Hello,
I have a crisis! I have withdrawn (for the seventh time) to my BTC wallet.
After posting the funds (and obtaining two confirmations) - there was an outgoing transaction that was not authorized by me !! The transaction was released twenty minutes after the first confirmation - to some fresh address with no transaction history and is an RBF transaction. It's exactly a transaction at 0.4BTC.
My BTC address from which the funds were stolen: 1CCEQxuUkb6RKQM4TDYbQemBVs2ihe45ps
Address to which funds were sent:
3DTjnTxjPnePfvg3haTyUQQeFK2riuZ1Fr
Unauthorized transaction ID: 2f79dda8aea3f06400be07f04f65b6045ba2e0235efa0bba0f6d9d6375da421c
The transaction is marked as RBF!
I use client Electrum 3.3.8
There is no option for someone to steal a private key from your computer because I watch security all the time!
Is it going to somehow stop the flow of funds or recover them?
I am desperate because these funds were supposed to be for my mother's health.
Let me guess, Windows? Did you never read that using insecure OSes for money handling leads to this?
The private key is not exposed, but they could: Keylog so they get the password from your wallet when you opened it, and (probably earlier) already copied your wallet out since they compromised your PC.
Yes in theory you can double spend but that has to be done too quickly, before the next block is found probably (unless they used a very low fee). To double spend you could recreate your wallet in a secure pc using your seed words and quickly send all your funds elsewhere. Of course by the time you read this is too late, this kind of thing can only be done in advance, but if you have been paying attention something like this would have never occurred in the first place.
Sorry but Bitcoin has no hand holding. When you are your own Bank, if comes with responsibilities. If you cannot trust protecting yourself, you probably need to keep paying others to protect you instead.
In an ideal world, you would have known better. That the computer to do the serious stuff, cannot be the same one you do your leisure things.
A 3rd alternative is trusting the hardware wallet manufacturers, if you cannot be bothered to use a Free and Open Source secure OS like everyone should. Hey, even if you DO use a secure OS, extra precautions are needed when handling valuables by yourself, but when you use the most insecure OS on earth, don't expect miracles.
Another possible vector would be that you had that computer compromised at wallet creation, in that case they got the seed words. This is why there is a guide out there that teaches people how to use (Linux+Tor) Tails) to create a wallet using Electrum securely.
If you search the forum you will find people had lost millions doing the same exact mistake, you are not alone.
Think of a valet parking that copies the key of your car then follows you home and steal it. Its not the car company fault that you gave the key (if temporary) to a stranger. A wallet is that, keys. Don't let it get copied by strangers... And yes, you could have chosen to go to a more secure location where you never handle your key or risk it in any other way.