Topic: [SERIOUS PROBLEM!] I recieve bitcoins, it is automatically sent somewhere else (Read 27689 times)

Diagonal reading, ya know?

He can say the private key(s) never leaked, but that's only as far as he knows...
I still say the private key was imported at mtgox. Into whose account? Who knows...

That's a really good question.  I wish I would have thought to ask it.  

12 seconds between received and sent makes me suspect the private key for that address was imported at a mtgox account and now it automatically sweeps funds on arrival.
OP, do you have a mtgox account and imported the private key there by any chance?

Tell me, how did you get the private key?  How did you download it from blockchain.info?  email, http or https?

Shawn Pringle

I do have the Private Key.

That is impossible, you do not get a private key.

The address I am talking about that is forwarding all the transactions was generated using Blockchain.info itself.

That means, you wanna say that blockchain.info gave 2 people the same address?? How can they do such a big fault?

No.

First thing that came to mind.

https://blockchain.info/api/api_receive


Did someone create a forwarding address and you're using that address as your main wallet?

Have you logged into your blockchain wallet from any computer other than yours?

1. Blockchain.info
2. No
3. No
4. Yes, but trusted from my friends
5. No

A few things have me curious:

• What wallet are you using? (MultiBit, Electrum, Bitcoin-Qt, etc.)
• Have you ever imported any private keys into your wallet from anywhere? (Vanity address, paper wallet, Cascius coin, received key from someone, etc)
• Have you ever imported any private keys into any service anywhere? (MtGox key import, etc)
• Have you run any software on your computer acquired via filesharing?
• Do you store a backup of your wallet anywhere on the internet?(Google Drive, Drop Box, etc)

I don't think there is a key logger on my PC, nor Trojan/virus.

I use Bitdefender Windows 8 Security (same as Internet Security). Pretty much safe, it is.

Probably or a rat.

OP check link in my signature to stay safe and secure your pc and as other peoples suggested, move your bitcoins to other wallet using some other pc and then scan your computer for infections.

key logger?

I won't use those addresses ever again!

You can spend transactions when they have 0 confirmations. Your wallet has been compromised, you shouldn't use those addresses ever again as this is what will happen every time.

Have a look at this address, it has only 2 transactions. One in and one out.

https://blockchain.info/address/15gbn4qwsHURFUwczsssdMj5u5sfaL4kVv

Stunna sent me 0.05 BTC to this address (which was my previous donation address) and then I saw this happen. The time between received and sent is just 12 seconds!! No more than 1 confirmation happened at that time!

https://bitcointalksearch.org/topic/m.2207807

What is happening? Please tell me!

What the?  That's a lot of gibberish and false information.  I can't tell if you are intentionally trying to cause confusion or if you just have no idea what you're talking about.

That works in reverse too...

If, for some reason, your transaction was "sent" to another location, via a fake block... then when that invalid block is removed, your "real balance" will indicate the "restored missing coins". (Once that orphaned fake block is defeated by a real block, on that HAS the actual 6+ ->  120 confirmations.)

Stop trying to micromanage your blocks and wallets. You are watching it too closely.

Get an offline wallet, and use it only once, (encrypted first), and deposit all your transactions to that wallet, from your online wallet.

Also, change your password for your email/account, from a computer that is NOT the one you are using now. Just incase, for some odd reason, you are infected with a key-logger or monitoring virtual-machine, or someone is reading your COPY-PASTE from your mouse when you visit some website. (EG, when you copy/paste your passwords, that is a big No-No!)

It can not be moved with only 1 confirmation. Either the transaction was invalid, and from an orphaned block, due to it being fake... and returned back to the sender, or deleted if a double-spend... or you are not seeing that it actually had 6 actual confirms.

I can hack a block and it would show in your wallet... for at-least one-confirm... but as soon as the system sees it is fake, it removes it. Thus, it never made it past 6 confirms.

Where is this money coming from? The money you are seeing entering your wallet? If you are placing it there, then you should be worried. If this is from some automated payment system, you need to contact them to let them know the payments are not going through.

How does anyone see when you have money in there... simple... they just look at the block-info that you see. It is on everyones computer, and on that site, for the world to see.

Again... BTC can NOT be withdrawn by ANYONE if it was not validated (6+ confirms), unless a whole branch of fake transactions occurred on a block that was recently thrown-out, due to being invalid. (Thus, it was never your BTC to begin with. Thus, not a loss.)

If this was payment for something, you should wait for over 30 confirms... (120 to be realistic), before "accepting it as valid". People use double-spends and hacked blocks to fool automated systems. Those transactions do not survive 120+ confirms, unless a 51% attack is successful. No-one has 51% of the mining market.

Before you move.. format your PC. Take your docs, jpgs, etc, run them through a virus scan, etc.

Yes, I am moving..

Nobody can tell you exactly what's happened because we don't know. All we can tell you is that it sounds as if your wallet has been compromised, and some or all of your private keys have been stolen. So if you don't want to lose any more coins, move them now.

You need to make a NEW wallet on Blockchain.info right now on a different PC and transfer in the funds. You cannot use the BTC addresses in your old wallet ever again as the hacker can use them, no matter what, even you if change your passwords.

The hacker has a copy of your wallet, he has an application on his computer that will auto-send any fund you receive to that wallet to another address that he controls.

He probably has an old copy of the wallet which is missing some of your newer addresses.

Can just someone tell me how the hacker checks for incoming transaction and sends it as soon as it gets 1 confirmation??

Also, its happening only on some addresses in the wallet.

Yes, but your wallet is compromised. Make a new one.

I am already on Blockchain.info (which I think you were referring by saying BC.info)

Yeah, create a new blockchain.info wallet securely. Also, if your wallet has been hacked and someone has access to your private keys then move whatever BTC you have in that wallet immediately

We're not psychic, how would we know if someone stole your private key?

What I can tell you is the TX was probably created with a wallet other than Blockchain.info which most likely means they have a copy of your wallet file.

Double password is useless if they already have an unencrypted copy of your wallet file (which they probably do). Transfer the BTC to a new wallet immediately!

The most secure online wallet is BC.info as its the only where you retain control of your private keys.

I suggest you use a different PC in case it is infected and create a new BC.info wallet and transfer your BTC there.

Please suggest me some SUPER-SECURE wallet. (Online only - coz I have slow internet speeds)

Stop using that wallet

Please tell me if the Private Key of this address is known? https://blockchain.info/address/15gbn4qwsHURFUwczsssdMj5u5sfaL4kVv

This was the latest such type of transaction from my account:
https://blockchain.info/tx/9488358df00c550a53170e7da0b4c88bad95684168d79870c61f4b24df6a7831

Is it possible to check if the account was accessed from API??

Yes it is probably hacked!

But one more point is that, not ALL the bitcoins are transferred. I still have 1. remaining...


I have now enabled double password in My Wallet.

Your wallet has probably been hacked.

they must have your private key and use blockchain.info api from somewhere, is it possibile?
do you have pin or google authentication enabled?

I have my wallet located on Blockchain.info MyWallet.

Whenever I receive any amount of bitcoins, they are sent to some other addess which I DONT OWN!!

I have so far lost 1.75 BTC because of this!!

PLEASE HELP!!!