How can someone move my btc that is a local wallet?

[Lucius]

I'm an optimist.  I learn from my mistakes and move on.  I don't feel bad about this.

Good for you, some people would suffer a psychological breakdown if they lost $56 000+, but there are obviously people who can afford it. I think you still have a lot to learn when it comes to protection of cryptocurrency, it is not easy to be your own bank.

I also filed a complaint with the FBI and have some security guys helping me to do some investigating.  I do have some general idea where the attack came from; but I'll keep it like this for now.  I want the fed to get involved and hopefully they'll.

I think the FBI can only help you if it's a hacker from the USA, because if it is Russia or some other exotic country... In any case, good luck with the investigation.

[amishmanish]

It is confirmed he first enter through myqnapcloud.com.  Then access my NAS.  Yes.  One password was compromised and I should of done a better job securing that.  Regardless its mitigated.

I also filed a complaint with the FBI and have some security guys helping me to do some investigating.  I do have some general idea where the attack came from; but I'll keep it like this for now.  I want the fed to get involved and hopefully they'll.

Status: 152 confirmations
Date: 4/15/20 02:39
To: 3KkktVYUaCR52oZUdZzpuXFMvqpLmYFaqA
Debit: -8.08116106 BTC
Transaction fee: -0.00004310 BTC
Net amount: -8.08120416 BTC
Transaction ID: 668c2e5d00e25f15c23a8f843dfc4502a595343b78ede0e99eb935710f9be726
Transaction total size: 557 bytes
Transaction virtual size: 315 bytes
Output index: 0

Sorry for your loss. Its brave that you are going to the bottom of this and doing everything to figure out what went wrong. Such incidents are an eye-opener to everyone. I have heard about phishing programs and keyloggers and that even virus scanners ending up installing such malware. I have a few questions to ask regarding this:

1. This is a targeted hack. Does that mean that the attacker probably had a way of knowing that cwwang had those kind of funds stored? I have heard of malware that randomly just scans computers to pick up presence of wallet.dat files?
2. How to classify such attacks? What are the ways in which it is possible to lose all your keys from a network connected PC?
3. Is there any Standard Operating Procedure where you can run a wallet like electrum on a network connected PC (for small, normal transactions) that would ensure that malware/ keyloggers don't get access to your computer?
4. Suppose a keylogger is active on my PC. Shouldn't it be possible to see it in background activity as some undefined/ random process (Talking about Windows).

These are just some of the questions that come to mind on seeing such attacks. It'll be great if those who know this stuff can answer. @cwwang, Can you please share that how did you figure out the modus operandi that you have described above.

[Twinkledoe]

Below is the transaction of someone sent my 8.08 coins to an unknown address
4/15/20 02:39 Confirmed (151 confirmations). Sent to (no label) 3KkktVYUaCR52oZUdZzpuXFMvqpLmYFaqA -8.08120416

Another in a series of sad stories, but also warning that such amount of coins should not be stored in desktop wallet, on the computer we use for everyday needs. It seems to me at first that this was not an accidental attack, but that you were the intended target. All those who knew you had so much BTC are suspicious, no matter how much you trust them. I would personally go in that direction, though it is something that would require a thorough investigation and resources that you probably do not have.

Part of your BTC is now on this address https://www.blockchain.com/btc/address/38sDP6DuzMkp8NBxX2XhgF8eLWRoWTHHUo , and you can try to report them, but it is possible that the hacker has already sold them, and they have a new legitimate owner.

 I'm an optimist.  I learn from my mistakes and move on.  I don't feel bad about this.

Wow, that's pretty large sum of money that you lost here. I read all the replies from here so in case I know also what to do with my wallet. Sometimes, we don't know if our computer is compromised or not. I hope you will recover that losses soon. Just remember, money can always be replaced. Life moves on.

[mocacinno]

1. This is a targeted hack. Does that mean that the attacker probably had a way of knowing that cwwang had those kind of funds stored? I have heard of malware that randomly just scans computers to pick up presence of wallet.dat files?

If it was a targeted attack, the attacker must have known about cwwang's crypto holdings, otherwise it wouldn't have been a targeted attack.
This being said, there's plenty of malware that's included into many real and fake programs, usually tools that have something to do with crypto, meanth to infect as many people as possible in the hope of finding a wallet, or copy/pasting keys, or copying the thief's address whenever a btc address is placed in the clipboard.

2. How to classify such attacks? What are the ways in which it is possible to lose all your keys from a network connected PC?

Don't know about the classification, but sure, if your wallet is compromised, it's usually all keys that get stolen at once.

3. Is there any Standard Operating Procedure where you can run a wallet like electrum on a network connected PC (for small, normal transactions) that would ensure that malware/ keyloggers don't get access to your computer?

Hardware wallets.
There is no other procedure that can give you > 99% protection while spending from an ONLINE pc. There are plenty of really good procedures for airgapped wallets and paper wallets that are at least as safe as hardware wallets tough.

4. Suppose a keylogger is active on my PC. Shouldn't it be possible to see it in background activity as some undefined/ random process (Talking about Windows).

I'm not a windows admin, i don't really like windows OS, but to the best of my knowledge, not all malware can be seen from the taskmanager... Rootkits, taskmanager vulnerability's, replacing the name of system components,...