Bitcoin Forum
November 16, 2024, 12:53:22 PM *
News: Check out the artwork 1Dq created to commemorate this forum's 15th anniversary
 
   Home   Help Search Login Register More  
Pages: [1]
  Print  
Author Topic: Phishing Scam stilling btc and using Electrum name - Be carefull!  (Read 235 times)
moraesalves (OP)
Newbie
*
Offline Offline

Activity: 7
Merit: 0


View Profile
December 29, 2017, 12:26:31 AM
Last edit: December 29, 2017, 08:47:29 PM by moraesalves
 #1

Hi guys,

please, someone help me.   Cry Cry Cry

I download from Electrum Wallet from https://electrum.org/#download and instaled it.
The computer was secure (but conected to internet) i have other wallets there and they are ok.
I never share or expose my private key or the seed, dont even had time to do that.
I make two transactions (deposits)

0511126c3516c753dcb1207b653b65a5d445064fc5466523a6bc392a84a7bf44
and
7e68f27d8b9ae703506dd09eb34b19ca34d316c5d321ba8f903b73eec0fc20f9

But some minutes later there was a third transaction (withdraw)
3e874387a5ed0a9a93c5cbbf446694d20839e91d64b25a1f06c6b95247dfdcb2

This one take all my money...

I never do this one and nobody touches my computer, i was alone and the wallet was created just few minutes before.

I guess the money is at  1L86op15jpwkowVNYgPLyfTSypnp7NXpfq  but im not shure.

Am i missing something? Or someone really stolen my btc?

Can someone please help me, i'm sure that the computer is ok and secure other way the rest of the wallets would be stolen too.

Thank you all  Cry
moraesalves (OP)
Newbie
*
Offline Offline

Activity: 7
Merit: 0


View Profile
December 29, 2017, 12:54:23 AM
 #2


No, it is not my wallet but following the money with blockexplorer.com it seems to me that the btc are there.

Anyone here can help me?

Im lost...
HCP
Legendary
*
Offline Offline

Activity: 2086
Merit: 4361

<insert witty quote here>


View Profile
December 29, 2017, 06:43:24 AM
 #3

Sorry to be the bearer of bad news, but if you did not set up and send this transaction: https://blockchain.info/tx/3e874387a5ed0a9a93c5cbbf446694d20839e91d64b25a1f06c6b95247dfdcb2 and the address 1L86op15jpwkowVNYgPLyfTSypnp7NXpfq is not in your wallet... and Electrum is showing a "0" balance, then your 2.99 BTC are gone and your chances are getting them back are basically zero Undecided

Given the transaction was sent with 973+ sats/byte fee, and fees were only around 600 at the time, it looks like someone stealing your coins and wanting the fastest confirmation possible. Sad

█████████████████████████
████▐██▄█████████████████
████▐██████▄▄▄███████████
████▐████▄█████▄▄████████
████▐█████▀▀▀▀▀███▄██████
████▐███▀████████████████
████▐█████████▄█████▌████
████▐██▌█████▀██████▌████
████▐██████████▀████▌████
█████▀███▄█████▄███▀█████
███████▀█████████▀███████
██████████▀███▀██████████
█████████████████████████
.
BC.GAME
▄▄░░░▄▀▀▄████████
▄▄▄
██████████████
█████░░▄▄▄▄████████
▄▄▄▄▄▄▄▄▄██▄██████▄▄▄▄████
▄███▄█▄▄██████████▄████▄████
███████████████████████████▀███
▀████▄██▄██▄░░░░▄████████████
▀▀▀█████▄▄▄███████████▀██
███████████████████▀██
███████████████████▄██
▄███████████████████▄██
█████████████████████▀██
██████████████████████▄
.
..CASINO....SPORTS....RACING..
█░░░░░░█░░░░░░█
▀███▀░░▀███▀░░▀███▀
▀░▀░░░░▀░▀░░░░▀░▀
░░░░░░░░░░░░
▀██████████
░░░░░███░░░░
░░█░░░███▄█░░░
░░██▌░░███░▀░░██▌
░█░██░░███░░░█░██
░█▀▀▀█▌░███░░█▀▀▀█▌
▄█▄░░░██▄███▄█▄░░▄██▄
▄███▄
░░░░▀██▄▀


▄▄████▄▄
▄███▀▀███▄
██████████
▀███▄░▄██▀
▄▄████▄▄░▀█▀▄██▀▄▄████▄▄
▄███▀▀▀████▄▄██▀▄███▀▀███▄
███████▄▄▀▀████▄▄▀▀███████
▀███▄▄███▀░░░▀▀████▄▄▄███▀
▀▀████▀▀████████▀▀████▀▀
Lucius
Legendary
*
Offline Offline

Activity: 3430
Merit: 6152


Crypto Swap Exchange🈺


View Profile WWW
December 29, 2017, 11:39:21 AM
 #4

If the wallet is download from official site then we can conclude that problem is not in fake wallet.What is most likely that you have some keylogger/malware on your PC which is wait to steal something from you,and your Electrum seed is became a valuable target.

From where you send those 2 transactions,desktop wallet or online/exchange?Since other wallets on your PC are intact maybe hacker is just targeting BTC and not altcoins you have in other wallets.

However if you 100% sure you have original Electrum and this is happen,you have something bad on your PC.Make a backup of everything you need and format disk-make a clean install of OS.Use proven antivirus+firewall and Malwarebytes Premium,never click on suspicious links or download unverified things.People who use cryptocurrency have become valuable and easy targets these days-hardware wallets,or cold storage(paper wallets) are the only way to prevent this sort of thing.

█▀▀▀











█▄▄▄
▀▀▀▀▀▀▀▀▀▀▀
e
▄▄▄▄▄▄▄▄▄▄▄
█████████████
████████████▄███
██▐███████▄█████▀
█████████▄████▀
███▐████▄███▀
████▐██████▀
█████▀█████
███████████▄
████████████▄
██▄█████▀█████▄
▄█████████▀█████▀
███████████▀██▀
████▀█████████
▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀
c.h.
▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄
▀▀▀█











▄▄▄█
▄██████▄▄▄
█████████████▄▄
███████████████
███████████████
███████████████
███████████████
███░░█████████
███▌▐█████████
█████████████
███████████▀
██████████▀
████████▀
▀██▀▀
hatshepsut93
Legendary
*
Offline Offline

Activity: 3038
Merit: 2161


View Profile
December 29, 2017, 11:50:30 AM
 #5


However if you 100% sure you have original Electrum and this is happen,you have something bad on your PC.Make a backup of everything you need and format disk-make a clean install of OS.Use proven antivirus+firewall and Malwarebytes Premium,never click on suspicious links or download unverified things.People who use cryptocurrency have become valuable and easy targets these days-hardware wallets,or cold storage(paper wallets) are the only way to prevent this sort of thing.

This is a good advice for basic computer security, and every who is dealing with cryptocurrencies should do it, but this is not enough to insure oneself against getting robbed. This is why people who are dealing with large sums are using cold storage to make sure that their private keys are never exposed to anything that is connected to the network. The easiest way to get cold storage is to order a hardware wallet, but alternative it can be built by using and old PC/laptop that is disconnected from the network and a flash drive with some trusted OS like Linux. This setup can be used to create offline wallet and sign transactions when there's a need to spend from this wallet, which are then transferred to online machine to get broadcast.
moraesalves (OP)
Newbie
*
Offline Offline

Activity: 7
Merit: 0


View Profile
December 29, 2017, 12:42:44 PM
 #6

Thank you very much guys.
Unfortunately i guess it is lost forever.
Sorry to be the bearer of bad news, but if you did not set up and send this transaction: https://blockchain.info/tx/3e874387a5ed0a9a93c5cbbf446694d20839e91d64b25a1f06c6b95247dfdcb2 and the address 1L86op15jpwkowVNYgPLyfTSypnp7NXpfq is not in your wallet... and Electrum is showing a "0" balance, then your 2.99 BTC are gone and your chances are getting them back are basically zero Undecided

Given the transaction was sent with 973+ sats/byte fee, and fees were only around 600 at the time, it looks like someone stealing your coins and wanting the fastest confirmation possible. Sad
I didn't know about the fee... now is clearly to me that someone (should be burning in hell) stole my btc.

If the wallet is download from official site then we can conclude that problem is not in fake wallet.What is most likely that you have some keylogger/malware on your PC which is wait to steal something from you,and your Electrum seed is became a valuable target.

From where you send those 2 transactions,desktop wallet or online/exchange?Since other wallets on your PC are intact maybe hacker is just targeting BTC and not altcoins you have in other wallets.

However if you 100% sure you have original Electrum and this is happen,you have something bad on your PC.Make a backup of everything you need and format disk-make a clean install of OS.Use proven antivirus+firewall and Malwarebytes Premium,never click on suspicious links or download unverified things.People who use cryptocurrency have become valuable and easy targets these days-hardware wallets,or cold storage(paper wallets) are the only way to prevent this sort of thing.

That is what i am worry about, i downloaded from the right site and have anti virus and anti malware instaled on and never use to anything beside manage crypto.
The btc lost was sent from a exodus wallet in the very same note and this wallet was not corrupted. I have no idea what happened, the computer seens clear.
Anyway, for as crazy as it seens, the most secure place that i can find to send my coins now was Bittrex until my trezor wallet arrives, besides, now i have to day trade to recover the stolem btc.

(sorry for my english, it is as poor as my crypto knowledge)

bob123
Legendary
*
Offline Offline

Activity: 1624
Merit: 2481



View Profile WWW
December 29, 2017, 02:08:22 PM
 #7

Did you check the signature of the file you've downloaded? Or at least the Hash?

If you still want to find out what happened you could check the signature of the file.
This would give the awnser to the question if you were a target in a Man-in-the-Middle atack (and only your electrum wallet was modified) or if your PC seems to be compromised.
You can find a small guide for checking signatures here: https://www.deepdotweb.com/jolly-rogers-security-guide-for-beginners/how-to-verify-your-downloaded-files-are-authentic/

For the current windows installer this is the sig:
Code:
-----BEGIN PGP SIGNATURE-----

iQIcBAABCgAGBQJaL3HRAAoJECvVgkt/lHDml7cQAIFCtI3w+2/FPWzKImdJCRky
jlOsHWYNTlODAvj1SPCP/jZkrf9dpGjqXrAIQ7q4feOnCKvlKrJCZeHe+9sHkyqD
TDDOIOORFxCFdnk4TgPe+g3kVT2/9nsIwq4n35JZVC7QQD0q9k1Epv015fQhDdoQ
fcZoq9YqSQ8zDnhd6egRYe33Tip4JWFhaHYQw/FZp3W1+/L7WBqf+z5HxdzKOpJ/
93vnhh2m2xHltqL8hZ3KXaGXAPoubffu6+BIvlKbbDX9WULIrcbHgQABYhTZ7qWj
Gu+n+lXh4omZcltSxEk6zp1jU7+7pwu9GET0epN80OAY3AfoUors4oiYYM7ab4mk
rxvPODm68z4nZE4OWDptV71yI/T5OfDT+lB3KYgtdpco7NL11Vj8PdKQJBK6ItBx
qGDr5yAfS9tm9cEKUqQSpnN+GMTYNs8b3ChLGKi2XpVSSnjzX8Z1rvYJyxhkPKvF
qSjkZLLERbKwPYsxFGECLSET6G9MBXUL0v/R9zd22WVqtyT9uPVuzIqLH7Wh5H7k
7a48+6UmGbzmwPcvaqRe4QJOAHWJv9dQ3//6KI+PV4mBBfdAqzGccJ5Fsqh2+T1s
lvlh58wHzwD2LGyaGWhA5G+6LYudbixadoOKsey8l5trgcIOcQkwe+ES1QBWtIaL
9ctR8vlq48L+/GbkX4dT
=PtAe
-----END PGP SIGNATURE-----
to be found here: https://download.electrum.org/3.0.3/electrum-3.0.3-setup.exe.asc

All files are signed by ThomasV. (https://pgp.mit.edu/pks/lookup?op=vindex&search=0x2BD5824B7F9470E6)



I have no idea what happened, the computer seens clear.

Generally, after such an incident, you should regard your computer as compromised.
Back up the most important files and wipe your drive completely. It would be safer to start from a fresh installed OS.

moraesalves (OP)
Newbie
*
Offline Offline

Activity: 7
Merit: 0


View Profile
December 29, 2017, 04:37:20 PM
 #8

Did you check the signature of the file you've downloaded? Or at least the Hash?

If you still want to find out what happened you could check the signature of the file.
This would give the awnser to the question if you were a target in a Man-in-the-Middle atack (and only your electrum wallet was modified) or if your PC seems to be compromised.
You can find a small guide for checking signatures here: https://www.deepdotweb.com/jolly-rogers-security-guide-for-beginners/how-to-verify-your-downloaded-files-are-authentic/

For the current windows installer this is the sig:
Code:
-----BEGIN PGP SIGNATURE-----

iQIcBAABCgAGBQJaL3HRAAoJECvVgkt/lHDml7cQAIFCtI3w+2/FPWzKImdJCRky
jlOsHWYNTlODAvj1SPCP/jZkrf9dpGjqXrAIQ7q4feOnCKvlKrJCZeHe+9sHkyqD
TDDOIOORFxCFdnk4TgPe+g3kVT2/9nsIwq4n35JZVC7QQD0q9k1Epv015fQhDdoQ
fcZoq9YqSQ8zDnhd6egRYe33Tip4JWFhaHYQw/FZp3W1+/L7WBqf+z5HxdzKOpJ/
93vnhh2m2xHltqL8hZ3KXaGXAPoubffu6+BIvlKbbDX9WULIrcbHgQABYhTZ7qWj
Gu+n+lXh4omZcltSxEk6zp1jU7+7pwu9GET0epN80OAY3AfoUors4oiYYM7ab4mk
rxvPODm68z4nZE4OWDptV71yI/T5OfDT+lB3KYgtdpco7NL11Vj8PdKQJBK6ItBx
qGDr5yAfS9tm9cEKUqQSpnN+GMTYNs8b3ChLGKi2XpVSSnjzX8Z1rvYJyxhkPKvF
qSjkZLLERbKwPYsxFGECLSET6G9MBXUL0v/R9zd22WVqtyT9uPVuzIqLH7Wh5H7k
7a48+6UmGbzmwPcvaqRe4QJOAHWJv9dQ3//6KI+PV4mBBfdAqzGccJ5Fsqh2+T1s
lvlh58wHzwD2LGyaGWhA5G+6LYudbixadoOKsey8l5trgcIOcQkwe+ES1QBWtIaL
9ctR8vlq48L+/GbkX4dT
=PtAe
-----END PGP SIGNATURE-----
to be found here: .asc

All files are signed by ThomasV. (https://pgp.mit.edu/pks/lookup?op=vindex&search=0x2BD5824B7F9470E6)



I have no idea what happened, the computer seens clear.

Generally, after such an incident, you should regard your computer as compromised.
Back up the most important files and wipe your drive completely. It would be safer to start from a fresh installed OS.

Ohhhhh F***
Is it possible?

First of all i downloaded from https://electrumsource.org/#download (cant remember if was the stand alone executable or windows instaler, i tried both), version 3.0.0. Is that the wrong site?Huh

I dond know how to use Kleopatra yet but the asc file on my electrum directory shows:

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1

iQIcBAABCgAGBQJZjYhyAAoJECvVgkt/lHDmf5MP/2Qai6OUKCbG/146dRa7E6em
ZU4TqrRQofgW6Ya7hO9XG3T+5ji/5HF66/SJ+G3qNVcaJnLGL3KomN42sv52WANx
1/qeOfZckwrzC/k1AmIzR43/eaGUcC9Fr+orjz2eQlpE4qfQiijvGS6T6ZMQtJFC
axKCv0pA1VvnEMlQf+PScde/BF8wgGY43xa3pm0jrHXJu0Tbtl3JvuDrh9sI1Zan
fhjV7OldtOijNmvj0mAGbvuSjZKN3Pf3VKHD1acGQ92Owj19j/MB9lgesbrygvvk
7fX+9Lw9yl9BK9JD0xTnhrNTRZvVLp4fKskAF6KfhkJjm+bm+m+p/WTp1IfrywXY
CYx/GD6ZbSqrwnq7sEUhVaaLQC33G97Lwu1Jmsm8fu5iy+QcE7kCa+Pu9C8kv1e4
zwVK/kiyHQSY8m506GgrJhtfODmeTloryUNterKoFaRjuN9bRPxotr85QdhVy4Ci
PoWW8+tHttmHsLfF9CtcmYkzSSYyB+HsTSvhkgs/Rl4zJ2526Xw4i10scfD0dhar
ikk8OONbYFWO0LJSgakqcezhYgGqMiyw7jXMS+II1QSvCHDgpCpnLekoYclH/lo/
Kdzq/OwUdm3peh39hggy5LwciC3OXG9EslhNlP6HqK9rg1AAsGGAoIr+jpbmRBqD
577hMthTTwWAlU9B0nke
=YtfS
-----END PGP SIGNATURE-----

!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!! Angry Angry Angry Angry Angry Angry Angry Angry

Oh my God!!!!

https://electrumsource.org is fake isnt it?? We must take this site down, they are stollen money from assholes like me and spoiling the reputation of the wallet!!

TryNinja
Legendary
*
Offline Offline

Activity: 3024
Merit: 7443


Top Crypto Casino


View Profile WWW
December 29, 2017, 05:06:44 PM
 #9

Ohhhhh F***
Is it possible?

First of all i downloaded from https://electrumsource.org/#download (cant remember if was the stand alone executable or windows instaler, i tried both), version 3.0.0. Is that the wrong site?Huh

I dond know how to use Kleopatra yet but the asc file on my electrum directory shows:

-snip-

https://electrumsource.org is fake isnt it?? We must take this site down, they are stollen money from assholes like me and spoiling the reputation of the wallet!!
Yeah... This website and the binaries are fake. The only real website you should use to download Electrum is: https://electrum.org/

This means that you coins are gone and there is really no way to recover them. And that's not the first time I see people falling for this scam. I'm sorry Undecided

███████████████████████
████▐██▄█████████████████
████▐██████▄▄▄███████████
████▐████▄█████▄▄████████
████▐█████▀▀▀▀▀███▄██████
████▐███▀████████████████
████▐█████████▄█████▌████
████▐██▌█████▀██████▌████
████▐██████████▀████▌████
█████▀███▄█████▄███▀█████
███████▀█████████▀███████
██████████▀███▀██████████

███████████████████████
.
BC.GAME
▄▄▀▀▀▀▀▀▀▄▄
▄▀▀░▄██▀░▀██▄░▀▀▄
▄▀░▐▀▄░▀░░▀░░▀░▄▀▌░▀▄
▄▀▄█▐░▀▄▀▀▀▀▀▄▀░▌█▄▀▄
▄▀░▀░░█░▄███████▄░█░░▀░▀▄
█░█░▀░█████████████░▀░█░█
█░██░▀█▀▀█▄▄█▀▀█▀░██░█
█░█▀██░█▀▀██▀▀█░██▀█░█
▀▄▀██░░░▀▀▄▌▐▄▀▀░░░██▀▄▀
▀▄▀██░░▄░▀▄█▄▀░▄░░██▀▄▀
▀▄░▀█░▄▄▄░▀░▄▄▄░█▀░▄▀
▀▄▄▀▀███▄███▀▀▄▄▀
██████▄▄▄▄▄▄▄██████
.
..CASINO....SPORTS....RACING..


▄▄████▄▄
▄███▀▀███▄
██████████
▀███▄░▄██▀
▄▄████▄▄░▀█▀▄██▀▄▄████▄▄
▄███▀▀▀████▄▄██▀▄███▀▀███▄
███████▄▄▀▀████▄▄▀▀███████
▀███▄▄███▀░░░▀▀████▄▄▄███▀
▀▀████▀▀████████▀▀████▀▀
Lucius
Legendary
*
Offline Offline

Activity: 3430
Merit: 6152


Crypto Swap Exchange🈺


View Profile WWW
December 29, 2017, 05:20:09 PM
 #10

In your first post you post link to official site of Electrum and now you say that you download it from this fake site, so it is fake wallet who steal your BTC and nothing else.But it is good that you admitted your mistake so we know what it is all about,unfortunately you pay high price just because you did not check is this site is real or fake.

There are lot of such sites,and no matter how many of them are closed new ones appear constantly.Stealing of cryptocurrency has become a very lucrative business...

█▀▀▀











█▄▄▄
▀▀▀▀▀▀▀▀▀▀▀
e
▄▄▄▄▄▄▄▄▄▄▄
█████████████
████████████▄███
██▐███████▄█████▀
█████████▄████▀
███▐████▄███▀
████▐██████▀
█████▀█████
███████████▄
████████████▄
██▄█████▀█████▄
▄█████████▀█████▀
███████████▀██▀
████▀█████████
▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀
c.h.
▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄
▀▀▀█











▄▄▄█
▄██████▄▄▄
█████████████▄▄
███████████████
███████████████
███████████████
███████████████
███░░█████████
███▌▐█████████
█████████████
███████████▀
██████████▀
████████▀
▀██▀▀
moraesalves (OP)
Newbie
*
Offline Offline

Activity: 7
Merit: 0


View Profile
December 29, 2017, 05:39:22 PM
 #11

In your first post you post link to official site of Electrum and now you say that you download it from this fake site, so it is fake wallet who steal your BTC and nothing else.But it is good that you admitted your mistake so we know what it is all about,unfortunately you pay high price just because you did not check is this site is real or fake.

There are lot of such sites,and no matter how many of them are closed new ones appear constantly.Stealing of cryptocurrency has become a very lucrative business...

Yes, you are right in the first post i access the site from this computer but now that i am trying to check signature i access the site again from the computer with the wallet and notice the diferent address and version of the wallet.

Thank you all for the help and support. It was a expensive mistake for me.
audaciousbeing
Hero Member
*****
Offline Offline

Activity: 1330
Merit: 569



View Profile
December 29, 2017, 06:16:47 PM
 #12

In your first post you post link to official site of Electrum and now you say that you download it from this fake site, so it is fake wallet who steal your BTC and nothing else.But it is good that you admitted your mistake so we know what it is all about,unfortunately you pay high price just because you did not check is this site is real or fake.

There are lot of such sites,and no matter how many of them are closed new ones appear constantly.Stealing of cryptocurrency has become a very lucrative business...

Yes, you are right in the first post i access the site from this computer but now that i am trying to check signature i access the site again from the computer with the wallet and notice the diferent address and version of the wallet.

Thank you all for the help and support. It was a expensive mistake for me.

This is more than an expensive mistake its a grievous one at that to lose over $30000 just like that, the scammers would be happy someone fell for their unscrupulous action. After reading the entire thread, the take home from there is that we should be more careful from the source we download from as the slightest error in spelling, or arrangement of the letters could be a smoking gun which should be investigated and be sure before going ahead.

I want to suggest that you change the title of the thread to indicate its from a fake Electrum website because I must admit, after reading your first message I was a bit scared of whether Electrum has been comprised. Doing this will make people more careful in downloading softwares.
flatfly
Legendary
*
Offline Offline

Activity: 1092
Merit: 1016

760930


View Profile
December 29, 2017, 07:25:50 PM
 #13

Sorry for your loss.

How did you actually come across that fake download site?  I can't find it using Google, no matter what keywords I try.

Finding out where you got that URL from (forum post? IRC? email?) might lead to the attacker.
moraesalves (OP)
Newbie
*
Offline Offline

Activity: 7
Merit: 0


View Profile
December 29, 2017, 08:42:36 PM
 #14

In your first post you post link to official site of Electrum and now you say that you download it from this fake site, so it is fake wallet who steal your BTC and nothing else.But it is good that you admitted your mistake so we know what it is all about,unfortunately you pay high price just because you did not check is this site is real or fake.

There are lot of such sites,and no matter how many of them are closed new ones appear constantly.Stealing of cryptocurrency has become a very lucrative business...

Yes, you are right in the first post i access the site from this computer but now that i am trying to check signature i access the site again from the computer with the wallet and notice the diferent address and version of the wallet.

Thank you all for the help and support. It was a expensive mistake for me.

This is more than an expensive mistake its a grievous one at that to lose over $30000 just like that, the scammers would be happy someone fell for their unscrupulous action. After reading the entire thread, the take home from there is that we should be more careful from the source we download from as the slightest error in spelling, or arrangement of the letters could be a smoking gun which should be investigated and be sure before going ahead.

I want to suggest that you change the title of the thread to indicate its from a fake Electrum website because I must admit, after reading your first message I was a bit scared of whether Electrum has been comprised. Doing this will make people more careful in downloading softwares.


Yes that mistake destroy my hollyday, my humor and my guts (literaly).
I would change the title of the topic as you sugested.

Sorry for your loss.

How did you actually come across that fake download site?  I can't find it using Google, no matter what keywords I try.

Finding out where you got that URL from (forum post? IRC? email?) might lead to the attacker.

I foud the fake site just typing "electrum wallet" on google (i am using www.google.com.br) or just "electrum".
To me the fake appears o top, above the correct site. Is the first site on this search....
TryNinja
Legendary
*
Offline Offline

Activity: 3024
Merit: 7443


Top Crypto Casino


View Profile WWW
December 29, 2017, 09:13:03 PM
 #15

I foud the fake site just typing "electrum wallet" on google (i am using www.google.com.br) or just "electrum".
To me the fake appears o top, above the correct site. Is the first site on this search....
That's probably an ad.

It is common for scammers to pay Google so their fake website can be shown above the real website. The same happened with BitMixer and now is happening with ChipMixer.

Everybody can help by reporting the website to google with this form: https://safebrowsing.google.com/safebrowsing/report_phish/

███████████████████████
████▐██▄█████████████████
████▐██████▄▄▄███████████
████▐████▄█████▄▄████████
████▐█████▀▀▀▀▀███▄██████
████▐███▀████████████████
████▐█████████▄█████▌████
████▐██▌█████▀██████▌████
████▐██████████▀████▌████
█████▀███▄█████▄███▀█████
███████▀█████████▀███████
██████████▀███▀██████████

███████████████████████
.
BC.GAME
▄▄▀▀▀▀▀▀▀▄▄
▄▀▀░▄██▀░▀██▄░▀▀▄
▄▀░▐▀▄░▀░░▀░░▀░▄▀▌░▀▄
▄▀▄█▐░▀▄▀▀▀▀▀▄▀░▌█▄▀▄
▄▀░▀░░█░▄███████▄░█░░▀░▀▄
█░█░▀░█████████████░▀░█░█
█░██░▀█▀▀█▄▄█▀▀█▀░██░█
█░█▀██░█▀▀██▀▀█░██▀█░█
▀▄▀██░░░▀▀▄▌▐▄▀▀░░░██▀▄▀
▀▄▀██░░▄░▀▄█▄▀░▄░░██▀▄▀
▀▄░▀█░▄▄▄░▀░▄▄▄░█▀░▄▀
▀▄▄▀▀███▄███▀▀▄▄▀
██████▄▄▄▄▄▄▄██████
.
..CASINO....SPORTS....RACING..


▄▄████▄▄
▄███▀▀███▄
██████████
▀███▄░▄██▀
▄▄████▄▄░▀█▀▄██▀▄▄████▄▄
▄███▀▀▀████▄▄██▀▄███▀▀███▄
███████▄▄▀▀████▄▄▀▀███████
▀███▄▄███▀░░░▀▀████▄▄▄███▀
▀▀████▀▀████████▀▀████▀▀
flatfly
Legendary
*
Offline Offline

Activity: 1092
Merit: 1016

760930


View Profile
December 29, 2017, 09:31:12 PM
Last edit: December 30, 2017, 09:19:55 AM by flatfly
 #16

Sorry for your loss.

How did you actually come across that fake download site?  I can't find it using Google, no matter what keywords I try.

Finding out where you got that URL from (forum post? IRC? email?) might lead to the attacker.

Quote
I foud the fake site just typing "electrum wallet" on google (i am using www.google.com.br) or just "electrum".
To me the fake appears o top, above the correct site. Is the first site on this search....

This seems to be a well-executed and advanced scam campaign, and is still ongoing.

I've just identified more domains, most probably run by the same attackers:

  www . electrumproject . org
  www . electrumonline . org
  www . electrumsource . org
  www . openelectrum . org
  www . electrumsoft . org

I would suggest to file a police report with your local cybercrime dept (if any), and/or CERT Brazil (www.cert.br) .

leepsteer000
Newbie
*
Offline Offline

Activity: 22
Merit: 0


View Profile
December 30, 2017, 04:33:51 AM
 #17

Same happened to me mate
\check this topic: https://bitcointalk.org/index.php?topic=2579042.msg26916062#msg26916062

i have no idea how and why i downloaded it from their site im sure http://electrum.org/ directed me there.
Scammers
Lucius
Legendary
*
Offline Offline

Activity: 3430
Merit: 6152


Crypto Swap Exchange🈺


View Profile WWW
December 30, 2017, 02:02:02 PM
 #18

I foud the fake site just typing "electrum wallet" on google (i am using www.google.com.br) or just "electrum".
To me the fake appears o top, above the correct site. Is the first site on this search....
That's probably an ad.

It is common for scammers to pay Google so their fake website can be shown above the real website. The same happened with BitMixer and now is happening with ChipMixer.

Everybody can help by reporting the website to google with this form: https://safebrowsing.google.com/safebrowsing/report_phish/

I just use google search for "Electrum" and get one of the fake sites at the top of the page,it is paid advertising and it is big problem for crypto community.Since Electrum is one of the most popular wallets we can only imagine how many people are deceived and lost their money.

I will definitely report each of these fake pages and I hope Google will do something about that quickly.I do not know it is possible but they should not allow any advertising with "electrum" in the name of the site.

█▀▀▀











█▄▄▄
▀▀▀▀▀▀▀▀▀▀▀
e
▄▄▄▄▄▄▄▄▄▄▄
█████████████
████████████▄███
██▐███████▄█████▀
█████████▄████▀
███▐████▄███▀
████▐██████▀
█████▀█████
███████████▄
████████████▄
██▄█████▀█████▄
▄█████████▀█████▀
███████████▀██▀
████▀█████████
▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀
c.h.
▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄
▀▀▀█











▄▄▄█
▄██████▄▄▄
█████████████▄▄
███████████████
███████████████
███████████████
███████████████
███░░█████████
███▌▐█████████
█████████████
███████████▀
██████████▀
████████▀
▀██▀▀
moraesalves (OP)
Newbie
*
Offline Offline

Activity: 7
Merit: 0


View Profile
December 31, 2017, 01:28:27 PM
 #19

I foud the fake site just typing "electrum wallet" on google (i am using www.google.com.br) or just "electrum".
To me the fake appears o top, above the correct site. Is the first site on this search....
That's probably an ad.

It is common for scammers to pay Google so their fake website can be shown above the real website. The same happened with BitMixer and now is happening with ChipMixer.

Everybody can help by reporting the website to google with this form: https://safebrowsing.google.com/safebrowsing/report_phish/

I just use google search for "Electrum" and get one of the fake sites at the top of the page,it is paid advertising and it is big problem for crypto community.Since Electrum is one of the most popular wallets we can only imagine how many people are deceived and lost their money.

I will definitely report each of these fake pages and I hope Google will do something about that quickly.I do not know it is possible but they should not allow any advertising with "electrum" in the name of the site.

I agree, that is for sure a big scam campaing the almost 3 btc stollen from me is at the same adress yet meaning the thiefs dont even noticed or used that. This people are making big money with this sites.

In the moment the electrumsource.org don appear on google search but still on air, instead the first seite on this search is www.electrumsoft.org/‎.

Already alerted google and now im making the properly report to local police.

Thank you guys


Spendulus
Legendary
*
Offline Offline

Activity: 2926
Merit: 1386



View Profile
January 02, 2018, 03:14:37 AM
 #20

I foud the fake site just typing "electrum wallet" on google (i am using www.google.com.br) or just "electrum".
To me the fake appears o top, above the correct site. Is the first site on this search....
That's probably an ad.

It is common for scammers to pay Google so their fake website can be shown above the real website. The same happened with BitMixer and now is happening with ChipMixer.

Everybody can help by reporting the website to google with this form: https://safebrowsing.google.com/safebrowsing/report_phish/

The "don't care" and somewhat enabling attitude of Google is rather alarming.

I just use google search for "Electrum" and get one of the fake sites at the top of the page,it is paid advertising and it is big problem for crypto community.Since Electrum is one of the most popular wallets we can only imagine how many people are deceived and lost their money.

I will definitely report each of these fake pages and I hope Google will do something about that quickly.I do not know it is possible but they should not allow any advertising with "electrum" in the name of the site.

I agree, that is for sure a big scam campaing the almost 3 btc stollen from me is at the same adress yet meaning the thiefs dont even noticed or used that. This people are making big money with this sites.

In the moment the electrumsource.org don appear on google search but still on air, instead the first seite on this search is www.electrumsoft.org/‎.

Already alerted google and now im making the properly report to local police.

Thank you guys



Pages: [1]
  Print  
 
Jump to:  

Powered by MySQL Powered by PHP Powered by SMF 1.1.19 | SMF © 2006-2009, Simple Machines Valid XHTML 1.0! Valid CSS!