vincetaa22 (OP)
Newbie
Offline
Activity: 1
Merit: 0
|
|
November 30, 2022, 04:49:30 AM |
|
hello, i have an electrum wallet save bitcoin for 5 years and got hacked, today, i open a pdf file and that file just stole all my bitcoin in the electrum wallet, I am distraught
any advise?
|
|
|
|
Don Pedro Dinero
Legendary
Offline
Activity: 1344
Merit: 1558
The first decentralized crypto betting platform
|
|
November 30, 2022, 05:00:32 AM |
|
So I understand that you had Electrum installed on your PC or laptop but you didn't have a hardware wallet connected to it, is that it?
My advice for the future would be to buy a hardware wallet as I doubt that you will be able to recover the funds, but for less than 100 dollars you can avoid things like what happened to you. See if it's cheap.
|
|
|
|
Edwardard
|
|
November 30, 2022, 05:01:10 AM |
|
hello, i have an electrum wallet save bitcoin for 5 years and got hacked, today, i open a pdf file and that file just stole all my bitcoin in the electrum wallet, I am distraught
any advise?
Woah, quite sad story. You shouldn't have opened that pdf in the first place. May we know the source of pdf ? Was that given to you by any known member here ? A website ? This would help others to stay safu! Btw, if the amount is quite large, try contacting all the top exchanges like binance (unless the hacker hasnt converted your btc into fiat already) they may blacklist the hacker's address and any try to deposit btc in the exchanges would lead to freezing of the funds!! Once again, sorry for the loss but you should be more aware next time.
|
|
|
|
mk4
Legendary
Offline
Activity: 2800
Merit: 3855
Paldo.io 🤖
|
|
November 30, 2022, 05:04:35 AM |
|
1. Stop being careless and invest money in a hardware wallet
2. Stop opening random files
3. Report it to the authorities
4. There's a 99.9% chance that your funds are totally gone. Let this be a very important (and expensive) lesson to take security very seriously, especially when talking about long-term investments
|
|
|
|
Wexnident
|
|
November 30, 2022, 05:39:23 AM |
|
Isn't it gone? I doubt most would be able to do anything in terms of recovery once it's moved, maybe if a report is done but I'd say it's rather minimal for exchanges to move to help recover it. I'd honestly try to clean everything from said pc/laptop first and change your security for your emails, accounts, or anything important since as I've said, your funds are most likely lost already. Invest in a hardware wallet to avoid the same thing happening again and try not to well, open stuff you don't know where it came from.
|
|
|
|
R |
▀▀▀▀▀▀▀██████▄▄ ████████████████ ▀▀▀▀█████▀▀▀█████ ████████▌███▐████ ▄▄▄▄█████▄▄▄█████ ████████████████ ▄▄▄▄▄▄▄██████▀▀ | LLBIT | | | 4,000+ GAMES███████████████████ ██████████▀▄▀▀▀████ ████████▀▄▀██░░░███ ██████▀▄███▄▀█▄▄▄██ ███▀▀▀▀▀▀█▀▀▀▀▀▀███ ██░░░░░░░░█░░░░░░██ ██▄░░░░░░░█░░░░░▄██ ███▄░░░░▄█▄▄▄▄▄████ ▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀ | █████████ ▀████████ ░░▀██████ ░░░░▀████ ░░░░░░███ ▄░░░░░███ ▀█▄▄▄████ ░░▀▀█████ ▀▀▀▀▀▀▀▀▀ | █████████ ░░░▀▀████ ██▄▄▀░███ █░░█▄░░██ ░████▀▀██ █░░█▀░░██ ██▀▀▄░███ ░░░▄▄████ ▀▀▀▀▀▀▀▀▀ |
| | | ██░░░░░░░░░░░░░░░░░░░░░░██ ▀█▄░▄▄░░░░░░░░░░░░▄▄░▄█▀ ▄▄███░░░░░░░░░░░░░░███▄▄ ▀░▀▄▀▄░░░░░▄▄░░░░░▄▀▄▀░▀ ▄▄▄▄▄▀▀▄▄▀▀▄▄▄▄▄ █░▄▄▄██████▄▄▄░█ █░▀▀████████▀▀░█ █░█▀▄▄▄▄▄▄▄▄██░█ █░█▀████████░█ █░█░██████░█ ▀▄▀▄███▀▄▀ ▄▀▄▀▄▄▄▄▀▄▀▄ ██▀░░░░░░░░▀██ | | | | | | | . ▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄ ░▀▄░▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄░▄▀ ███▀▄▀█████████████████▀▄▀ █████▀▄░▄▄▄▄▄███░▄▄▄▄▄▄▀ ███████▀▄▀██████░█▄▄▄▄▄▄▄▄ █████████▀▄▄░███▄▄▄▄▄▄░▄▀ ████████████░███████▀▄▀ ████████████░██▀▄▄▄▄▀ ████████████░▀▄▀ ████████████▄▀ ███████████▀ | ▄▄███████▄▄ ▄████▀▀▀▀▀▀▀████▄ ▄███▀▄▄███████▄▄▀███▄ ▄██▀▄█▀▀▀█████▀▀▀█▄▀██▄ ▄██▀▄██████▀████░███▄▀██▄ ███░█████████▀██░████░███ ███░████░█▄████▀░████░███ ███░████░███▄████████░███ ▀██▄▀███░█████▄█████▀▄██▀ ▀██▄▀█▄▄▄██████▄██▀▄██▀ ▀███▄▀▀███████▀▀▄███▀ ▀████▄▄▄▄▄▄▄████▀ ▀▀███████▀▀ | | OFFICIAL PARTNERSHIP FAZE CLAN SSC NAPOLI | | |
|
|
|
nc50lc
Legendary
Offline
Activity: 2450
Merit: 5734
Self-proclaimed Genius
|
|
November 30, 2022, 07:46:18 AM |
|
-snip- today, i open a pdf file and that file just stole all my bitcoin in the electrum wallet
any advise?
There should be something more to this than just a pdf file wiping out your Electrum. There is no reported vulnerability in Electrum that's directly linked with pdf files. If you need advice, please provide more info on what happened. But in the end, that confirmed bitcoin transaction cannot be reversed by anyone.
|
|
|
|
pooya87
Legendary
Offline
Activity: 3486
Merit: 10672
|
|
November 30, 2022, 01:36:28 PM |
|
You need to provide more information than that if you want "advice". What was the link between opening the PDF file and your Electrum wallet being emptied? It just doesn't happen like that and a malware won't give you a warning when stealing your coins. Why do you even think the pdf file was the problem? Besides, are you sure your coins are stolen? Maybe the wallet is having problem syncing. Is it 5 year old wallet opened today or are you regularly using it? Was your wallet password protected?
|
. .BLACKJACK ♠ FUN. | | | ███▄██████ ██████████████▀ ████████████ █████████████████ ████████████████▄▄ ░█████████████▀░▀▀ ██████████████████ ░██████████████ █████████████████▄ ░██████████████▀ ████████████ ███████████████░██ ██████████ | | CRYPTO CASINO & SPORTS BETTING | | │ | | │ | ▄▄███████▄▄ ▄███████████████▄ ███████████████████ █████████████████████ ███████████████████████ █████████████████████████ █████████████████████████ █████████████████████████ ███████████████████████ █████████████████████ ███████████████████ ▀███████████████▀ ███████████████████ | | .
|
|
|
|
joniboini
Legendary
Offline
Activity: 2226
Merit: 1795
|
|
December 01, 2022, 01:00:46 AM |
|
Did you get that PDF from an e-mail? I've seen a lot of phishing e-mails on my throwaway emails for the last few days. You should never open an attached file from an e-mail if the sender is unknown to you (these e-mails are usually gibberish and should be easy to spot unless you set your e-mail app to automatically download them). Some news reported that these PDF contains a keylogger and other stuff, so Electrum is likely not at fault.
My condolences, try to reinstall your OS and probably wipe your device just in case the malware is still there.
|
| | . .Duelbits. | │ | ..........UNLEASH.......... THE ULTIMATE GAMING EXPERIENCE | │ | DUELBITS FANTASY SPORTS | ████▄▄▄█████▄▄▄ ░▄████████████████▄ ▐██████████████████▄ ████████████████████ ████████████████████▌ █████████████████████ ████████████████▀▀▀ ███████████████▌ ███████████████▌ ████████████████ ████████████████ ████████████████ ████▀▀███████▀▀ | . ▬▬ VS ▬▬ | ████▄▄▄█████▄▄▄ ░▄████████████████▄ ▐██████████████████▄ ████████████████████ ████████████████████▌ █████████████████████ ███████████████████ ███████████████▌ ███████████████▌ ████████████████ ████████████████ ████████████████ ████▀▀███████▀▀ | /// PLAY FOR FREE /// WIN FOR REAL | │ | ..PLAY NOW.. | |
|
|
|
hugeblack
Legendary
Offline
Activity: 2548
Merit: 3778
|
|
December 01, 2022, 12:22:27 PM |
|
There should be something more to this than just a pdf file wiping out your Electrum. There is no reported vulnerability in Electrum that's directly linked with pdf files.
+1 AFAIK, most of PDF viruses did not have the ability to move between applications, and then I have not heard of any hack just because of PDF, can anyone confirm this information?! because I careless and download a lot of PDF files.
Have you signed a transaction during another application that works?
|
|
|
|
BitMaxz
Legendary
Offline
Activity: 3290
Merit: 3030
BTC price road to $80k
|
|
December 01, 2022, 11:56:23 PM |
|
AFAIK, most of PDF viruses did not have the ability to move between applications, and then I have not heard of any hack just because of PDF, can anyone confirm this information?! because I careless and download a lot of PDF files.
According to adobe yes it can contain viruses and malicious code that can potentially hack your device or PC. Why not check Adobe they have their own explanation about this here below - https://www.adobe.com/acrobat/resources/can-pdfs-contain-viruses.html
|
|
|
|
Pmalek
Legendary
Offline
Activity: 2800
Merit: 7210
|
|
December 05, 2022, 08:43:42 AM |
|
try contacting all the top exchanges like binance (unless the hacker hasnt converted your btc into fiat already) they may blacklist the hacker's address and any try to deposit btc in the exchanges would lead to freezing of the funds!! I don't think that's as simple as it sounds. Binance and other exchanges aren't just going to listen to a random person asking to have certain addresses blacklisted. They are going to require proof (proof you don' have) and the involvement of law enforcement. But until that happens, the coins will be long gone. If the goal of the hacker is to convert the BTC into fiat, he doesn't need to touch centralized exchanges at all. He can mix the coins or take advantage of coinjoin services and exchange them via a decentralized exchange like Bisq. P2P trades are another option. Unfortunately, it seems like the OP's money is gone. because I careless and download a lot of PDF files. Stop it, before something happens.
|
. .BLACKJACK ♠ FUN. | | | ███▄██████ ██████████████▀ ████████████ █████████████████ ████████████████▄▄ ░█████████████▀░▀▀ ██████████████████ ░██████████████ █████████████████▄ ░██████████████▀ ████████████ ███████████████░██ ██████████ | | CRYPTO CASINO & SPORTS BETTING | | │ | | │ | ▄▄███████▄▄ ▄███████████████▄ ███████████████████ █████████████████████ ███████████████████████ █████████████████████████ █████████████████████████ █████████████████████████ ███████████████████████ █████████████████████ ███████████████████ ▀███████████████▀ ███████████████████ | | .
|
|
|
|
BlackHatCoiner
Legendary
Offline
Activity: 1554
Merit: 7618
Protocols over bureaucrats
|
|
December 05, 2022, 08:29:50 PM |
|
It's possible OP opened infected PDF file on certain PDF reader, where the infected PDF exploit security vulnerability of the PDF reader which can be used to execute arbitrary script. Why would a PDF reader have access to AppData? Except of course if OP had moved the wallet file somewhere externally. You need to provide more information than that if you want "advice". Pretty much that. Isn't it a little weird that newbies show up out of nowhere and ask for help to recover their 5 year lost bitcoin with literally zero effort from their side? because I careless and download a lot of PDF files. It depends rather on the PDF reader. Use reputable, open-source software. I use the pre-installed Evince (AKA "Document Viewer") from Ubuntu 22.04, which AFAIK doesn't allow executing external applications and is only used for reading.
|
. .BLACKJACK ♠ FUN. | | | ███▄██████ ██████████████▀ ████████████ █████████████████ ████████████████▄▄ ░█████████████▀░▀▀ ██████████████████ ░██████████████ █████████████████▄ ░██████████████▀ ████████████ ███████████████░██ ██████████ | | CRYPTO CASINO & SPORTS BETTING | | │ | | │ | ▄▄███████▄▄ ▄███████████████▄ ███████████████████ █████████████████████ ███████████████████████ █████████████████████████ █████████████████████████ █████████████████████████ ███████████████████████ █████████████████████ ███████████████████ ▀███████████████▀ ███████████████████ | | .
|
|
|
|
NotATether
Legendary
Offline
Activity: 1638
Merit: 6913
bitcoincleanup.com / bitmixlist.org
|
|
December 08, 2022, 06:51:39 PM |
|
hello, i have an electrum wallet save bitcoin for 5 years and got hacked, today, i open a pdf file and that file just stole all my bitcoin in the electrum wallet, I am distraught
any advise?
"Don't open unknown files" is the only real help we can give you. PDF's (and word, excel, PowerPoint, as well as many others) documents can contain macros, and some specially crafted macros can overwhelm the parser and cause it to execute malware. That is what happened here.
|
. .BLACKJACK ♠ FUN. | | | ███▄██████ ██████████████▀ ████████████ █████████████████ ████████████████▄▄ ░█████████████▀░▀▀ ██████████████████ ░██████████████ █████████████████▄ ░██████████████▀ ████████████ ███████████████░██ ██████████ | | CRYPTO CASINO & SPORTS BETTING | | │ | | │ | ▄▄███████▄▄ ▄███████████████▄ ███████████████████ █████████████████████ ███████████████████████ █████████████████████████ █████████████████████████ █████████████████████████ ███████████████████████ █████████████████████ ███████████████████ ▀███████████████▀ ███████████████████ | | .
|
|
|
|
|