Author

Topic: Were my bitcoins stolen? (Read 342 times)

legendary
Activity: 2758
Merit: 6830
August 22, 2019, 11:31:59 PM
#19
Well it seems to just to much of a ironic coincidence to be an Error which everyone Voted "Theft" so I would have to Agree with everyone else that your Bitcoin was most likely Stolen even it was an Error like one of the first Posts said. Your Bitcoins can't be Recovered once they are Sent and that always makes Me nervous, Paranoid and a Bit Anxious each time that I that I use my Bitcoin Wallet in itself period nevermind Withdrawing Bitcoins into it.
Buy a hardware wallet (Ledger or Trezor) and all you will need to do is double-check the address you're sending the coins to in their LCD screen.
member
Activity: 100
Merit: 33
August 22, 2019, 11:23:26 PM
#18
Well it seems to just to much of a ironic coincidence to be an Error which everyone Voted "Theft" so I would have to Agree with everyone else that your Bitcoin was most likely Stolen even it was an Error like one of the first Posts said. Your Bitcoins can't be Recovered once they are Sent and that always makes Me nervous, Paranoid and a Bit Anxious each time that I that I use my Bitcoin Wallet in itself period nevermind Withdrawing Bitcoins into it.
legendary
Activity: 1624
Merit: 2481
August 20, 2019, 11:21:34 AM
#17
No, as you can read up above he havent download anything aside on that 3.3.8 version into that official site. There were no pop-outs yet he do knows about such thing but he do still end up on losing those coins.A really mind boggling on my part.

Your statement doesn't make any sense.

Are you implying that he never downloaded any software besides electrum ? Because that has not been mentioned anywhere.
The post you have quoted did not say that he has downloaded a malicious version of electrum. Getting infected with malware does not only happen through downloading a fake electrum version  Roll Eyes

Abdussamad's statement completely makes sense. Either the secrets (mnemonic code / private keys) got stolen by malware, or OP entered them into a site.

And OP already had a previous version of electrum. And if he didn't verify the signature, this might be the infected (fake-) version.
Just supposedly downloading from the official site, does not guarantee that you will in fact get the original file. There are still multiple techniques an attacker can use to bring a malicious version onto your computer.
hero member
Activity: 1232
Merit: 738
Mixing reinvented for your privacy | chipmixer.com
August 18, 2019, 08:27:13 PM
#16
This is true but according to the post made by theymos this vulnerability could only be exploited when the wallet was being used. The OP claims that he lost his bitcoins in the moment he sent his transactions.
no, he didn't say he was trying to send them out, he was probably checking his wallet's balance at that time
yes being used, he should've opened his electrum to get receiving address before using it, right?
while it was open, he must've browsed some sites waiting for his bitcoin to arrive

the incoming transactions was received ~10 mins apart, and the outgoing is 4 secs after that
but all three received confirmation in the same block (same timestamp)
so the thief has been watching his wallet since the first transaction was pending, and thief has created a tx out
and when the second tx was broadcasted, the thief's script created (adjusted) a new tx to steal both
that might explain the short 4 secs delay on the outgoing transaction
hero member
Activity: 2730
Merit: 632
August 18, 2019, 12:59:36 PM
#15
Also boggles my mind and how the hacker does know the exact time on where the funds is being credited into his electrum? Supposedly this is an old version and
he shouldnt able to connect to any server.If he do upgrade only thru electrum.org directly on 3.3.8 then the question how those funds instantly robbed?
This is definitely a malware issue.

His wallet secrets must have been stolen. That is the private keys and or seed. The thief then simply watched the blockchain for funds sent to this wallet and swept them as soon he could. This would have been automated for maximum efficiency Smiley

It would still be interesting to learn how his wallet secrets were stolen. Other software installed on the same system is one possibility. The user himself revealing the secrets by entering them into a phishing website is another. It's also possible he installed a fake version of electrum.  
No, as you can read up above he havent download anything aside on that 3.3.8 version into that official site. There were no pop-outs yet he do knows about such thing but he do still end up on losing those coins.A really mind boggling on my part.
jr. member
Activity: 107
Merit: 6
August 17, 2019, 10:27:34 PM
#14
I bought bitcoins yesterday and after the second buy, everything was transferred to another account immediately in the same minute.
Now my question, is that a mistake or was I robbed?
And what can I do about it?
Please fast help
need2buy

outputs:
1E4ynSJL8eT7TttgrtVxnkr3V2kUunLMAC        0.05027603

transaction id:
c5601f360ad47dd6bf6baa278cad8c4aaf8d9386af0d10e9fed21dcc3cbe5f28

Dear Sir,
I am sorry to hear about your loss bitcoin Sad , btw did you using google authenticator , 2FA?
legendary
Activity: 3710
Merit: 1586
August 17, 2019, 10:17:57 PM
#13
Also boggles my mind and how the hacker does know the exact time on where the funds is being credited into his electrum? Supposedly this is an old version and
he shouldnt able to connect to any server.If he do upgrade only thru electrum.org directly on 3.3.8 then the question how those funds instantly robbed?
This is definitely a malware issue.

His wallet secrets must have been stolen. That is the private keys and or seed. The thief then simply watched the blockchain for funds sent to this wallet and swept them as soon he could. This would have been automated for maximum efficiency Smiley

It would still be interesting to learn how his wallet secrets were stolen. Other software installed on the same system is one possibility. The user himself revealing the secrets by entering them into a phishing website is another. It's also possible he installed a fake version of electrum.  
hero member
Activity: 2730
Merit: 632
August 17, 2019, 09:49:00 PM
#12
there's vulnerability which allow someone to steal your bitcoin on version 3.0.4 or older
if you didn't protect your wallet with a password, a thief can gain access into your wallet
This is true but according to the post made by theymos this vulnerability could only be exploited when the wallet was being used. The OP claims that he lost his bitcoins in the moment he sent his transactions. I am not sure how exactly he was using his wallet because the 3.0 version he had can't connect to any servers. How could someone exploit his old Electrum version so fast, exactly at the time he was working with his wallet? Presumably that everything went down exactly as the OP wrote.

Also boggles my mind and how the hacker does know the exact time on where the funds is being credited into his electrum? Supposedly this is an old version and
he shouldnt able to connect to any server.If he do upgrade only thru electrum.org directly on 3.3.8 then the question how those funds instantly robbed?
This is definitely a malware issue.
legendary
Activity: 2730
Merit: 7065
August 16, 2019, 02:26:41 AM
#11
there's vulnerability which allow someone to steal your bitcoin on version 3.0.4 or older
if you didn't protect your wallet with a password, a thief can gain access into your wallet
This is true but according to the post made by theymos this vulnerability could only be exploited when the wallet was being used. The OP claims that he lost his bitcoins in the moment he sent his transactions. I am not sure how exactly he was using his wallet because the 3.0 version he had can't connect to any servers. How could someone exploit his old Electrum version so fast, exactly at the time he was working with his wallet? Presumably that everything went down exactly as the OP wrote.

This is the part in theymos post that mentions the vulnerability.

Quote
You don't necessarily need to rush to upgrade. In fact, in cases like this it can be prudent to wait a while just to make sure that everything is settled. The important thing is to not use the old versions. If you have an old version sitting somewhere not being used, then it is harmless as long as you do not forget to upgrade it before using it again later.
https://bitcointalksearch.org/topic/critical-electrum-vulnerability-2702103
hero member
Activity: 1232
Merit: 738
Mixing reinvented for your privacy | chipmixer.com
August 16, 2019, 12:51:32 AM
#10
So I had the version 3.0.0 until today
there's vulnerability which allow someone to steal your bitcoin on version 3.0.4 or older
if you didn't protect your wallet with a password, a thief can gain access into your wallet
read theymos' post Critical Electrum vulnerability
and the official electrum response JSONRPC vulnerability in Electrum 2.6 to 3.0.4
legendary
Activity: 1624
Merit: 2481
August 15, 2019, 01:39:53 PM
#9
Did you verify your electrum installer / portable executable upon downloading/installing it ?
That is the only way to be sure you have the real electrum.
If you didn't do this, you should change your habits and start verifying the signature of every file handling sensitive information.


Now, back to your problem.
Unfortunately your coins are lost. And it was not a mistake on your site. It seems they have been stolen.

Either someone has gained access to your mnemonic code, or your computer is compromised.
If you can't find out how it happened, assume your computer is infected and consider formatting your hard drive and reinstalling your OS (no cracked versions please, they are ALWAYS infected with backdoors) before storing any sensitive information (e.g. private keys) on it again.
legendary
Activity: 2758
Merit: 6830
August 14, 2019, 04:44:06 PM
#8
So I had the version 3.0.0 until today
Yesterday with the version I bought the coins and still in the same minute as the 2 order was there everything was deducted and today I googled and updated. Because I thought it was a mistake and if I update everything is there again.
and no I have never clicked on a popup window and never got anything like that.
So the coins vanished  while on version 3.0.0? Had you used this wallet normally (where your coins weren't stolen) with the same version before? Sounds like your PC may have been infected with malware. Or you had an fake version of Electrum all along (if that's the first time you use the wallet since you downloaded this 3.0.0. version).
newbie
Activity: 3
Merit: 0
August 14, 2019, 04:38:52 PM
#7
So I had the version 3.0.0 until today
Yesterday with the version I bought the coins and still in the same minute as the 2 order was there everything was deducted and today I googled and updated. Because I thought it was a mistake and if I update everything is there again.
and no I have never clicked on a popup window and never got anything like that.

and I'm sorry for the long text now but I do not know how to answer each one individually
legendary
Activity: 3472
Merit: 3217
Playbet.io - Crypto Casino and Sportsbook
August 14, 2019, 04:32:55 PM
#6
It seems that you accidentally click the popup window with a suggestion to download the latest version then redirect you to the fake electrum website.

If your balance is gone after upgrade your bitcoin is totally gone and there is no way to recover them back.

Since you use electrum 3.0 before you receive your bitcoins, most of the servers of old electrum version are forcing you to click fake electrum website if you click the link there and download the fake electrum there's no way to reverse it.
legendary
Activity: 1876
Merit: 3139
August 14, 2019, 04:27:55 PM
#5
when I did that was the version 3.0.0 after that I upgraded to 3.3.8 but before that I never downloaded the updates from anywhere else. only on electrum.org

Did you enter your mnemonic phrase (12 words) on any website? Where did you save it? If you secured it properly then there is a slight chance that your computer is infected with a malware. You can download Malwarebytes for free and scan your computer. Also, you should always verify Electrum installer even if you download it from the official website. If you still have the installer, you can verify it and see if it's genuine.
legendary
Activity: 2758
Merit: 6830
August 14, 2019, 04:26:59 PM
#4
when I did that was the version 3.0.0 after that I upgraded to 3.3.8 but before that I never downloaded the updates from anywhere else. only on electrum.org
Are you sure? Check your Downloads and History page on your browser. Do you still have the installation files?

So, you received the coins while on version 3.0.0 and then updated to 3.3.8? Or you're saying you used to have version 3.0.0 and updated it recently?
newbie
Activity: 3
Merit: 0
August 14, 2019, 04:23:23 PM
#3
when I did that was the version 3.0.0 after that I upgraded to 3.3.8 but before that I never downloaded the updates from anywhere else. only on electrum.org
legendary
Activity: 1876
Merit: 3139
August 14, 2019, 04:04:36 PM
#2
What version of Electrum do you have and where did you download it from? The latest one is 3.3.8, but versions older than 3.3.4 are vulnerable to a phishing method which tricks user into downloading a fake version of the wallet. Sorry, but you can't get your coins back. The transactions has already 79 confirmations.
newbie
Activity: 3
Merit: 0
August 14, 2019, 03:57:00 PM
#1
I bought bitcoins yesterday and after the second buy, everything was transferred to another account immediately in the same minute.
Now my question, is that a mistake or was I robbed?
And what can I do about it?
Please fast help
need2buy

outputs:
1E4ynSJL8eT7TttgrtVxnkr3V2kUunLMAC        0.05027603

transaction id:
c5601f360ad47dd6bf6baa278cad8c4aaf8d9386af0d10e9fed21dcc3cbe5f28
Jump to: