Ninjastic
PostEdited versionsQuotes to this post
Post
Topic
Board Beginners & Help
Re: Coins stolen from my wallet?!?
by
ranochigo
on 22/07/2014, 09:58:17 UTC
Quote from: DrRobotto on July 22, 2014, 07:58:05 AM
Quote from: shorena on July 21, 2014, 06:59:38 PM
Quote from: DrRobotto on July 21, 2014, 04:44:51 PM
No, I neither downloaded any file except the DOGE-Coin wallet nor opened anything in skype. It seems very strange to me too ...

Strange indeed. Legit OS copy or a pirated version? Those might have trojans, backdoors as well. You dont need to answer this, just consider it an option. Other possibilites I can think of are:
#1 infected machine in your LAN that used an undocumented exploit on your the unpatched OS (infected after/durring setup).
#2 infected infrastructure (e.g. your router) - this would also need some sort of vulnerability of your OS or local file sharing
#3 data leak (e.g. shared the data via dropbox with your colleges)
#4 someone had hardware access to your machine (made the TX from there/copied the wallet.dat/installed something)
#5 drive by infection
#6 you use(d) WinXP or older

The OS is a legit copy, but after a complete scan of the system the antivir found three threats:
#1 "Virus found: Win32/Zperm, C:\Windows\Temp\49f48af4-b402-4745-9e9c-26cfb8983c1f\tmp0000116d\tmp00006408";"Saved"
#2 "Trojan: PSW.OnlineGames4.ZUJ, D:\buddha.dll";"Saved"
#3 "Trojan: CoinMiner.ASJ, C:\Users\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\ZLLU0VPX\wmpnetwk[1].dll";"Saved"

I think we found the colprits, but again, it seems very strange to me how they could infect the system. Inever opened any suspicious software nor I am using IE as my browser. I am on Win7 using a brand new Cisco X3500 router and it is the only cmputer in my appartment, but I have learned my lesson: be paranoid as possible, but I doubt that BTC ever arrive to the "normal" users since it is that easy to get stolen and it is to complicated to be on a save side, e.g., using linux, live cds etc.


Are you sure you didn't visit some kind of website and got infected there? You probably used IE to download the other browser at first. During the process, you might have been infected. Also, did you use a security lock and a strong password on your router?