The second output is most likely your change address which belongs to you.
Topic: Official site download hacked? (Read 181 times)
Wait... You mean that your Ledger said confirm output #1 and then confirm output #2 right?
It wasn't attempting to create two completely separate transactions, it was two outputs in the same transaction right?
The output#2 will be your change! You need to update the firmware on your Ledger to stop this "confirm output #2" behaviour...
It's an old "bug" that got patched already: https://www.reddit.com/r/ledgerwallet/comments/6wws8e/comfirm_output_2/
It wasn't attempting to create two completely separate transactions, it was two outputs in the same transaction right?
The output#2 will be your change! You need to update the firmware on your Ledger to stop this "confirm output #2" behaviour...
It's an old "bug" that got patched already: https://www.reddit.com/r/ledgerwallet/comments/6wws8e/comfirm_output_2/
This thread illustrates why we "preach" its far better to do a gpg verification of a file download. For some reason many users resist using gpg verify instead of a simple sha256sum. I can gpg verify Electrum downloads in seconds and its POSITIVE verification. With coins closing in on $18,000.00 per coin who would seriously shortcut this process? You should take out your Hardware Wallet and give it a kiss because it just saved your A@@!
How did you check the signature? Recently there was a thread about bad signature for standalone app and we've discussed signature verfication and SHA256 of 3.0.3 standalone exe:
https://bitcointalksearch.org/topic/bad-signature-for-electrum-303-2591110
Me and other user verified the signature for the file with this SHA256: ef5f4bcbb19901bebca743323ae7af48fc349837fcf6a09f9a861c18ff8dbe13
Your hash doesn't match that, so you probably have a malicious client. Can you check and post here the SSL sertificate of the site you have downloaded Electrum from? And check your PC with antiviruses, may you have a trojan that tricks your browser into believing that attacker's site is legit.
https://bitcointalksearch.org/topic/bad-signature-for-electrum-303-2591110
Me and other user verified the signature for the file with this SHA256: ef5f4bcbb19901bebca743323ae7af48fc349837fcf6a09f9a861c18ff8dbe13
Your hash doesn't match that, so you probably have a malicious client. Can you check and post here the SSL sertificate of the site you have downloaded Electrum from? And check your PC with antiviruses, may you have a trojan that tricks your browser into believing that attacker's site is legit.
seems here the same https://bitcointalksearch.org/topic/m.26440181
This is the transaction it tried to execute:
1N4NYM5K271f7Sj8AGMVtm3VBndUReVF29 50.
1BKkrKydvsNCv64vxNZhqFv6KueLnH4Nkf 285.181
the 50 mBTC is the one I am transferring, the 2nd one is not good and not entered by me
This is the transaction it tried to execute:
1N4NYM5K271f7Sj8AGMVtm3VBndUReVF29 50.
1BKkrKydvsNCv64vxNZhqFv6KueLnH4Nkf 285.181
the 50 mBTC is the one I am transferring, the 2nd one is not good and not entered by me
Hi,
i just downloaded Standalone Executable from the regular site. When making transaction with my hardware ledger wallet I saw that it tried to execute 2 transactions
First one was right, 2nd one was sending 0.2 BTC to an address that I did not specify
When checking the signature of the Standalone Executable, it seems to check out
This does not seem right
SHA256:
f030699fe93e38d882c0734664207000756a32d0606ed714473f2f29e8156a31 C:/PortableApps/electrum/electrum-3.0.3.exe
Where can I find the correct SHA code
i just downloaded Standalone Executable from the regular site. When making transaction with my hardware ledger wallet I saw that it tried to execute 2 transactions
First one was right, 2nd one was sending 0.2 BTC to an address that I did not specify
When checking the signature of the Standalone Executable, it seems to check out
This does not seem right
SHA256:
f030699fe93e38d882c0734664207000756a32d0606ed714473f2f29e8156a31 C:/PortableApps/electrum/electrum-3.0.3.exe
Where can I find the correct SHA code
The SHA code should be on the electrum.org website and on the github accounts of all the devs.
Also, if you have antivirus, try running that and see if it flags anything but electrum (as it'll flag electrum normally). It's quite lucky you're using a hardware wallet. I'm sure others have lost to this same thing and have had no request to confirm from the hardware device.
Hi,
i just downloaded Standalone Executable from the regular site. When making transaction with my hardware ledger wallet I saw that it tried to execute 2 transactions
First one was right, 2nd one was sending 0.2 BTC to an address that I did not specify
When checking the signature of the Standalone Executable, it seems to check out
This does not seem right
SHA256:
f030699fe93e38d882c0734664207000756a32d0606ed714473f2f29e8156a31 C:/PortableApps/electrum/electrum-3.0.3.exe
Where can I find the correct SHA code
i just downloaded Standalone Executable from the regular site. When making transaction with my hardware ledger wallet I saw that it tried to execute 2 transactions
First one was right, 2nd one was sending 0.2 BTC to an address that I did not specify
When checking the signature of the Standalone Executable, it seems to check out
This does not seem right
SHA256:
f030699fe93e38d882c0734664207000756a32d0606ed714473f2f29e8156a31 C:/PortableApps/electrum/electrum-3.0.3.exe
Where can I find the correct SHA code
Jump to: