Bitcoin Forum
September 22, 2019, 02:41:55 AM *
News: Latest Bitcoin Core release: 0.18.1 [Torrent]
 
   Home   Help Search Login Register More  
Pages: 1 2 3 4 5 6 7 8 9 10 11 [All]
  Print  
Author Topic: JUST HAD 0.92329 BTC STOLEN - HOW???  (Read 8010 times)
bennybong
Hero Member
*****
Offline Offline

Activity: 682
Merit: 500



View Profile
May 02, 2015, 10:29:38 AM
 #1

I just deposited the above amount to one of electrum wallets. Almost immediately the balance was tramsferred to:

13GrQ46YQ3x3fp1p5eHrPKSsMaxjDY9VwC

tx: https://blockchain.info/tx/c92f9c265f0a7a9b7fec9184a0314545f8d3f2b3d6d53c240eec97a087826a00

Noth of the transaction have any confirmations, it just happen immediately. How is this possible and how can I get my funds back??? I cannot understand how this is possible. FML

My address:

https://blockchain.info/address/15WapDB1AsoKKp4vMTims836Jxn9mJdHJA


Help!!!  
1569120115
Hero Member
*
Offline Offline

Posts: 1569120115

View Profile Personal Message (Offline)

Ignore
1569120115
Reply with quote  #2

1569120115
Report to moderator
In order to achieve higher forum ranks, you need both activity points and merit points.
Advertised sites are not endorsed by the Bitcoin Forum. They may be unsafe, untrustworthy, or illegal in your jurisdiction. Advertise here.
1569120115
Hero Member
*
Offline Offline

Posts: 1569120115

View Profile Personal Message (Offline)

Ignore
1569120115
Reply with quote  #2

1569120115
Report to moderator
1569120115
Hero Member
*
Offline Offline

Posts: 1569120115

View Profile Personal Message (Offline)

Ignore
1569120115
Reply with quote  #2

1569120115
Report to moderator
1569120115
Hero Member
*
Offline Offline

Posts: 1569120115

View Profile Personal Message (Offline)

Ignore
1569120115
Reply with quote  #2

1569120115
Report to moderator
Blazr
Hero Member
*****
Offline Offline

Activity: 882
Merit: 1001



View Profile
May 02, 2015, 10:31:13 AM
 #2

Was it the entire balance of your wallet?

Was it an imported address?

Did you recently install anything Bitcoin-related or suspicious recently?

Do you have AV?

Was the wallet password protected and if so when did you last type that password?

bennybong
Hero Member
*****
Offline Offline

Activity: 682
Merit: 500



View Profile
May 02, 2015, 10:32:30 AM
 #3

I just noticed the hacker didn't leave much of a transaction fee and it says:

Estimated Confirmation Time   Within 6 Blocks

Can I use this to my advantage?
Sarthak
Hero Member
*****
Offline Offline

Activity: 518
Merit: 501

Error 404: there seems to be nothing here.


View Profile
May 02, 2015, 10:32:40 AM
 #4

I am sorry to hear about that loss  Cry
You are a Hero Member now! Havent you heard that Bitcoin Transactions are irreversible?
The Best Option is to forget it!
Did you scan your PC? I highly suspect it has some malware!

goregrind
Full Member
***
Offline Offline

Activity: 149
Merit: 100


View Profile
May 02, 2015, 10:33:29 AM
 #5

It looks like your private key was compromised. Stop using that wallet and try to investigate how it happened.
Your computer might be infected so take that into consideration.
Unfortunately your funds are gone.

woot?
bennybong
Hero Member
*****
Offline Offline

Activity: 682
Merit: 500



View Profile
May 02, 2015, 10:33:48 AM
 #6

Was it the entire balance of your wallet?

Was it an imported address?

Did you recently install anything Bitcoin-related or suspicious recently?

Do you have AV?

Was the wallet password protected and if so when did you last type that password?

Yes all of it wiped out

No I'm very tech savvy

Yes I have AV - keep on top of security quite well and the wallet is on a VM

The wallet was password protected

WTF
Sarthak
Hero Member
*****
Offline Offline

Activity: 518
Merit: 501

Error 404: there seems to be nothing here.


View Profile
May 02, 2015, 10:34:11 AM
 #7

Hey But see this quick! This might help!
https://bitcointalk.org/index.php?topic=35214.0

bennybong
Hero Member
*****
Offline Offline

Activity: 682
Merit: 500



View Profile
May 02, 2015, 10:35:23 AM
 #8

Hey But see this quick! This might help!
https://bitcointalk.org/index.php?topic=35214.0

Shit! 1 confirmation!!!! fuck
Sarthak
Hero Member
*****
Offline Offline

Activity: 518
Merit: 501

Error 404: there seems to be nothing here.


View Profile
May 02, 2015, 10:36:05 AM
 #9

Hey But see this quick! This might help!
https://bitcointalk.org/index.php?topic=35214.0

Shit! 1 confirmation!!!! fuck

Ohhhhhhhhh DAMNNNNNNNN!  Cry Cry Cry Cry Cry Cry Cry Cry

Really sorry to hear about that loss Sad

bennybong
Hero Member
*****
Offline Offline

Activity: 682
Merit: 500



View Profile
May 02, 2015, 10:36:32 AM
 #10

That's ll the btc I had and really needed to make a purchase. What the fuck. This is the first time this has ever happened to me
Blazr
Hero Member
*****
Offline Offline

Activity: 882
Merit: 1001



View Profile
May 02, 2015, 10:37:09 AM
 #11

Was it the entire balance of your wallet?

Was it an imported address?

Did you recently install anything Bitcoin-related or suspicious recently?

Do you have AV?

Was the wallet password protected and if so when did you last type that password?

Yes all of it wiped out

No I'm very tech savvy

Yes I have AV

The wallet was password protected

WTF

Where did you store any backups or your seed?

Did you use the password anywhere else, and when did you last enter it?

I'm sorry to say, but the chances of you getting back the BTC are very slim. The transaction is already confirmed and the funds have left. Right now you need to figure out what exactly happened, doing so will prevent you losing anymore coins, and may help prevent others losing coins too.

bennybong
Hero Member
*****
Offline Offline

Activity: 682
Merit: 500



View Profile
May 02, 2015, 10:38:56 AM
 #12

Was it the entire balance of your wallet?

Was it an imported address?

Did you recently install anything Bitcoin-related or suspicious recently?

Do you have AV?

Was the wallet password protected and if so when did you last type that password?

Yes all of it wiped out

No I'm very tech savvy

Yes I have AV

The wallet was password protected

WTF

Where did you store any backups or your seed?

Did you use the password anywhere else, and when did you last enter it?

I'm sorry to say, but the chances of you getting back the BTC are very slim. The transaction is already confirmed and the funds have left. Right now you need to figure out what exactly happened, doing so will prevent you losing anymore coins, and may help prevent others losing coins too.

Yeah I've read so many threads of people losing their coins. I'm screwed, might start a gofundme lol, I kid. Pissed off is an understatement
RocketSingh
Legendary
*
Offline Offline

Activity: 1622
Merit: 1010


View Profile
May 02, 2015, 10:43:13 AM
 #13

Hey But see this quick! This might help!
https://bitcointalk.org/index.php?topic=35214.0

Shit! 1 confirmation!!!! fuck

U could try www.bitundo.com... but it has already got a confirmation.

Amph
Legendary
*
Offline Offline

Activity: 2226
Merit: 1003



View Profile
May 02, 2015, 10:43:19 AM
 #14

you pc/vm is infected, propably is controlled too(both are controlled i would say)

some rootkit can be obscured to any antivirus
tokeweed
Legendary
*
Offline Offline

Activity: 2254
Merit: 1047


Life, Love and Laughter...


View Profile
May 02, 2015, 10:44:22 AM
 #15

I just deposited the above amount to one of electrum wallets. Almost immediately the balance was tramsferred to:

13GrQ46YQ3x3fp1p5eHrPKSsMaxjDY9VwC

tx: https://blockchain.info/tx/c92f9c265f0a7a9b7fec9184a0314545f8d3f2b3d6d53c240eec97a087826a00

Noth of the transaction have any confirmations, it just happen immediately. How is this possible and how can I get my funds back??? I cannot understand how this is possible. FML

My address:

https://blockchain.info/address/15WapDB1AsoKKp4vMTims836Jxn9mJdHJA


Help!!!  

Almost immediately? 

████████████████████████████
████████▀▀ █▀ █▀ ▀██████████
█████████▄ ▄▄▄▄▄▄███████████
██████████▀     ▀  ▀████████
███████▀ ▀  ▄█▀▀▀█▀▀████████
██████▄      █▄  ▀▀  ▀██████
██████         ▄▄█▄ ▄ ▀█████
█████ ▄         ▀▀ ▄ ▀ █████
██████▌          █▀█▀ ▐█████
███████  ▄▌         ▄ ██████
████████▄█         ▄████████
█████████▀     ▄▄ ▄█████████
████████████████████████████
.JACKMATE'S...........
.
MAJESTIC..
████████████████████████
███████████████████████
████████████████████████
████████████████████████
████████████████████████
████████████████████████
████████████████████████
████████████████████████
████████████████████████
████████████████████████
████████████████████████
████████████████████████
████████████████████████
.
..WIN 1 BITCOIN ON EVERY PREMIER LEAGUE MATCHDAY..
████████████████████████████████
████████████▀█▀ ▀█▀█▀███████████
███████████▄ ▄▄▄▄▄▄▄████████████
███████████▀▀▄▄▄▄▄▄▄▄███████████
█████████▀▄ ██▀▄▄▄ ▀ ▄▀█████████
███████▀ ▀█████▄▄▄█▄▄▄██████████
███████▀▄████████▀  ▀█ █▐███████
███████ ▀█████████▄█▀▀██ ███████
████████ ███▀██████ ▄ ██ ███████
████████▌▐▀▄ ██████████ ▄███████
█████████▄██▌▐█████▀██ █████████
████████████▄▀▀▀▀▀▄ ▀▄██████████
████████████████████████████████
.
.JOIN US - IT'S FREE! .
bennybong
Hero Member
*****
Offline Offline

Activity: 682
Merit: 500



View Profile
May 02, 2015, 10:56:16 AM
 #16

Yep pretty much
Sarthak
Hero Member
*****
Offline Offline

Activity: 518
Merit: 501

Error 404: there seems to be nothing here.


View Profile
May 02, 2015, 11:02:11 AM
 #17

U could try www.bitundo.com... but it has already got a confirmation.

Wow! Interesting share! Have you ever tried this site?
I don't think its legit! I will try it right now and edit this post Smiley

tokeweed
Legendary
*
Offline Offline

Activity: 2254
Merit: 1047


Life, Love and Laughter...


View Profile
May 02, 2015, 11:02:29 AM
 #18

Could something be wrong with Electrum?

████████████████████████████
████████▀▀ █▀ █▀ ▀██████████
█████████▄ ▄▄▄▄▄▄███████████
██████████▀     ▀  ▀████████
███████▀ ▀  ▄█▀▀▀█▀▀████████
██████▄      █▄  ▀▀  ▀██████
██████         ▄▄█▄ ▄ ▀█████
█████ ▄         ▀▀ ▄ ▀ █████
██████▌          █▀█▀ ▐█████
███████  ▄▌         ▄ ██████
████████▄█         ▄████████
█████████▀     ▄▄ ▄█████████
████████████████████████████
.JACKMATE'S...........
.
MAJESTIC..
████████████████████████
███████████████████████
████████████████████████
████████████████████████
████████████████████████
████████████████████████
████████████████████████
████████████████████████
████████████████████████
████████████████████████
████████████████████████
████████████████████████
████████████████████████
.
..WIN 1 BITCOIN ON EVERY PREMIER LEAGUE MATCHDAY..
████████████████████████████████
████████████▀█▀ ▀█▀█▀███████████
███████████▄ ▄▄▄▄▄▄▄████████████
███████████▀▀▄▄▄▄▄▄▄▄███████████
█████████▀▄ ██▀▄▄▄ ▀ ▄▀█████████
███████▀ ▀█████▄▄▄█▄▄▄██████████
███████▀▄████████▀  ▀█ █▐███████
███████ ▀█████████▄█▀▀██ ███████
████████ ███▀██████ ▄ ██ ███████
████████▌▐▀▄ ██████████ ▄███████
█████████▄██▌▐█████▀██ █████████
████████████▄▀▀▀▀▀▄ ▀▄██████████
████████████████████████████████
.
.JOIN US - IT'S FREE! .
redsn0w
Legendary
*
Offline Offline

Activity: 1736
Merit: 1040


#Free market


View Profile
May 02, 2015, 11:08:15 AM
 #19

I just deposited the above amount to one of electrum wallets. Almost immediately the balance was tramsferred to:

13GrQ46YQ3x3fp1p5eHrPKSsMaxjDY9VwC

tx: https://blockchain.info/tx/c92f9c265f0a7a9b7fec9184a0314545f8d3f2b3d6d53c240eec97a087826a00

Noth of the transaction have any confirmations, it just happen immediately. How is this possible and how can I get my funds back??? I cannot understand how this is possible. FML

My address:

https://blockchain.info/address/15WapDB1AsoKKp4vMTims836Jxn9mJdHJA


Help!!! 

Almost immediately? 

Yes, I have seen the two bitcoin transaction:

- https://blockchain.info/it/tx/5cc872a7dc9bebb03290e9d537d57eba51056e764483a4f4ef4f6bc2bac66e0f  (his transfer to the electrum wallet)     
2015-05-02 10:24:40

- https://blockchain.info/it/tx/c92f9c265f0a7a9b7fec9184a0314545f8d3f2b3d6d53c240eec97a087826a00  (the second tx into the hacker address)   
2015-05-02 10:25:41


~ 1 minuted between the two transaction.
Blazr
Hero Member
*****
Offline Offline

Activity: 882
Merit: 1001



View Profile
May 02, 2015, 11:10:51 AM
 #20

Could something be wrong with Electrum?

It's doubtful. It's quite common for hackers to immediately sweep funds out of addressess. This happens very often with weak brainwallets, once the funds are transferred in they are drained within seconds. I suspect the OP may have imported the address into electrum, or may have restored his wallet using a weak seed or such.

amiryaqot
Legendary
*
Offline Offline

Activity: 1050
Merit: 1000



View Profile
May 02, 2015, 11:14:02 AM
 #21

I just deposited the above amount to one of electrum wallets. Almost immediately the balance was tramsferred to:

13GrQ46YQ3x3fp1p5eHrPKSsMaxjDY9VwC

tx: https://blockchain.info/tx/c92f9c265f0a7a9b7fec9184a0314545f8d3f2b3d6d53c240eec97a087826a00

Noth of the transaction have any confirmations, it just happen immediately. How is this possible and how can I get my funds back??? I cannot understand how this is possible. FML

My address:

https://blockchain.info/address/15WapDB1AsoKKp4vMTims836Jxn9mJdHJA


Help!!! 

Almost immediately? 

Yes, I have seen the two bitcoin transaction:

- https://blockchain.info/it/tx/5cc872a7dc9bebb03290e9d537d57eba51056e764483a4f4ef4f6bc2bac66e0f  (his transfer to the electrum wallet)     
2015-05-02 10:24:40

- https://blockchain.info/it/tx/c92f9c265f0a7a9b7fec9184a0314545f8d3f2b3d6d53c240eec97a087826a00  (the second tx into the hacker address)   
2015-05-02 10:25:41


~ 1 minuted between the two transaction.

yes that is very strange to see this kind of transaction, sorry to see this one, Sad  
how this hacker was quick in this transaction just delay of 1 minute ?
bennybong
Hero Member
*****
Offline Offline

Activity: 682
Merit: 500



View Profile
May 02, 2015, 11:15:26 AM
 #22

Can't find any evidence of an infection. I use VPN on my VM, can't figure this out  Huh
shadobitz
Hero Member
*****
Offline Offline

Activity: 686
Merit: 500



View Profile
May 02, 2015, 11:16:35 AM
 #23

Could something be wrong with Electrum?

It's doubtful. It's quite common for hackers to immediately sweep funds out of addressess. This happens very often with weak brainwallets, once the funds are transferred in they are drained within seconds. I suspect the OP may have imported the address into electrum, or may have restored his wallet using a weak seed or such.

i think so really socking to see this one, another transaction made within few seconds..
bennybong
Hero Member
*****
Offline Offline

Activity: 682
Merit: 500



View Profile
May 02, 2015, 11:17:26 AM
 #24

I've had much more btc in that wallet in the past. And I only fire up my VM to check my electrum which isn't that often. WHY ME AND why now. This is bullshit!
redsn0w
Legendary
*
Offline Offline

Activity: 1736
Merit: 1040


#Free market


View Profile
May 02, 2015, 11:18:45 AM
 #25

....
yes that is very strange to see this kind of transaction, sorry to see this one, Sad 
how this hacker was quick in this transaction just delay of 1 minute ?

I do not know, it is really strange.



I've had much more btc in that wallet in the past. And I only fire up my VM to check my electrum which isn't that often. WHY ME AND why now. This is bullshit!


Have you downloaded something of strange in the past days/weeks?
Light
Hero Member
*****
Offline Offline

Activity: 728
Merit: 502



View Profile
May 02, 2015, 11:19:34 AM
 #26

Can't find any evidence of an infection. I use VPN on my VM, can't figure this out  Huh

What AV software are you using if I may ask? Have you used this specific Electrum wallet before (or any other addresses from the same seed)? Did you access the wallet before the funds were stolen - or were they just taken immediately after an initial deposit?

A VPN wouldn't really help you in terms of security for this kind of thing - more useful for privacy and anonymity.
Kprawn
Legendary
*
Offline Offline

Activity: 1750
Merit: 1058


View Profile
May 02, 2015, 11:22:39 AM
 #27

It's too weird to be explained... It's as if it was a automated action. There is about a 1 minute delay between the 2 transactions.

What is the chances of someone sitting and waiting for you to make transactions to steal it immediately?

It's also a single use address... and it would most probably be mixed too.. so you stuffed, if it was not a electrum screw up.  Sad

freebitcoin.TO WIN A  LAMBORGHINI!..

.
                                ▄▄▄▄▄▄▄▄▄▄███████████▄▄▄▄▄
                    ▄▄▄▄▄██████████████████████████████████▄▄▄▄
                    ▀██████████████████████████████████████████████▄▄▄
                    ▄▄████▄█████▄████████████████████████████▄█████▄████▄▄
                    ▀████████▀▀▀████████████████████████████████▀▀▀██████████▄
                      ▀▀▀████▄▄▄███████████████████████████████▄▄▄██████████
                           ▀█████▀  ▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀  ▀█████▀▀▀▀▀▀▀▀▀▀
                   ▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀
S4VV4S
Hero Member
*****
Offline Offline

Activity: 1120
Merit: 500


send and receive money instantly,w/no hidden costs


View Profile
May 02, 2015, 11:26:44 AM
 #28

Sorry to ask but I only use Bitcoin Core.

Is Electrum like Brainwallet?

Because if it is then you should know that there is people constantly running brute force apps and waiting for a transaction to take place, then snatch the coins to their own wallet.

There was a post about this someweher in the forums.

Search for Brainwalet hacking and you will find it.

██▄                      ▄██
▀███▄                  ▄███▀
  ▀███▄              ▄███▀
██▄ ▀███▄          ▄███▀
▀███▄ ▀███▄      ▄███▀
  ▀██   ▀██    ▄███▀
             ▄███▀
             ▀███▄
        ▄██    ▀███▄
      ▄███▀      ▀███▄
    ▄███▀          ▀███▄
  ▄███▀              ▀███▄
▄███▀                  ▀███▄
██▀                      ▀██

X.C.A.R.DTM
.SEND AND RECEIVE MONEY.
.INSTANTLY, WITH NO........
.HIDDEN COSTS............

▄████████████████████████████████████▄
██▀                                ▀██
██  ▄▄▄▄▄▄  ▄▄▄▄▄▄▄    ▄▄▄▄▄▄▄▄▄▄   ██
██                     █        █   ██
██  ▀ ▀▀▀ ▀▀ ▀▀▀ ▀▀    █        █   ██
██                     █▄▄▄▄▄▄▄▄█   █▀
██
██
██  ▄▄▄▄▄▄  ▄▄▄▄▄▄  ▄▄▄▄▄▄  ▄▄▄▄▄▄  ██
██  █    █  █    █  █    █  █    █  ██
██  █▄▄▄▄█  █▄▄▄▄█  █▄▄▄▄█  █▄▄▄▄█  ██
██▄                                ▄██
▀████████████████████████████████████▀
.SPEND ANYWHERE,....
.ANY CRYPTOCURRENCY,.
.ANY PAYMENT CARD....

████
██
██
██
██
██
██
██
██
██
██
██
██
████

IEO
Q4 2019

████
  ██
  ██
  ██
  ██
  ██
  ██
  ██
  ██
  ██
  ██
  ██
  ██
████

▄▄████████▄▄
▄████████████████▄
▄████████████████████▄
███████████████▀▀  █████
████████████▀▀      ██████
▐████████▀▀   ▄▄     ██████▌
▐████▀▀    ▄█▀▀     ███████▌
▐████████ █▀        ███████▌
████████ █ ▄███▄   ███████
████████████████▄▄██████
▀████████████████████▀
▀████████████████▀
▀▀████████▀▀


▄██████████████████▄
██▀              ▀██
██                ██
██                ██
██    ▄▄▄▄▄▄▄▄    ██
██    ▀▀▀▀▀▀▀▀    ██
██   ▄▄▄▄▄▄▄▄▄▄   ██
██   ▀▀▀▀▀▀▀▀▀▀   ██
██
██
██                ██
██▄              ▄██
▀██████████████████▀
.
WP
▀ ▀▀▀



roslinpl
Legendary
*
Offline Offline

Activity: 1988
Merit: 1168


https://cryptocoinsinfo.net


View Profile WWW
May 02, 2015, 11:27:48 AM
 #29

I've had much more btc in that wallet in the past. And I only fire up my VM to check my electrum which isn't that often. WHY ME AND why now. This is bullshit!

There must be a reason why this happens.

I don't know why you and why now, but for some reason your machine was compromised and it's perhaps your fault of not keeping your security at high level.


I am really sorry for your lost. But there is nothing you can do now. But what you need to do is:

-format the drives from the machine where your Electrum was installed and coins were stolen.
-use high standard antimalware, antivirus apps.
-never open suspicious links
-follow other security steps to keep your bitcoins safe.

Also you can keep an eye on 13GrQ46YQ3x3fp1p5eHrPKSsMaxjDY9VwC - only a little chance that you will be able to track those coins but worth a try.

Best regards.

 
..
 
..
 
..
 
..
SIGNATURES
  █████████████████████████████████████████████████████████████████████████████  
███████████████████████████████████████████████████████████████████████████████████
██████                █████      █████                ███████                ██████
████                    ███      ███                    ███                    ████
████      ████████████  ███      ███      ████████████  ███      ████████████  ████
████      ████████████  ███      ███      ████████████  ███      ████████████  ████
████      ████████████  ███      ███      ████████████  ███      ████████████  ████
████      █████████████████      ███      █████████████████      ██████████████████
████  █████████████████████      ███  █████████████████████  ██████████████████████
████  █████████████████████      ███  ████              ███  ██████████████████████
████                  █████  ███████  ████              ███                  ██████
██████                  ███  ███████  ████      ██████  █████                  ████
██████████████████████  ███  ███████  ████████████████  █████████████████████  ████
██████████████████████  ███  ███████  ████████████████  █████████████████████  ████
██████████████████      ███  ███████  ████████████      █████████████████      ████
████  ████████████      ███  ███████  ████████████      ███  ████████████      ████
████  ████████████      ███  ███████  ████████████      ███  ████████████      ████
████  ████████████      ███  ███████   ███████████      ███  ████████████      ████
████                    ███  ███████                    ███                    ████
██████                █████  █████████                ███████                ██████
███████████████████████████████████████████████████████████████████████████████████
   █████████████████████████████████████████████████████████████████████████████  
|
██  ██ ██████ ███████ ██
 ██████   ██   ██ █ ██ ██
 ██  ██   ██   ██   ██ ████

████████████████████████████
████████████████████████████
████████████████████████████
████░░░░░░░░░░          ████
████░░░░░░░░░░          ████
▐███▌░░░░▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄███▌
▐████░░░░██████████████████▌
▐████░░░░░░░░░         ████▌
 ████░░░░░░░░░         ████
 ████▄▄▄▄▄▄▄▄▄▄▄▄▄    ▐████
 ▐████░░░░████████    ████▌
 ▐████░░░░████████    ████▌
 ▐████░░░░▀▀▀██▀▀▀    ████▌
  ████▌░░░░░░░       ▐████
  ██████▄▄░░░░    ▄▄██████
  ███████████▄▄███████████
  ▀▀▀██████████████████▀▀▀
        ▀▀▀▀▀██▀▀▀▀▀
BANNERS
 
..
 
..
 
..
 
..
boopy265420
Legendary
*
Offline Offline

Activity: 1876
Merit: 1005


View Profile
May 02, 2015, 11:28:38 AM
 #30

It's too weird to be explained... It's as if it was a automated action. There is about a 1 minute delay between the 2 transactions.

What is the chances of someone sitting and waiting for you to make transactions to steal it immediately?

It's also a single use address... and it would most probably be mixed too.. so you stuffed, if it was not a electrum screw up.  Sad
Sorry for your loss and second yeah this is very strange that all this just happened so quick as someone was waiting but this is not very big amount. This is warning for others to take some extra security measure to keep their funds save. This is good at least others will be more active in future.
bennybong
Hero Member
*****
Offline Offline

Activity: 682
Merit: 500



View Profile
May 02, 2015, 11:32:39 AM
 #31

....
yes that is very strange to see this kind of transaction, sorry to see this one, Sad  
how this hacker was quick in this transaction just delay of 1 minute ?

I do not know, it is really strange.

Have you downloaded something of strange in the past days/weeks?

No I download a lot of software and I know a scam/trojan link when I see one

Can't find any evidence of an infection. I use VPN on my VM, can't figure this out  Huh

What AV software are you using if I may ask? Have you used this specific Electrum wallet before (or any other addresses from the same seed)? Did you access the wallet before the funds were stolen - or were they just taken immediately after an initial deposit?

A VPN wouldn't really help you in terms of security for this kind of thing - more useful for privacy and anonymity.

Yes I've used the same electrum wallet before but not much.


Oh and I use Avira, MS essential and Malwarebytes. I keep my Computers in order don't you worry Wink
dhimasnk
Hero Member
*****
Offline Offline

Activity: 546
Merit: 500


View Profile
May 02, 2015, 11:32:50 AM
 #32

this is one thing that is feared by users bitcoin, bitcoin loss caused by hackers. Hopefully there are no cases like this again

BUY LOW/SELL HIGH
24/7 TRADING BOT  GUNBOT  THE AUTOMATIC PROFIT GENERATOR FOR POLONIEX
LIMITED EDITION NOW AVAILABLE FOR KRAKEN AND BITTREX  My bitcoin address: 37xyZGoqmkeTTatsWcnFJS4iL4xdE4Cuia + wex.nz codes at Peermarketer@gmail.com
redsn0w
Legendary
*
Offline Offline

Activity: 1736
Merit: 1040


#Free market


View Profile
May 02, 2015, 11:33:25 AM
 #33

Sorry to ask but I only use Bitcoin Core.

Is Electrum like Brainwallet?

Because if it is then you should know that there is people constantly running brute force apps and waiting for a transaction to take place, then snatch the coins to their own wallet.

There was a post about this someweher in the forums.

Search for Brainwalet hacking and you will find it.

No, electrum is really different from the Brainwallet. The first one uses a seed of 12 words so it is really impossible to bruteforce it, instead the second one use only a password. I am still thinking that it was a computer problem.


OP can you explain again if you have stored the seed in some .txt file on the pc?
bennybong
Hero Member
*****
Offline Offline

Activity: 682
Merit: 500



View Profile
May 02, 2015, 11:35:19 AM
 #34

Sorry to ask but I only use Bitcoin Core.

Is Electrum like Brainwallet?

Because if it is then you should know that there is people constantly running brute force apps and waiting for a transaction to take place, then snatch the coins to their own wallet.

There was a post about this someweher in the forums.

Search for Brainwalet hacking and you will find it.

No, electrum is really different from the Brainwallet. The first one uses a seed of 12 words so it is really impossible to bruteforce it, instead the second one use only a password. I am still thinking that it was a computer problem.


OP can you explain again if you have stored the seed in some .txt file on the pc?

I store the seed in a truecrypt vault. In the past I haven't even bothered saving the seed for security reason. I jut backup my Private keys - which are encrypted

And the password on the wallet is not used anywhere else.
hellyeah
Member
**
Offline Offline

Activity: 98
Merit: 10


View Profile
May 02, 2015, 11:43:05 AM
 #35

I am sorry for your loss bro.

Did anyone else have access to your PC?

╲╲ ╲╲ COINOMAT.COM ▬▬▬▬▬▬▬▬▬▬▬▬▬▬▬▬▬▬▬▬▬▬▬▬▬▬▬▬▬▬▬▬▬▬▬▬▬▬▬▬▬▬▬▬▬▬▬▬▬▬▬
╱╱ ╱╱ First Instant Crypto Exchange                              Sign Up Now!                    Visit our Facebook & Twitter
▃▃▃▃▃▃▃▃▃▃▃▃▃▃▃▃▃▃▃▃▃▃▃▃▃▃▃▃▃▃▃▃▃▃▃▃▃▃▃▃▃▃▃▃▃▃▃▃▃▃▃▃▃▃▃▃▃▃▃▃▃▃▃▃▃
Blazr
Hero Member
*****
Offline Offline

Activity: 882
Merit: 1001



View Profile
May 02, 2015, 11:47:48 AM
 #36

What operating system were you running on the VM?

And what software were you using for that?

Amph
Legendary
*
Offline Offline

Activity: 2226
Merit: 1003



View Profile
May 02, 2015, 11:48:08 AM
Last edit: May 02, 2015, 12:31:03 PM by Amph
 #37

I've had much more btc in that wallet in the past. And I only fire up my VM to check my electrum which isn't that often. WHY ME AND why now. This is bullshit!

have you downloaded something suspicious yesterday or some time ago?, what is the last thing you downloaded?
Remember remember the 5th of November
Legendary
*
Offline Offline

Activity: 1862
Merit: 1002

Reverse engineer from time to time


View Profile
May 02, 2015, 11:52:25 AM
 #38

A VM tries to keep bad stuff in, if the virus had infected your PC, doesn't matter if you were using a VM, however it would have to know and handle the fact that there is a VM.

BTC:1AiCRMxgf1ptVQwx6hDuKMu4f7F27QmJC2
Blazr
Hero Member
*****
Offline Offline

Activity: 882
Merit: 1001



View Profile
May 02, 2015, 11:54:46 AM
 #39

A VM tries to keep bad stuff in, if the virus had infected your PC, doesn't matter if you were using a VM, however it would have to know and handle the fact that there is a VM.

There can also be issues with VM's and poor entropy, it's much less secure to put your wallet in a VM in some cases. OP, what operating system did you run in the VM? and what software did you use for it?

bennybong
Hero Member
*****
Offline Offline

Activity: 682
Merit: 500



View Profile
May 02, 2015, 11:55:27 AM
 #40

No I don't download anything suspicious. The last thing I downloaded was a new driver for my soundcard - from the official website
bennybong
Hero Member
*****
Offline Offline

Activity: 682
Merit: 500



View Profile
May 02, 2015, 11:55:50 AM
 #41

I was running linux. Ubuntu 14
jacktheking
Legendary
*
Offline Offline

Activity: 1428
Merit: 1001


Personal Text Space Not For Sale


View Profile
May 02, 2015, 12:01:51 PM
 #42

I would suggest you to change your password for Bitcointalk and Email now. They may have been leaked.

Hey! Thank you for visiting/stalking my profile! I appreciate it. ^.^.
tokeweed
Legendary
*
Offline Offline

Activity: 2254
Merit: 1047


Life, Love and Laughter...


View Profile
May 02, 2015, 12:03:38 PM
 #43

I think we should all take precautions.  Thanks for the heads up OP.

████████████████████████████
████████▀▀ █▀ █▀ ▀██████████
█████████▄ ▄▄▄▄▄▄███████████
██████████▀     ▀  ▀████████
███████▀ ▀  ▄█▀▀▀█▀▀████████
██████▄      █▄  ▀▀  ▀██████
██████         ▄▄█▄ ▄ ▀█████
█████ ▄         ▀▀ ▄ ▀ █████
██████▌          █▀█▀ ▐█████
███████  ▄▌         ▄ ██████
████████▄█         ▄████████
█████████▀     ▄▄ ▄█████████
████████████████████████████
.JACKMATE'S...........
.
MAJESTIC..
████████████████████████
███████████████████████
████████████████████████
████████████████████████
████████████████████████
████████████████████████
████████████████████████
████████████████████████
████████████████████████
████████████████████████
████████████████████████
████████████████████████
████████████████████████
.
..WIN 1 BITCOIN ON EVERY PREMIER LEAGUE MATCHDAY..
████████████████████████████████
████████████▀█▀ ▀█▀█▀███████████
███████████▄ ▄▄▄▄▄▄▄████████████
███████████▀▀▄▄▄▄▄▄▄▄███████████
█████████▀▄ ██▀▄▄▄ ▀ ▄▀█████████
███████▀ ▀█████▄▄▄█▄▄▄██████████
███████▀▄████████▀  ▀█ █▐███████
███████ ▀█████████▄█▀▀██ ███████
████████ ███▀██████ ▄ ██ ███████
████████▌▐▀▄ ██████████ ▄███████
█████████▄██▌▐█████▀██ █████████
████████████▄▀▀▀▀▀▄ ▀▄██████████
████████████████████████████████
.
.JOIN US - IT'S FREE! .
Searing
Legendary
*
Offline Offline

Activity: 2212
Merit: 1188


Clueless!


View Profile
May 02, 2015, 12:04:29 PM
 #44

 Me I have 1 copy of a paper wallet for my BTC and 1 copy of a paper wallet of my LTC in the local bank vault. Thats it only copies. I use coinbase to move dust about.
 and rarely use a wallet on my laptop again just dust if at all.

 If I had a wife I could misplace her..thus why above.......they know me at the bank so hell i could even lose the key Smiley

 If my accounts get stolen then something much worse is going on with the blockchain imho Smiley

 I suppose with my luck the 'meteorite' will take out my bank and the vault.....but have all my important docs in the bank anyway so wtf
 will be a clean sweep when i then start sleeping under bridges and riding the rails.... Smiley

Try out www.synchro.net An 'Old School' BBS (Bulletin Board System) works on Win /10/8/7 and Linux!
Three-minute install. The last upgrade was Jan 1st, 2019. I think you will be impressed with this project!
bennybong
Hero Member
*****
Offline Offline

Activity: 682
Merit: 500



View Profile
May 02, 2015, 12:08:57 PM
 #45

I would suggest you to change your password for Bitcointalk and Email now. They may have been leaked.

Done and done. still can't find evidence of an infection. I use pretty good security and scan my computer twice a week at least. And my IP is never public. Damn. Anyone in the BTC lendng business? I really need that BTC!
inBitweTrust
Hero Member
*****
Offline Offline

Activity: 658
Merit: 500



View Profile
May 02, 2015, 12:09:09 PM
 #46

I was running linux. Ubuntu 14

Was this your VM OS or your regular OS that your VM is installed on or both?
What OS was your truecrypt installed on and was it on an isolated computer that wasn't Windows?
Was the VM software pirated?

bennybong
Hero Member
*****
Offline Offline

Activity: 682
Merit: 500



View Profile
May 02, 2015, 12:11:32 PM
 #47

Windows 7 and VMware from ecypted container running Ubuntu
bandana
Full Member
***
Offline Offline

Activity: 140
Merit: 100


View Profile
May 02, 2015, 12:18:20 PM
 #48

can you send us a screenshot of your transaction log
bennybong
Hero Member
*****
Offline Offline

Activity: 682
Merit: 500



View Profile
May 02, 2015, 12:18:55 PM
 #49

I don't get it. This PC isn't used much and is always running a VPN. Is there any way there is something wrong with electrum?
bennybong
Hero Member
*****
Offline Offline

Activity: 682
Merit: 500



View Profile
May 02, 2015, 12:19:56 PM
 #50

can you send us a screenshot of your transaction log

Which one? From electrum? Or to electrum - because that came from an exchange.

Thanks
Light
Hero Member
*****
Offline Offline

Activity: 728
Merit: 502



View Profile
May 02, 2015, 12:25:06 PM
 #51

I don't get it. This PC isn't used much and is always running a VPN. Is there any way there is something wrong with electrum?

Potentially, but considering that there hasn't been a sudden onslaught of people saying they've lost BTC from their Electrum wallet it leads me to believe your case is more isolated. I take it your running Electrum on Ubuntu on the VM, which would tend to nullify the effects of most wallet stealing malware. Have a look for any RATs - might be that.
Amph
Legendary
*
Offline Offline

Activity: 2226
Merit: 1003



View Profile
May 02, 2015, 12:32:53 PM
 #52

No I don't download anything suspicious. The last thing I downloaded was a new driver for my soundcard - from the official website

you are the only one who can access to your machine? sometimes i feel all those stolen money from local wallet, are because of bad friends or parent

otherwise there must be something wrong with electrum, a bug probably
inBitweTrust
Hero Member
*****
Offline Offline

Activity: 658
Merit: 500



View Profile
May 02, 2015, 12:34:13 PM
Last edit: May 02, 2015, 12:49:54 PM by inBitweTrust
 #53

Windows 7 and VMware from ecypted contain running Ubuntu

Aha... that is likely the problem. Sorry for your losses but here is some advice and likely scenarios of how you were hacked.

Scenario 1-
1) Your windows system is rooted or has a keylogging trojan. Here is another tool to scan your OS-
http://usa.kaspersky.com/downloads/TDSSKiller
But be aware that no AV program catches all infections.

2) The hacker was able to compromise your encrypted VMware container by injecting a virus in an unencrypted GRUB bootloader or by simply logging your password that you type into your compromised host OS (windows) .

VM offers a degree of security but mainly protect against keyloggers and infections from within the container leaking over into the Host OS or logging keystrokes from the host OS and not the other way around.

Scenario 2-

1) You installed an infected pirated version of VMware
or
2) You have a vulnerable outdated version of VMware - VMware released security patches for an ESX server hypervisor

Scenario 3-

1) There is a small possibility that ubuntu was directly compromised if you installed some malicious software on it.

redsn0w
Legendary
*
Offline Offline

Activity: 1736
Merit: 1040


#Free market


View Profile
May 02, 2015, 12:35:04 PM
 #54

Have you attached an 'infected'  usb key on that computer? Maybe it is this the problem, who knows.



No I don't download anything suspicious. The last thing I downloaded was a new driver for my soundcard - from the official website

you are the only one who can access to your machine? sometimes i feel all those stolen money from local wallet, are because of bad friends or parent

otherwise there must be something wrong with electrum, a bug probably

I do not think, OP can you repeat again the version of the electrum wallet (I can't find it in this thread) thanks.
hedgy73
Legendary
*
Offline Offline

Activity: 1386
Merit: 1062



View Profile
May 02, 2015, 12:40:52 PM
 #55

Sorry for your loss OP I hope the thieves die a slow and painful death, thieving lowlife scum.....

Sarthak
Hero Member
*****
Offline Offline

Activity: 518
Merit: 501

Error 404: there seems to be nothing here.


View Profile
May 02, 2015, 12:41:50 PM
 #56

Mysterious theft! If you were an organization, I would have called it an "Insider Job" but you are an individual!
The hacker seems to be Genius! He got through such a secure computer system and hacked your wallet!
Why not try asking the hacker himself by sending a 0.0001 to his address and adding a public note on that transaction? Smiley

inBitweTrust
Hero Member
*****
Offline Offline

Activity: 658
Merit: 500



View Profile
May 02, 2015, 12:43:01 PM
Last edit: May 02, 2015, 12:56:05 PM by inBitweTrust
 #57

I am really sorry for your loss.

Some mistakes you made with security to learn from.

1) You have no physical security or 2fa or hardware wallet securing your bitcoins. VMware doesn't protect you if your host is compromised.
2) You backed up your HD seed digitally in a encrypted container in likely the same computer that was compromised. When creating a wallet, this needs to be done on a completely clean uninfected system and you should back up this seed on either an offline linux computer or secured paper backup. Everytime you access that encrypted container or use the password for encrypting new items you are feeding the hacker the keys to access all that data on a compromised host.
3) You mentioned you download and install a lot of software which further increases your risks

I would investigate your Windows OS a bit further but ultimately you should wipe it clean and perform a reinstall and treat all your backed up data , all your external cards and drives, and all your pirated software as suspect.

There are trade offs with security but you are better using cold storage or hardware wallets in the future.

 Here is some more info-
https://bitcointalk.org/index.php?topic=858604.0

You should never secure most your bitcoins in a cellphone or primary computer especially if it is a windows host. The good news is that you just spent 220 dollars to find out your computer is compromised and to learn a valuable lesson in security. Not a bad price to pay for such knowledge.

tyz
Legendary
*
Offline Offline

Activity: 1988
Merit: 1124



View Profile
May 02, 2015, 12:49:58 PM
 #58

Have you proofed if your address is on the first (lets say 500) pages of directory.io? It is almost unlikely but it is possible. Many people are trying all those private keys of first pages in the hope to find an account with some balance.
jdebunt
Legendary
*
Offline Offline

Activity: 1498
Merit: 1000


View Profile WWW
May 02, 2015, 01:08:51 PM
 #59

Or to electrum - because that came from an exchange.

Which exchange, if I may ask? The culprit might be on that end as well... Smiley
redsn0w
Legendary
*
Offline Offline

Activity: 1736
Merit: 1040


#Free market


View Profile
May 02, 2015, 01:12:05 PM
 #60

Have you proofed if your address is on the first (lets say 500) pages of directory.io? It is almost unlikely but it is possible. Many people are trying all those private keys of first pages in the hope to find an account with some balance.

Hmm... it is really not probable.



Or to electrum - because that came from an exchange.

Which exchange, if I may ask? The culprit might be on that end as well... Smiley

Nah, I do not think the fault is by exchange. Here the problem is the computer (at 99%).
tyz
Legendary
*
Offline Offline

Activity: 1988
Merit: 1124



View Profile
May 02, 2015, 01:58:10 PM
 #61


Hmm... it is really not probable.


Probably I am a little paranoid but every time I am creating a new bitcoin address I check first if it is among the first 10000 addresses. I even wrote a simple python script to check this Smiley
bennybong
Hero Member
*****
Offline Offline

Activity: 682
Merit: 500



View Profile
May 02, 2015, 02:03:56 PM
 #62

No one has access to my pc at all. I honestly can believe I've been hacked... all that trouble for 0.9btc? I've run scans with every tool out there... Nothing. This pc is hardly ever online, I don't ue it for browsing or anything. I'm stumped... and really pissed off.
tyz
Legendary
*
Offline Offline

Activity: 1988
Merit: 1124



View Profile
May 02, 2015, 02:15:49 PM
 #63

@bennybong: If you reference to my post then you need to know that the computer does not need to be online in order to be unsecure. What I meant is completely independed from your wallet.

Read this to get what I meant: https://bitcointalk.org/index.php?topic=354518.0
inBitweTrust
Hero Member
*****
Offline Offline

Activity: 658
Merit: 500



View Profile
May 02, 2015, 02:17:27 PM
 #64

No one has access to my pc at all. I honestly can believe I've been hacked... all that trouble for 0.9btc? I've run scans with every tool out there... Nothing. This pc is hardly ever online, I don't ue it for browsing or anything. I'm stumped... and really pissed off.


Anti- virus software isn't foolproof and cannot catch many types of infections.

All it takes is one click on a link in a phishing email, one infected jump drive or external plugged in for a brief moment, visiting one page that has a 0 day exploit, 1 piece of infected pirated software or crack, or an insecure wireless AP. This is why you should never store what you cannot lose on a windows machine connected to a network or at least use a hardware wallet.


bennybong
Hero Member
*****
Offline Offline

Activity: 682
Merit: 500



View Profile
May 02, 2015, 02:21:34 PM
 #65

No one has access to my pc at all. I honestly can believe I've been hacked... all that trouble for 0.9btc? I've run scans with every tool out there... Nothing. This pc is hardly ever online, I don't ue it for browsing or anything. I'm stumped... and really pissed off.


Anti- virus software isn't foolproof and cannot catch many types of infections.

All it takes is one click on a link in a phishing email, one infected jump drive or external plugged in for a brief moment, visiting one page that has a 0 day exploit, 1 piece of infected pirated software or crack, or an insecure wireless AP. This is why you should never store what you cannot lose on a windows machine connected to a network or at least use a hardware wallet.

But 0-days? I only have a few new usb drives that I use... all that for 0.9 btc?
bennybong
Hero Member
*****
Offline Offline

Activity: 682
Merit: 500



View Profile
May 02, 2015, 02:25:17 PM
 #66

Aaaaand it's gone

https://blockchain.info/address/1FpsRjQXFgiGzLNwyb2UC7bDNkj99xwdnf

Look at the fucking tag eh put on the address! Cunt. He must be browsing this!
inBitweTrust
Hero Member
*****
Offline Offline

Activity: 658
Merit: 500



View Profile
May 02, 2015, 02:26:20 PM
 #67

But 0-days? I only have a few new usb drives that I use... all that for 0.9 btc?

The attacker is unlikely to know what your balance until it is taken or attacking many people at the same time.

There are many 0day exploits in the wild and your computer if not properly patched with the latest flash/browser/OS patches can be vulnerable to older exploits as well.

Even if you use WPA2 on your local router , if you live in an apartment building and a hacker lives next door and can see your hotspot they can perform a dictionary attack or bruteforce attack on your wifi password and than serve you up a malicious page with a 0 day exploit.

He must be browsing this!

No necessarily as its a safe assumption you would be reading that with or without this thread. He is definitely and asshole though.

bennybong
Hero Member
*****
Offline Offline

Activity: 682
Merit: 500



View Profile
May 02, 2015, 02:27:44 PM
 #68

But 0-days? I only have a few new usb drives that I use... all that for 0.9 btc?

The attacker is unlikely to know what your balance until it is taken or attacking many people at the same time.

There are many 0day exploits in the wild and your computer if not properly patched with the latest flash/browser/OS patches can be vulnerable to older exploits as well.

Even if you use WPA2 on your local router , if you live in an apartment building and a hacker lives next door and can see your hotspot they can perform a dictionary attack or bruteforce attack on your wifi password and than serve you up a malicious page with a 0 day exploit.



Yeah I am actually pretty hot on security and pentesting. Which is why I'm so confused!
redsn0w
Legendary
*
Offline Offline

Activity: 1736
Merit: 1040


#Free market


View Profile
May 02, 2015, 02:28:46 PM
 #69

Aaaaand it's gone

https://blockchain.info/address/1FpsRjQXFgiGzLNwyb2UC7bDNkj99xwdnf

Look at the fucking tag eh put on the address! Cunt. He must be browsing this!

Interesting blockchain.info tag : YoUr MyStErIoUs ThIeF lolz


https://blockchain.info/it/address/13GrQ46YQ3x3fp1p5eHrPKSsMaxjDY9VwC

https://archive.is/xhdHz

Maybe the hacker is reading this thread, who knows?
tokeweed
Legendary
*
Offline Offline

Activity: 2254
Merit: 1047


Life, Love and Laughter...


View Profile
May 02, 2015, 02:31:24 PM
 #70

But 0-days? I only have a few new usb drives that I use... all that for 0.9 btc?

The attacker is unlikely to know what your balance until it is taken or attacking many people at the same time.

There are many 0day exploits in the wild and your computer if not properly patched with the latest flash/browser/OS patches can be vulnerable to older exploits as well.

Even if you use WPA2 on your local router , if you live in an apartment building and a hacker lives next door and can see your hotspot they can perform a dictionary attack or bruteforce attack on your wifi password and than serve you up a malicious page with a 0 day exploit.



Yeah I am actually pretty hot on security and pentesting. Which is why I'm so confused!

Someone check with Electrum as well.

████████████████████████████
████████▀▀ █▀ █▀ ▀██████████
█████████▄ ▄▄▄▄▄▄███████████
██████████▀     ▀  ▀████████
███████▀ ▀  ▄█▀▀▀█▀▀████████
██████▄      █▄  ▀▀  ▀██████
██████         ▄▄█▄ ▄ ▀█████
█████ ▄         ▀▀ ▄ ▀ █████
██████▌          █▀█▀ ▐█████
███████  ▄▌         ▄ ██████
████████▄█         ▄████████
█████████▀     ▄▄ ▄█████████
████████████████████████████
.JACKMATE'S...........
.
MAJESTIC..
████████████████████████
███████████████████████
████████████████████████
████████████████████████
████████████████████████
████████████████████████
████████████████████████
████████████████████████
████████████████████████
████████████████████████
████████████████████████
████████████████████████
████████████████████████
.
..WIN 1 BITCOIN ON EVERY PREMIER LEAGUE MATCHDAY..
████████████████████████████████
████████████▀█▀ ▀█▀█▀███████████
███████████▄ ▄▄▄▄▄▄▄████████████
███████████▀▀▄▄▄▄▄▄▄▄███████████
█████████▀▄ ██▀▄▄▄ ▀ ▄▀█████████
███████▀ ▀█████▄▄▄█▄▄▄██████████
███████▀▄████████▀  ▀█ █▐███████
███████ ▀█████████▄█▀▀██ ███████
████████ ███▀██████ ▄ ██ ███████
████████▌▐▀▄ ██████████ ▄███████
█████████▄██▌▐█████▀██ █████████
████████████▄▀▀▀▀▀▄ ▀▄██████████
████████████████████████████████
.
.JOIN US - IT'S FREE! .
inBitweTrust
Hero Member
*****
Offline Offline

Activity: 658
Merit: 500



View Profile
May 02, 2015, 02:34:25 PM
 #71

Yeah I am actually pretty hot on security and pentesting. Which is why I'm so confused!

If you have any IT job or a job as a network administrator you are a much higher target for hackers and the NSA/FBI(remember many of them are corrupt as well)

You should always assume that whatever you have in your primary computer that you install software on and browse the internet with can be instantly compromised. I find that this is a good thing to expose myself to with small amounts of bitcoin as it is a cheap way of telling me my computer is compromised(never happened yet) If you do not use cold storage than you need to at least use a hardware wallet.

It doesn't matter that you are security conscientious as security is difficult to do right and all it takes is one mistake or one unlucky encounter.

AtheistAKASaneBrain
Hero Member
*****
Offline Offline

Activity: 770
Merit: 505


View Profile
May 02, 2015, 02:36:23 PM
 #72

I just deposited the above amount to one of electrum wallets. Almost immediately the balance was tramsferred to:

13GrQ46YQ3x3fp1p5eHrPKSsMaxjDY9VwC

tx: https://blockchain.info/tx/c92f9c265f0a7a9b7fec9184a0314545f8d3f2b3d6d53c240eec97a087826a00

Noth of the transaction have any confirmations, it just happen immediately. How is this possible and how can I get my funds back??? I cannot understand how this is possible. FML

My address:

https://blockchain.info/address/15WapDB1AsoKKp4vMTims836Jxn9mJdHJA


Help!!!  

Very weird, I would assume you maybe got infected by a trojan of some sorts. The way it went is strange, as you didn't input that address. Maybe your electrum installation is compromised?
frankenmint
Legendary
*
Offline Offline

Activity: 1218
Merit: 1014


HoneybadgerOfMoney.com Weed4bitcoin.com


View Profile WWW
May 02, 2015, 02:41:01 PM
 #73

But 0-days? I only have a few new usb drives that I use... all that for 0.9 btc?

The attacker is unlikely to know what your balance until it is taken or attacking many people at the same time.

There are many 0day exploits in the wild and your computer if not properly patched with the latest flash/browser/OS patches can be vulnerable to older exploits as well.

Even if you use WPA2 on your local router , if you live in an apartment building and a hacker lives next door and can see your hotspot they can perform a dictionary attack or bruteforce attack on your wifi password and than serve you up a malicious page with a 0 day exploit.



Yeah I am actually pretty hot on security and pentesting. Which is why I'm so confused!

Again, I'm going to go with the point of failure wasn't you, I would press that there is a failure point with the VPN.  If someone has your info, they could just wait for you to confirm signing the transaction then send it immediately thereafter.  I've read cases of botched tor exit nodes that pass fake blockchain.info credentials to users to log the credentials. 

was the btc cold for a while beforehand?  why were you moving it to this address?

bennybong
Hero Member
*****
Offline Offline

Activity: 682
Merit: 500



View Profile
May 02, 2015, 02:43:16 PM
 #74

Yeah I am actually pretty hot on security and pentesting. Which is why I'm so confused!

If you have any IT job or a job as a network administrator you are a much higher target for hackers and the NSA/FBI(remember many of them are corrupt as well)

You should always assume that whatever you have in your primary computer that you install software on and browse the internet with can be instantly compromised. I find that this is a good thing to expose myself to with small amounts of bitcoin as it is a cheap way of telling me my computer is compromised(never happened yet) If you do not use cold storage than you need to at least use a hardware wallet.

It doesn't matter that you are security conscientious as security is difficult to do right and all it takes is one mistake or one unlucky encounter.

Trust me. I'm on a boat, with a personal crappy old laptop. No one has been near this. My internet is 150kb/s tops and I hate it!
bennybong
Hero Member
*****
Offline Offline

Activity: 682
Merit: 500



View Profile
May 02, 2015, 02:46:05 PM
 #75

But 0-days? I only have a few new usb drives that I use... all that for 0.9 btc?

The attacker is unlikely to know what your balance until it is taken or attacking many people at the same time.

There are many 0day exploits in the wild and your computer if not properly patched with the latest flash/browser/OS patches can be vulnerable to older exploits as well.

Even if you use WPA2 on your local router , if you live in an apartment building and a hacker lives next door and can see your hotspot they can perform a dictionary attack or bruteforce attack on your wifi password and than serve you up a malicious page with a 0 day exploit.



Yeah I am actually pretty hot on security and pentesting. Which is why I'm so confused!

Again, I'm going to go with the point of failure wasn't you, I would press that there is a failure point with the VPN.  If someone has your info, they could just wait for you to confirm signing the transaction then send it immediately thereafter.  I've read cases of botched tor exit nodes that pass fake blockchain.info credentials to users to log the credentials. 

was the btc cold for a while beforehand?  why were you moving it to this address?

No it was fresh from localbitcoins. My VPN is iPedator which I trust
RocketSingh
Legendary
*
Offline Offline

Activity: 1622
Merit: 1010


View Profile
May 02, 2015, 02:52:51 PM
 #76

U could try www.bitundo.com... but it has already got a confirmation.

Wow! Interesting share! Have you ever tried this site?
I don't think its legit! I will try it right now and edit this post Smiley

No. I have never tried. I'd be interested in your feedback as well...

inBitweTrust
Hero Member
*****
Offline Offline

Activity: 658
Merit: 500



View Profile
May 02, 2015, 02:54:10 PM
 #77

Trust me. I'm on a boat, with a personal crappy old laptop. No one has been near this. My internet is 150kb/s tops and I hate it!

Additionally, think about anyone else that has access or come in contact with your computer or any usb drive in the past. Additionally, since you are on a boat with a 150 kb/s connection that also brings 2 concerns to my mind : 1) you aren't keeping your windows box patched because of your extremely limited bandwidth. 2) You are using a wifi hotspot that is compromised.

The fact that you are so incredulous that you have been compromised is a security concern in itself as their are so many ways to be compromised with the way you store bitcoins. At most you should be upset and slightly shocked that you were compromised but aware that you made some security shortcuts and need to do better in the future.

bennybong
Hero Member
*****
Offline Offline

Activity: 682
Merit: 500



View Profile
May 02, 2015, 02:54:21 PM
 #78

NEw address has a new tag:

https://blockchain.info/address/1FpsRjQXFgiGzLNwyb2UC7bDNkj99xwdnf

wtf does that mean?!?
tokeweed
Legendary
*
Offline Offline

Activity: 2254
Merit: 1047


Life, Love and Laughter...


View Profile
May 02, 2015, 02:56:50 PM
 #79

NEw address has a new tag:

https://blockchain.info/address/1FpsRjQXFgiGzLNwyb2UC7bDNkj99xwdnf

wtf does that mean?!?

He's implying an Electrum vulnerability...?

████████████████████████████
████████▀▀ █▀ █▀ ▀██████████
█████████▄ ▄▄▄▄▄▄███████████
██████████▀     ▀  ▀████████
███████▀ ▀  ▄█▀▀▀█▀▀████████
██████▄      █▄  ▀▀  ▀██████
██████         ▄▄█▄ ▄ ▀█████
█████ ▄         ▀▀ ▄ ▀ █████
██████▌          █▀█▀ ▐█████
███████  ▄▌         ▄ ██████
████████▄█         ▄████████
█████████▀     ▄▄ ▄█████████
████████████████████████████
.JACKMATE'S...........
.
MAJESTIC..
████████████████████████
███████████████████████
████████████████████████
████████████████████████
████████████████████████
████████████████████████
████████████████████████
████████████████████████
████████████████████████
████████████████████████
████████████████████████
████████████████████████
████████████████████████
.
..WIN 1 BITCOIN ON EVERY PREMIER LEAGUE MATCHDAY..
████████████████████████████████
████████████▀█▀ ▀█▀█▀███████████
███████████▄ ▄▄▄▄▄▄▄████████████
███████████▀▀▄▄▄▄▄▄▄▄███████████
█████████▀▄ ██▀▄▄▄ ▀ ▄▀█████████
███████▀ ▀█████▄▄▄█▄▄▄██████████
███████▀▄████████▀  ▀█ █▐███████
███████ ▀█████████▄█▀▀██ ███████
████████ ███▀██████ ▄ ██ ███████
████████▌▐▀▄ ██████████ ▄███████
█████████▄██▌▐█████▀██ █████████
████████████▄▀▀▀▀▀▄ ▀▄██████████
████████████████████████████████
.
.JOIN US - IT'S FREE! .
bennybong
Hero Member
*****
Offline Offline

Activity: 682
Merit: 500



View Profile
May 02, 2015, 02:57:27 PM
 #80

Trust me. I'm on a boat, with a personal crappy old laptop. No one has been near this. My internet is 150kb/s tops and I hate it!

Additionally, think about anyone else that has access or come in contact with your computer or any usb drive in the past. Additionally, since you are on a boat with a 150 kb/s connection that also brings 2 concerns to my mind : 1) you aren't keeping your windows box patched because of your extremely limited bandwidth. 2) You are using a wifi hotspot that is compromised.

The fact that you are so incredulous that you have been compromised is a security concern in itself as their are so many ways to be compromised with the way you store bitcoins. At most you should be upset and slightly shocked that you were compromised but aware that you made some security shortcuts and need to do better in the future.

Windows is up to date, I don't think the hotspot is conpromised. It's a very good system, I know the owner of this place and I've talking with the IT to try and get me some more speed! and I use VPN anyway (which I had to pay for.
Amph
Legendary
*
Offline Offline

Activity: 2226
Merit: 1003



View Profile
May 02, 2015, 02:58:10 PM
Last edit: May 02, 2015, 03:12:06 PM by Amph
 #81

NEw address has a new tag:

https://blockchain.info/address/1FpsRjQXFgiGzLNwyb2UC7bDNkj99xwdnf

wtf does that mean?!?

it seems that this guy know that you was using electrum, at least the tag indicate so, could it be that he is exploiting electrum weakness?
bennybong
Hero Member
*****
Offline Offline

Activity: 682
Merit: 500



View Profile
May 02, 2015, 02:58:53 PM
 #82

NEw address has a new tag:

https://blockchain.info/address/1FpsRjQXFgiGzLNwyb2UC7bDNkj99xwdnf

wtf does that mean?!?

He's implying an Electrum vulnerability...?

Exactly... What's going on? Any other reports of this??
redsn0w
Legendary
*
Offline Offline

Activity: 1736
Merit: 1040


#Free market


View Profile
May 02, 2015, 02:59:04 PM
 #83

NEw address has a new tag:

https://blockchain.info/address/1FpsRjQXFgiGzLNwyb2UC7bDNkj99xwdnf

wtf does that mean?!?


...
it seems that this guy now that you was using electrum, at least the tag indicate so, could it be that he is exploiting electrum weakness?


Wait, can I say one thing? .... and if it is only a joke by the OP (I'm only asking, but it could be possible).


shorena
Copper Member
Legendary
*
Offline Offline

Activity: 1484
Merit: 1320


No I dont escrow anymore.


View Profile WWW
May 02, 2015, 02:59:18 PM
Last edit: May 02, 2015, 04:32:25 PM by shorena
 #84

NEw address has a new tag:

https://blockchain.info/address/1FpsRjQXFgiGzLNwyb2UC7bDNkj99xwdnf

wtf does that mean?!?

The output can not be converted to an address.

Edit: looks like it can now. I thought bc.i did not show an address when I checked initially. Probably just lack of coffee.
redsn0w
Legendary
*
Offline Offline

Activity: 1736
Merit: 1040


#Free market


View Profile
May 02, 2015, 02:59:58 PM
 #85

NEw address has a new tag:

https://blockchain.info/address/1FpsRjQXFgiGzLNwyb2UC7bDNkj99xwdnf

wtf does that mean?!?

He's implying an Electrum vulnerability...?

Exactly... What's going on? Any other reports of this??

Which version of electrum have (or are you) used (using) ? I think you didn't reply to my past question (maybe you didn't noticed it).
inBitweTrust
Hero Member
*****
Offline Offline

Activity: 658
Merit: 500



View Profile
May 02, 2015, 03:00:37 PM
 #86

NEw address has a new tag:

https://blockchain.info/address/1FpsRjQXFgiGzLNwyb2UC7bDNkj99xwdnf

wtf does that mean?!?


"3lectruM fail. More2come SWX"

Looks like there is a small chance this is a whitehat hacker who will return the funds and this is his way of proving the vulnerability , teaching you a lesson, and/or having fun.


RocketSingh
Legendary
*
Offline Offline

Activity: 1622
Merit: 1010


View Profile
May 02, 2015, 03:00:51 PM
 #87

NEw address has a new tag:

https://blockchain.info/address/1FpsRjQXFgiGzLNwyb2UC7bDNkj99xwdnf

wtf does that mean?!?

It seems Electrum's security has been breached.

tokeweed
Legendary
*
Offline Offline

Activity: 2254
Merit: 1047


Life, Love and Laughter...


View Profile
May 02, 2015, 03:01:07 PM
 #88

NEw address has a new tag:

https://blockchain.info/address/1FpsRjQXFgiGzLNwyb2UC7bDNkj99xwdnf

wtf does that mean?!?


...
it seems that this guy now that you was using electrum, at least the tag indicate so, could it be that he is exploiting electrum weakness?


Wait, can I say one thing? .... and it is only a joke by the OP (I'm only asking, but it could be possible).




Huh?  You saying bennybong is joking? What?  You mean a prank?

████████████████████████████
████████▀▀ █▀ █▀ ▀██████████
█████████▄ ▄▄▄▄▄▄███████████
██████████▀     ▀  ▀████████
███████▀ ▀  ▄█▀▀▀█▀▀████████
██████▄      █▄  ▀▀  ▀██████
██████         ▄▄█▄ ▄ ▀█████
█████ ▄         ▀▀ ▄ ▀ █████
██████▌          █▀█▀ ▐█████
███████  ▄▌         ▄ ██████
████████▄█         ▄████████
█████████▀     ▄▄ ▄█████████
████████████████████████████
.JACKMATE'S...........
.
MAJESTIC..
████████████████████████
███████████████████████
████████████████████████
████████████████████████
████████████████████████
████████████████████████
████████████████████████
████████████████████████
████████████████████████
████████████████████████
████████████████████████
████████████████████████
████████████████████████
.
..WIN 1 BITCOIN ON EVERY PREMIER LEAGUE MATCHDAY..
████████████████████████████████
████████████▀█▀ ▀█▀█▀███████████
███████████▄ ▄▄▄▄▄▄▄████████████
███████████▀▀▄▄▄▄▄▄▄▄███████████
█████████▀▄ ██▀▄▄▄ ▀ ▄▀█████████
███████▀ ▀█████▄▄▄█▄▄▄██████████
███████▀▄████████▀  ▀█ █▐███████
███████ ▀█████████▄█▀▀██ ███████
████████ ███▀██████ ▄ ██ ███████
████████▌▐▀▄ ██████████ ▄███████
█████████▄██▌▐█████▀██ █████████
████████████▄▀▀▀▀▀▄ ▀▄██████████
████████████████████████████████
.
.JOIN US - IT'S FREE! .
bennybong
Hero Member
*****
Offline Offline

Activity: 682
Merit: 500



View Profile
May 02, 2015, 03:02:39 PM
 #89

It's not a joke guys  Embarrassed
SpanishSoldier
Sr. Member
****
Offline Offline

Activity: 434
Merit: 250


View Profile
May 02, 2015, 03:07:42 PM
 #90

NEw address has a new tag:

https://blockchain.info/address/1FpsRjQXFgiGzLNwyb2UC7bDNkj99xwdnf

wtf does that mean?!?

The output can not be converted to an address.

Probably Not. Check this...

https://www.blocktrail.com/BTC/tx/c8ab6cc860112ffc29f5a778b8f47fe862b9412ca96c13538468febe268f6d87

  ▃▃▃▂▂▂▂▂▃▃▃▃                                      ▃▃▃▂▂▂▃▃▃                         
   ██████████████████                                        █████████████     ████                 
   ██████████████████                                        █████████████     ████                 
          ████                                               ████                                   
          ████   █████ █████ ████   █████    █████████       ████       ████   ████  ███████████   
          ████   ▀█████████▀ ████   ████    ████   ████      █████████  ████   ████   ████  █████   
          ████    ████▀ ▀▀▀  ████   ████   ████     ████     █████████  ████   ████   ████    ████ 
          ████    ████       ████   ████   █████████████     ████       ████   ████   ████    ████ 
          ████    ████       ███████████▄   ████             ████       ████   ████   ████   █████ 
          ████    ████       █████  ███████  ████  ████      █████      ████   ████   ███████████   
         ▄████▄   ████        ███     ███      ██████        █████      ████   ████   █████████     
                                                                                      ████         
                                                                                      ████         
                                                                             █▀▀   
Blockchain Fair Games
|
Truly one of a kind games:
MAGIC DICE   CHAIN'S CODE   PIRATE BAY
MINING FACTORY      RAPID TO THE MOON
|

400 BTC
★ PRIZE FUND ★
|

WEEKLY GIWEAWAYS
Join our community!
150% BONUS
First-time deposit
VISA  🔴🌕  50+coins

CERTIFIED RNG
100% TRANSPARENT
PROVABLY FAIR
redsn0w
Legendary
*
Offline Offline

Activity: 1736
Merit: 1040


#Free market


View Profile
May 02, 2015, 03:08:02 PM
 #91

It's not a joke guys  Embarrassed

Ok thanks for the reply, however it is also interesting that the 'hacker' used 0.001 btc as fee :

https://blockchain.info/it/tx/c8ab6cc860112ffc29f5a778b8f47fe862b9412ca96c13538468febe268f6d87

It was not necessary in my opinion, and we know he also used the blockchain.info web-wallet to move those bitcoin.




It is only a blockchain.info tag , and it appears only in that site BC.info
inBitweTrust
Hero Member
*****
Offline Offline

Activity: 658
Merit: 500



View Profile
May 02, 2015, 03:09:29 PM
 #92

It's not a joke guys  Embarrassed

"SWX" doesn't refer to any common initialism that fits in context so its likely his handle or who this hacker is trying to pin this theft on.

What version of electrum are you running? Where did you download it from?  Since you are using an SPV client what server did you connect to?

coinableS
Legendary
*
Offline Offline

Activity: 1092
Merit: 1001



View Profile WWW
May 02, 2015, 03:12:44 PM
 #93

NEw address has a new tag:

https://blockchain.info/address/1FpsRjQXFgiGzLNwyb2UC7bDNkj99xwdnf

wtf does that mean?!?


...
it seems that this guy now that you was using electrum, at least the tag indicate so, could it be that he is exploiting electrum weakness?


Wait, can I say one thing? .... and if it is only a joke by the OP (I'm only asking, but it could be possible).




Why I am thinking the same thing? Sorry about your coins OP, but this is really strange TBH.

tokeweed
Legendary
*
Offline Offline

Activity: 2254
Merit: 1047


Life, Love and Laughter...


View Profile
May 02, 2015, 03:13:19 PM
 #94

What else was in that computer?  No naked selfies I hope...

████████████████████████████
████████▀▀ █▀ █▀ ▀██████████
█████████▄ ▄▄▄▄▄▄███████████
██████████▀     ▀  ▀████████
███████▀ ▀  ▄█▀▀▀█▀▀████████
██████▄      █▄  ▀▀  ▀██████
██████         ▄▄█▄ ▄ ▀█████
█████ ▄         ▀▀ ▄ ▀ █████
██████▌          █▀█▀ ▐█████
███████  ▄▌         ▄ ██████
████████▄█         ▄████████
█████████▀     ▄▄ ▄█████████
████████████████████████████
.JACKMATE'S...........
.
MAJESTIC..
████████████████████████
███████████████████████
████████████████████████
████████████████████████
████████████████████████
████████████████████████
████████████████████████
████████████████████████
████████████████████████
████████████████████████
████████████████████████
████████████████████████
████████████████████████
.
..WIN 1 BITCOIN ON EVERY PREMIER LEAGUE MATCHDAY..
████████████████████████████████
████████████▀█▀ ▀█▀█▀███████████
███████████▄ ▄▄▄▄▄▄▄████████████
███████████▀▀▄▄▄▄▄▄▄▄███████████
█████████▀▄ ██▀▄▄▄ ▀ ▄▀█████████
███████▀ ▀█████▄▄▄█▄▄▄██████████
███████▀▄████████▀  ▀█ █▐███████
███████ ▀█████████▄█▀▀██ ███████
████████ ███▀██████ ▄ ██ ███████
████████▌▐▀▄ ██████████ ▄███████
█████████▄██▌▐█████▀██ █████████
████████████▄▀▀▀▀▀▄ ▀▄██████████
████████████████████████████████
.
.JOIN US - IT'S FREE! .
johnyj
Legendary
*
Offline Offline

Activity: 1848
Merit: 1000


Beyond Imagination


View Profile
May 02, 2015, 03:14:02 PM
 #95

OP, was your VM machine running when the theft happened?

tokeweed
Legendary
*
Offline Offline

Activity: 2254
Merit: 1047


Life, Love and Laughter...


View Profile
May 02, 2015, 03:14:36 PM
 #96

NEw address has a new tag:

https://blockchain.info/address/1FpsRjQXFgiGzLNwyb2UC7bDNkj99xwdnf

wtf does that mean?!?


...
it seems that this guy now that you was using electrum, at least the tag indicate so, could it be that he is exploiting electrum weakness?


Wait, can I say one thing? .... and if it is only a joke by the OP (I'm only asking, but it could be possible).




Why I am thinking the same thing? Sorry about your coins OP, but this is really strange TBH.

Thank god I'm using armory.

████████████████████████████
████████▀▀ █▀ █▀ ▀██████████
█████████▄ ▄▄▄▄▄▄███████████
██████████▀     ▀  ▀████████
███████▀ ▀  ▄█▀▀▀█▀▀████████
██████▄      █▄  ▀▀  ▀██████
██████         ▄▄█▄ ▄ ▀█████
█████ ▄         ▀▀ ▄ ▀ █████
██████▌          █▀█▀ ▐█████
███████  ▄▌         ▄ ██████
████████▄█         ▄████████
█████████▀     ▄▄ ▄█████████
████████████████████████████
.JACKMATE'S...........
.
MAJESTIC..
████████████████████████
███████████████████████
████████████████████████
████████████████████████
████████████████████████
████████████████████████
████████████████████████
████████████████████████
████████████████████████
████████████████████████
████████████████████████
████████████████████████
████████████████████████
.
..WIN 1 BITCOIN ON EVERY PREMIER LEAGUE MATCHDAY..
████████████████████████████████
████████████▀█▀ ▀█▀█▀███████████
███████████▄ ▄▄▄▄▄▄▄████████████
███████████▀▀▄▄▄▄▄▄▄▄███████████
█████████▀▄ ██▀▄▄▄ ▀ ▄▀█████████
███████▀ ▀█████▄▄▄█▄▄▄██████████
███████▀▄████████▀  ▀█ █▐███████
███████ ▀█████████▄█▀▀██ ███████
████████ ███▀██████ ▄ ██ ███████
████████▌▐▀▄ ██████████ ▄███████
█████████▄██▌▐█████▀██ █████████
████████████▄▀▀▀▀▀▄ ▀▄██████████
████████████████████████████████
.
.JOIN US - IT'S FREE! .
bennybong
Hero Member
*****
Offline Offline

Activity: 682
Merit: 500



View Profile
May 02, 2015, 03:21:20 PM
 #97

Trust me. I'm on a boat, with a personal crappy old laptop. No one has been near this. My internet is 150kb/s tops and I hate it!

Additionally, think about anyone else that has access or come in contact with your computer or any usb drive in the past. Additionally, since you are on a boat with a 150 kb/s connection that also brings 2 concerns to my mind : 1) you aren't keeping your windows box patched because of your extremely limited bandwidth. 2) You are using a wifi hotspot that is compromised.

The fact that you are so incredulous that you have been compromised is a security concern in itself as their are so many ways to be compromised with the way you store bitcoins. At most you should be upset and slightly shocked that you were compromised but aware that you made some security shortcuts and need to do better in the future.
No one I know knows about bitcoin
tokeweed
Legendary
*
Offline Offline

Activity: 2254
Merit: 1047


Life, Love and Laughter...


View Profile
May 02, 2015, 03:24:50 PM
 #98

Trust me. I'm on a boat, with a personal crappy old laptop. No one has been near this. My internet is 150kb/s tops and I hate it!

Additionally, think about anyone else that has access or come in contact with your computer or any usb drive in the past. Additionally, since you are on a boat with a 150 kb/s connection that also brings 2 concerns to my mind : 1) you aren't keeping your windows box patched because of your extremely limited bandwidth. 2) You are using a wifi hotspot that is compromised.

The fact that you are so incredulous that you have been compromised is a security concern in itself as their are so many ways to be compromised with the way you store bitcoins. At most you should be upset and slightly shocked that you were compromised but aware that you made some security shortcuts and need to do better in the future.
No one I know knows about bitcoin

Probably someone does.  He's following you.

████████████████████████████
████████▀▀ █▀ █▀ ▀██████████
█████████▄ ▄▄▄▄▄▄███████████
██████████▀     ▀  ▀████████
███████▀ ▀  ▄█▀▀▀█▀▀████████
██████▄      █▄  ▀▀  ▀██████
██████         ▄▄█▄ ▄ ▀█████
█████ ▄         ▀▀ ▄ ▀ █████
██████▌          █▀█▀ ▐█████
███████  ▄▌         ▄ ██████
████████▄█         ▄████████
█████████▀     ▄▄ ▄█████████
████████████████████████████
.JACKMATE'S...........
.
MAJESTIC..
████████████████████████
███████████████████████
████████████████████████
████████████████████████
████████████████████████
████████████████████████
████████████████████████
████████████████████████
████████████████████████
████████████████████████
████████████████████████
████████████████████████
████████████████████████
.
..WIN 1 BITCOIN ON EVERY PREMIER LEAGUE MATCHDAY..
████████████████████████████████
████████████▀█▀ ▀█▀█▀███████████
███████████▄ ▄▄▄▄▄▄▄████████████
███████████▀▀▄▄▄▄▄▄▄▄███████████
█████████▀▄ ██▀▄▄▄ ▀ ▄▀█████████
███████▀ ▀█████▄▄▄█▄▄▄██████████
███████▀▄████████▀  ▀█ █▐███████
███████ ▀█████████▄█▀▀██ ███████
████████ ███▀██████ ▄ ██ ███████
████████▌▐▀▄ ██████████ ▄███████
█████████▄██▌▐█████▀██ █████████
████████████▄▀▀▀▀▀▄ ▀▄██████████
████████████████████████████████
.
.JOIN US - IT'S FREE! .
Sarthak
Hero Member
*****
Offline Offline

Activity: 518
Merit: 501

Error 404: there seems to be nothing here.


View Profile
May 02, 2015, 03:25:13 PM
 #99

U could try www.bitundo.com... but it has already got a confirmation.

Wow! Interesting share! Have you ever tried this site?
I don't think its legit! I will try it right now and edit this post Smiley

No. I have never tried. I'd be interested in your feedback as well...

It doesn't work  Undecided
The last "Next" button doesn't work no matter how much you click it or how hard you click it Tongue

inBitweTrust
Hero Member
*****
Offline Offline

Activity: 658
Merit: 500



View Profile
May 02, 2015, 03:26:26 PM
 #100


No one I know knows about bitcoin

It isn't about bitcoin, they could have grabbed your btc incidentally when they saw you were involved. No one you know or are in contact with is technical?

bennybong
Hero Member
*****
Offline Offline

Activity: 682
Merit: 500



View Profile
May 02, 2015, 03:31:30 PM
 #101


No one I know knows about bitcoin

It isn't about bitcoin, they could have grabbed your btc incidentally when they saw you were involved. No one you know or are in contact with is technical?

No this a fairly new build (PC). ANd I've been isolated completely living on this boat.
inBitweTrust
Hero Member
*****
Offline Offline

Activity: 658
Merit: 500



View Profile
May 02, 2015, 03:34:59 PM
 #102


No this a fairly new build (PC). ANd I've been isolated completely living on this boat.

Perhaps we should follow the hackers breadcrumbs...

3lectruM fail. More2come SWX

What version of electrum are you running? Where did you download it from?  Since you are using a SPV client what server did you connect to?

tokeweed
Legendary
*
Offline Offline

Activity: 2254
Merit: 1047


Life, Love and Laughter...


View Profile
May 02, 2015, 03:37:54 PM
 #103


No this a fairly new build (PC). ANd I've been isolated completely living on this boat.

Perhaps we should follow the hackers breadcrumbs...

3lectruM fail. More2come SWX

What version of electrum are you running? Where did you download it from?  Since you are using a SPV client what server did you connect to?


No one is willing to give that info in public right now.  It could be an Electrum vulnerability.

████████████████████████████
████████▀▀ █▀ █▀ ▀██████████
█████████▄ ▄▄▄▄▄▄███████████
██████████▀     ▀  ▀████████
███████▀ ▀  ▄█▀▀▀█▀▀████████
██████▄      █▄  ▀▀  ▀██████
██████         ▄▄█▄ ▄ ▀█████
█████ ▄         ▀▀ ▄ ▀ █████
██████▌          █▀█▀ ▐█████
███████  ▄▌         ▄ ██████
████████▄█         ▄████████
█████████▀     ▄▄ ▄█████████
████████████████████████████
.JACKMATE'S...........
.
MAJESTIC..
████████████████████████
███████████████████████
████████████████████████
████████████████████████
████████████████████████
████████████████████████
████████████████████████
████████████████████████
████████████████████████
████████████████████████
████████████████████████
████████████████████████
████████████████████████
.
..WIN 1 BITCOIN ON EVERY PREMIER LEAGUE MATCHDAY..
████████████████████████████████
████████████▀█▀ ▀█▀█▀███████████
███████████▄ ▄▄▄▄▄▄▄████████████
███████████▀▀▄▄▄▄▄▄▄▄███████████
█████████▀▄ ██▀▄▄▄ ▀ ▄▀█████████
███████▀ ▀█████▄▄▄█▄▄▄██████████
███████▀▄████████▀  ▀█ █▐███████
███████ ▀█████████▄█▀▀██ ███████
████████ ███▀██████ ▄ ██ ███████
████████▌▐▀▄ ██████████ ▄███████
█████████▄██▌▐█████▀██ █████████
████████████▄▀▀▀▀▀▄ ▀▄██████████
████████████████████████████████
.
.JOIN US - IT'S FREE! .
bennybong
Hero Member
*****
Offline Offline

Activity: 682
Merit: 500



View Profile
May 02, 2015, 03:39:49 PM
 #104


No this a fairly new build (PC). ANd I've been isolated completely living on this boat.

Perhaps we should follow the hackers breadcrumbs...

3lectruM fail. More2come SWX

What version of electrum are you running? Where did you download it from?  Since you are using a SPV client what server did you connect to?

v2.1.1 downloaded from their website and i check the checksums. Server is autconnect.
johnyj
Legendary
*
Offline Offline

Activity: 1848
Merit: 1000


Beyond Imagination


View Profile
May 02, 2015, 03:41:04 PM
 #105

A fake Electrum server  Roll Eyes

Was your VM machine running when the theft happened?

bennybong
Hero Member
*****
Offline Offline

Activity: 682
Merit: 500



View Profile
May 02, 2015, 03:43:00 PM
 #106

A fake Electrum server  Roll Eyes

Is that possible? and is elctrum responsible for that at all?
inBitweTrust
Hero Member
*****
Offline Offline

Activity: 658
Merit: 500



View Profile
May 02, 2015, 03:43:46 PM
 #107

A fake Electrum server  Roll Eyes

Yes, This is a very likely possibility. Do not use auto-connect with SPV clients and select an older trusted server.

Is that possible? and is elctrum responsible for that at all?

Anyone can setup an electrum server. https://github.com/spesmilo/electrum-server/

johnyj
Legendary
*
Offline Offline

Activity: 1848
Merit: 1000


Beyond Imagination


View Profile
May 02, 2015, 03:48:17 PM
 #108

A fake Electrum server  Roll Eyes

Is that possible? and is elctrum responsible for that at all?

If it is indeed an Electrum bug, then they will compensate you for sure. But I'm not sure what kind of harm a fake server can do, since the signing of the transaction happens locally and no one should have the knowledge of your seed

If your VM machine was not running when the theft happens, then the weakness should be in the seed or private key

bennybong
Hero Member
*****
Offline Offline

Activity: 682
Merit: 500



View Profile
May 02, 2015, 03:48:44 PM
 #109

A fake Electrum server  Roll Eyes

Yes, This is a very likely possibility. Do not use auto-connect with SPV clients and select an older trusted server.

Fuck I've been screwed so many times. BFL, Avalon, mtGox, 50BTC, blackarrow. Fuck them all. Only got back in to BTC recently after about 4-5 months. I give up.
SpanishSoldier
Sr. Member
****
Offline Offline

Activity: 434
Merit: 250


View Profile
May 02, 2015, 03:49:30 PM
 #110


No one I know knows about bitcoin

It isn't about bitcoin, they could have grabbed your btc incidentally when they saw you were involved. No one you know or are in contact with is technical?

No this a fairly new build (PC). ANd I've been isolated completely living on this boat.

Living on a boat ? How u r getting the connectivity ? Is that internet connection reliable ? Are u in a river or in a sea ? Care to share a snap ?

  ▃▃▃▂▂▂▂▂▃▃▃▃                                      ▃▃▃▂▂▂▃▃▃                         
   ██████████████████                                        █████████████     ████                 
   ██████████████████                                        █████████████     ████                 
          ████                                               ████                                   
          ████   █████ █████ ████   █████    █████████       ████       ████   ████  ███████████   
          ████   ▀█████████▀ ████   ████    ████   ████      █████████  ████   ████   ████  █████   
          ████    ████▀ ▀▀▀  ████   ████   ████     ████     █████████  ████   ████   ████    ████ 
          ████    ████       ████   ████   █████████████     ████       ████   ████   ████    ████ 
          ████    ████       ███████████▄   ████             ████       ████   ████   ████   █████ 
          ████    ████       █████  ███████  ████  ████      █████      ████   ████   ███████████   
         ▄████▄   ████        ███     ███      ██████        █████      ████   ████   █████████     
                                                                                      ████         
                                                                                      ████         
                                                                             █▀▀   
Blockchain Fair Games
|
Truly one of a kind games:
MAGIC DICE   CHAIN'S CODE   PIRATE BAY
MINING FACTORY      RAPID TO THE MOON
|

400 BTC
★ PRIZE FUND ★
|

WEEKLY GIWEAWAYS
Join our community!
150% BONUS
First-time deposit
VISA  🔴🌕  50+coins

CERTIFIED RNG
100% TRANSPARENT
PROVABLY FAIR
bennybong
Hero Member
*****
Offline Offline

Activity: 682
Merit: 500



View Profile
May 02, 2015, 03:50:24 PM
 #111

A fake Electrum server  Roll Eyes

Is that possible? and is elctrum responsible for that at all?

If it is indeed an Electrum bug, then they will compensate you for sure. But I'm not sure what kind of harm a fake server can do, since the signing of the transaction happens locally and no one should have the knowledge of your seed

If your VM machine was not running when the theft happens, then the weakness should be in the seed or private key

Well either way I'm fucked. Accepting donations to my sig.. Fuck my dignity. hah Sad
tokeweed
Legendary
*
Offline Offline

Activity: 2254
Merit: 1047


Life, Love and Laughter...


View Profile
May 02, 2015, 03:53:08 PM
 #112

A fake Electrum server  Roll Eyes

Yes, This is a very likely possibility. Do not use auto-connect with SPV clients and select an older trusted server.

Fuck I've been screwed so many times. BFL, Avalon, mtGox, 50BTC, blackarrow. Fuck them all. Only got back in to BTC recently after about 4-5 months. I give up.

Yeah.  It's just one of those things, you know?  Fate, karma, cause and effect or whatever...  It's probably the whole universe trying to tell you that Bitcoin isn't for you.

████████████████████████████
████████▀▀ █▀ █▀ ▀██████████
█████████▄ ▄▄▄▄▄▄███████████
██████████▀     ▀  ▀████████
███████▀ ▀  ▄█▀▀▀█▀▀████████
██████▄      █▄  ▀▀  ▀██████
██████         ▄▄█▄ ▄ ▀█████
█████ ▄         ▀▀ ▄ ▀ █████
██████▌          █▀█▀ ▐█████
███████  ▄▌         ▄ ██████
████████▄█         ▄████████
█████████▀     ▄▄ ▄█████████
████████████████████████████
.JACKMATE'S...........
.
MAJESTIC..
████████████████████████
███████████████████████
████████████████████████
████████████████████████
████████████████████████
████████████████████████
████████████████████████
████████████████████████
████████████████████████
████████████████████████
████████████████████████
████████████████████████
████████████████████████
.
..WIN 1 BITCOIN ON EVERY PREMIER LEAGUE MATCHDAY..
████████████████████████████████
████████████▀█▀ ▀█▀█▀███████████
███████████▄ ▄▄▄▄▄▄▄████████████
███████████▀▀▄▄▄▄▄▄▄▄███████████
█████████▀▄ ██▀▄▄▄ ▀ ▄▀█████████
███████▀ ▀█████▄▄▄█▄▄▄██████████
███████▀▄████████▀  ▀█ █▐███████
███████ ▀█████████▄█▀▀██ ███████
████████ ███▀██████ ▄ ██ ███████
████████▌▐▀▄ ██████████ ▄███████
█████████▄██▌▐█████▀██ █████████
████████████▄▀▀▀▀▀▄ ▀▄██████████
████████████████████████████████
.
.JOIN US - IT'S FREE! .
fryarminer
Hero Member
*****
Offline Offline

Activity: 658
Merit: 500


View Profile
May 02, 2015, 03:54:05 PM
 #113

This is a horrible thread!! Dude sorry about your luck.
I hope the breadcrumbs lead to something.
fryarminer
Hero Member
*****
Offline Offline

Activity: 658
Merit: 500


View Profile
May 02, 2015, 03:55:21 PM
 #114

A fake Electrum server  Roll Eyes

Yes, This is a very likely possibility. Do not use auto-connect with SPV clients and select an older trusted server.

Fuck I've been screwed so many times. BFL, Avalon, mtGox, 50BTC, blackarrow. Fuck them all. Only got back in to BTC recently after about 4-5 months. I give up.

You got hit by all the above?! Outch.
inBitweTrust
Hero Member
*****
Offline Offline

Activity: 658
Merit: 500



View Profile
May 02, 2015, 03:55:50 PM
 #115

A fake Electrum server  Roll Eyes

Is that possible? and is elctrum responsible for that at all?

If it is indeed an Electrum bug, then they will compensate you for sure. But I'm not sure what kind of harm a fake server can do, since the signing of the transaction happens locally and no one should have the knowledge of your seed

If your VM machine was not running when the theft happens, then the weakness should be in the seed or private key

Servers technically aren't supposed to be able to steal your bitcoin with electrum as it depends upon SSL for security . But the attacker could have used compromised SSL certs ...

https://www.reddit.com/r/Bitcoin/comments/2feox9/electrum_securityprivacy_model/


tokeweed
Legendary
*
Offline Offline

Activity: 2254
Merit: 1047


Life, Love and Laughter...


View Profile
May 02, 2015, 03:55:57 PM
 #116

A fake Electrum server  Roll Eyes

Is that possible? and is elctrum responsible for that at all?

If it is indeed an Electrum bug, then they will compensate you for sure. But I'm not sure what kind of harm a fake server can do, since the signing of the transaction happens locally and no one should have the knowledge of your seed

If your VM machine was not running when the theft happens, then the weakness should be in the seed or private key

Well either way I'm fucked. Accepting donations to my sig.. Fuck my dignity. hah Sad

That on the same computer?  The hacker is probably reading this and licking his chops.  Cheesy

████████████████████████████
████████▀▀ █▀ █▀ ▀██████████
█████████▄ ▄▄▄▄▄▄███████████
██████████▀     ▀  ▀████████
███████▀ ▀  ▄█▀▀▀█▀▀████████
██████▄      █▄  ▀▀  ▀██████
██████         ▄▄█▄ ▄ ▀█████
█████ ▄         ▀▀ ▄ ▀ █████
██████▌          █▀█▀ ▐█████
███████  ▄▌         ▄ ██████
████████▄█         ▄████████
█████████▀     ▄▄ ▄█████████
████████████████████████████
.JACKMATE'S...........
.
MAJESTIC..
████████████████████████
███████████████████████
████████████████████████
████████████████████████
████████████████████████
████████████████████████
████████████████████████
████████████████████████
████████████████████████
████████████████████████
████████████████████████
████████████████████████
████████████████████████
.
..WIN 1 BITCOIN ON EVERY PREMIER LEAGUE MATCHDAY..
████████████████████████████████
████████████▀█▀ ▀█▀█▀███████████
███████████▄ ▄▄▄▄▄▄▄████████████
███████████▀▀▄▄▄▄▄▄▄▄███████████
█████████▀▄ ██▀▄▄▄ ▀ ▄▀█████████
███████▀ ▀█████▄▄▄█▄▄▄██████████
███████▀▄████████▀  ▀█ █▐███████
███████ ▀█████████▄█▀▀██ ███████
████████ ███▀██████ ▄ ██ ███████
████████▌▐▀▄ ██████████ ▄███████
█████████▄██▌▐█████▀██ █████████
████████████▄▀▀▀▀▀▄ ▀▄██████████
████████████████████████████████
.
.JOIN US - IT'S FREE! .
bennybong
Hero Member
*****
Offline Offline

Activity: 682
Merit: 500



View Profile
May 02, 2015, 03:58:29 PM
 #117

lol no. fuck no.  Cheesy
tokeweed
Legendary
*
Offline Offline

Activity: 2254
Merit: 1047


Life, Love and Laughter...


View Profile
May 02, 2015, 04:01:19 PM
 #118

lol no. fuck no.  Cheesy

You have 2 computers on the boat?

████████████████████████████
████████▀▀ █▀ █▀ ▀██████████
█████████▄ ▄▄▄▄▄▄███████████
██████████▀     ▀  ▀████████
███████▀ ▀  ▄█▀▀▀█▀▀████████
██████▄      █▄  ▀▀  ▀██████
██████         ▄▄█▄ ▄ ▀█████
█████ ▄         ▀▀ ▄ ▀ █████
██████▌          █▀█▀ ▐█████
███████  ▄▌         ▄ ██████
████████▄█         ▄████████
█████████▀     ▄▄ ▄█████████
████████████████████████████
.JACKMATE'S...........
.
MAJESTIC..
████████████████████████
███████████████████████
████████████████████████
████████████████████████
████████████████████████
████████████████████████
████████████████████████
████████████████████████
████████████████████████
████████████████████████
████████████████████████
████████████████████████
████████████████████████
.
..WIN 1 BITCOIN ON EVERY PREMIER LEAGUE MATCHDAY..
████████████████████████████████
████████████▀█▀ ▀█▀█▀███████████
███████████▄ ▄▄▄▄▄▄▄████████████
███████████▀▀▄▄▄▄▄▄▄▄███████████
█████████▀▄ ██▀▄▄▄ ▀ ▄▀█████████
███████▀ ▀█████▄▄▄█▄▄▄██████████
███████▀▄████████▀  ▀█ █▐███████
███████ ▀█████████▄█▀▀██ ███████
████████ ███▀██████ ▄ ██ ███████
████████▌▐▀▄ ██████████ ▄███████
█████████▄██▌▐█████▀██ █████████
████████████▄▀▀▀▀▀▄ ▀▄██████████
████████████████████████████████
.
.JOIN US - IT'S FREE! .
bennybong
Hero Member
*****
Offline Offline

Activity: 682
Merit: 500



View Profile
May 02, 2015, 04:04:14 PM
 #119

A laptop (with elctrum) and a PC yes. Problem?
inBitweTrust
Hero Member
*****
Offline Offline

Activity: 658
Merit: 500



View Profile
May 02, 2015, 04:09:04 PM
 #120

A laptop (with elctrum) and a PC yes. Problem?

Yes, asking for charity is slightly inappropriate under such circumstances because:

1) This all could be an orchestrated ruse to get some free BTC and apparently small amounts of BTC is a big deal to you

2) You really need to secure you computers first and practice better security in general even if you have 2 devices (there could be cross contamination.

I am not assuming anything but that is kinda how it looks when people overtly ask for charity right after being hacked.

bennybong
Hero Member
*****
Offline Offline

Activity: 682
Merit: 500



View Profile
May 02, 2015, 04:11:51 PM
 #121

A laptop (with elctrum) and a PC yes. Problem?

Yes, asking for charity is slightly inappropriate under such circumstances because:

1) This all could be an orchestrated ruse to get some free BTC and apparently small amounts of BTC is a big deal to you

2) You really need to secure you computers first and practice better security in general even if you have 2 devices (there could be cross contamination.

I am not assuming anything but that is kinda how it looks when people overtly ask for charity right after being hacked.

I'm just pissed of because I just spent the last of my cash and lost it almost instantly. fml

Oh and I'm a fairly respected member here. Do you think this some kind of scam?
inBitweTrust
Hero Member
*****
Offline Offline

Activity: 658
Merit: 500



View Profile
May 02, 2015, 04:15:01 PM
 #122

I'm just pissed of because I just spent the last of my cash and lost it almost instantly. fml

Yeah, I think you are sincere and is just a very unfortunate experience. You still need to change all your passwords and do 2 reinstalls , and quarantine a lot of your data first until we know exactly how this happened. Hopefully he explains more details soon as he indicated.


Oh and I'm a fairly respected member here. Do you think this some kind of scam?

No, I think you are sincere , but unfortunately many hero accounts are sold off.

Blazr
Hero Member
*****
Offline Offline

Activity: 882
Merit: 1001



View Profile
May 02, 2015, 04:15:07 PM
 #123

A fake electrum server is highly unlikely. Electrum "server" is a bad way to describe it, they are essentially electrum "nodes". There is no trust involved when using an electrum server, they can tell what your IP is and what your Bitcoin addresses are, but they have no ability whatsoever to steal funds. A vulnerability that allowed the server to steal funds in the way the OP described is highly unlikely, as the only task the server does is let the client know about transactions their addresses received, and said information is verified by the client against other nodes.

Based on the blockchain messages I would think that the hacker is likely reading this thread therefore I would suspect it was a more targeted attack as he likely knows the OP had an account here.

erikalui
Legendary
*
Offline Offline

Activity: 1764
Merit: 1054



View Profile WWW
May 02, 2015, 04:22:06 PM
 #124

It's weird that the bitcoins just arrived in your account and it got transferred in 1 minute. All say that Electrum is safe and this cannot happen unless your PC has been compromised. The transaction note as well is weird and if it's an error from Electrum, you can expect your money back as this might have happened with many other users as well.




.




  ▄▄▄▄▄▄▄▄▄▄▄▄▄
▄████████▀▀▀▀███▄
███████▀     ████
███████   ███████
█████        ████
███████   ███████
▀██████   ██████▀
  ▀▀▀▀▀   ▀▀▀▀▀

  ▄▄▄▄▄▄▄▄▄▄▄▄▄
▄██▀▀▀▀▀▀▀▀▀▀▀██▄
██    ▄▄▄▄▄ ▀  ██
██   █▀   ▀█   ██
██   █▄   ▄█   ██
██    ▀▀▀▀▀    ██
▀██▄▄▄▄▄▄▄▄▄▄▄██▀
  ▀▀▀▀▀▀▀▀▀▀▀▀▀

            ▄▄▄
█▄▄      ████████▄
 █████▄▄████████▌
▀██████████████▌
  █████████████
  ▀██████████▀
   ▄▄██████▀
    ▀▀▀▀▀

    ██  ██
  ███████████▄
    ██      ▀█
    ██▄▄▄▄▄▄█▀
    ██▀▀▀▀▀▀█▄
    ██      ▄█
  ███████████▀
    ██  ██




               ▄
       ▄  ▄█▄ ▀█▀      ▄
      ▀█▀  ▀   ▄  ▄█▄ ▀█▀
███▄▄▄        ▀█▀  ▀     ▄▄▄███       ▐█▄    ▄█▌   ▐█▌   █▄    ▐█▌   ████████   █████▄     ██    ▄█████▄▄   ▐█████▌
████████▄▄           ▄▄████████       ▐███▄▄███▌   ▐█▌   ███▄  ▐█▌      ██      █▌  ▀██    ██   ▄██▀   ▀▀   ▐█
███████████▄       ▄███████████       ▐█▌▀██▀▐█▌   ▐█▌   ██▀██▄▐█▌      ██      █▌   ▐█▌   ██   ██          ▐█████▌
 ████████████     ████████████        ▐█▌    ▐█▌   ▐█▌   ██  ▀███▌      ██      █▌  ▄██    ██   ▀██▄   ▄▄   ▐█
  ████████████   ████████████         ▐█▌    ▐█▌   ▐█▌   ██    ▀█▌      ██      █████▀     ██    ▀█████▀▀   ▐█████▌
   ▀███████████ ███████████▀
     ▀███████████████████▀
        ▀▀▀█████████▀▀▀
FIND OUT MORE AT MINTDICE.COM
bronan
Hero Member
*****
Offline Offline

Activity: 775
Merit: 500


Lazy Lurker Reads Alot


View Profile WWW
May 02, 2015, 04:23:06 PM
 #125

well which are trusted servers for electrum ?
If i browse through that list i see alot of names but most look at least nasty
bennybong
Hero Member
*****
Offline Offline

Activity: 682
Merit: 500



View Profile
May 02, 2015, 04:24:40 PM
 #126

It's weird that the bitcoins just arrived in your account and it got transferred in 1 minute. All say that Electrum is safe and this cannot happen unless your PC has been compromised. The transaction note as well is weird and if it's an error from Electrum, you can expect your money back as this might have happened with many other users as well.

Shall I contact electrum do you think?
Blazr
Hero Member
*****
Offline Offline

Activity: 882
Merit: 1001



View Profile
May 02, 2015, 04:25:18 PM
 #127

well which are trusted servers for electrum ?
If i browse through that list i see alot of names but most look at least nasty

There is no need to trust your electrum server much, all they do is give your client transaction data about your addresses and that information is checked against other nodes. They do however have the ability to know your IP address and Bitcoin addresses, so you should only use servers that you think will respect your privacy and use Tor if necessary.

inBitweTrust
Hero Member
*****
Offline Offline

Activity: 658
Merit: 500



View Profile
May 02, 2015, 04:25:32 PM
 #128

It's weird that the bitcoins just arrived in your account and it got transferred in 1 minute. All say that Electrum is safe and this cannot happen unless your PC has been compromised. The transaction note as well is weird and if it's an error from Electrum, you can expect your money back as this might have happened with many other users as well.

Shall I contact electrum do you think?

Good idea.

Blazr
Hero Member
*****
Offline Offline

Activity: 882
Merit: 1001



View Profile
May 02, 2015, 04:25:56 PM
 #129

It's weird that the bitcoins just arrived in your account and it got transferred in 1 minute.

That isn't weird at all. This happens all of the time with hacked brainwallets etc

redsn0w
Legendary
*
Offline Offline

Activity: 1736
Merit: 1040


#Free market


View Profile
May 02, 2015, 04:29:12 PM
 #130

It's weird that the bitcoins just arrived in your account and it got transferred in 1 minute. All say that Electrum is safe and this cannot happen unless your PC has been compromised. The transaction note as well is weird and if it's an error from Electrum, you can expect your money back as this might have happened with many other users as well.

Shall I contact electrum do you think?

I am still thinking that it is not a problem of electrum, a 'bug'. Check again your personal computer.


It's weird that the bitcoins just arrived in your account and it got transferred in 1 minute.

That isn't weird at all. This happens all of the time with hacked brainwallets etc

Electrum seed is different than the passphrase of a brainwallet, or am I wrong?



bronan
Hero Member
*****
Offline Offline

Activity: 775
Merit: 500


Lazy Lurker Reads Alot


View Profile WWW
May 02, 2015, 04:29:50 PM
Last edit: May 02, 2015, 04:41:43 PM by bronan
 #131

Need to know if my friends are safe, if there is a flaw in electrum
My first question is did you try using any trojan scan tools

http://www.thewindowsclub.com/malware-removal-windows

Try at least to see if there is no nasty stuff on your computer, to make sure its not any of that.

lol non of my friends installed the 2.x they are on 1.9.8
 
redsn0w
Legendary
*
Offline Offline

Activity: 1736
Merit: 1040


#Free market


View Profile
May 02, 2015, 04:30:06 PM
 #132

Another transaction : https://blockchain.info/it/tx/8a47c42aa28aefe9f47f28777c319265998730b6bf5fa0a3aadcd85f76c50906

This time with only 0.00003 bitcoin as fee. I'm so curious to see if he will add a blockchain.info tag also to that bitcoin address.
erikalui
Legendary
*
Offline Offline

Activity: 1764
Merit: 1054



View Profile WWW
May 02, 2015, 04:31:25 PM
 #133

It's weird that the bitcoins just arrived in your account and it got transferred in 1 minute. All say that Electrum is safe and this cannot happen unless your PC has been compromised. The transaction note as well is weird and if it's an error from Electrum, you can expect your money back as this might have happened with many other users as well.

Shall I contact electrum do you think?

Definitely do that. It seems to be an error from their end and I hope you get your money back.

Also, try to restore your computer to an earlier date when it was working fine to delete any virus (in case it was infected).

It's weird that the bitcoins just arrived in your account and it got transferred in 1 minute.

That isn't weird at all. This happens all of the time with hacked brainwallets etc

So fast? You mean his account was hacked from first? It's quite unlikely and since I have no experience with electrum, it can be a possibility.




.




  ▄▄▄▄▄▄▄▄▄▄▄▄▄
▄████████▀▀▀▀███▄
███████▀     ████
███████   ███████
█████        ████
███████   ███████
▀██████   ██████▀
  ▀▀▀▀▀   ▀▀▀▀▀

  ▄▄▄▄▄▄▄▄▄▄▄▄▄
▄██▀▀▀▀▀▀▀▀▀▀▀██▄
██    ▄▄▄▄▄ ▀  ██
██   █▀   ▀█   ██
██   █▄   ▄█   ██
██    ▀▀▀▀▀    ██
▀██▄▄▄▄▄▄▄▄▄▄▄██▀
  ▀▀▀▀▀▀▀▀▀▀▀▀▀

            ▄▄▄
█▄▄      ████████▄
 █████▄▄████████▌
▀██████████████▌
  █████████████
  ▀██████████▀
   ▄▄██████▀
    ▀▀▀▀▀

    ██  ██
  ███████████▄
    ██      ▀█
    ██▄▄▄▄▄▄█▀
    ██▀▀▀▀▀▀█▄
    ██      ▄█
  ███████████▀
    ██  ██




               ▄
       ▄  ▄█▄ ▀█▀      ▄
      ▀█▀  ▀   ▄  ▄█▄ ▀█▀
███▄▄▄        ▀█▀  ▀     ▄▄▄███       ▐█▄    ▄█▌   ▐█▌   █▄    ▐█▌   ████████   █████▄     ██    ▄█████▄▄   ▐█████▌
████████▄▄           ▄▄████████       ▐███▄▄███▌   ▐█▌   ███▄  ▐█▌      ██      █▌  ▀██    ██   ▄██▀   ▀▀   ▐█
███████████▄       ▄███████████       ▐█▌▀██▀▐█▌   ▐█▌   ██▀██▄▐█▌      ██      █▌   ▐█▌   ██   ██          ▐█████▌
 ████████████     ████████████        ▐█▌    ▐█▌   ▐█▌   ██  ▀███▌      ██      █▌  ▄██    ██   ▀██▄   ▄▄   ▐█
  ████████████   ████████████         ▐█▌    ▐█▌   ▐█▌   ██    ▀█▌      ██      █████▀     ██    ▀█████▀▀   ▐█████▌
   ▀███████████ ███████████▀
     ▀███████████████████▀
        ▀▀▀█████████▀▀▀
FIND OUT MORE AT MINTDICE.COM
Blazr
Hero Member
*****
Offline Offline

Activity: 882
Merit: 1001



View Profile
May 02, 2015, 04:32:20 PM
 #134

Electrum seed is different than the passphrase of a brainwallet, or am I wrong?

It is different, however it can be cracked in the same way, for example if you made up your own seed, one that is easy to remember, people often do things like this and if you do that it likely won't be very random and is vulnerable like a brainwallet. It is also possible that the hacker found the wallet file and noticed it was empty, so he set up his PC to sweep it once funds were transferred to it.

Blazr
Hero Member
*****
Offline Offline

Activity: 882
Merit: 1001



View Profile
May 02, 2015, 04:34:44 PM
 #135

Definitely do that. It seems to be an error from their end and I hope you get your money back.

I seriously doubt it is a bug in electrum, nothing in this thread has indicated so, it looks like OP's private keys were compromised somehow.

bennybong
Hero Member
*****
Offline Offline

Activity: 682
Merit: 500



View Profile
May 02, 2015, 04:34:59 PM
 #136

It's moved

https://blockchain.info/address/14GhadwWV4uaoxWZcNrnU3zWkTrtHbCF2T
redsn0w
Legendary
*
Offline Offline

Activity: 1736
Merit: 1040


#Free market


View Profile
May 02, 2015, 04:35:10 PM
 #137

Another transaction : https://blockchain.info/it/tx/8a47c42aa28aefe9f47f28777c319265998730b6bf5fa0a3aadcd85f76c50906

This time with only 0.00003 bitcoin as fee. I'm so curious to see if he will add a blockchain.info tag also to that bitcoin address.


I'm quoting myself : aLL bTc in my handz SWX (https://blockchain.info/it/address/14GhadwWV4uaoxWZcNrnU3zWkTrtHbCF2T).


Electrum seed is different than the passphrase of a brainwallet, or am I wrong?

It is different, however it can be cracked in the same way, for example if you made up your own seed, one that is easy to remember, people often do things like this and if you do that it likely won't be very random and is vulnerable like a brainwallet. It is also possible that the hacker found the wallet file and noticed it was empty, so he set up his PC to sweep it once funds were transferred to it.


But it is so complicated to 'find' or crack 12 words (the electrum seed).
Ghris
Sr. Member
****
Offline Offline

Activity: 356
Merit: 250


View Profile
May 02, 2015, 04:37:45 PM
 #138

Another transaction : https://blockchain.info/it/tx/8a47c42aa28aefe9f47f28777c319265998730b6bf5fa0a3aadcd85f76c50906

This time with only 0.00003 bitcoin as fee. I'm so curious to see if he will add a blockchain.info tag also to that bitcoin address.


I'm quoting myself : aLL bTc in my handz SWX (https://blockchain.info/it/address/14GhadwWV4uaoxWZcNrnU3zWkTrtHbCF2T).


Electrum seed is different than the passphrase of a brainwallet, or am I wrong?

It is different, however it can be cracked in the same way, for example if you made up your own seed, one that is easy to remember, people often do things like this and if you do that it likely won't be very random and is vulnerable like a brainwallet. It is also possible that the hacker found the wallet file and noticed it was empty, so he set up his PC to sweep it once funds were transferred to it.


But it is so complicated to 'find' or crack 12 words (the electrum seed).

Wait, are you quoting your forum message or are you quoting "your" tag?  Grin

Sorry for your loss OP. But I have a feeling this is done by a troll that might give it back eventually.
Blazr
Hero Member
*****
Offline Offline

Activity: 882
Merit: 1001



View Profile
May 02, 2015, 04:38:22 PM
 #139

But it is so complicated to 'find' or crack 12 words (the electrum seed).

If your twelve words are all the same word it isn't. Sometimes people "pick" their own seeds that are weaker.

Beliathon
Hero Member
*****
Offline Offline

Activity: 784
Merit: 1000


https://youtu.be/PZm8TTLR2NU


View Profile WWW
May 02, 2015, 04:38:34 PM
 #140

Windows 7 and VMware from encrypted container running Ubuntu
Likely the problem is here, how good is the entropy of this encryption?

Remember Aaron Swartz, a 26 year old computer scientist who died defending the free flow of information.
Blazr
Hero Member
*****
Offline Offline

Activity: 882
Merit: 1001



View Profile
May 02, 2015, 04:40:37 PM
 #141

Windows 7 and VMware from encrypted container running Ubuntu
Likely the problem is here, how good is the entropy of this encryption?

Yes I was thinking that it could be a problem with low entropy. Electrum uses /dev/urandom to generate seeds (with some filtering IIRC). /dev/urandom doesn't work so good in a VM, and if you are doing encryption in the VM too then you are gonig to deplete the entropy further. I wonder if it could be that OP's wallet was generated using poor entropy, and a hacker out there trying to crack weak seeds managed to crack the seed, much like the johoe bc.info hack. It's less likely though as the /dev/urandom in Ubuntu is pretty good, and probably safe enough, but I wonder if VMWare could change that or maybe even specifically the OP's VMWare configuration, as the LRNG uses lots of hardware inputs to make entropy. In any case I think the most likely scenario is that OP's machine is infected or the hacker found a backup or got the wallet some way like that.

shorena
Copper Member
Legendary
*
Offline Offline

Activity: 1484
Merit: 1320


No I dont escrow anymore.


View Profile WWW
May 02, 2015, 04:43:33 PM
 #142

Two things.

#1 OP move this into the Electrum section please. This will make sure people with more knowledge about Electrum will read the thread. The option to move a thread is at the lower left of the page.

-> https://bitcointalk.org/index.php?board=98.0

#2 Isnt Electrum 2 still in beta?
bronan
Hero Member
*****
Offline Offline

Activity: 775
Merit: 500


Lazy Lurker Reads Alot


View Profile WWW
May 02, 2015, 04:44:07 PM
 #143

you mean a quote like : like like like like like like like like like like like like like Wink
redsn0w
Legendary
*
Offline Offline

Activity: 1736
Merit: 1040


#Free market


View Profile
May 02, 2015, 04:44:36 PM
 #144

Another transaction : https://blockchain.info/it/tx/8a47c42aa28aefe9f47f28777c319265998730b6bf5fa0a3aadcd85f76c50906

This time with only 0.00003 bitcoin as fee. I'm so curious to see if he will add a blockchain.info tag also to that bitcoin address.


I'm quoting myself : aLL bTc in my handz SWX (https://blockchain.info/it/address/14GhadwWV4uaoxWZcNrnU3zWkTrtHbCF2T).


Electrum seed is different than the passphrase of a brainwallet, or am I wrong?

It is different, however it can be cracked in the same way, for example if you made up your own seed, one that is easy to remember, people often do things like this and if you do that it likely won't be very random and is vulnerable like a brainwallet. It is also possible that the hacker found the wallet file and noticed it was empty, so he set up his PC to sweep it once funds were transferred to it.


But it is so complicated to 'find' or crack 12 words (the electrum seed).

Wait, are you quoting your forum message or are you quoting "your" tag?  Grin

Sorry for your loss OP. But I have a feeling this is done by a troll that might give it back eventually.


With " I'm quoting " I meant , quote my previous post because I thought the 'hacker' or who is managing the funds would be add surely the blockchain.info tag.



But it is so complicated to 'find' or crack 12 words (the electrum seed).

If your twelve words are all the same word it isn't. Sometimes people "pick" their own seeds that are weaker.

In that case it is very easy, but usually it is the wallet (itself) that generete the 12 words as seed and you can't decide (or better can't modify) those words.
bronan
Hero Member
*****
Offline Offline

Activity: 775
Merit: 500


Lazy Lurker Reads Alot


View Profile WWW
May 02, 2015, 04:44:48 PM
 #145

nope looks like an official release

Well its possible that one would get the same one but its very unlikey given the possible combinations.
But i remember on safe seller putting a large sum for those who could open it with a bunch of numbers they asumed it would never happen.
The funny thing is a nice woman just did the lucky guess and got it out
unamis76
Legendary
*
Offline Offline

Activity: 1456
Merit: 1001


View Profile
May 02, 2015, 04:45:04 PM
 #146

Sorry for your loss. This is pretty odd... I highly doubt of an error in Electrum (if it was, the hackers would have many stolen Bitcoin right now), this was more a targeted attack, or so it seems.

More info about OP's setup would be needed... VM software, recently installed programs, weird wallet behavior in the last few days, possibility of infected USB's...
randayh
Sr. Member
****
Offline Offline

Activity: 386
Merit: 250


View Profile WWW
May 02, 2015, 04:48:40 PM
 #147

Your running Windows? enough said...
bennybong
Hero Member
*****
Offline Offline

Activity: 682
Merit: 500



View Profile
May 02, 2015, 04:49:09 PM
 #148

Windows 7 and VMware from encrypted container running Ubuntu
Likely the problem is here, how good is the entropy of this encryption?

Pretty strong. i use truerypt
rokkyroad
Legendary
*
Offline Offline

Activity: 1091
Merit: 1000


View Profile
May 02, 2015, 04:51:17 PM
 #149

Always a good idea to use chkrootkit in linux installs. Install it, open a terminal, enter   sudo chkrootkit

It should show you anything suspicious.

" If you have to spam and shout to justify your existence then you are a shit coin."  TaunSew
jonald_fyookball
Legendary
*
Offline Offline

Activity: 1302
Merit: 1002


Core dev leaves me neg feedback #abuse #political


View Profile
May 02, 2015, 05:06:53 PM
 #150

Sorry to hear about it OP.

There's really no substitute for cold storage I guess.

Still, I have some coins in my online PC with electrum
and they are still there.

Like someone said, strange they were moved within a minute
of getting received...seems to be a clue.

Sarthak
Hero Member
*****
Offline Offline

Activity: 518
Merit: 501

Error 404: there seems to be nothing here.


View Profile
May 02, 2015, 05:12:23 PM
 #151

Mysterious theft! If you were an organization, I would have called it an "Insider Job" but you are an individual!
The hacker seems to be Genius! He got through such a secure computer system and hacked your wallet!
Why not try asking the hacker himself by sending a 0.0001 to his address and adding a public note on that transaction? Smiley

I'm really confused about this theft! How the hell did the hacker steal the coin?
Either the Hacker is a Genius or OP is trolling! (I don't mean I guarantee you are trolling)!

inBitweTrust
Hero Member
*****
Offline Offline

Activity: 658
Merit: 500



View Profile
May 02, 2015, 05:18:02 PM
 #152

I'm really confused about this theft! How the hell did the hacker steal the coin?
Either the Hacker is a Genius or OP is trolling! (I don't mean I guarantee you are trolling)!

Or he was compromised in one of many other ways we have been discussing. Just because someone doesn't think they were compromised in certain ways doesn't make it so. Its not like his coins were stored securely either. They were on a windows box, using an SPV client, and likely had pirated software. This doesn't constitute secure by any means.

bronan
Hero Member
*****
Offline Offline

Activity: 775
Merit: 500


Lazy Lurker Reads Alot


View Profile WWW
May 02, 2015, 05:18:17 PM
 #153

Or through the fake emails with so called offers and other crap which have an jar attached to steal anyones coins
I had hundreds of them and all get deleted before even reaching any of the people who open emails
There are so many ways people can infiltrate computers these days, even some alt-coins are released containing wallet stealers.
The list is darn long with the ways criminals have invented to steal.
I caught several mining trojans as well which where using the cpu/gpu of my friends computers

Sorry for your loss
Sarthak
Hero Member
*****
Offline Offline

Activity: 518
Merit: 501

Error 404: there seems to be nothing here.


View Profile
May 02, 2015, 05:20:46 PM
 #154

I'm really confused about this theft! How the hell did the hacker steal the coin?
Either the Hacker is a Genius or OP is trolling! (I don't mean I guarantee you are trolling)!

Or he was compromised in one of many other ways we have been discussing. Just because someone doesn't think they were compromised in certain ways doesn't make it so. Its not like his coins were stored securely either. They were on a windows box, using an SPV client, and likely had pirated software. This doesn't constitute secure by any means.

I am not a technical guy but as I read the thread whatever you guys ask OP gives a positive answer! Makes me think he stored it in a 100% secure way! But I am learning.. Nothing is perfect!

Quickseller
Copper Member
Legendary
*
Offline Offline

Activity: 1904
Merit: 1746



View Profile WWW
May 02, 2015, 05:24:34 PM
 #155

Well either way I'm fucked. Accepting donations to my sig.. Fuck my dignity. hah Sad

Based on the blockchain messages I would think that the hacker is likely reading this thread therefore I would suspect it was a more targeted attack as he likely knows the OP had an account here.
I think the chances are probably higher that the OP made the story up in order to try to get "donations". There are enough contradictions in this thread to suggest so.

The "hacker" only took funds from one address and having funds in only one address in an electrum wallet would be somewhat unusual, especially considering that change addresses are enabled by default.

Find the fire hydrant in my Avatar for a prize.
redsn0w
Legendary
*
Offline Offline

Activity: 1736
Merit: 1040


#Free market


View Profile
May 02, 2015, 05:27:19 PM
 #156

Well either way I'm fucked. Accepting donations to my sig.. Fuck my dignity. hah Sad

Based on the blockchain messages I would think that the hacker is likely reading this thread therefore I would suspect it was a more targeted attack as he likely knows the OP had an account here.
I think the chances are probably higher that the OP made the story up in order to try to get "donations". There are enough contradictions in this thread to suggest so.

The "hacker" only took funds from one address and having funds in only one address in an electrum wallet would be somewhat unusual, especially considering that change addresses are enabled by default.

He (the op) said :

can you send us a screenshot of your transaction log

Which one? From electrum? Or to electrum - because that came from an exchange.

Thanks

This is the transaction id: https://blockchain.info/it/tx/5cc872a7dc9bebb03290e9d537d57eba51056e764483a4f4ef4f6bc2bac66e0f

So I do not know if the OP is trolling or if he has really lost those bitcoins.

Quickseller
Copper Member
Legendary
*
Offline Offline

Activity: 1904
Merit: 1746



View Profile WWW
May 02, 2015, 05:29:27 PM
 #157

Well either way I'm fucked. Accepting donations to my sig.. Fuck my dignity. hah Sad

Based on the blockchain messages I would think that the hacker is likely reading this thread therefore I would suspect it was a more targeted attack as he likely knows the OP had an account here.
I think the chances are probably higher that the OP made the story up in order to try to get "donations". There are enough contradictions in this thread to suggest so.

The "hacker" only took funds from one address and having funds in only one address in an electrum wallet would be somewhat unusual, especially considering that change addresses are enabled by default.

He (the op) said :

can you send us a screenshot of your transaction log

Which one? From electrum? Or to electrum - because that came from an exchange.

Thanks

This is the transaction id: https://blockchain.info/it/tx/5cc872a7dc9bebb03290e9d537d57eba51056e764483a4f4ef4f6bc2bac66e0f

So I do not know if the OP is trolling or if he has really lost those bitcoins.


Well it is somewhat unusual to have exactly zero bitcoin in your wallet IMO. Generally speaking when you buy something you are not going to be spending exactly all of what you have

Find the fire hydrant in my Avatar for a prize.
Blazr
Hero Member
*****
Offline Offline

Activity: 882
Merit: 1001



View Profile
May 02, 2015, 05:34:00 PM
 #158

Well it is somewhat unusual to have exactly zero bitcoin in your wallet IMO. Generally speaking when you buy something you are not going to be spending exactly all of what you have

OP claims that he was transferring the funds from his bitcoin exchange into his brand new electrum wallet (that was my interpretation anyway) and that the funds were immediately sweeped into the hackers address.

I have no idea if he is lying or not, unless you trust the OP a lot you shouldn't donate as there is no way we can know if OP is telling the truth.

redsn0w
Legendary
*
Offline Offline

Activity: 1736
Merit: 1040


#Free market


View Profile
May 02, 2015, 05:35:07 PM
 #159

Well it is somewhat unusual to have exactly zero bitcoin in your wallet IMO. Generally speaking when you buy something you are not going to be spending exactly all of what you have

OP claims that he was transferring the funds from his bitcoin exchange into his brand new electrum wallet (that was my interpretation anyway) ...

Exactly, I have already quoted the post made by the OP. However this is a reply from ThomasV:


Sorry for your loss.

The fact that the coins were stolen immediately means that the hacker had your seed or your private key before the coins were sent to you;
he was probably running a script waiting for some coins to land on compromised or weak private keys.

One thing you can do is publish your seed; it does not make sense to keep it private anymore.


..and that the funds were immediately sweeped into the hackers address.

After 1 minute, it is not 'immediately' but he was 'very fast'.
Blazr
Hero Member
*****
Offline Offline

Activity: 882
Merit: 1001



View Profile
May 02, 2015, 05:37:52 PM
 #160

After 1 minute, it is not 'immediately' but he was 'very fast'.

Yes it usually takes about 1 minute for a transaction to propagate the network, so it took around a minute before the hackers PC knew the address had received money that it could steal.

Sarthak
Hero Member
*****
Offline Offline

Activity: 518
Merit: 501

Error 404: there seems to be nothing here.


View Profile
May 02, 2015, 05:43:12 PM
 #161

Well it is somewhat unusual to have exactly zero bitcoin in your wallet IMO. Generally speaking when you buy something you are not going to be spending exactly all of what you have

OP claims that he was transferring the funds from his bitcoin exchange into his brand new electrum wallet (that was my interpretation anyway) ...

Exactly, I have already quoted the post made by the OP. However this is a reply from ThomasV:


Sorry for your loss.

The fact that the coins were stolen immediately means that the hacker had your seed or your private key before the coins were sent to you;
he was probably running a script waiting for some coins to land on compromised or weak private keys.

One thing you can do is publish your seed; it does not make sense to keep it private anymore.


..and that the funds were immediately sweeped into the hackers address.

After 1 minute, it is not 'immediately' but he was 'very fast'.

Either it was the OP himself or it was someone monitoring OP very closely! Though he denies that people he know don't use bitcoins I think someone very close to him was behind this If his computer was as safe as he stated it here!

Amph
Legendary
*
Offline Offline

Activity: 2226
Merit: 1003



View Profile
May 02, 2015, 05:48:05 PM
 #162

Your running Windows? enough said...

ignorant statement, linux isn't so much better in term of virus and company, and it's not even about the SO here, it's the container apparently
Cinnob0n
Member
**
Offline Offline

Activity: 116
Merit: 10

-Credits (CRE) Miner/Enthusiast


View Profile
May 02, 2015, 06:29:10 PM
 #163

Ouch! Make sure to scan your PC.

▲▼▲▼▲▼▲▼  No.1 Bitcoin Binary Options and Double Dice  ▲▼▲▼▲▼▲▼
████████████████████████████████  sec◔nds trade  ████████████████████████████████
↑↓ Instant Bets ↑↓ Flexible 1~720 minutes Expiry time ↑↓ Highest Reward 190% ↑↓ 16 Assets [btc, forex, gold, 1% edge double dice] ↑↓
johnyj
Legendary
*
Offline Offline

Activity: 1848
Merit: 1000


Beyond Imagination


View Profile
May 02, 2015, 06:46:13 PM
 #164

Well it is somewhat unusual to have exactly zero bitcoin in your wallet IMO. Generally speaking when you buy something you are not going to be spending exactly all of what you have

OP claims that he was transferring the funds from his bitcoin exchange into his brand new electrum wallet (that was my interpretation anyway) and that the funds were immediately sweeped into the hackers address.

I have no idea if he is lying or not, unless you trust the OP a lot you shouldn't donate as there is no way we can know if OP is telling the truth.

That's not a brand new wallet:

I've had much more btc in that wallet in the past. And I only fire up my VM to check my electrum which isn't that often. WHY ME AND why now. This is bullshit!


johnyj
Legendary
*
Offline Offline

Activity: 1848
Merit: 1000


Beyond Imagination


View Profile
May 02, 2015, 06:51:46 PM
 #165

Windows 7 and VMware from encrypted container running Ubuntu
Likely the problem is here, how good is the entropy of this encryption?

I'm also wondering if the randomness of the key generation on a VM can be as good as physical machine

inBitweTrust
Hero Member
*****
Offline Offline

Activity: 658
Merit: 500



View Profile
May 02, 2015, 07:06:56 PM
 #166

Windows 7 and VMware from encrypted container running Ubuntu
Likely the problem is here, how good is the entropy of this encryption?

I'm also wondering if the randomness of the key generation on a VM can be as good as physical machine

It isn't and neither is the entropy generated from a live linux cd either... but it would still be a very rare and odd attack because enough entropy is typically realized.  

Quickseller
Copper Member
Legendary