Bitcoins stolen from wallet (downloaded from scam site)

[Revenge-05]

without asking for confirmation (password) it just got executed sending my BTC to the address. I couldn't stop it from the application because it was triggered automatically with .004BTC Fee on electrum. Sending 0.52 BTC to a BCH wallet I didn't even have in memory: bc1qmpkkwqx0kmgknm3juk6yv9gyq0lxqxra4y7vvq address looks like: 1111111111111111111114oLvT2 Please let me know what can be done here, this is really bad electrum 3.0.2 https://blockchain.info/tx/759ecb08f21267352d35b51f7cd6bff6bdcf7fe2bc8584feea6c386626c69df9

[SomberNight]

The destination bc1qmpkkwqx0kmgknm3juk6yv9gyq0lxqxra4y7vvq is a bech32 native segwit address. Unfortunately the format is still somewhat "new" and many software do not yet support it (Electrum does); hence the confusion. It is a BTC address, not BCH. For example, on blockchain.info, you can click Show scripts & coinbase, and it will properly decode and show it.

Now that this is cleared up; you've been "hacked". Most likely, either the version of Electrum you downloaded is not legitimate, or some other third-party stole your seed/privkeys from memory (or similar).

What OS are you using, and where did you download Electrum from?

[Revenge-05]

Thanks for the information Ghost43 I’m on Windows 10 I downloaded the electrum and electron cash to claim the BCH since I had it from before the fork.

Please let me know what can be done, if there is any hope or is possible to contract a recovery BTC team or some other kind of help.

Thanks

The destination bc1qmpkkwqx0kmgknm3juk6yv9gyq0lxqxra4y7vvq is a bech32 native segwit address. Unfortunately the format is still somewhat "new" and many software do not yet support it (Electrum does); hence the confusion. It is a BTC address, not BCH. For example, on blockchain.info, you can click Show scripts & coinbase, and it will properly decode and show it. Now that this is cleared up; you've been "hacked". Most likely, either the version of Electrum you downloaded is not legitimate, or some other third-party stole your seed/privkeys from memory (or similar). What OS are you using, and where did you download Electrum from? — You are receiving this because you authored the thread. Reply to this email directly, view it on GitHub, or mute the thread.

[SomberNight]

downloaded the electrum and electron cash

From where? Please try to get the exact links from your browser history.

[Revenge-05]

https://electroncash.org/downloads/3.0/win-linux/ElectronCash-3.0.exe

https://download.electrum.org/3.0.3/electrum-3.0.3.exe

What I notice is that I was checking the fees and the transaction triggered without requesting any password confirmation like it should do, I notice because I tried to change the quantity to max and it was not possible anymore

[SomberNight]

Please let me know what can be done here, this is really bad electrum 3.0.2

https://download.electrum.org/3.0.3/electrum-3.0.3.exe

You are contradicting yourself.

[Revenge-05]

My bad, I had to navigate to get the link, as you can see in previous image I have the 3.0.2 version

And I’m checking the character at the page I believe is a fake site which makes me very angry but at least we have tracks on who could have done it

https://eļectrum.org/3.0.2/electrum-3.0.2.exe (careful with this one)

I’m making a new seed, please let me know how can we proceed

[ecdsa]

how in the world did you click on "eļectrum.org" ? was there a Google Ad link?

[Revenge-05]

Thanks Thomas I was using bing and google after doing my research on how to claim BCH I decided it was an easy way with electrum do you know what can be done? I have already made a lookup/whois with domain tools but I'm not sure how to proceed or where to find people since they are clonning your site I wanted to know if you are going to proceed in any way also.

http://whois.domaintools.com/xn--eectrum-9hb.org

2018-01-04 23:40 GMT-06:00 ThomasV notifications@github.com:

[fr3aker]

that server is hosting mulitple scam sites, several electrum-related: http://viewdns.info/reverseip/?host=176.119.5.229&t=1

electrum-opensource.org | 2017-12-20 electrum-org.org | 2017-12-20 electrum-soft.org | 2017-12-20 electrum-verified.org | 2017-12-20 xn--eectrum-9hb.org | 2017-12-19

[ecdsa]

we have been reporting copies of electrum.org to their domain name providers and ISPs, but new domains are popping up constantly.

we are currently investigating how to have Google stop accepting them in AdWords