Electrum Wallet

[DannyHamilton]

- snip -
Maybe try to get in touch with allprivatekeys .com maybe they can help you because they have this address listed with its private key .

There is nothing they can do.  The bitcoins are spent and confirmed to address 1qxtRzvB8fsXyQjtiGDF56hC6GewTez4x.  Only the person that has access to the private key for 1qxtRzvB8fsXyQjtiGDF56hC6GewTez4x can do anything with those bitcoins.

[1714247581]

1714247581

[1714247581]

1714247581

[1714247581]

1714247581

[1714247581]

1714247581

[1714247581]

1714247581

[xenotrunksx]

Doesn't Electrum have you make a 12 word seed or something that it derives all your private keys from?  Did you use a common or literary phrase as your seed?  If so, I'm sure bots would be watching addresses hashed from those seed words.

[DannyHamilton]

Doesn't Electrum have you make a 12 word seed or something that it derives all your private keys from?

It makes it for you, but is has you record it.

Did you use a common or literary phrase as your seed?

That's not how it works.

If so, I'm sure bots would be watching addresses hashed from those seed words.

Electrum doesn't hash the seed words.

[vh]

Based on the transaction from 4 months ago and that particular destination address of the tx, (after a little googling) you can come to the conclusion the private key to that address was bot monitored, even at that time.  

How it ended up in your wallet is still an open matter of concern, esp. if you didn't import it in yourself by mistake.

[DOGE12321]

Not likely. Electrum is one of the most reputed and trusted wallets in the Bitcoin community. I don't think that they would destroy their entire reputation just for 10Bitcoin. There are 2 things that could have gone wrong.

You could have downloaded a tampered version of Electrum. This may have had a malicious file imprinted in it. Did you download it from the official Electrum website?

Another reason could be a trojan or some other hidden file hacked your computer. A hacker could have remotely implanted a virus in your computer and redirected your Bitcoin to another address.

[overnightmillionaire]

what a nightmare.

[pooya87]

which one of those links did you click to download? tell us so we can double check the link
did you check the signature of the file after you downloaded it? if you don't know how, say what OS you are running so we can explain how.

if the above is true then the only reason is the #2. that Danny said.

[overnightmillionaire]

which one of those links did you click to download? tell us so we can double check the link
did you check the signature of the file after you downloaded it? if you don't know how, say what OS you are running so we can explain how.

if the above is true then the only reason is the #2. that Danny said.

Yes

[khufuking]

- snip -
Maybe try to get in touch with allprivatekeys .com maybe they can help you because they have this address listed with its private key .

There is nothing they can do.  The bitcoins are spent and confirmed to address 1qxtRzvB8fsXyQjtiGDF56hC6GewTez4x.  Only the person that has access to the private key for 1qxtRzvB8fsXyQjtiGDF56hC6GewTez4x can do anything with those bitcoins.

Well i do agree with you the only one that can get his money back is 1qxtRzvB8fsXyQjtiGDF56hC6GewTez4x owner   . I mean they can help him to know what happen since they have the address listed there . They may know what really happened .
 

which one of those links did you click to download? tell us so we can double check the link
did you check the signature of the file after you downloaded it? if you don't know how, say what OS you are running so we can explain how.

if the above is true then the only reason is the #2. that Danny said.

It can not be #2 because the address that the money sent too is already an old address with known public key . So it is prob number #1

[adaseb]

Hmm...

When you search the BTC address he used. Google returns the private key from directory.io

Maybe the google spider bot is scanning all the private keys in existance and someone uses a bot too see if any results from directory.io return a valid address with funds

No idea whats going on exactly because why would malware reuse a private key thats public?

[pooya87]

which one of those links did you click to download? tell us so we can double check the link
did you check the signature of the file after you downloaded it? if you don't know how, say what OS you are running so we can explain how.

if the above is true then the only reason is the #2. that Danny said.

It can not be #2 because the address that the money sent too is already an old address with known public key . So it is prob number #1

yes but i said if the two criteria i mentioned were met then it would be #2.
and it is not a complicated malware either. it can be a simple code that doesn't even have to run in the background. it just runs once and injects a wallet file called "Default_wallet" in the directory. the format of the wallet file is in a way that contains that key as its primary receive address.

[Abdussamad]

Guys I downloaded from the official website the installer: https://electrum.org/#download

I did this today.. it's not like I forgot, I still have the exe in my download history on firefox.

This is what's weird.. it's like something placed the Wallet.dat into my roaming folder so when I started electrum it never asked me to create the wallet, I just foolishly thought I had installed electrum at an earlier date. Like I said I had seen 4 transactions and just assumed it was from me doing stuff awhile back. Either that or some one had stolen my wallet.dat awhile back.

Seems like I just sent away $27,000 to some random person thinking it was my own safe key..


what a nightmare.

This is sort of what happened but why would a malware author create a wallet file containing an address with a publicly known private key? If he does that he can't guarantee that he will get the money. Anyone could steal from such an address. Are you sure you didn't create this wallet file yourself in the past when browsing directory.io? Perhaps you were having a bit of fun trying out some of those private keys listed there.

What happens when you go to wallet menu > seed on this wallet. I'm guessing the seed option is grayed out because this wallet only contains imported private keys from directory.io's last page.

Since version 2.0 electrum has only generated compressed private keys. This address uses an uncompressed private key which is long obsolete.

[adaseb]

I am guessing he might of installed some shitcoin wallet on this computer which put some pre-created wallets into his ~APPDATA~/Roaming directories and the hacker just needs to wait for a transaction.

So far 2 people were tricked. The first guy was tricked 4 months ago.

Check your ~APPDATA~/Roaming and see if you got other wallets in there that shouldn't be there.

Reason for the double spends is because maybe someone else installed the virus who was a professional, and knew that other people might send funds to those addresses and since he knew the private key, he started listening in on those addresses also.

[Abdussamad]

I am guessing he might of installed some shitcoin wallet on this computer which put some pre-created wallets into his ~APPDATA~/Roaming directories and the hacker just needs to wait for a transaction.

So far 2 people were tricked. The first guy was tricked 4 months ago.

Check your ~APPDATA~/Roaming and see if you got other wallets in there that shouldn't be there.

Reason for the double spends is because maybe someone else installed the virus who was a professional, and knew that other people might send funds to those addresses and since he knew the private key, he started listening in on those addresses also.

The malware theory doesn't make sense because the address' private key wasn't secret. Just google the address and you'll see that the private key for this address is public knowledge. What would be the point of infecting a computer with malware just to send the money to an open vault so to speak?

[SopaXT]

This address is on the last page of directory.io, the private key is thus well-known.
Seriously - you have used it knowing that?!

[foxbat]

I sent 10.8+ bitcoin to my Electrum wallet from bitfinex.. as soon as it hit my electrum wallet it sent automatically to another address that I don't own. The time stamps were identical times from when it entered my wallet and when it sent out.. I downloaded the wallet from https://electrum.org/#download

I restarted the wallet and tried to enter my password many times.. its saying wrong password now.

https://blockchain.info/address/17MxKujaf2sFtGzX36tSkVFXwkJCDsSS8J

This really looks like an automatic function built into the wallet to steal coins.


What is going on here?

Silly, I laughed at the title of this article, how an electrum wallet could stole your bitcoin, it was rated as one of the most reliable and secure wallets. I believe you are having some confusion.

[NikolayL]

Thes same just happened with me !!!! Don't use Electrum for a while.
My money were stolen to this address: https://blockchain.info/address/144BdLLSifbZJEmqnHy8i1QkRdrxxHeFf3

[NikolayL]

Ok, maybe I have to explain what just happened with me -

I used electrum-2.9.3 to send some small amount 0.015 to 149xne93ppwQLww733hNnGmFqj51rNPjBC

I've checked all (sum, fee etc) all was correct but money were sent also to 144BdLLSifbZJEmqnHy8i1QkRdrxxHeFf3

see https://btc.com/ebdd24ff41f92aeef948133e788487e4ce1019eae85949c6be6455e27fbb38cf

I downloaded Electrum from OFFICIAL SITE https://www.electrumsource.org/#download for Windows Standalone.

And used cold storage for my wallet.

I'm shocked.

[TryNinja]

Ok, maybe I have to explain what just happened with me -

I used electrum-2.9.3 to send some small amount 0.015 to 149xne93ppwQLww733hNnGmFqj51rNPjBC

I've checked all (sum, fee etc) all was correct but money were sent also to 144BdLLSifbZJEmqnHy8i1QkRdrxxHeFf3

see https://btc.com/ebdd24ff41f92aeef948133e788487e4ce1019eae85949c6be6455e27fbb38cf

I downloaded Electrum from OFFICIAL SITE https://www.electrumsource.org/#download for Windows Standalone.

And used cold storage for my wallet.

I'm shocked.

Except that this "electrumsource.org" is a scam and not the official website.

THE ONLY WEBSITE YOU SHOULD USE TO DOWNLOAD ELECTRUM IS https://electrum.org/ - OTHERS ARE A SCAM!
As I expected, it was your fault (it's always the user's fault). There is nothing wrong with Electrum.