electrum wallet got hacked, 5 years of bitcoin gone

[vincetaa22]

hello, i have an electrum wallet save bitcoin for 5 years and got hacked,  today, i open a pdf file and that file just stole all my bitcoin in the electrum wallet, I am distraught



any advise?

[1713880629]

1713880629

[1713880629]

1713880629

[Don Pedro Dinero]

So I understand that you had Electrum installed on your PC or laptop but you didn't have a hardware wallet connected to it, is that it?

My advice for the future would be to buy a hardware wallet as I doubt that you will be able to recover the funds, but for less than 100 dollars you can avoid things like what happened to you. See if it's cheap.

[Edwardard]

hello, i have an electrum wallet save bitcoin for 5 years and got hacked,  today, i open a pdf file and that file just stole all my bitcoin in the electrum wallet, I am distraught



any advise?

Woah, quite sad story. You shouldn't have opened that pdf in the first place. May we know the source of pdf ? Was that given to you by any known member here ? A website ? This would help others to stay safu! Btw, if the amount is quite large, try contacting all the top  exchanges like binance (unless the hacker hasnt converted your btc into fiat already) they may blacklist the hacker's address and any try to deposit btc in the exchanges would lead to freezing of the funds!! Once again, sorry for the loss but you should be more aware next time.

[mk4]

1. Stop being careless and invest money in a hardware wallet

2. Stop opening random files

3. Report it to the authorities

4. There's a 99.9% chance that your funds are totally gone. Let this be a very important (and expensive) lesson to take security very seriously, especially when talking about long-term investments

[Wexnident]

Isn't it gone? I doubt most would be able to do anything in terms of recovery once it's moved, maybe if a report is done but I'd say it's rather minimal for exchanges to move to help recover it. I'd honestly try to clean everything from said pc/laptop first and change your security for your emails, accounts, or anything important since as I've said, your funds are most likely lost already. Invest in a hardware wallet to avoid the same thing happening again and try not to well, open stuff you don't know where it came from.

[nc50lc]

-snip- today, i open a pdf file and that file just stole all my bitcoin in the electrum wallet

any advise?

There should be something more to this than just a pdf file wiping out your Electrum.
There is no reported vulnerability in Electrum that's directly linked with pdf files.

If you need advice, please provide more info on what happened.

But in the end, that confirmed bitcoin transaction cannot be reversed by anyone.

[pooya87]

You need to provide more information than that if you want "advice". What was the link between opening the PDF file and your Electrum wallet being emptied? It just doesn't happen like that and a malware won't give you a warning when stealing your coins. Why do you even think the pdf file was the problem?
Besides, are you sure your coins are stolen? Maybe the wallet is having problem syncing. Is it 5 year old wallet opened today or are you regularly using it? Was your wallet password protected?

[joniboini]

Did you get that PDF from an e-mail? I've seen a lot of phishing e-mails on my throwaway emails for the last few days. You should never open an attached file from an e-mail if the sender is unknown to you (these e-mails are usually gibberish and should be easy to spot unless you set your e-mail app to automatically download them). Some news reported that these PDF contains a keylogger and other stuff, so Electrum is likely not at fault.

My condolences, try to reinstall your OS and probably wipe your device just in case the malware is still there.

[hugeblack]

There should be something more to this than just a pdf file wiping out your Electrum.
There is no reported vulnerability in Electrum that's directly linked with pdf files.

+1

AFAIK, most of PDF viruses did not have the ability to move between applications, and then I have not heard of any hack just because of PDF, can anyone confirm this information?! because I careless and download a lot of PDF files.


Have you signed a transaction during another application that works?

[BitMaxz]

AFAIK, most of PDF viruses did not have the ability to move between applications, and then I have not heard of any hack just because of PDF, can anyone confirm this information?! because I careless and download a lot of PDF files.

According to adobe yes it can contain viruses and malicious code that can potentially hack your device or PC.

Why not check Adobe they have their own explanation about this here below

- https://www.adobe.com/acrobat/resources/can-pdfs-contain-viruses.html

[Pmalek]

try contacting all the top  exchanges like binance (unless the hacker hasnt converted your btc into fiat already) they may blacklist the hacker's address and any try to deposit btc in the exchanges would lead to freezing of the funds!!

I don't think that's as simple as it sounds. Binance and other exchanges aren't just going to listen to a random person asking to have certain addresses blacklisted. They are going to require proof (proof you don' have) and the involvement of law enforcement. But until that happens, the coins will be long gone.

If the goal of the hacker is to convert the BTC into fiat, he doesn't need to touch centralized exchanges at all. He can mix the coins or take advantage of coinjoin services and exchange them via a decentralized exchange like Bisq. P2P trades are another option.

Unfortunately, it seems like the OP's money is gone.

because I careless and download a lot of PDF files.

Stop it, before something happens.

[BlackHatCoiner]

It's possible OP opened infected PDF file on certain PDF reader, where the infected PDF exploit security vulnerability of the PDF reader which can be used to execute arbitrary script.

Why would a PDF reader have access to AppData? Except of course if OP had moved the wallet file somewhere externally.

You need to provide more information than that if you want "advice".

Pretty much that. Isn't it a little weird that newbies show up out of nowhere and ask for help to recover their 5 year lost bitcoin with literally zero effort from their side?

because I careless and download a lot of PDF files.

It depends rather on the PDF reader. Use reputable, open-source software. I use the pre-installed Evince (AKA "Document Viewer") from Ubuntu 22.04, which AFAIK doesn't allow executing external applications and is only used for reading.

[NotATether]

hello, i have an electrum wallet save bitcoin for 5 years and got hacked,  today, i open a pdf file and that file just stole all my bitcoin in the electrum wallet, I am distraught



any advise?

"Don't open unknown files" is the only real help we can give you. PDF's (and word, excel, PowerPoint, as well as many others) documents can contain macros, and some specially crafted macros can overwhelm the parser and cause it to execute malware. That is what happened here.