Quickseller
Copper Member
Legendary
Offline
Activity: 2982
Merit: 2371
|
|
May 03, 2015, 04:36:03 PM |
|
It looks like in that case his account was hacked, but no money was stolen. That could have been another attempt to get attention I would think it would be unlikely that the account would both get hacked and recovered inside of ~7 hours (the time between the OP was made in that thread and the time it was last edited).
|
|
|
|
ThomasV
Moderator
Legendary
Offline
Activity: 1896
Merit: 1353
|
|
May 03, 2015, 04:46:41 PM |
|
So is this a flaw in Electrum?
I don't think so. There are too many inconsistencies in this story. - The thief targets a small wallet (0.92 btc), and tags his transaction with "3lectrum Fail" on blockchain.info. A real a thief in possession of an exploit would target large wallets first, and he would try not to attract attention on his exploit. - The OP ignores my first request to publish his seed, but calls for donations instead. - On my second request, the OP says that he is concerned about the security implications of disclosing his seed, which suggests that he still has the seed, or believes he has it. However, less than one hour later, he said that he has deleted (and even shredded!) the file containing it. - When I asked the OP if he has paper backup of his seed, he says he has none. Yet, in one of his first posts he said "That's ll the btc I had" - The OP claims to be "very tech savvy". However, he deletes his wallet file, preventing further investigation. A tech savvy person would not destroy evidence just after being hacked. So, either the OP made up that story, or he has no clue about security.
|
Electrum: the convenience of a web wallet, without the risks
|
|
|
Sarthak
|
|
May 03, 2015, 05:01:47 PM |
|
So is this a flaw in Electrum?
I don't think so. There are too many inconsistencies in this story. - The thief targets a small wallet (0.92 btc), and tags his transaction with "3lectrum Fail" on blockchain.info. A real a thief in possession of an exploit would target large wallets first, and he would try not to attract attention on his exploit. - The OP ignores my first request to publish his seed, but calls for donations instead. - On my second request, the OP says that he is concerned about the security implications of disclosing his seed, which suggests that he still has the seed, or believes he has it. However, less than one hour later, he said that he has deleted (and even shredded!) the file containing it. - When I asked the OP if he has paper backup of his seed, he says he has none. Yet, in one of his first posts he said "That's ll the btc I had" - The OP claims to be "very tech savvy". However, he deletes his wallet file, preventing further investigation. A tech savvy person would not destroy evidence just after being hacked. So, either the OP made up that story, or he has no clue about security. His activity seem fishy! Seems like a pretty well made story! BTW btcchris told me seeds can still be recovered! Isnt that true?
|
|
|
|
jonald_fyookball
Legendary
Offline
Activity: 1302
Merit: 1008
Core dev leaves me neg feedback #abuse #political
|
|
May 03, 2015, 07:29:32 PM |
|
So is this a flaw in Electrum?
I don't think so. There are too many inconsistencies in this story. - The thief targets a small wallet (0.92 btc), and tags his transaction with "3lectrum Fail" on blockchain.info. A real a thief in possession of an exploit would target large wallets first, and he would try not to attract attention on his exploit. - The OP ignores my first request to publish his seed, but calls for donations instead. - On my second request, the OP says that he is concerned about the security implications of disclosing his seed, which suggests that he still has the seed, or believes he has it. However, less than one hour later, he said that he has deleted (and even shredded!) the file containing it. - When I asked the OP if he has paper backup of his seed, he says he has none. Yet, in one of his first posts he said "That's ll the btc I had" - The OP claims to be "very tech savvy". However, he deletes his wallet file, preventing further investigation. A tech savvy person would not destroy evidence just after being hacked. So, either the OP made up that story, or he has no clue about security. His activity seem fishy! Seems like a pretty well made story! BTW btcchris told me seeds can still be recovered! Isnt that true? Thomas, your genius never fails to delight Sarthak, If you have an unencrypted wallet file, you can recover the seed but I think you would need to convert the raw data to a human-readable seed. I also wrote a script where you can brute force the seed if you know one of the first addresses and had just one of the words in the seed written down incorrectly.
|
|
|
|
fryarminer
|
|
May 04, 2015, 12:28:05 AM |
|
Hey OP, what does "SWX" mean? Does it mean anything to you? 3lectruM fail. More2come SWX aLL bTc in my handz SWX
hey so now that all this is resolved and stuff, can you tell me what SWX means? :p
|
|
|
|
Sarthak
|
|
May 04, 2015, 03:26:31 AM |
|
hey so now that all this is resolved and stuff, can you tell me what SWX means? :p
Try replacing the "W" with E and you'll get it Sarthak, If you have an unencrypted wallet file, you can recover the seed but I think you would need to convert the raw data to a human-readable seed.
I also wrote a script where you can brute force the seed if you know one of the first addresses and had just one of the words in the seed written down incorrectly.
Well I am not a technical guy and didn't really understand seed,encryption and hashing things! Give the script to OP! maybe it helps
|
|
|
|
jonald_fyookball
Legendary
Offline
Activity: 1302
Merit: 1008
Core dev leaves me neg feedback #abuse #political
|
|
May 04, 2015, 03:29:54 AM |
|
hey so now that all this is resolved and stuff, can you tell me what SWX means? :p
Try replacing the "W" with E and you'll get it Sarthak, If you have an unencrypted wallet file, you can recover the seed but I think you would need to convert the raw data to a human-readable seed.
I also wrote a script where you can brute force the seed if you know one of the first addresses and had just one of the words in the seed written down incorrectly.
Well I am not a technical guy and didn't really understand seed,encryption and hashing things! Give the script to OP! maybe it helps there's no script that gets your coins back from a thief (assuming story is true which is questionable)
|
|
|
|
Sarthak
|
|
May 04, 2015, 03:34:36 AM |
|
there's no script that gets your coins back from a thief (assuming story is true which is questionable)
No! I understand Bitcoin transactions cannot be reversed! I meant to say that even though the coins cannot be pushed back maybe the seed can be recovered with the script
|
|
|
|
jonald_fyookball
Legendary
Offline
Activity: 1302
Merit: 1008
Core dev leaves me neg feedback #abuse #political
|
|
May 04, 2015, 03:36:26 AM |
|
there's no script that gets your coins back from a thief (assuming story is true which is questionable)
No! I understand Bitcoin transactions cannot be reversed! I meant to say that even though the coins cannot be pushed back maybe the seed can be recovered with the script if he deleted the wallet file and can't remember most of it, it's lost, and not that valuable now that the theft has occurred except for research.
|
|
|
|
bennybong (OP)
|
|
May 04, 2015, 07:28:05 AM |
|
By the way, looks like this wasn't the first time OP said he got hacked: https://bitcointalk.org/index.php?topic=202087.0Umm.... something suspicious is going on here methinks. Here is a post he made another time his account got hacked: The original minerd code is actually fine. You do have to realize that most antiviruses will flag it as a virus because of Botnet operators.
OP and second post seem to have downloaded minerd that was modified for YAC. If the source code wasn't posted, you shouldn't have downloaded it. Look into compiling source code yourself instead of downloading pre-compiled binaries. ALWAYS CHECK if source code is available.
Could you provide a link to the miner file you downloaded? The bitcointalk thread would be best. It appears as if whoever wrote that code (potentially YAC founder) did it to promote his coin. Did you guys look at the posts that were made to see what they said? Are they promoting the hell out of the coin?
TBH there's not a lot anyone could get from this PC and I am pretty reckless with this machine I'll admit! New installs are a regular occurrence.... Of course I was stupid to download those binaries, it's that whole human nature (greed) thing ya know? Different PC, and my bitcointalk account was compromised through a session hijack. It's just got used to spam the hell out of the forum :/ This computer I'm using at the moment is very secure. Please stop trying to taint my name. I respect this community and i'll be damned if you start calling me a scammer!
|
|
|
|
bennybong (OP)
|
|
May 04, 2015, 07:32:11 AM |
|
So is this a flaw in Electrum?
I don't think so. There are too many inconsistencies in this story. - The thief targets a small wallet (0.92 btc), and tags his transaction with "3lectrum Fail" on blockchain.info. A real a thief in possession of an exploit would target large wallets first, and he would try not to attract attention on his exploit. - The OP ignores my first request to publish his seed, but calls for donations instead. - On my second request, the OP says that he is concerned about the security implications of disclosing his seed, which suggests that he still has the seed, or believes he has it. However, less than one hour later, he said that he has deleted (and even shredded!) the file containing it. - When I asked the OP if he has paper backup of his seed, he says he has none. Yet, in one of his first posts he said "That's ll the btc I had" - The OP claims to be "very tech savvy". However, he deletes his wallet file, preventing further investigation. A tech savvy person would not destroy evidence just after being hacked. So, either the OP made up that story, or he has no clue about security. Think what you will. Never thought I'd be on receiving end of this notorious witch hunting Thanks
|
|
|
|
btchris
|
|
May 04, 2015, 12:26:10 PM |
|
No! I understand Bitcoin transactions cannot be reversed! I meant to say that even though the coins cannot be pushed back maybe the seed can be recovered with the script if he deleted the wallet file and can't remember most of it, it's lost, and not that valuable now that the theft has occurred except for research. I agree with the latter half of your statement, but not the former. Please read this earlier post....
|
|
|
|
dsattler
Legendary
Offline
Activity: 924
Merit: 1000
|
|
June 24, 2015, 03:40:14 PM |
|
So is this a flaw in Electrum?
I don't think so. There are too many inconsistencies in this story. - The thief targets a small wallet (0.92 btc), and tags his transaction with "3lectrum Fail" on blockchain.info. A real a thief in possession of an exploit would target large wallets first, and he would try not to attract attention on his exploit. - The OP ignores my first request to publish his seed, but calls for donations instead. - On my second request, the OP says that he is concerned about the security implications of disclosing his seed, which suggests that he still has the seed, or believes he has it. However, less than one hour later, he said that he has deleted (and even shredded!) the file containing it. - When I asked the OP if he has paper backup of his seed, he says he has none. Yet, in one of his first posts he said "That's ll the btc I had" - The OP claims to be "very tech savvy". However, he deletes his wallet file, preventing further investigation. A tech savvy person would not destroy evidence just after being hacked. So, either the OP made up that story, or he has no clue about security. Maybe this is related to the fake electrum website: https://bitcointalk.org/index.php?topic=1098340.msg11702869#msg11702869
|
Bitcointalk member since 2013!
|
|
|
unamis76
Legendary
Offline
Activity: 1512
Merit: 1012
|
|
June 25, 2015, 04:27:39 PM |
|
So is this a flaw in Electrum?
I don't think so. There are too many inconsistencies in this story. - The thief targets a small wallet (0.92 btc), and tags his transaction with "3lectrum Fail" on blockchain.info. A real a thief in possession of an exploit would target large wallets first, and he would try not to attract attention on his exploit. - The OP ignores my first request to publish his seed, but calls for donations instead. - On my second request, the OP says that he is concerned about the security implications of disclosing his seed, which suggests that he still has the seed, or believes he has it. However, less than one hour later, he said that he has deleted (and even shredded!) the file containing it. - When I asked the OP if he has paper backup of his seed, he says he has none. Yet, in one of his first posts he said "That's ll the btc I had" - The OP claims to be "very tech savvy". However, he deletes his wallet file, preventing further investigation. A tech savvy person would not destroy evidence just after being hacked. So, either the OP made up that story, or he has no clue about security. Maybe this is related to the fake electrum website: https://bitcointalk.org/index.php?topic=1098340.msg11702869#msg11702869It most likely is... Seems that the website has been around longer than we thought. The theif has also been getting quite a bit of Bitcoins, judging by his addresses balances.
|
|
|
|
dsattler
Legendary
Offline
Activity: 924
Merit: 1000
|
|
June 25, 2015, 10:21:36 PM |
|
So is this a flaw in Electrum?
I don't think so. There are too many inconsistencies in this story. - The thief targets a small wallet (0.92 btc), and tags his transaction with "3lectrum Fail" on blockchain.info. A real a thief in possession of an exploit would target large wallets first, and he would try not to attract attention on his exploit. - The OP ignores my first request to publish his seed, but calls for donations instead. - On my second request, the OP says that he is concerned about the security implications of disclosing his seed, which suggests that he still has the seed, or believes he has it. However, less than one hour later, he said that he has deleted (and even shredded!) the file containing it. - When I asked the OP if he has paper backup of his seed, he says he has none. Yet, in one of his first posts he said "That's ll the btc I had" - The OP claims to be "very tech savvy". However, he deletes his wallet file, preventing further investigation. A tech savvy person would not destroy evidence just after being hacked. So, either the OP made up that story, or he has no clue about security. Maybe this is related to the fake electrum website: https://bitcointalk.org/index.php?topic=1098340.msg11702869#msg11702869It most likely is... Seems that the website has been around longer than we thought. The theif has also been getting quite a bit of Bitcoins, judging by his addresses balances. Yes I think so: the latest download version on the fake site was 2.2!
|
Bitcointalk member since 2013!
|
|
|
unamis76
Legendary
Offline
Activity: 1512
Merit: 1012
|
|
June 26, 2015, 06:36:09 PM |
|
It would be really nice if the OP could clarify if this was the case. I'm actually pretty curious, this thread drew quite a lot of attention...
|
|
|
|
Muhammed Zakir
|
|
June 26, 2015, 06:45:01 PM |
|
It would be really nice if the OP could clarify if this was the case. I'm actually pretty curious, this thread drew quite a lot of attention...
This was most probably a fake story or OP is not what he claims to be. ThomasV summed it up well. So is this a flaw in Electrum?
I don't think so. There are too many inconsistencies in this story. - The thief targets a small wallet (0.92 btc), and tags his transaction with "3lectrum Fail" on blockchain.info. A real a thief in possession of an exploit would target large wallets first, and he would try not to attract attention on his exploit. - The OP ignores my first request to publish his seed, but calls for donations instead. - On my second request, the OP says that he is concerned about the security implications of disclosing his seed, which suggests that he still has the seed, or believes he has it. However, less than one hour later, he said that he has deleted (and even shredded!) the file containing it. - When I asked the OP if he has paper backup of his seed, he says he has none. Yet, in one of his first posts he said "That's ll the btc I had" - The OP claims to be "very tech savvy". However, he deletes his wallet file, preventing further investigation. A tech savvy person would not destroy evidence just after being hacked. So, either the OP made up that story, or he has no clue about security.
|
|
|
|
LZ
Legendary
Offline
Activity: 1722
Merit: 1072
P2P Cryptocurrency
|
|
June 27, 2015, 02:25:31 AM |
|
|
My OpenPGP fingerprint: 5099EB8C0F2E68C63B4ECBB9A9D0993E04143362
|
|
|
|