-
Notifications
You must be signed in to change notification settings - Fork 3.1k
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
transaction without my participation #8263
Comments
I Had the same . 2023-03-12 06:28 . All my btc gone. :( Trans. Id : |
What operating system did you use? |
I don't know what sys ShaddyrR have but I had wallet on my phone. |
it's a massive attack on Electrum ? Hash ID it's the same. ShaddyrR's ID and my ID it's the same. On the same date and time. |
You cannot possibly have the same transaction ID in two distinct wallets. Please check that you actually own this wallet: can you decode the seed with your password? is it watching-only? Please also answer @SomberNight 's question: operating system, how did you store your seed. |
I still have an access to my wallet, everything works ,yes I can decode seed. Wallet ask for password every time when I trying to open it. and: |
I've win 10 Pro 21H2 19044
No, there is not. My PC is clean and hasn't any other wallet but mine. |
@ecdsa you can, if the seeds were stolen from multiple wallets and all UTXOs sweeped in 1 TX. |
ah indeed. I did not think of that. |
It looks like that's exactly what happened. The Tx includes UTXOs from legacy and segwit addresses, indicating the private keys were swept together. The fee applied to the Tx is also notable; 50 sats/vByte. Only a scammer would do that. @ShaddyrR @ArturNTN; From where did you guys download the software you used? |
dowloaded from a link at the status bar of the standalone of course, every time if it had an update there, like on the screen. |
I'm used wallet from Google play store . |
@ArturNTN and how did you store your seed? |
On the paper. |
no I didn't. Just the only my laptop |
I don't even know what is it) |
I haven't played NFTs.
Some time ago I installed a wallet but now this computer is not even connected to the network. It's an older pc and sits unused behind a cupboard. |
I'm embarrassed by it. It was money set aside for my son's orthopedic surgery. |
it does not matter if it is old and not connected to the network anymore. the seed can have been stolen a long time ago, long before the transaction you reported. Can you confirm that "a wallet" was a wallet with the same seed as the wallet on android? That would point in the direction of the same malware on both windows machines. |
Does that computer run on Windows? Do you remember what software you installed, was it Electrum or some other desktop wallet software? |
Yes, it does
For last 3+ years - nothing. Just updated Electrum if it asked to. |
If I remember I had Electrum BTC and LTC. It was Win 7 Sp2. Software : Only TotalAV |
In my case the money was saved for the education of my kids or for the purchase of housing. Now it doesn't matter anymore. I am sure that even if it is confirmed that the attack was successful not due to user error, but using some kind of wallet vulnerability, Electrum does not compensate for the losses to its users, as Nicehash did in a similar situation. Because it is always easier to write off such things as viruses, errors, licenses and other rubbish than to admit there is a problem and take responsibility for the result. |
true |
It is easier to blame developers rather than to do a real investigation. Our software is open source and completely transparent. If you find a problem in it, this website is the right place to report it, and we will be very happy to fix it. Now, if the only reason for you to be here is to complain and try to get a refund, without pointing at a concrete problem, then you are strongly misunderstanding how open source software works. We are here to fix issues, and the only reason we ask questions is in order to find a possible explanation for what happened. A wallet is vulnerable to the platform where it runs. There is no fix for that. If you cannot secure your own computer, there are little computers called hardware wallets that strongly mitigate the risks. You should consider buying one of them. I am closing this issue. Please reopen it if you have concrete elements that we can work with. |
Dear sirs. Well, I was expecting something like this. So I wait for your questions |
Nicehash is an exchange/mining pool that as part of those services also provides a custodial wallet as another service where customers can keep their funds. Such a custodial wallet is like a bank, and when they got hacked, the money that was stolen was stolen from the company hot wallet, that stored money on behalf of the users. Electrum is free/libre open source software, it is a non-custodial wallet. It is not a service. It is just a tool. At no point in time is anyone else in control of user funds than the user themselves. Being in control of your own money is a big responsibility. If you keep gold bars in the boot of your car, and the gold bars get stolen, not sure you should complain to the car manufacturer that gave you the car and its blueprints for free. The source code is available to anyone under a permissive license, and the binaries are reproducibly built, hence if there really is a vulnerability, you are free to point out the exact lines of code that are responsible. If you can't see the difference between having a wallet at Nicehash or using Electrum, I recommend using a checking account at the nearest bank.
There is 2FA, and hardware wallets are supported. Both things you have to opt into explicitly during wallet creation, which you apparently have not done. Multisig wallets and offline signing are also supported.
I fear there are some deep misconceptions here.
At least do a basic search or read the FAQ. I am sorry your funds got stolen. No one can get it back for you. |
@SomberNight
You're right for now. But as you know they provide exchange for only about 4 years. Before this point it was just a mining platform. And the second moment is that I didn't use their wallet - the only wallet what have been used by me is Electrum's, since 2017.06 date. The only my coins they had were those I couldn't save up to minimal value for autoexport
You are right. But, for example, if this automobile concern gave me guarantees that their car was absolutely protected from theft and no one could break its locks, and then it turned out that everything was stolen from the car, and the locks were intact and the alarm did not notify me - yes I would file a claim. Are you not?
No, I don't see much difference in this case. Yes, I can look through the program code to try to find any errors, although my programming level is too low to give you a clear answer what happened here and if there is any error here. But can you be sure that they don't exist at all? And I didn't count how many people were hacked this time, but do you agree that it's too many to say that everyone did something wrong?
When I met BTC, I didn't even know if it made sense. And I really liked the simplicity and convenience of the wallet. Let's just say - I don't remember that at the time of creation I was offered the 2FA method, but after what happened, I tried to find and enable it in the settings and... I didn't find it. As I could understand I can't to add this ability without recreate a wallet?
Partially, I have already answered your questions above - both regarding 2FA and about the car example. As for the probability of stealing the wallet file, the whole point of protection is reduced to zero, since the password is much easier to crack than it is to find out or guess the seed
For what? I found nothing. What are yo mean? Can you point me the link to answer my question about that?
I'm afraid I gave you anything I know about this situation. Unfortunately it can't neither help you to fix anything nor get my money back to me. May be somebody else will give more information if find this topic, but for now me and @ArturNTN are alone Anyway thanks to all for your try. May be my money were more important at some other place. Or I just bought something very very expensive for me like health or may be life at all, who knows :) |
no-history account directing people to random telegram 'hacker'. Pretty sure this is a scam. deleted. |
unfortunately you are right - it's the scam as is |
It seems these types of scenarios are on the rise in recent months. There was another report of a very similar incident on Bitcointalk just this morning, and it reminded me of yet another from January, 2023. https://bitcointalk.org/index.php?topic=5450708.0 I'm suspicious there might be some malware floating around that's attacking Electrum users. I wish we could get all these people in one place and brainstorm about what could have gone wrong. |
@DireWolfM14 |
I have to raise this issue again. On February 26, 2024, the entire balance was withdrawn from my desktop wallet. Without my knowledge, in one transaction (be915cd6981011875a55dc586be8cfefd6c551df359cbb8abc53a63e699baa6a) from two addresses, all funds were sent to one address unknown to me. The coins are still in this unknown wallet. I don’t know who did this and how, but I don’t think they were scammers. Otherwise, the coins would have left the unknown wallet long ago. On my part, all wallet security recommendations have been followed. Wallet release 4.5.2, the wallet is installed with an installation file obtained from the official Electrum website. There are no viruses or dangerous programs in my Windows 11 Pro system. I would ask the developers to return to solving this problem. |
@Hebler2610 this is not how things works. The claim that there is no malware on your computer is unsubstantiated, and we have no way to check it; absence of evidence is not evidence of absence. OTOH, the Electrum software is open source and publicly verifiable. If you are claiming that Electrum stole your money, then you should point out which part of the code is doing that, or how it can be reproduced. The fact that coins have been withdrawn from your wallet means that your seed or private keys have been compromised. This can happen without malware, if someone managed to view your seed phrase. |
Okay, we looked, we saw, we took it out, but why in one transaction, why without change, why didn’t we send it further to use it somewhere? And in general, you can find out how this unknown wallet was created, maybe it belongs to Electrum, how can I contact its owner? Or could it be some kind of lost wallet that has no owner? Who can give answers to these questions, who should I accuse of embezzling funds? The AML officer asks to show my correspondence with the kidnapper, but I don’t know who it is: an individual or a legal entity, the program itself or the operating system, what should I answer? |
buddy, don't even try - they won't help you. As you can see from my experience with them, the main idea is that it is your own fault. If the support service of the purchased car answered this way, the answer would look like “You must follow the operating instructions for the car and it will drive. If it doesn’t drive, take it apart, find out why and how to fix it, pass this information on to us. Otherwise, this does not concern us”. :) |
@ShaddyrR |
@Hebler2610 |
@SomberNight
What happens? Without my knowledge, all the bitcoins were withdrawn through my wallet to an unknown wallet bc1qxnzrr6txvj9d0pmjksyxa0q7jwv9j4kccl6apt, where they are still located (1 month). They were not transferred anywhere, nothing else was received on this wallet, which means this is not the work of a scammer, and I am still the owner of these bitcoins. According to all tests, my home PC was not hacked, I did not transfer confidential wallet information to anyone, so perhaps this is a software glitch. I do not know the software of the Electrum wallet or the BTS blockchain, I am not an IT specialist. I don’t want to blame anyone, I just ask you to check everything thoroughly and, if possible, return me access to my bitcoins. Thank you. |
@Hebler2610 this "possibly self transfer" characterization is a privacy analysis performed by the block explorer website. |
This comment was marked as spam.
This comment was marked as spam.
Thanks for the informative answer, although I read the whole thing and understand what it means. So you think that I myself am to blame for my problem, and that my wallet is compromised. Then please tell me from which device my wallet was hacked on 02/26/2024 (device IP address) and from which device the wallet bc1qxnzrr6txvj9d0pmjksyxa0q7jwv9j4kccl6apt was generated to which my bitcoins were withdrawn (IP address)? I will be very grateful. |
yesterday after I entered my wallet on my laptop I found that my money was gone by one transaction. The transaction's TXID was
ccd6dbffcdf801821906d21e426f9f170b49fa0fb97edcbe01e538c32651788e
and looks like it consist of some other transactions.
The last time I went into the wallet in January, everything was ok. I used version 4.3.3. I have my seed phrase in the safe and haven't used it for a long time, just the password. How can it be? Is this a security issue?
The text was updated successfully, but these errors were encountered: