Bitcoin Forum
October 16, 2018, 05:51:03 PM *
News: Make sure you are not using versions of Bitcoin Core other than 0.17.0 [Torrent], 0.16.3, 0.15.2, or 0.14.3. More info.
 
   Home   Help Search Donate Login Register  
Pages: [1]
  Print  
Author Topic: Just got my LTC QT wallet hacked  (Read 961 times)
jubalix
Legendary
*
Offline Offline

Activity: 1876
Merit: 1002


View Profile WWW
February 21, 2014, 03:47:55 PM
 #1

I just saw 1.99 LTC get taken out of my wallet.

I just upgraded to the latest LTC client, from the beta and made a transfer.

Walked back into my room to see 1.99 LTC being transferred

I have an encrypted wallet, which means they must have seen my password as I typed it....or something else

weird thing is I use coin control and I can see where this coin came from as I have all coins of particle addresses

no located the address

and the from address does not appear in my wallet that I can see?

It does appear to have decrimented my balance though

freaking out now...!

transaction

http://block-explorer.com/address/LPuJg4jQniASXs3ahknmDJutijtog35SAp

Admitted Practicing Lawyer::BTC/Crypto Specialist. B.Engineering/B.Laws

https://www.binance.com/?ref=10062065
Each block is stacked on top of the previous one. Adding another block to the top makes all lower blocks more difficult to remove: there is more "weight" above each block. A transaction in a block 6 blocks deep (6 confirmations) will be very difficult to remove.
Advertised sites are not endorsed by the Bitcoin Forum. They may be unsafe, untrustworthy, or illegal in your jurisdiction. Advertise here.
1539712263
Hero Member
*
Offline Offline

Posts: 1539712263

View Profile Personal Message (Offline)

Ignore
1539712263
Reply with quote  #2

1539712263
Report to moderator
1539712263
Hero Member
*
Offline Offline

Posts: 1539712263

View Profile Personal Message (Offline)

Ignore
1539712263
Reply with quote  #2

1539712263
Report to moderator
1539712263
Hero Member
*
Offline Offline

Posts: 1539712263

View Profile Personal Message (Offline)

Ignore
1539712263
Reply with quote  #2

1539712263
Report to moderator
ljudotina
Legendary
*
Offline Offline

Activity: 1134
Merit: 1020


View Profile
February 21, 2014, 03:49:33 PM
 #2

OR maybe it's just sync problem....

Lauda
Legendary
*
Offline Offline

Activity: 2002
Merit: 1632


GUNBOT Licenses up to 50% OFF - 'GrumpyKitty'.


View Profile WWW
February 21, 2014, 03:58:54 PM
 #3

Possible keylogger?

.FORTUNE.JACK.
      ▄▄███████▄▄
   ▄████▀▀ ▄ ██████▄
  ████ ▄▄███ ████████
 █████▌▐███▌ ▀▄ ▀█████
███████▄██▀▀▀▀▄████████
█████▀▄▄▄▄█████████████
████▄▄▄▄ █████████████
 ██████▌ ███▀████████
  ███████▄▀▄████████
   ▀█████▀▀███████▀
      ▀▀██████▀▀
         
         █
...FortuneJack.com                                             
...THE BIGGEST BITCOIN GAMBLING SITE
       ▄▄█████████▄▄
    ▄█████████████████▄
  ▄█████████████████████▄
 ▄██
█████████▀███████████▄
██████████▀   ▀██████████
█████████▀       ▀█████████
████████           ████████
████████▄   ▄ ▄   ▄████████
██████████▀   ▀██████████
 ▀██
█████████████████████▀
  ▀██
███████████████████▀
    ▀█████████████████▀
       ▀▀█████████▀▀
#JACKMATE
WIN 1 BTC
▄█████████████████████████▄
███████████████████████████
███████████████████████████
██████████▀█████▀██████████
███████▀░░▀░░░░░▀░░▀███████
██████▌░░░░░░░░░░░░░▐██████
██████░░░░██░░░██░░░░██████
█████▌░░░░▀▀░░░▀▀░░░░▐█████
██████▄░░▄▄▄░░░▄▄▄░░▄██████
████████▄▄███████▄▄████████

███████████████████████████
███████████████████████████
▀█████████████████████████▀
ArticMine
Legendary
*
Offline Offline

Activity: 2198
Merit: 1011


Monero Core Team


View Profile
February 21, 2014, 04:03:43 PM
 #4

Possible keylogger?

Let me guess. The operating system is Microsoft Windows.

Concerned that blockchain bloat will lead to centralization? Storing less than 4 GB of data once required the budget of a superpower and a warehouse full of punched cards. https://upload.wikimedia.org/wikipedia/commons/8/87/IBM_card_storage.NARA.jpg https://en.wikipedia.org/wiki/Punched_card
equinox9
Newbie
*
Offline Offline

Activity: 40
Merit: 0


View Profile
February 21, 2014, 04:04:11 PM
 #5

I just saw 1.99 LTC get taken out of my wallet.

I just upgraded to the latest LTC client, from the beta and made a transfer.

Walked back into my room to see 1.99 LTC being transferred

I have an encrypted wallet, which means they must have seen my password as I typed it....or something else

weird thing is I use coin control and I can see where this coin came from as I have all coins of particle addresses

and the from address does not appear in my wallet that I can see?

I does appear to have decrimented my control though

freaking out now...!

Just consider this a lesson learnt. It could have been much worse - count your blessing you didnt have more stored on there. Always use paper wallets.
softbluelight
Newbie
*
Offline Offline

Activity: 18
Merit: 0


View Profile
February 21, 2014, 04:04:54 PM
 #6

I just upgraded to the latest LTC client, from the beta and made a transfer.

is there an unconfirmed transaction that was sent without a transaction fee?
jubalix
Legendary
*
Offline Offline

Activity: 1876
Merit: 1002


View Profile WWW
February 21, 2014, 04:05:45 PM
 #7

Possible keylogger?

Let me guess. The operating system is Microsoft Windows.

no its osx

it has to be a key logger

Admitted Practicing Lawyer::BTC/Crypto Specialist. B.Engineering/B.Laws

https://www.binance.com/?ref=10062065
Lauda
Legendary
*
Offline Offline

Activity: 2002
Merit: 1632


GUNBOT Licenses up to 50% OFF - 'GrumpyKitty'.


View Profile WWW
February 21, 2014, 04:14:51 PM
 #8

Possible keylogger?

Let me guess. The operating system is Microsoft Windows.
It is safe as long as you know how to correctly use it.

.FORTUNE.JACK.
      ▄▄███████▄▄
   ▄████▀▀ ▄ ██████▄
  ████ ▄▄███ ████████
 █████▌▐███▌ ▀▄ ▀█████
███████▄██▀▀▀▀▄████████
█████▀▄▄▄▄█████████████
████▄▄▄▄ █████████████
 ██████▌ ███▀████████
  ███████▄▀▄████████
   ▀█████▀▀███████▀
      ▀▀██████▀▀
         
         █
...FortuneJack.com                                             
...THE BIGGEST BITCOIN GAMBLING SITE
       ▄▄█████████▄▄
    ▄█████████████████▄
  ▄█████████████████████▄
 ▄██
█████████▀███████████▄
██████████▀   ▀██████████
█████████▀       ▀█████████
████████           ████████
████████▄   ▄ ▄   ▄████████
██████████▀   ▀██████████
 ▀██
█████████████████████▀
  ▀██
███████████████████▀
    ▀█████████████████▀
       ▀▀█████████▀▀
#JACKMATE
WIN 1 BTC
▄█████████████████████████▄
███████████████████████████
███████████████████████████
██████████▀█████▀██████████
███████▀░░▀░░░░░▀░░▀███████
██████▌░░░░░░░░░░░░░▐██████
██████░░░░██░░░██░░░░██████
█████▌░░░░▀▀░░░▀▀░░░░▐█████
██████▄░░▄▄▄░░░▄▄▄░░▄██████
████████▄▄███████▄▄████████

███████████████████████████
███████████████████████████
▀█████████████████████████▀
softbluelight
Newbie
*
Offline Offline

Activity: 18
Merit: 0


View Profile
February 21, 2014, 04:24:03 PM
 #9

Possible keylogger?

Let me guess. The operating system is Microsoft Windows.

no its osx

it has to be a key logger


OSX and key logger... I hope that's not the case
substratum
Newbie
*
Offline Offline

Activity: 36
Merit: 0


View Profile
February 21, 2014, 06:40:48 PM
 #10

OSX and key logger... I hope that's not the case

Cross-platform keyloggers are already out there, I've seen someone using Adwind RAT to steal wallet files in this forum already (thread got removed).

http://www.crowdstrike.com/blog/adwind-rat-rebranding/index.html
anonuser777
Full Member
***
Offline Offline

Activity: 140
Merit: 100


View Profile
February 21, 2014, 08:18:17 PM
 #11

Pro tip for windows users (oxymoron?) - restrict access on your user accounts

http://www.tomsguide.com/us/standard-accounts-stop-malware,news-18326.html
PyroClasTix
Newbie
*
Offline Offline

Activity: 56
Merit: 0


View Profile WWW
February 21, 2014, 08:46:43 PM
 #12

It's happened to my other account before. It's a possible RAT on your computer and keylogger.

Download "darkcomet rat remover tool" on the googles.
Scan your system.
Let me know.
keithers
Legendary
*
Offline Offline

Activity: 1386
Merit: 1000


This is the land of wolves now & you're not a wolf


View Profile
February 22, 2014, 02:13:25 AM
 #13

Has it completely synced? Seems like a hacker would wait until you have a larger balance than 1.99 LTC in your wallet before he stole it..
substratum
Newbie
*
Offline Offline

Activity: 36
Merit: 0


View Profile
February 22, 2014, 01:07:59 PM
 #14

Pro tip for windows users (oxymoron?) - restrict access on your user accounts

http://www.tomsguide.com/us/standard-accounts-stop-malware,news-18326.html

It's certainly a good idea to run with the least privilege possible, but the article isn't quite accurate. The report in question was speaking about Microsoft software exploit attempts being mitigated, not people just running malware they find posted on a web forum. Most modern malware has moved beyond requiring admin rights. The trojans install themselves to user-owned folders and persist via user-writable registry keys.

For a wallet stealer, persistence isn't even required, and your wallet.dat file is lying right there in a user folder for the taking. It might need to persist if it uses a keylogger to capture your passphrase since it doesn't know when you will be typing/pasting that in, but as I mentioned, malware can persist post-reboot without needing admin rights.

So even though the advice is good for some cases, in the case of running random programs posted to Bitcointalk, it won't help you at all.
Pages: [1]
  Print  
 
Jump to:  

Sponsored by , a Bitcoin-accepting VPN.
Powered by MySQL Powered by PHP Powered by SMF 1.1.19 | SMF © 2006-2009, Simple Machines Valid XHTML 1.0! Valid CSS!