Hey everyone! A bit of a sad story today, as I've lost a decent portion of my crypto portfolio (around 0.255 BTC) to a virus last night. Basically, I've lost it while sending it from one exchange to another because of a virus that I later realised I have. The thing recognizes bitcoin address in clipboard (when you copy it) and changes it to a different address when you paste it (the address of an attacker). Yes, it's a Windows machine...
The virus does not manifest itself in any other way than this (changing the BTC address you copied to clipboard to its own), nor can you find it in task manager... It's still active on my home computer. When you know it's there, it's easy to avoid it by for example copying your BTC deposit address without the first character, and after pasting it, adding that character manually. Copying of the address without one character (first or last for example) goes fine, since the intruder does not recognize BTC address...
But I just copied and pasted a deposit address for BTC on the exchange I was trying to put it on (Cryptopia), without looking much at the address itself, clicked send, and bye bye bitcoin... Later did I realized what happened.
Writing this to warn you all to always double check your address even if you're sure you copied it properly, check some of the numbers and letters...
I've checked the attackers address on Blockchain info, has 88+ BTC on it, probably mostly from people foxed like me: https://blockchain.info/address/13JF5274VuNthhwKkLrYyZW73smjSYAEen
Realized all this when I searched the attackers address on google and got this result for this address: https://bitcointalk.org/index.php?topic=1842977.0
So I'm not first, nor the last for sure to get f...ed like this (I noticed his balance went up 1 BTC since last night when I got foxed), so once again, do a little compare of your copied and pasted address when you make transactions... Funny thing is I realized the addresses were not the same moments after pressing tx confirmation (like a gut feeling or something), but Poloniex went on with tx so fast I didn't managed to cancel it in time. Weird since BTC tx was not very fast lately... Sigh.
Hope I save someone his/her BTC with this post! Would be really glad if I did.
In the end, if anyone may want to help me out recover some of my BTC and lighten my sorrow, my address is: 14AUASvS4AFEhoECPCpGxZw71F7zK8FBEE (I double checked it this time haha...). Thanks for reading and take care out there, a lot of ways to loose your cryptos!
HOW TO GET IN THE PLAYER-POOL?
(Pay once - play forever - win multiple times !)
All you have to do is sending once 10 SBD to @steemwin for a lifetime daily chance to win!
Click here for more details
If you never watched porn it wouldn't have happened :). Not funny at all and sorry to hear this it was of the first attacks mentioned on bitcoin talk years ago. I have sent to wrong addresses in the past and it sucks to know its gone for good. How did you get this malware or virus? what is it called? Good thing about steam and bitshares is the username rather than alpha numeric characters. I'm broke but my upvote might help a little hopefully everyone else does the same.
Thanks for the support man. I can't fin a process anywhere, it' well hidden somewhere. There was a weird program in my startup which I disabled, but the copy paste thing is still pasting the intruders address after a restart even... I don't know how I got it, one thing I installed was a Chrome portable, but I doubt it was that :/
no worries
What application are you running when you copy? You should be able to narrow down which clipboard is getting modified?
This is my sister's acc, it's me typing though (adnanefs) :) Typed with her account accidentally, but nvm
We learn something new every day and all the tricks, old and new, are coming back out to unsuspecting newbies.
who ever wrote that has to be smart, why can't they use those smarts for good.
Good is strictly subjective, therefore good is what helps the person. Earning 88+BTC is REALLY good for him...
This why we have to alsways check the adress before clicking send, uselly I spend about 10 minutes to check letter by lettre, number by number and then click send ! be careful the next time, it's a lesson !
I am sorry of course that this happned but we have to learn from our mistakes.
I will support by a vote, all that I can do for you.
I resteemed this because people have to understand the importance of checking their addresses and securing their BTC. Thank you for writing it on Steemit.
Good job!
Thanks for all your service to the Steemit Community!
Damn those sneaky bastards.
Thanks for informing us @adnanefs ^_^
Sorry to hear that. I lost a bit more, but it was in early days so I didn't really lose that much.
Do you have a Bitcoin Cash address?
Really sorry for your loss! Thank you for warning!
Sorry about your loss, perhaps you will be able to make some of it at least up at rewards time.
A big thank you for not being selfish with the info you learned and sharing with us.
I''m sure this post will save some of us from the same fate.
You got a upvote & resteem for me. Good luck, and Steem on.
wow super shitty!
Thanks for making a post about it though. Wish you the best.
Stay Vigilant!
OMG, sorry bro!
Thanks for the post. Anyone who's been trading in crypto for months/ years, has at least one blunder story like that! I hope your tips come in to recover some of it. Resteeming this
So sorry for your loss, I personally always double check the first and last 3 digits of my receiving address just in case I make a mistake in copying it
thanks for the warning and also for the solution
i did not know about this before reading this post but thanks to you
This is so sneaky.. Will have to watch out for something like this
we are our own banks! Gotta be secureeeeeeeee
Wow! Great warning! Did you ever figure out what virus it is? Can anti-virus software catch it? This is a big deal!
No, it's well hidden in the system. Didn't try any anti virus yet, I'm still disbelieving of what happened :D
As I said in the post, it's easy to avoid it once you know how it's working, pretty basic program, but sneaky as f...
Sorry about what happened man.
Thanks for your warning, lesson learned!
Thanks for sharing your experience to help others!
Thanks in advice! Will do that @adnanefs...
That sucks man, I always check the first 3 and last 3 characters in all my transactions before I send something.
I'll be checking it from now on as well hehe...
I always double check the address. Sorry to hear this. But, Thanks for sharing the incident. It may happen to anyone anytime. Where did the virus came from, do you have any idea? And how will you remove it?
Is the virus lurking in your browser somewhere? You said you were sending from one exchange to another, right? Check your browser for add-ons you did not install. Or disable all add-ons and extensions and see what happens. Or use another browser.
Congratulations!
I felt this post was so valuable I included it in my "MUST READ" article.
Keep up the good work. Check it out if you like.
SteemON!
https://steemit.com/community/@quinneaker/quinn-s-quality-content-curation-q2c2-episode-3
One of the first I’m gonna buy when I earn some money through crypto is - Crypto/Game PC ONLY. I will do nothing else on it to keep my portfolio safe. I will allow only the addresses related to crypto itself and sites from where I will be buying. Anyway thanks for that knowledge, for it may save some time getting to the goal I described. You have earned my Resteem and that I do like once a month:)
Sorry buddy,GOD will replenish your bitcoin wallet in JESUS Name-Amen.Thanks for heads up
That's a nice option to have, thanks for the advice!
cha cha cha... sounds like Trump is saying that AMERICA FIRST :)))