Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

BTC Stolen #5072

Closed
KallEYE opened this issue Feb 5, 2019 · 71 comments
Closed

BTC Stolen #5072

KallEYE opened this issue Feb 5, 2019 · 71 comments
Labels
phishing 🎣 For phishing websites, fake wallets and stuff like that

Comments

@KallEYE
Copy link

KallEYE commented Feb 5, 2019

They stole 0,09 btc from me
Why Electrum shows me that I have to update software ?
I was using it for 1 year and this fucking message came from Electrum server

Adress:
bc1qvr93mxj5ep58wlchdducthe89hcmk3a4uqpw3c

@KallEYE
Copy link
Author

KallEYE commented Feb 5, 2019

Is a fucking action, since they had no password, etc.

@KallEYE
Copy link
Author

KallEYE commented Feb 5, 2019

Delete everything and reinstall it.

@gits7r
Copy link

gits7r commented Feb 5, 2019

We are sorry for this, but this message is confusing and too alarming and causes panic among users.

Electrum doesn't have a bug that can be exploited, it cannot be controlled remotely, it has no open vulnerability that can cause loss without user's action. Electrum was no more "hacked" or "exploited" than gmail, yahoo, outlook and all financial institutions (banks, etc.) as well as various other online services are every day.

Because of how peer discovery works in Electrum, there is not much we can do for old versions, since we can't prevent them with 100% success rate to run into a malicious server. This is because, unlike other lightweight wallets, Electrum decided to not have only few harcoded servers that will be responsible for the privacy of all users, and act as single point of failure, but instead allow users to run their own servers or use servers that they trust. Electrum takes user privacy very seriously, which is why proper peer to peer discovery without central authority arbitration was adopted, instead of anything else. This way an attacker cannot keep an Electrum user offline, or isolate him, or pull various attacks.

While the entire Electrum team is doing absolutely everything possible to protect the users, such as:

  • patch Electrum wallet to not display rich text, and don't allow arbitrary messages, only strict codes;

  • patch ElectrumX server implementation to detect sybil (malicious servers that send the phishing message) and not further broadcast them to clients;

  • implement blacklist logic to maintain malicious servers outside the view of the clients;

  • heavily advertise on social, website and all communication forms existent with the users that they should always run the latest version and always only install from the official source (electrum.org), accessed over secure protocol (https) with prior verifications of the PGP signature;

...the sad truth is that nothing can be truly done to protect an user from its own actions. If you are willing to install Electrum from a different source, when the official is electrum.org, and you don't verify signatures, even with the latest patch that does not display rich text you are still vulnerable as you can receive an email or text message with the same phishing message, and install a backdoored Electrum.

After all, when you install and use security software and finances software such as Electrum the first rule is to make sure you are running a version that has no discovered vulnerabilities and your build is signed and genuine.

I know this is not pleasant to read after loss of funds, and we are sorry, but this is the sad truth. This is not a vulnerability in Electrum, so we are going to respectfully close such issues / tickets on github because we are already doing everything possible to limit the effects of phishing attacks, and such issues do not provide any new information.

@KallEYE
Copy link
Author

KallEYE commented Feb 5, 2019

A nice excuse from Electrum. Have the wallet displayed, update as it is synonymous with many other programs that
was led directly from the wallet to the homepage. This deportation of responsibility to users is an insolence. Even my protection program did not recognize the fake side. Choose another provider, since the comment page Electrum is a naughtiness !!!!!
Ciao Electrum
Fuckup Electrum - Electrum still earns money from it!!!!

@gits7r
Copy link

gits7r commented Feb 5, 2019

It is not an excuse from Electrum. it is a simple explanation from me, personally.

Where did you download the first Electrum from? electrum.org

The second one was downloaded from a different source. Electrum.org clearly states do not download from other sources.

Your protection program cannot recognize the fake side, because the attack is simple and is not related to a security exploit, it just sends a message that QT parses as rich text.

You can receive such messages by any other channel, like email, phone, sms, etc. - if you follow the malicious link the effect is still the same, so yes I sincerely think it's the responsibility of the users. Running out of date software is not recommended especially security software or finance software. Installing unverified binaries from untrusted sources is even worse, and there's absolutely nothing that those app developers can do to protect you against this.

Electrum does not earn any money from it. If Electrum was malicious, I assure you funds would have been taken in a smarter way and not via the oldest scam in the history of the internet: phishing, which happens every day to ALL online services...

@ecdsa ecdsa added the phishing 🎣 For phishing websites, fake wallets and stuff like that label Feb 6, 2019
@ecdsa ecdsa closed this as completed Feb 6, 2019
@riniguez
Copy link

riniguez commented Aug 23, 2019

bc1qcygs9dl4pqw6atc4yqudrzd76p3r9cp6xp2kny stole me 0.00796663 BTC

@4oo4
Copy link

4oo4 commented Aug 23, 2019

@KallEYE

electrum/LICENCE

Lines 14 to 20 in 9c45472

THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND,
EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF
MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND
NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE
LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION
OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION
WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.

@1400BitcoinStolen
Copy link

1400BitcoinStolen commented Aug 30, 2020

I just lost 1,400 BTC via the same method described above.

@1400BitcoinStolen
Copy link

1400BitcoinStolen commented Aug 30, 2020

bc1qcygs9dl4pqw6atc4yqudrzd76p3r9cp6xp2kny is the receivers address.

@verretor
Copy link
Contributor

verretor commented Aug 30, 2020

I just lost 1,400 BTC via the same method described above.

Could you provide more details about how it happened?

@1400BitcoinStolen
Copy link

1400BitcoinStolen commented Aug 30, 2020

I had 1,400 BTC in a wallet that I had not accessed since 2017. I foolishly installed the old version of the electrum wallet. My coins propagated. I attempted to transfer about 1 BTC however was unable to proceed. A pop-up displayed stating I was required to update my security prior to being able to transfer funds.

I installed the update which immediately triggered the transfer of my entire balance to a scammers address.

@verretor
Copy link
Contributor

verretor commented Aug 30, 2020

They may not have stolen your BCH and BSV yet.

I recommend moving those to another wallet using ANOTHER COMPUTER. Yours is possibly compromised.

@mrbianchi
Copy link

mrbianchi commented Aug 30, 2020

They may not have stolen your BCH and BSV yet.

I recommend moving those to another wallet using ANOTHER COMPUTER. Yours is possibly compromised.

@1400BitcoinStolen If you need quick help to do that, contact me

@lukechilds
Copy link
Contributor

lukechilds commented Aug 30, 2020

@1400BitcoinStolen I would recommend you install:

Then import your seed, and sweep the BCH/BSV somewhere else and dump them for BTC to reclaim some value. The value of your fork coins are currently worth just over $500k.

I can't comment on the code quality of those Electrum forks but I had a quick look and they appear to be genuine. I'd say it's worth the risk considering the situation.

@1400BitcoinStolen
Copy link

1400BitcoinStolen commented Aug 30, 2020

I accessed the BCH back in 2017 when I moved the BTC into the new electrum wallet.

I appreciate the productive thoughts guys.

Cheers

@EagleTM
Copy link
Contributor

EagleTM commented Aug 30, 2020

@1400BitcoinStolen Please join #electrum on freenode to discuss this further

@mrbianchi
Copy link

mrbianchi commented Aug 30, 2020

Furthermore BSV and BCH, you can extract more forks, if you need help I can advice you

@Smiggel
Copy link

Smiggel commented Aug 30, 2020

@1400BitcoinStolen I would recommend you install:

Then import your seed, and sweep the BCH/BSV somewhere else and dump them for BTC to reclaim some value. The value of your fork coins are currently worth just over $500k.

I can't comment on the code quality of those Electrum forks but I had a quick look and they appear to be genuine. I'd say it's worth the risk considering the situation.

Care to explain? I thought that Bitcoin SV was a fork from Bitcoin Cash. You can still claim the coins with your Bitcoin seed?

@lukechilds
Copy link
Contributor

lukechilds commented Aug 30, 2020

Care to explain? I thought that Bitcoin SV was a fork from Bitcoin Cash. You can still claim the coins with your Bitcoin seed?

If you haven't touched your BCH UTXOs since the fork then yes, you'll also have the same UTXOs on BSV and the same seed can be used to spend the funds on both chains.

@Smiggel
Copy link

Smiggel commented Aug 30, 2020

Care to explain? I thought that Bitcoin SV was a fork from Bitcoin Cash. You can still claim the coins with your Bitcoin seed?

If you haven't touched your BCH UTXOs since the fork then yes, you'll also have the same UTXOs on BSV and the same seed can be used to spend the funds on both chains.

Ah, check. I claimed my BCH and sold them already. :-) So, nothing left there for me.

@volyxixi
Copy link

volyxixi commented Aug 30, 2020

Hacker changed the code of new Electrum version or update link.. i remember long time ago Electrum notify about this bug!

@1400BitcoinStolen
Copy link

1400BitcoinStolen commented Aug 30, 2020

@1400BitcoinStolen Please join #electrum on freenode to discuss this further

can you plese give me a link to the site?

@Steven4294
Copy link

Steven4294 commented Aug 30, 2020

I'm having the same issue

@drnick30
Copy link

drnick30 commented Aug 30, 2020

@1400BitcoinStolen I’m so so sorry man, this is so disheartening, $17 million gone. you still have some unclaimed forked coins. If you need any help with that, I could help you.

@Hey
Copy link

Hey commented Aug 30, 2020

Just here to pay respects.

@WIS3B33
Copy link

WIS3B33 commented Aug 30, 2020

Sickening sorry bro

@john--
Copy link

john-- commented Aug 30, 2020

@1400BitcoinStolen I really wish the best for you! Good luck with recovering your bitcoin.

@spesmilo spesmilo deleted a comment from pbandlotsofj Aug 31, 2020
@rbrooklyn
Copy link
Contributor

rbrooklyn commented Aug 31, 2020

@spesmilo time to lock the comments on this I think. Scammers have found this thread and are exploiting it. The hex scam, someone posting a fake recovery service, and now @fiubit begging for money.

@kenerik
Copy link

kenerik commented Aug 31, 2020

@rbrooklyn I agree.. Lock it down..

For the record.. @1400BitcoinStolen
As of yesterday..Out of what i read.. Binance and other exchanges are now Black listing the TxId, and address that touch them.
Nothing much more to do about this tragic story.

@spesmilo spesmilo deleted a comment from fiubit Aug 31, 2020
@spesmilo spesmilo deleted a comment from hex-whale Aug 31, 2020
@ecdsa
Copy link
Member

ecdsa commented Aug 31, 2020

@1400BitcoinStolen there is a police investigation going on in Germany and in the UK.
we will report your loss, but it will have more weight if you report it too.

@Cryptbtcaly
Copy link

Cryptbtcaly commented Aug 31, 2020

Hello
I had a similar situation 2 months ago.
36.5 Bitcoin was stolen from my address 36xej1oQw82Jz51kjBhcmV3Eb8a8vkwtrw to bc1qy303ar4jjy2x0efn00aqdlfvn48a0gddj355fv - https://blockchair.com/bitcoin/transaction/34ce7a78c6379d3176200deffd26798901dba1c726663e177d6ca9c1cf18643e

Now stolen Bitcoin are at addresses:
bc1qpk0w9pvhqrxn29vzpxpjl87w4g9hlvmv0jkmv0 (9.8181 BTC)
bc1qwtanse4pk26v0kvxcpxrfnzmnjgcxl9vkkw05t (5.4984 BTC)
bc1qstdm72hj07fxwn30j3cecxrfxnzh6ssx02thqa (4.93063517 BTC)
bc1q9wt8rfmk473nz7nh7hpgl7euhrem3n8kmag0e8 (7.83 BTC)
bc1qxn4xt0sfev5snxdgr0anrjtt5346att0gedaxz (5.55171966 BTC)

Some of the stolen Bitcoin went to Binance, but they ignore my appeals and do not return.
Cover up fraudsters.

@1400BitcoinStolen
Copy link

1400BitcoinStolen commented Aug 31, 2020

@1400BitcoinStolen there is a police investigation going on in Germany and in the UK.
we will report your loss, but it will have more weight if you report it too.

How so? How do you know an investigation has kicked off?

@stroydat
Copy link

stroydat commented Aug 31, 2020

Working with Electrum wallet is not easy.
I have been using it since 2014. I managed to save assets. There is a safe work algorithm.
Interesting to b2b-buy coins. // t.me finist4x

@hexhivist
Copy link

hexhivist commented Aug 31, 2020

The HEX snapshot was on December 2nd 2019, you have until November 19th to claim with your electrum wallet. These people are not being helpful, your Bitcoin is gone forever join t.me/HEXCrypto and we'll help you with claiming HEX.

@hexhivist
Copy link

hexhivist commented Aug 31, 2020

Whoever is deleting HEX comments is a scammer, you can claim it free just like any other hard fork.

@hexhivist
Copy link

hexhivist commented Aug 31, 2020

Alternatively DM @RichardHeartWin and discuss it.

@ecdsa
Copy link
Member

ecdsa commented Aug 31, 2020

@1400BitcoinStolen there is a police investigation going on in Germany and in the UK.
we will report your loss, but it will have more weight if you report it too.

How so? How do you know an investigation has kicked off?

We (electrum developers) have reported the phishing attack to the police about a year ago.
I cannot make any comments about the progress of the investigation, but it helps if victims report it independently.
If you live in Germany you should contact the cybercrime unit of the LKA Berlin

@spesmilo spesmilo deleted a comment from Adrielle9 Aug 31, 2020
@asher-lab
Copy link

asher-lab commented Aug 31, 2020

That hurts mate 😩

@spesmilo spesmilo deleted a comment from Adrielle9 Aug 31, 2020
@spesmilo spesmilo deleted a comment from Adrielle9 Aug 31, 2020
@dmytroleonenko
Copy link

dmytroleonenko commented Aug 31, 2020

The lesson for others? Use a hardware wallet if your BTC(others apply as well) holdings worth more than you afford to lose. Probably anything more than 1k$ should be stored on a hardware wallet. There are plenty of them.

@yadakhov
Copy link

yadakhov commented Aug 31, 2020

The lesson for others? Use a hardware wallet if your BTC(others apply as well) holdings worth more than you afford to lose. Probably anything more than 1k$ should be stored on a hardware wallet. There are plenty of them.

Might be a stupid question here. It is possible for the software that's connected to the Hardware Wallet (Ledger Live, electrum etc) to be hacked? Even though the hardware wallet is saying it is going to a certain address is is actually going to a hacker address.

@EagleTM
Copy link
Contributor

EagleTM commented Aug 31, 2020

2FA wallet or Hardware wallet helps of course - you still need to verify where you send your coins, there is clipboard changing malware which will replace the recipient address...

Most importantly: Don't click on links in popups in Electrum (new versions won't have popups). Don't download updates from sites other than the offical site (electrum.org) and verify your release. There are youtube videos and tutorials how to do so.

@JeDaYoshi
Copy link

JeDaYoshi commented Aug 31, 2020

Came here to pay respects, too. F

@ip-config
Copy link

ip-config commented Aug 31, 2020

1400 BTC and using electrum. Stop Drama. Stop Lie !
buy u a Leger Nano cost 0.0014BTC

@7mikael
Copy link

7mikael commented Sep 1, 2020

(Off-topic and will remove this post on 6 Sep:) @1400BitcoinStolen please email me, on the topic of making a difference for others and the future.

@spesmilo spesmilo deleted a comment from digiatale007 Sep 1, 2020
@spesmilo spesmilo deleted a comment from makishart Sep 1, 2020
@spesmilo spesmilo locked as too heated and limited conversation to collaborators Sep 1, 2020
@SomberNight
Copy link
Member

SomberNight commented Sep 1, 2020

the ads are starting

Indeed.

Locked for now. Not much more can be said here.

Sign up for free to subscribe to this conversation on GitHub. Already have an account? Sign in.
Labels
phishing 🎣 For phishing websites, fake wallets and stuff like that
Projects
None yet
Development

No branches or pull requests