Pages:
Author

Topic: JUST HAD 0.92329 BTC STOLEN - HOW??? - page 10. (Read 8369 times)

legendary
Activity: 1862
Merit: 1011
Reverse engineer from time to time
May 02, 2015, 06:52:25 AM
#38
A VM tries to keep bad stuff in, if the virus had infected your PC, doesn't matter if you were using a VM, however it would have to know and handle the fact that there is a VM.
legendary
Activity: 3248
Merit: 1070
May 02, 2015, 06:48:08 AM
#37
I've had much more btc in that wallet in the past. And I only fire up my VM to check my electrum which isn't that often. WHY ME AND why now. This is bullshit!

have you downloaded something suspicious yesterday or some time ago?, what is the last thing you downloaded?
hero member
Activity: 882
Merit: 1006
May 02, 2015, 06:47:48 AM
#36
What operating system were you running on the VM?

And what software were you using for that?
member
Activity: 98
Merit: 10
May 02, 2015, 06:43:05 AM
#35
I am sorry for your loss bro.

Did anyone else have access to your PC?
hero member
Activity: 682
Merit: 500
May 02, 2015, 06:35:19 AM
#34
Sorry to ask but I only use Bitcoin Core.

Is Electrum like Brainwallet?

Because if it is then you should know that there is people constantly running brute force apps and waiting for a transaction to take place, then snatch the coins to their own wallet.

There was a post about this someweher in the forums.

Search for Brainwalet hacking and you will find it.

No, electrum is really different from the Brainwallet. The first one uses a seed of 12 words so it is really impossible to bruteforce it, instead the second one use only a password. I am still thinking that it was a computer problem.


OP can you explain again if you have stored the seed in some .txt file on the pc?

I store the seed in a truecrypt vault. In the past I haven't even bothered saving the seed for security reason. I jut backup my Private keys - which are encrypted

And the password on the wallet is not used anywhere else.
legendary
Activity: 1778
Merit: 1043
#Free market
May 02, 2015, 06:33:25 AM
#33
Sorry to ask but I only use Bitcoin Core.

Is Electrum like Brainwallet?

Because if it is then you should know that there is people constantly running brute force apps and waiting for a transaction to take place, then snatch the coins to their own wallet.

There was a post about this someweher in the forums.

Search for Brainwalet hacking and you will find it.

No, electrum is really different from the Brainwallet. The first one uses a seed of 12 words so it is really impossible to bruteforce it, instead the second one use only a password. I am still thinking that it was a computer problem.


OP can you explain again if you have stored the seed in some .txt file on the pc?
hero member
Activity: 546
Merit: 500
May 02, 2015, 06:32:50 AM
#32
this is one thing that is feared by users bitcoin, bitcoin loss caused by hackers. Hopefully there are no cases like this again
hero member
Activity: 682
Merit: 500
May 02, 2015, 06:32:39 AM
#31
....
yes that is very strange to see this kind of transaction, sorry to see this one, Sad  
how this hacker was quick in this transaction just delay of 1 minute ?

I do not know, it is really strange.

Have you downloaded something of strange in the past days/weeks?

No I download a lot of software and I know a scam/trojan link when I see one

Can't find any evidence of an infection. I use VPN on my VM, can't figure this out  Huh

What AV software are you using if I may ask? Have you used this specific Electrum wallet before (or any other addresses from the same seed)? Did you access the wallet before the funds were stolen - or were they just taken immediately after an initial deposit?

A VPN wouldn't really help you in terms of security for this kind of thing - more useful for privacy and anonymity.

Yes I've used the same electrum wallet before but not much.


Oh and I use Avira, MS essential and Malwarebytes. I keep my Computers in order don't you worry Wink
legendary
Activity: 1876
Merit: 1005
May 02, 2015, 06:28:38 AM
#30
It's too weird to be explained... It's as if it was a automated action. There is about a 1 minute delay between the 2 transactions.

What is the chances of someone sitting and waiting for you to make transactions to steal it immediately?

It's also a single use address... and it would most probably be mixed too.. so you stuffed, if it was not a electrum screw up.  Sad
Sorry for your loss and second yeah this is very strange that all this just happened so quick as someone was waiting but this is not very big amount. This is warning for others to take some extra security measure to keep their funds save. This is good at least others will be more active in future.
legendary
Activity: 2212
Merit: 1199
May 02, 2015, 06:27:48 AM
#29
I've had much more btc in that wallet in the past. And I only fire up my VM to check my electrum which isn't that often. WHY ME AND why now. This is bullshit!

There must be a reason why this happens.

I don't know why you and why now, but for some reason your machine was compromised and it's perhaps your fault of not keeping your security at high level.


I am really sorry for your lost. But there is nothing you can do now. But what you need to do is:

-format the drives from the machine where your Electrum was installed and coins were stolen.
-use high standard antimalware, antivirus apps.
-never open suspicious links
-follow other security steps to keep your bitcoins safe.

Also you can keep an eye on 13GrQ46YQ3x3fp1p5eHrPKSsMaxjDY9VwC - only a little chance that you will be able to track those coins but worth a try.

Best regards.
hero member
Activity: 1582
Merit: 502
May 02, 2015, 06:26:44 AM
#28
Sorry to ask but I only use Bitcoin Core.

Is Electrum like Brainwallet?

Because if it is then you should know that there is people constantly running brute force apps and waiting for a transaction to take place, then snatch the coins to their own wallet.

There was a post about this someweher in the forums.

Search for Brainwalet hacking and you will find it.
legendary
Activity: 1904
Merit: 1074
May 02, 2015, 06:22:39 AM
#27
It's too weird to be explained... It's as if it was a automated action. There is about a 1 minute delay between the 2 transactions.

What is the chances of someone sitting and waiting for you to make transactions to steal it immediately?

It's also a single use address... and it would most probably be mixed too.. so you stuffed, if it was not a electrum screw up.  Sad
hero member
Activity: 742
Merit: 502
Circa 2010
May 02, 2015, 06:19:34 AM
#26
Can't find any evidence of an infection. I use VPN on my VM, can't figure this out  Huh

What AV software are you using if I may ask? Have you used this specific Electrum wallet before (or any other addresses from the same seed)? Did you access the wallet before the funds were stolen - or were they just taken immediately after an initial deposit?

A VPN wouldn't really help you in terms of security for this kind of thing - more useful for privacy and anonymity.
legendary
Activity: 1778
Merit: 1043
#Free market
May 02, 2015, 06:18:45 AM
#25
....
yes that is very strange to see this kind of transaction, sorry to see this one, Sad 
how this hacker was quick in this transaction just delay of 1 minute ?

I do not know, it is really strange.



I've had much more btc in that wallet in the past. And I only fire up my VM to check my electrum which isn't that often. WHY ME AND why now. This is bullshit!


Have you downloaded something of strange in the past days/weeks?
hero member
Activity: 682
Merit: 500
May 02, 2015, 06:17:26 AM
#24
I've had much more btc in that wallet in the past. And I only fire up my VM to check my electrum which isn't that often. WHY ME AND why now. This is bullshit!
hero member
Activity: 686
Merit: 500
May 02, 2015, 06:16:35 AM
#23
Could something be wrong with Electrum?

It's doubtful. It's quite common for hackers to immediately sweep funds out of addressess. This happens very often with weak brainwallets, once the funds are transferred in they are drained within seconds. I suspect the OP may have imported the address into electrum, or may have restored his wallet using a weak seed or such.

i think so really socking to see this one, another transaction made within few seconds..
hero member
Activity: 682
Merit: 500
May 02, 2015, 06:15:26 AM
#22
Can't find any evidence of an infection. I use VPN on my VM, can't figure this out  Huh
legendary
Activity: 1050
Merit: 1000
May 02, 2015, 06:14:02 AM
#21
I just deposited the above amount to one of electrum wallets. Almost immediately the balance was tramsferred to:

13GrQ46YQ3x3fp1p5eHrPKSsMaxjDY9VwC

tx: https://blockchain.info/tx/c92f9c265f0a7a9b7fec9184a0314545f8d3f2b3d6d53c240eec97a087826a00

Noth of the transaction have any confirmations, it just happen immediately. How is this possible and how can I get my funds back??? I cannot understand how this is possible. FML

My address:

https://blockchain.info/address/15WapDB1AsoKKp4vMTims836Jxn9mJdHJA


Help!!! 

Almost immediately? 

Yes, I have seen the two bitcoin transaction:

- https://blockchain.info/it/tx/5cc872a7dc9bebb03290e9d537d57eba51056e764483a4f4ef4f6bc2bac66e0f  (his transfer to the electrum wallet)     
2015-05-02 10:24:40

- https://blockchain.info/it/tx/c92f9c265f0a7a9b7fec9184a0314545f8d3f2b3d6d53c240eec97a087826a00  (the second tx into the hacker address)   
2015-05-02 10:25:41


~ 1 minuted between the two transaction.

yes that is very strange to see this kind of transaction, sorry to see this one, Sad  
how this hacker was quick in this transaction just delay of 1 minute ?
hero member
Activity: 882
Merit: 1006
May 02, 2015, 06:10:51 AM
#20
Could something be wrong with Electrum?

It's doubtful. It's quite common for hackers to immediately sweep funds out of addressess. This happens very often with weak brainwallets, once the funds are transferred in they are drained within seconds. I suspect the OP may have imported the address into electrum, or may have restored his wallet using a weak seed or such.
legendary
Activity: 1778
Merit: 1043
#Free market
May 02, 2015, 06:08:15 AM
#19
I just deposited the above amount to one of electrum wallets. Almost immediately the balance was tramsferred to:

13GrQ46YQ3x3fp1p5eHrPKSsMaxjDY9VwC

tx: https://blockchain.info/tx/c92f9c265f0a7a9b7fec9184a0314545f8d3f2b3d6d53c240eec97a087826a00

Noth of the transaction have any confirmations, it just happen immediately. How is this possible and how can I get my funds back??? I cannot understand how this is possible. FML

My address:

https://blockchain.info/address/15WapDB1AsoKKp4vMTims836Jxn9mJdHJA


Help!!! 

Almost immediately? 

Yes, I have seen the two bitcoin transaction:

- https://blockchain.info/it/tx/5cc872a7dc9bebb03290e9d537d57eba51056e764483a4f4ef4f6bc2bac66e0f  (his transfer to the electrum wallet)     
2015-05-02 10:24:40

- https://blockchain.info/it/tx/c92f9c265f0a7a9b7fec9184a0314545f8d3f2b3d6d53c240eec97a087826a00  (the second tx into the hacker address)   
2015-05-02 10:25:41


~ 1 minuted between the two transaction.
Pages:
Jump to: