Author

Topic: strange issue with electrum wallet (Read 286 times)

legendary
Activity: 3710
Merit: 1586
April 13, 2019, 05:28:25 AM
#14

I know electrum is under DDoS attack. But my issue is how come one address was wiped clean and not  others? I have checked all addresses on blockchain and so far their have funds in them. Just one has missing.

A wallet is more than one address. It consists of many addresses including change addresses. Electrum routinely sends money from address to address when you spend bitcoins. You may want to read up about change. So until and unless you sync your electrum wallet you won't see the whole picture. The current advice regarding that is to disable auto connect, pick one server and let it keep attempting to connect for a few minutes. If it doesn't work switch to another server. How to change servers is explained here.

Alternatively if you don't have the patience for this you can export your private keys via wallet > private keys > export and import them into a different wallet.
HCP
legendary
Activity: 2086
Merit: 4363
April 08, 2019, 09:43:51 PM
#13
I had a previous version of electrum and did a transaction. Same wallet is installed on two devices. Now the wallet dose not sync plus one of the addresses is empty( ON both devices it is not syncing).  When i check all addresses in the blockchain they have their required balances but one address has been cleaned out. And no I did not download from a suspicious site a new electrum wallet. But Did so from the official website. And If I had downloaded from a suspicious site my wallet would have been empty now. But ONLY one address has been cleaned out.
Have you actually verified the digital signatures of the wallet installer files? If you haven't, then you cannot be sure you did not download a malware version of the wallet... there are literally scores of posts in the Electrum from users who swear that they "downloaded only official Electrum" from "official website"... and then say they are running "latest version 4.0.0" Roll Eyes


Quote
I fail to understand how that can happen.
Without knowing the specifics, it could be one of several reasons:
- Hacker just took the largest amount, couldn't be bothered with your dust
- Your wallet wasn't created from a seed, and is a collection of individual private keys and only one of them has been compromised
- The coins in that address were simply used in a transaction that you forgot about, so were spent by you, but that transaction doesn't show up in your wallet because it won't sync

I'd recommend:
1. Verify the digital signatures of your Electrum installer
2. Try manually switching servers in Electrum until you find one you can connect to and sync your wallet... until it's synced properly, it will probably be very difficult to figure out what exactly has happened.
hero member
Activity: 2870
Merit: 594
April 08, 2019, 09:37:56 PM
#12
It's probably that the hacker hasn't realized that you have another wallet with funds in it explained by @AdolfinWolf.

If I'm it your shoes, better move for funds somewhere otherwise it's possible that the hackers could swept that one out. Electrum has been heavy attacks from hackers now so just be careful and keep your funds safe.
hero member
Activity: 1806
Merit: 672
April 08, 2019, 03:21:54 PM
#11
I don't know the whole story is but maybe one of your wallet address's private key has been obtained by a hacker that is why only one of your wallet has been cleaned out. Where do you store you private keys are as if it is just in your desktop or on the web there is a strong chance that some hacker have obtained it. After you have confirmed that one of your wallet has been cleaned out my advice is to follow what AdolfinWolf has said and transfer out your funds to another clean wallet, its your only way of preventing anymore losses at that point.
legendary
Activity: 1946
Merit: 1427
April 08, 2019, 09:20:19 AM
#10
I understand that fully also. But why only one address. What about the other addresses why they still intact.. As private key is for all addresses and not just one address.

Hm. The only mistake in this is that's the one seed for all addresses, not private key.
Since you have made a transaction, that transaction have sent the "change" to another of your addresses. May this be the problem? However, I am getting out of ideas...
This is most likely what happend, when you make a transaction, your entire balance is spend (& send to a change adress, as Neurotic mentioned).


or the attacker simply hasn't realized yet that your other adresses also hold funds.

If you really think you got hacked, RATTED, or phished, best practice is to move the remainder of your funds to a clean wallet ASAP. (Might be smart to create the wallet on  another device, as by the looks of it, your current one might be compromised.)


I have to say though, it's unlikely for a single adress to be compromised. It's either your entire wallet that's been hacked, or nothing in 99.9% of the cases.
sr. member
Activity: 770
Merit: 268
April 08, 2019, 09:17:26 AM
#9
As private key is for all addresses and not just one address.

can you post your address? not sure about the full details of your story but it seems one of your address that was derived from your seed was emptied. one reason is maybe it was used as an input for your transaction as neurotic suggest. but can't say for sure as it is still unclear to me.
legendary
Activity: 3668
Merit: 6382
Looking for campaign manager? Contact icopress!
April 08, 2019, 08:42:57 AM
#8
I understand that fully also. But why only one address. What about the other addresses why they still intact.. As private key is for all addresses and not just one address.

Hm. The only mistake in this is that's the one seed for all addresses, not private key.
Since you have made a transaction, that transaction have sent the "change" to another of your addresses. May this be the problem? However, I am getting out of ideas...
newbie
Activity: 4
Merit: 0
April 08, 2019, 08:38:28 AM
#7
Strange as to how someone can take funds out of one address in wallet and others he could not. I can't seem to find explanation for it.

The funds are not in the wallet. The wallet is only a tool. The coins are only on the blockchain.
Whoever has the private key can spend the coins. No need for your wallet for that.


I understand that fully also. But why only one address. What about the other addresses why they still intact.. As private key is for all addresses and not just one address.
legendary
Activity: 3668
Merit: 6382
Looking for campaign manager? Contact icopress!
April 08, 2019, 08:35:06 AM
#6
Strange as to how someone can take funds out of one address in wallet and others he could not. I can't seem to find explanation for it.

The funds are not in the wallet. The wallet is only a tool. The coins are only on the blockchain.
Whoever has the private key can spend the coins. No need for your wallet for that.
newbie
Activity: 4
Merit: 0
April 08, 2019, 08:27:13 AM
#5
I know electrum is under DDoS attack. But my issue is how come one address was wiped clean and not  others? I have checked all addresses on blockchain and so far their have funds in them. Just one has missing.

Maybe I'm wrong, but since Electrum relies on its servers to get your updated info, I'd guess that it managed to get correct info when ran from one device and didn't get the info on the other device.
Since I don't know which of the two is correct, I'd get the "culprit" addresses and check them on a block explorer, like https://chain.so/address/BTC/whatever_your_address_is

On both devices it is not syncing. So I did find out about missing coins from that address via blockchain explorer. Since on both devices it is not syncing so balances are before this issue happened but when checked on blockchain one address has been wiped clean. This is a bit perturbing. Strange as to how someone can take funds out of one address in wallet and others he could not. I can't seem to find explanation for it.
legendary
Activity: 3668
Merit: 6382
Looking for campaign manager? Contact icopress!
April 08, 2019, 08:14:39 AM
#4
I know electrum is under DDoS attack. But my issue is how come one address was wiped clean and not  others? I have checked all addresses on blockchain and so far their have funds in them. Just one has missing.

Maybe I'm wrong, but since Electrum relies on its servers to get your updated info, I'd guess that it managed to get correct info when ran from one device and didn't get the info on the other device.
Since I don't know which of the two is correct, I'd get the "culprit" addresses and check them on a block explorer, like https://chain.so/address/BTC/whatever_your_address_is
newbie
Activity: 4
Merit: 0
April 08, 2019, 08:00:40 AM
#3
I fail to understand how that can happen.

Electrum servers are under heavy DDoS attack, so most probably your clients couldn't connect to a working server.
You better check your funds for now at a block explorer, where you only need your address.


Edit: official announcement: https://twitter.com/ElectrumWallet/status/1114987055736655873


I know electrum is under DDoS attack. But my issue is how come one address was wiped clean and not  others? I have checked all addresses on blockchain and so far their have funds in them. Just one has missing.
legendary
Activity: 3668
Merit: 6382
Looking for campaign manager? Contact icopress!
April 08, 2019, 07:56:33 AM
#2
I fail to understand how that can happen.

Electrum servers are under heavy DDoS attack, so most probably your clients couldn't connect to a working server.
You better check your funds for now at a block explorer, where you only need your address.


Edit: official announcement: https://twitter.com/ElectrumWallet/status/1114987055736655873
newbie
Activity: 4
Merit: 0
April 08, 2019, 07:52:49 AM
#1
I had a previous version of electrum and did a transaction. Same wallet is installed on two devices. Now the wallet dose not sync plus one of the addresses is empty( ON both devices it is not syncing).  When i check all addresses in the blockchain they have their required balances but one address has been cleaned out. And no I did not download from a suspicious site a new electrum wallet. But Did so from the official website. And If I had downloaded from a suspicious site my wallet would have been empty now. But ONLY one address has been cleaned out. I fail to understand how that can happen.
Jump to: