100 LTC Stolen from Litecoin Core Wallet

Hey guys,

Lastnight I connect my offline PC for update headers in my Litecoin Core wallet and when the update was finished more than 97LTC has been transfered to another key.

I sent email to Litecoin support and i had no answer.

I feel hopless, those LTC was the only savings, years of my life saved in cryptocurrency and now are gone.

Please what i can do about it?

Pease i need your HELP!

The wallet size is 1.28MB (should be 200kb?)

the only way that could happen is if someone had access to your key and was able to transfer it. are you sure you dont mean transferred into another address? (not key) As a single key can have multiple addresses (based on format of the address) - at least that is the case with Bitcoin, I would assume that is possible with Litecoin as well.

1 Like

what does the address start with that the coins were sent to?
public keys correspond to 3 different types of addresses and you most likely need to run your wallet using the “legacy addresses” and NOT bech32

unless you know a person stole from you it is highly un likely that someone was able to “steal your coins”
the issue is likely to do with the option in which your wallet is running and using…different address types will produce different addresses from the same key…
If you would like some help with this please send me a message…thanks…

1 Like


If it was a transfer, then i would remember, it happened on Dec 3, 2020

I won’t be able to DM to you, i think because i’m a new user…

easy and fast way to see if it is your “address” go into console and type “dumpprivkey” followed by that address where you see your coins residing. If it is “your” address, the console will give you the private key.

NOTE: I am not asking that you share any private key information here. The above is simply a quick and easy way to get the private keys for any address that are part of your wallet.

Private key for address LhTZW9WuWETcc2vEP3zvKKxzxRMUZ6bzu1 is not known (code -4)

then that is not your address.

and your address was “LQYdNsKZQEUiNoyXpLcuGRGZM7Ci1GuVKK” ?

Your original address - if the one above, was it generated by the core wallet? or did you import that from elsewhere?
And did you ever import your private key somewhere else? Or have it saved somewhere accessible by someone on the net?

Sorry for some questions if they seem stupid, but I don’t know the full situation so asking for a better idea of what happened.

It looks like your wallet went nearly 3 years with zero activity.

Yes the VKK is mine.

the wallet.dat was in my other hard drive, with .RAR encyption with sha512, and also the wallet is encrypted.

the chance of cracking a private key is very very very slim. So someone had to have add access to it or you saved/typed/entered that private key somewhere else and it got captured.

I’ve never copy my private key, because always made a wallet backup.

well to take your funds, they had to either have your private key or a copy of your wallet.dat file and the password.

That will be impossible, but…
If I have a wallet prior to the one stolen one, the only way to “find” those LTCs would be if I had sent them from the “VKK” to the “zu1” right? And the “zu1” would be another wallet on another pc? Because the only thing that would be possible is that I have sent those ltcs for no reason to another wallet, but i can’t remember that. It’s weird, because it happens 19 days ago.

well - if someone had access to your internal network or to the pc, they could have copied the wallet.dat file and if they knew your pw it would have been easy as heck to take your funds.

have you checked to see if you have any other wallet.dat files? is it possible that after 3 years of being idle you installed the newest version and swept the private key from your older wallet?

I got a wallet of 2014. what litecoin wallet do i need to install for that year?

litecoin core wallet - should have no issues with the wallet.

the whole thing is very simple, if your wallet holds the private key to the address “LQYdNsKZQEUiNoyXpLcuGRGZM7Ci1GuVKK” and the funds were moved from that address to “LhTZW9WuWETcc2vEP3zvKKxzxRMUZ6bzu1” - whoever moved it had the private key to the address “LQYdNsKZQEUiNoyXpLcuGRGZM7Ci1GuVKK”.