amiryaqot
Legendary
Offline
Activity: 1050
Merit: 1000
|
|
May 02, 2015, 11:14:02 AM |
|
yes that is very strange to see this kind of transaction, sorry to see this one, how this hacker was quick in this transaction just delay of 1 minute ?
|
|
|
|
bennybong (OP)
|
|
May 02, 2015, 11:15:26 AM |
|
Can't find any evidence of an infection. I use VPN on my VM, can't figure this out
|
|
|
|
shadobitz
|
|
May 02, 2015, 11:16:35 AM |
|
Could something be wrong with Electrum?
It's doubtful. It's quite common for hackers to immediately sweep funds out of addressess. This happens very often with weak brainwallets, once the funds are transferred in they are drained within seconds. I suspect the OP may have imported the address into electrum, or may have restored his wallet using a weak seed or such. i think so really socking to see this one, another transaction made within few seconds..
|
|
|
|
bennybong (OP)
|
|
May 02, 2015, 11:17:26 AM |
|
I've had much more btc in that wallet in the past. And I only fire up my VM to check my electrum which isn't that often. WHY ME AND why now. This is bullshit!
|
|
|
|
redsn0w
Legendary
Offline
Activity: 1778
Merit: 1043
#Free market
|
|
May 02, 2015, 11:18:45 AM |
|
.... yes that is very strange to see this kind of transaction, sorry to see this one, how this hacker was quick in this transaction just delay of 1 minute ? I do not know, it is really strange. I've had much more btc in that wallet in the past. And I only fire up my VM to check my electrum which isn't that often. WHY ME AND why now. This is bullshit!
Have you downloaded something of strange in the past days/weeks?
|
|
|
|
Light
|
|
May 02, 2015, 11:19:34 AM |
|
Can't find any evidence of an infection. I use VPN on my VM, can't figure this out What AV software are you using if I may ask? Have you used this specific Electrum wallet before (or any other addresses from the same seed)? Did you access the wallet before the funds were stolen - or were they just taken immediately after an initial deposit? A VPN wouldn't really help you in terms of security for this kind of thing - more useful for privacy and anonymity.
|
|
|
|
Kprawn
Legendary
Offline
Activity: 1904
Merit: 1074
|
|
May 02, 2015, 11:22:39 AM |
|
It's too weird to be explained... It's as if it was a automated action. There is about a 1 minute delay between the 2 transactions. What is the chances of someone sitting and waiting for you to make transactions to steal it immediately? It's also a single use address... and it would most probably be mixed too.. so you stuffed, if it was not a electrum screw up.
|
|
|
|
S4VV4S
|
|
May 02, 2015, 11:26:44 AM |
|
Sorry to ask but I only use Bitcoin Core.
Is Electrum like Brainwallet?
Because if it is then you should know that there is people constantly running brute force apps and waiting for a transaction to take place, then snatch the coins to their own wallet.
There was a post about this someweher in the forums.
Search for Brainwalet hacking and you will find it.
|
|
|
|
roslinpl
Legendary
Offline
Activity: 2212
Merit: 1199
|
|
May 02, 2015, 11:27:48 AM |
|
I've had much more btc in that wallet in the past. And I only fire up my VM to check my electrum which isn't that often. WHY ME AND why now. This is bullshit!
There must be a reason why this happens. I don't know why you and why now, but for some reason your machine was compromised and it's perhaps your fault of not keeping your security at high level. I am really sorry for your lost. But there is nothing you can do now. But what you need to do is: -format the drives from the machine where your Electrum was installed and coins were stolen. -use high standard antimalware, antivirus apps. -never open suspicious links -follow other security steps to keep your bitcoins safe. Also you can keep an eye on 13GrQ46YQ3x3fp1p5eHrPKSsMaxjDY9VwC - only a little chance that you will be able to track those coins but worth a try. Best regards.
|
|
|
|
boopy265420
Legendary
Offline
Activity: 1876
Merit: 1005
|
|
May 02, 2015, 11:28:38 AM |
|
It's too weird to be explained... It's as if it was a automated action. There is about a 1 minute delay between the 2 transactions. What is the chances of someone sitting and waiting for you to make transactions to steal it immediately? It's also a single use address... and it would most probably be mixed too.. so you stuffed, if it was not a electrum screw up. Sorry for your loss and second yeah this is very strange that all this just happened so quick as someone was waiting but this is not very big amount. This is warning for others to take some extra security measure to keep their funds save. This is good at least others will be more active in future.
|
|
|
|
bennybong (OP)
|
|
May 02, 2015, 11:32:39 AM |
|
.... yes that is very strange to see this kind of transaction, sorry to see this one, how this hacker was quick in this transaction just delay of 1 minute ? I do not know, it is really strange. Have you downloaded something of strange in the past days/weeks? No I download a lot of software and I know a scam/trojan link when I see one Can't find any evidence of an infection. I use VPN on my VM, can't figure this out What AV software are you using if I may ask? Have you used this specific Electrum wallet before (or any other addresses from the same seed)? Did you access the wallet before the funds were stolen - or were they just taken immediately after an initial deposit? A VPN wouldn't really help you in terms of security for this kind of thing - more useful for privacy and anonymity. Yes I've used the same electrum wallet before but not much. Oh and I use Avira, MS essential and Malwarebytes. I keep my Computers in order don't you worry
|
|
|
|
dhimasnk
|
|
May 02, 2015, 11:32:50 AM |
|
this is one thing that is feared by users bitcoin, bitcoin loss caused by hackers. Hopefully there are no cases like this again
|
|
|
|
redsn0w
Legendary
Offline
Activity: 1778
Merit: 1043
#Free market
|
|
May 02, 2015, 11:33:25 AM |
|
Sorry to ask but I only use Bitcoin Core.
Is Electrum like Brainwallet?
Because if it is then you should know that there is people constantly running brute force apps and waiting for a transaction to take place, then snatch the coins to their own wallet.
There was a post about this someweher in the forums.
Search for Brainwalet hacking and you will find it.
No, electrum is really different from the Brainwallet. The first one uses a seed of 12 words so it is really impossible to bruteforce it, instead the second one use only a password. I am still thinking that it was a computer problem. OP can you explain again if you have stored the seed in some .txt file on the pc?
|
|
|
|
bennybong (OP)
|
|
May 02, 2015, 11:35:19 AM |
|
Sorry to ask but I only use Bitcoin Core.
Is Electrum like Brainwallet?
Because if it is then you should know that there is people constantly running brute force apps and waiting for a transaction to take place, then snatch the coins to their own wallet.
There was a post about this someweher in the forums.
Search for Brainwalet hacking and you will find it.
No, electrum is really different from the Brainwallet. The first one uses a seed of 12 words so it is really impossible to bruteforce it, instead the second one use only a password. I am still thinking that it was a computer problem. OP can you explain again if you have stored the seed in some .txt file on the pc? I store the seed in a truecrypt vault. In the past I haven't even bothered saving the seed for security reason. I jut backup my Private keys - which are encrypted And the password on the wallet is not used anywhere else.
|
|
|
|
hellyeah
Member
Offline
Activity: 98
Merit: 10
|
|
May 02, 2015, 11:43:05 AM |
|
I am sorry for your loss bro.
Did anyone else have access to your PC?
|
|
|
|
Blazr
|
|
May 02, 2015, 11:47:48 AM |
|
What operating system were you running on the VM?
And what software were you using for that?
|
|
|
|
Amph
Legendary
Offline
Activity: 3248
Merit: 1070
|
|
May 02, 2015, 11:48:08 AM Last edit: May 02, 2015, 12:31:03 PM by Amph |
|
I've had much more btc in that wallet in the past. And I only fire up my VM to check my electrum which isn't that often. WHY ME AND why now. This is bullshit!
have you downloaded something suspicious yesterday or some time ago?, what is the last thing you downloaded?
|
|
|
|
Remember remember the 5th of November
Legendary
Offline
Activity: 1862
Merit: 1011
Reverse engineer from time to time
|
|
May 02, 2015, 11:52:25 AM |
|
A VM tries to keep bad stuff in, if the virus had infected your PC, doesn't matter if you were using a VM, however it would have to know and handle the fact that there is a VM.
|
BTC:1AiCRMxgf1ptVQwx6hDuKMu4f7F27QmJC2
|
|
|
Blazr
|
|
May 02, 2015, 11:54:46 AM |
|
A VM tries to keep bad stuff in, if the virus had infected your PC, doesn't matter if you were using a VM, however it would have to know and handle the fact that there is a VM.
There can also be issues with VM's and poor entropy, it's much less secure to put your wallet in a VM in some cases. OP, what operating system did you run in the VM? and what software did you use for it?
|
|
|
|
bennybong (OP)
|
|
May 02, 2015, 11:55:27 AM |
|
No I don't download anything suspicious. The last thing I downloaded was a new driver for my soundcard - from the official website
|
|
|
|
|