Pages:
Author

Topic: Transaction not desired with all my bitcion (Read 443 times)

legendary
Activity: 3710
Merit: 1586
November 12, 2018, 09:16:32 AM
#26
Ok thanks for the precisions.

Do you know if sometime those scammers are caught?

Don't hold out hope for this. Next time bookmark the correct electrum website and always visit it via that bookmark. Also use an adblocker. These scam sites don't show up in the search results proper. Instead they show up in google ads above the search results. If you had an adblocker you would have never even seen this site.

Oh and you can't use any bitcoin or cryptocurrency wallet on the same PC where you installed this fake version until and unless you reformat your hard drive and reinstall windows. That's because the malware version you installed may have left behind additional nasty software that will compromise any future wallets you create.
newbie
Activity: 10
Merit: 0
November 12, 2018, 09:11:02 AM
#25
Ok thanks for the precisions.

Do you know if sometime those scammers are caught?
legendary
Activity: 3234
Merit: 5637
Blackjack.fun-Free Raffle-Join&Win $50🎲
November 12, 2018, 09:06:38 AM
#24
It seems that you are right. I found this adress in my history  https://electrun.net/ . But my browser block the site because it is not secure. Is it possible that the site was accessible 15 days ago and not know?

The mystery is finally solved, too bad you did not check better before using that fake site- it is have wrong name electrun and even wrong domain, so you pay for ignorance and I guess because you did not you have any security software to block that site or download from that site. Site is not available for me : "The owner of electrun.net has configured their website improperly. To protect your information from being stolen, Firefox has not connected to this website."

Is anyone heard about someone else who have been scammed by the same fake site?

Many users become victims of fake wallets, especially in time when Google is allow crypto advertising with AdWords, so fake site appeared at the top of the search results.
legendary
Activity: 1624
Merit: 2481
November 12, 2018, 08:58:03 AM
#23
I am not aware of anyone being scammed by this specific site.. But this could simply be due to the fact that these sites don't survive longer than a few weeks.

Usually those scammer have multiple domains which they set up. And once one of them gets taken down (e.g. trough multiple google/ISP reports) they simply use the next one.


It is nothing unusual that only a few people get scammed per domain and its also not unusual that those sites are down after a few days/weeks.
newbie
Activity: 10
Merit: 0
November 12, 2018, 08:54:37 AM
#22
Ok I will report the site.

Thank you for you help


Is anyone heard about someone else who have been scammed by the same fake site?
legendary
Activity: 1624
Merit: 2481
November 12, 2018, 07:35:37 AM
#21
The 'not secure' message does not appear because it is a scam site, but because their SSL certificate isn't up-to-date.

It is very well imaginable that they had a valid SSL certificate 14 days ago. However, today the site is redirecting to a porn site.

I am going to report this site to google, and it would be very helpful if you also would do the same (https://safebrowsing.google.com/safebrowsing/report_phish/?hl=en).


I am sorry for your loss.
newbie
Activity: 10
Merit: 0
November 12, 2018, 07:08:07 AM
#20
It seems that you are right. I found this adress in my history  https://electrun.net/ . But my browser block the site because it is not secure. Is it possible that the site was accessible 15 days ago and not know?
legendary
Activity: 1624
Merit: 2481
November 10, 2018, 10:10:51 AM
#19
Here the output I have :
a0 ac b5 93 de 3b 9b a3 c5 30 79 34 c7 95 41 ed 69 50 1a e2 7b 0e 10 70 6a 63 87 34 46 8d 20 9f

I have to precise that I downloaded the "standalone executable" version of Electrum .

Did you use version 3.2.3 ?

These are the correct hashes:

Code:
MAC:
$ sha256sum electrum-3.2.3.dmg
6f95797f73e0822fc37afd445981874ae61f231165f16440e521a4bcf4396758  electrum-3.2.3.dmg

Standalone Windows:
$ sha256sum electrum-3.2.3.exe
86db45fd961cd432c8bf6825a69fe3f48142cce8ef2f9626beee4a8c143ff242  electrum-3.2.3.exe

Portable Windows:
$ sha256sum electrum-3.2.3-portable.exe
281997bf8e578e1f88289ba6d4132b8ce3e78912aaa372b49d8745701980e7dd  electrum-3.2.3-portable.exe


Unfortunately you have downloaded a non-original electrum (probably malicious one).  Undecided

I guess you either have downloaded it from a fake site (more probable) or have been victim of a MITM attack (less probable).
Can you do as Abdussamad said and check from which site you have downloaded it (e.g. through browser history) ?
legendary
Activity: 3710
Merit: 1586
November 10, 2018, 12:24:45 AM
#18
Did you verify the signature ?

Even if you download it from the official source, a Man-in-the-middle attack could replace the original client with a malicious one.
Verifying the signature is the only way to make sure you are using the correct version.

If you are too lazy to verify the signature, at least check the hash of the file.

To check the hash, please do the following (assuming you are on windows):
  • Open the command promt (WIN-key + R  -> then enter 'cmd')
  • Enter: certUtil -hashfile C:/path/to/your/electrum/file.exe sha256

Then please post the output here and tell us which version of electrum you are using. I am then going to download the correct file and verify that the hash is the same.
If this is the case, your client was non-malicious and we have to look further how your coins got stolen.



Here the output I have :
a0 ac b5 93 de 3b 9b a3 c5 30 79 34 c7 95 41 ed 69 50 1a e2 7b 0e 10 70 6a 63 87 34 46 8d 20 9f

I have to precise that I downloaded the "standalone executable" version of Electrum .



This is not the correct sha256sum:

http://termbin.com/c7bh

That last line contains the correct checksum. I suggest you check your browser history to verify the exact url you downloaded electrum from. In the past we've seen users insisting that they downloaded from the official site but when we ask them to check their browser history it turns out that they got it from some fake site.
hero member
Activity: 1232
Merit: 738
Mixing reinvented for your privacy | chipmixer.com
November 09, 2018, 02:49:41 PM
#17
Here is the transaction ID  : 1622b47a2371fcabebe5735c6d68fb3e5491a2d2073a51fc9cf2b7ad60965dfd
please ignore my previous post, I assumed wrong
I'm sorry for your loss, it's quite a good amount of bitcoin Cry
and the thief also cleaned out your BCH as well Embarrassed 3 days afterward
https://bch.btc.com/cf9aa60c3118744089fbe6bad181f4f36c390d84d0c525f03d83f2ea23a1681a
newbie
Activity: 10
Merit: 0
November 09, 2018, 07:30:37 AM
#16
I installed last version of electrum on my computer and enter my seed to recover my wallet yesterday. Before that, my wallet wasn't on any device, I juste had my seed written on a piece of paper. Today, I opened the wallet and I saw that a transaction was made with all my bitcoin and the balance is now 0 btc.
is it mnemonic seed or just a private key? how did you generate your seed?
this sound like a case of "paid by bitcoin address' private key"
and a bitcoin address or txid may help us figure out what happened


JFOUD clearly states that it is a seed written on a piece of paper - I doubt that OP is write his private key on paper. It is also very likely that seed is generated by Electrum wallet, just because he/she is try to use same wallet to access his coins.

Also you miss fact that coins are gone after he import seed in Electrum, that means that something has happened after that step - fake wallet, keylogger, malware or anything like that...

It is a mnemonic seed of 12 words generated by Electrum when I first created the wallet long time ago (something like 5 years ago).
What to you mean by " a case of "paid by bitcoin address' private key" "
Here is the transaction ID  : 1622b47a2371fcabebe5735c6d68fb3e5491a2d2073a51fc9cf2b7ad60965dfd
newbie
Activity: 10
Merit: 0
November 09, 2018, 07:18:28 AM
#15
Did you verify the signature ?

Even if you download it from the official source, a Man-in-the-middle attack could replace the original client with a malicious one.
Verifying the signature is the only way to make sure you are using the correct version.

If you are too lazy to verify the signature, at least check the hash of the file.

To check the hash, please do the following (assuming you are on windows):
  • Open the command promt (WIN-key + R  -> then enter 'cmd')
  • Enter: certUtil -hashfile C:/path/to/your/electrum/file.exe sha256

Then please post the output here and tell us which version of electrum you are using. I am then going to download the correct file and verify that the hash is the same.
If this is the case, your client was non-malicious and we have to look further how your coins got stolen.



Here the output I have :
a0 ac b5 93 de 3b 9b a3 c5 30 79 34 c7 95 41 ed 69 50 1a e2 7b 0e 10 70 6a 63 87 34 46 8d 20 9f

I have to precise that I downloaded the "standalone executable" version of Electrum .

legendary
Activity: 3234
Merit: 5637
Blackjack.fun-Free Raffle-Join&Win $50🎲
November 08, 2018, 06:02:42 AM
#14
I installed last version of electrum on my computer and enter my seed to recover my wallet yesterday. Before that, my wallet wasn't on any device, I juste had my seed written on a piece of paper. Today, I opened the wallet and I saw that a transaction was made with all my bitcoin and the balance is now 0 btc.
is it mnemonic seed or just a private key? how did you generate your seed?
this sound like a case of "paid by bitcoin address' private key"
and a bitcoin address or txid may help us figure out what happened


JFOUD clearly states that it is a seed written on a piece of paper - I doubt that OP is write his private key on paper. It is also very likely that seed is generated by Electrum wallet, just because he/she is try to use same wallet to access his coins.

Also you miss fact that coins are gone after he import seed in Electrum, that means that something has happened after that step - fake wallet, keylogger, malware or anything like that...
hero member
Activity: 1232
Merit: 738
Mixing reinvented for your privacy | chipmixer.com
November 07, 2018, 06:58:20 PM
#13
I installed last version of electrum on my computer and enter my seed to recover my wallet yesterday. Before that, my wallet wasn't on any device, I juste had my seed written on a piece of paper. Today, I opened the wallet and I saw that a transaction was made with all my bitcoin and the balance is now 0 btc.
is it mnemonic seed or just a private key? how did you generate your seed?
this sound like a case of "paid by bitcoin address' private key"
and a bitcoin address or txid may help us figure out what happened
legendary
Activity: 1624
Merit: 2481
November 07, 2018, 12:31:54 PM
#12
Did you verify the signature ?

Even if you download it from the official source, a Man-in-the-middle attack could replace the original client with a malicious one.
Verifying the signature is the only way to make sure you are using the correct version.

If you are too lazy to verify the signature, at least check the hash of the file.

To check the hash, please do the following (assuming you are on windows):
  • Open the command promt (WIN-key + R  -> then enter 'cmd')
  • Enter: certUtil -hashfile C:/path/to/your/electrum/file.exe sha256

Then please post the output here and tell us which version of electrum you are using. I am then going to download the correct file and verify that the hash is the same.
If this is the case, your client was non-malicious and we have to look further how your coins got stolen.

newbie
Activity: 10
Merit: 0
November 07, 2018, 09:49:28 AM
#11
Yes I confirm it was from https://electrum.org/#home

I scanned the PC with Avast (free version) and Malwarebyte and nothing was found...
legendary
Activity: 3234
Merit: 5637
Blackjack.fun-Free Raffle-Join&Win $50🎲
November 07, 2018, 09:41:08 AM
#10
I downloaded from the real website (electrum.org). I still not understand how the problem happened.

Can you confirm that this is the site from where you download Electrum ? https://electrum.org/#home

If you are not a victim of the fake wallet, then you lost BTC in a way that something on your PC is stolen your seed words. It could be any kind of malware or keylogger which is monitor all your actions and collect data. Did you maybe try to scan your device with AV or antimalware and see do you have anything suspicious on the device?
newbie
Activity: 10
Merit: 0
November 07, 2018, 08:12:21 AM
#9
I downloaded from the real website (electrum.org). I still not understand how the problem happened.
HCP
legendary
Activity: 2086
Merit: 4363
October 28, 2018, 07:53:05 PM
#8
I installed last version of electrum on my computer and enter my seed to recover my wallet yesterday.
Can I ask where you downloaded this "last version of electrum" from? Huh

It would be useful for others to know if there is (another) fake Electrum website operating so we can try contacting domain hosts/google etc to try and get it taken down and/or removed from Google listings.
legendary
Activity: 3234
Merit: 5637
Blackjack.fun-Free Raffle-Join&Win $50🎲
October 28, 2018, 09:08:28 AM
#7
Hi

I installed last version of electrum on my computer and enter my seed to recover my wallet yesterday. Before that, my wallet wasn't on any device, I juste had my seed written on a piece of paper. Today, I opened the wallet and I saw that a transaction was made with all my bitcoin and the balance is now 0 btc.

Anyone know if it's related to the upgrade of electrum or the bitcoins were juste stolen? Is that anything I can do to recover my bitcoin?

 

Unfortunately you made a mistake in downloading fake Electrum or you have some malware/RAT/keylogger on your PC. This is not first time we see that people lose coins in this way, backup of seed/private keys is most important - but it is also important to use it only on clean device.

This is just a warning to all those who have backup of seed/private keys in some safe places, be extremely careful when you download any crypto wallet and double check your OS with good AV/Antimalware.

If you find out which way you are hacked it would be good to write here, especially in the case of a fake Electrum site.
Pages:
Jump to: