Pages:
Author

Topic: Thought one of my online wallets was hacked and robbed (Read 395 times)

hero member
Activity: 1554
Merit: 880
pxzone.online
If you mind, what version of electrum did you installed on your device? This is because there are compromised version of electrum that were used for phishing. Anyway, seems the timeline doesn't match, so its unlikely that it is the case, but not impossible to happen. On the other hand, it is probably you used a compromised device that a hacker did get access your funds OR you accidentally save the seed then someone got an access to it and lastly, it's an inside job which is little to zero chance that might happen.
full member
Activity: 2324
Merit: 175


And all possibly true, but the one really odd thing is that I have four Blockchain.com wallets, three of them had small sums in and I just used them to play about with a few things without risking my main wallet which I do not go near, none of them are linked in anyway I might add.

Funny how they went straight to the one and only well paying Blockchain wallet without even touching the other three which I never gave a shit about and had little security.

Was talking to a pretty clued up programmer this weekend in Cambridge who plays about with crypto, his money is someone working at or connected with blockchain.com

You can forget about blockchain because you are not the only one with a bad experience using it, it could be an inside job or there is a security loophole in your computer that has been tracing all your activities, the hackers will target wallets with a huge amount of money on it what AV are you using and are they premium AV, hackers are very active now because of the popularity of Cryptocurrency where the holder is the only one responsible on how he secures his funds, without proper knowledge he is an easy target.
hero member
Activity: 2366
Merit: 793
Bitcoin = Financial freedom
First of all its kind of confusing after reading the OP that whether he is talking about butcoin or ETH but at some place he mentioned he tried to import the seeds to Electrum but not happy with the user experience do he moved back to blockchain and used it for storing but at the end he said ETH left in that wallet increasing in Fiat value.

Electrum doesn't have a wallet for ETH so make it clear what sre we talking about and next thing why do you still kept the €65 or whatever left in that wallet because you know its already in control of someone so pull everything out to new non custodial wallet as soon as possible.
legendary
Activity: 2170
Merit: 1789
Funny how they went straight to the one and only well paying Blockchain wallet without even touching the other three which I never gave a shit about and had little security.
I think it is fair to assume that all of your wallets are compromised if at some point you accessed them from the same device. Better move all of your funds to a new wallet asap, better to be safe than sorry. Make sure you use a secure device or at least reinstall your system. We probably won't be able to find out how exactly they got your wallet, just make sure you don't rely on centralized service in the future and improve your security practices even if you feel you're doing it pretty well already.
newbie
Activity: 60
Merit: 0
You definitely have a huge security hole!
I advise you to reinstall Windows, after saving all the data.
Install a new clean Legal version.
Install Kaspersky Anti-virus on it.
Check all the extensions in google chrome. Malicious ones are sometimes found among them.
Store passwords on a USB flash drive and not on a computer.
Get new wallets and change passwords everywhere.
I think your whole system is compromised.

Thanks

And all possibly true, but the one really odd thing is that I have four Blockchain.com wallets, three of them had small sums in and I just used them to play about with a few things without risking my main wallet which I do not go near, none of them are linked in anyway I might add.

Funny how they went straight to the one and only well paying Blockchain wallet without even touching the other three which I never gave a shit about and had little security.

Was talking to a pretty clued up programmer this weekend in Cambridge who plays about with crypto, his money is someone working at or connected with blockchain.com
hero member
Activity: 1470
Merit: 790
ARTS & Crypto
You definitely have a huge security hole!
I advise you to reinstall Windows, after saving all the data.
Install a new clean Legal version.
Install Kaspersky Anti-virus on it.
Check all the extensions in google chrome. Malicious ones are sometimes found among them.
Store passwords on a USB flash drive and not on a computer.
Get new wallets and change passwords everywhere.
I think your whole system is compromised.
legendary
Activity: 1848
Merit: 1982
Fully Regulated Crypto Casino
Some platforms are less strict about 2fa as they only ask for an email or phone number to verify.

This is the case with them, see: https://support.blockchain.com/hc/en-us/articles/360000286426-How-do-I-disable-two-step-verification-2FA-
Too bad, another negative point added to web wallets, at the same time proves the fact that "Not Your Keys, Not Your Coins".

However, we can clearly see from these instructions in the link above that in order to disable 2FA you must have a "wallet identifier and the email address associated with your wallet". This means:

The person who managed to disable 2FA has this information, so it is either a hacker who managed to hack your device and access your data or someone very close to you who can access this data.
hero member
Activity: 2786
Merit: 902
yesssir! 🫡
There is one way to stop 2fa as far as I know, is by contacting wallet support where you tell them that you have lost access to 2fa and they do some questions including information from your account to know that you are the actual account holder, such as the amount of assets you have in your wallet and also the date of the last deposit or withdrawal and such Things, if you pass the questions successfully they will deactivate your 2fa so you can activate it again.

I don't think that's how it work with their private key wallets because that would be against what they claim:

Some platforms are less strict about 2fa as they only ask for an email or phone number to verify.

This is the case with them, see: https://support.blockchain.com/hc/en-us/articles/360000286426-How-do-I-disable-two-step-verification-2FA-
legendary
Activity: 1848
Merit: 1982
Fully Regulated Crypto Casino
For the first 4 days that was the biggest one with me and maybe still is as to how my 2fa could be switched off, they would first need to get around my 2fa to switch 2fa off if you get my meaning.
There is one way to stop 2fa as far as I know, is by contacting wallet support where you tell them that you have lost access to 2fa and they do some questions including information from your account to know that you are the actual account holder, such as the amount of assets you have in your wallet and also the date of the last deposit or withdrawal and such Things, if you pass the questions successfully they will deactivate your 2fa so you can activate it again.

Some platforms are less strict about 2fa as they only ask for an email or phone number to verify.

In any case, the person who hacked your account must have sufficient information about your account as well as your email and phone, so it is likely that your device is hacked and the hacker has all the information required to cancel 2fa.
legendary
Activity: 3374
Merit: 3095
Playbet.io - Crypto Casino and Sportsbook
I think I get what you are saying, and I did create a wallet with electrum, I am looking at it right now and it the password to get into it is encrypted and it is called a default wallet(standard).

So are you saying that was not secure enough?, at the time everyone highly recommended it to me for safety

I never had any issues using Electrum for many years and yes it is secure but it depends on how you protect your wallet if you can learn how to make an Electrum cold wallet this is safer than installing Electrum on an online PC.

Or you can buy a hardware wallet like Ledger nano if you don't feel safe using Electrum but I use Electrum for almost 9 years and no one yet could steal my Bitcoin even if it's always connected to the internet. Just always make sure your PC is clean and I use Kaspersky to protect my PC from malware, keylogger, and viruses I use Kaspersky since 2011 and until now it save me from any attacks.

And about your 2FA on blockchain, you can reset/disable 2FA if you know your Email and wallet identifier. What I guess is that someone knows about your wallet identifier and someone has access to your email because you will receive an email from blockchain if you want to approve the reset/disable or not.
What I think is if you sell a personal phone or laptop to someone where your email still login? if not, then possible your PC is infected with keyloggers or you have been phished before and use the same password for your email.
legendary
Activity: 3234
Merit: 5637
Blackjack.fun-Free Raffle-Join&Win $50🎲
~snip~
But I never typed it in anywhere except my electrum wallet

If you did it during 2021 and you literally copied your seed from the blockchain wallet to Electrum and protected the same wallet with a strong password, then it is unlikely that someone hacked you with the help of a seed. The only thing that comes to mind is that maybe you did a malicious Electrum upgrade, although you didn't mention it.



So are you saying that was not secure enough?, at the time everyone highly recommended it to me for safety

The very fact that you had 2 wallets with the same seed means that you were exposed to a double risk, although an online wallet is always a much higher risk due to phishing, hot desktop/mobile are also not immune to a malicious wallet upgrade that gives the hacker complete control over your coins.

We have all been warned about such things, the only question is who received this information and how seriously they took it.

Electrum vulnerability allows arbitrary messages, phishing
Reminder: do not keep your money in online accounts
legendary
Activity: 2380
Merit: 5213
So are you saying that was not secure enough?, at the time everyone highly recommended it to me for safety
Electrum itself is secure enough. Your wallet is now as secure as your device. It's possible that your device will be infected with a malware and you lose your bitcoin.
As I said in my previous post, if you want your wallet to be 100% secure, it's recommended to create the wallet on an air-gapped device. This means that you should generate your wallet on a device which has been always offline and will be never online.
newbie
Activity: 60
Merit: 0
The only information(not shared though) was when I attempted to use my seed phrase in Electrum to import my Bitcoin which was then classed as a very secure wallet and the only place ever I attempted to use it because back in 2021 thousands of us panicked when we thought blockchain had screwed up.
With importing your seed phrase into electrum, you created the same wallet in electrum, but the fund was still in the wallet generated by blockchain.com and you didn't increase your security.
The right thing to do was to create a new wallet in electrum and send all the fund to that.

If you want your fund to be completely secure in the future, you should create your wallet on an air-gapped device or use a hardware wallet. Take note that any online wallet is prone to hacking.

I think I get what you are saying, and I did create a wallet with electrum, I am looking at it right now and it the password to get into it is encrypted and it is called a default wallet(standard).

So are you saying that was not secure enough?, at the time everyone highly recommended it to me for safety
legendary
Activity: 2380
Merit: 5213
The only information(not shared though) was when I attempted to use my seed phrase in Electrum to import my Bitcoin which was then classed as a very secure wallet and the only place ever I attempted to use it because back in 2021 thousands of us panicked when we thought blockchain had screwed up.
With importing your seed phrase into electrum, you created the same wallet in electrum, but the fund was still in the wallet generated by blockchain.com and you didn't increase your security.
The right thing to do was to create a new wallet in electrum and send all the fund to that.

If you want your fund to be completely secure in the future, you should create your wallet on an air-gapped device or use a hardware wallet. Take note that any online wallet is prone to hacking.
hero member
Activity: 2786
Merit: 902
yesssir! 🫡
I am just wondering if the 2fa would automatically be switched off if someone used the seed phrase because then it would not really matter, when you have the seed phrase all the security  no longer matters

The 2fa is only on your blockchain.com account which means if someone sweeps/import your seed using a compatible wallet like electrum, they don't need the 2fa anymore. Also, worth nothing that your 2fa should remain intact even if the hacker used this method to drain your funds. This is why I think the perp had to disable your 2fa to access your wallet which means they didn't have your seed at that time.
newbie
Activity: 60
Merit: 0
Are you sure the email was sent from blockchain.com? Are you sure the fund was stolen before opening the email? Maybe, that was a phishing email. (This is just a guess)
How did you login to your blockchain.com account after seeing that email? Did you go to blockchain.com as before or you clicked on a link sent via email?

I fully am conscious of that happening and it was a text that contacted me and I never replied to it anyway, it just prompted me to log on with a different laptop to see what was going on, but the text was genuine regardless and anyway the money had left my wallet as a slept 6 hours earlier.



According to your story, my friend, it's obvious that a hacker got into your blockchain.com account, that's because your 2FA is disabled on this platform, that's why you should be surprised. And you don't seem to be aware of this matter because you don't know. There is a lack of experience here in the crypto industry.

           And you're right, this is a lesson learned from you, my friend, and you did the right thing now that you're using Electrum, as long as you always update electrum when you see my new version because if you don't update it, the electrum wallet can be compromised when the hacker sees or peeks at it.

No, that is not right, my 2fa was always turned on for extra security, this is one of my main points if you read my posts fully is how was it switched off because it was not me, that was my trigger when  I found out



Also don't think op's seed was exposed/or it came from electrum because there would be no need for the hacker to disable blockchain.com's 2fa... As pointed above, it's pretty easy if you have access to the email account: you just need to approve the email request and your 2fa is gone. I think you can try to request account logs to blockchain.com, it's likely that they deleted corresponding emails.

Whatever the case, you should drop blockchain.com. Even for small amounts, there are better ones out there.

I am just wondering if the 2fa would automatically be switched off if someone used the seed phrase because then it would not really matter, when you have the seed phrase all the security  no longer matters



For the first 4 days that was the biggest one with me and maybe still is as to how my 2fa could be switched off, they would first need to get around my 2fa to switch 2fa off if you get my meaning.

If you search a bit online you will very easily find a lot of information on how to hack/bypass 2FA, so although I'm not claiming that it happened to you, you have to admit that someone managed to find a way to disable your 2FA protection - here's an example of how it can be done, and keep in mind that the article is from 2018.

The reason I mentioned the £23, £46 and £65 sums is that it could have been a sign that blockchain.com's software had screwed up.

Very easily possible, because I also used that service in the past and I encountered all kinds of situations, even with incorrect balances.

But I have to admit now the biggest clue is the Electrum thing, only 6 items logged in it's entire 2 year history and they happened within minutes of my money vanish in blockchain, but what is the connection, nobody can give me an answer


.

From your introductory post, we can conclude that you had certain problems with blockchain.com around 2021 and then you decided to install Electrum - and then I assume you used the option to enter your seed from blockchain (or maybe you just import your BTC addresses and created a watch-only wallet)  - do you remember if you did that? This would explain the fact that you see identical outgoing transactions in Electrum and blockchain.com - because they both share the same seed, that is, the same addresses/private keys.

If what I wrote is correct, then the only question is whether you left that seed unprotected in any form and someone managed to get hold of it - or are you a victim of some other exploit that exists on blockchain.com.

It probably has nothing to do with your case - but it reminded me of something from the past -> Blockchain.com scam - lost funds

Interesting points and at least someone who is asking the same questions as me.

You have to just trust me in that nobody gets anything out of me in anyway when it comes to Bitcoin, I am that bad that I am reluctant  to even tell people I have it.
The only information(not shared though) was when I attempted to use my seed phrase in Electrum to import my Bitcoin which was then classed as a very secure wallet and the only place ever I attempted to use it because back in 2021 thousands of us panicked when we thought blockchain had screwed up.

But I never typed it in anywhere except my electrum wallet


[moderator's note: consecutive posts merged]
legendary
Activity: 3234
Merit: 5637
Blackjack.fun-Free Raffle-Join&Win $50🎲
For the first 4 days that was the biggest one with me and maybe still is as to how my 2fa could be switched off, they would first need to get around my 2fa to switch 2fa off if you get my meaning.

If you search a bit online you will very easily find a lot of information on how to hack/bypass 2FA, so although I'm not claiming that it happened to you, you have to admit that someone managed to find a way to disable your 2FA protection - here's an example of how it can be done, and keep in mind that the article is from 2018.

The reason I mentioned the £23, £46 and £65 sums is that it could have been a sign that blockchain.com's software had screwed up.

Very easily possible, because I also used that service in the past and I encountered all kinds of situations, even with incorrect balances.

But I have to admit now the biggest clue is the Electrum thing, only 6 items logged in it's entire 2 year history and they happened within minutes of my money vanish in blockchain, but what is the connection, nobody can give me an answer

From your introductory post, we can conclude that you had certain problems with blockchain.com around 2021 and then you decided to install Electrum - and then I assume you used the option to enter your seed from blockchain (or maybe you just import your BTC addresses and created a watch-only wallet)  - do you remember if you did that? This would explain the fact that you see identical outgoing transactions in Electrum and blockchain.com - because they both share the same seed, that is, the same addresses/private keys.

If what I wrote is correct, then the only question is whether you left that seed unprotected in any form and someone managed to get hold of it - or are you a victim of some other exploit that exists on blockchain.com.

It probably has nothing to do with your case - but it reminded me of something from the past -> Blockchain.com scam - lost funds
legendary
Activity: 2380
Merit: 5213
Are you sure the email was sent from blockchain.com? Are you sure the fund was stolen before opening the email? Maybe, that was a phishing email. (This is just a guess)
How did you login to your blockchain.com account after seeing that email? Did you go to blockchain.com as before or you clicked on a link sent via email?
newbie
Activity: 60
Merit: 0
Look, lets start from scratch in a clear set of sequences as to what happened to me but because as helpful as so many people are many just do not read opening posts and just blurt out anything that is not relevant to my question, and bare in mind as clear as I have made it that it is probably something dumb that I have done, hands up. But I am still  eager to know and as a learning curve want to know where it was that I was compromised.

You explained yourself very well but don't be surprised at unrelated responses because many people do not read posts, especially when it appears to be somewhat long. What they do is to base their response from the response of the last person that commented on the post.
Where I am confused is how 2fa verification was cancelled even before logging in. Because it will require 2fa verification to login.
I am not sure you use your laptop/phone only you. What happens is a sign that someone gained an ample access to your wallet.
For the remnant moving from £23 to £43 and £65. Could that not be volatility? I am surprised that the market has not moved to make such a huge profit

For the first 4 days that was the biggest one with me and maybe still is as to how my 2fa could be switched off, they would first need to get around my 2fa to switch 2fa off if you get my meaning.

The reason I mentioned the £23, £46 and £65 sums is that it could have been a sign that blockchain.com's software had screwed up.

But I have to admit now the biggest clue is the Electrum thing, only 6 items logged in it's entire 2 year history and they happened within minutes of my money vanish in blockchain, but what is the connection, nobody can give me an answer
hero member
Activity: 2786
Merit: 902
yesssir! 🫡
Also don't think op's seed was exposed/or it came from electrum because there would be no need for the hacker to disable blockchain.com's 2fa... As pointed above, it's pretty easy if you have access to the email account: you just need to approve the email request and your 2fa is gone. I think you can try to request account logs to blockchain.com, it's likely that they deleted corresponding emails.

Whatever the case, you should drop blockchain.com. Even for small amounts, there are better ones out there.
Pages:
Jump to: