Unsolicited withdrawal from wallet. Is my private key compromised?


#1

Hi! Yesterday night I had 0.01 BTC withdrawn from my Bisq wallet which I did not request myself. Please see the transaction here: https://oxt.me/transaction/2b2a8f30e89dc727c4ae3b1e0e1c9b6bc3fa7f58e26efda89a7943c33ccc5e21
I have no access to the receiving address: bc1qytdavvx7lfhsc49e68z22cxsvv6zc7wdr3lp50 .
I am worried that my private key or computer is compromised endangering my future funds as well.
Can you suggest any other explanation for this? Would like to make sure I avoid further loss.


#2

It is possible that you were hacked yes.
If your funds were withdrawn to the address you don’t control, then yes, it certainly looks like it.

I would suggest that you reinstall your OS. If you were using Windows, switch to Linux.


#3

Did you use a password? Which OS are you using? Windows is very insecure for crypto… Hope it is just a confusion and you did not get hacked. If so take care that the damage is not larger.


#4

Thanks for your response. I am using linux Ubuntu 18.04, behind a firewall and VPN, but did not have a password set up. Changed that straight away to a long,complicated one. It is still difficult to imagine how this has happened. It is certainly a good lesson to take all the extra steps one sometimes lazy to do, we are our own banks after all.


#5

Perhaps Bisq doesn’t show outgoing transaction from it’s wallet if it didn’t send them itself.
I don’t know though.

Check if there is anything about it in Funds->Transactions
If you can’t find this transaction you stated above and Bisq doesn’t retrieve outgoing transactions automatically from the Bitcoin network then it would be safe to assume that someone stole your private keys or your seed words.


#6

It does show up amongst the transactions, but it is the only row not displaying the address. I think bisq does not even support bc1… addresses, so it must have been sent with another software. That strongly suggests, that the seed got imported to somewhere else, yikes.


#7

Yeah, I think you are right.


#8

Thats weird. You can see all addressed and transactions and keys with cmd+j. have a look to see if the receiver address is in your wallet. If not it seems someone managed to get your seed words or key. Backup the application folder and start over new to not use that wallet anymore. And double check if your computer is compromised. If you find out anything please let us know.