ThePowerOfOne Posted August 23, 2017 Share Posted August 23, 2017 Dear community, in June/July I bought some XRP and sent them to my desktop wallet. I obviously never shared my addresses, the wallet was password encrypted, etc. However yesterday I had a look at my balance and was completely shocked to see that all my XRP had been sent to some xrp-address on the 8th of August (in two transactions). I was on holidays between the 29th of July and 10th of August, so my computer was offline during that time. All my XRPs are gone now (except the minimum of 20). I'm a newbie but I think I did everything to secure my wallet. So I really cannot understand how somebody could get access to my wallet and make those unauthorized transactions...really a litte bit devastated and unsure now about what to do in the future to avoid this... Is there anybody, who might have had a smiliar problem or who can share somw hinte/tips on what could have happened? I would really appreciate it! Because honestly.. I don't really have a clue.. It somehow feels like somebody just robbed my house.. Thank you very much for your help! Regards Rafa Link to comment Share on other sites More sharing options...
adimitrache Posted August 23, 2017 Share Posted August 23, 2017 Ask your wife ! Maybe someone is pulling a prank on you now with the price of xrp on the rise Link to comment Share on other sites More sharing options...
Guest Posted August 24, 2017 Share Posted August 24, 2017 Sorry to hear that Pof1. There has been a bit of a ripple in the market recently so folks have probably missed your post in the hubub. There are a couple of possibilities.... if its not someone close to you who has done it, then the most likely thing is that your PC was compromised with malware of some sort and that the owner of the malware saw the ripple secret password and used it to create a wallet elsewhere and then transacted with it. Your secret key is usable anywhere in the world irrespective of whether the PC that you use is online or not. Someone who sees a photo of it can steal your xrp. A laptop camera can pick it up even if the laptop appeared off and then the crook can steal your XRP in moments. I am not an expert, but given the transparent nature of Ripple transactions, I wonder if its possible to track down the recipient. Hopefully someone with more knowledge than me can advise. Anyone? Is there anyone here who isn't currently obsessed with price? Link to comment Share on other sites More sharing options...
zero-2-9 Posted August 24, 2017 Share Posted August 24, 2017 @ThePowerOfOne sorry to hear that.. There are so many possibilities that it is difficult to help you. But here are some suggestions (also to make others aware). The most probable is that someone got a hold of your secret key. How did you store it? Writing on paper (if so, who could have access to it?). Or electronically, and if so how? In a document on your PC or mobile (both could have been comprimised) or for example by making a photo? The latter is a very common error and reason for loss of cryptofunds, as photo's are often stored automatically in ICloud/DropBox/Drive, and such storages are comprimised easily. Also, consider the source where you downloaded your wallet. Not only the type/name of the wallet, but more importantly the url you downloaded it from. What you could do, is to Google the address(es) the funds were send to. This could very well be a dead end, but when I helped some people in the past and did so, it appeared that the same hacker was involved in previous losses of funds. There are posts on some of the malicious addresses that you will find by using Google, also on this forum, and from these posts you perhaps could also learn how the hacker operated (especially in case the same addresses are involved). Link to comment Share on other sites More sharing options...
DarthTrader Posted August 24, 2017 Share Posted August 24, 2017 @ThePowerOfOne Oh damn.... that's so bad... Can you please share wich wallet you use and your public adress? Link to comment Share on other sites More sharing options...
SGoldstein Posted August 24, 2017 Share Posted August 24, 2017 (edited) Sorry to hear that. Many possibilities like others said here. Most obvious would be someone you know who got access or malware/keylogger. Scan your whole computer and if you find some suspicious things then reinstall everything (fresh windows or whatever you use) and make sure to install a good antivirus before creating a new wallet. That's really bad... I hope it wasn't a huge sum and even then, keep your head up. Edited August 24, 2017 by SGoldstein Link to comment Share on other sites More sharing options...
adimitrache Posted August 24, 2017 Share Posted August 24, 2017 Does nobody find it a little fishy that his only post is taking a hit at the wallet's security ??? XRP's don't just disappear mysteriously from some wallet...I call BS jamalbbb 1 Link to comment Share on other sites More sharing options...
ThePowerOfOne Posted August 24, 2017 Author Share Posted August 24, 2017 Hi guys, first of all, thank you for all your responses and for your help so far! First thing I did was to send a Ripple Theft Report (https://ripple.com/ripple-theft-report/) @zero-2-9 I didn' take a picture nor did I have my address on a piece of paper. What I can surely say is that nobody used my PC or get the infos by getting into my home.. However I had some sensible information on Evernote.. and I just had a look at my Evernote access log and there indeed was a suspicious login via evernote web from the Netherlands exactly the same day.. so this might be the source.. thank you zero-2-9 for this tip!! @DarthTrader My public address is: https://bithomp.com/explorer/rn9A7TUpWKFStS6KEd88Ras4nzTu2rMiBL The public address of the "thief" is: https://bithomp.com/explorer/rKDW6cnbSRDHPmTaXHJijcMLR3mCQcSaCY Do you think that there might be a chance to track him down? @adimitrache sorry if it might appear like that to you. I'm not questioning the wallet's security at all. I know it was my fault, I just don't want to make same mistakes again, that's why I try to find out what happend and get some tips.. so I think the problem has been solved.. Link to comment Share on other sites More sharing options...
DarthTrader Posted August 24, 2017 Share Posted August 24, 2017 @ThePowerOfOne Did you ever shared your secred key (or used online wallets)? Wich desktop wallet did you use? Link to comment Share on other sites More sharing options...
jargoman Posted August 24, 2017 Share Posted August 24, 2017 48 minutes ago, ThePowerOfOne said: Hi guys, first of all, thank you for all your responses and for your help so far! First thing I did was to send a Ripple Theft Report (https://ripple.com/ripple-theft-report/) @zero-2-9 I didn' take a picture nor did I have my address on a piece of paper. What I can surely say is that nobody used my PC or get the infos by getting into my home.. However I had some sensible information on Evernote.. and I just had a look at my Evernote access log and there indeed was a suspicious login via evernote web from the Netherlands exactly the same day.. so this might be the source.. thank you zero-2-9 for this tip!! @DarthTrader My public address is: https://bithomp.com/explorer/rn9A7TUpWKFStS6KEd88Ras4nzTu2rMiBL The public address of the "thief" is: https://bithomp.com/explorer/rKDW6cnbSRDHPmTaXHJijcMLR3mCQcSaCY Do you think that there might be a chance to track him down? @adimitrache sorry if it might appear like that to you. I'm not questioning the wallet's security at all. I know it was my fault, I just don't want to make same mistakes again, that's why I try to find out what happend and get some tips.. so I think the problem has been solved.. An encrypted desktop wallet is arguably the best security after cold storage. I think you did solve the mystery. One thing I wanted to say was. The thief sent the funds to poloniex exchange. Poloniex would have their ip address. They might be able to freeze the account until it can be sorted out Link to comment Share on other sites More sharing options...
zero-2-9 Posted August 24, 2017 Share Posted August 24, 2017 56 minutes ago, ThePowerOfOne said: I just had a look at my Evernote access log and there indeed was a suspicious login via evernote web from the Netherlands exactly the same day.. so this might be the source.. Thanks for sharing. It doesn't bring your funds back, but it could definitely help/inform others! 57 minutes ago, ThePowerOfOne said: Do you think that there might be a chance to track him down? I think I just did. I'll PM you. Link to comment Share on other sites More sharing options...
Graine Posted August 24, 2017 Share Posted August 24, 2017 File a claim with police. Scan the claim. Send email with it to Ripple and Bitstamp. Your thief is KYC'd on bitstamp. bitstamp.net, user: 47059936 Though I find it peculiar that the addresses established in May of 2013(!) which has similar ripple-names would go on and steal things. BBS 1 Link to comment Share on other sites More sharing options...
ThomasTheTGV Posted August 24, 2017 Share Posted August 24, 2017 Please keep us posted I'm very interested if the police will do something with the case and if so which team.... Pretty sure the local branch won't have the know-how. Link to comment Share on other sites More sharing options...
Luka Posted August 26, 2017 Share Posted August 26, 2017 Hello I noticed that the person who hacked my account on 27. 4. 2016 and stole almost 16000 xrp an 7 bitcoins is on work again. @Graine Your investigations are surely incorrect, because those leads lead to me, but this hacker opened new ripple account when he sent xrp from all of my accounts and then later to polonex exhange. -> All transactions sent on day 27.04.2016 from my accounts (names: ~lukson,~tradelukaripple,~tradelukaripple2....) to address https://bithomp.com/explorer/rKDW6cnbSRDHPmTaXHJijcMLR3mCQcSaCY was stolen from me. I can't find on ripplechart > account explorer what destination tag he used when he send xrp to polonex exchange. (Can somebody help me getting destination tag from next transfer?) 14. 2016-04-27 23:54 poloniex.com XRP -15 659.90 Ripple-15 659.90 XRP I think that also my stolen bitcoin were sent to polonex exchange too. Here is blockchain link :https://blockchain.info/address/12usUVnoDWkEWdQ5fvEKxEPhdxf2BVpSDx I checked all my teamviewer logs and got following data : He used next IP addresses : 188.165.242.205 ter 94.185.84.142 If you check which persons use that IP on skype you get : 188.165.242.205 kattika83 reserved.1x sicily.cardew 94.185.84.142 alallssy alsyshamaeva reserved.1x kriiasna The person that i suspect the most ( because of skype info - he knows crypto) is : Username: reserved.1x IP: 188.165.242.205 About: in crypt we trust City: Country: Puerto Rico CountryCode: pr Full Name: reserved Language: Russian Language Code: ru Gender: usexUnknown And now the question? 1.) What do we need with @ThePowerOfOne to get info from polonex exchange who this person is? 2.) Is there any way for me and @ThePowerOfOne to ge these stolen XRP/Bitcoins back? Best Luka BBS and CryptoLearner 2 Link to comment Share on other sites More sharing options...
Graine Posted August 26, 2017 Share Posted August 26, 2017 @Luka thief's account was activated from yours. So the path of least resistance would assume they were related. My apologies. Weirdly enough, the txs don't have destination tags. But polo had to know how to credit the correct user. I would think a scanned copy of a filed police report (if it is in English) or a certified translated copy + a nice letter made by an attorney to Polo's legal email. Not support email, because it's clogged and unresponsive. If you happen to be a resident of US, please wreak legal havoc upon that exchange. Theft filings to fbi/secret service/SEC might go a long way, once the critical threshold is reached. BBS 1 Link to comment Share on other sites More sharing options...
Recommended Posts
Create an account or sign in to comment
You need to be a member in order to leave a comment
Create an account
Sign up for a new account in our community. It's easy!
Register a new accountSign in
Already have an account? Sign in here.
Sign In Now