Bitcoin Forum
July 23, 2018, 04:52:28 AM *
News: Latest stable version of Bitcoin Core: 0.16.1  [Torrent]. (New!)
 
   Home   Help Search Donate Login Register  
Pages: [1]
  Print  
Author Topic: Foreign Transaction on 13.02.18 (BTCs stolen?)  (Read 52 times)
KryptoPaul
Newbie
*
Offline Offline

Activity: 9
Merit: 0


View Profile
March 04, 2018, 08:39:39 PM
 #1

Hey,
im using an electrum wallet and a pretty safe setup, unfortunately it seems like my BTCs (~0.02BTC) were "stolen". on 13.02.18
someone (not me) made a transaction of full amount. Usually you would say i got malware or a keylogger but look now look at the receivers "wallet":
bc1qrxg3evc3jlnhqle2uhauag708ltzumaskj2nx5 (and the transaction ID for details: a85cb7ff23ac5371d6dff9a623b80e516cfe2009072169b3cdb48442c63a982c)
according to blockchain.info thats not even a legit wallet adress... before i stop: im using the electrum 3.0.5 full node wallet since the beginning of february, as there was
found a security issue in all versions of 3.0.4 and earlier. 
has anyone experienced similar things or can explain to me what happened there? for the very uncertain case someone can bring me back my BTCs
i will of course give you a small bounty Wink
kind regards
fair bitcoin games | pvp - pve - solo pve games | faucet |
Free satoshi code btcoon500
Advertised sites are not endorsed by the Bitcoin Forum. They may be unsafe, untrustworthy, or illegal in your jurisdiction. Advertise here.
1532321548
Hero Member
*
Offline Offline

Posts: 1532321548

View Profile Personal Message (Offline)

Ignore
1532321548
Reply with quote  #2

1532321548
Report to moderator
1532321548
Hero Member
*
Offline Offline

Posts: 1532321548

View Profile Personal Message (Offline)

Ignore
1532321548
Reply with quote  #2

1532321548
Report to moderator
jackg
Copper Member
Legendary
*
Offline Offline

Activity: 1078
Merit: 1082


View Profile
March 04, 2018, 08:48:47 PM
 #2

Hey,
im using an electrum wallet and a pretty safe setup, unfortunately it seems like my BTCs (~0.02BTC) were "stolen". on 13.02.18
someone (not me) made a transaction of full amount. Usually you would say i got malware or a keylogger but look now look at the receivers "wallet":
bc1qrxg3evc3jlnhqle2uhauag708ltzumaskj2nx5 (and the transaction ID for details: a85cb7ff23ac5371d6dff9a623b80e516cfe2009072169b3cdb48442c63a982c)
according to blockchain.info thats not even a legit wallet adress... before i stop: im using the electrum 3.0.5 full node wallet since the beginning of february, as there was
found a security issue in all versions of 3.0.4 and earlier. 
has anyone experienced similar things or can explain to me what happened there? for the very uncertain case someone can bring me back my BTCs
i will of course give you a small bounty Wink
kind regards


BTC.com says it's a valid bitcoin address. https://btc.com/bc1qrxg3evc3jlnhqle2uhauag708ltzumaskj2nx5

Try my address to the left (ending in 6ez) and you'll see blockchain.info says the address doesn't exist, or there's an incorrectly placed 0 or something like that).

Have you installed/been anywhere where a virus could be installed? Any free services that seem to good to be true (downloading/watching content that would have required money to produce).

KryptoPaul
Newbie
*
Offline Offline

Activity: 9
Merit: 0


View Profile
March 04, 2018, 09:12:24 PM
 #3

i dont think so, well who knows. thanks anyway
jackg
Copper Member
Legendary
*
Offline Offline

Activity: 1078
Merit: 1082


View Profile
March 04, 2018, 09:18:16 PM
 #4

i dont think so, well who knows. thanks anyway

Anyway, your Bitcoins appear to be sat in this address bc1qq5zvcqrn886rkxyzc5ue6nlw9mc02ha9se3hhy. One leap after the leap from yours. Not sure why they'd do that, maybe it went to a mixer or something and that's where it remains.

You might want to keep a look out for that to see if the coins move to an exchange as you might be able to ge their identity from the exchange it moves into.

HCP
Hero Member
*****
Offline Offline

Activity: 672
Merit: 887

<insert witty quote here>


View Profile
March 05, 2018, 01:38:12 AM
 #5

Hey,
im using an electrum wallet and a pretty safe setup, unfortunately it seems like my BTCs (~0.02BTC) were "stolen". on 13.02.18
someone (not me) made a transaction of full amount. Usually you would say i got malware or a keylogger but look now look at the receivers "wallet":
bc1qrxg3evc3jlnhqle2uhauag708ltzumaskj2nx5 (and the transaction ID for details: a85cb7ff23ac5371d6dff9a623b80e516cfe2009072169b3cdb48442c63a982c)
according to blockchain.info thats not even a legit wallet adress...
That's simply because blockchain.info have not properly updated their systems to deal with "bech32" addresses... aka "bc1" addresses.

Other block explorers, like btc.com, which have been updated, work fine:
Address: https://btc.com/bc1qrxg3evc3jlnhqle2uhauag708ltzumaskj2nx5
Transaction: https://btc.com/a85cb7ff23ac5371d6dff9a623b80e516cfe2009072169b3cdb48442c63a982c


Quote
before i stop: im using the electrum 3.0.5 full node wallet since the beginning of february, as there was
found a security issue in all versions of 3.0.4 and earlier.  
has anyone experienced similar things or can explain to me what happened there?
The simple answer is that your private keys (and/or seed mnemonic) have been compromised.

Have you done any of the following prior to Feb 13th:
- Entered your seed mnemonic into any websites/wallet apps to claim bitcoin forks?
- Entered your private keys into any websites/wallet apps to claim bitcoin forks?
- Imported your wallet into an "Electrum Clone" to claim bitcoin forks?
- Downloaded and used any wallets for bitcoin forks or altcoins?
- Stored your seed mnemonic "digitally" (ie. in a text file on your computer or email or dropbox/google drive etc)?

Additionally, did you double check that the version of Electrum v3.0.5 that you downloaded was from www.electrum.org ? Huh There have been a LOT of scam copies of the Electrum website (electrumsource.org, electrumwallet.org etc) over the last couple of months... have you checked your browser history? Have you checked the digital signature of the wallet installer?


Quote
for the very uncertain case someone can bring me back my BTCs
If you didn't send that transaction, then only the person who controls the address bc1qq5zvcqrn886rkxyzc5ue6nlw9mc02ha9se3hhy can give your coins back (as that is where they are now sitting)... and I'd guess the chances of that happening are somewhere between slim and none Undecided



Just out of curiosity, when you upgraded to v3.0.5... did you happen to experiment at all with SegWit wallets etc in Electrum? It looks like the original address your coins were sent to, received a little test transaction for 5000 satoshi's immediately prior to receiving your coins, see the transaction history: https://btc.com/bc1qrxg3evc3jlnhqle2uhauag708ltzumaskj2nx5

This transaction: https://btc.com/d9476a428e3fe213245559d40cf15470036b5caec20582ecadb4cba0f17520e6
then 7 minutes later: https://btc.com/a85cb7ff23ac5371d6dff9a623b80e516cfe2009072169b3cdb48442c63a982c
then 10 days later the coins were moved: https://btc.com/a267c230b2b67eb1f21114f5f636a1cec683d14f45ac832032b21e893f1c0cef

Pages: [1]
  Print  
 
Jump to:  

Sponsored by , a Bitcoin-accepting VPN.
Powered by MySQL Powered by PHP Powered by SMF 1.1.19 | SMF © 2006-2009, Simple Machines Valid XHTML 1.0! Valid CSS!