[SDC] ShadowCash | Welcome to the UMBRA

[lawgicc]

.....
The only wallet qt I have is the newest SDC wallet.

 

did you download the wallet from the OP never download from Quotes!!!

Do a check against the versions: checksum

How, example:

https://www.youtube.com/watch?v=C7ZZqnkrj48

checksuming a good idea (tho few will do it).
ive never seen a prog that checked its own cheksum b4 launch. If the app verified it's checksum by comparing to a value stored on the blockchain… then hmm… is this a solution?

nevertheless in lawgic's case the coins have been stolen by some other means.
what do we know?

1) the attacker did not use shadowsend
2) the attacker staked the wallet with the stolen funds
3) the attacker made 2 withdrawals (robberies) seperated by several hours
4) the wallet was protected with a 30+char pass
5) the PC was brand new


My Q
How did they know the pass? lawgic: did u ever enter it? was there maybe a keystroke logger that grabbed it?

I think the attempts to log in to the blockchain.info account are a valuable clue.

The attacker never entered the right paraphrase to my Blockchain.info wallet or it wouldve logged it. The only log of the attacker was from the TOR ip that was blocked because of my settings. The keylogger has yet to access any of my other accounts..

[Wheatclove]

.....
The only wallet qt I have is the newest SDC wallet.

 

did you download the wallet from the OP never download from Quotes!!!

Do a check against the versions: checksum

How, example:

https://www.youtube.com/watch?v=C7ZZqnkrj48

checksuming a good idea (tho few will do it).
ive never seen a prog that checked its own cheksum b4 launch. If the app verified it's checksum by comparing to a value stored on the blockchain… then hmm… is this a solution?

nevertheless in lawgic's case the coins have been stolen by some other means.
what do we know?

1) the attacker did not use shadowsend
2) the attacker staked the wallet with the stolen funds
3) the wallet was protected with a 30+char pass
4) the PC was brand new


My Q
How did they know the pass? lawgic: did u ever enter it? was there maybe a keystroke logger that grabbed it?

It fucking beats me. I literally unwrapped this computer yesterday....No idea how a key logger would have got my new PC key logged that quick....My chromebook with linux was encrypted with 2 paraphrases, and my paraphrases are encrypted with pgp 30+ characters long, numbers+letters+symbols.


Never seen these files before?



any idea?

The Shadow-Qt with the shadow logo does nothing when clicked. I use a different folder/exe to open up the qt. Also the file below was added around the time my coins were lifted and someone tried to access my blockchain wallet.

for as long as I can remember, shadow.exe has been the file included in the .zip releases. and the most recent shadow.exe is ~12MB.

[child_harold]

 lawgicc : ur shadow wallet had a 30+char password, yes?
how the hell could he get it without the pass?

ur blockchain.info is a separate issue, yes?

btw u r handling this remarkably well. u have my sympathy.

[dadon]

what do you prefer? i run the malwarebytes pro version all i know is i had avg installed at one point and it would come up clean system, and then i download free version of malwarebytes and it came up with like 100+ viruses! what a joke that was a paid for version of AVG also, that was also a computer i had no crypto on at the time so i was lucky i found how useless the mainstream anti virus programs are.
Gibs187x do you live in the states? did you have your computer delivered? if you had it delivered it would of had to go thru the postal service and that's a government agency would not surprise me if they are hijacking packages with computers of interest, like yours would be being heavily involved in crypto for 4 years, and put shit on it.
yeah sounds like a conspiracy.
but the truth  stranger then fiction i have come to find.
trust nothing and nobody anymore those days are long gone.

[child_harold]

for as long as I can remember, shadow.exe has been the file included in the .zip releases. and the most recent shadow.exe is ~12MB.

agreed. good eyes. where did u dl the wallet lawgicc?

[Gibbs187x]

what do you prefer? i run the malwarebytes pro version all i know is i had avg installed at one point and it would come up clean system, and then i download free version of malwarebytes and it came up with like 100+ viruses! what a joke that was a paid for version of AVG also, that was also a computer i had no crypto on at the time so i was lucky i found how useless the mainstream anti virus programs are.
Gibs187x do you live in the states? did you have your computer delivered? if you had it delivered it would of had to go thru the postal service and that's a government agency would not surprise me if they are hijacking packages with computers of interest, like yours would be being heavily involved in crypto for 4 years, and put shit on it.
yeah sounds like a conspiracy.
but the truth  stranger then fiction i have come to find.
trust nothing and nobody anymore those days are long gone.

i totally agree with you 100% im in the states but fresh pc..

[Automatic Monkey]

.....
The only wallet qt I have is the newest SDC wallet.

 

did you download the wallet from the OP never download from Quotes!!!

Do a check against the versions: checksum

How, example:

https://www.youtube.com/watch?v=C7ZZqnkrj48

checksuming a good idea (tho few will do it).
ive never seen a prog that checked its own cheksum b4 launch. If the app verified it's checksum by comparing to a value stored on the blockchain… then hmm… is this a solution?

nevertheless in lawgic's case the coins have been stolen by some other means.
what do we know?

1) the attacker did not use shadowsend
2) the attacker staked the wallet with the stolen funds
3) the attacker made 2 withdrawals (robberies) seperated by several hours
4) the wallet was protected with a 30+char pass
5) the PC was brand new


My Q
How did they know the pass? lawgic: did u ever enter it? was there maybe a keystroke logger that grabbed it?

I think the attempts to log in to the blockchain.info account are a valuable clue.

The attacker never entered the right paraphrase to my Blockchain.info wallet or it wouldve logged it. The only log of the attacker was from the TOR ip that was blocked because of my settings. The keylogger has yet to access any of my other accounts..

Are you running a Tor node anywhere else on your network, any place where a Tor sleaze could have slithered in?

[lawgicc]

.....
The only wallet qt I have is the newest SDC wallet.

 

did you download the wallet from the OP never download from Quotes!!!

Do a check against the versions: checksum

How, example:

https://www.youtube.com/watch?v=C7ZZqnkrj48

checksuming a good idea (tho few will do it).
ive never seen a prog that checked its own cheksum b4 launch. If the app verified it's checksum by comparing to a value stored on the blockchain… then hmm… is this a solution?

nevertheless in lawgic's case the coins have been stolen by some other means.
what do we know?

1) the attacker did not use shadowsend
2) the attacker staked the wallet with the stolen funds
3) the wallet was protected with a 30+char pass
4) the PC was brand new


My Q
How did they know the pass? lawgic: did u ever enter it? was there maybe a keystroke logger that grabbed it?

It fucking beats me. I literally unwrapped this computer yesterday....No idea how a key logger would have got my new PC key logged that quick....My chromebook with linux was encrypted with 2 paraphrases, and my paraphrases are encrypted with pgp 30+ characters long, numbers+letters+symbols.


Never seen these files before?



any idea?

The Shadow-Qt with the shadow logo does nothing when clicked. I use a different folder/exe to open up the qt. Also the file below was added around the time my coins were lifted and someone tried to access my blockchain wallet.

for as long as I can remember, shadow.exe has been the file included in the .zip releases. and the most recent shadow.exe is ~12MB.

my best guess is i downloaded a bugged version of the wallet, pasted my original wallet.dat file into my roaming folder, started the SDC wallet qt and unlocked my wallet while the wallet was still syncing on my new computer. 


**I did unlock my wallet (for staking only) on my new computer while my wallet was still half synced....Never knew thatd cause problems but Idk what else it could be. I dont know how its even feasible for me to get keylogged without downloading anything/clicking any links....I didnt hop on a computer for the first time yesterday...I dont tell anyone my password, i dont even have it written down, on paper, or in text on my computer. Unless my Asus Transformer Book Flip TP300 is bugged from the jump...i have no fuckin clue. I got 90 days to return this shit, so i got some time before i go tauren

[child_harold]

dunno if it can be done, im no dev.

can we get wallets to verify (b4 launch) against a checksum value stored on the blockchain thus preventing the malicious node from joining the nwtwork?

or is this gestapo tactics making development of unofficial wallets more diff?

[lawgicc]

lawgicc : ur shadow wallet had a 30+char password, yes?
how the hell could he get it without the pass?

ur blockchain.info is a separate issue, yes?

btw u r handling this remarkably well. u have my sympathy.

Not sure if seperate or the same person. They both happened within the same time frame. It came to my attention when i was alerted through email my blockchain account had been attempted to be logged in. 

I have no fucking idea. no fucking idea...

I guess, appreciate it. Im beyond upset no question but its just currency. ill get it back. just not sure if i can trust these altcoins. Might just have to stay with bitcoin. Never in my 3-4 years using crypto have i had this problem.

People probably think im a scrub first learning crypto....as to why im so fuckin frustrated. I dont get how this fuckin happened at all. Im even more upset because this may potentially negatively impact SDC...I fuckin love this SDC....my social media is blasted with SDC and ive told countless people i know personally that this will take Bitcoin's place, just give it time...

now i dont even want to speak about crypto.

[Wheatclove]

lawgicc : ur shadow wallet had a 30+char password, yes?
how the hell could he get it without the pass?

ur blockchain.info is a separate issue, yes?

btw u r handling this remarkably well. u have my sympathy.

Not sure if seperate or the same person. They both happened within the same time frame. It came to my attention when i was alerted through email my blockchain account had been attempted to be logged in.  

I have no fucking idea. no fucking idea...

I guess, appreciate it. Im beyond upset no question but its just currency. ill get it back. just not sure if i can trust these altcoins. Might just have to stay with bitcoin. Never in my 3-4 years using crypto have i had this problem.

People probably think im a scrub first learning crypto....as to why im so fuckin frustrated. I dont get how this fuckin happened at all. Im even more upset because this may potentially negatively impact SDC...I fuckin love this SDC....my social media is blasted with SDC and ive told countless people i know personally that this will take Bitcoin's place, just give it time...

now i dont even want to speak about crypto.

what does the dclogs folder belong to?

fairly certain this is a keylogger and you may find logs of your keystrokes in that folder

[child_harold]

**I did unlock my wallet (for staking only) on my new computer while my wallet was still half synced....Never knew thatd cause problems but Idk what else it could be. I dont know how its even feasible for me to get keylogged without downloading anything/clicking any links....I didnt hop on a computer for the first time yesterday...I dont tell anyone my password, i dont even have it written down, on paper, or in text on my computer. Unless my Asus Transformer Book Flip TP300 is bugged from the jump...i have no fuckin clue. I got 90 days to return this shit, so i got some time before i go tauren

ive heard of hw arriving infected - thats why i asked where u bought it.
but as WC noticed that exe is too small (right?-im not on windows) suggesting a malicious wallet.

any more confirms on wallet exe file size?

[LiteBit]

I thought we verified in slack and on the blockchain that the stolen coins transferred 24 hours ago and your new computer want done syncing 24 hours ago. That means that the breach happened on your old system not the new one. The new one only verified the theft once synced. It was the most current version of the chain you could read.

It's like trading wallet.dats around different computers. You move it to one computer and do a couple transactions, move it to the next and do the same. When you restart the original computer the wallet.dat saved had all the coins you had before the transfers but once you're in sync the other coins come out.

Tldr: the beach was on the old computer, not the new one.

[child_harold]

lawgicc : ur shadow wallet had a 30+char password, yes?
how the hell could he get it without the pass?

ur blockchain.info is a separate issue, yes?

btw u r handling this remarkably well. u have my sympathy.

Not sure if seperate or the same person. They both happened within the same time frame. It came to my attention when i was alerted through email my blockchain account had been attempted to be logged in. 

I have no fucking idea. no fucking idea...

I guess, appreciate it. Im beyond upset no question but its just currency. ill get it back. just not sure if i can trust these altcoins. Might just have to stay with bitcoin. Never in my 3-4 years using crypto have i had this problem.

People probably think im a scrub first learning crypto....as to why im so fuckin frustrated. I dont get how this fuckin happened at all. Im even more upset because this may potentially negatively impact SDC...I fuckin love this SDC....my social media is blasted with SDC and ive told countless people i know personally that this will take Bitcoin's place, just give it time...

now i dont even want to speak about crypto.

what does the dclogs folder belong to?

hmmm


spearfishing blockchain.info users?
click email and DL trojan?

maybe?

[Gibbs187x]

lawgicc : ur shadow wallet had a 30+char password, yes?
how the hell could he get it without the pass?

ur blockchain.info is a separate issue, yes?

btw u r handling this remarkably well. u have my sympathy.

Not sure if seperate or the same person. They both happened within the same time frame. It came to my attention when i was alerted through email my blockchain account had been attempted to be logged in.  

I have no fucking idea. no fucking idea...

I guess, appreciate it. Im beyond upset no question but its just currency. ill get it back. just not sure if i can trust these altcoins. Might just have to stay with bitcoin. Never in my 3-4 years using crypto have i had this problem.

People probably think im a scrub first learning crypto....as to why im so fuckin frustrated. I dont get how this fuckin happened at all. Im even more upset because this may potentially negatively impact SDC...I fuckin love this SDC....my social media is blasted with SDC and ive told countless people i know personally that this will take Bitcoin's place, just give it time...

now i dont even want to speak about crypto.

what does the dclogs folder belong to?

fairly certain this is a keylogger and you may find logs of your keystrokes in that folder

hes infected!

[lawgicc]

I thought we verified in slack and on the blockchain that the stolen coins transferred 24 hours ago and your new computer want done syncing 24 hours ago. That means that the breach happened on your old system not the new one. The new one only verified the theft once synced. It was the most current version of the chain you could read.

It's like trading wallet.dats around different computers. You move it to one computer and do a couple transactions, move it to the next and do the same. When you restart the original computer the wallet.dat saved had all the coins you had before the transfers but once you're in sync the other coins come out.

Tldr: the beach was on the old computer, not the new one.

No it was not verified. All that was verified was that the transactions were not sent from my old or new computer.

[Gibbs187x]

I thought we verified in slack and on the blockchain that the stolen coins transferred 24 hours ago and your new computer want done syncing 24 hours ago. That means that the breach happened on your old system not the new one. The new one only verified the theft once synced. It was the most current version of the chain you could read.

It's like trading wallet.dats around different computers. You move it to one computer and do a couple transactions, move it to the next and do the same. When you restart the original computer the wallet.dat saved had all the coins you had before the transfers but once you're in sync the other coins come out.

Tldr: the beach was on the old computer, not the new one.

No it was not verified. All that was verified was that the transactions were not sent from my old or new computer.

you got infected with a rat i got infected too i got accused of stealing viral which i did not! look for the dclogs in my pic too!

[lawgicc]

I thought we verified in slack and on the blockchain that the stolen coins transferred 24 hours ago and your new computer want done syncing 24 hours ago. That means that the breach happened on your old system not the new one. The new one only verified the theft once synced. It was the most current version of the chain you could read.

It's like trading wallet.dats around different computers. You move it to one computer and do a couple transactions, move it to the next and do the same. When you restart the original computer the wallet.dat saved had all the coins you had before the transfers but once you're in sync the other coins come out.

Tldr: the beach was on the old computer, not the new one.

No it was not verified. All that was verified was that the transactions were not sent from my old or new computer.

you got infected with a rat i got infected too i got accused of stealing viral which i did not!

wow...yep Dclogs is malware..............

[lawgicc]

.....
The only wallet qt I have is the newest SDC wallet.

 

did you download the wallet from the OP never download from Quotes!!!

Do a check against the versions: checksum

How, example:

https://www.youtube.com/watch?v=C7ZZqnkrj48

checksuming a good idea (tho few will do it).
ive never seen a prog that checked its own cheksum b4 launch. If the app verified it's checksum by comparing to a value stored on the blockchain… then hmm… is this a solution?

nevertheless in lawgic's case the coins have been stolen by some other means.
what do we know?

1) the attacker did not use shadowsend
2) the attacker staked the wallet with the stolen funds
3) the attacker made 2 withdrawals (robberies) seperated by several hours
4) the wallet was protected with a 30+char pass
5) the PC was brand new


My Q
How did they know the pass? lawgic: did u ever enter it? was there maybe a keystroke logger that grabbed it?

I think the attempts to log in to the blockchain.info account are a valuable clue.

didnt look at those screens close but yes lawgicc appears to have fallen prey to a targeted attack.
my q again however is how did they know his pass for his shadow wallet? he must have entered it (typed it) at some point on his new PC which had a keylogger.

lawgicc: where did u buy ur new PC?

Costco in california. San Luis Obispo to be precise

[child_harold]

lawgicc: where did u buy ur new PC?

Costco in california. San Luis Obispo to be precise

and Dclogs was pre-installed? howd u get it?


ps


r trojans so clever now? feels like there was human involvement in ur hack