Author

Topic: Never use ELECTRUM WALLET! (Read 574 times)

legendary
Activity: 2744
Merit: 1708
First 100% Liquid Stablecoin Backed by Gold
August 26, 2019, 11:24:53 AM
#35

Looks like very easy setup, which is strange because tutorial which I was using back then, was a lot more complicated and required many more steps.

The only difference is, that I was trying to decrypt a message back then and now this is a signature check for Mycelium wallet.

I will try it for sure, thank you very much for the link.
legendary
Activity: 3234
Merit: 5637
Blackjack.fun-Free Raffle-Join&Win $50🎲
August 26, 2019, 04:36:37 AM
#34
How did the OP get the error message which had the clickable link to the fake Github page? A few months ago most Electrum server nodes started to crash any clients to prevent this from happening.

Electrum is fixed phishing pop-up notification completely in version 3.3.4, and any version under that is still vulnerable to such attacks. Users who still have older versions and are not aware of the danger will be the victims of such attacks for a very long time. Unfortunately, there is no way for such users to be contacted, they have a potential threat on their computer and if they go the wrong way with update, they will lost their coins same as OP.
legendary
Activity: 2730
Merit: 7065
August 26, 2019, 03:40:19 AM
#33
I think this the main reason why people don't use PGP encryption more often or even don't check the signatures because is too complicated.

I wonder if there is no improvement possible?

A very easy to use, super user-friendly PGP software that every not tech-savvy person can operate would be a perfect solution.
If you think about it, it really isn't complicated at all. All you have to do is read the instructions and follow them. The problem is that people are lazy.

Quote
Start by downloading GPG4Win and the install it. When installing you only need the Kleopatra component so you can skip the other things included with the software.
The first step mentions you only need Kleopatra so don't even bother installing the rest or if you do, you don't need to use them ever.
Everything else is explained step by step. There are even pictures.

https://bitcoinelectrum.com/how-to-verify-your-electrum-download/
legendary
Activity: 2744
Merit: 1708
First 100% Liquid Stablecoin Backed by Gold
August 26, 2019, 03:17:39 AM
#32
...we do have an issue with wallets being too complicated for the average person, whose only tech knowledge is how to post selfies on social media.

I think this the main reason why people don't use PGP encryption more often or even don't check the signatures because is too complicated.

I wonder if there is no improvement possible?

A very easy to use, super user-friendly PGP software that every not tech-savvy person can operate would be a perfect solution.

...i am a windows user and have only verified signature on windows once. i didn't like Kleopatra either...

As I said before and your words confirm my statement that PGP is not used because is too complicated. It starts with download where people are immediately confused because there is a set of programs and to be honest only Kleopatra is needed but an average person doesn't know about this and download the full package (which only makes the confusion even bigger later on). Every next step is more confusing and I am not wondering that almost nobody is using this if they really don't have to.

I think my computer knowledge is much higher as by an average person but still, I find PGP encryption using Kleopatra not easy to do, especially if one has to do the initial setup on his own and never had any experience with PGP or Kleopatra.

Maybe there are other better and more user-friendly PGP programs and I don't know about it?

legendary
Activity: 3808
Merit: 1723
August 26, 2019, 01:41:45 AM
#31
How did the OP get the error message which had the clickable link to the fake Github page? A few months ago most Electrum server nodes started to crash any clients to prevent this from happening.

When he last used Electrum he had a server list of Electrum nodes, it most likely tried to connect to those nodes. 100% of those nodes were good nodes and one of those should of crashed his client before he accidently found a node which was fake to display the message.

legendary
Activity: 3472
Merit: 10611
August 25, 2019, 10:25:59 PM
#30
To be honest, I have never checked signatures until today. Already downloaded Kleopatra (a couple of times) and started the process (with the help of a how-to tutorial) but always gave up halfway.
I am sure, I have failed every time because is just not easy to set up PGP and I wasn't needed it very badly, for example, to secure all my BTC holdings. In such circumstances, I would do it for sure, no matter how time-consuming and complicated it could be.

well it is a matter of how you value your own security. sometimes we have to endure the complicated process to reach the high security we need. it doesn't come cheap.
with that said i am a windows user and have only verified signature on windows once. i didn't like Kleopatra either. but i did a workaround, i used Ubuntu. download verify Ubuntu signature and now i have that for easy verification each time i download a new software.

This is not the first time we have problems with malicious links to wallets on the web and here on Bitcointalk.
it is probably the biggest attempt but certainly not the first. there has been a lot more in the past, i myself have reported at least 10 or 12 malicious repositories on github trying to fool people into thinking they are downloading the "real" electrum from the "real repository"!

Quote
Still, I haven't heard about signatures check using PGP, until a couple of months ago, ...
I think, the best way to handle this is an informational campaign...
from 2016: https://bitcointalksearch.org/topic/verifying-bitcoin-core-1588906
a good idea to inform others as much as we can, but still the information is already out there, users must look for it themselves.

legendary
Activity: 2268
Merit: 18771
August 25, 2019, 01:20:11 PM
#29
I agree with you, but I was not talking only about Electrum wallet and rather had in mind a much bigger picture. What I mean is that we should try to inform people (best we could) to develop a habit, to check every signature of the downloaded file using PGP, especially when it goes to programs with sensible data, but not only of course.
I agree that would be ideal, but the chances of 100% of users checking 100% of the time is 0%. People should also always be checking the URL of the page they are entering their details in to, they should be checking the sending address of the email claiming to be from their bank, they should be scanning every file they download for malware, they should be double checking the sending address they just copy pasted, and so forth. Unfortunately, most people don't pay any attention to basic security and safety measures until they have already fallen victim.

It's for these reasons that banks keep implementing more and more security steps you have to go through and hurdles you have to jump to be allowed to spend your own money. People who pay no attention and keep getting scammed make the system worse for the rest of us. As bob123 says, we do have an issue with wallets being too complicated for the average person, whose only tech knowledge is how to post selfies on social media.
legendary
Activity: 1624
Merit: 2481
August 25, 2019, 10:12:30 AM
#28
you should not even care where you download the binaries from because even if you download them from the official website it still is not safe until you cryptographically verify its digital signature.
And if you ever wonder why the average person won't adopt bitcoin, see the above quote.  Lol.

The average person is not ready yet to take responsibility for their own money.
It is the average person who gets involved into credit card fraud because they entered it into a shady site or in an open wifi.

Verifying signature is a mandatory step which takes less than a minute. And with all the guides available and all the messages telling you to verify it, it is quite sad that people still don't do that.

We definitely can have adoption of bitcoin. But first we need some idiot-proof wallets (e.g. hardware wallets embedded into mobile phones with triple checking of everything).
Hardware wallets can already be used by average persons, if they are capable of reading and double checking the address on the display.
It is just that the riskier wallets (desktop-, mobile- and paper wallets) need more tech savy people who know how to protect digital information and how to verify integrity of data.
legendary
Activity: 3556
Merit: 7011
Top Crypto Casino
August 25, 2019, 09:37:21 AM
#27
Before the 3.3.3 update was released, Electrum had never notified users of available updates. You are the one at fault.
I almost fell for this and wasn't aware of how you got notified of Electrum updates.  I got a pop-up to upgrade and proceeded to do so, but my virus protection software said the update had malware on it.  Crazy.  That was like 2 months ago or so.  I assume that's the issue OP had.

Aside from that, Electrum is a great wallet--you just have to be careful about hacking attempts, I guess.  I wouldn't go so far as to blame OP for falling for the trick, as he hadn't used the wallet in some time and had no reason to think he'd get scammed that way. 

you should not even care where you download the binaries from because even if you download them from the official website it still is not safe until you cryptographically verify its digital signature.
And if you ever wonder why the average person won't adopt bitcoin, see the above quote.  Lol.
legendary
Activity: 2744
Merit: 1708
First 100% Liquid Stablecoin Backed by Gold
August 25, 2019, 08:23:05 AM
#26
There is no way to contact everyone who uses, or intends to use, Electrum - there is no database of users, in-wallet messaging service, or email sign up. The best that can be done is to give clear instructions on the site, which is already done. On the landing page it says to verify the signature, and on the download page there is a box which explains why you should verify signatures, and provides links to various tutorials...

I agree with you, but I was not talking only about Electrum wallet but rather had in mind a much bigger picture. What I mean is that we should try to inform people (best we could) to develop a habit, to check every signature of the downloaded file using PGP, especially when it goes to programs with sensible data, but not only of course. The best outcome would be when literally every download will be checked. This is exactly, as it was with VirusTotal, at some point, I started to scan almost all URLs, files, downloads which were new or seemed suspicious to me. So far I was never hacked or don't know about it.
legendary
Activity: 2268
Merit: 18771
August 25, 2019, 07:49:00 AM
#25
I am sure I failed every time because is not easy to set up
Have you seen Abdussamad's page of Electrum guides at https://bitcoinelectrum.com/? There is one for how to verify Electrum using Kleopatra (link here) which is pretty straightforward to follow and use. Hopefully it should help you out. Make sure you double check Thomas V's GPG key which appears on that page, to protect yourself in the rare chance that that site is hacked.

I think, the best way to handle this is an informational campaign, to let people know about the need for PGP signature check and how to do it correctly.
There is no way to contact everyone who uses, or intends to use, Electrum - there is no database of users, in-wallet messaging service, or email sign up. The best that can be done is to give clear instructions on the site, which is already done. On the landing page it says to verify the signature, and on the download page there is a box which explains why you should verify signatures, and provides links to various tutorials.

As you say, we can talk about it on the forum, but the majority of threads are ones such as this one - users who have already ignored the instructions, installed malware, lost their coins, and then come to complain. Few users seem to spend any time doing basic due diligence before downloading and install new software.
legendary
Activity: 2744
Merit: 1708
First 100% Liquid Stablecoin Backed by Gold
August 25, 2019, 06:24:16 AM
#24
...even if you download them from the official website it still is not safe until you cryptographically verify its digital signature. the only thing that you should ever worry about is acquiring the real public key of the developer...as long as PGP is not broken (which it is not) there is no way to fake this...

I agree with you and we should do all we can to inform at least Bitcointalk members about this and educate further on how to use PGP encryption and programs like Kleopatra.
As we all know the most used OS is Windows and this is not so easy to verify signatures on this system for beginners or not tech-savvy people.

To be honest, I have never checked signatures until today. Already downloaded Kleopatra (a couple of times) and started the process (with the help of a how-to tutorial) but always gave up halfway.
I am sure, I have failed every time because is just not easy to set up PGP and I wasn't needed it very badly, for example, to secure all my BTC holdings. In such circumstances, I would do it for sure, no matter how time-consuming and complicated it could be.

This is not the first time we have problems with malicious links to wallets on the web and here on Bitcointalk. I think I have seen already all kinds of wallet hacks: changed links in quotes, changed links in ANN and bounty threads, posting links from hacked accounts, malicious updates and pop-ups, fake redirects, counterfeit signatures, etc. You name it - I have seen it.

Still, I haven't heard about signatures check using PGP, until a couple of months ago, when the problems with Mycelium wallet exploded. I am very long and frequently here on the forum and from what I have seen, everybody was always using VirusTotal, as a reference tool, to check the wallets for viruses and verify them. In all wallets reviews posted here, I have never seen a single PGP signature check to be made.

Sometimes viruses were found by VirusTotal in wallets and I have written about this, to warn other members. I just couldn't believe, that some of them tried to defend these wallets, vouched they were clean and all found viruses are only "false-positive" and totally not harmful  Grin. In the beginning, there were no viruses in wallets at all, even false-positives, but somebody started misinformation (on purpose), wrote a couple of posts, articles, answers about false-positive matches on VirusTotal. This way changed the opinion of enough members, to bring chaos and total misinformation about false-positives virus warnings in the scanned wallets. In my opinion, it was made on purpose and we have missed it on our watch.

I think, the best way to handle this is an informational campaign, to let people know about the need for PGP signature check and how to do it correctly. There is actually no other way, to be relatively safe when downloading something online, as to do the PGP signature check every single time. We should talk about this and keep repeating on every occasion, especially in the Beginners and scam sections. If we start to do it, I am sure, members will create a lot of additional content about PGP (tutorials, translations, guides to Kleopatra, etc) and the word will keep spreading further kinda automatically.
legendary
Activity: 3472
Merit: 10611
August 24, 2019, 10:59:47 PM
#23
~
I think this one is the biggest threat from all fake URL's I have seen so far and people should be aware of these.

actually this does not concern wallets at all because technically you should not even care where you download the binaries from because even if you download them from the official website it still is not safe until you cryptographically verify its digital signature.
the only thing that you should ever worry about is acquiring the real public key of the developer. then you could even receive the binaries in your Email from someone and check the signature with that public key. as long as PGP is not broken (which it is not) there is no way to fake this.

those people who got scammed (mentioned in the comment you quoted) got scammed because they never bothered with signature verification ever.
legendary
Activity: 2744
Merit: 1708
First 100% Liquid Stablecoin Backed by Gold
August 24, 2019, 02:35:53 PM
#22
...all of these users are at fault for not using the common sense. If you had looked at your address bar, you would have noticed that you were not on the official website...

I would agree with you until I have seen this post:

The most tricky phising website i've heard was this one. Looks like Binance.com but there are no "n". This is strange n with dot at the bottom.


source

How to deal with such a phishing adress? Those dots are almost unnoticable.

Very good that you shared this.

I had to look for quite some time on the URL to spot the difference and to be honest I wasn't able to...

Even after I have read about the dots, still I was trying to clean the screen because I was sure it is something on the screen.

I think this one is the biggest threat from all fake URL's I have seen so far and people should be aware of these.
legendary
Activity: 3668
Merit: 6382
Looking for campaign manager? Contact icopress!
August 24, 2019, 12:26:36 PM
#21
I agree that there is a problem in fact most of us maybe create public opinion by saying "Do not use web wallets", and most users think desktop wallets are safe option. I am not sure is it more appropriate to direct users to hardware wallets, so far they are safe, but who can guarantee that this will be the case tomorrow or in a year?

Well, cold wallets are safe and nowadays they're not so difficult to set up.
And there's always the option of storing on paper wallets (of course, they have to be properly done, and of course, there were problems there too, mostly because of not-random-enough seeds).
But you are right. Human error is always a factor that has to be properly counted in.
legendary
Activity: 1624
Merit: 2481
August 23, 2019, 07:49:18 AM
#20
I don't feel like electrum is responsible for anything.

You mix things that should not be mixed -  banks, universities or fiat are something completely different then cryptocurrency. How can you say that Electrum developers "is responsible for anything", they develop that software and they did not see that vulnerability which was used for distribution of fake wallet.

Let's put aside ignorance of users, they are the victims of their ignorance, but it all start with exploit in Electrum - saying that all blame is on users is not fair in my opinion.

There is not a single software without vulnerabilities. Not a single one.

And the vulnerability in electrum has a CVSS score of roughly 3/10.
That is very far away from a sever vulnerability. The severity is low.. at max.

There is absolutely nothing which can happen based on this vulnerability. The user has to make several mistakes in a row (falling to phishing message, downloading from a fake site, not verifying signature, executing malware ..) in order to lose coins.
Those people most likely also would fall for a cheap phishing mail.

IMO absolutely their fault. No one forced them to use electrum. And neither did anyone force them to download malware from a fake site.
legendary
Activity: 3234
Merit: 5637
Blackjack.fun-Free Raffle-Join&Win $50🎲
August 23, 2019, 07:40:32 AM
#19
I don't feel like electrum is responsible for anything.

You mix things that should not be mixed -  banks, universities or fiat are something completely different then cryptocurrency. How can you say that Electrum developers "is responsible for anything", they develop that software and they did not see that vulnerability which was used for distribution of fake wallet.

Let's put aside ignorance of users, they are the victims of their ignorance, but it all start with exploit in Electrum - saying that all blame is on users is not fair in my opinion.

I mean: we (as community) kept telling people that web wallets are not safe enough. But hot wallets can be a problem too.

I agree that there is a problem in fact most of us maybe create public opinion by saying "Do not use web wallets", and most users think desktop wallets are safe option. I am not sure is it more appropriate to direct users to hardware wallets, so far they are safe, but who can guarantee that this will be the case tomorrow or in a year?
legendary
Activity: 1624
Merit: 2481
August 23, 2019, 05:59:24 AM
#18
So we can say that users are guilty of becoming victims of phisning, and this is true - same as Electrum is guilty for served as the perfect platform for such an attack.

I don't feel like electrum is responsible for anything.

It is an open source wallet and everyone should use common sense when dealing with sensitive information (what private keys are).
You can't blame electrum for serving as a kind of platform to perform such attacks. You'd have to also make banks responsible for online-banking or check-fraud and the universities of the US for creating email - which is the most common 'platform' for phishing.

Just because someone offers a platform or technology, doesn't mean he is responsible for anything which happens with it.
You don't blame Satoshi for creating bitcoin and the involved crimes (blackmailing, money laundering, etc..), do you ? Or the Gov for their FIAT and the involved crimes (drug dealers and hitmen being paid with FIAT, etc..) ?
legendary
Activity: 3668
Merit: 6382
Looking for campaign manager? Contact icopress!
August 23, 2019, 04:27:10 AM
#17
So we can say that users are guilty of becoming victims of phisning, and this is true - same as Electrum is guilty for served as the perfect platform for such an attack.

Somehow I fear it's not emphasized enough that people should not keep big amounts of money in hot wallets, wallets that go online, even if that happens very seldom.
Just because all the bad things can happen, no matter whose fault is.

I mean: we (as community) kept telling people that web wallets are not safe enough. But hot wallets can be a problem too.
legendary
Activity: 3234
Merit: 5637
Blackjack.fun-Free Raffle-Join&Win $50🎲
August 23, 2019, 04:22:26 AM
#16
What is the point to talk to someone about something that is supposed to do long time ago? He is not first and certainly not the last person who will lose money in this way, this is unfortunately something that will happen for years to come. As I said before, there are those who open their wallets every one or two years, or in time when BTC price is going up - probably 8 of 10 will download that fake wallet.

There is no doubt that the main culprit in this story is Electrum developers who have not noticed this vulnerability, and in doing so they allowed some bad people to steal large quantities of BTC, and they will do that for years.

So we can say that users are guilty of becoming victims of phisning, and this is true - same as Electrum is guilty for served as the perfect platform for such an attack.
legendary
Activity: 2730
Merit: 7065
August 23, 2019, 03:45:02 AM
#15
The only mistake Electrum developers did was to allow servers to send those messages. But that mistake was realized and rectified in version 3.3.3.
It sucks to lose your money, I am sure. But this is 99% your fault. Nothing anyone says here can change the fact that your funds are gone.
I have been properly using Electrum for a long time and never had any problems. I also use cold storage options for the crypto that is worth saving.
newbie
Activity: 1
Merit: 0
August 23, 2019, 12:58:54 AM
#14
Sorry for your loss, these darn phishers seem to be getting away with a lot of stolen funds D:

If I may,  how much was lost?
legendary
Activity: 2268
Merit: 18771
August 22, 2019, 02:46:22 PM
#13
ok but my credit card has second security stage
And so do crypto exchanges, where many newbies store their coins. The whole point of bitcoin is to "be your own bank" and not have to rely on a third party to look after your coins for you. You have complete control over your own money, which is very powerful, but yes, also risky if you don't know what you are doing. If you weren't confident in your ability to securely hold your coins yourself, then you should either of spent more time reading and learning, or handed over your coins to someone else to look after on your behalf like you do with fiat and banks.

I just wanted to say people who created electrum should be more responsible for security as bitcoin is not protected at all.
Bitcoin is far more secure than fiat, provided you use software properly and properly secure your wallets. If you download a program and then ignore instructions and use it incorrectly, I'm afraid the fault is with you, not the developers.
newbie
Activity: 6
Merit: 0
August 22, 2019, 02:41:39 PM
#12
ok but my credit card has second security stage,limits etc and i never care about it althought never downloaded fake chromes. I just wanted to say people who created electrum should be more responsible for security as bitcoin is not protected at all.  Everything looks very tricky, you open your old version programm, it asks for the upgrade, of course how you can suspicious about that if you are an ordinary user who check your wallet once in 2 years and never sitting on forums. All you write here is true but it works only for very attentive people sitting here
legendary
Activity: 2268
Merit: 18771
August 22, 2019, 02:00:02 PM
#11
If you used Chrome to download a fake version of Chrome, installed it, opened it, used it for online shopping, and typed all your personal info and credit card details in to it, would it be Google's fault when your credit card gets cloned and used by someone else? If someone phones you up and tells you to transfer all your money to their bank account, and you do it, is it Apple's fault for providing you with a phone? The Electrum website quite clearly states right at the top "Do not download Electrum from another source than electrum.org, and learn to verify GPG signatures." If you ignore their clear instructions and do things they tell you not to do, then you can't hold them liable when things go wrong.

Software wallets, in particular mobile wallets, should never be considered truly safe anyway. If you wanted to protect your coins long term, then you should have invested in a hardware wallet or an airgapped machine.
legendary
Activity: 1624
Merit: 2481
August 22, 2019, 12:35:51 PM
#10
Of course it is electrum faullt, because software has holes. I opened original programm not fake and it adviced me to down load upgrade, my fault is only that i have not learnt all these information before.

A message from the electrum server you were connected to told you to update the software.

If you would have checked the link, you would have realized that it lead you to a fake website (or to github without any source code).
This, combined with the fact that you didn't verify the signature, lead to your funds being stolen by malware.



But how do i know if i open ORIGINAL SOFTWARE!?

As already mentioned, verify the signature before installing (as stated on the website).



Again, the software was installed very far before and would never use in future, the money was safe untill i open that programm

1) It was never very secured if you stored it on an online computer AND your mobile phone.

2) They got stolen once you downloaded and installed malware, electrum is not at fault.
newbie
Activity: 6
Merit: 0
August 22, 2019, 12:10:37 PM
#9
Yes i understand my fault that i should check signatures , download directly from the site and other blablabla. But where is assurance that in new version of software will not happen the same shit. I think that is partly developers fault that we lose our money.

The developers are at fault that you have fallen for a phishing message ?
It is stated on the website (and on this forum and almost everywhere on the internet) that you need to verify the signature to make sure you are using the original software.

I am sorry to say, but only you are at fault. No one else.


Of course it is electrum faullt, because software has holes. I opened original programm not fake and it adviced me to down load upgrade, my fault is only that i have not learnt all these information before. But how do i know if i open ORIGINAL SOFTWARE!?




I am absoultely lost, it was all my earnings  i accumulated , the sum is really big

So you were storing all of your coins on a wallet shared between your computer and your mobile phone ?

It seems you need to reconsider how you store your coins. Try to acquire knowledge regarding secure storage of sensitive information. This forum is a good place to do so.
If the sum was really big, why did you store it on a computer which is connected to the internet, shared with your mobile phone  Huh Why no hardware- or paper wallet ?


Again, the software was installed very far before and would never use in future, the money was safe untill i open that programm


who knows about that? 10% user who sitting on this forum? I am not a one ,try use google seach there are thousend victims!

Verifying the signature is common sense if you spend at least half an hour reading about securing funds.



I put m money on blockchaing and forgot about it , i am not sitting on forums


the same thing of course will not happen but the other one can happen easily. The product is raw and they are testing bugs by our money lost

Just read what the website says and follow. Verify the signature and don't click on any link you see. As easy as that.

legendary
Activity: 1624
Merit: 2481
August 22, 2019, 11:55:06 AM
#8
Yes i understand my fault that i should check signatures , download directly from the site and other blablabla. But where is assurance that in new version of software will not happen the same shit. I think that is partly developers fault that we lose our money.

The developers are at fault that you have fallen for a phishing message ?
It is stated on the website (and on this forum and almost everywhere on the internet) that you need to verify the signature to make sure you are using the original software.

I am sorry to say, but only you are at fault. No one else.



I am absoultely lost, it was all my earnings  i accumulated , the sum is really big

So you were storing all of your coins on a wallet shared between your computer and your mobile phone ?

It seems you need to reconsider how you store your coins. Try to acquire knowledge regarding secure storage of sensitive information. This forum is a good place to do so.
If the sum was really big, why did you store it on a computer which is connected to the internet, shared with your mobile phone  Huh Why no hardware- or paper wallet ?



who knows about that? 10% user who sitting on this forum? I am not a one ,try use google seach there are thousend victims!

Verifying the signature is common sense if you spend at least half an hour reading about securing funds.



the same thing of course will not happen but the other one can happen easily. The product is raw and they are testing bugs by our money lost

Just read what the website says and follow. Verify the signature and don't click on any link you see. As easy as that.
legendary
Activity: 2352
Merit: 6089
bitcoindata.science
August 22, 2019, 11:46:41 AM
#7
i always used apple app on my iphone, the thing was that i didn't know that electrum is still installed on my PC and linked to my wallet from the old times
That's not any better either.

Actually, sharing the same seed on two insecure environments will just double risk your funds....

Just buy a hardware wallet, or study good security practices like making an airgapped computer (there are also risks involved if you make a mistake or ignore some security recommendations).
newbie
Activity: 6
Merit: 0
August 22, 2019, 11:22:58 AM
#6
. I am absoultely lost, it was all my earnings  i accumulated , the sum is really big, the main idea now is to kill somebody who involved

You know deep inside that you should have never left such a really big amount in a desktop wallet. That you should have bought a hardware wallet.

Desktop Wallets in your daily PC are just for a few bucks. Buy a ledger or a trezor and never lose money again.

i always used apple app on my iphone, the thing was that i didn't know that electrum is still installed on my PC and linked to my wallet from the old times
legendary
Activity: 2352
Merit: 6089
bitcoindata.science
August 22, 2019, 11:11:36 AM
#5
. I am absoultely lost, it was all my earnings  i accumulated , the sum is really big, the main idea now is to kill somebody who involved

You know deep inside that you should have never left such a really big amount in a desktop wallet. That you should have bought a hardware wallet.

Desktop Wallets in your daily PC are just for a few bucks. Buy a ledger or a trezor and never lose money again.
legendary
Activity: 1876
Merit: 3139
August 22, 2019, 10:30:06 AM
#4
who knows about that? 10% user who sitting on this forum? I am not a one ,try use google seach there are thousend victims!

I am aware of that. Still, all of these users are at fault for not using the common sense. If you had looked at your address bar, you would have noticed that you were not on the official website. Everything that involves money should be proceeded with extreme caution. Do you check if you are on the correct website when logging in into your bank account? That's basically the same.
newbie
Activity: 6
Merit: 0
August 22, 2019, 10:25:37 AM
#3
But where is assurance that in new version of software will not happen the same shit.

The same thing won't happen again since it has been already fixed. Before the 3.3.3 update was released, Electrum had never notified users of available updates. You are the one at fault. No wallet is completely secure and bug-free.


who knows about that? 10% user who sitting on this forum? I am not a one ,try use google seach there are thousend victims!

the same thing of course will not happen but the other one can happen easily. The product is raw and they are testing bugs by our money lost
legendary
Activity: 1876
Merit: 3139
August 22, 2019, 10:17:25 AM
#2
But where is assurance that in new version of software will not happen the same shit.

The same thing won't happen again since it has been already fixed. Before the 3.3.3 update was released, Electrum had never notified users of available updates. You are the one at fault. No wallet is completely secure and bug-free.
newbie
Activity: 6
Merit: 0
August 22, 2019, 10:08:05 AM
#1
I have not used this wallet for years, i have alreay forgotten about it on my PC,at some moment i needed to pay some online service , it adviced me to pay via wallet and it showed up , the message occured with error then to uprgrade your old version, of course it is natural after to 2 years. Yes i understand my fault that i should check signatures , download directly from the site and other blablabla. But where is assurance that in new version of software will not happen the same shit. I think that is partly developers fault that we lose our money. I am absoultely lost, it was all my earnings  i accumulated , the sum is really big, the main idea now is to kill somebody who involved
Jump to: