LOST 8.55194 to the scam: Fool Of The Year Award

[Ree500]

 Two days ago I lost 8.55194 to the current phishing scam. Is there any way to make sure that it's 100% gone or is that a silly question?  I have a few different versions of Electrum on my PC? 
 While attempting to transfer the coins to Trezor I received the error message and was taken to the fake Github page and idiotically downloaded the scam update. Instantly my coins were transferred to address: 3JY8E6o77H8xWnhtQtAKnUPa2YFE3PA5BH. What a ugly way to start off 2019, by being a careless fool, it hurts to be so so stupid.
 

[HCP]

Is there any way to make sure that it's 100% gone or is that a silly question?  I have a few different versions of Electrum on my PC? 

Make sure that the malware is gone? or that your coins are gone?

The only way to be close to 100% confident that the malware has gone... is to completely wipe your PC, full format and reinstall of the OS. You can also try running multiple malware detectors/removers like "Spybot search and destroy", MalwareBytes etc... and running multiple antivirus apps doing full scans of all files, but there is always the possibility that something sneaky will linger.

If you are just wanting to see if your coins are gone, just check your addresses on a block explorer... if they show 0 balance, coins are definitely gone.

[Ree500]

HCP , Thank you for answering the question, that is exactly the information needed. I probably will discard this pc since it was/is still infected. Thanks, I appreciate it.

[TryNinja]

HCP , Thank you for answering the question, that is exactly the information needed. I probably will discard this pc since it was/is still infected. Thanks, I appreciate it.

It’s probably not this, but you don’t mean “discart” as throwing the computer away, right?

A clean reinstall is all you need.

Just making sure; you never know what people can do when we’re talking about electronics.

[Ree500]

  After losing $30,000, buying a new laptop for a few hundred dollars will give me peace of mind.  I learned my lesson the hard way.
When I say discard, yes I am 100% referring to chucking this laptop into the trash, absolutely no question about it. Even if a new install fixed the problem, I consider it a bad luck PC now. Thank you for telling me to do a new install, appreciate the help.

[BitMaxz]

If you don't mind could you share the GitHub URL where you got the update?  I want to know the Github link so that other users are aware of the fake electrum Github and to investigate why you lose your bitcoin.

And let me ask if the error comes from Trezor or electrum wallet?

Let me also know what version of electrum that you receive the error?

This is a well-known issue in the old version of electrum and according to electrum tweet, they warn users that there is an ongoing phishing attack some electrum server will give you an error and redirect you to a phishing site and steal your bitcoin.

Got the twitter URL from here: Warning: There is an ongoing phishing attack against Electrum users

[joniboini]

If you don't mind could you share the GitHub URL where you got the update?  I want to know the Github link so that other users are aware of the fake electrum Github and to investigate why you lose your bitcoin.

Looking at the previous cases, it seems the attacker was quick to change their GitHub address after a successful attack so it's possible the address is not active anymore.

Even if a new install fixed the problem, I consider it a bad luck PC now. Thank you for telling me to do a new install, appreciate the help.

Well, you're certainly overdoing it. Why not sell it and make some cash?

[Lucius]

Two days ago I lost 8.55194 to the current phishing scam. 

Terrible loss, at least it would be for me personally, but it will be even bigger in future, in terms of fiat value. Too bad that only one small step is stop you to move your coins to Trezor, but as you say it was very stupid move to follow that message. Just a quick check of this forum, Electrum official site or just search on internet would save you from great loss.

And let me ask if the error comes from Trezor or electrum wallet?
Let me also know what version of electrum that you receive the error?

Error is from Electrum, Trezor is like Ledger Nano S can be used in pair with Electrum, and it is using this wallet as UI and Electrum servers to verify transactions. Version of Electrum is any under 3.3.3 since this problem is fixed only in this version, and if he use this version only thing displayed when users is connected to bad server is error, no link to fake wallets.

[Ree500]

Bitmaxz,
The address I was sent to was  https://github.com/electrum-official/EIectrum/releases/tag/3.3.4

 The error came from Electrum, when I tried to transfer to Trezor. The error is the exact error that is shown on the page that warns of the scam.
The Electrum version was 3.2.3. The scam turned my 3.2.3 wallet into the 3.4 scam version.
Now when I try to find my wallet 3.2.3. wallet, its gone, I can't locate any of the transactions at all that were on the hijacked wallet, I checked the other 2 versions I have on my PC and nothing.
When it hijacked my wallet and ripped off the coins, it would show the scam 3.4 wallet and it would show the coins still there and say "processing" on the bottom even though the coins were already gone.  I deleted all the 3.4 versions off my pc, they had a .tar extension.

I really hope my story can prevent some people from losing their money to this scam.. Although I was very busy and doing a few things at once, I should have known better when the error message popped up, I should have known better! $30,000 is $30,000 is $30,000 is plenty of money. I'm more upset that I fell for the scam than I am about losing the money. The bitcoins were from winning Clemson on the moneyline in the National Championship plus the NFC champ game. This is why I'm not greatly upset and crying etc. I learned a lesson the hard way.
 It could have been much worse. It would be great to hear these people who are doing the scam eventually get busted.

[Ree500]

Calling all skilled hackers etc, 20 bitcoins to you, identify the attacker who jacked my coins.

[Lucius]

Calling all skilled hackers etc, 20 bitcoins to you, identify the attacker who jacked my coins.

Be careful with anyone who may contact you via private message, and use escrow or you may lost more then 8.55 BTC. This is in most cases very hard task, or to say almost impossible. Hackers are move stolen coins across different crypto exchanges, buying/selling altcoins and using coin mixers to hide their trail.

What you need to do is contact all the biggest crypto exchanges (Coinbase, Binance, Bitstamp, Kraken...) with proof that you own stolen coins (you need to sign address from which coins are stolen). Also you should contact all coins mixer ( check this link : https://bitcointalk.org/index.php?topic=2827109.0) and then hope that some of them will receive your stolen coins and freeze them.

Option is that you report all to the police, depending in which country you live maybe they can help you to track coins.

[Ree500]

Lucius,

   I already have scammers sending me messages. Crazy how someone so smart, the Phishing scam operator,  would choose to use their knowledge in such a bad way. I feel for people that have lost what personally to them is considered a substantial amount of money. This phishing scam operator is ruining lives and there's nobody out there to stop him.

[Lucius]

Ree500, when you say "I already have scammers sending me messages.", what exactly do you mean by that? Do you mean the message that came up in your Electrum which lead you to click and download fake wallet? Or do you think some other cases when hackers try to scam you by sending messages in e-mail maybe?

It is not only one hacker out there, since it is quite easy to scam crypto users it has become a very profitable business and easy money. Try following the tips I've given you in the previous post, although it may be too late, but it is worth to try and it will not cost you anything then your time.

I am not sure if those groups have anything with Electrum hacking, but it show that certain people are professionally engaged in crypto hacking and 1$ billion is not small amount of money.

https://www.coindesk.com/two-groups-responsible-for-60-of-all-crypto-exchange-hacks-report

[Ree500]

Lucius,

  I was referring to people/scammers sending me messages to my Bitcoin Forum inbox, telling me they know who the hacker is....Then asking me for money.
  At this point I know the btc is long gone, I learned my lesson, a very expensive lesson at that. Thanks for your suggestions, I appreciate that.