Bitcoin Forum

Hi all

Can someone please give some advise, this is my last 24 hours...

1: Dec 6, 2017 @ 07:31AM Blockchain app suggests that I move my funds from paper and back it up, so I do and there's a small transaction fee. (From my paper wallet to "My Bitcoin Wallet",
, Classed as "Transferred" and confirmed. Funds are seen in my Wallet
 
2: Dec 7 2017 @12:59AM - Transaction "Sent" from "My Bitcoin Wallet" to unknown address.... My account now empty

3: I recover my account to see if that makes any difference and it is still empty.

4: I cannot log into Blockchain online as I am now not receiving the verification emails, I can, however, see the account on my phone app.

Can someone please tell me what's going on?

Many thanks in advance

CSM

It's the classic compromised wallet which is very common in web wallets. What happened most likely is for some reason (Phishing links, Keyloggers, malwares, someone you know peeking at your seed etc.) the hacker must've got a hold of your credentials and transferred the funds in his wallet.

Unfortunately, Since bitcoin transactions are pseudonymous and irreversible once confirmed, there's nothing else you you can do. Lesson learned is to use a much safer wallet. I suggest spending a small amount of money to buy a hardware wallet e.g. ledger, trezor.  If not there's electrum (SPV - desktop) or mycelium (Android). But please note that most of the time you will be the one protecting your coins since your wallet can't protect it for example if someone did get a hold of your credentials e.g. seed, private keys, PIN etc.. A simple google search should help you with that.

Thanks Potato Chips for your reply,

Not the best news and not a total fortune lost...but it was sad to see them go. I hadn't checked my account in years and to my surprise, I had about .008 BTC in there. It was worth nothing back then and is worth about $1k today, I was so excited to follow over the last couple of weeks and now its gone again. The worst bit is I can see it sitting there at its destination

EDIT: Just so everyone knows..This all happened inside the Blockchain App, I have all the security steps set up for web access.

If the funds have been sent from its original address to an unknown address that is out of your control then indeed, it is a compromised address. Your computer is likely to have been hacked or controlled by someone you don't know.

You should either factory reset your computer or at the very least, run a good antivirus and make sure thaty ou don't store excessive amounts of BTC on your computer.

Have you tried viewing your wallet by importing the recovery seed into a wallet such as Copay/Electrum, though?

Thanks will try the apps you suggest.

Things to note:

* My PC was not connected to the net when the hit occurred
* When my PC (Mac) has connected to the net TeamViewer has been running in the background
* All security steps were set up in Blockchain for accessing the site
* I moved from paper to wallet via the app on my cell phone
* I didn't get any emails regarding the final "transaction" from Blockchain

Cheers

CSM

As you mentioned above this is already an old wallet which you haven't use for quiet sometime and even if you do said that you do make such secure steps that wallet isn't already on your possession maybe it was before you aren't still got interested to check it out your wallet because the only possible way that you are being hacked is that someone do have your credentials no other than that because no one can access if they don't have those informations.

Not this again. CryptoSpaceMonkey, before we can help you and not leave it all to speculation, you should give us the transaction ID in question, the BTC addresses and the URL to the site you used.

Ty.

The URL is obviously blockchain.info so we don't need that again. Address and TXID wouldn't be any use either since we don't know who owns the address and he probably used a disposable address anyways to cover his trails.

Cryptospacemoney, since you said that teamviewer was running, then there could be a chance that your funds have been obtained by the hackers that way. Obviously no guarantees, but it is a plausible explanation though idk how that could have happened without an internet connection.

Also did you say that you transferred your private keys from a paper wallet to your blockchain.info wallet?

If this should happen on blockchain.info then its a serious issue because blockchain is one of the web wallets that have stand the test of time and have a larger client base in the community. Have you tried contacting support because for not receiving the verification mail means your account is completely compromised and you need to tale action pending the time this will be resolved.

Also, it seems you are the one who receive the mail that you should back up you coins and I think that is where you got compromised that the mail was not truely from blockchain.

Yeah, that quite possible. He should have checked the link before clicking on it because it was phishing link. Blockchain never send such emails to their clients that back up your coins, etc.

That's strange !

First things first,
 - Have you tried to get in touch with the support  ?
 - Can you link us to the transaction that was sent unknowingly from your wallet ?
 - Do you have anymore coins on other online wallets ? Move them ASAP

And the culprit could be ,

Who was accessing the team viewer ? Did you cross check with them ?

You should install a good antivirus that scan your computer at daily basis, like MalwareBytes Premium, its the best thing to have on every computer.

And Genius what about the people who don't use Windows/Mac and completely rely on Debain based Systems like CentOs/Ubuntu ? [Yes We Do Exist!]

Anti-Virus isn't the accepted solution for n number of ransomwares/e-whoring/other cyber attacks where the details are shared by the victim themselves.Like in OP's case,he had his teamviewer on the whole time,something an antivirus can't prevent.

I also heard that issue from one of my friend and after a complete research I found that it is only the blockchain team who are stealing money from the members accounts or it is one of their employee who have control on the funds. as from the transaction I found that hundreds of addresses are emptied within a minute and other point is that they empty the address without logging in to members accounts.

We have to verify what URL he used. He might have been a victim of a phishing site.

The need to know the addresses involved and the transaction IDs should also be posted in order to know if Cryptospacemoney is telling the truth, not saying that he isnt, but it might also help in figuring out what the hacker is up to.

Exactly! That could be a thing but since he said he had 2fa and stuff set up chances of that happening are slime.I'm still guessing team viewer is the root of all the issues.

It also depends on how many bitcoins are done and is it worth all the efforts that would be put in to figure out things.

Its not possible.

After hearing this news I immediately visit to my wallet and I found my wallet safe. Then I went to their facebook page and on that page people said that they lost their wallet. Someone said that 500 wallets was hacked. On a comment I found a person told that his wallet and PC is much more secure and he know no one have opened his wallet and still his coins are vanished.

This sophisticated scam artistry is scary stuff. The fact that the scammers can find computers, laptops and phones with active accounts is impressive enough, despite the criminal element behind their efforts. It's not just the finding part but also the sheer effort and technical know how behind the actual accessing of the account. This requires a lot of con artistry and convincing ways to bypass even the most doubtful or suspicious minds out there. And all this work done remotely and anonymously. They deserve a PhD in Scamology.

Consider using Bread Wallet. I use it and I don't think it will be easy to steal from such a wallet, unless you very publicly and carelessly advertise your recovery phrase. I have a second phone I keep the wallet on and I keep it totally clean. No downloaded apps. No emails. No third party keyboard apps. No using of public WiFi.

Great, its better to have a hw wallet than phone.

This is why I am not putting all my btc in just an one account and in the web wallet sites, because nobody could predict the time if somebody would mistakenly visit a phishing site with keylogger so that, greedy hackers will have full throttle access to the information's you have.

I suggest that you use multi accounts and remember all the information and don't just stuck your btc into one wallet even thou it's amount is small.

You can't retrieve everything that was lost all you have to do is to accept. In bitcoin there is no assurance and insurance.

Its not really necessary to have many wallets specially on web wallets, maybe 2-3 for allocation of each wallet would really be fine and as being said we wont really even know on when we do lose up our bitcoin no matter how we do set high security measures but there are really times we cant really avoid accident of getting hacked. If you do store up on single wallet then recovery would really be hard specially you lose up huge amounts. In the case on what we do see here, wallet have been compromised and nearest possible thing happen is that op being phished.

Oh my! Deeply sorry for your lost.
In Bitcoin or any cryptocurrency, no amount is too small cause that amount could worth millions in years to come without even topping it. So that $1k is something.
And moreover, thanks for sharing this here.
I use to hear of stories of phishing but this one is really new to me.
I thought Blockchain do info users that they don't usually sent links to their users?
Well, this warning does not implies to Blockchain users alone but to other online wallet users. We all have to be careful.