Stolen Bitcoin from wallet

[slasher71]

Just had 2.3 bitcoin stolen from my wallet anything I can do?

[qfdev]

Which wallet were you using? Online/offline?

[joulesbeef]

offline... not much. Next time transfer to  a second wallet you dont even keep on a networked computer.. though it is more of a set of keys than a wallet as the coins exist on the blockchain and not in your actual pocket.

[slasher71]

Local wallet on my PC

[BlackShadowX1]

How?

[slasher71]

Not sure how as yet

[escrow.ms]

What was your address? and which wallet you are using on your pc? QT or some other?
Download some antivirus or antimalware and scan your pc first.

[slasher71]

What was your address? and which wallet you are using on your pc? QT or some other?
Download some antivirus or antimalware and scan your pc first.

It's ok it wasn't my address that had changed, they have managed to get hold of my Passwords not sure how as yet, not sure the police would be able to do anything?

I have antivirus & scanned with anti-Malware

The wallet was QT

[manobra]

If it was a trojan developed specificly made to get wallets/passwords, antivirus cant mark it as a virus (at least untill this program spread and get a lot of computers.

These forums have a lot of developers with expertise enough to bulid one. I'm a developer.

Now with that said....

PLEASE BEWARE WITH USING MINERS/PROGRAMS THAT SOMEONE JUST LINK TO YOU.

If it is open source, better.

Send to virustotal doesn't mean nothing, as I said above.

Good luck!

[slasher71]

Think I've worked out what's happened ....they have hacked in to the PC & installed a keylogger

[manobra]

Think I've worked out what's happened ....they have hacked in to the PC & installed a keylogger

Remember: if They hacked into your computer, you have probably opened The door (with an executable u've downloaded somewhere...)

Good luck!

[slasher71]

Finally got to the bottom of the cause....they sent link via ebay as a question asking about if they I could help them..... with link to an image...... the file was a .jpg ........once download it wasn't detected by any anti-virus or anti-malware program, I was running mcaffee

I scanned the file with both AV & other software before clicking on it to make sure it wasn't a virus....even did a full scan after clicking the file to make sure with AV & Malwarebytes

Today I used https://www.virustotal.com/ which submits the file to around 50 of the main AV scanners...... only 3 AV picked up the file as a backdoor trojan ......shocking ......NOD32 was one of them  

I'm now using NOD32 as I can't trust anything else

Be careful which AV you choose

[escrow.ms]

Slasher, most people use crypting software to make their Trojans fud (fully undetectable) from antiviruses, so it doesn't matters which av you are using.  If it's crypted it will don't get detected by any av.

NOD32 detected it because probably someone submitted that file to nod. So whenever you download something scan it on virustotal and run it in sandbox or virtual machine first. Install a firewall also, so you can keep an eye on incoming and outgoing connections.

[meade16]

I would most certainly format and re-install Windows.

[manobra]

Slasher, most people use crypting software to make their Trojans fud (fully undetectable) from antiviruses, so it doesn't matters which av you are using.  If it's crypted it will don't get detected by any av.

NOD32 detected it because probably someone submitted that file to nod. So whenever you download something scan it on virustotal and run it in sandbox or virtual machine first. Install a firewall also, so you can keep an eye on incoming and outgoing connections.

Totaly agreed!

I personaly, have developed a program that act like a virus/trojan (totaly FUD).

Sending it to virustotal, ZERO detection.

Firewall? (As it requires admin privilegies to be installed, it creates The rules to bypass)

Antimalware? (Starting as a service, it runs before or together these kind of programs, so if it is not a known virus, my rights allow me even to disable it)

When The user opens The door, there's not much an antivirus/antiwhatever can do....

And lets clarify The others about JPG u've clicked...

If u take a JPG file and rename it to EXE, Windows wont execut it.

That file should be named file.jpg.exe (with a JPG icon, trying to fake being a JPG)

I'll not get tired to write about it every time I have The opportunity.

Remember: in The cryptocurrency world, The user is his own Bank. So, we have to know The basics...