armouro (OP)
Newbie
 Offline
Activity: 7
Merit: 1
|
 |
September 04, 2020, 11:13:35 AM
Last edit: September 16, 2020, 09:17:12 PM by armouro |
|
I have collected some fork coins and now it was time to collect bitcoin SV. I not really sure but I think I went trough https://bitcoinsv.io/services/wallets-and-exchanges/ and picked electrumsv.io. Then i downloaded the portable version here https://electrumsv.io/download.html. At that time it was another version then 1.3.6. I did import all of my keys into the wallet. Then there was a transaction with all of my coins... I know that the coins are gone. But I'm a bit concerned over my privacy. It was my personal computer with some photos and files. Should I be worried that the malware wallet uploaded everything it can get to a server somewhere and that some others have all of it? Could the malware wallet see all of my browsing history and all of my saved accounts into sites (usually I'm not saveing that but could be some site or two..). If I could see my history it probably can see my facebock.com/user/myusername. I havn't used my computer since it happened. Is there any loggs that windows saves that I can get anything from? Could the malware wallet infect images and files or could I copy them from that computer and save them in another location? EditI did found out that another bitcoinsv site (scam site) had the same version as mine. So the sites that I mentioned above is probably not involved with this, as long as the linked to the download site wasn't replaced in some way. But probably not. However I didn't find any browser history of that site. Don't know if the program cleaned that(?) |
|
|
|
|
|
|
|
According to NIST and ECRYPT II, the cryptographic algorithms used in
Bitcoin are expected to be strong until at least 2030. (After that, it
will not be too difficult to transition to different algorithms.)
|
|
|
Advertised sites are not endorsed by the Bitcoin Forum. They may be unsafe, untrustworthy, or illegal in your jurisdiction.
|
jackg
Copper Member
Legendary
Offline
Activity: 2856
Merit: 3071
https://bit.ly/387FXHi lightning theory
|
|
September 04, 2020, 11:30:08 AM |
|
1.iy could get access to everything and upload it but it's not really worthwhile. Most viruses if trying tk compromise files just corrupt them and ask for a ransom instead.
2. Yes the photos and files could be corrupted but sif you have a drive that's a good size for storing them you might want to put them on that - one that is old and doesn't have anything else on it.
3. Look into sandboxing and running vms if you're going to start downloading random sources..
|
|
|
|
|
bob123
Legendary
Offline
Activity: 1624
Merit: 2481
|
|
September 04, 2020, 11:56:55 AM |
|
I did import all of my keys into the wallet. Then there was a transaction with all of my coins...
Hopefully only your scamcoins got stolen, and your BTC were already transferred. This is one of the reasons we always recommend to claim shitcoins in a virtual machine. Should I be worried that the malware wallet uploaded everything it can get to a server somewhere and that some others have all of it?
Probably not since it would be quite useless for an attacker aiming for cryptocurrencies. However the possibility (while being low) exists. Could the malware wallet see all of my browsing history and all of my saved accounts into sites (usually I'm not saveing that but could be some site or two..). If I could see my history it probably can see my facebock.com/user/myusername.
Yes, definitely. I havn't used my computer since it happened. Is there any loggs that windows saves that I can get anything from?
Quite a lot is being logged in the event log, but you probably won't find out what exactly has been uploaded without hiring some forensic expert. Could the malware wallet infect images and files or could I copy them from that computer and save them in another location?
While unlikely, it is possible. Note that i answered your questions, whether a malware could do that. Personally, i believe it is extremely unlikely since the malware only wanted to get your coins. Most crypto stealing malware is extremely simple and not as devastating as it could be. However, reinstalling your OS would be your best bet to be on the safe side. |
|
|
|
armouro (OP)
Newbie
Offline
Activity: 7
Merit: 1
|
|
September 04, 2020, 12:19:47 PM |
|
Yes I did move my other coins before trying to get the fork coins. I get your point that it is very unlikely that they got more then my coins. But I'll never knew for sure but I thought of getting a fresh computer with some dummy pictures, glasswire to see the network traffic. And then run the program and see what happens. If the upload is more then some MB or not. I could even look what the size of the images is before and after. Because I guess that if the malware infected my photos it probably changes the size of images? Perhaps I could get some https://www.canarytokens.org/ to see if that trigger something. Another thing I was thinking of was to decompile the software, however it's probably not that easy. |
|
|
|
|
Lucius
Legendary
Offline
Activity: 3234
Merit: 5676
Blackjack.fun🎲
|
|
September 04, 2020, 01:45:43 PM |
|
I don't understand how it's possible that you downloaded a fake wallet, if you're pretty sure you used links that should be legitimate? However, there are still cases in which users have lost their coins in an identical way - there is obviously some vulnerability in electrumsv, how else to explain such cases? All Bitcoin SV STOLEN from Latest version Electrum SV Wallet BEWARE!! |
.
.BLACKJACK ♠ FUN. | | | ███▄██████
██████████████▀
████████████
█████████████████
████████████████▄▄
░█████████████▀░▀▀
██████████████████
░██████████████
█████████████████▄
░██████████████▀
████████████
███████████████░██
██████████ | | CRYPTO CASINO &
SPORTS BETTING | | │ | | │ | ▄▄███████▄▄
▄███████████████▄
███████████████████
█████████████████████
███████████████████████
█████████████████████████
█████████████████████████
█████████████████████████
███████████████████████
█████████████████████
███████████████████
▀███████████████▀
███████████████████ | | .
|
|
|
|
bob123
Legendary
Offline
Activity: 1624
Merit: 2481
|
|
September 04, 2020, 02:05:32 PM |
|
But I'll never knew for sure but I thought of getting a fresh computer with some dummy pictures, glasswire to see the network traffic. And then run the program and see what happens. If the upload is more then some MB or not.
If you are going that step, you might as well install some monitoring software to check what files exactly are touched by the malware. I could even look what the size of the images is before and after. Because I guess that if the malware infected my photos it probably changes the size of images?
Some monitoring software (as mentioned) would be enough to check whether files are getting touched. But the filesize does not need to be changed. You can easily embed malware into an image without changing the size (e.g. by deleting less relevant data). You'd need to compare the checksum (hashes) of the files. |
|
|
|
LoyceV
Legendary
 Online
Activity: 3304
Merit: 16655
Thick-Skinned Gang Leader and Golden Feather 2021
|
|
September 04, 2020, 02:27:18 PM |
|
Yes I did move my other coins before trying to get the fork coins. Are you sure your BSV didn't move when you moved your BCH? Due to the lack of replay protection in BSV, that would be a possibility (and in that case you might be able to recover them). |
|
|
|
armouro (OP)
Newbie
Offline
Activity: 7
Merit: 1
|
|
September 04, 2020, 05:34:44 PM |
|
But I'll never knew for sure but I thought of getting a fresh computer with some dummy pictures, glasswire to see the network traffic. And then run the program and see what happens. If the upload is more then some MB or not.
If you are going that step, you might as well install some monitoring software to check what files exactly are touched by the malware. Do you have any examples of software that does that? Yes I did move my other coins before trying to get the fork coins. Are you sure your BSV didn't move when you moved your BCH? Due to the lack of replay protection in BSV, that would be a possibility (and in that case you might be able to recover them). Yes I can tell you that it was more then some days between the BCH and BSV transactions. And in BCH I made some transactions to move it, BSV did one transaction. |
|
|
|
|
logfiles
Copper Member
Legendary
Offline
Activity: 1974
Merit: 1658
Top Crypto Casino
|
|
September 04, 2020, 06:57:24 PM |
|
Most of the crypto stealing malware is designed to just
1. Phish for your Exchange or login credentials, private keys or recovery phrases
2. Act as Key loggers which record everything that the victim types
3. Act as a ransomware which will lock access to the victim's files and fold until a fee is paid. The hackers usually ask for crypto as a payment method.
4. Monitor your browsing activity for login credentials through malicious extensions
The Motive by crypto hackers is usually to get Bitcoins or crypto (money) and not to steal photos or other personnel files because they will gain nothing from them.
The Best thing to do is backup you important files and reinstall a fresh OS.
|
|
|
|
armouro (OP)
Newbie
Offline
Activity: 7
Merit: 1
|
|
September 04, 2020, 08:43:44 PM |
|
The Motive by crypto hackers is usually to get Bitcoins or crypto (money) and not to steal photos or other personnel files because they will gain nothing from them.
Yes and no. There are probably a lot of people that has 1, 10, 100 and even more BSV. If they have 100+ coins that they collect from a fork then there are chances that there is some of it in BTC as well. If the crypto hackers collected all private stuff then the chance to find a big treasure is really big, isn't it? The hard part is to collect it since they need to use the wrench method  |
|
|
|
|
seleme
Legendary
Offline
Activity: 2772
Merit: 1028
Duelbits.com
|
|
September 04, 2020, 10:27:58 PM
Last edit: September 08, 2020, 12:33:53 AM by seleme |
|
The Motive by crypto hackers is usually to get Bitcoins or crypto (money) and not to steal photos or other personnel files because they will gain nothing from them.
Yes and no. There are probably a lot of people that has 1, 10, 100 and even more BSV. If they have 100+ coins that they collect from a fork then there are chances that there is some of it in BTC as well. If the crypto hackers collected all private stuff then the chance to find a big treasure is really big, isn't it? The hard part is to collect it since they need to use the wrench method Well, using the different social engineering tricks will be enough to convince your close circle in order to attract the interest which can be used for hacking other victims. Better to be safe than sorry, a clean install of OS, and using updated versions of spyware, malware programs may help to avoid such headaches. BTW, don't forget to check the BIOS and be sure the virus is not hiding there. Some viruses can hide itself inside the BIOS and re-activate itself after clean installation. |
|
|
|
|
bearexin
|
|
September 05, 2020, 12:22:23 PM |
|
I don’t think it will copy photos from your computer, the main thing they will likely go for is your information and history, they can then use it to be accessing whatever it is that they need to get to, information is what’s mostly important to them, including passwords, emails, and usernames and the rest of them. So, you should quickly change your passwords on websites and other things so that they wouldn’t gain access in case.
Next time try to be very careful with applications and software you’re installing on your computer so that you get into such problems again. If you’re going to be downloading any application do proper research and make sure it is one you can trust.
|
|
|
|
|
bryant.coleman
Legendary
Offline
Activity: 3668
Merit: 1217
|
|
September 05, 2020, 12:45:36 PM |
|
This type of stories were very common in 2017, when coins such as BCH and BTG forked out of Bitcoin. I wouldn't blame the victims, since this was the first time the Blockchain was getting forked. But then BSV forked out more than a year after that, in November 2018. At this point, I expected the users to be more cautious about claiming their forked reward. But still a lot of people fell victim to various scams.
|
|
|
|
|
armouro (OP)
Newbie
Offline
Activity: 7
Merit: 1
|
|
September 06, 2020, 10:48:29 AM |
|
The Motive by crypto hackers is usually to get Bitcoins or crypto (money) and not to steal photos or other personnel files because they will gain nothing from them.
Yes and no. There are probably a lot of people that has 1, 10, 100 and even more BSV. If they have 100+ coins that they collect from a fork then there are chances that there is some of it in BTC as well. If the crypto hackers collected all private stuff then the chance to find a big treasure is really big, isn't it? The hard part is to collect it since they need to use the wrench method Well, using the different social engineering tricks will be enough to convince your close circle in order to attract the interest which can be used for hacking other victims. Better to be safe than sorry, a clean install of OS, and using updated versions of spyware, malware programs may help to avoid such headaches. BTW, don't forget to check the BIOS and be sure the virus is not hiding there. How do I check my BIOS after malware? |
|
|
|
|
mersal
Member
Offline
Activity: 1204
Merit: 38
|
|
September 06, 2020, 03:59:50 PM |
|
The Motive by crypto hackers is usually to get Bitcoins or crypto (money) and not to steal photos or other personnel files because they will gain nothing from them.
Yes and no. There are probably a lot of people that has 1, 10, 100 and even more BSV. If they have 100+ coins that they collect from a fork then there are chances that there is some of it in BTC as well. If the crypto hackers collected all private stuff then the chance to find a big treasure is really big, isn't it? The hard part is to collect it since they need to use the wrench method Well, using the different social engineering tricks will be enough to convince your close circle in order to attract the interest which can be used for hacking other victims. Better to be safe than sorry, a clean install of OS, and using updated versions of spyware, malware programs may help to avoid such headaches. BTW, don't forget to check the BIOS and be sure the virus is not hiding there. Ofc I will get a clean install of OS. Is a "windows reset" without keeping my personal files equal to a clean install? The only thing I don't really know what to do with is with my images and files. What if it's malware in them, or not.. Perhaps get a clean OS with the malware program again and see if the hash changes on the images (other dummy images). It's probably the only solution to know for sure? I do have some wallets to other coins as well. Should I erase them and recover them by a seed? Just copy all those files into an external hard disk and install new OS or if you have a backup and then scan the hard drive for any malware infections with good anti virus premium version by this way you can get those images and any files which are nit get infected with that malware. |
|
|
|
|
Rickorick
Jr. Member
Offline
Activity: 107
Merit: 8
|
|
September 06, 2020, 11:47:51 PM |
|
I don't think you were hacked. I'm fairly certain it was replay protection. what was the transaction id for the bsv transaction?
|
|
|
|
|
armouro (OP)
Newbie
Offline
Activity: 7
Merit: 1
|
|
September 07, 2020, 08:30:52 PM |
|
I don't think you were hacked. I'm fairly certain it was replay protection. what was the transaction id for the bsv transaction?
Why don't you think that? What is a replay protection? I did take a look into blockchair.com/ and that transaction was followed by 2 transactions. And I can follow those two transaction into other transactions as well. So I guess that it was a hack.. Or is it anything that I can look after to tell that it wasn't a hack? Btw is electrumsv.io a legit site? Perhaps it's worth to mail them to ask if they are aware of any malware in their portable wallet.. |
|
|
|
|
dunfida
Legendary
Offline
Activity: 3080
Merit: 1131
|
|
September 07, 2020, 08:39:54 PM |
|
I don't think you were hacked. I'm fairly certain it was replay protection. what was the transaction id for the bsv transaction?
Why don't you think that? What is a replay protection? I did take a look into blockchair.com/ and that transaction was followed by 2 transactions. And I can follow those two transaction into other transactions as well. So I guess that it was a hack.. Or is it anything that I can look after to tell that it wasn't a hack? Btw is electrumsv.io a legit site? Perhaps it's worth to mail them to ask if they are aware of any malware in their portable wallet.. Im not that familiar with BSV's replay protection but you can have some read up on here towards into that matter: https://www.reddit.com/r/btc/comments/a5edvn/what_is_going_on_with_the_bitcoinsv_replay/Most likely into these kind of common hacking incident on where someone do able to download some sort of malware and do the damage. If you are hesitant on using up your pc then better to reformat it. |
|
|
|
Rickorick
Jr. Member
Offline
Activity: 107
Merit: 8
|
|
September 07, 2020, 10:34:08 PM |
|
I don't think you were hacked. I'm fairly certain it was replay protection. what was the transaction id for the bsv transaction?
Why don't you think that? What is a replay protection? I did take a look into blockchair.com/ and that transaction was followed by 2 transactions. And I can follow those two transaction into other transactions as well. So I guess that it was a hack.. Or is it anything that I can look after to tell that it wasn't a hack? Btw is electrumsv.io a legit site? Perhaps it's worth to mail them to ask if they are aware of any malware in their portable wallet.. Whats the transaction id? |
|
|
|
|
armouro (OP)
Newbie
Offline
Activity: 7
Merit: 1
|
|
September 16, 2020, 09:09:40 PM |
|
I probably have an answer of this. I'm 95% sure that it was from the bitcoinbsv site. Since that version is equal with mine.
|
|
|
|
|
|
