Bitcoin Forum
October 14, 2019, 12:12:56 AM *
News: Latest Bitcoin Core release: 0.18.1 [Torrent]
 
   Home   Help Search Login Register More  
Pages: [1]
  Print  
Author Topic: bitcoin stolen zesterday  (Read 264 times)
costi90
Newbie
*
Offline Offline

Activity: 2
Merit: 0


View Profile
August 18, 2019, 01:05:18 PM
 #1

today i logged in in my wallet(electrum3.3.Cool and it was empty!!!! what can i do? Help!!!

funds are transfered to the wallet: 3CiTbivcck7xJf4FrNzu2VwTBAMPMvHhLe

c8b615397cba7f08891a1058a18894af943cbdb8511ff20af78986fc006a9039
1571011976
Hero Member
*
Offline Offline

Posts: 1571011976

View Profile Personal Message (Offline)

Ignore
1571011976
Reply with quote  #2

1571011976
Report to moderator
1571011976
Hero Member
*
Offline Offline

Posts: 1571011976

View Profile Personal Message (Offline)

Ignore
1571011976
Reply with quote  #2

1571011976
Report to moderator
Advertised sites are not endorsed by the Bitcoin Forum. They may be unsafe, untrustworthy, or illegal in your jurisdiction. Advertise here.
1571011976
Hero Member
*
Offline Offline

Posts: 1571011976

View Profile Personal Message (Offline)

Ignore
1571011976
Reply with quote  #2

1571011976
Report to moderator
1571011976
Hero Member
*
Offline Offline

Posts: 1571011976

View Profile Personal Message (Offline)

Ignore
1571011976
Reply with quote  #2

1571011976
Report to moderator
AdolfinWolf
Legendary
*
Offline Offline

Activity: 1190
Merit: 1065


people run from rain but sit in bathtubs of water


View Profile
August 18, 2019, 01:08:46 PM
 #2

If the funds are confirmed, which they are, there is nothing you can do really. Bitcoin is irreversible.

https://bitcoin.org/en/you-need-to-know#irreversible

Best you can do know is try to find out HOW you lost your funds. (Clipboard attack, eg), and possibly completely reset your PC and install some reputable AV to ensure this doesn't happen again.

costi90
Newbie
*
Offline Offline

Activity: 2
Merit: 0


View Profile
August 18, 2019, 01:12:08 PM
 #3

If the funds are confirmed, which they are, there is nothing you can do really. Bitcoin is irreversible.

https://bitcoin.org/en/you-need-to-know#irreversible




its that possible?  i havent log in into electrum 2 weeks...
Royse777
Hero Member
*****
Offline Offline

Activity: 812
Merit: 1040


Exchange Bitcoin quickly-https://blockchain.com.do


View Profile WWW
August 18, 2019, 01:16:50 PM
 #4

its that possible?  i havent log in into electrum 2 weeks...
Your wallet information (private keys or seeds or the wallet file) were compromised unfortunately.

.WOLF.BET.
▀  ▀▀▀▀▀▀
  ▀ ▀▀▀
 ▄ ▄▄▄  
  ▄ ▄▄▄
▄  ▄▄▄▄▄▄
        ▄▄▄▀▀▀▀▄▄▄
    ▄███▌        ▀▀▄
  ▄▀   ▐█████████▄  ▀▄
 ▄▀  ▄█████████████▄  █
 ▌  █████████████████  █
▐  ████████████████ ▄█
█  █████████████████████▌
▐  ██████████████████ ▀█▌
 ▌ ▐█████████████████▌ ▐▀
 █  ██████████████▀ ▄▀
  █   ███████████▀  ▄▀
   ▀▄▄██ ▀▀▀▀▀▀▀  ▄▄▀
     ▀██▄▄▄▄▄▄▄▄▀▀▀
▄███████████▄
███████    ████████████▄
███████    ███████   ▀██
██████████████████    ██
██    ██████████████████
██    ███████    ███████
█████████████    ███████
███████    █████████████
███████    ███████    ██
██████████████████   ▄██
██        ▀███████████▀
██
██
      ▄█▄         ▄█▄
 ▄██ ███ ███████ ███ ██▄
▐███▄ ▀ ▄███████▄ ▀ ▄███▌
▐█▌▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▐█▌
▐█▌   ▄▄▄▄▄▄▄▄        ▐█▌
▐█▌   ████████        ▐█▌
▐█▌       ███     ▄▄▀▀▀██▄
▐█▌      ███    ██▀      ▀█
▐█▌     ███    ███         █
▐█▌    ███     ███          █
 ██▄           ███▄         █
  ▀█████████████████▄     ▄█
                  ▀▀█████▀▀

████
██
██
██
██
██
██
██
██
██
██
████


.AFFILIATE PROGRAM.
   ...FREE FAUCET........
..CHAT RAIN.............
AdolfinWolf
Legendary
*
Offline Offline

Activity: 1190
Merit: 1065


people run from rain but sit in bathtubs of water


View Profile
August 18, 2019, 01:23:02 PM
 #5

If the funds are confirmed, which they are, there is nothing you can do really. Bitcoin is irreversible.

https://bitcoin.org/en/you-need-to-know#irreversible




its that possible?  i havent log in into electrum 2 weeks...
When you logged into your electrum 3.3 wallet, did it tell you to "upgrade" with a popup in the wallet? If so, you probably got phished by a malicious electrum server. If i remember correctly this is still possible in 3.3 versions.

Lucius
Legendary
*
Offline Offline

Activity: 1568
Merit: 1354


Fortis Fortuna Adiuvat


View Profile WWW
August 18, 2019, 01:32:31 PM
Merited by Royse777 (2)
 #6

its that possible?  i havent log in into electrum 2 weeks...

costi90, it is not important that you did not open your wallet in last 2 weeks, try to remember did you do something unusually last time when your wallet was open?

Since your wallet is version 3.3.x (probably 3.3.3) this is probably not fake version, but you did not write last number, so that leaves the possibility that you have a fake version.

If we look at transactions by the address given by you, total amount of coins received on this address was 14.77286524 in last 3 months, so this hacker is find way to hack a lot of wallets in that time.

There are several possibilities for a hacker to get your coins - you download fake wallet, your seed / private keys are compromised (especially if you kept them online) or unencrypted text file on PC, or you try to claim some forked coin and type seed in some fake wallet or site.

hugeblack
Hero Member
*****
Offline Offline

Activity: 840
Merit: 742


6.15 Bitcoin We're moving fast.


View Profile
August 18, 2019, 02:12:57 PM
Last edit: August 18, 2019, 02:49:44 PM by hugeblack
Merited by Abdussamad (3), bones261 (2), AdolfinWolf (1), Coolcryptovator (1)
 #7

funds are transfered to the wallet: 3CiTbivcck7xJf4FrNzu2VwTBAMPMvHhLe
I Googled that address and found this information.
This quote in Italian about a hack report of Exodus wallet.

No vabbè... Ma guardate cosa si è rubato questo ? 3CiTbivcck7xJf4FrNzu2VwTBAMPMvHhLe. È indirizzo a cui chi mi ha hackerato l account si ė mandato i miei btc che avevo su Exodus.... Mio Dio .. non ho parole

Google translate:

Quote
It is the address to which the person who hacked my account has sent my btc that I had on Exodus .... My God .. I have no words

It seems that this is not related to electrum, but a virus, so I suggest that you remove all your OS data and then reinstall the operating system.

S/he is an active scammer so providing more information about the nature of the files you have installed may help us identify him.

Pmalek
Legendary
*
Offline Offline

Activity: 1092
Merit: 1158



View Profile
August 19, 2019, 09:05:39 AM
 #8

Please use this incident to improve the security of your system.

First of all you should reinstall the OS since no one can say for sure what exactly happened and if your were just phished or if you installed malware or got keylogged. If possible, consider installing and using Linux.

An airgapped system is one of the best choices but many people can't or don't have two computers.

A good option would be a hardware wallet where your private keys are always kept safe on the device.
Paper wallets are also good but I wouldn't advice handling those without the necessary knowledge about the proper way to use them.

If you don't want to use hardware wallets then at least get a different PC that you will use only with crypto and your financials. Be careful how you use this device because it shouldn't be used with unlicensed software, torrenting, gaming, porn etc. 

████████████████████████████
████████▀▀ █▀ █▀ ▀██████████
█████████▄ ▄▄▄▄▄▄███████████
██████████▀     ▀  ▀████████
███████▀ ▀  ▄█▀▀▀█▀▀████████
██████▄      █▄  ▀▀  ▀██████
██████         ▄▄█▄ ▄ ▀█████
█████ ▄         ▀▀ ▄ ▀ █████
██████▌          █▀█▀ ▐█████
███████  ▄▌         ▄ ██████
████████▄█         ▄████████
█████████▀     ▄▄ ▄█████████
████████████████████████████
.JACKMATE'S...........
.
MAJESTIC..
████████████████████████
███████████████████████
████████████████████████
████████████████████████
████████████████████████
████████████████████████
████████████████████████
████████████████████████
████████████████████████
████████████████████████
████████████████████████
████████████████████████
████████████████████████
.
..WIN 1 BITCOIN ON EVERY PREMIER LEAGUE MATCHDAY..
████████████████████████████████
████████████▀█▀ ▀█▀█▀███████████
███████████▄ ▄▄▄▄▄▄▄████████████
███████████▀▀▄▄▄▄▄▄▄▄███████████
█████████▀▄ ██▀▄▄▄ ▀ ▄▀█████████
███████▀ ▀█████▄▄▄█▄▄▄██████████
███████▀▄████████▀  ▀█ █▐███████
███████ ▀█████████▄█▀▀██ ███████
████████ ███▀██████ ▄ ██ ███████
████████▌▐▀▄ ██████████ ▄███████
█████████▄██▌▐█████▀██ █████████
████████████▄▀▀▀▀▀▄ ▀▄██████████
████████████████████████████████
.
.JOIN US - IT'S FREE! .
bob123
Legendary
*
Offline Offline

Activity: 1050
Merit: 1563



View Profile WWW
August 20, 2019, 04:33:06 PM
Merited by seoincorporation (1)
 #9

Unfortunately they are gone and you can't get them back.

0.05 BTC is not a negligible amount of coins. If you intend to store such an amount again, you should really consider buying a hardware wallet. They cost roughly 70$ and are safe to be used with online-/infected computers.

The most important thing now would be to determine how the attacker could gain access to your coins.


Since the transaction took place 3 days ago and you didn't log in for 2 weeks, can we assume your wallet is password protected ?
Did you already log in into the 3.3.8 wallet after downloading (unlocked wallet) ? Did you verify the signature of the file, where did you download it from ?

If your wallet is password protected and you opened (unlocked) it 2 weeks ago, the infection must have took place within the last 2 weeks.
Do you remember downloading any software within this timeframe ?

If you can't be sure of what caused your funds to be stolen, consider your system as compromised.
Reinstall your OS is a mandatory step (please no cracked version of windows. They are always infected with malware).

keychainX
Member
**
Offline Offline

Activity: 252
Merit: 22

Telegram @keychainxIO


View Profile WWW
August 25, 2019, 07:52:52 PM
 #10

today i logged in in my wallet(electrum3.3.Cool and it was empty!!!! what can i do? Help!!!

funds are transfered to the wallet: 3CiTbivcck7xJf4FrNzu2VwTBAMPMvHhLe

c8b615397cba7f08891a1058a18894af943cbdb8511ff20af78986fc006a9039


Hello,

Someone has got your funds, and probably because you were using a weak wallet like electrum.

Another weak wallets are USB keys which are masked as LEDGER or TREZOR and are very easy to compromise if you loose them.

Don't buy a ledger for 99USD, print your keys to paper, or stay tuned for a new revolution, which is keyless wallets...

/KX

Lucius
Legendary
*
Offline Offline

Activity: 1568
Merit: 1354


Fortis Fortuna Adiuvat


View Profile WWW
August 26, 2019, 10:04:06 AM
 #11

Someone has got your funds, and probably because you were using a weak wallet like electrum.
Another weak wallets are USB keys which are masked as LEDGER or TREZOR and are very easy to compromise if you loose them.
Don't buy a ledger for 99USD, print your keys to paper, or stay tuned for a new revolution, which is keyless wallets...

Electrum is in my opinion make big mistake because it is not find vulnerability which is used by hackers even today, but if you know how to use Electrum you can never lost any coins from such wallet.

Your statement about hardware wallets is complete nonsense, do you even know how they work? Such wallets are always protected with PIN ( in case of Ledger 8 digit PIN), and 3 times in a row entered PIN is wipe out device. There is no problem with lost hardware wallets, but only with lost seed/s in combination with lost hardware wallet.

You also post wrong price for Ledger wallet, there is no wallet at such price - Nano S is some $30 cheaper.

Task for you - learn the difference between USB keys and hardware wallets - you can start here : https://discover.ledger.com/why-choose-ledger/


o_e_l_e_o
Hero Member
*****
Offline Offline

Activity: 714
Merit: 2875


Decent


View Profile
August 26, 2019, 11:56:25 AM
Merited by philipma1957 (3)
 #12

There is no problem with lost hardware wallets, but only with lost seed/s in combination with lost hardware wallet.
That's not accurate. There was a recently revealed serious flaw in Trezor devices, which means they can be compromised relatively easily by an attacker, and all funds stolen. See here for more information: https://ledger-donjon.github.io/Unfixable-Key-Extraction-Attack-on-Trezor/. Trezor have accepted that this flaw exists, and there is no patch for it. The only way to mitigate against it is to use a long and truly random passphrase, which few users do. A minimum of 37 random characters is needed to replicate the security achieved with a 24 word seed phrase.

Although no such vulnerability has been demonstrated on Ledger devices, you shouldn't ever assume they are 100% secure. You should never assume that any security set up is 100% secure. It may take several weeks and some very expensive high tech equipment, but coins or seeds are potentially extractable from any hardware device. If you lose your hardware wallet, you should your coins to a new wallet as soon as practical.

"Printing your keys to paper" also has many potential vectors of attack, and it is far easier to mess up doing this than it is using a hardware wallet. If you want to use paper wallets, that's fine, but make sure you understand how to create them safely and securely first.

Lucius
Legendary
*
Offline Offline

Activity: 1568
Merit: 1354


Fortis Fortuna Adiuvat


View Profile WWW
August 26, 2019, 01:08:43 PM
 #13

Thanks for this info, I must admit that I was not aware of this information until now. As far as I can see it has not been published in Hardware wallet board, and I think this is very important information for all users of Trezor, Keepkey and all clones based on this hardware wallets.

Only thing I found on Trezor site is blog with title "Is your passphrase strong enough?", but there is no mentions about fact that passphrase need to be "a minimum of 37 random characters", on the contrary, they claim user need only 9-10 random letters.

Quote
This might seem like a huge number, but if you use a random passphrase of 12 lowercase letters, then the attacker would have to check about 48,000,000,000,000,000 passphrases on average, before hitting the right one. That translates to $77 million in today’s prices! If you add uppercase letters and numbers to the mix, you need only 9 or 10 random letters to achieve the same level of security.

o_e_l_e_o
Hero Member
*****
Offline Offline

Activity: 714
Merit: 2875


Decent


View Profile
August 26, 2019, 01:54:20 PM
 #14

there is no mentions about fact that passphrase need to be "a minimum of 37 random characters", on the contrary, they claim user need only 9-10 random letters.
Is a 9 character passphrase enough? Maybe. Maybe not. Using a character set of uppercase, lowercase and numerical characters (26 + 26 + 10) gives 62 characters. 62^9 is "only" 1.35*1016. A large number, sure, but are you confident that it is completely safe from brute force attacks for the next 10+ years (or however long you want to use your hardware wallet for?). For comparison, a 24 word seed gives 2256, which is 1.16*1077. So a 9 character random case sensitive letter and number password is around 0.00000000000000000000000000000000000000000000000000000000001% as secure as a 24 word seed. There's a bit more to it than that (you can read about PBKDF2 and how keys are generated from seed + passphrase if you are interested), but you get the idea.

If the seed becomes known, as it would with this attack on Trezor, the passphrase is then subjectable to brute-force attacks. I certainly wouldn't be comfortable having all my crypto only protected by a 9 character password.

philipma1957
Legendary
*
Offline Offline

Activity: 2618
Merit: 1926



View Profile
August 26, 2019, 02:02:21 PM
 #15

There is no problem with lost hardware wallets, but only with lost seed/s in combination with lost hardware wallet.
That's not accurate. There was a recently revealed serious flaw in Trezor devices, which means they can be compromised relatively easily by an attacker, and all funds stolen. See here for more information: https://ledger-donjon.github.io/Unfixable-Key-Extraction-Attack-on-Trezor/. Trezor have accepted that this flaw exists, and there is no patch for it. The only way to mitigate against it is to use a long and truly random passphrase, which few users do. A minimum of 37 random characters is needed to replicate the security achieved with a 24 word seed phrase.

Although no such vulnerability has been demonstrated on Ledger devices, you shouldn't ever assume they are 100% secure. You should never assume that any security set up is 100% secure. It may take several weeks and some very expensive high tech equipment, but coins or seeds are potentially extractable from any hardware device. If you lose your hardware wallet, you should your coins to a new wallet as soon as practical.

"Printing your keys to paper" also has many potential vectors of attack, and it is far easier to mess up doing this than it is using a hardware wallet. If you want to use paper wallets, that's fine, but make sure you understand how to create them safely and securely first.


Nice info. Basically long passwords do fix it.  The biggest problem is still true for every mechanical wallet some thug holds a pistol to your head and says open it or else.

So basically if you have three of them

 one with under a coin.
One with 2 to 3 coins.
 And a third one in an emi faraday box in a safety deposit that has the serious coins.

I see BTC as the super highway and alt coins as taxis and trucks needed to move transactions.
o_e_l_e_o
Hero Member
*****
Offline Offline

Activity: 714
Merit: 2875


Decent


View Profile
August 26, 2019, 02:13:54 PM
 #16

So basically if you have three of them

 one with under a coin.
One with 2 to 3 coins.
 And a third one in an emi faraday box in a safety deposit that has the serious coins.
The other option is to have multiple passphrases which will lead to multiple different wallets. Passphrases in terms of hardware wallets are not like "passwords" which protect access to your wallets; rather, passphrases are needed to generate the keys in the first place. Since passphrases aren't stored on the device (unlike your seed), they can never be extracted or otherwise compromised. So:

Seed + passphrase1 = First set of addresses
Seed + passphrase2 = Second set of addresses
Seed + passphrase3 = Third set of addresses
And so forth

It is impossible to tell how many passphrases you have set up, and each passphrase will lead to an entirely separate wallet, separate set of addresses, and separate coins. Provided these wallets aren't obviously linked via blockchain analytics, then it gives you plausible deniability in a physical attack against your person, whilst also protecting from physical attacks on the wallet itself.

Obviously the same recommendations apply to backing up your passphrases as applies to backing up your seed; forget them, and you have lost access to your coins forever (unless you have chosen a short passphrase which can be brute-forced).

Pages: [1]
  Print  
 
Jump to:  

Sponsored by , a Bitcoin-accepting VPN.
Powered by MySQL Powered by PHP Powered by SMF 1.1.19 | SMF © 2006-2009, Simple Machines Valid XHTML 1.0! Valid CSS!