 Show Posts
|
|
Pages: « 1 [2]
|
Where did you download the wallet client from?
Sorry, I don't remember. I do recall that it wasn't easy to find one for Mac OS X. I did not build it on my machine, but downloaded a binary. It's Bitcoin-Qt version v0.8.1-beta. What could possibly go wrong when you download a binary from an untrusted source and run it on your computer?  Random8 |
|
|
|
|
I'm pretty sure that somebody else got my BTC, and that they are not lurking in my wallet. Here are some suspicious-looking lines from the wallet's debug.log file. Note the 1HeAK... address in the log, also the c60852... transaction address. For reference, here's how the wallet shows the transaction details:
=============================
Date: 6/17/13 19:42
To: 1HeAK9siHVWYfWGBVBcGz13WUZkYs5aUGx
Debit: -3.17115309 BTC
Net amount: -3.17115309 BTC
Transaction ID: c60852ef789ed44c4d7ff67e0e43c49a16eed18815b4001e3887e273a4b9a0a2
=============================debug.log excerpt:
NotifyKeyStoreStatusChanged
SelectCoins() best subset: 1.36 1.04 0.23 0.19 0.19 0.09 0.01017547 0.01000882 0.01 0.01 0.01 0.01 0.01 0.000168 0.0000752 0.0000736 0.00007 0.0000576 0.0000576 0.0000496 0.0000496 0.00004 0.00004 0.00004 0.00004 0.00004 0.0000272 0.0000256 0.0000256 0.0000216 0.00002 0.0000176 0.0000104 0.0000096 0.000006 0.000004 total 3.17115309
CommitTransaction:
CTransaction(hash=c60852ef78, ver=1, vin.size=36, vout.size=1, nLockTime=0)
CTxIn(COutPoint(b9e681b76b, 552), scriptSig=30450220563e080d95a17264)
CTxIn(COutPoint(1dd8186b9b, 36), scriptSig=3045022058f6a23cb1df5e93)
... (similar lines omitted)
CTxIn(COutPoint(327470ddcf, 813), scriptSig=3046022100d8f12b8c7f8f2b)
CTxOut(nValue=3.17115309, scriptPubKey=OP_DUP OP_HASH160 b6892d5dd8bd)
AddToWallet c60852ef78 new
WalletUpdateSpent found spent coin 0.000004bc b9e681b76b4e0a1f015b9b8e1dee7da504be83bd8214231eb3dc4ad3d769dae3
NotifyTransactionChanged b9e681b76b4e0a1f015b9b8e1dee7da504be83bd8214231eb3dc4ad3d769dae3 status=1
WalletUpdateSpent found spent coin 0.01017547bc c224e8734f10f85a502605eeff4525b6fb0648cfd9cd0b5842a40b3841de6854
NotifyTransactionChanged c224e8734f10f85a502605eeff4525b6fb0648cfd9cd0b5842a40b3841de6854 status=1
... (similar lines omitted)
WalletUpdateSpent found spent coin 0.00004bc 327470ddcf344fc9124fbc2158e4227c4c963d07353e66923eeea6c660c43ed9
NotifyTransactionChanged 327470ddcf344fc9124fbc2158e4227c4c963d07353e66923eeea6c660c43ed9 status=1
NotifyTransactionChanged c60852ef789ed44c4d7ff67e0e43c49a16eed18815b4001e3887e273a4b9a0a2 status=0
... (similar lines omitted)
AddToWallet c60852ef78
NotifyTransactionChanged c60852ef789ed44c4d7ff67e0e43c49a16eed18815b4001e3887e273a4b9a0a2 status=1
CTxMemPool::accept() : accepted c60852ef78 (poolsz 760)
Relaying wtx c60852ef78
NotifyAddressBookChanged 1HeAK9siHVWYfWGBVBcGz13WUZkYs5aUGx isMine=0 status=0
=========================
|
|
|
|
Maybe you restored the wrong wallet.dat?
No, it was the most recent backup, about 30 minutes prior, from my Time Capsule. Verified by the last modification date on the wallet.dat file. Random8 |
|
|
|
What do you mean that you wanted to make a new address to send to an exchange?
Sorry, my mistake. I meant to say that I wanted to make a new address to receive coins from an exchange. I was converting LTC to BTC. When I tried to create the new receive address, it asked me for the wallet password. I entered it, and that's when the hack occurred. Random8 |
|
|
|
bongwater,
They were sent to: 1HeAK9siHVWYfWGBVBcGz13WUZkYs5aUGx
The wallet transaction info is shown in another of my posts, above.
Random8
And, is it just coincidence that the address starts with 1HeAK? Sounds like "Hack"? Random8 |
|
|
|
|
bongwater,
They were sent to: 1HeAK9siHVWYfWGBVBcGz13WUZkYs5aUGx
The wallet transaction info is shown in another of my posts, above.
Random8
|
|
|
|
Did this totally clean out your wallet? I noticed 0.01 BTC left on 1Gi9WcK7gVufFf3eZ5jjK6nWRbPRcigLtH in this transaction. Strange they did not totally clean you out.
Yes, they kindly left 0.01 BTC in my wallet. Random8 |
|
|
|
Seems like a user error, doubt you were hacked.
bongwater, That would seem like the most likely scenario, especially given that I'm a bitcoin (although not a computer) n00b. But, I've never even tried to send bitcoins, only received them. I have to make a correction to my original post -- I was trying to create a new RECEIVE key, in order to receive coins from an exchange. That's why I thought I was hacked. Random8 |
|
|
|
|
Lizard,
Thanks for looking at this. The info for the transaction is:
Date: 6/17/13 19:42
To: 1HeAK9siHVWYfWGBVBcGz13WUZkYs5aUGx
Debit: -3.17115309 BTC
Net amount: -3.17115309 BTC
Transaction ID: c60852ef789ed44c4d7ff67e0e43c49a16eed18815b4001e3887e273a4b9a0a2
I notice that the address has been used once before.
Regards,
Random8
|
|
|
|
|
If a program that wasn't running on my Mac could connect to Bitcoin-Qt, it might be able to steal the coins, but I don't know how someone from the Internet could do it. I checked my router, and its firewall is running, which should prevent anyone from connecting to the wallet app from the Internet.
Random8
|
|
|
|
I installed Bitcoin-Qt on my iMac, put some bitcoins in it, and locked the wallet. When I wanted to make a new address to send some bitcoins to an exchange, it asked me to unlock my wallet. I entered the key, and the wallet application locked up. I had to kill the task. When I started it up, it said my wallet was corrupted. I restored my wallet from a backup, and discovered that all of my bitcoins (over 3 coins  ) had been transferred. They had been transferred to an address I've never used before. In fact, I've never transferred any bitcoins out of my wallet. Well, the fact that I lost over $USD300 in coins is bad, but I'll chalk that up to experience. What I'd like to know is how it was done. I can only guess that my computer has been infected with malware that was waiting for me to unlock my wallet so it could do a transfer. Is this a known hack? Thanks, Random8, bitcoin n00b |
|
|
|
|
