|
Title: Just got my LTC QT wallet hacked Post by: jubalix on February 21, 2014, 03:47:55 PM I just saw 1.99 LTC get taken out of my wallet.
I just upgraded to the latest LTC client, from the beta and made a transfer. Walked back into my room to see 1.99 LTC being transferred I have an encrypted wallet, which means they must have seen my password as I typed it....or something else no located the address It does appear to have decrimented my balance though freaking out now...! transaction http://block-explorer.com/address/LPuJg4jQniASXs3ahknmDJutijtog35SAp Title: Re: Just got my LTC QT wallet hacked Post by: ljudotina on February 21, 2014, 03:49:33 PM OR maybe it's just sync problem....
Title: Re: Just got my LTC QT wallet hacked Post by: Lauda on February 21, 2014, 03:58:54 PM Possible keylogger?
Title: Re: Just got my LTC QT wallet hacked Post by: ArticMine on February 21, 2014, 04:03:43 PM Possible keylogger? Let me guess. The operating system is Microsoft Windows. Title: Re: Just got my LTC QT wallet hacked Post by: equinox9 on February 21, 2014, 04:04:11 PM I just saw 1.99 LTC get taken out of my wallet. I just upgraded to the latest LTC client, from the beta and made a transfer. Walked back into my room to see 1.99 LTC being transferred I have an encrypted wallet, which means they must have seen my password as I typed it....or something else weird thing is I use coin control and I can see where this coin came from as I have all coins of particle addresses and the from address does not appear in my wallet that I can see? I does appear to have decrimented my control though freaking out now...! Just consider this a lesson learnt. It could have been much worse - count your blessing you didnt have more stored on there. Always use paper wallets. Title: Re: Just got my LTC QT wallet hacked Post by: softbluelight on February 21, 2014, 04:04:54 PM I just upgraded to the latest LTC client, from the beta and made a transfer. is there an unconfirmed transaction that was sent without a transaction fee? Title: Re: Just got my LTC QT wallet hacked Post by: jubalix on February 21, 2014, 04:05:45 PM Possible keylogger? Let me guess. The operating system is Microsoft Windows. no its osx it has to be a key logger Title: Re: Just got my LTC QT wallet hacked Post by: Lauda on February 21, 2014, 04:14:51 PM Possible keylogger? Let me guess. The operating system is Microsoft Windows. Title: Re: Just got my LTC QT wallet hacked Post by: softbluelight on February 21, 2014, 04:24:03 PM Possible keylogger? Let me guess. The operating system is Microsoft Windows. no its osx it has to be a key logger OSX and key logger... I hope that's not the case Title: Re: Just got my LTC QT wallet hacked Post by: substratum on February 21, 2014, 06:40:48 PM OSX and key logger... I hope that's not the case Cross-platform keyloggers are already out there, I've seen someone using Adwind RAT to steal wallet files in this forum already (thread got removed). http://www.crowdstrike.com/blog/adwind-rat-rebranding/index.html Title: Re: Just got my LTC QT wallet hacked Post by: anonuser777 on February 21, 2014, 08:18:17 PM Pro tip for windows users (oxymoron?) - restrict access on your user accounts
http://www.tomsguide.com/us/standard-accounts-stop-malware,news-18326.html Title: Re: Just got my LTC QT wallet hacked Post by: PyroClasTix on February 21, 2014, 08:46:43 PM It's happened to my other account before. It's a possible RAT on your computer and keylogger.
Download "darkcomet rat remover tool" on the googles. Scan your system. Let me know. Title: Re: Just got my LTC QT wallet hacked Post by: keithers on February 22, 2014, 02:13:25 AM Has it completely synced? Seems like a hacker would wait until you have a larger balance than 1.99 LTC in your wallet before he stole it..
Title: Re: Just got my LTC QT wallet hacked Post by: substratum on February 22, 2014, 01:07:59 PM Pro tip for windows users (oxymoron?) - restrict access on your user accounts http://www.tomsguide.com/us/standard-accounts-stop-malware,news-18326.html It's certainly a good idea to run with the least privilege possible, but the article isn't quite accurate. The report in question was speaking about Microsoft software exploit attempts being mitigated, not people just running malware they find posted on a web forum. Most modern malware has moved beyond requiring admin rights. The trojans install themselves to user-owned folders and persist via user-writable registry keys. For a wallet stealer, persistence isn't even required, and your wallet.dat file is lying right there in a user folder for the taking. It might need to persist if it uses a keylogger to capture your passphrase since it doesn't know when you will be typing/pasting that in, but as I mentioned, malware can persist post-reboot without needing admin rights. So even though the advice is good for some cases, in the case of running random programs posted to Bitcointalk, it won't help you at all. |