How were my encrypted wallets hacked? I even used truecrypt and dummy wallet.dat

[HopeIsLost]

I woke up this morning sickened by the looks of my wallets.  At 4:00AM and 4:01AM my bitcoin and litecoin wallets were hacked and all the coins were transferred out.  6.625 BTC and 84.00 LTC were stolen.  I thought I was taking the proper precautions to prevent this but apparently not. 
 


I used truecrypt to house the location of the wallets' data.

I never allowed any unknown java applications to run.

I used a random 64 character ASCII character password from https://www.grc.com/passwords.htm for my truecrypt password.

I used different passwords (10+ characters) for my wallet clients.

I scanned for viruses using Avast and malwarebytes after I realized they were stolen, yet didn't find anything suspicious. Could be a FUD though?

I had dummy wallet files in my AppData/roaming/Bitcoin and AppData/roaming/Litecoin folders in case this thing ever happened.
 


Now I'm depressed and I'm out around $1000 with the current market prices and only have 15 LTC to my name, which I immediately transferred to my btc-e account.  I only have this 15 LTC because it was tied up at coinbomb or either cryptobounty while my coins were stolen.  I have been day trading and gambling on bitpotato like sites in hopes of making enough money to buy a new laptop (to replace my current piece of shithttps://i.imgur.com/2CKHIJ4.jpg) and now those hopes are gone. 
 
 

If I were ever to make any coins back (which I probably won't), how would I go about making them safe?  Should I use blockchain for my BTC wallet? How did this even happen?
 
  
Picture of my wallet and transaction details
https://i.imgur.com/jflvUBy.jpg

 
 

Bitcoin chain explorer
http://blockexplorer.com/tx/f82bac3b797ef782ce858797da7d447cb223ba7d7bf57b11d59dc9dd3dcbb5af
 
 
Litecoin chain explorer
http://litecoinscout.com/address/LhGJGM3N8ms5C7GpSJeNcnF6R22i7Kp7cq

[1714932332]

1714932332

[1714932332]

1714932332

[1714932332]

1714932332

[1714932332]

1714932332

[1714932332]

1714932332

[r3wt]

i have the same computer. while i agree that yours is a piece of shit. these 4gb/T6400 2.0ghz inspriron 1545's are still better than 50 percent of the new laptops on the market. anywho, im sorry you got ripped off. its possible that some of the bitcoins in your wallet were invalid(faked bitcoins) i've heard of this happening to more than one person recently

[flatfly]

Sounds like your PC is compromised. What web browser are you using? What is your version of Adobe Flash player? These are the 2 main attack vectors on Windows.

Also download mbam antimalware and run a quick scan to see if it finds anything bad - there are tons of nasties that a traditional AV will not detect, unfortunately.  

[HopeIsLost]

Sounds like your PC is compromised. What web browser are you using? What is your version of Adobe Flash player? These are the 2 main attack vectors on Windows.

Also download mbam antimalware and run a quick scan to see if it finds anything bad - there are tons of nasties that a traditional AV will not detect, unfortunately.  

Already ran malwarebytes and avast as stated in OP and nothing suspicious was found.  I'm using chrome and also have the newest flash player.

[Birdy]

i have the same computer. while i agree that yours is a piece of shit. these 4gb/T6400 2.0ghz inspriron 1545's are still better than 50 percent of the new laptops on the market. anywho, im sorry you got ripped off. its possible that some of the bitcoins in your wallet were invalid(faked bitcoins) i've heard of this happening to more than one person recently

Could you offer some more explanation of the "fake Bitcoins"? With a lot of confirmations this shouldn't be possible.

[Deafboy]

Sorry to hear that.
Password protected wallet and truecrypt container might bring the false feeling of security.
In fact to be able to use the wallet you have to mount the hidden volume so the system can see what's inside, and to be able to spend the coins, you have to type the password.
Simple malicious code can wait until you connect the truecrypt volume, copy the wallet, and then wait until you make a transaction to copy your password.

some of the bitcoins in your wallet were invalid(faked bitcoins)

There is no such thing as faked bitcoins. You can easily verify all informations displayed by your client on blockcexplorer or blockchain.info The transaction looks pretty real to me.

[HopeIsLost]

Sounds like you left these things open, instead of closing them down and disconnecting the true crypt volume. Were you using keyfiles? Also sounds like you may have a keylogger, got the password to everything with that.

I always dismount my volumes after I'm done using the wallets.  Not using keyfiles, only a 64 ASCII password.  I have scanned for a keylogger and found nothing, but will probably reformat soon, and only use linux for my cryptocurrency needs. 

[flatfly]

Try to remember what software you installed recently. When handling bitcoin, downloading *any* app created within the last 2 years must be done with extreme care. And no, switching to Linux won't automagically eliminate that risk (as some users have painfully found out).

[r3wt]

i have the same computer. while i agree that yours is a piece of shit. these 4gb/T6400 2.0ghz inspriron 1545's are still better than 50 percent of the new laptops on the market. anywho, im sorry you got ripped off. its possible that some of the bitcoins in your wallet were invalid(faked bitcoins) i've heard of this happening to more than one person recently

Could you offer some more explanation of the "fake Bitcoins"? With a lot of confirmations this shouldn't be possible.

it seems you can take litecoin, modify the software to make it look like fake bitcoins, and pass them off to users as the real deal. by the time you realize you've been duped and they dissapear from your account, the spammer is long gone with whatever you traded/sold him.

[Birdy]

i have the same computer. while i agree that yours is a piece of shit. these 4gb/T6400 2.0ghz inspriron 1545's are still better than 50 percent of the new laptops on the market. anywho, im sorry you got ripped off. its possible that some of the bitcoins in your wallet were invalid(faked bitcoins) i've heard of this happening to more than one person recently

Could you offer some more explanation of the "fake Bitcoins"? With a lot of confirmations this shouldn't be possible.

it seems you can take litecoin, modify the software to make it look like fake bitcoins, and pass them off to users as the real deal. by the time you realize you've been duped and they dissapear from your account, the spammer is long gone with whatever you traded/sold him.

You don't actually send any coins, you read and change the transaction history, so I highly doubt that this is possible.

[r3wt]

i have the same computer. while i agree that yours is a piece of shit. these 4gb/T6400 2.0ghz inspriron 1545's are still better than 50 percent of the new laptops on the market. anywho, im sorry you got ripped off. its possible that some of the bitcoins in your wallet were invalid(faked bitcoins) i've heard of this happening to more than one person recently

Could you offer some more explanation of the "fake Bitcoins"? With a lot of confirmations this shouldn't be possible.

it seems you can take litecoin, modify the software to make it look like fake bitcoins, and pass them off to users as the real deal. by the time you realize you've been duped and they dissapear from your account, the spammer is long gone with whatever you traded/sold him.

You don't actually send any coins, you read and change the transaction history, so I highly doubt that this is possible.

go read the bulletin at the very top of this very forum

[BitshireHashaway]

I personally don't have enough bitcoins for anyone to care including me if I were hacked (a few dollars), however if you start having more than $2000+ in bitcoins you may want to take a few hundred dollars of it and create an offline armory in order to help protect yourself. One of the most secure things I know of. I'm worried my computer may have something bad because I don't pay too much attention when downloading stuff (I know what it is but normally allow things to run), so I'll need to scan my computer for a keylogger.

[Birdy]

go read the bulletin at the very top of this very forum

This?
http://bitcoin.org/may15.html

That's "double-spending" existing Bitcoins due to a network fork, it's not faking Bitcoins.
It can only happen if you still have the old client (or if there is another fork/51% attack).

[Orianna]

Just out of curiosity is anyone running a flavor of linux (Ubuntu, Mint, Redhat) from a pendrive for the very purpose of maintaining their wallets? 

Would that be considered secure?

[cp1]

Your encrypted wallet was hacked when you decrypted it.  I can't imagine using windows for bitcoin.

[bitcool]

i have the same computer. while i agree that yours is a piece of shit. these 4gb/T6400 2.0ghz inspriron 1545's are still better than 50 percent of the new laptops on the market. anywho, im sorry you got ripped off. its possible that some of the bitcoins in your wallet were invalid(faked bitcoins) i've heard of this happening to more than one person recently

Could you offer some more explanation of the "fake Bitcoins"? With a lot of confirmations this shouldn't be possible.

it seems you can take litecoin, modify the software to make it look like fake bitcoins, and pass them off to users as the real deal. by the time you realize you've been duped and they dissapear from your account, the spammer is long gone with whatever you traded/sold him.

How is that possible?

If you meant some one is foolish enough to download fake client program to run, and can't tell the difference between LTC address and BTC address, he probably shouldn't be in this coin business.

[Dabs]

Try www.gmer.net

http://en.wikipedia.org/wiki/GMER

[cp1]

Aren't lite coin address different from bitcoin addresses?  So they can't really be confused?  (I think litecoin starts with L?)

[bticoinquake]

Man that truely sucks, would paper wallets have prevented this?