Maseo (OP)
Newbie
 Offline
Activity: 42
Merit: 0
|
 |
April 01, 2014, 08:41:36 PM |
|
So, apparently i got hacked (or backdoored) and now i've lost 0.5602 bitcoins from my wallet since 21:32 GMT +1, the 31st of March.
I have NO idea how this could have happend as that i have full AV,
The recipient's address is "1FmMasfuEE6wtpzdWiVnDynfJ5tyyVbhP3".
Can anyone give me some advice / help here?
|
|
|
|
|
Taras
Legendary
Offline
Activity: 1386
Merit: 1053
Please do not PM me loan requests!
|
|
April 01, 2014, 08:44:58 PM |
|
Some BTC was sent back to you as change. Are you sure someone didn't sneak onto your laptop and make a purchase?  |
|
|
|
|
roslinpl
Legendary
Offline
Activity: 2212
Merit: 1199
|
|
April 01, 2014, 08:45:26 PM |
|
So, apparently i got hacked (or backdoored) and now i've lost 0.5602 bitcoins from my wallet since 21:32 GMT +1, the 31st of March.
I have NO idea how this could have happend as that i have full AV,
The recipient's address is "1FmMasfuEE6wtpzdWiVnDynfJ5tyyVbhP3".
Can anyone give me some advice / help here?
can you be more precise?  what is your bitcoin client, which one is your address |
|
|
|
|
Maseo (OP)
Newbie
Offline
Activity: 42
Merit: 0
|
|
April 01, 2014, 08:52:24 PM
Last edit: April 01, 2014, 09:10:05 PM by Maseo |
|
Some BTC was sent back to you as change. Are you sure someone didn't sneak onto your laptop and make a purchase? Nobody was at (my) home that could have done that. At that time being i wasn't at home, so that even scares me more. So, apparently i got hacked (or backdoored) and now i've lost 0.5602 bitcoins from my wallet since 21:32 GMT +1, the 31st of March.
I have NO idea how this could have happend as that i have full AV,
The recipient's address is "1FmMasfuEE6wtpzdWiVnDynfJ5tyyVbhP3".
Can anyone give me some advice / help here?
can you be more precise? what is your bitcoin client, which one is your address Bitcoin-QT; 1AV1CdiYq2uSUwJzdu5UmLAD8GdQxRwBhE Just ran a check with Hitman PRO; it flagged all my cgminer exe's as malware, but i've been using them for about half a year and nothing like this has ever happened in the past. |
|
|
|
|
roslinpl
Legendary
Offline
Activity: 2212
Merit: 1199
|
|
April 01, 2014, 09:20:53 PM |
|
Some BTC was sent back to you as change. Are you sure someone didn't sneak onto your laptop and make a purchase? Nobody was at (my) home that could have done that. At that time being i wasn't at home, so that even scares me more. So, apparently i got hacked (or backdoored) and now i've lost 0.5602 bitcoins from my wallet since 21:32 GMT +1, the 31st of March.
I have NO idea how this could have happend as that i have full AV,
The recipient's address is "1FmMasfuEE6wtpzdWiVnDynfJ5tyyVbhP3".
Can anyone give me some advice / help here?
can you be more precise? what is your bitcoin client, which one is your address Bitcoin-QT; 1AV1CdiYq2uSUwJzdu5UmLAD8GdQxRwBhE Just ran a check with Hitman PRO; it flagged all my cgminer exe's as malware, but i've been using them for about half a year and nothing like this has ever happened in the past. so your computer was under someones control via Internet. Hard to say what happend... how many altcoins wallets have you got? Are you using antivirus, which one, are you behind a firewall and is your router behind another firewall? What is your Internet connection? |
|
|
|
|
Maseo (OP)
Newbie
Offline
Activity: 42
Merit: 0
|
|
April 01, 2014, 09:34:54 PM |
|
Some BTC was sent back to you as change. Are you sure someone didn't sneak onto your laptop and make a purchase? Nobody was at (my) home that could have done that. At that time being i wasn't at home, so that even scares me more. So, apparently i got hacked (or backdoored) and now i've lost 0.5602 bitcoins from my wallet since 21:32 GMT +1, the 31st of March.
I have NO idea how this could have happend as that i have full AV,
The recipient's address is "1FmMasfuEE6wtpzdWiVnDynfJ5tyyVbhP3".
Can anyone give me some advice / help here?
can you be more precise? what is your bitcoin client, which one is your address Bitcoin-QT; 1AV1CdiYq2uSUwJzdu5UmLAD8GdQxRwBhE Just ran a check with Hitman PRO; it flagged all my cgminer exe's as malware, but i've been using them for about half a year and nothing like this has ever happened in the past. so your computer was under someones control via Internet. Hard to say what happend... how many altcoins wallets have you got? Are you using antivirus, which one, are you behind a firewall and is your router behind another firewall? What is your Internet connection? It seems so, Yes. 7 or 8? But mainly 3-4 that i use next to the bitcoin wallet(Spain, Vert, HVC and Roto). Yes, Avira, it's up to date. Yes, firewall is active on router, not on computer. Wired internet connection, COAX. |
|
|
|
|
roslinpl
Legendary
Offline
Activity: 2212
Merit: 1199
|
|
April 01, 2014, 10:00:28 PM |
|
Some BTC was sent back to you as change. Are you sure someone didn't sneak onto your laptop and make a purchase? Nobody was at (my) home that could have done that. At that time being i wasn't at home, so that even scares me more. So, apparently i got hacked (or backdoored) and now i've lost 0.5602 bitcoins from my wallet since 21:32 GMT +1, the 31st of March.
I have NO idea how this could have happend as that i have full AV,
The recipient's address is "1FmMasfuEE6wtpzdWiVnDynfJ5tyyVbhP3".
Can anyone give me some advice / help here?
can you be more precise? what is your bitcoin client, which one is your address Bitcoin-QT; 1AV1CdiYq2uSUwJzdu5UmLAD8GdQxRwBhE Just ran a check with Hitman PRO; it flagged all my cgminer exe's as malware, but i've been using them for about half a year and nothing like this has ever happened in the past. so your computer was under someones control via Internet. Hard to say what happend... how many altcoins wallets have you got? Are you using antivirus, which one, are you behind a firewall and is your router behind another firewall? What is your Internet connection? It seems so, Yes. 7 or 8? But mainly 3-4 that i use next to the bitcoin wallet(Spain, Vert, HVC and Roto). Yes, Avira, it's up to date. Yes, firewall is active on router, not on computer. Wired internet connection, COAX. there are many possibilities ..  And why firewall not active on computer? Windows user? |
|
|
|
|
Maseo (OP)
Newbie
Offline
Activity: 42
Merit: 0
|
|
April 01, 2014, 10:06:42 PM |
|
Some BTC was sent back to you as change. Are you sure someone didn't sneak onto your laptop and make a purchase? Nobody was at (my) home that could have done that. At that time being i wasn't at home, so that even scares me more. So, apparently i got hacked (or backdoored) and now i've lost 0.5602 bitcoins from my wallet since 21:32 GMT +1, the 31st of March.
I have NO idea how this could have happend as that i have full AV,
The recipient's address is "1FmMasfuEE6wtpzdWiVnDynfJ5tyyVbhP3".
Can anyone give me some advice / help here?
can you be more precise? what is your bitcoin client, which one is your address Bitcoin-QT; 1AV1CdiYq2uSUwJzdu5UmLAD8GdQxRwBhE Just ran a check with Hitman PRO; it flagged all my cgminer exe's as malware, but i've been using them for about half a year and nothing like this has ever happened in the past. so your computer was under someones control via Internet. Hard to say what happend... how many altcoins wallets have you got? Are you using antivirus, which one, are you behind a firewall and is your router behind another firewall? What is your Internet connection? It seems so, Yes. 7 or 8? But mainly 3-4 that i use next to the bitcoin wallet(Spain, Vert, HVC and Roto). Yes, Avira, it's up to date. Yes, firewall is active on router, not on computer. Wired internet connection, COAX. there are many possibilities .. And why firewall not active on computer? Windows user? Firewall in my router works better then (any) firewall on my pc that i know of, and personally, i hate firewalls, but that's just a matter of opinion. Yes, windows. |
|
|
|
|
shorena
Copper Member
Legendary
Offline
Activity: 1498
Merit: 1540
No I dont escrow anymore.
|
|
April 01, 2014, 10:09:02 PM |
|
-snip-
it flagged all my cgminer exe's as malware
-snip-
Most antivirus tools do this, this does not mean that you actually have a trojan or a keylogger or something else. Miningsoftware is considered a virus because there used to be (still are?) botnets who mined on captured pc's. Id also say this looks like change, did you try "listunspent"? |
Im not really here, its just your imagination.
|
|
|
DeathAndTaxes
Donator
Legendary
Offline
Activity: 1218
Merit: 1079
Gerald Davis
|
|
April 01, 2014, 10:11:21 PM |
|
Firewall in my router works better then (any) firewall on my pc that i know of, and personally, i hate firewalls, but that's just a matter of opinion. Layered security my friend. Routers have been compromised in the past due to bugs, exploits, and just generally bad coding. If your router has wifi and an attacker is able to connect then he is already "inside" your network. |
|
|
|
|
Evil-Knievel
Legendary
Offline
Activity: 1260
Merit: 1168
|
|
April 01, 2014, 10:11:32 PM
Last edit: April 17, 2016, 09:58:37 PM by Evil-Knievel |
|
This message was too old and has been purged
|
|
|
|
|
Maseo (OP)
Newbie
Offline
Activity: 42
Merit: 0
|
|
April 01, 2014, 10:19:42 PM |
|
- Did you setup your Bitcoin-QT as a server? If yes, did you use random RPCUSER and RPCPASS or some dictionaty based password?
- Did you import any private keys into Bitcoin-QT?
- Have you been using your address on blockchain.info (maybe imported your private key)?
Never have i set it up as a server Never have i done that either Never have i done that, untill now, to check where the funds went to, but not importing my private key. -snip-
it flagged all my cgminer exe's as malware
-snip-
Most antivirus tools do this, this does not mean that you actually have a trojan or a keylogger or something else. Miningsoftware is considered a virus because there used to be (still are?) botnets who mined on captured pc's. Id also say this looks like change, did you try "listunspent"? Yeah, i reckoned that the miners would be false-positives. What do you mean by trying 'listunspent' ? It hasn't been spent apparently ? https://blockchain.info/unspent?active=1FmMasfuEE6wtpzdWiVnDynfJ5tyyVbhP3&format=htmlA different address to which some transaction(s) have been made to from above address is 1KWkmGfwkDRxg7QQiYjZJEAbUMXAZpz7eS |
|
|
|
|
Evil-Knievel
Legendary
Offline
Activity: 1260
Merit: 1168
|
|
April 01, 2014, 10:21:13 PM
Last edit: April 17, 2016, 09:58:12 PM by Evil-Knievel |
|
This message was too old and has been purged
|
|
|
|
|
Maseo (OP)
Newbie
Offline
Activity: 42
Merit: 0
|
|
April 01, 2014, 10:29:02 PM |
|
- Did you setup your Bitcoin-QT as a server? If yes, did you use random RPCUSER and RPCPASS or some dictionaty based password?
- Did you import any private keys into Bitcoin-QT?
- Have you been using your address on blockchain.info (maybe imported your private key)?
Never have i set it up as a server Never have i done that either Never have i done that, untill now, to check where the funds went to, but not importing my private key. This is really strange. I would like to help you find out what happened, as I have sent someone 0.01 BTC and it was wiped almost immediately by an account starting with "1brain". He claims not having used any brainwallet whatsoever. Yes, and i've been using this fine for over 6 months, no issues what soever. Just wanted to update my wallet with funds through trading, and saw it was almost empty.. My BTC's are in this transaction: https://blockchain.info/tx/e07dc809cd1dda15d890549405143992100cfdf45c089dbf04d386491cb8a0e3 which came from this transaction: https://blockchain.info/tx/7b077f3971b7155074f1e58b81ce6f91735265f2460b5a2345ddeb99afd0d4c3Firewall in my router works better then (any) firewall on my pc that i know of, and personally, i hate firewalls, but that's just a matter of opinion. Layered security my friend. Routers have been compromised in the past due to bugs, exploits, and just generally bad coding. If your router has wifi and an attacker is able to connect then he is already "inside" your network. Yep, back to firewalls it is, apparently. |
|
|
|
|
shorena
Copper Member
Legendary
Offline
Activity: 1498
Merit: 1540
No I dont escrow anymore.
|
|
April 02, 2014, 07:17:10 AM |
|
-snip-
Yeah, i reckoned that the miners would be false-positives. What do you mean by trying 'listunspent' ?
-snip-
My qt is in german, so the translation might be wrong, but if you rightclick on the trayicon there should be "debugwindow", which can also be opened from the main window -> help -> debug window. Open console and type "listunspent" it will show you a list which might still include your missing btc. |
Im not really here, its just your imagination.
|
|
|
|
|
|
Prolifik
|
|
April 02, 2014, 11:41:01 AM |
|
Never keep more than you can stand to lose in one place.
I wouldn't keep more than 1/10th of my money in one place if I had enough that I actually cared about it.
This goes for fiat as well as cryptos.
|
|
|
|
Maseo (OP)
Newbie
Offline
Activity: 42
Merit: 0
|
|
April 02, 2014, 12:04:50 PM |
|
Never keep more than you can stand to lose in one place.
I wouldn't keep more than 1/10th of my money in one place if I had enough that I actually cared about it.
This goes for fiat as well as cryptos.
So, your bank account is always empty then? ;-) Luckily i still had 0.1 0,03 and 0,05 stored on exchanges, so not all is lost, but still, does feel a bit painfull. |
|
|
|
|
|
fatguyyyyy
|
|
April 02, 2014, 03:29:43 PM |
|
I think the result was a keylogger, I cant think anything else. But, if you can contact blockchain they may try to help you out? It doesnt hurt to try with a slight chance to retrieve funds if they use blockchain as well.
Explain your story and you may get some result from that. Doesnt hurt to try right?
|
|
|
|
Maseo (OP)
Newbie
Offline
Activity: 42
Merit: 0
|
|
April 02, 2014, 09:42:42 PM |
|
I think the result was a keylogger, I cant think anything else. But, if you can contact blockchain they may try to help you out? It doesnt hurt to try with a slight chance to retrieve funds if they use blockchain as well.
Explain your story and you may get some result from that. Doesnt hurt to try right?
I sent them an email, let's see what comes out of that ... |
|
|
|
|
|
