What to do when i sent bitcoin and receiver states they didn't receive it?

HCP

legendary

Activity: 2086

Merit: 4361

Quote from: NotATether on June 12, 2020, 11:20:29 AM

Do you suppose there is a way to disable Electrum <3.3.4 from running entirely on a computer? There won't be much luck in Electrum itself but there should be some system administration tools that block specific programs from running on a computer.

There is pretty much no point to this... If you knew enough that Electrum 3.3.4 should not be run, you'd simply not use it... setting admin tools to block it is a waste of time.

And there is no way to force other peoples computers to not run it unless you're a System Admin in a corporate type environment... in which case, why would anyone want to run Bitcoin wallet software on a machine that they don't have full and exclusive (admin) access to? Huh

bob123

legendary

Activity: 1624

Merit: 2481

Quote from: NotATether on June 12, 2020, 11:20:29 AM

Do you suppose there is a way to disable Electrum <3.3.4 from running entirely on a computer? There won't be much luck in Electrum itself but there should be some system administration tools that block specific programs from running on a computer.

As a system administrator, you definitely can whitelist or blacklist programs.
But what would be the advantage for an enduser ?

If you know that software X is vulnerable etc., you don't need to block it. You can simply uninstall it.
Such administration software is used in companies to allow or block specific applications.

NotATether

legendary

Activity: 1568

Merit: 6660

bitcoincleanup.com / bitmixlist.org

Quote from: Lucius on June 07, 2020, 08:50:22 AM

ranochigo, there is no fix for Electrum versions older than 3.3.4, they are still vulnerable to this attack, and this warning is still displayed on Electrum site. Therefore, anyone who still has one of these versions is a potential victim.

https://electrum.org/#home

Do you suppose there is a way to disable Electrum <3.3.4 from running entirely on a computer? There won't be much luck in Electrum itself but there should be some system administration tools that block specific programs from running on a computer.

Pmalek

legendary

Activity: 2730

Merit: 7065

Quote from: guigui371 on June 07, 2020, 09:30:13 PM

You are clearly not a "newbie", you account has been created today to ask about this electrum issue.
Newbies don't magically have an old version of electrum with BTC in it.

He is not a newbie with Bitcoin but that doesn't mean that he is an old user of this forum. People can use Bitcoin without being registered on Bitcointalk.
He might have just googled his problem and found links to threads on Bitcointalk that prompted him to register. This is equally possible as the scenario that he is an old forum user.

People from Asian countries (China, Korea, Japan) have their own forums and social media and have no need to use Bitcointalk.
Same thing is probably evident in Scandinavia, their local forum is inactive but the country is very pro-crypto and pro new technologies, and are surely using them.

guigui371

legendary

Activity: 2114

Merit: 1693

C.D.P.E.M

At OP, sorry for your loss.
You are clearly not a "newbie", you account has been created today to ask about this electrum issue.
Newbies don't magically have an old version of electrum with BTC in it.

The reasons behind the "new" throwaway account are not important.
What is important to see here is that even intermediate to experienced users could get phished.

Luckily it was just $200 and not dozen of thousands.

AB de Royse777

legendary

Activity: 2464

Merit: 3878

Hire Bitcointalk Camp. Manager @ r7promotions.com

Quote from: HCP on June 07, 2020, 04:21:45 PM

Guess it's just bad luck that the user connected to a "bad" server first before their client got "DOS'd"... Unfortunately, there really isn't any more anyone can do at this point... it's been publicised quite a bit, the exploit is very old now (over 1 year) and of course the ability to verify the digital signatures has been an option since before this exploit was created.

There is no way to magically "fix" the exploit on older versions... so unless the users themselves take the time to investigate/read and/or do their due diligence with digital signatures, there is a chance that someone is going to get caught out until all users have updated to a newer version that is no longer vulnerable... or the hackers give up and stop running the "bad" servers. Undecided

It wouldn't surprise me if we continue to see more threads like this in the future... especially if the BTC value makes big moves and people need/want to move holdings around.

We will see more threads like this for sure. Not everyone visit the forum ,not everyone is aware of it. I am not sure if there was any media coverage for it , I mean coverage in both news and TV chsnnel. May be spreading this in the mainstream media will help to creat some awareness although this is a crazy idea.

HCP

legendary

Activity: 2086

Merit: 4361

Guess it's just bad luck that the user connected to a "bad" server first before their client got "DOS'd"... Unfortunately, there really isn't any more anyone can do at this point... it's been publicised quite a bit, the exploit is very old now (over 1 year) and of course the ability to verify the digital signatures has been an option since before this exploit was created.

There is no way to magically "fix" the exploit on older versions... so unless the users themselves take the time to investigate/read and/or do their due diligence with digital signatures, there is a chance that someone is going to get caught out until all users have updated to a newer version that is no longer vulnerable... or the hackers give up and stop running the "bad" servers. Undecided

It wouldn't surprise me if we continue to see more threads like this in the future... especially if the BTC value makes big moves and people need/want to move holdings around.

ranochigo

legendary

Activity: 3038

Merit: 4418

Crypto Swap Exchange

Quote from: Lucius on June 07, 2020, 08:50:22 AM

ranochigo, there is no fix for Electrum versions older than 3.3.4, they are still vulnerable to this attack, and this warning is still displayed on Electrum site. Therefore, anyone who still has one of these versions is a potential victim.

https://electrum.org/#home

Its not a fix, thats why I say this would be still quite prevalent.

https://mobile.twitter.com/ElectrumWallet/status/1106479573917724672. Most older clients cannot connect to any server because they automatically gets DOS'ed and loads of people have come onto the forum asking for advice.

Lucius

legendary

Activity: 3234

Merit: 5637

Blackjack.fun-Free Raffle-Join&Win $50🎲

ranochigo, there is no fix for Electrum versions older than 3.3.4, they are still vulnerable to this attack, and this warning is still displayed on Electrum site. Therefore, anyone who still has one of these versions is a potential victim.

https://electrum.org/#home

ranochigo

legendary

Activity: 3038

Merit: 4418

Crypto Swap Exchange

Quote from: Lucius on June 07, 2020, 08:34:53 AM

It's already a year and a half after the exploit was discovered and I think cases like this will happen for years to come. There are people who check their wallets only occasionally, and are not at all aware that there is a danger. A new wave of such cases will surely come again with the next ATH when many will want cash out BTC, and will instead send the donation to an unknown address.

Hmm.. Didn't the devs execute a DOS attack against the client to prevent them from connecting to the malicious nodes? IMO, it does help with the situation somewhat but this, together with the jsonrpc vulnerability would still be quite prevalent.

Lucius

legendary

Activity: 3234

Merit: 5637

Blackjack.fun-Free Raffle-Join&Win $50🎲

Quote from: AB de Royse777 on June 05, 2020, 10:27:59 AM

It seems the business is running in autopilot. So sad.

It's already a year and a half after the exploit was discovered and I think cases like this will happen for years to come. There are people who check their wallets only occasionally, and are not at all aware that there is a danger. A new wave of such cases will surely come again with the next ATH when many will want cash out BTC, and will instead send the donation to an unknown address.

The Cryptovator

legendary

Activity: 2408

Merit: 2226

Signature space for rent

Quote from: sminnick32 on June 05, 2020, 10:18:52 AM

Thanks all for the replies, it looks like this is the issue unfortunately, it did ask to download an update to electrum when I loaded it up, guess it wasn't the official one. I haven't used it for awhile so just figured it needed to be updated.

Sad to hear you have lost funds but I will say you are lucky enough that it has gone with small amount. On the other hand this is a lesson for you which will never forget. Anyway this was a mistake since you weren't active here and you are unaware about this scam method. I always upgrade Electrum from the website instead of upgrade from the popups. When you will install latest version it will automatically will replaced older version with latest one. If it doesn't happen with your operating system then just uninstall older version and install again latest version. It will not effect on your wallet file since file stored on different place than software. But don't forget to save your seed if you have fund on your wallet.

But to make sure you should remove all malware from your device first or better option format your device and install everything new including operating system. Who know if hackers controlling your device.

DireWolfM14

copper member

Activity: 2338

Merit: 4543

Join the world-leading crypto sportsbook NOW!

Quote from: sminnick32 on June 05, 2020, 10:18:52 AM

Thanks all for the replies, it looks like this is the issue unfortunately, it did ask to download an update to electrum when I loaded it up, guess it wasn't the official one. I haven't used it for awhile so just figured it needed to be updated.

Sorry for your loss. Newer versions of Electrum prevent that specific vulnerability from hurting people, but there may be others that we don't know about yet, or have yet to be implemented. It's a good habit to verify your download every time you upgrade Electrum. Here's a guide to help with that: https://bitcointalksearch.org/topic/m.54223763

AB de Royse777

legendary

Activity: 2464

Merit: 3878

Hire Bitcointalk Camp. Manager @ r7promotions.com

Quote from: sminnick32 on June 05, 2020, 10:18:52 AM

Thanks all for the replies, it looks like this is the issue unfortunately, it did ask to download an update to electrum when I loaded it up, guess it wasn't the official one. I haven't used it for awhile so just figured it needed to be updated.

Sorry to hear you lose. Fortunately you did not lose much. It's always recommended that after downloading the software, always verify the signature to avoid fake copies.

Quote from: LoyceV on June 05, 2020, 10:16:34 AM

I didn't check the receiving address, but indeed, it received over 50 BTC already. Some scammer is making a good living out of it Sad

It seems the business is running in autopilot. So sad.

sminnick32

newbie

Activity: 2

Merit: 11

Take a look at the following thread
Bitcoin 'successfully' transferred to an invalid bitcoin address

That's a same address.
The OP has likely downloaded a fake version of Electrum.
[/quote]

Thanks all for the replies, it looks like this is the issue unfortunately, it did ask to download an update to electrum when I loaded it up, guess it wasn't the official one. I haven't used it for awhile so just figured it needed to be updated.

LoyceV

legendary

Activity: 3290

Merit: 16489

Thick-Skinned Gang Leader and Golden Feather 2021

Quote from: hosseinimr93 on June 05, 2020, 09:57:14 AM

That's a same address.

I didn't check the receiving address, but indeed, it received over 50 BTC already. Some scammer is making a good living out of it Sad

hosseinimr93

legendary

Activity: 2380

Merit: 5213

Quote from: LoyceV on June 05, 2020, 09:51:03 AM

If bc1qcygs9dl4pqw6atc4yqudrzd76p3r9cp6xp2kny isn't the receiver's address, your (or his) computer may have clipboard hijacking malware. Or he may be trying to scam you.

Take a look at the following thread
Bitcoin 'successfully' transferred to an invalid bitcoin address

That's a same address.
The OP has likely downloaded a fake version of Electrum.

LoyceV

legendary

Activity: 3290

Merit: 16489

Thick-Skinned Gang Leader and Golden Feather 2021

Quote from: sminnick32 on June 05, 2020, 08:45:52 AM

Here is a screenshot of the transaction:

This is your transaction: 7417f7a3f9844aca1fe8d75befb6b24d8902bc7e924a8a69d848741d570609de.

If bc1qcygs9dl4pqw6atc4yqudrzd76p3r9cp6xp2kny isn't the receiver's address, your (or his) computer may have clipboard hijacking malware. Or he may be trying to scam you.

Quote from: sminnick32 on June 05, 2020, 08:45:52 AM

They gave me an address to look up on blockchain and it said nothing was sent

Why did they give you an address to look up? Is that address different from the address they told you to pay to?

DireWolfM14

copper member

Activity: 2338

Merit: 4543

Join the world-leading crypto sportsbook NOW!

How did the recipient request the funds, did he send you an email with the receiving address? If you have proof that the recipient sent you that address, then it's safe to assume that he's lying.

Other than that, you should consider the possibility that your device has been compromised.

OmegaStarScream

staff

Activity: 3500

Merit: 6152

What's the name of the service you sent the funds to?

If the"bc1" address (you can see it in 'outputs') doesn't belong to the receiver, then you must have sent it to someone else. If you're sure that the receiver is not lying, then you might have a clipboard malware. To confirm, you can try and copy another address and see if it changes when you paste it in Electrum.

Topic: What to do when i sent bitcoin and receiver states they didn't receive it? (Read 719 times)