the seed phrase is written on a piece of paper and is hidden in my personal safe. no one can access her. besides this, I specially changed the word order on paper, the correct order is known only to me.
~
Sorry, correct is "i downloaded this electrum from google play. I check it twice.
Well, as hosseinimr93 pointed out, that address appears to belong to a hacker/scammer. It's unlikely your seed phrase was compromised, but it's very likely you did not install the official Electrum app from google. I know you were trying to be careful, but at this point it's the most likely scenario. You can check your google account to see which app you have installed, and compare it to the app to which official Electrum website directs.
Here's the official website link:
https://electrum.org/#homeAnd, the link to the official app on google play:
https://play.google.com/store/apps/details?id=org.electrum.electrumIf you have the real app installed the play store will inform you as such:
https://i.ibb.co/zs11q09/Capture.jpgWhen i use your link, i see Oткpыть, it's translate like Open. This means that the electrum is installed from official page :
https://i.ibb.co/Z1JkPHv/Screenshot-2020-04-06-09-25-28-001-com-android-vending.png
I'm not blaming the brand or implying that they are the thieves... I'm questioning the fact that this wallet was installed on an Android device and it appears that it can be relatively easily rooted and flashed with all sorts of different/custom ROMs:
https://forum.xda-developers.com/mi-9t/development@OP, is your device rooted?
No. The phone was bought in the official store and in order not to violate the warranty, I did not do anything with the official firmware
How did you create your wallet from Electrum mobile? If someone created it for you he might be the one who stole your Bitcoin. Or if the seed backup is created from other wallets like Bitpay?
If not, then there might be a keylogger in your device. Actually Xiaomi Phones is not secured as Samsung with Knox.
A similar case and address can be found below the same as hosseinimr93 posted above.
-
[uncensored-r/Bitcoin] Bitpay wallet hacked - what went wrong?That's why I suspected that this address is controlled by Bitpay? I'm not sure but if your seed backup is created from Bitpay and imported it to Electrum mobile... Maybe?
I create my seed by Electrum mobile.
Never used other wallets, this was not necessary
The transaction was send to address unknown to me: 13k4rgQ6b9LdBt6pvgLR5MSV6wAhujFpgq -snip-
Looks like it's being used to receive hacked bitcoins not exclusive to Electrum, the chance of being fake Electrum the culprit slim.
It was reported here:
https://bitcoinwhoswho.com/address/13k4rgQ6b9LdBt6pvgLR5MSV6wAhujFpgq, expand the "
scam alert" portion.
What are the other installed applications you have in your phone?
And please answer the question in post#2, where did you stored your 12-word seed phrase? <-- must be the issue.
All applications on the phone are downloaded from the play store. These are applications from banks, cards, food delivery services and instant messengers. After the money was stolen, I carefully scanned the entire list, all the applications are pretty famous.
"the seed phrase is written on a piece of paper and is hidden in my personal safe. no one can access her. besides this, I specially changed the word order on paper, the correct order is known only to me."
Lots of Xiaomi phones are 'rootable' due to many developers supports their devices (because the price/performance ratio is good for most people who don't want to spend $800 for a phone).
That being said, I doubt just because he installed a custom ROM somebody can expose his seed just like that. We'd need a lot of details from now on, starting from the apps on his phone, what security patch his phone is using, did he also load his wallet on another place previously, etc.
My phone have official firmware. If this can help to understand the situation, then today I will write a complete list of all applications on the phone.
