i lost all my IOTA

[caqtusa]

i use IOTA Wallet 2.5.4 on Mac. I tried to get into the system today. but not connection. I changed node. connected but my account balance is zero. all my iota sent to an unidentified account.it looks like the time I am making changes node. Is there a solution to this? Have I lost all my everything? I do not know what to do.

[antwanr]

Exactly the same with me. Sent to an unidentified account after making node change. Version 2.5.4, Ubuntu.

[necropaz]

How you have genearted your seeds? With an online tool?

[caqtusa]

new seed start first time iotart.io it looks like this address has been sent DFQCBMHTUMTSPZMYQOEFSGXXDEPRQNRLNBEARJSM9ARYFRRGGRJVOMUJNUPPAG9AGMMRRGRBJADFHIKGYKNJBXWFBW

[antwanr]

@necropaz: On linux with cat /dev/urandom |tr -dc A-Z9|head -c${1:-81} @caqtusa: my credits where sent to exactly the same address

[necropaz]

@caqtusa: did you generate your seed on the website iotart.io? Online Seed generator are not save!!! generate your seed offline on your computer.. @antwanr: did you give your seed to someone else? because with this iota wallet the seed never left your computer and no one can get access to your funds.. or did you used an other wallet?

[matwxx1216]

It sucks. I lost 1.5 Gi this morning. I used different address to send my iota. I have no idea how the hacker hack my coin. Other people told me its my own fault. Yes its my fault to use the light wallet. I should just keep it in the exchange.

[antwanr]

@necropaz : Nope, just generated and used the seed on my computer only, I would never generate the seed on someone else his/her computer ;-) By the way, the credits where transferred to the SAME receiver as caqtusa credits... Not a coincidence I presume... By the way, a lot of people are experiencing the same problems at the moment, it seems.

[necropaz]

@matwxx1216: i dont think that this have something to do with the light wallet.. if your generate your seed offline you should be save and your value should not be lost.. maybe it is unconfirmed or not processed until yet?

[necropaz]

@antwanr: from where did you make the transaction? bitfinex? can you give me the tx hash? did you reused the address?

[matwxx1216]

Its already confirmed. And its already sent out to that address. I never had this problem before. I create my own seed with random numbers and letters. Never had share with anyone. I had only change nodes, use rebroadcast, reattached as I wait for the transaction.

[matwxx1216]

VEWUZFCBXEKYUNHOLEEYUIJBKIKJEG9VHWPYNUAJRQLDWWVUPOSUHNTGSIMFOOWULYSGYOVZBPEE99999

[matwxx1216]

No I use new address everytime. This is why I have no clue why. Its not the first time I use the wallet.

[matwxx1216]

I think its not my seed got compromised, its the node that I changed in the wallet that leak my seed. And this is just my guess. Because no one would share their seed unless one is stupid. And I don't use generator for seed as it is not safe.

[matwxx1216]

Bitfinex. I gave you the tx hash already

On Mon, Dec 18, 2017 at 5:26 PM, necropaz notifications@github.com wrote:

@antware https://github.com/antware: from where did you make the transaction? bitfinex? can you give me the tx hash? did you reused the address?

— You are receiving this because you were mentioned. Reply to this email directly, view it on GitHub https://github.com/iotaledger/wallet/issues/781#issuecomment-352562353, or mute the thread https://github.com/notifications/unsubscribe-auth/AhC5TrRZmoldkKYhzxpLCFHFs96mSk0zks5tBtiOgaJpZM4RFFb3 .

[caqtusa]

@necropaz i do not understand lost in time I did the exact changes node. also I tried to send the previous unrealized payments. balances zero. I think problem caused by change node. but dont come back

[zoli11]

@caqtusa @necropaz Guys, which node did you use? I don't know if a node can find our seeds and access our accounts or not, but I'm curious to find it out if those whom have lost their IOTAs have used the same node or not.

[antwanr]

@necropaz: I did not perform transactions by myself at all. I started only 'mining' (i know, wrong word) a few days ago, and the only transactions where incoming payouts from mineiota.com. The all arrived on the same receiving wallet-address of me. Everything worked fine until I switched to a different node (I don't remember which one). After that, quickly my iota's where transferred away to this address:

DFQCBMHTUMTSPZMYQOEFSGXXDEPRQNRLNBEARJSM9ARYFRRGGRJVOMUJNUPPAG9AGMMRRGRBJADFHIKGYKNJBXWFBW

For the record, I'll include the corresponding bundle details. No seed, this is private. Rest is public information I presume. No worries, after this incident I'll stop with this wallet-ID (mentioned in the bundle) until I fully understand what happened.

Cheers, A.

BUNDLE DETAILS Hash: XKULWSBH9YBSOGLSKPECFFUBLHQAEHSIHKNDSJKWYGMYVLZZECVEEQJJIN9BWRSNUQDYGFC9CEZ9Z9999

KA DFQCBMHTUMTSPZMYQOEFSGXXDEPRQNRLNBEARJSM9ARYFRRGGRJVOMUJNUPPAG9AGMMRRGRBJADFHIKGYKNJBXWFBW 14'103 IRSVNWBTTJUAPHVLGVAXGYPLSWLFLFVSTWFAYRORRKRZWEXPHDWKSJSIEVXQSYFMRTEAKPIUFFAUDPWQDZ9NIGPVLZ -14'103 IRSVNWBTTJUAPHVLGVAXGYPLSWLFLFVSTWFAYRORRKRZWEXPHDWKSJSIEVXQSYFMRTEAKPIUFFAUDPWQDZ9NIGPVLZ 0

[plevente]

my iotas was sent to the same address, i was thinking because i used the same address twice it bean taken in to custody...

[necropaz]

So you guys have all reused the same address? You made an outgoing tx from this address and den recive again on the address?

[antwanr]

@necropaz: Not sure I understand. Let's try again: I own only one wallet address pure for mining. So only incoming transactions from mineiota.com appeared there. Besides that, I did not buy any other iotas or send iotas to someone else. Suddenly and to my surprise my iota's where transferred automagically (so not by me) to the same address as the iotas from plevente and caqtusa: DFQCBMHTUMTSPZMYQOEFSGXXDEPRQNRLNBEARJSM9ARYFRRGGRJVOMUJNUPPAG9AGMMRRGRBJADFHIKGYKNJBXWFBW So: My iotas where automatically transferred from my wallet: IRSVNWBTTJUAPHVLGVAXGYPLSWLFLFVSTWFAYRORRKRZWEXPHDWKSJSIEVXQSYFMRTEAKPIUFFAUDPWQDZ9NIGPVLZ to this wallet: DFQCBMHTUMTSPZMYQOEFSGXXDEPRQNRLNBEARJSM9ARYFRRGGRJVOMUJNUPPAG9AGMMRRGRBJADFHIKGYKNJBXWFBW Hope this helps, regards, A.

[samgranger]

WARNING !!! Do not trust above link. Have heard people have lost their IOTA using the above link.

[antwanr]

Thanks samgranger :-)

[necropaz]

DONT USE THIS LINK!

[antwanr]

:-)) Got it!

[plevente]

I don't have any idea where to begin to start to try to find a way to get back the coins... You guys have any idea what to look or where to search I ruj out of idea. I was thinking maybe the iota has taked away the coins because I used the same address but I was trying to find the address in that page where you can find all the coins taked in to custody but the address is not there so it can happend that some smart guy was able to stole our coins??

[plevente]

The wierd thing is that I made my seed like 5 months ago and I was keeping in the safe place so it's not easy to get it

[antwanr]

@pvelente, I am sorry, no idea. Had the same thoughts as you, try to find my address on this page etc etc. Transaction seems a "valid" transaction, not done by the iota-crew.... Hope you did not loose much. Cheers, A.

[matwxx1216]

stay away from the node wallet. Exchange and wallet both have risks. But you cannot control wallet, while you could still get some feedback from exchange. I am not in iota anymore. wish you good luck

On Dec 19, 2017 2:06 AM, "zoli11" notifications@github.com wrote:

@caqtusa https://github.com/caqtusa @necropaz https://github.com/necropaz Guys, which node did you use? I don't know if a node can find our seeds and access our accounts or not, but I'm curious to find it out if those whom have lost their IOTAs have used the same node or not.

— You are receiving this because you were mentioned. Reply to this email directly, view it on GitHub https://github.com/iotaledger/wallet/issues/781#issuecomment-352697268, or mute the thread https://github.com/notifications/unsubscribe-auth/AhC5TnHcvL1vua42YhkNzwmdvMRAiTkTks5tB4qpgaJpZM4RFFb3 .

[antwanr]

@matwxx1216: Thanks mat. Purely out of interest: are these vulnerabilities described/documented somewhere? So I can educate myself :-)

Cheers, A.

[plevente]

Im not gone leave it like that just need some time to sort out what happend I don't think we been hacked I think what happend for me I used the same address 2 times so iota crew automatically send to a safe address... I'm hoping that I will be able to reclaim it... I think If would been hacked the person would already moved to a other address or just cash out... I may be wrong but I don't like to leave it like that and it's s good reson to learn about it becuse now I'm doing for money 😀😀😀

[tshirtman]

I used the same address 2 times so iota crew automatically send to a safe address...

If they can do this this is incredibly worrying. The fact that reusing a send address is a risk is known, but AFAIK it's not "2 strikes you are out", the security decrease as reuse increase and eventually become too weak, so the best thing to do is to never reuse, but the risk at only 2 uses should be very low.

And the developer shouldn't "steal from you to protect you" in any case, if they did that, they certainly destroyed any trust the community had in them, and in the crypto (thus destroying the value of the crypto). You have most certainly be hacked by some other party.

[joae1975]

Same thing happened to me. Just discovered it this am.

[john888999000]

I have withdrawn IOTA from Binance, and unfortunately my seeds I have, I thought rightly cupied and paste was not the correct one. I just saw my IOTA explorer and found out that from the Binance withdrawal, it was successful and there are about 1 GIOTA in the wallet. Is there anything I can do. Or if my seed was not the correct one, the game is over? Help luckily it was not because of scammer, since the transaction remained as only mine. Thanks in advance.