first request to publish his seed, but calls for donations instead.
 - On my second request, the OP says that he is concerned about the security implications of disclosing his seed, which suggests that he still has the seed, or believes he has it.
   However, less than one hour later, he said that he has deleted (and even shredded!) the file containing it.
 - When I asked the OP if he has paper backup of his seed, he says he has none. Yet, in one of his first posts he said "That's ll the btc I had"
 - The OP claims to be "very tech savvy". However, he deletes his wallet file, preventing further investigation.
   A tech savvy person would not destroy evidence just after being hacked.

So, either the OP made up that story, or he has no clue about security.


Maybe this is related to the fake electrum website:

https://bitcointalksearch.org/topic/m.11702869

It most likely is... Seems that the website has been around longer than we thought. The theif has also been getting quite a bit of Bitcoins, judging by his addresses balances.
legendary
Activity: 924
Merit: 1000
June 24, 2015, 10:40:14 AM
So is this a flaw in Electrum?

I don't think so. There are too many inconsistencies in this story.

 - The thief targets a small wallet (0.92 btc), and tags his transaction with "3lectrum Fail" on blockchain.info.
   A real a thief in possession of an exploit would target large wallets first, and he would try not to attract attention on his exploit.
 - The OP ignores my first request to publish his seed, but calls for donations instead.
 - On my second request, the OP says that he is concerned about the security implications of disclosing his seed, which suggests that he still has the seed, or believes he has it.
   However, less than one hour later, he said that he has deleted (and even shredded!) the file containing it.
 - When I asked the OP if he has paper backup of his seed, he says he has none. Yet, in one of his first posts he said "That's ll the btc I had"
 - The OP claims to be "very tech savvy". However, he deletes his wallet file, preventing further investigation.
   A tech savvy person would not destroy evidence just after being hacked.

So, either the OP made up that story, or he has no clue about security.


Maybe this is related to the fake electrum website:

https://bitcointalksearch.org/topic/m.11702869
hero member
Activity: 672
Merit: 504
a.k.a. gurnec on GitHub
No! I understand Bitcoin transactions cannot be reversed! I meant to say that even though the coins cannot be pushed back maybe the seed can be recovered with the script Smiley

if he deleted the wallet file and can't remember most of it, it's lost, and not that valuable now that the theft has occurred except for research.

I agree with the latter half of your statement, but not the former. Please read this earlier post....
hero member
Activity: 682
Merit: 500
So is this a flaw in Electrum?

I don't think so. There are too many inconsistencies in this story.

 - The thief targets a small wallet (0.92 btc), and tags his transaction with "3lectrum Fail" on blockchain.info.
   A real a thief in possession of an exploit would target large wallets first, and he would try not to attract attention on his exploit.
 - The OP ignores my first request to publish his seed, but calls for donations instead.
 - On my second request, the OP says that he is concerned about the security implications of disclosing his seed, which suggests that he still has the seed, or believes he has it.
   However, less than one hour later, he said that he has deleted (and even shredded!) the file containing it.
 - When I asked the OP if he has paper backup of his seed, he says he has none. Yet, in one of his first posts he said "That's ll the btc I had"
 - The OP claims to be "very tech savvy". However, he deletes his wallet file, preventing further investigation.
   A tech savvy person would not destroy evidence just after being hacked.

So, either the OP made up that story, or he has no clue about security.


Think what you will. Never thought I'd be on receiving end of this notorious witch hunting Wink

Thanks
hero member
Activity: 682
Merit: 500
By the way, looks like this wasn't the first time OP said he got hacked:
https://bitcointalksearch.org/topic/10-btc-sent-to-unknown-address-after-downloading-yacoin-202087

Umm.... something suspicious is going on here methinks.

Here is a post he made another time his account got hacked:

The original minerd code is actually fine. You do have to realize that most antiviruses will flag it as a virus because of Botnet operators.

OP and second post seem to have downloaded minerd that was modified for YAC. If the source code wasn't posted, you shouldn't have downloaded it. Look into compiling source code yourself instead of downloading pre-compiled binaries. ALWAYS CHECK if source code is available.

Could you provide a link to the miner file you downloaded? The bitcointalk thread would be best. It appears as if whoever wrote that code (potentially YAC founder) did it to promote his coin. Did you guys look at the posts that were made to see what they said? Are they promoting the hell out of the coin?

TBH there's not a lot anyone could get from this PC and I am pretty reckless with this machine I'll admit! New installs are a regular occurrence.... Of course I was stupid to download those binaries, it's that whole human nature (greed) thing ya know?

Different PC, and my bitcointalk account was compromised through a session hijack. It's just got used to spam the hell out of the forum :/

This computer I'm using at the moment is very secure.

Please stop trying to taint my name. I respect this community and i'll be damned if you start calling me a scammer! Wink
legendary
Activity: 1302
Merit: 1008
Core dev leaves me neg feedback #abuse #political
there's no script that gets your coins back from a thief (assuming story is true which is questionable)

No! I understand Bitcoin transactions cannot be reversed! I meant to say that even though the coins cannot be pushed back maybe the seed can be recovered with the script Smiley

if he deleted the wallet file and can't remember most of it, it's lost, and not that valuable now that the theft has occurred except for research.
hero member
Activity: 518
Merit: 501
Error 404: there seems to be nothing here.
there's no script that gets your coins back from a thief (assuming story is true which is questionable)

No! I understand Bitcoin transactions cannot be reversed! I meant to say that even though the coins cannot be pushed back maybe the seed can be recovered with the script Smiley
legendary
Activity: 1302
Merit: 1008
Core dev leaves me neg feedback #abuse #political
hey so now that all this is resolved and stuff, can you tell me what SWX means? :p

Try replacing the "W" with E and you'll get it Tongue

Sarthak, If you have an unencrypted wallet file, you can recover the seed but I think you would need to convert the raw data to a human-readable seed.

I also wrote a script where you can brute force the seed if you know one of the first addresses and had just one of the words in the seed written down incorrectly.

Well I am not a technical guy and didn't really understand seed,encryption and hashing things! Give the script to OP! maybe it helps Smiley


there's no script that gets your coins back from a thief (assuming story is true which is questionable)
hero member
Activity: 518
Merit: 501
Error 404: there seems to be nothing here.
hey so now that all this is resolved and stuff, can you tell me what SWX means? :p

Try replacing the "W" with E and you'll get it Tongue

Sarthak, If you have an unencrypted wallet file, you can recover the seed but I think you would need to convert the raw data to a human-readable seed.

I also wrote a script where you can brute force the seed if you know one of the first addresses and had just one of the words in the seed written down incorrectly.

Well I am not a technical guy and didn't really understand seed,encryption and hashing things! Give the script to OP! maybe it helps Smiley
hero member
Activity: 686
Merit: 500

Hey OP, what does "SWX" mean? Does it mean anything to you?

Quote
3lectruM fail. More2come SWX
aLL bTc in my handz SWX

hey so now that all this is resolved and stuff, can you tell me what SWX means? :p
legendary
Activity: 1302
Merit: 1008
Core dev leaves me neg feedback #abuse #political
So is this a flaw in Electrum?

I don't think so. There are too many inconsistencies in this story.

 - The thief targets a small wallet (0.92 btc), and tags his transaction with "3lectrum Fail" on blockchain.info.
   A real a thief in possession of an exploit would target large wallets first, and he would try not to attract attention on his exploit.
 - The OP ignores my first request to publish his seed, but calls for donations instead.
 - On my second request, the OP says that he is concerned about the security implications of disclosing his seed, which suggests that he still has the seed, or believes he has it.
   However, less than one hour later, he said that he has deleted (and even shredded!) the file containing it.
 - When I asked the OP if he has paper backup of his seed, he says he has none. Yet, in one of his first posts he said "That's ll the btc I had"
 - The OP claims to be "very tech savvy". However, he deletes his wallet file, preventing further investigation.
   A tech savvy person would not destroy evidence just after being hacked.

So, either the OP made up that story, or he has no clue about security.


His activity seem fishy! Seems like a pretty well made story! BTW btcchris told me seeds can still be recovered! Isnt that true?

Thomas, your genius never fails to delight Smiley

Sarthak, If you have an unencrypted wallet file, you can recover the seed but I think you would need to convert the raw data to a human-readable seed.

I also wrote a script where you can brute force the seed if you know one of the first addresses and had just one of the words in the seed written down incorrectly.



hero member
Activity: 518
Merit: 501
Error 404: there seems to be nothing here.
So is this a flaw in Electrum?

I don't think so. There are too many inconsistencies in this story.

 - The thief targets a small wallet (0.92 btc), and tags his transaction with "3lectrum Fail" on blockchain.info.
   A real a thief in possession of an exploit would target large wallets first, and he would try not to attract attention on his exploit.
 - The OP ignores my first request to publish his seed, but calls for donations instead.
 - On my second request, the OP says that he is concerned about the security implications of disclosing his seed, which suggests that he still has the seed, or believes he has it.
   However, less than one hour later, he said that he has deleted (and even shredded!) the file containing it.
 - When I asked the OP if he has paper backup of his seed, he says he has none. Yet, in one of his first posts he said "That's ll the btc I had"
 - The OP claims to be "very tech savvy". However, he deletes his wallet file, preventing further investigation.
   A tech savvy person would not destroy evidence just after being hacked.

So, either the OP made up that story, or he has no clue about security.


His activity seem fishy! Seems like a pretty well made story! BTW btcchris told me seeds can still be recovered! Isnt that true?
legendary
Activity: 1896
Merit: 1353
So is this a flaw in Electrum?

I don't think so. There are too many inconsistencies in this story.

 - The thief targets a small wallet (0.92 btc), and tags his transaction with "3lectrum Fail" on blockchain.info.
   A real a thief in possession of an exploit would target large wallets first, and he would try not to attract attention on his exploit.
 - The OP ignores my first request to publish his seed, but calls for donations instead.
 - On my second request, the OP says that he is concerned about the security implications of disclosing his seed, which suggests that he still has the seed, or believes he has it.
   However, less than one hour later, he said that he has deleted (and even shredded!) the file containing it.
 - When I asked the OP if he has paper backup of his seed, he says he has none. Yet, in one of his first posts he said "That's ll the btc I had"
 - The OP claims to be "very tech savvy". However, he deletes his wallet file, preventing further investigation.
   A tech savvy person would not destroy evidence just after being hacked.

So, either the OP made up that story, or he has no clue about security.
copper member
Activity: 2996
Merit: 2374
By the way, looks like this wasn't the first time OP said he got hacked:
https://bitcointalksearch.org/topic/10-btc-sent-to-unknown-address-after-downloading-yacoin-202087

Umm.... something suspicious is going on here methinks.
It looks like in that case his account was hacked, but no money was stolen. That could have been another attempt to get attention

I would think it would be unlikely that the account would both get hacked and recovered inside of ~7 hours (the time between the OP was made in that thread and the time it was last edited).
hero member
Activity: 882
Merit: 1006
By the way, looks like this wasn't the first time OP said he got hacked:
https://bitcointalksearch.org/topic/10-btc-sent-to-unknown-address-after-downloading-yacoin-202087

Umm.... something suspicious is going on here methinks.

Here is a post he made another time his account got hacked:

The original minerd code is actually fine. You do have to realize that most antiviruses will flag it as a virus because of Botnet operators.

OP and second post seem to have downloaded minerd that was modified for YAC. If the source code wasn't posted, you shouldn't have downloaded it. Look into compiling source code yourself instead of downloading pre-compiled binaries. ALWAYS CHECK if source code is available.

Could you provide a link to the miner file you downloaded? The bitcointalk thread would be best. It appears as if whoever wrote that code (potentially YAC founder) did it to promote his coin. Did you guys look at the posts that were made to see what they said? Are they promoting the hell out of the coin?

TBH there's not a lot anyone could get from this PC and I am pretty reckless with this machine I'll admit! New installs are a regular occurrence.... Of course I was stupid to download those binaries, it's that whole human nature (greed) thing ya know?
hero member
Activity: 518
Merit: 501
Error 404: there seems to be nothing here.
In other words, whenever Electrum saves the wallet file, it does a normal delete, and then creates a new wallet file. If OP shredded his wallet file, he only shredded that most recently saved file. Other older copies of the wallet, as deleted by Electrum, might still be on the drive somewhere.

OK! Now I get it! But OP told he is very tech savvy how come he didn't knew about this?
 You have the capacity to make a hard thing easy to understand Cheesy Cheesy
Pages:
Jump to: