LAMarcellus
|
|
April 02, 2014, 02:33:54 AM |
|
If someone gives you a private key as a "prize" you should always sweep from it, not import it, because they control that address as well if your wallet ever happens to use it as a change address.
OP can you confirm whether this address is a deterministic one that Electrum gave you or is this an imported public address/private key pair? cbeast thanks for the explanation!
|
The only way to deal with an unfree world is to become so absolutely free that your very existence is an act of rebellion. – Albert Camus
|
|
|
|
Advertised sites are not endorsed by the Bitcoin Forum. They may be unsafe, untrustworthy, or illegal in your jurisdiction.
|
edgebits (OP)
Newbie
Offline
Activity: 37
Merit: 0
|
|
April 02, 2014, 05:28:25 AM |
|
If someone gives you a private key as a "prize" you should always sweep from it, not import it, because they control that address as well if your wallet ever happens to use it as a change address.
OP can you confirm whether this address is a deterministic one that Electrum gave you or is this an imported public address/private key pair? cbeast thanks for the explanation! All the addresses I used were ones generated by electrum
|
|
|
|
DigitalHermit
Full Member
Offline
Activity: 150
Merit: 100
Thank you! Thank you! ...
|
|
April 02, 2014, 09:46:18 AM Last edit: April 02, 2014, 09:58:47 AM by DigitalHermit |
|
Well, here is the report. Malwarebytes Anti-Malware www.malwarebytes.orgScan Date: 01/04/2014 Scan Time: 9:17:54 PM Logfile: Administrator: Yes ... Processes: 1 Trojan.MSIL, C:\Users\Damien\AppData\Roaming\Adobe\AdobeUpdate.exe, 2644, , [ba7479ac88f3df57e729af99629fc040] It appears likely that you have a Trojan/Malware on your computer posing as AdobeUpdate. http://www.virusradar.com/en/MSIL_BattleBot.A/descriptionThis was very likely used by a remote intruder to take a copy of your wallet file(s) and to run a keylogger that captured your password.
|
|
|
|
edgebits (OP)
Newbie
Offline
Activity: 37
Merit: 0
|
|
April 02, 2014, 03:52:50 PM |
|
Well, here is the report. Malwarebytes Anti-Malware www.malwarebytes.orgScan Date: 01/04/2014 Scan Time: 9:17:54 PM Logfile: Administrator: Yes ... Processes: 1 Trojan.MSIL, C:\Users\Damien\AppData\Roaming\Adobe\AdobeUpdate.exe, 2644, , [ba7479ac88f3df57e729af99629fc040] It appears likely that you have a Trojan/Malware on your computer posing as AdobeUpdate. http://www.virusradar.com/en/MSIL_BattleBot.A/descriptionThis was very likely used by a remote intruder to take a copy of your wallet file(s) and to run a keylogger that captured your password. Well i deleted all the files that came up from the report, should I be safe now? And what so I do now for a new wallet? I don't really trust electrum but I guess it had nothing to do with it. Is it safe to make a new wallet with that program?
|
|
|
|
dabura667
|
|
April 02, 2014, 04:13:43 PM |
|
Well i deleted all the files that came up from the report, should I be safe now? And what so I do now for a new wallet? I don't really trust electrum but I guess it had nothing to do with it. Is it safe to make a new wallet with that program?
Let me say this: Electrum is a free piece of software that is open source. You should only trust it as much as you trust a collective group of people on the internet (everyone using Electrum and vouching for it), OR your ability to understand python code. I personally trust my ability to read/code in python, so I don't need to trust Thomas or anyone telling me "this is a good program." I can verify this by myself. As for this incident. I hate to say it, but your computer was compromised, and currently there is no piece of software for wallet that can protect you from a computer with a trojan. If you deleted all the files from the report, I would say "maybe" you're safe. A good hacker could make a new form of trojan not traceable by malware detection, and then put in a second "dumb" trojan so that you will scan for it, find it, delete it, then continue on normal feeling safe... but you're not. The best thing to do is ALWAYS ASSUME YOUR COMPUTER IS COMPROMISED. If you want to keep your coins safe, buy a USB memory stick with over 8 GB and install Ubuntu on it, and boot your Electrum from there. http://pastebin.com/YhUj6fzt
|
My Tip Address: 1DXcHTJS2DJ3xDoxw22wCt11FeAsgfzdBU
|
|
|
edgebits (OP)
Newbie
Offline
Activity: 37
Merit: 0
|
|
April 02, 2014, 04:45:38 PM |
|
Well i deleted all the files that came up from the report, should I be safe now? And what so I do now for a new wallet? I don't really trust electrum but I guess it had nothing to do with it. Is it safe to make a new wallet with that program?
Let me say this: Electrum is a free piece of software that is open source. You should only trust it as much as you trust a collective group of people on the internet (everyone using Electrum and vouching for it), OR your ability to understand python code. I personally trust my ability to read/code in python, so I don't need to trust Thomas or anyone telling me "this is a good program." I can verify this by myself. As for this incident. I hate to say it, but your computer was compromised, and currently there is no piece of software for wallet that can protect you from a computer with a trojan. If you deleted all the files from the report, I would say "maybe" you're safe. A good hacker could make a new form of trojan not traceable by malware detection, and then put in a second "dumb" trojan so that you will scan for it, find it, delete it, then continue on normal feeling safe... but you're not. The best thing to do is ALWAYS ASSUME YOUR COMPUTER IS COMPROMISED. If you want to keep your coins safe, buy a USB memory stick with over 8 GB and install Ubuntu on it, and boot your Electrum from there. http://pastebin.com/YhUj6fztThank you.
|
|
|
|
|
dabura667
|
|
April 02, 2014, 05:17:11 PM |
|
Well i deleted all the files that came up from the report, should I be safe now? And what so I do now for a new wallet? I don't really trust electrum but I guess it had nothing to do with it. Is it safe to make a new wallet with that program?
Let me say this: Electrum is a free piece of software that is open source. You should only trust it as much as you trust a collective group of people on the internet (everyone using Electrum and vouching for it), OR your ability to understand python code. I personally trust my ability to read/code in python, so I don't need to trust Thomas or anyone telling me "this is a good program." I can verify this by myself. As for this incident. I hate to say it, but your computer was compromised, and currently there is no piece of software for wallet that can protect you from a computer with a trojan. If you deleted all the files from the report, I would say "maybe" you're safe. A good hacker could make a new form of trojan not traceable by malware detection, and then put in a second "dumb" trojan so that you will scan for it, find it, delete it, then continue on normal feeling safe... but you're not. The best thing to do is ALWAYS ASSUME YOUR COMPUTER IS COMPROMISED. If you want to keep your coins safe, buy a USB memory stick with over 8 GB and install Ubuntu on it, and boot your Electrum from there. http://pastebin.com/YhUj6fztThank you. You're welcome, I originally wrote that in Japanese for my friends here in Japan, and I translated into English so I'm sorry if it's hard to understand. If you have any questions about the process feel free to ask.
|
My Tip Address: 1DXcHTJS2DJ3xDoxw22wCt11FeAsgfzdBU
|
|
|
edgebits (OP)
Newbie
Offline
Activity: 37
Merit: 0
|
|
April 02, 2014, 05:21:21 PM |
|
If I always used safekeys to enter password for creation/withdrawal from electrum, would that make me 100% safe?
|
|
|
|
dabura667
|
|
April 02, 2014, 05:32:27 PM |
|
If I always used safekeys to enter password for creation/withdrawal from electrum, would that make me 100% safe?
Anyone who tells you something is 100% safe is lying. You might be 99% safe, 93% safe or 60% safe, no one knows... but I would garner a guess that safekeys would keep you MORE safe than you are NOT using it. The most important thing is to scan your system regularly with malware bytes and run something like Microsoft Security Essentials... Also, Disable Javascript in your browser, and whenever you come to a legit site (like youtube etc) you can click "add to exceptions" and it will let you view that page with javascript. If a sketchy site requires javascript. Do NOT activate it. I recommend safe paper wallets made offline if you're not too good with computers.
|
My Tip Address: 1DXcHTJS2DJ3xDoxw22wCt11FeAsgfzdBU
|
|
|
jbrnt
|
|
April 02, 2014, 06:21:39 PM |
|
I use an old laptop for bitcoin related thing. Reinstalled windows myself, chrome browser, then a antivirus software and that is it. No java, no shareware, just use electrum and blockchain wallet via chrome. Please do not install any other altcoin wallet either.
|
|
|
|
|