stolen funds

[Adinis0]

0,497311 btc was stolen from my electrum. there is no trojan or something like that on my computer. Can you help me to get back my btc?

[JazzTp]

Hi I'm a newbie but I think you should provide more info, like:

Operative system type and version

Electrum version

Wallet type

Whether or not you were keeping a SEPARATE OFFLINE COLD STORAGE. El 20/2/2017 9:40, "Adinis0" notifications@github.com escribió:

0,497311 btc was stolen from my electrum. there is no trojan or something like that on my computer. Can you help me to get back my btc?

— You are receiving this because you are subscribed to this thread. Reply to this email directly, view it on GitHub https://github.com/spesmilo/electrum/issues/2180, or mute the thread https://github.com/notifications/unsubscribe-auth/AHpSvRLnHYmhc8_JNUpaK6fbatBeU87Hks5reYnVgaJpZM4MGINe .

[Adinis0]

Windows 8 Electrum 2.7.18

[JazzTp]

Don't see if you were using an offline cold storage, which I have always considered mandatory.

A system is safe until it's not, e.g. https://themerkle.com/top-3-types-of-bitcoin-mining-malware/

[JazzTp]

Let me add: here they deal with bugs in the Electrum software, and unless you provide evidence that the loss of funds is due to some bug, they will just close this issue. In similar cases I've read "recovery but possible" (EDIT: "recovery not possible", sorry I was swipe editing in a hurry from my cell phone), so again provide all possible info (but no cold storage => risk).

[bauerj]

What about the second transaction? Did you do that?

[Adinis0]

I didn't make 2 last transactions. I don't know what evidence do you need to see. I've opened my electrum today morning to send btc, but instead I see 0.

[JazzTp]

"Evidence" normally here, as for what I read so far, means steps to reproduce the issue.

I'm following these issues in the process of better documenting myself, as I said I'm relatively a newbie... but since the very beginning I've adopted the recommended precautions.

If you were not using an offline cold storage to keep your private key out of reach from any possible attack, including any new virus able to bypass your system defenses, I'd frankly think - I might be wrong - that the most likely explanation is that your system was penetrated by an attacker.

Here goes that link again: https://themerkle.com/top-3-types-of-bitcoin-mining-malware/

Antivirus and firewall softwares are generally "behind" attackers' newest techniques, seldom ahead, they address them after encountering them.

I read in articles of an attack which passed through unaware personnel of a mobile telephony company... the attacker could easily have the victim's account transferred to a new number and voilà, as the man was accessing many accounts of various nature from his mobile phone, millions worth in bitcoins were stolen...

So again: I'd never trust anything but an offline cold storage, which could be a hardware wallet or Electrum itself running on an offline machine, if it is a laptop it might be a good idea to pull the power line from radio modules (wifi + GSM) or pull out the modules themselves, anyways no remote management activated, strong password on the BIOS settings, all networking disabled by BIOS not only via the OS, and ethernet cable unplugged. I'd only sign outgoing transactions there (screens to webcams communication between the two Electrum instances). Careful if you get to reconnect that machine to the Internet, that no malaware could possibly have recorded stuff, seeds you typed etc..

[ecdsa]

sorry for your loss, but this is not the place to report this. learn to secure your computer, or use two-factor authentication, or a hardware wallet.

[JazzTp]

Adding a link to relevant information (get the PDF from this page): http://www.tcij.org/resources/handbooks/infosec