HELP WITH A BTC TRANSACTION!

[ethersupreme]

Yesterday I made a payment to a website with your specific address. However, at the beginning of the transaction this address appeared:

1QYBTf2tDgyzc6GA8w4ycef7HjWoPgk6j

Searching in google I have seen that it is the address of a user of this forum, who coincidentally, only logged in once and does not accept private messages.

So, I feel bad thinking, but I do not know if it is a scammer who has created a malware or what. I do not have any previous transactions with that person and seeing in Blockchain receives enough bitcoins,

Does that address sound to someone? Has it happened to someone else?

[AdolfinWolf]

Yesterday I made a payment to a website with your specific address. However, at the beginning of the transaction this address appeared:

1QYBTf2tDgyzc6GA8w4ycef7HjWoPgk6j

Searching in google I have seen that it is the address of a user of this forum, who coincidentally, only logged in once and does not accept private messages.

So, I feel bad thinking, but I do not know if it is a scammer who has created a malware or what. I do not have any previous transactions with that person and seeing in Blockchain receives enough bitcoins,

Does that address sound to someone? Has it happened to someone else?

What exactly do you mean? When you tried to make the transaction, when you copied the adress you were supposed to send the bitcoin to, this adress appeared? Do i understand you correctly?

If so, you've problem fell victim to a clipboard virus that replaces the bitcoin adress you originally copied by one of theirs, effectively stealing your funds if you don't look twice at the "receiving" adress before actually sending..
https://www.bleepingcomputer.com/news/security/evrial-trojan-switches-bitcoin-addresses-copied-to-windows-clipboard/

The adress you linked is also mentioned in this thread, https://bitcointalk.org/index.php?topic=3334079.20

I just looked through the other thread, and users there are also suggesting that the OP fell victim to a/this "Copy-Paste" virus. See for yourself. I'm afraid this has happend here aswell.

You should really run some anti-virus scans, and i personally even would transfer out all the remaining funds, just to be safe.

[TheQuin]

The adress you linked is also mentioned in this thread, https://bitcointalk.org/index.php?topic=3334079.20

I just looked through the other thread, and users there are also suggesting that the OP fell victim to a/this "Copy-Paste" virus. See for yourself. I'm afraid this has happend here aswell.

It looks that way. I couldn't find the user the OP was referring to just that thread. Looking at the date of that thread and the history of address 1QYBTf2tDgyzc6GA8w4ycef7HjWoPgk6j it looks like some scammer has made 0.26549968 BTC from that virus since April.

As well as using AV software always read back addresses and double check everything before signing and sending a transaction.

[bob123]

As well as using AV software always read back addresses and double check everything before signing and sending a transaction.

Unfortunately AV software won't detect this kind of malware.
And it will always be easy to recreate another version which won't be detected.

The only real way to secure yourself is to (1) use common sense and don't download random files and (2) double checking.


OP, you can be glad it was just a clipping board malware. You could have been victim to a way more-dangerous kind of malware..

[btj]

Unfortunately you are subject to a clipboard malware !

This malware steals cryptocurrency and other electronic funds by surreptitiously modifying wallet or payment information whenever victims copy it to their devices' clipboards.

He detect if you have copied a bitcoin address, so he can generate another address almost similar to the original one and replace it then in the clipboard, when you paste it, you will make no difference between them.

I suggest you to use another LAPTOP or make new installation for your OS, try to use your wallet from safe place ... prevent accessing suspected links and download and install random files on your computer, keep your OS updated as same as your Browser.

And finally, move your coin to a new wallet in case the attacker got your private key.

[wilwxk]

It probably a simple javascript malware embedded on the payment page of the website, but the problem is that cannot be detected by any ordinary AV. And as said before, this is a very common malware, and the best you can do is vverify the address before you create the transaction.