bennybong (OP)
|
|
May 03, 2015, 09:17:06 AM |
|
It goes without saying then that I'm screwed, and now broke Sad Can't believe it. Time after time I've been scammed by vapourware or delays. Never been robbed straight up from my wallet Donations welcome Help a 'hero' out!
|
|
|
|
redsn0w
Legendary
Offline
Activity: 1778
Merit: 1043
#Free market
|
|
May 03, 2015, 09:26:15 AM |
|
It goes without saying then that I'm screwed, and now broke Sad Can't believe it. Time after time I've been scammed by vapourware or delays. Never been robbed straight up from my wallet Donations welcome Help a 'hero' out! I don't think you will receive any donation from the forum users, because it seems really strange from you.
|
|
|
|
Blazr
|
|
May 03, 2015, 09:32:16 AM |
|
There is an attack vector where your machine could get corrupted while online and then use pre-determined random numbers or a set of seeds known to an attacker. So at that point it doesn't matter if the machine is offline, the attacker caused the victim to unwittingly use a known seed/private key which the attack is monitoring.
Note that you could mitigate this attack by rolling dice or flipping coins which the ultra-paranoid should be doing anyway.
Bitcoin clients still need to generate a random R value when creating a transaction, and if that isn't random then it can allow an attacker to recover your private key. Thus, while using real-world entropy to generate your private keys is a good idea, be aware that your client still uses an RNG when signing and if it is weak you can easily lose coins. This risk will be mitigated once more Bitcoin clients have support for deterministic R values. I checked OP's transaction and it doesn't appear that this was the case this time.
|
|
|
|
ThomasV
Moderator
Legendary
Offline
Activity: 1896
Merit: 1353
|
|
May 03, 2015, 09:47:37 AM |
|
Bitcoin clients still need to generate a random R value when creating a transaction, and if that isn't random then it can allow an attacker to recover your private key. Thus, while using real-world entropy to generate your private keys is a good idea, be aware that your client still uses an RNG when signing and if it is weak you can easily lose coins. This risk will be mitigated once more Bitcoin clients have support for deterministic R values. I checked OP's transaction and it doesn't appear that this was the case this time.
That is not the case here; Electrum uses deterministic signatures (RFC6979). The only way a weak RNG could be exploited is for the generation of the seed.
|
Electrum: the convenience of a web wallet, without the risks
|
|
|
bennybong (OP)
|
|
May 03, 2015, 10:06:34 AM |
|
It goes without saying then that I'm screwed, and now broke Sad Can't believe it. Time after time I've been scammed by vapourware or delays. Never been robbed straight up from my wallet Donations welcome Help a 'hero' out! I don't think you will receive any donation from the forum users, because it seems really strange from you. No me neither. Got nothing to lose though. I'm an honest guy I just really hope people don't think I'm making this up. I am just a small time bitcoin user with a roof over my head and place to rest my head. So I'm lucky in that respect. If anyone should be asking for donations it should be the poor souls in Nepal that really really need donations. Just wish I hadn't lost all of bitcoin is all!
|
|
|
|
virtualx
|
|
May 03, 2015, 10:53:57 AM |
|
I think you have a trojan on your machine. The blockchain record has the message: 13GrQ46YQ3x3fp1p5eHrPKSsMaxjDY9VwC (YoUr MyStErIoUs ThIeF lolz) 0.92329 BTC The thief transfers to 13GrQ46YQ3x3fp1p5eHrPKSsMaxjDY9VwC -> 1FpsRjQXFgiGzLNwyb2UC7bDNkj99xwdnf -> 14GhadwWV4uaoxWZcNrnU3zWkTrtHbCF2T.
|
...loteo...
DIGITAL ERA LOTTERY | ║ ║ ║ | | r | ▄▄███████████▄▄ ▄███████████████████▄ ▄███████████████████████▄ ▄██████████████████████████▄ ▄██ ███████▌ ▐██████████████▄ ▐██▌ ▐█▀ ▀█ ▐█▀ ▀██▀ ▀██▌ ▐██ █▌ █▌ ██ ██▌ ██▌ █▌ █▌ ██▌ ▐█▌ ▐█ ▐█ ▐█▌ ▐██ ▄▄▄██ ▐█ ▐██▌ ▐█ ██▄ ▄██ █▄ ██▄ ▄███▌ ▀████████████████████████████▀ ▀██████████████████████████▀ ▀███████████████████████▀ ▀███████████████████▀ ▀▀███████████▀▀
| r | | ║ ║ ║ | RPLAY NOWR
BE A MOON VISITOR! |
[/center]
|
|
|
redsn0w
Legendary
Offline
Activity: 1778
Merit: 1043
#Free market
|
|
May 03, 2015, 10:56:55 AM |
|
It goes without saying then that I'm screwed, and now broke Sad Can't believe it. Time after time I've been scammed by vapourware or delays. Never been robbed straight up from my wallet Donations welcome Help a 'hero' out! I don't think you will receive any donation from the forum users, because it seems really strange from you. No me neither. Got nothing to lose though. I'm an honest guy I just really hope people don't think I'm making this up. I am just a small time bitcoin user with a roof over my head and place to rest my head. So I'm lucky in that respect. If anyone should be asking for donations it should be the poor souls in Nepal that really really need donations. Just wish I hadn't lost all of bitcoin is all! However I suggest you to pubblic your seed (as ThomasV said previously in his post). So the electrum team can investigate, but I do not think it is an electrum problem (at 99% is a 'machine' problem). Have you checked your computer? A complete check.
For the question of donation, I think if it is (was) an electrum error ... ThomasV will repay you (why not?).
|
|
|
|
|
Sarthak
|
|
May 03, 2015, 12:53:12 PM |
|
Don't even bother tracking! He will mix it soon or he already mixed it
|
|
|
|
bennybong (OP)
|
|
May 03, 2015, 01:09:58 PM |
|
Fuck sake. I sold my gopro to buy those coins. Unbelievable!
|
|
|
|
tokeweed
Legendary
Offline
Activity: 4004
Merit: 1436
Life, Love and Laughter...
|
|
May 03, 2015, 01:22:57 PM |
|
So is this a flaw in Electrum?
|
|
|
|
R |
▀▀▀▀▀▀▀██████▄▄ ████████████████ ▀▀▀▀█████▀▀▀█████ ████████▌███▐████ ▄▄▄▄█████▄▄▄█████ ████████████████ ▄▄▄▄▄▄▄██████▀▀ | LLBIT | | | 4,000+ GAMES███████████████████ ██████████▀▄▀▀▀████ ████████▀▄▀██░░░███ ██████▀▄███▄▀█▄▄▄██ ███▀▀▀▀▀▀█▀▀▀▀▀▀███ ██░░░░░░░░█░░░░░░██ ██▄░░░░░░░█░░░░░▄██ ███▄░░░░▄█▄▄▄▄▄████ ▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀ | █████████ ▀████████ ░░▀██████ ░░░░▀████ ░░░░░░███ ▄░░░░░███ ▀█▄▄▄████ ░░▀▀█████ ▀▀▀▀▀▀▀▀▀ | █████████ ░░░▀▀████ ██▄▄▀░███ █░░█▄░░██ ░████▀▀██ █░░█▀░░██ ██▀▀▄░███ ░░░▄▄████ ▀▀▀▀▀▀▀▀▀ |
| | | ██░░░░░░░░░░░░░░░░░░░░░░██ ▀█▄░▄▄░░░░░░░░░░░░▄▄░▄█▀ ▄▄███░░░░░░░░░░░░░░███▄▄ ▀░▀▄▀▄░░░░░▄▄░░░░░▄▀▄▀░▀ ▄▄▄▄▄▀▀▄▄▀▀▄▄▄▄▄ █░▄▄▄██████▄▄▄░█ █░▀▀████████▀▀░█ █░█▀▄▄▄▄▄▄▄▄██░█ █░█▀████████░█ █░█░██████░█ ▀▄▀▄███▀▄▀ ▄▀▄▀▄▄▄▄▀▄▀▄ ██▀░░░░░░░░▀██ | | | | | | | . ▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄ ░▀▄░▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄░▄▀ ███▀▄▀█████████████████▀▄▀ █████▀▄░▄▄▄▄▄███░▄▄▄▄▄▄▀ ███████▀▄▀██████░█▄▄▄▄▄▄▄▄ █████████▀▄▄░███▄▄▄▄▄▄░▄▀ ████████████░███████▀▄▀ ████████████░██▀▄▄▄▄▀ ████████████░▀▄▀ ████████████▄▀ ███████████▀ | ▄▄███████▄▄ ▄████▀▀▀▀▀▀▀████▄ ▄███▀▄▄███████▄▄▀███▄ ▄██▀▄█▀▀▀█████▀▀▀█▄▀██▄ ▄██▀▄██████▀████░███▄▀██▄ ███░█████████▀██░████░███ ███░████░█▄████▀░████░███ ███░████░███▄████████░███ ▀██▄▀███░█████▄█████▀▄██▀ ▀██▄▀█▄▄▄██████▄██▀▄██▀ ▀███▄▀▀███████▀▀▄███▀ ▀████▄▄▄▄▄▄▄████▀ ▀▀███████▀▀ | | OFFICIAL PARTNERSHIP FAZE CLAN SSC NAPOLI | | |
|
|
|
redsn0w
Legendary
Offline
Activity: 1778
Merit: 1043
#Free market
|
|
May 03, 2015, 01:29:18 PM |
|
So is this a flaw in Electrum?
We will never know if it is a fault 'by electrum' or a computer problem... but the OP said: I've already deleted that wallet, cleared it out and shredded it. Shit. Is there anyway to retrieve it?
When ThomasV asked the seed for a check.
|
|
|
|
|
Sarthak
|
|
May 03, 2015, 01:56:08 PM |
|
He said he "shredded" it! It cannot be recovered! Shredding Files deletes it permanently and cant be recovered!
|
|
|
|
unamis76
Legendary
Offline
Activity: 1512
Merit: 1010
|
|
May 03, 2015, 02:52:46 PM |
|
The coins have been joined in an address with similar small inputs and then passed through addresses with more coins, they have probably been mixed/are being mixed. I bet this is some new malware that's being widespread. Too bad OP shredded everything, otherwise we have many security experts around that could have analysed the system...
|
|
|
|
btchris
|
|
May 03, 2015, 02:54:47 PM |
|
He said he "shredded" it! It cannot be recovered! Shredding Files deletes it permanently and cant be recovered! Even if he did, that doesn't mean his seed is definitely unrecoverable as you imply. Electrum, until recently, truncated the wallet file before writing to it for each wallet save. This could leave the (possibly encrypted) seed in multiple blocks on the drive, depending on how often Electrum saved the wallet file, even if he shredded it. (Newer versions of Electrum create a new wallet file, and then unlink the old one, again leaving the seed in potentially multiple blocks). MZ's questions are good ones.
|
|
|
|
Sarthak
|
|
May 03, 2015, 03:07:31 PM |
|
He said he "shredded" it! It cannot be recovered! Shredding Files deletes it permanently and cant be recovered! Even if he did, that doesn't mean his seed is definitely unrecoverable as you imply. Electrum, until recently, truncated the wallet file before writing to it for each wallet save. This could leave the (possibly encrypted) seed in multiple blocks on the drive, depending on how often Electrum saved the wallet file, even if he shredded it. (Newer versions of Electrum create a new wallet file, and then unlink the old one, again leaving the seed in potentially multiple blocks). MZ's questions are good ones. Sorry But I am not a technical guy and I didn't get what you said Anyway, "Shred"="Permanently Delete"! That's what I have heard till now! If that can be recovered either I am using an outdated technology or you are using a new one
|
|
|
|
btchris
|
|
May 03, 2015, 03:24:06 PM |
|
Even if he did, that doesn't mean his seed is definitely unrecoverable as you imply.
Electrum, until recently, truncated the wallet file before writing to it for each wallet save. This could leave the (possibly encrypted) seed in multiple blocks on the drive, depending on how often Electrum saved the wallet file, even if he shredded it. (Newer versions of Electrum create a new wallet file, and then unlink the old one, again leaving the seed in potentially multiple blocks).
MZ's questions are good ones.
Sorry But I am not a technical guy and I didn't get what you said Anyway, "Shred"="Permanently Delete"! That's what I have heard till now! If that can be recovered either I am using an outdated technology or you are using a new one In other words, whenever Electrum saves the wallet file, it does a normal delete, and then creates a new wallet file. If OP shredded his wallet file, he only shredded that most recently saved file. Other older copies of the wallet, as deleted by Electrum, might still be on the drive somewhere.
|
|
|
|
Sarthak
|
|
May 03, 2015, 03:39:09 PM |
|
In other words, whenever Electrum saves the wallet file, it does a normal delete, and then creates a new wallet file. If OP shredded his wallet file, he only shredded that most recently saved file. Other older copies of the wallet, as deleted by Electrum, might still be on the drive somewhere.
OK! Now I get it! But OP told he is very tech savvy how come he didn't knew about this? You have the capacity to make a hard thing easy to understand
|
|
|
|
Blazr
|
|
May 03, 2015, 04:32:54 PM |
|
By the way, looks like this wasn't the first time OP said he got hacked: https://bitcointalk.org/index.php?topic=202087.0Umm.... something suspicious is going on here methinks. Here is a post he made another time his account got hacked: The original minerd code is actually fine. You do have to realize that most antiviruses will flag it as a virus because of Botnet operators.
OP and second post seem to have downloaded minerd that was modified for YAC. If the source code wasn't posted, you shouldn't have downloaded it. Look into compiling source code yourself instead of downloading pre-compiled binaries. ALWAYS CHECK if source code is available.
Could you provide a link to the miner file you downloaded? The bitcointalk thread would be best. It appears as if whoever wrote that code (potentially YAC founder) did it to promote his coin. Did you guys look at the posts that were made to see what they said? Are they promoting the hell out of the coin?
TBH there's not a lot anyone could get from this PC and I am pretty reckless with this machine I'll admit! New installs are a regular occurrence.... Of course I was stupid to download those binaries, it's that whole human nature (greed) thing ya know?
|
|
|
|
|