Hi,
I’m new to crypt-currencies and experiencing some struggle understanding a cause of funds loss from my Multibit HD wallet. I’ll try to explain:
A week ago I made 2 transactions to ShapeShift which is a coin conversion service. following that service’s instructions I've made the 2 transactions from my wallet to a provided address of ShapeShift and received the converted funds to a different ether wallet I provided, as expected, an hour later.
Few days later I tried entering my Multibit HD wallet again (haven't done so since that transaction to ShapeShift) but it kept rejecting the password which I’m 100% sure was the right one saying "The password did not unlock the wallet". restore attempt also strangely kept failing and rejecting the new passwords each time.
I googled around to find that such issue had been following Multibit for a while now:
see this thread -
https://github.com/keepkey/multibit-hd/issues/753going through the advices and solution on the link above, I used the secret seeds from my - now - Inaccessible Multibit HD wallet, converted it to private keys, imported them keys to a different wallet only to find out it’s empty of the funds I had.
I was also able to retrieve the transactions history and the transactions made to ShapeShift:
https://blockchain.info/tx/e6cfaf4858af0d105973382588d31700dc11a97efde576c2b6d11a1311c07d84https://blockchain.info/tx/94ae29d606571789199c5b36321ed4c5729a8ba1062fa79a377c0cd2dea2efa6I found something strange –
Both transaction listed 2 recipients (I wasn’t even aware it’s possible to send money to multiple addresses at once):
one recipient address was the provided ShapeShift’s address and the amount transferred is as intended. BUT! the second address was unknown to me and much larger amount of bitcoins was transferred.
What I also noticed was that these transaction, using Multibit HD, were made from addresses which have been previously used to receive payments to my wallet. Meaning that no new addresses were generated especially for this transaction, I thought that should be good practice.
Now I don’t really pay attention to that part of procedure in transactions as I recall reading that one of Multibit HD features is that it generates new address for each transaction constantly. Maybe I’m mistaken.
An Important point is that the transactions with the 2 recipients summed a total amount of bitcoins which was totally equal to the amount I received previously using the same address. So for example if I received 3 bitcoins to my address and later used that same address to send 1 bitcoin to ShapeShift, an exploit was to drain and the send the 2 other bitcoins left to another address simaltounasley.
From what I describe, could have my wallet / address been breached?
Is there a way for a malicious act to exploit any of the mentioned above?
Please anyone shed some light or guide me to a solution / education.
Thanks!