jubalix (OP)
Legendary
 Offline
Activity: 2618
Merit: 1022
|
 |
February 21, 2014, 03:47:55 PM
Last edit: February 21, 2014, 04:04:55 PM by jubalix |
|
I just saw 1.99 LTC get taken out of my wallet. I just upgraded to the latest LTC client, from the beta and made a transfer. Walked back into my room to see 1.99 LTC being transferred I have an encrypted wallet, which means they must have seen my password as I typed it....or something else weird thing is I use coin control and I can see where this coin came from as I have all coins of particle addressesno located the address and the from address does not appear in my wallet that I can see?It does appear to have decrimented my balance though freaking out now...! transaction http://block-explorer.com/address/LPuJg4jQniASXs3ahknmDJutijtog35SAp |
|
|
|
|
|
|
|
|
Remember that Bitcoin is still beta software. Don't put all of your money into BTC!
|
|
|
Advertised sites are not endorsed by the Bitcoin Forum. They may be unsafe, untrustworthy, or illegal in your jurisdiction.
|
ljudotina
Legendary
Offline
Activity: 1260
Merit: 1029
|
|
February 21, 2014, 03:49:33 PM |
|
OR maybe it's just sync problem....
|
|
|
|
Lauda
Legendary
Offline
Activity: 2674
Merit: 2965
Terminated.
|
|
February 21, 2014, 03:58:54 PM |
|
Possible keylogger?
|
"The Times 03/Jan/2009 Chancellor on brink of second bailout for banks" 😼 Bitcoin Core ( onion) |
|
|
ArticMine
Legendary
Offline
Activity: 2282
Merit: 1050
Monero Core Team
|
|
February 21, 2014, 04:03:43 PM |
|
Possible keylogger?
Let me guess. The operating system is Microsoft Windows. |
|
|
|
equinox9
Newbie
Offline
Activity: 40
Merit: 0
|
|
February 21, 2014, 04:04:11 PM |
|
I just saw 1.99 LTC get taken out of my wallet.
I just upgraded to the latest LTC client, from the beta and made a transfer.
Walked back into my room to see 1.99 LTC being transferred
I have an encrypted wallet, which means they must have seen my password as I typed it....or something else
weird thing is I use coin control and I can see where this coin came from as I have all coins of particle addresses
and the from address does not appear in my wallet that I can see?
I does appear to have decrimented my control though
freaking out now...!
Just consider this a lesson learnt. It could have been much worse - count your blessing you didnt have more stored on there. Always use paper wallets. |
|
|
|
|
softbluelight
Newbie
Offline
Activity: 18
Merit: 0
|
|
February 21, 2014, 04:04:54 PM |
|
I just upgraded to the latest LTC client, from the beta and made a transfer.
is there an unconfirmed transaction that was sent without a transaction fee? |
|
|
|
|
jubalix (OP)
Legendary
Offline
Activity: 2618
Merit: 1022
|
|
February 21, 2014, 04:05:45 PM |
|
Possible keylogger?
Let me guess. The operating system is Microsoft Windows. no its osx it has to be a key logger |
|
|
|
Lauda
Legendary
Offline
Activity: 2674
Merit: 2965
Terminated.
|
|
February 21, 2014, 04:14:51 PM |
|
Possible keylogger?
Let me guess. The operating system is Microsoft Windows. It is safe as long as you know how to correctly use it. |
"The Times 03/Jan/2009 Chancellor on brink of second bailout for banks" 😼 Bitcoin Core ( onion) |
|
|
softbluelight
Newbie
Offline
Activity: 18
Merit: 0
|
|
February 21, 2014, 04:24:03 PM |
|
Possible keylogger?
Let me guess. The operating system is Microsoft Windows. no its osx it has to be a key logger OSX and key logger... I hope that's not the case |
|
|
|
|
substratum
Newbie
Offline
Activity: 36
Merit: 0
|
|
February 21, 2014, 06:40:48 PM
Last edit: February 21, 2014, 09:53:12 PM by substratum |
|
OSX and key logger... I hope that's not the case
Cross-platform keyloggers are already out there, I've seen someone using Adwind RAT to steal wallet files in this forum already (thread got removed). http://www.crowdstrike.com/blog/adwind-rat-rebranding/index.html |
|
|
|
|
|
|
PyroClasTix
Newbie
Offline
Activity: 56
Merit: 0
|
|
February 21, 2014, 08:46:43 PM |
|
It's happened to my other account before. It's a possible RAT on your computer and keylogger.
Download "darkcomet rat remover tool" on the googles.
Scan your system.
Let me know.
|
|
|
|
|
keithers
Legendary
Offline
Activity: 1456
Merit: 1001
This is the land of wolves now & you're not a wolf
|
|
February 22, 2014, 02:13:25 AM |
|
Has it completely synced? Seems like a hacker would wait until you have a larger balance than 1.99 LTC in your wallet before he stole it..
|
|
|
|
|
substratum
Newbie
Offline
Activity: 36
Merit: 0
|
|
February 22, 2014, 01:07:59 PM |
|
It's certainly a good idea to run with the least privilege possible, but the article isn't quite accurate. The report in question was speaking about Microsoft software exploit attempts being mitigated, not people just running malware they find posted on a web forum. Most modern malware has moved beyond requiring admin rights. The trojans install themselves to user-owned folders and persist via user-writable registry keys. For a wallet stealer, persistence isn't even required, and your wallet.dat file is lying right there in a user folder for the taking. It might need to persist if it uses a keylogger to capture your passphrase since it doesn't know when you will be typing/pasting that in, but as I mentioned, malware can persist post-reboot without needing admin rights. So even though the advice is good for some cases, in the case of running random programs posted to Bitcointalk, it won't help you at all. |
|
|
|
|
|
