Hey everyone,
So, I've got a friend who owes me around $1,000. I told him to pay me in bitcoin and sent him my btc address. But when the funds didn’t show up in my wallet, I reached out to him. He insists he sent the payment the day after I gave him my btc address and even shared this txid: dd1911398dddf7ffa3a698ad66ceafd17b3002f5fa0d8dfe2734f7fa84eef347. He said he sent me 0.00925060 btc, but I haven’t received it at all!
Looking into the transaction, it turns out that the funds didn’t go to my wallet. Instead, they ended up in a different wallet that looks like it was created back in 2020 and holds around 4.65 btc now. This wallet has had about 228 transactions and has been pretty active, especially in 2022, but it has had activity in previous years too. It also looks like it’s been part of a batch transaction to other wallets, maybe something like coinjoin?
I sent my wallet address to him via a messaging app, and he claims he just copied and pasted it into his wallet. He’s using a blockchain wallet... Any thoughts or insights would be super helpful.
In short, he sent the coin to another wallet. On the message you sent your address to him, is it your bitcoin address that is there? If it is your bitcoin address that you sent to him seen in the message, that means it was not your fault but your friend's fault. He has to send another coin to you because he sent it to the wrong address. Maybe your friend copied a wrong address or his device has clipboard malware.
If the wallet address you provided him was different from the wallet that Recieved the bitcoin then it wasnt sent to you and nothing more can be done, that bitcoin was sent to another address and you need to simply request he sends you yours,
The other address was a change address and it is nothing like coinjoin there, no body can do anything about this except the sender
Your friend was not hacked, but his gadgets have been infected by a clipboard virus. From the txid you provided, I searched for the address, and I came across 19p4Va5RjrrXeLpSPCcKLPALQxgSoP6i8g, which was where your expected payment was sent to, and if Im correct, then that address has been reported to be associated with phishing scams, clipboard virus scams, and all manner of fraud online. You sent the right address to your friend, but upon copying and pasting it, the wallet changed to the scammer's address, which he was not vigilant enough to notice.
https://www.bitcoinwhoswho.com/address/19p4Va5RjrrXeLpSPCcKLPALQxgSoP6i8g
Yes, he actually received the correct btc address, which he copied he says.....
o.k thank you, so he was essentially scammed. I just sent him a message to no longer touch that wallet, and to import his seed onto a new wallet on a separate device.
It seems he has a clipboard hijacking malware on his device. It's always important to cross-check the copied address, even after pasting it in the required field.
The address that received the funds has been reported as fraudulent, 11 times on bitcoinwhoswho
Also advise him that Blockchain wallet is not the best kind of wallet to use.
For clipboard malware, the wallet is not the problem but the device is, as it has already been infected by the virus. The gadget should be scanned for other potential threats, and even the new device he might want to start using should be approached with caution. If it's a Windows PC, tell him to avoid pirated software, as they are most likely carriers of such malware. He or she should learn how to double-check the wallet address to ensure it matches with where they want to send payment before authorizing it, to avoid such problems from occurring in the future.
yup, I am already in communications with him. I will help him take the appropriate measures, thank you. How terrible that this has happened.
My friend has recognized that he is at fault, it was on his end. He is going to send me another $1,000 USD in btc, this time, we will check things carefully.
Each time you want to drop another comment and there is no gap between your previous comment and another member's own, you can just edit your post and add it together. I reported your first mistake and the moderator has merged it together.
Its good that your friend has agreed to send back the money and taken the fall for his mistake instead of shifting blame this is indeed a very big loss for your friend and I feel for him.
As the others said, a clipboard virus is not a threat to the actual wallet.
However, your statement sounds like he is using a hot wallet.
And imho keeping such amounts of money (1000s of $) in hot wallet is a disaster waiting to happen.
Consider getting him acquire and use a hardware wallet.
Based on the story, it seems he sent it to a wrong address instead of yours. Other responses here might be right that this friend of yours has a clipboard virus, but you didn't mention how close you are with your friend? I mean, how legit is he?
He maybe just take that TXID randomly from the blockchain explorer with the same amount you expecting. Scammers always do this to fool victim that they sent BTC but it's not.
Now, he seems not afraid to lose $1,000 again after this issue?
He should use another device and make sure it is clean before he sends BTC.
This isnt some little blunder; its a security fuck-up that should be taken seriously. If he just tries to resend BTC again without solving the underlying issue he risks another $1,000. A simple check isnt enough. The malware can work in the background and switch the address once more without him noticing. Also, I suggest that next time he goes with smaller amounts first!
Just to clear some things up. He is a close friend. I totally believe him that he screwed up. He definitely sent the coins to the scammer address listed above, shown in the txid that I posted. As many have stated above, I do believe his clipboard was hijacked, likely waiting for a bitcoin address, and then inserting the known scammer's address, as stated by bitcoinwhoswho. He certainly was not trying to scam me, to get away from paying, as he already agreed to pay me.
Yes, indeed, he was using a hot wallet on his computer to send the funds, I believe it was web based. Honestly, I was unaware of his system, and I was shocked to hear that he was using blockchain wallet on his computer.
We are going to create a new wallet on hardware device, to create an address, then we will import his current wallet to the hardware device, and send those coins to the newly created wallet...... So we are taking precautions. I told him he needs to secure his mnemonic phrase immediately, then after the coins have been secured, wipe and re-install his operating system.
Don't forget to tell him to use another device that he knows is clean from malware and viruses, or if he doesn't have an extra device but has an extra SSD/HDD, then he can install a fresh OS and disconnect the current drive because even if he is going to use a hardware wallet during importing his current wallet to the newly created wallet, he might experience the same thing because that device is infected and his clipboard is already hijacked.
I think blockchain seed is compatible with Electrum BIP39 enabled try to suggest it to him.
He'll experience worse especially if during the sweep process he imports the keys or seed with his clipboard. Best thing to do is to format the affected device. Sometimes you can't really be certain it's it's a clipboard virus or a keylogger and trust me keyloggers are far worse.
Depending on how much coins he has he can set up a cold wallet for better safety. He can use a watch only wallet to create the transaction and sign it in the cold wallet then broadcast in the hot wallet.
That aside. He should be careful the sites he visits and permissions he grants to softwares he installs.
As far as the computer that had the clipboard malware installed, it will not be involved in the process of moving to a new wallet as a precautionary measure.
He apparently has a ledger wallet where the funds will be moved, and I will be explaining how to set up a bip39 passphrase as an option.
I will also make him aware of the need to verify addresses ALL OF THE TIME regardless of whether a cold wallet is being used or not.
The old computer's HD will be wiped and a new OS will be installed.
A wallet capable of PSBTs would be excellent, but he's not there yet. He has a ledger wallet and he is going to be more aware going forward when he has to perform a transaction. this should bring up his security a few notches. As far as the origins of the malware, I don't know, but I warned him about pirated software, and to be careful with what he installs. I also told him to create a standard user account as his main user.
You are the receiver, your friend is the sender.
If the receiver (you) did not receive bitcoin to a given address, the sender did not fullfil his responsibility in the trade. Whatever reason your friend used is non sense and even if his device was hacked, compromised, he still has responsibility to fullfil that trade and send another bitcoins to your wallet. That's it.
You don't have to care which wallet your friend used, just need to request him to send you bitcoin to your address.
It's as simple as what my fellow buddy have said so far, that as long as your btc address you sent to him, was not the same with the one he or she make the transaction to, that show that he made a mistake in the wallet address, and as the case maybe there's no remedy about this...
Mistake can only be corrected when you have not click on the confirmation button..so your friend was not scammed or hacked it's just a mistake,so you just have to let him know that actually happen since the evidence is there..