carnage88 (OP)
Member
Offline
Activity: 91
Merit: 11
I'm here for BTC trade and solving tx problems.
|
|
September 20, 2019, 07:44:41 PM |
|
Few days ago my PC was hacked and I can't do shit about it... Guy who did it was skilled and he know what to do and when and how... Short story is that he installed somehow backdoor on my PC and he hacked one of my contacts so he can send link which when I was using give him my IP address. He remotely connected to my PC and empty my wallet. How he entered my wallet is a mystery to me... Now I need for you to help me out with tracing this wallet address, seems to me this is some kind of exchange or something. Take a look maybe some one can help... I know there isn't much to do but maybe someone is familiar with this address. tnx for your time. this is the transaction he made from my wallet: https://www.blockchain.com/btc/tx/b42c2c5096f0003a88a700cb7c9dd246f1f2b79d6bd53f88f08fa24ed3b053d4this is his address 12HfRnx47gQnnYn9Q3Zpiuzzv6yzXTKMEJ
|
Click Link if you have transaction problems.
|
|
|
eaLiTy
|
|
September 20, 2019, 08:28:19 PM |
|
Looks like the coins are sent to a coinpayments wallet, you can contact them and explain your case and they might block the account or if you are lucky enough and if you could provide evidence they might help you in recovering the coins. I have seen coins being recovered after the hackers sending to exchanges in the past, the faster you contact their customer support and state your case the better .
|
|
|
|
squatter
Legendary
Offline
Activity: 1666
Merit: 1196
STOP SNITCHIN'
|
|
September 20, 2019, 08:37:23 PM |
|
Looks like the coins are sent to a coinpayments wallet, you can contact them and explain your case and they might block the account or if you are lucky enough and if you could provide evidence they might help you in recovering the coins. I have seen coins being recovered after the hackers sending to exchanges in the past, the faster you contact their customer support and state your case the better . How do you know it's a Coinpayments wallet? I don't see it labelled anywhere. At the very least, Coinpayments -- or any third party service -- will require a police report. That's hurdle #1 for the OP, and time is of the essence. Recovery is unlikely and Coinpayments isn't known for responsiveness. Did all the inputs in that transaction belong to your wallet? Or is it possible he imported your private keys into another wallet?
|
|
|
|
|
HeRetiK
Legendary
Offline
Activity: 3108
Merit: 2175
Playgram - The Telegram Casino
|
|
September 20, 2019, 08:44:58 PM |
|
At the very least, Coinpayments -- or any third party service -- will require a police report. That's hurdle #1 for the OP, and time is of the essence.
For getting back their coins most likely. But if coinpayments is indeed the exchange that received the coins there's no harm done in contacting their support and triggering an investigation. Best case the account containing the stolen coins gets frozen until matters have been clarified. But IMO you should find out exactly how your computer was compromised and how to secure your computer rather than track a hacker where you can't sue him or get your Bitcoin back.
OP should also wipe their computer and reinstall or factory reset their operating system. Otherwise it's quite likely that the attacker has yet another surprise in store. It would also be smart if OP changed passwords afterwards.
|
|
|
|
▄▄███████▄▄███████ ▄███████████████▄▄▄▄▄ ▄████████████████████▀░ ▄█████████████████████▄░ ▄█████████▀▀████████████▄ ██████████████▀▀█████████ █████████████████████████ ██████████████▄▄█████████ ▀█████████▄▄████████████▀ ▀█████████████████████▀░ ▀████████████████████▄░ ▀███████████████▀▀▀▀▀ ▀▀███████▀▀███████ | ▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄ Playgram.io ▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀ | ▄▄▄░░ ▀▄ █ █ █ █ █ █ █ ▄▀ ▀▀▀░░
| │ | ▄▄▄███████▄▄▄ ▄▄███████████████▄▄ ▄███████████████████▄ ▄██████████████▀▀█████▄ ▄██████████▀▀███▄██▐████▄ ██████▀▀████▄▄▀▀█████████ ████▄▄███▄██▀█████▐██████ ██████████▀██████████████ ▀███████▌▐██▄████▐██████▀ ▀███████▄▄███▄████████▀ ▀███████████████████▀ ▀▀███████████████▀▀ ▀▀▀███████▀▀▀ | | │ | ██████▄▄███████▄▄████████ ███▄███████████████▄░░▀█▀ ███████████░█████████░░█ ░█████▀██▄▄░▄▄██▀█████░█ █████▄░▄███▄███▄░▄██████ ████████████████████████ ████████████████████████ ██░▄▄▄░██░▄▄▄░██░▄▄▄░███ ██░░░█░██░░░█░██░░░█░████ ██░░█░░██░░█░░██░░█░░████ ██▄▄▄▄▄██▄▄▄▄▄██▄▄▄▄▄████ ███████████████████████ ███████████████████████ | | │ | ► | |
[/
|
|
|
bitmover
Legendary
Online
Activity: 2478
Merit: 6285
bitcoindata.science
|
|
September 20, 2019, 08:45:44 PM Last edit: September 20, 2019, 08:57:52 PM by bitmover |
|
But IMO you should find out exactly how your computer was compromised and how to secure your computer rather than track a hacker where you can't sue him or get your Bitcoin back.
I agree. Those bitcoins are out of your reach, as the are already in another country exchange, so it is going to be hard to get them back I would format my computer and buy a hardware wallet, such as ledger nano or Trezor How do you know it's a Coinpayments wallet? I don't see it labelled anywhere. I looked at many websites and couldn't find any relation to coinpayments as well. I only found this website from bitshares telegram, where this address in mentioned in a conversation in 2018 http://bitshares-telegram.blogspot.com/2018/11/1541800808.html
|
|
|
|
squatter
Legendary
Offline
Activity: 1666
Merit: 1196
STOP SNITCHIN'
|
|
September 20, 2019, 08:59:22 PM |
|
At the very least, Coinpayments -- or any third party service -- will require a police report. That's hurdle #1 for the OP, and time is of the essence.
For getting back their coins most likely. But if coinpayments is indeed the exchange that received the coins there's no harm done in contacting their support and triggering an investigation. Best case the account containing the stolen coins gets frozen until matters have been clarified. No harm done, but they still need to move quickly to get a police report because third parties don't have the authority to freeze funds indefinitely. This is Binance's policy for these situations: The victim must provide a police report within 24 hours of filing the support request. From there, Binance will work directly with law enforcement to handle processing of the funds.
|
|
|
|
LeGaulois
Copper Member
Legendary
Offline
Activity: 2940
Merit: 4101
Top Crypto Casino
|
|
September 20, 2019, 09:33:35 PM |
|
Looks like the coins are sent to a coinpayments wallet, you can contact them and explain your case and they might block the account or if you are lucky enough and if you could provide evidence they might help you in recovering the coins. I have seen coins being recovered after the hackers sending to exchanges in the past, the faster you contact their customer support and state your case the better . Bitcoin payments are supposed to be irreversible. What do you describe could be compared to a 'chargeback'. In terms of abuse like merchands are abused with PP. OMG if companies start to accept to do such practices then, it will be exactly like Paypal. You buy something, wait for the item to be shipped, and then contact the platform to say "hello, I've been hacked here is a signed message!"
|
|
|
|
BitMaxz
Legendary
Offline
Activity: 3430
Merit: 3161
Is the $100k BTC possible?
|
|
September 20, 2019, 09:50:09 PM |
|
It seems the owner of that address scammed many people. That address is also mentioned from this link below. - https://www.complaintsboard.com/complaints/orbest-investments-pm-u7777777-c754714.htmlIt seems it's connected to "ORBEST INVESTMENTS LTD" there are many people scammed according to the link above most of them telling that their perfectmoney account was hacked and transfer to many different addresses including the address mention above. It seems that the hacker is an expert on hacking.
|
█████████████████████████ ████████▀▀████▀▀█▀▀██████ █████▀████▄▄▄▄██████▀████ ███▀███▄████████▄████▀███ ██▀███████████████████▀██ █████████████████████████ █████████████████████████ █████████████████████████ ██▄███████████████▀▀▄▄███ ███▄███▀████████▀███▄████ █████▄████▀▀▀▀████▄██████ ████████▄▄████▄▄█████████ █████████████████████████ | BitList | | █▀▀▀▀ █ █ █ █ █ █ █ █ █ █ █ █▄▄▄▄ | ▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀ . REAL-TIME DATA TRACKING CURATED BY THE COMMUNITY . ▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄ | ▀▀▀▀█ █ █ █ █ █ █ █ █ █ █ █ ▄▄▄▄█ | | List #kycfree Websites |
|
|
|
HeRetiK
Legendary
Offline
Activity: 3108
Merit: 2175
Playgram - The Telegram Casino
|
|
September 20, 2019, 09:50:23 PM |
|
At the very least, Coinpayments -- or any third party service -- will require a police report. That's hurdle #1 for the OP, and time is of the essence.
For getting back their coins most likely. But if coinpayments is indeed the exchange that received the coins there's no harm done in contacting their support and triggering an investigation. Best case the account containing the stolen coins gets frozen until matters have been clarified. No harm done, but they still need to move quickly to get a police report because third parties don't have the authority to freeze funds indefinitely. This is Binance's policy for these situations: The victim must provide a police report within 24 hours of filing the support request. From there, Binance will work directly with law enforcement to handle processing of the funds. That's neat, I wasn't aware that some exchanges already have publicly available policies about such cases. Bitcoin payments are supposed to be irreversible. What do you describe could be compared to a 'chargeback'. In terms of abuse like merchands are abused with PP. OMG if companies start to accept to do such practices then, it will be exactly like Paypal. You buy something, wait for the item to be shipped, and then contact the platform to say "hello, I've been hacked here is a signed message!"
That's why the endgame is getting rid of exchanges altogether Either way Binance's 24 hours until a police report has been provided still beats PayPal's 180 days based on nothing. How coinpayments will handle the situation is a different matter however.
|
|
|
|
▄▄███████▄▄███████ ▄███████████████▄▄▄▄▄ ▄████████████████████▀░ ▄█████████████████████▄░ ▄█████████▀▀████████████▄ ██████████████▀▀█████████ █████████████████████████ ██████████████▄▄█████████ ▀█████████▄▄████████████▀ ▀█████████████████████▀░ ▀████████████████████▄░ ▀███████████████▀▀▀▀▀ ▀▀███████▀▀███████ | ▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄ Playgram.io ▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀ | ▄▄▄░░ ▀▄ █ █ █ █ █ █ █ ▄▀ ▀▀▀░░
| │ | ▄▄▄███████▄▄▄ ▄▄███████████████▄▄ ▄███████████████████▄ ▄██████████████▀▀█████▄ ▄██████████▀▀███▄██▐████▄ ██████▀▀████▄▄▀▀█████████ ████▄▄███▄██▀█████▐██████ ██████████▀██████████████ ▀███████▌▐██▄████▐██████▀ ▀███████▄▄███▄████████▀ ▀███████████████████▀ ▀▀███████████████▀▀ ▀▀▀███████▀▀▀ | | │ | ██████▄▄███████▄▄████████ ███▄███████████████▄░░▀█▀ ███████████░█████████░░█ ░█████▀██▄▄░▄▄██▀█████░█ █████▄░▄███▄███▄░▄██████ ████████████████████████ ████████████████████████ ██░▄▄▄░██░▄▄▄░██░▄▄▄░███ ██░░░█░██░░░█░██░░░█░████ ██░░█░░██░░█░░██░░█░░████ ██▄▄▄▄▄██▄▄▄▄▄██▄▄▄▄▄████ ███████████████████████ ███████████████████████ | | │ | ► | |
[/
|
|
|
Stedsm
Legendary
Offline
Activity: 3052
Merit: 1273
|
|
September 20, 2019, 10:40:58 PM |
|
What made you keep all your coins in the same wallet is the first question that strikes my mind badly. I believe this address was also involved in some HYIP investment activities like BitRegal (and maybe the admin was the guy himself who stole OP's funds) Whole story below, please search for this address on that page: 12HfRnx47gQnnYn9Q3Zpiuzzv6yzXTKMEJ https://x-invest.net/forum/thread-bitregal-10-daily-btc-only-13254?pid=184427&mode=linearI've checked walletexplorer too and it's very strange that it is just a single address and no more addresses are in that wallet which made me believe it couldn't be of an exchange (maybe).
|
| .SHUFFLE.COM.. | ███████████████████████ ███████████████████████ ███████████████████████ ███████████████████████ ███████████████████████ ███████████████████████ ███████████████████████ ███████████████████████ ███████████████████████ ███████████████████████ ███████████████████████ ███████████████████████ ███████████████████████ | ███████████████████████ ███████████████████████ ███████████████████████ ███████████████████████ ███████████████████████ ███████████████████████ ███████████████████████ ███████████████████████ ███████████████████████ ███████████████████████ ███████████████████████ ███████████████████████ ███████████████████████ | . ...Next Generation Crypto Casino... |
|
|
|
1Referee
Legendary
Offline
Activity: 2170
Merit: 1427
|
|
September 21, 2019, 09:02:00 AM |
|
What made you keep all your coins in the same wallet is the first question that strikes my mind badly.
I don't think that's much of a problem if you for example use a hardware wallet where you physically have to confirm or reject value movements. In that regard, my question would be why OP didn't use a hardware wallet. People quite often look at the initial purchasing cost and think they can avoid dealing with that by simply using a desktop/mobile client, but that's never a good idea as we can see from the many examples of how people lost their coins. The $100ish they try to save by not purchasing a hardware wallet leads to a loss of thousands of dollars worth of crypto. Pretty sad.
|
|
|
|
Lucius
Legendary
Offline
Activity: 3416
Merit: 6136
Crypto Swap Exchange🈺
|
|
September 21, 2019, 12:49:40 PM |
|
1Referee, I would not say that only reason why people keep their coins in desktop/mobile wallets is because of money which needs to be invested in a hardware wallet, but also because most of them are not even aware that such security solutions exist at all. On the other side, we have ignorance with a completely wrong premise about what is cryptocurrency. As a result of that, many crypto users do not realize how challenging it is to be their own bank.
Short story is that he installed somehow backdoor on my PC and he hacked one of my contacts so he can send link which when I was using give him my IP address. He remotely connected to my PC and empty my wallet. How he entered my wallet is a mystery to me...
Hacker did just what you let him to do, and the real question is at what point you click/download something bad on your PC. You are very likely infected with remote access trojan ( RAT), and with that hacker is get full control over your PC. Best thing you can do now is to format disk, your OS is completely compromised.
|
|
|
|
Stedsm
Legendary
Offline
Activity: 3052
Merit: 1273
|
|
September 21, 2019, 02:02:35 PM |
|
What made you keep all your coins in the same wallet is the first question that strikes my mind badly.
I don't think that's much of a problem if you for example use a hardware wallet where you physically have to confirm or reject value movements. In that regard, my question would be why OP didn't use a hardware wallet. People quite often look at the initial purchasing cost and think they can avoid dealing with that by simply using a desktop/mobile client, but that's never a good idea as we can see from the many examples of how people lost their coins. The $100ish they try to save by not purchasing a hardware wallet leads to a loss of thousands of dollars worth of crypto. Pretty sad. All in all, this looks to me as a lesson learnt. I don't know how many times users such as OP will be suffering from such issues as there's always a new type of scam taking place every single day trying to drag away your money out of your hands. Some people also don't have money to buy that much maybe because they could be from a third world country and/or not too much interested in crypto or have very less (not even $50 worth of BTC or alts) held in their bags for which they don't prefer to go for any hardware wallets.
..... As a result of that, many crypto users do not realize how challenging it is to be their own bank. That's true, the sort of security we need to take care of is very high in front of what people believe it is. This platform is new and so, chances of getting hacked and scammed are reaching newer peaks every single day with more and more adoption as it's all about getting exposure of these unknown buddies (those who don't know about anything technical) to these highly professional hackers who know how to get into somebody's wallet and get the coins. When we say we are our own bank by using crypto, we really do understand the level risks it possesses and when we put a step in, it's better to be cautious than hell in order to save our everything that's kept in our PC. Best thing you can do now is to format disk, your OS is completely compromised.
Don't forget to ask him not to save his old Windows.dat (old data) of the previous OS. @OP, What I didn't get is - when you clicked that suspicious link, wasn't there any Antivirus in your PC that may have stopped or warned you for not visiting there?
|
| .SHUFFLE.COM.. | ███████████████████████ ███████████████████████ ███████████████████████ ███████████████████████ ███████████████████████ ███████████████████████ ███████████████████████ ███████████████████████ ███████████████████████ ███████████████████████ ███████████████████████ ███████████████████████ ███████████████████████ | ███████████████████████ ███████████████████████ ███████████████████████ ███████████████████████ ███████████████████████ ███████████████████████ ███████████████████████ ███████████████████████ ███████████████████████ ███████████████████████ ███████████████████████ ███████████████████████ ███████████████████████ | . ...Next Generation Crypto Casino... |
|
|
|
carnage88 (OP)
Member
Offline
Activity: 91
Merit: 11
I'm here for BTC trade and solving tx problems.
|
|
September 21, 2019, 08:14:18 PM Last edit: September 21, 2019, 09:41:01 PM by carnage88 |
|
Looks like the coins are sent to a coinpayments wallet, you can contact them and explain your case and they might block the account or if you are lucky enough and if you could provide evidence they might help you in recovering the coins. I have seen coins being recovered after the hackers sending to exchanges in the past, the faster you contact their customer support and state your case the better . They answered that this isn't their address... I use electrum which was password protected and I used these coins every day but last week or so I wasnt using them. I rus some exchanges and needed whole amount, that's way i didn't put on ladger. Where I collected and installed his "tool" I really don't know but I know that he hacked my email which I only use for random stuff and when I wanted to login on some site it showed him on my email that someone with that IP wants to login and it was obviously my IP and he easily connected to remote... Non of my antiviruses did go off or anything was alerted, but when I realized my email was hacked I immediately changed my IP. How he logged in on my electrum I really don't know. PC is now secured and everything is under my control. BTC are gone, lesson learned, this was expensive one. That was remote tool This was log from that tool
|
Click Link if you have transaction problems.
|
|
|
adaseb
Legendary
Offline
Activity: 3878
Merit: 1733
|
|
September 21, 2019, 09:05:30 PM |
|
This is why I stopped using Windows 10. Its full of bugs and backdoors. And even if it isn't then your browser most likely might not be fully secure and you can get some malware installed that way.
Its good that you are using a hardware wallet but for the coins you need to temporarily store on a hot computer, try using a different OS and maybe a different computer that you don't browse random websites with that might install something behind your back.
You seems to have a good knowledge of security and computers so the thief must of been pretty clever to get away with this. Its good that you used 2FA on your exchanges or most likely he would of stolen those coins also.
|
|
|
|
nc50lc
Legendary
Offline
Activity: 2590
Merit: 6320
Self-proclaimed Genius
|
|
September 22, 2019, 08:00:14 AM |
|
They answered that this isn't their address...
At last, you replied. First: " Remote Utility - Host" is a legit application, it was just installed by the hacker/malware/virus to view and control to your PC using the client. The main malware/virus must be something else, installed though other means like browsing/download. Your case was exactly the same as this one: forums.malwarebytes.com. But the case was closed without an answer. I use electrum which was password protected and I used these coins every day but last week or so I wasnt using them. I rus some exchanges and needed whole amount, that's way i didn't put on ladger.
There are two possible scenarios: 1. Hacked SEED: Because even with remote access, the hacker can't still decrypt your wallet. Where did you keep your electrum SEED? in your email, cloud disk or local disk? 2. Keylogger and manual operation: When you're AFK and the PC's idle, the hacker installed keylogger using remote access, disconnect then wait for you to use your wallet; Waited for another AFK cue, then he controlled your PC to manually send the transaction since he already have your passphrase. Seriously, " needing the whole amount" isn't an excuse to not-to-use you ledger. It's not a hassle to plug the device to sign a transaction, it's safe as long as you review the addresses of the transaction that you're signing.
|
|
|
|
bitmover
Legendary
Online
Activity: 2478
Merit: 6285
bitcoindata.science
|
|
September 22, 2019, 09:32:20 AM |
|
1. Hacked SEED: Because even with remote access, the hacker can't still decrypt your wallet. Where did you keep your electrum SEED? in your email, cloud disk or local disk?
I don't think the hacker had full access to OP's computer, being hacked by a trojan or something like that is unlikely IMO. It is so much easier to just get the user SEED on a gmail draft or something like that.Most people do not hand the seed with proper care. THe hacker could have got access to the seed long ago and he was waiting the wallet to be funded.... Anyway, I wouldn't be so sure about that remote access from the hacker, unless if there is some evidence of that.
|
|
|
|
nc50lc
Legendary
Offline
Activity: 2590
Merit: 6320
Self-proclaimed Genius
|
|
September 22, 2019, 09:44:00 AM |
|
-snip-
The evidence is all over the place. Can't you see? He didn't know how that app was installed and the 2nd screenshot displayed that it has been used or still active. If remote access was involved, the hacker can access OP's PC through his ( hacker) screen like it's his own. I don't think the hacker had full access to OP's computer, being hacked by a trojan or something like that is unlikely IMO.
Yes it is. Check the link in my previous reply.
|
|
|
|
1Referee
Legendary
Offline
Activity: 2170
Merit: 1427
|
|
September 22, 2019, 10:37:01 AM |
|
1Referee, I would not say that only reason why people keep their coins in desktop/mobile wallets is because of money which needs to be invested in a hardware wallet, but also because most of them are not even aware that such security solutions exist at all.
On the other side, we have ignorance with a completely wrong premise about what is cryptocurrency. As a result of that, many crypto users do not realize how challenging it is to be their own bank.
Fair points. Ignorance is a big factor indeed, which comes to show how not ready we are to onboard the average joes of this world. In that regard, it also makes sense for centralized entities such as Coinbase and Bakkt to offer custodial services, because the gap between a clueless crypto enthusiast and someone who knows how to be his own bank in a secure way is massive. I know Bitcoiners don't like them, and that for a good reason overall, but these wouldn't exist if the demand wasn't going through the roof, hence these entities holdings billions on behalf of all sorts of holders.
|
|
|
|
|