Bitcoin Forum
July 16, 2019, 03:19:59 PM *
News: Latest Bitcoin Core release: 0.18.0 [Torrent] (New!)
 
   Home   Help Search Login Register More  
Pages: [1]
  Print  
Author Topic: Sent BTC to wrong address  (Read 319 times)
Conord00
Newbie
*
Offline Offline

Activity: 1
Merit: 0


View Profile
June 28, 2019, 09:25:04 PM
 #1

I'm so angry right now, I sent the Bitcoin to the wrong address! I sent it to a previous customers address that I had copied from before. Is there any way I can get this back, it's delievered already on Electrum. I only noticed it when it wasn't in my wallet for a while. I've lost quite a bit, 1400 euros worth.....
1563290399
Hero Member
*
Offline Offline

Posts: 1563290399

View Profile Personal Message (Offline)

Ignore
1563290399
Reply with quote  #2

1563290399
Report to moderator
1563290399
Hero Member
*
Offline Offline

Posts: 1563290399

View Profile Personal Message (Offline)

Ignore
1563290399
Reply with quote  #2

1563290399
Report to moderator
Advertised sites are not endorsed by the Bitcoin Forum. They may be unsafe, untrustworthy, or illegal in your jurisdiction. Advertise here.
1563290399
Hero Member
*
Offline Offline

Posts: 1563290399

View Profile Personal Message (Offline)

Ignore
1563290399
Reply with quote  #2

1563290399
Report to moderator
1563290399
Hero Member
*
Offline Offline

Posts: 1563290399

View Profile Personal Message (Offline)

Ignore
1563290399
Reply with quote  #2

1563290399
Report to moderator
HCP
Legendary
*
Offline Offline

Activity: 1022
Merit: 1687

<insert witty quote here>


View Profile
June 28, 2019, 09:27:50 PM
 #2

The only party that can return those funds is the party that controls the private key for the address you sent to (ie. the previous customer). You'll need to contact them and ask them (very nicely) to return the funds to you.

MagicByt3
Full Member
***
Offline Offline

Activity: 280
Merit: 171


View Profile
June 30, 2019, 04:23:44 PM
 #3

Another note is do not copy and paste addressing without triple checking the entire string there is malware that can change your paste to attackers wallet this is not the case in your claim but be aware this can happen.

You are always best to type out the address and verify before sending.

If you know who own's the address you sent to you have  a chance of getting the funds back if you can contact them and have them refund you.
If not your funds are i'm afraid lost to the blockchain.




░░░░░░░░WASABI-WALLET Protect your privacy !!░░░░░░░░

░░░░░░░░CKPOOL.ORG!░░░░░░░░
DoublerHunter
Hero Member
*****
Offline Offline

Activity: 1036
Merit: 527



View Profile
June 30, 2019, 05:31:01 PM
 #4

I dunno if OP telling the truth because the user did not reply on this thread after he/she posted.

Once you'd mistaken that is not a reversible transaction, @HCP was right the only way to retrieve your bitcoin is to contact them(previous client) since you'd passed transaction and asking to return your btc. Next time, you should double or triple check the bitcoin address of recipient before hitting the button send.

           ▄▄████▄▄
      ▄▄███▀    ▀███▄▄
   ▄████████▄▄▄▄████████▄
  ▀██████████████████████▀
▐█▄▄ ▀▀████▀    ▀████▀▀ ▄▄██
▐█████▄▄ ▀██▄▄▄▄██▀ ▄▄██▀  █
▐██ ▀████▄▄ ▀██▀ ▄▄████  ▄██
▐██  ███████▄  ▄████████████
▐██  █▌▐█ ▀██  ██████▀  ████
▐██  █▌▐█  ██  █████  ▄█████
 ███▄ ▌▐█  ██  ████████████▀
  ▀▀████▄ ▄██  ██▀  ████▀▀
      ▀▀█████  █  ▄██▀▀
         ▀▀██  ██▀▀
.
.WINDICE.
.


      ▄████████▀
     ▄████████
    ▄███████▀
   ▄███████▀
  ▄█████████████
 ▄████████████▀
▄███████████▀
     █████▀
    ████▀
   ████
  ███▀
 ██▀
█▀
.


     ▄▄█████▄   ▄▄▄▄
    ██████████▄███████▄
  ▄████████████████████▌
 ████████████████████████
▐████████████████████████▌
 ▀██████████████████████▀
     ▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀
     ▄█     ▄█     ▄█
   ▄██▌   ▄██▌   ▄██▌
   ▀▀▀    ▀▀▀    ▀▀▀
       ▄█     ▄█
     ▄██▌   ▄██▌
     ▀▀▀    ▀▀▀
.


                   ▄█▄
                 ▄█████▄
                █████████▄
       ▄       ██ ████████▌
     ▄███▄    ▐█▌▐█████████
   ▄███████▄   ██ ▀███████▀
 ▄███████████▄  ▀██▄▄████▀
▐█ ▄███████████    ▀▀▀▀
█ █████████████▌      ▄
█▄▀████████████▌    ▄███▄
▐█▄▀███████████    ▐█▐███▌
 ▀██▄▄▀▀█████▀      ▀█▄█▀
   ▀▀▀███▀▀▀
.


.


.
iOPlay NowOi
.


.



.
.
Follow Us
▀▀▀▀▀▀▀▀▀▀▀▀
ETFbitcoin
Legendary
*
Offline Offline

Activity: 1694
Merit: 1859

Use SegWit and enjoy lower fees.


View Profile WWW
June 30, 2019, 06:50:58 PM
 #5

On a side note, Electrum preview function (when you make a transaction) & labeling function (to both transaction and addresses) might come in handy for logging.

I dunno if OP telling the truth because the user did not reply on this thread after he/she posted.

It's not rare occurrence, i've seen few users (mostly newbie) who ask question, but don't bother ask more question or give updates regarding problem.

bL4nkcode
Copper Member
Hero Member
*****
Offline Offline

Activity: 1232
Merit: 734


Rent this space if you want....


View Profile WWW
June 30, 2019, 07:02:51 PM
 #6

Make it a habit to double and triple check the address you want to sent to. Because there's no way it can be reverse once sent and confirmed. So take this as a big lesson to you and learn from your mistakes.

If you say that the address was owned by one of your customers, then you should tell him/her about what had happen and should talk to them to send the funds back.

Give us update one you get your funds back.

..bustadice..         ▄▄████████████▄▄
     ▄▄████████▀▀▀▀████████▄▄
   ▄███████████    ███████████▄
  █████    ████▄▄▄▄████    █████
 ██████    ████████▀▀██    ██████
██████████████████   █████████████
█████████████████▌  ▐█████████████
███    ██████████   ███████    ███
███    ████████▀   ▐███████    ███
██████████████      ██████████████
██████████████      ██████████████
 ██████████████▄▄▄▄██████████████
  ▀████████████████████████████▀
                     ▄▄███████▄▄
                  ▄███████████████▄
   ███████████  ▄████▀▀       ▀▀████▄
               ████▀      ██     ▀████
 ███████████  ████        ██       ████
             ████         ██        ████
███████████  ████     ▄▄▄▄██        ████
             ████     ▀▀▀▀▀▀        ████
 ███████████  ████                 ████
               ████▄             ▄████
   ███████████  ▀████▄▄       ▄▄████▀
                  ▀███████████████▀
                     ▀▀███████▀▀
           ▄██▄
           ████
            ██
            ▀▀
 ▄██████████████████████▄
██████▀▀██████████▀▀██████
█████    ████████    █████
█████▄  ▄████████▄  ▄█████
██████████████████████████
██████████████████████████
    ▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄
    ▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀
       ████████████
......Play......
seoincorporation
Legendary
*
Online Online

Activity: 1400
Merit: 1394


BtcBoss


View Profile
June 30, 2019, 08:06:16 PM
 #7

I agree with HCP, the next step to do is try to contact the customer you send the Bitcoins, because since bitcoin is not reversible there is no way to get them back unless the person who gets them send it back. If you don't have a way to contact the customer you should send a small transaction with a message on it, i have seen this working on the past, so, could be a solution for you.

.BitDice.               ▄▄███▄▄
           ▄▄██▀▀ ▄ ▀▀██▄▄
      ▄▄█ ▀▀  ▄▄█████▄▄  ▀▀ █▄▄
  ▄▄██▀▀     ▀▀ █████ ▀▀     ▀▀██▄▄
██▀▀ ▄▄██▀      ▀███▀      ▀██▄▄ ▀▀██
██  ████▄▄       ███       ▄▄████  ██
██  █▀▀████▄▄  ▄█████▄  ▄▄████▀▀█  ██
██  ▀     ▀▀▀███████████▀▀▀     ▀  ██
             ███████████
██  ▄     ▄▄▄███████████▄▄▄     ▄  ██
██  █▄▄████▀▀  ▀█████▀  ▀▀████▄▄█  ██
██  ████▀▀       ███       ▀▀████  ██
██▄▄ ▀▀██▄      ▄███▄      ▄██▀▀ ▄▄██
  ▀▀██▄▄     ▄▄ █████ ▄▄     ▄▄██▀▀
      ▀▀█ ▄▄  ▀▀█████▀▀  ▄▄ █▀▀
           ▀▀██▄▄ ▀ ▄▄██▀▀
               ▀▀███▀▀
        ▄▄███████▄▄
     ▄███████████████▄
    ████▀▀       ▀▀████
   ████▀           ▀████
   ████             ████
   ████ ▄▄▄▄▄▄▄▄▄▄▄ ████
▄█████████████████████████▄
██████████▀▀▀▀▀▀▀██████████
████                   ████
████                   ████
████                   ████
████                   ████
████                   ████
████▄                 ▄████
████████▄▄▄     ▄▄▄████████
  ▀▀▀█████████████████▀▀▀
        ▀▀▀█████▀▀▀
▄▄████████████████████████████████▄▄
██████████████████████████████████████
█████                            █████
█████                            █████
█████                            █████
█████                            █████
█████                     ▄▄▄▄▄▄▄▄▄▄
█████                   ▄█▀▀▀▀▀▀▀▀▀▀█▄
█████                   ██          ██
█████                   ██          ██
█████                   ██          ██
██████████████████▀▀███ ██          ██
 ████████████████▄  ▄██ ██          ██
   ▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀ ██          ██
             ██████████ ██          ██
           ▄███████████ ██████▀▀██████
          █████████████  ▀████▄▄████▀
[/]
harizen
Legendary
*
Offline Offline

Activity: 1582
Merit: 1134


View Profile
June 30, 2019, 08:23:13 PM
 #8

I'm so angry right now, I sent the Bitcoin to the wrong address! I sent it to a previous customers address that I had copied from before. Is there any way I can get this back, it's delievered already on Electrum. I only noticed it when it wasn't in my wallet for a while. I've lost quite a bit, 1400 euros worth.....

Basically, a human mistake and error.

Just wondering here, with that kind of decent amount, the usual thing we do when sending BTC to anyone or even to our own address, is to check the address several times carefully even we are not aware of the malware thing or any related thing to that. But how come you hit the SEND button easily. Even most of the newbies stuck up for several minutes just to check if they pasted the exact address.

Anyhow, you have a reference to the receiver so basically, you have a "chance" to recover it.

I'm seeing a chance that you may get it back because you have a good deal before with that customer unless that user didn't control the address now or became "greed" as 1,400 Euros is really a decent amount. Hope you got your money back.

elda34b
Sr. Member
****
Offline Offline

Activity: 490
Merit: 304


View Profile
July 01, 2019, 02:40:45 AM
 #9

If you don't have a way to contact the customer you should send a small transaction with a message on it, i have seen this working on the past, so, could be a solution for you.

That might work if the customer or whoever control that address realize or at least bother to check the tx. Even if they did, it's still possible the funds will not be sent back because they don't wanna do it.

Unless the owner is a good person, chance to get back OP funds is 0%.


█████████████████████████████████████████████████████████████
███████████████████████████`````````█████████████████████████
███████████````████████```````````````██████████````█████████
█████████`````████████`````██████████████████████`````███████
███████`````████████`````██████████████```█████████`````█████
█████`````██████████````███████████████````██████████`````███
███`````███████████````█████████████████````███████████`````█
██``````███████████````█████████████████````███████████``````
████`````███████████````███████████████````██████████``````██
██████``````████████````██████████████`````████████``````████
████████``````███████``█████████████``````███████``````██████
██████████`````██████████```````````````████████`````████████
████████████``███████████````````````████████████``██████████
█████████████████████████████████████████████████████████████
█████████████████████████████████████████████████████████████
█████████████████████████████████████████████████████████████
████████████████████████████████████████████████████████████
███████████████████████████████████████████████████████████
██████████████████████████████████████████████████████████
███████████████████████████████████████████████████████████
█████████████████████████████████████████████████████████████
UTOPIA

█▀▀▀▀▀▀█
█ █▀▀▀ █
█  ▄██ █
█ ██▀  █
█ ▄▄▄█ █
█ █▀▀▀ █
█  ▄██ █
█ ██▀  █
█ ▄▄▄█ █
█      █
█▄▄▄▄▄▄█


█▀▀▀▀▀▀█
█ █▀▀▀ █
█  ▄██ █
█ ██▀  █
█ ▄▄▄█ █
█ █▀▀▀ █
█  ▄██ █
█ ██▀  █
█ ▄▄▄█ █
█      █
█▄▄▄▄▄▄█
Fully Anonymous Payments,
IM, Email, Tor Alternative
jerry0
Full Member
***
Offline Offline

Activity: 630
Merit: 106


View Profile
July 10, 2019, 11:19:24 PM
 #10

This has always been a concern of mine.  But if you mistake a letter or few characters, does the transaction get rejected immediately?  Or it goes through but after a while, it will say it gets rejected and sent back to you?



Also excuse me if this is dumb question but is the btc address always the same amount of characters?  I know its a long number/letter each time.



Also what if the person he sent to no longer has access to the wallet address?  Let say they used electrum or another wallet like that or even a ledger but no longer uses it because they sold all their coins.  What happens then?  So now nobody could claim them anymore unless they have that person's seed?
HCP
Legendary
*
Offline Offline

Activity: 1022
Merit: 1687

<insert witty quote here>


View Profile
July 10, 2019, 11:53:58 PM
Merited by ETFbitcoin (1)
 #11

This has always been a concern of mine.  But if you mistake a letter or few characters, does the transaction get rejected immediately?  Or it goes through but after a while, it will say it gets rejected and sent back to you?
The address actually contains a CRC check... the chances of you getting one or two characters wrong and still ending up with a "valid" address are relatively small (like 1 in 4 billion type small). Any properly coded wallet should detect the error and return an "invalid address"-type error. Even if you manually created the transaction and attempted to broadcast it with an invalid address, it would be rejected.


Quote
Also excuse me if this is dumb question but is the btc address always the same amount of characters?  I know its a long number/letter each time.
It's not always the same exact number... but in a range:
A Bitcoin address, or simply address, is an identifier of 26-35 alphanumeric characters, beginning with the number 1, 3 or bc1 that represents a possible destination for a bitcoin payment.


Quote
Also what if the person he sent to no longer has access to the wallet address?  Let say they used electrum or another wallet like that or even a ledger but no longer uses it because they sold all their coins.  What happens then?  So now nobody could claim them anymore unless they have that person's seed?
Obviously. If no-one has access to the private key(s) for a given address(es), then the coins can not be spent... and would therefore be "stuck". There is a reason why Satoshi once said:
Sigh... why delete a wallet instead of moving it aside and keeping the old copy just in case?  You should never delete a wallet.

Always keep ALL your old private keys/seeds... you never know when you'll need them Wink

jerry0
Full Member
***
Offline Offline

Activity: 630
Merit: 106


View Profile
July 11, 2019, 01:52:29 AM
 #12

This has always been a concern of mine.  But if you mistake a letter or few characters, does the transaction get rejected immediately?  Or it goes through but after a while, it will say it gets rejected and sent back to you?
The address actually contains a CRC check... the chances of you getting one or two characters wrong and still ending up with a "valid" address are relatively small (like 1 in 4 billion type small). Any properly coded wallet should detect the error and return an "invalid address"-type error. Even if you manually created the transaction and attempted to broadcast it with an invalid address, it would be rejected.


Quote
Also excuse me if this is dumb question but is the btc address always the same amount of characters?  I know its a long number/letter each time.
It's not always the same exact number... but in a range:
A Bitcoin address, or simply address, is an identifier of 26-35 alphanumeric characters, beginning with the number 1, 3 or bc1 that represents a possible destination for a bitcoin payment.


Quote
Also what if the person he sent to no longer has access to the wallet address?  Let say they used electrum or another wallet like that or even a ledger but no longer uses it because they sold all their coins.  What happens then?  So now nobody could claim them anymore unless they have that person's seed?
Obviously. If no-one has access to the private key(s) for a given address(es), then the coins can not be spent... and would therefore be "stuck". There is a reason why Satoshi once said:
Sigh... why delete a wallet instead of moving it aside and keeping the old copy just in case?  You should never delete a wallet.

Always keep ALL your old private keys/seeds... you never know when you'll need them Wink




Thanks for that information HCP.



jerry0
Full Member
***
Offline Offline

Activity: 630
Merit: 106


View Profile
July 11, 2019, 01:59:33 AM
 #13

HCP i have another question.



When i send btc to someone or a site, let say the site shows what btc address i have to send to.  Or whenever someone ask me to send btc to this address, they copy and paste the btc address to me on say skype for example.  What i normally do is copy the btc address by highlighting the btc address and then copy and then paste it to my wallet.



Now i just thought of a security concern that i thought of a while back but did not thought of it.  Let say its someone that i send btc to a lot previously so they are legit.  They copy/paste their btc address and then i copy/paste it to my wallet and send.  Now what if that person who i have to send btc to... let say that person... decide to copy a btc address to me... but its actually a virus in that btc address he posted.  That is possible or not?  Like imagine they post the btc address i have to send the btc to on skype... then i copy it with my mouse and then paste it to the nano ledger s or electrum or whereever im sending the btc from.  But is it possible what they posted which looks like the btc address which can be or cannot be... be an actual virus itself?  Like me copy and pasting that btc address which could be possibly a virus link?  Or is that not possible if im copying and pasting it to nano ledger s or electrum?  Obviously if someone sends you a link and you click on it or you copy it and paste it in chrome and enter it in chrome window... well you will got to whatever site it goes to.  But what about receiving btc?  Like imagine the person im speaking to who i send btc a lot... this person got hacked and now they want me to send btc to their btc address... but instead of that... its actually a virus link where it can compromise my entire computer. 



The thing is i dont think thats possible since im only pasting it on my nano ledger s or electrum right?



And also because im not downloading it?  Like when someone post a btc address like 1mfakjsjkflasdjk9fi0saf, is it possibly to copy and paste the entire address and some how get keylogged or malware? 
HCP
Legendary
*
Offline Offline

Activity: 1022
Merit: 1687

<insert witty quote here>


View Profile
July 11, 2019, 08:07:45 AM
 #14

No. That isn't possible. It's just text... you can't "get" a virus by simply copying text.

It could be possible that they attempt to create a URL type link that takes you to a website filled with malware or links directly to some sort of malware .exe file or something and hope that you click it to follow the link, but if you're just highlighting text and then using CTRL+C or right-clicking and selecting "Copy" etc... then that won't work.

Also, as I'm sure you're already aware, there are viruses that will modify the contents of your clipboard when it detects you have copied a bitcoin (or other crypto) address to an address controlled by the hacker... but as long as you always double check the address you pasted is the same as the original address that you copied, you will be OK.

Abdussamad
Legendary
*
Offline Offline

Activity: 2156
Merit: 1157



View Profile WWW
July 11, 2019, 04:31:57 PM
Merited by ETFbitcoin (1)
 #15

This has always been a concern of mine.  But if you mistake a letter or few characters, does the transaction get rejected immediately?  Or it goes through but after a while, it will say it gets rejected and sent back to you?

- That's not what the op did. He sent to an entirely different address. He didn't make a mistake typing in the address

- If you make a mistake typing in the address then it'll be detected by your wallet software and it'll stop you right then and there. The money will not be sent. The reason this happens is that the address has a checksum in it that is designed to detect such mistakes.

- You should use the copy paste functionality of your system instead of typing in the address manually.

Quote
Also excuse me if this is dumb question but is the btc address always the same amount of characters?  I know its a long number/letter each time.

The length of addresses varies: https://en.bitcoin.it/wiki/Address . The length of a particular address does not change.

Quote
Also what if the person he sent to no longer has access to the wallet address?  Let say they used electrum or another wallet like that or even a ledger but no longer uses it because they sold all their coins.  What happens then?  So now nobody could claim them anymore unless they have that person's seed?

The money is lost for now. Perhaps in the distant future with advances in computing someone will be able to bruteforce the corresponding private key. But for now the money is lost.


jerry0
Full Member
***
Offline Offline

Activity: 630
Merit: 106


View Profile
July 11, 2019, 07:08:43 PM
 #16

No. That isn't possible. It's just text... you can't "get" a virus by simply copying text.

It could be possible that they attempt to create a URL type link that takes you to a website filled with malware or links directly to some sort of malware .exe file or something and hope that you click it to follow the link, but if you're just highlighting text and then using CTRL+C or right-clicking and selecting "Copy" etc... then that won't work.

Also, as I'm sure you're already aware, there are viruses that will modify the contents of your clipboard when it detects you have copied a bitcoin (or other crypto) address to an address controlled by the hacker... but as long as you always double check the address you pasted is the same as the original address that you copied, you will be OK.


HCP. 


Well yes if you are copying text, you can't get a virus.  But what if someone like on skype sends you the btc address to send to and say this is btc address


1mafisufsdiajfalkfmlkfsaklfs



What i always do is highlight the address with my mouse, then right click and click copy.  Then either go to my nano ledger s or electrum and then paste the btc address, so i send to that address.  This is just the same and safe as highlighting it and using control+c right?  I know this is foolish question but want to make sure.  I know doing either copies it.





But let say that person puts that btc address for me to send to


1mafisufsdiajfalkfmlkfsaklfs



Is it possible... that the text... is actually a link or virus?  You say yes but only if you click on it only?  Example let say you highlight it and copy it, then you notice when you paste it into nano ledger s or electrum, nothing shows up?  Or is that not possible?  Also let say someone posts that btc address but its actually disguised as a website such as www.electrumhack.com.  Is that possible or not?  And say by mistake you instead of highlighting it, you click on that text by accident... when its not actually text.. but its a dangerous site?  I assume this can be done right?  Like imagine i send you a btc address like 1mklfdajlfasfklaskd but you could actually click on it... that is possible?  Now is it possible where the hacker does something like its actually a dangerous link... but when you put your cursor there on the letters, you can't click on it and it looks like text but if you actually click on it... its actually a link?  I know this sounds extreme here but this could be done?



What if its a dangerous file like keylogger or malware?  Can you accidentically click on it and then it automatically give you keylogger/malware or not?  Or it has to download first no matter what?  But even if its downloading, can you immediately cancel the download and you are fine?  What if it downloads so quick and you can't pause or stop the download because file is so small?  Can you get malware/keylogger?  Or its only if you open that program and install it... you are screwed?  Now what if the link was something like javascript which i read had to do with sites that has javascript and if your electrum is open on your computer at the time and i believe it has not be not password protected... then your electrum can be hacked?
AdolfinWolf
Hero Member
*****
Offline Offline

Activity: 1092
Merit: 952


o̷͗̉̎̍͒͒̑&


View Profile
July 11, 2019, 08:08:57 PM
Merited by ETFbitcoin (1)
 #17



Is it possible... that the text... is actually a link or virus?  You say yes but only if you click on it only?  Example let say you highlight it and copy it, then you notice when you paste it into nano ledger s or electrum, nothing shows up?  Or is that not possible?  Also let say someone posts that btc address but its actually disguised as a website such as www.electrumhack.com.  Is that possible or not?  
that could be possible. Not sure if you can hide a destination link on skype/discord, but you can do that on the forum. (Just hover over the link to see where it is actually going though.)
Quote

And say by mistake you instead of highlighting it, you click on that text by accident... when its not actually text.. but its a dangerous site?  I assume this can be done right?  Like imagine i send you a btc address like 1mklfdajlfasfklaskd but you could actually click on it... that is possible?  Now is it possible where the hacker does something like its actually a dangerous link... but when you put your cursor there on the letters, you can't click on it and it looks like text but if you actually click on it... its actually a link?  I know this sounds extreme here but this could be done?
depends on the communication app you're using but yes, i guess this could be possible.
ELECTRUMHACK It should still be fairly obvious that it is a link, but still.


Quote
What if its a dangerous file like keylogger or malware?  Can you accidentically click on it and then it automatically give you keylogger/malware or not?  Or it has to download first no matter what?  But even if its downloading, can you immediately cancel the download and you are fine?  
Drive-by downloads are definitely a thing, whether they can also execute without interaction - it does happen, not sure how likely it is.
they have happend in the past, so yes, i guess this is something that could happen too. -


Quote
Or its only if you open that program and install it... you are screwed?  Now what if the link was something like javascript which i read had to do with sites that has javascript and if your electrum is open on your computer at the time and i believe it has not be not password protected... then your electrum can be hacked?
Not necessarily. I believe it is entirely possible you can get infected by simply visiting a site. Not saying that it is common, but definitely possible. See https://blog.malwarebytes.com/cybercrime/2013/02/tools-of-the-trade-exploit-kits/

And well, once you're infected.. An unencrypted electrum wallet is probably not out of their reach either, no.

HCP
Legendary
*
Offline Offline

Activity: 1022
Merit: 1687

<insert witty quote here>


View Profile
July 11, 2019, 09:58:07 PM
 #18

What i always do is highlight the address with my mouse, then right click and click copy.  Then either go to my nano ledger s or electrum and then paste the btc address, so i send to that address.  This is just the same and safe as highlighting it and using control+c right?  I know this is foolish question but want to make sure.  I know doing either copies it.
Exactly... it's the same thing. You're just highlighting text and selecting copy... CTRL+C or "rightclick+copy" do exactly the same thing.


Quote
Is it possible... that the text... is actually a link or virus?  You say yes but only if you click on it only?  Example let say you highlight it and copy it, then you notice when you paste it into nano ledger s or electrum, nothing shows up?  Or is that not possible?  Also let say someone posts that btc address but its actually disguised as a website such as www.electrumhack.com.  Is that possible or not?  And say by mistake you instead of highlighting it, you click on that text by accident... when its not actually text.. but its a dangerous site?  I assume this can be done right?  Like imagine i send you a btc address like 1mklfdajlfasfklaskd but you could actually click on it... that is possible?  Now is it possible where the hacker does something like its actually a dangerous link... but when you put your cursor there on the letters, you can't click on it and it looks like text but if you actually click on it... its actually a link?  I know this sounds extreme here but this could be done?
Yes. You can create a link, with different text, like a Bitcoin address, that links to a malicious site. However, if all you do is highlight and copy, then it will still paste the text you highlighted and copied. The actual URL will not be transferred or shown. For instance, if you highlight this address: 1BvBMSEYstWetqTFn5Au4m4GFg7xJaNVN2 and copy/paste it, you'll see the bitcoin address.

However, if you accidentally left click on it... well... enjoy! Wink


Quote
Now what if the link was something like javascript which i read had to do with sites that has javascript and if your electrum is open on your computer at the time and i believe it has not be not password protected... then your electrum can be hacked?
That was an old exploit that was patched many versions ago (v3.0.4/3.0.5)... https://github.com/spesmilo/electrum/blob/master/RELEASE-NOTES#L367

It required that Electrum was open and running... and you didn't have a password set on your wallet... and you visited a malicious site.

jerry0
Full Member
***
Offline Offline

Activity: 630
Merit: 106


View Profile
July 12, 2019, 12:47:22 AM
 #19

What i always do is highlight the address with my mouse, then right click and click copy.  Then either go to my nano ledger s or electrum and then paste the btc address, so i send to that address.  This is just the same and safe as highlighting it and using control+c right?  I know this is foolish question but want to make sure.  I know doing either copies it.
Exactly... it's the same thing. You're just highlighting text and selecting copy... CTRL+C or "rightclick+copy" do exactly the same thing.


Quote
Is it possible... that the text... is actually a link or virus?  You say yes but only if you click on it only?  Example let say you highlight it and copy it, then you notice when you paste it into nano ledger s or electrum, nothing shows up?  Or is that not possible?  Also let say someone posts that btc address but its actually disguised as a website such as www.electrumhack.com.  Is that possible or not?  And say by mistake you instead of highlighting it, you click on that text by accident... when its not actually text.. but its a dangerous site?  I assume this can be done right?  Like imagine i send you a btc address like 1mklfdajlfasfklaskd but you could actually click on it... that is possible?  Now is it possible where the hacker does something like its actually a dangerous link... but when you put your cursor there on the letters, you can't click on it and it looks like text but if you actually click on it... its actually a link?  I know this sounds extreme here but this could be done?
Yes. You can create a link, with different text, like a Bitcoin address, that links to a malicious site. However, if all you do is highlight and copy, then it will still paste the text you highlighted and copied. The actual URL will not be transferred or shown. For instance, if you highlight this address: 1BvBMSEYstWetqTFn5Au4m4GFg7xJaNVN2 and copy/paste it, you'll see the bitcoin address.

However, if you accidentally left click on it... well... enjoy! Wink


Quote
Now what if the link was something like javascript which i read had to do with sites that has javascript and if your electrum is open on your computer at the time and i believe it has not be not password protected... then your electrum can be hacked?
That was an old exploit that was patched many versions ago (v3.0.4/3.0.5)... https://github.com/spesmilo/electrum/blob/master/RELEASE-NOTES#L367

It required that Electrum was open and running... and you didn't have a password set on your wallet... and you visited a malicious site.



HCP yes this is what is a concern and you addressed it.  So that btc address you posted... well its actually a youtube link if you click on it.. but if you copy and paste it to anything else, well its just a btc address.  But its not possible for someone to post that btc address you posted.... where it does not look like a link right that is a link?  Example the moment i highlight that btc address... i can see its a youtube link.  Is it possible for someone to write that btc address as you did... and when you put your mouse to it... it does not look like you can click on it.  But if you actually click on it... it goes to a site?  Or is that Not possible?  If that is possible, that would be very dangerous.  But based on what you posted on that paragraph, that would not be possible right?



The exploit with the javacript.  Do you know what actual websites had these javascripts loaded?  Such as what specific malicious site or possible malicious sites?  Like what type of sites would have things like this?







HCP
Legendary
*
Offline Offline

Activity: 1022
Merit: 1687

<insert witty quote here>


View Profile
July 12, 2019, 03:34:55 AM
 #20

The exploit with the javacript.  Do you know what actual websites had these javascripts loaded?  Such as what specific malicious site or possible malicious sites?  Like what type of sites would have things like this?
As far as I'm aware... there were no actual instances of the RPC JSON exploit being used "in the wild". The issue was reported to the devs by the guy who figured it out and reported it. The devs then responded immediately by patching the exploit and releasing an updated version.

Pages: [1]
  Print  
 
Jump to:  

Sponsored by , a Bitcoin-accepting VPN.
Powered by MySQL Powered by PHP Powered by SMF 1.1.19 | SMF © 2006-2009, Simple Machines Valid XHTML 1.0! Valid CSS!