Bitcoin Forum

Bitcoin => Electrum => Topic started by: amgsp on December 03, 2020, 10:17:37 PM



Title: Big Problem with Electrum Wallet
Post by: amgsp on December 03, 2020, 10:17:37 PM
Hi, on November 25 I generated a new bitcoin address with my Electrum wallet and loaded it in my website. Yesterday a customer contacted me to say that he sent a payment of $1800 and that he didn't receive any confirmation.
I checked my electrum wallet and there is no money in it. I am 100% sure I used the right address, and copy-pasted it correctly, I have done this thousands of times.
More than that, when I try to generate a new address and also look into history, it looks like I never has that bitcoin address, like it's part of another wallet.
Is this because of the DDOS attack? I'm panicking because of this, this is a very big deal for me. Please let me know if you know anything.
I'm using the latest version of electrum, I also restarted the program and also my PC.
Thank you!


Title: Re: Big Problem with Electrum Wallet
Post by: amgsp on December 03, 2020, 10:23:42 PM
I forgot to mention that the transaction do show on blockchain, so the customer did send the funds


Title: Re: Big Problem with Electrum Wallet
Post by: Indymoney on December 03, 2020, 10:24:57 PM
Hi, on November 25 I generated a new bitcoin address with my Electrum wallet and loaded it in my website. Yesterday a customer contacted me to say that he sent a payment of $1800 and that he didn't receive any confirmation.
I checked my electrum wallet and there is no money in it. I am 100% sure I used the right address, and copy-pasted it correctly, I have done this thousands of times.
More than that, when I try to generate a new address and also look into history, it looks like I never has that bitcoin address, like it's part of another wallet.
Is this because of the DDOS attack? I'm panicking because of this, this is a very big deal for me. Please let me know if you know anything.
I'm using the latest version of electrum, I also restarted the program and also my PC.
Thank you!
Currently we have too many pishing sites and these are stealing money so I am also feeling you are using wallet from any pishing site not from original site so you are facing problem like this and your funds already stolen.


Title: Re: Big Problem with Electrum Wallet
Post by: amgsp on December 03, 2020, 10:30:00 PM
I am not using a fake version of electrum. I have used version 4.04 for weeks now, I got multiple other payments with no problems with the same wallet. I have today updated to 4.05


Title: Re: Big Problem with Electrum Wallet
Post by: logfiles on December 03, 2020, 10:30:40 PM
Copy-pasting alone without verifying the address does not guarantee that the address you just copied and pasted are the same. There is a clipboard malware that tends to change a bitcoin address you just copied to the bitcoin address of the hacker so if you don't cross check, you might end up pasting a malicious bitcoin address.

On your wallet click on View > Show addresses > Addresses and see if the address is among the listed addresses


Title: Re: Big Problem with Electrum Wallet
Post by: amgsp on December 03, 2020, 10:36:29 PM
I did verify it, I'm using electrum and dealing with BTC for many years now. I know what I'm doing.
I have used version 4.02 for weeks now, received multiple payments with no problems. I have today upgraded to 4.05 thinking maybe the payment is not showing because of this.
I also received 7 payment yesterday on another wallet, so if someone hacked me in any way, he would have gotten multiple transaction from me.


Title: Re: Big Problem with Electrum Wallet
Post by: Indymoney on December 03, 2020, 10:37:04 PM
Copy-pasting alone without verifying the address does not guarantee that the address you just copied and pasted are the same. There is a clipboard malware that tends to change a bitcoin address you just copied to the bitcoin address of the hacker so if you don't cross check, you might end up pasting a malicious bitcoin address.

On your wallet click on View > Show addresses > Addresses and see if the address is among the listed addresses

He already mention about this its not showing in history or list may be some type clipboard malware during updating happen.
Quote
More than that, when I try to generate a new address and also look into history, it looks like I never has that bitcoin address, like it's part of another wallet.


Title: Re: Big Problem with Electrum Wallet
Post by: amgsp on December 03, 2020, 10:51:48 PM
I  have also tried generating a new address now on the 4.02 version NOW, I have checked it and it is valid, it is belonging to my wallet.


Title: Re: Big Problem with Electrum Wallet
Post by: logfiles on December 03, 2020, 10:53:53 PM
Let me get this right.

You say, you put in an address you generated from your wallet a few days back on to your website but now the address appearing there is totally different from the ones currently in the wallet?



Title: Re: Big Problem with Electrum Wallet
Post by: amgsp on December 03, 2020, 10:58:38 PM
Let me get this right.

You say, you put in an address you generated from your wallet a few days back on to your website but now the address appearing there is totally different from the ones currently in the wallet?



No, sorry. The address that I entered on the website is still the same. But it seems that is not belonging to me, even if I carefully copy-pasted in from my 4.02 electrum wallet.
I have just checked my OS for viruses, fake apps etc. Nothing shows up


Title: Re: Big Problem with Electrum Wallet
Post by: logfiles on December 03, 2020, 11:34:28 PM
No, sorry. The address that I entered on the website is still the same. But it seems that is not belonging to me, even if I carefully copy-pasted in from my 4.02 electrum wallet.
I have just checked my OS for viruses, fake apps etc. Nothing shows up
Apart from
1. A hacker hijacking your website or servers and then changing the address into his if your website's security is weak
2. Importation of your wallet using different address formats or derivation paths
3. Clipboard hijacking malware.

I don't see how it's a problem of electrum wallet.


Title: Re: Big Problem with Electrum Wallet
Post by: Joel_Jantsen on December 03, 2020, 11:40:29 PM
I know what I'm doing.
Doesn't seem like it..

Not sure how helpful it is for you but have a look at this thread and how I got hacked off my Electrum wallet when I knew "I was doing everything right", I wasn't.
https://bitcointalk.org/index.php?topic=5129118.msg50500408#msg50500408

The address that you copy-paste on your website if seen on a block explorer, does it show the funds you received? Does it show any transactions at all?

Will be helpful if you link to those addresses and transactions.


Title: Re: Big Problem with Electrum Wallet
Post by: amgsp on December 03, 2020, 11:40:49 PM
No, sorry. The address that I entered on the website is still the same. But it seems that is not belonging to me, even if I carefully copy-pasted in from my 4.02 electrum wallet.
I have just checked my OS for viruses, fake apps etc. Nothing shows up
Apart from
1. A hacker hijacking your website or servers and then changing the address into his if your website's security is weak
2. Importation of your wallet using different address formats or derivation paths
3. Clipboard hijacking malware.

I don't see how it's a problem of electrum wallet.

All the above are excluded, I already explained.

How about a temporary vulnerability in the Electrum 4.02 version? What do you think about that?


Title: Re: Big Problem with Electrum Wallet
Post by: logfiles on December 03, 2020, 11:48:31 PM
How about a temporary vulnerability in the Electrum 4.02 version? What do you think about that?
It's not possible unless you downloaded a fake version of electrum where there is a possibility of hackers sneaking it in onto the official website in case the temporarily hijacked it, that's why they always emphasize, do not trust, always verify.

Your seed will always generate the same addresses regardless of the software version you are using, so long as it's the same address format and derivation path.


Title: Re: Big Problem with Electrum Wallet
Post by: ranochigo on December 04, 2020, 02:58:42 AM
How about a temporary vulnerability in the Electrum 4.02 version? What do you think about that?
Possible. But there isn't a known vulnerability affecting Electrum as of now. If you were to verify[1] Electrum, you can eliminate the possibility of you having downloaded a malicious version. How are you loading it into the website? Can you be certain if the customer is trying to scam you by telling you they've paid and provided you with a fake TXID that sends the transaction to another address?

[1] https://bitcointalk.org/index.php?topic=5240594.0


Title: Re: Big Problem with Electrum Wallet
Post by: khaled0111 on December 04, 2020, 05:17:56 PM
Do you generate a new receiving address for each client manually? Did you restore your wallet from seed after generating that address?
If yes, then your problem could be caused by the gap limit!
Try to change the gap limit and see if that address appears in the addresses list: go to "Console" and enter this command:
Code:
wallet.change_gap_limit(x)
x is the new gap limit. Set it depending on how many receiving addresses you generated
To check whether the address belongs to your wallet or not: restart Electrum and from console enter the following command:
Code:
ismine ('address')
It should return true if the address is indeed part of your wallet.