Bitcoin Forum>Bitcoin>Development & Technical Discussion>Wallet software
Pages:
Author

Topic: Coinomi wallet hacked, all funds stolen - page 2. (Read 915 times)

virasog
legendary
Activity: 2954
Merit: 1159
Re: Coinomi wallet hacked, all funds stolen
April 18, 2023, 07:31:55 PM
#53
Quote from: PX-Z on April 09, 2023, 06:55:13 PM
I just read this thread and it's very unfortunate. I used coinomi wallet although i don't store large funds there but i have never been hacked even on other wallets that is "closed-source" i used and currently using.
So in this case the problem i only see is the users' device, or the way or where the backup seed is saved.

The problem is most probably with the user's carelessness and then blaming the Coinomi wallet not build upto the standard.
No matter the wallet is closed source or open source, we need to know the basis on how to keep our wallet safe and unfortunately most people in the crypto world don't know the basics.

Quote from: Z-tight on April 13, 2023, 11:34:52 AM
Quote from: Pmalek on April 10, 2023, 08:54:47 AM
A properly airgapped computer has no internet access or contact with anything else that does. Everything you do remains in that local (much harder to penetrate) environment.   
You are correct, but to properly set up an arigapped wallet in a completely safe enviroment is hard for newbies to do, and they can easily mess up and lose their funds, hardware wallets are easier for them to use correctly. I have even seen someone suggesting using an airgapped computer that is only connected to the internet once in a while Roll Eyes, once connected to the internet it really isn't airgapped anymore, so on that note i think there is more work to be done generating and using an airgapped wallet than a hardware wallet.

For newbies, even a hardware wallet may not be suitable unless they know how to use it. The best bet for the Newbies is to use a centralized exchange and / or centralized wallet which is controlled by the password and 2fa. Newbies know this stuff and until they learn about the seed phrases, wallets, and stuff the best option would be the centralized wallets.
Pmalek
legendary
Activity: 2730
Merit: 7065
Farewell, Leo. You will be missed!
Re: Coinomi wallet hacked, all funds stolen
April 13, 2023, 02:05:45 PM
#52
Quote from: Z-tight on April 13, 2023, 11:34:52 AM
You are correct, but to properly set up an arigapped wallet in a completely safe enviroment is hard for newbies to do, and they can easily mess up and lose their funds, hardware wallets are easier for them to use correctly.
In truth, It's not something that newbies should do. Airgapped systems are for the more advanced userbase. Beginners will be safe enough if they move their coins from centralized exchanges (or don't use them to begin with), are careful what they click/download/give permissions to, and use a hardware wallet from a top manufacturer. They can slowly improve their knowledge with time and if they want to.   

Quote from: Z-tight on April 13, 2023, 11:34:52 AM
I have even seen someone suggesting using an airgapped computer that is only connected to the internet once in a while Roll Eyes, once connected to the internet it really isn't airgapped anymore...
That's like saying I am a virgin because I only have sex once a week. I am a 100% virgin during the other days, though.
Z-tight
hero member
Activity: 854
Merit: 1031
Only BTC
Re: Coinomi wallet hacked, all funds stolen
April 13, 2023, 11:34:52 AM
#51
Quote from: Pmalek on April 10, 2023, 08:54:47 AM
A properly airgapped computer has no internet access or contact with anything else that does. Everything you do remains in that local (much harder to penetrate) environment.   
You are correct, but to properly set up an arigapped wallet in a completely safe enviroment is hard for newbies to do, and they can easily mess up and lose their funds, hardware wallets are easier for them to use correctly. I have even seen someone suggesting using an airgapped computer that is only connected to the internet once in a while Roll Eyes, once connected to the internet it really isn't airgapped anymore, so on that note i think there is more work to be done generating and using an airgapped wallet than a hardware wallet.
Quote from: virasog on April 09, 2023, 06:34:24 PM
I don't think it is a pandora box but a reality. How many times it is our near and dear ones who took away our money and we blame the software company developing the wallet to be not up to the standards?
I believe if you cannot trust your spouse with your seed phrase or very important things, you both should not be married at all.
Pmalek
legendary
Activity: 2730
Merit: 7065
Farewell, Leo. You will be missed!
Re: Coinomi wallet hacked, all funds stolen
April 10, 2023, 08:54:47 AM
#50
Quote from: Z-tight on April 06, 2023, 10:55:35 AM
Hardware wallets are safe because the keys are stored offline, any software wallet that the keys are generated offline and the wallet software kept in an airgapped device that would never be connected to the internet is as safe as a hardware wallet.
Properly generated and stored airgapped wallets are even safer than hardware wallets. You still have to have some trust in the device manufacturers and their abilities to not mess up. If they are closed-source, like the biggest hardware wallet seller is, you need even more trust. Remember the recent case with OneKey hardware wallets and how their team messed up.

A properly airgapped computer has no internet access or contact with anything else that does. Everything you do remains in that local (much harder to penetrate) environment.   
PX-Z
hero member
Activity: 1428
Merit: 836
Top Crypto Casino
Re: Coinomi wallet hacked, all funds stolen
April 09, 2023, 06:55:13 PM
#49
I just read this thread and it's very unfortunate. I used coinomi wallet although i don't store large funds there but i have never been hacked even on other wallets that is "closed-source" i used and currently using.
So in this case the problem i only see is the users' device, or the way or where the backup seed is saved.
virasog
legendary
Activity: 2954
Merit: 1159
Re: Coinomi wallet hacked, all funds stolen
April 09, 2023, 06:34:24 PM
#48
Quote from: Z-tight on April 06, 2023, 10:55:35 AM
Quote from: Lida93 on March 28, 2023, 09:26:28 AM
It all makes more sense now why a hardware wallet is far safer to all these software wallets.
Hardware wallets are safe because the keys are stored offline, any software wallet that the keys are generated offline and the wallet software kept in an airgapped device that would never be connected to the internet is as safe as a hardware wallet. Protecting your backup is also very important, and it does not matter the wallet that is used, if your recovery phrase is stolen, your money would be stolen.
Quote from: Lida93 on March 28, 2023, 09:26:28 AM
Next time, don't dump all your savings in a single wallet
Using a multisig wallet or more than one wallet is good and safer, but you have more backups to protect.



No matter whether you have a hardware wallet or software wallet, you need to protect it, and keep the seed phrases safe and at a secure place. Even if you got a hardware wallet and someone in your home has access to the seed phrase and the wallet itself, anything can happen.

Quote from: Z-tight on April 06, 2023, 10:55:35 AM
Quote from: Lida93 on March 28, 2023, 09:26:28 AM
and if I may ask, does your wife have any idea about your PSW or seed phrase?
Hey, do not open a pandorax box here Cheesy Cheesy.

I don't think it is a pandora box but a reality. How many times it is our near and dear ones who took away our money and we blame the software company developing the wallet to be not up to the standards?
Z-tight
hero member
Activity: 854
Merit: 1031
Only BTC
Re: Coinomi wallet hacked, all funds stolen
April 06, 2023, 10:55:35 AM
#47
Quote from: Lida93 on March 28, 2023, 09:26:28 AM
It all makes more sense now why a hardware wallet is far safer to all these software wallets.
Hardware wallets are safe because the keys are stored offline, any software wallet that the keys are generated offline and the wallet software kept in an airgapped device that would never be connected to the internet is as safe as a hardware wallet. Protecting your backup is also very important, and it does not matter the wallet that is used, if your recovery phrase is stolen, your money would be stolen.
Quote from: Lida93 on March 28, 2023, 09:26:28 AM
Next time, don't dump all your savings in a single wallet
Using a multisig wallet or more than one wallet is good and safer, but you have more backups to protect.
Quote from: Lida93 on March 28, 2023, 09:26:28 AM
and if I may ask, does your wife have any idea about your PSW or seed phrase?
Hey, do not open a pandorax box here Cheesy Cheesy.
Mame89
sr. member
Activity: 1512
Merit: 418
Re: Coinomi wallet hacked, all funds stolen
April 04, 2023, 11:55:00 AM
#46
Quote from: virasog on March 24, 2023, 09:10:05 AM
Why is it that every time a person losses his fund from a personal wallet, he makes the owners of the wallet company scam and responsible for his / her? Most of the time people lose money by their own carelessness but they try to put the blame on others that the wallet is not secure and other things which are not true.

No one will take anyone's loss, therefore we need to protect our assets and protect our wallets by ourselves. Nothing would be benefit by blaming others.
agree with your opinion, because the security of a wallet or trading account in the crypto market can occur and may be caused by security failures on the platform used. However, in some cases, hacking can occur due to the trader's own fault. Like Phishing, it is sometimes our fault that we are always careful and not thorough when providing personal information online or through suspicious emails.

As a trader, it is very important to take proper security measures to protect accounts and crypto assets from hacking attacks. By paying attention to this security, we can minimize the risk of losses caused by hack attacks or the like.
Lida93
hero member
Activity: 728
Merit: 512
Re: Coinomi wallet hacked, all funds stolen
March 28, 2023, 09:26:28 AM
#45
Quote from: Bud1951 on March 06, 2023, 09:28:09 AM
The wallet was drained on Feb 14th.  The password was in my head not on paper.  The seed phrase was on paper in a safe which only I have access to.  Coinomi denies all responsibility and basically says too bad so sad.  My wife and I are retired, the wallet held our "safe" retirement cash savings.  Stay away from this wallet. 
It all makes more sense now why a hardware wallet is far safer to all these software wallets. Situations like this one are very complicated in actually pointing a finger on where the compromise emanated from either from OP or coinomi. Sometimes these computer's we use for our wallets could generate a malware unknown to the owner or at one point we might have click on an unsuspecting link or ads unknowingly or it could have been a security breach on the part of Coinomi (which is rare) or maybe OP PSW wasn't strong enough. Like the more the hints on the issue the more it keeps getting complicated as both OP or Coinomi ain't even ready to take responsibility for the loss funds.

Next time, don't dump all your savings in a single wallet and if I may ask, does your wife have any idea about your PSW or seed phrase?
Z-tight
hero member
Activity: 854
Merit: 1031
Only BTC
Re: Coinomi wallet hacked, all funds stolen
March 25, 2023, 04:48:15 PM
#44
Quote from: virasog on March 24, 2023, 09:10:05 AM
No one will take anyone's loss, therefore we need to protect our assets and protect our wallets by ourselves. Nothing would be benefit by blaming others.
When people's wallet gets hacked and their funds are stolen, at that immediate time they are usually very confused and since they do not know what exactly happened, they blame the software or hardware wallet they used to store their money, this is because many people who own crypto today do not even know how to store it in a safe enviroment, they wrongly think it is the software or hardware wallet they use that secures their funds, they do not know their funds are only safe through their actions.
Pmalek
legendary
Activity: 2730
Merit: 7065
Farewell, Leo. You will be missed!
Re: Coinomi wallet hacked, all funds stolen
March 25, 2023, 06:08:41 AM
#43
Quote from: Pezroly on March 23, 2023, 01:13:03 PM
This is very strange.
"Someone can only access your coins if; - He has access to your recovery phrase/private keys. - If he has access to your device and knows your app password."

I guess you mean it's strange that the OP claims Coinomi is somehow at fault for his coins being stolen. If not, let's analyze those support comments. I didn't read the sources, so I am only focusing on the parts you highlighted.

There is nothing strange about what the source says. Whoever has the seed or private keys can remotely access and spend whatever coins are stored in the corresponding addresses. If someone gets hold of your phone where you have Coinomi installed, he can open the app without a password. However, if he wants to make a transaction, he needs to enter the password. If he wants to see the seed or make account changes, he also needs a password.
virasog
legendary
Activity: 2954
Merit: 1159
Re: Coinomi wallet hacked, all funds stolen
March 24, 2023, 09:10:05 AM
#42
Quote from: Pezroly on March 23, 2023, 01:13:03 PM
This is very strange. From Coinomi support - https://coinomi.freshdesk.com/support/solutions/articles/29000009711-if-a-hacker-penetrates-your-servers-will-he-steal-my-coins- - "Someone can only access your coins if; - He has access to your recovery phrase/private keys. - If he has access to your device and knows your app password." - https://coinomi.freshdesk.com/support/solutions/articles/29000013344-can-a-thief-hack-bruteforce-my-stolen-lost-device-and-spend-my-funds- - "Coinomi is a security-first wallet, it has been around since 2014 and no user wallet has ever been hacked or otherwise compromised, and that is for a reason."
Maybe you have serious malware or keylogger in your computer. Try to scan your computer with good antivirus software and also Malwarebytes software from here https://www.malwarebytes.com/.


Why is it that every time a person losses his fund from a personal wallet, he makes the owners of the wallet company scam and responsible for his / her? Most of the time people lose money by their own carelessness but they try to put the blame on others that the wallet is not secure and other things which are not true.

No one will take anyone's loss, therefore we need to protect our assets and protect our wallets by ourselves. Nothing would be benefit by blaming others.
Pezroly
jr. member
Activity: 67
Merit: 8
Re: Coinomi wallet hacked, all funds stolen
March 23, 2023, 01:13:03 PM
#41
This is very strange. From Coinomi support - https://coinomi.freshdesk.com/support/solutions/articles/29000009711-if-a-hacker-penetrates-your-servers-will-he-steal-my-coins- - "Someone can only access your coins if; - He has access to your recovery phrase/private keys. - If he has access to your device and knows your app password." - https://coinomi.freshdesk.com/support/solutions/articles/29000013344-can-a-thief-hack-bruteforce-my-stolen-lost-device-and-spend-my-funds- - "Coinomi is a security-first wallet, it has been around since 2014 and no user wallet has ever been hacked or otherwise compromised, and that is for a reason."
Maybe you have serious malware or keylogger in your computer. Try to scan your computer with good antivirus software and also Malwarebytes software from here https://www.malwarebytes.com/.
sheenshane
legendary
Activity: 2366
Merit: 1206
Re: Coinomi wallet hacked, all funds stolen
March 21, 2023, 10:59:49 AM
#40
Quote from: Pmalek on March 21, 2023, 10:00:56 AM
Quote from: Z-tight on March 20, 2023, 04:01:41 PM
How do you hold them liable or prove it, they are closed source and you cannot verify their codes or check if they did something behind the scenes that caused the loss, so there is no case to even begin with. And i am sure their terms of service would read that they are not "liable for any customers loss"...
I don't know any wallet that can be held responsible for the actions of its users, open or closed-source. If Coinomi (or any other wallet for that matter) was stealing money left and right, you would have hundreds of people finding this forum the same way OP did and sharing their stories of waking up one day and noticing all their crypto was gone. But we don't have that.
Mostly some cases that I've heard in Coinomi wallet are that frustrating with huge fees but not losing their fund or being scammed.
It might difficult to hold their developers or providers liable for any loss of funds (even any wallet, an open-source, close-source, and even software wallet).  Without access to the source code, it can be challenging to prove any wrongdoing on their part or determine if any vulnerabilities in the code led to the loss.  As also many we can see that most wallets will include disclaimers in their terms of service to protect themselves from liability in case of a loss.

Quote
I think the most nefarious client that is often mentioned in the scam accusation board is Freewallet.   
Worst than the Coinomi wallet and I tend to agree with this.
Pmalek
legendary
Activity: 2730
Merit: 7065
Farewell, Leo. You will be missed!
Re: Coinomi wallet hacked, all funds stolen
March 21, 2023, 10:00:56 AM
#39
Quote from: Z-tight on March 20, 2023, 04:01:41 PM
How do you hold them liable or prove it, they are closed source and you cannot verify their codes or check if they did something behind the scenes that caused the loss, so there is no case to even begin with. And i am sure their terms of service would read that they are not "liable for any customers loss"...
I don't know any wallet that can be held responsible for the actions of its users, open or closed-source. If Coinomi (or any other wallet for that matter) was stealing money left and right, you would have hundreds of people finding this forum the same way OP did and sharing their stories of waking up one day and noticing all their crypto was gone. But we don't have that.

I think the most nefarious client that is often mentioned in the scam accusation board is Freewallet.   
Z-tight
hero member
Activity: 854
Merit: 1031
Only BTC
Re: Coinomi wallet hacked, all funds stolen
March 20, 2023, 04:01:41 PM
#38
Quote from: Wind_FURY on March 15, 2023, 04:19:47 AM
or if Coinomi was a nefarious entity that steals private keys themselves like what OP is giving that impression. Because if it's true/proven, then they are legally liable.
How do you hold them liable or prove it, they are closed source and you cannot verify their codes or check if they did something behind the scenes that caused the loss, so there is no case to even begin with. And i am sure their terms of service would read that they are not "liable for any customers loss", these companies know things like loss of funds and assets would happen, so do not think they will leave themselves exposed, they can defend themselves easily, that's why it is better to protect your funds than to be in this "helpless" situation.
Pmalek
legendary
Activity: 2730
Merit: 7065
Farewell, Leo. You will be missed!
Re: Coinomi wallet hacked, all funds stolen
March 18, 2023, 04:43:30 AM
#37
Quote from: DaveF on March 12, 2023, 08:26:23 AM
Actually it's in the ToS that nobody reads. And stated a few other times & places. More or less it boils down to 'we are not responsible for anything'...
That's right. You can find the same things in the terms of centralized exchanges. They use a few different ways for how they call it. For example, "unforeseen circumstances" or "extraordinary situations". Getting your wallet/account hacked is considered an extraordinary situation because the service provider can't do anything about the way you handle your security.

Quote from: aylabadia05 on March 14, 2023, 12:21:20 AM
...there are also software wallets that provide good security such as Electrum.
Electrum's cold wallet feature is a good solution. Using Electrum as a hot wallet isn't such a security upgrade if you don't know what you are doing. We don't know how OP lost his coins. Whatever he did with Coinomi, he could have in theory also done with Electrum with the same outcome.
Wind_FURY
legendary
Activity: 2898
Merit: 1823
Re: Coinomi wallet hacked, all funds stolen
March 15, 2023, 04:19:47 AM
#36
Quote from: mk4 on March 06, 2023, 09:46:49 AM
The thing with software wallets is that there's always a chance of a private key leak simply due to the fact that your wallet's private keys were generated through your computer/mobile device. And add the fact that it's closed source? We have no idea how secure the wallet app is.

Next time, grab a hardware wallet.


I believe it's more probable that OP was a victim of a phishing attempt, or his/her computer was hacked, than Coinomi software had a private key leak, or if Coinomi was a nefarious entity that steals private keys themselves like what OP is giving that impression. Because if it's true/proven, then they are legally liable.
aylabadia05
hero member
Activity: 1470
Merit: 755
Re: Coinomi wallet hacked, all funds stolen
March 14, 2023, 12:21:20 AM
#35
Quote from: Bud1951 on March 06, 2023, 09:28:09 AM
The wallet was drained on Feb 14th.  The password was in my head not on paper.  The seed phrase was on paper in a safe which only I have access to.  Coinomi denies all responsibility and basically says too bad so sad.  My wife and I are retired, the wallet held our "safe" retirement cash savings.  Stay away from this wallet. 
What to say if the kite has broken the rope that causes it to be lost to the wind. It is not the wind's fault that the kite broke, but that the string was not strong enough.

The three possibilities mentioned by hosseinimr93 are very accurate. In storing assets, please make sure that the source of the wallet has nothing to do with them regarding the seed phrase.

Quote from: hosseinimr93 on March 06, 2023, 09:43:14 AM
1. It's possible that you used a weak password and someone was able to brute-force it.
2. It's possible that someone had access to your seed phrase.
3. It's possible that your device was compromised.

Storing assets for the future, why not spend a little money to buy a hardware wallet to be truly secure, although there are also software wallets that provide good security such as Electrum.
hosseinimr93
legendary
Activity: 2380
Merit: 5213
Re: Coinomi wallet hacked, all funds stolen
March 13, 2023, 03:47:25 PM
#34
Quote from: virasog on March 13, 2023, 12:43:16 PM
Do you think coinomi themselves stole these funds because it is closed source and they can get access to keys or anything ?
There is no way to know that. We don't know whether they have access to users keys or not.

Quote from: virasog on March 13, 2023, 12:43:16 PM
The coinomi wallet is being used by so many people and they have a name in the market. They would not stole people funds, as if they do, they will have a bad reputation and people will stop using this wallet.
Being used by many people doesn't mean that's safe. Visit the following topic and see how a vulnerability caused a coinomi user to lose all his money.
WARNING - Coinomi Wallet CRITICAL Vulnerability Made Me Lose My Life Savings

Quote from: virasog on March 13, 2023, 12:43:16 PM
I guess there may be fault at the OP end which made him lose all his money.
This is the most probable case.
Pages:
Bitcoin Forum>Bitcoin>Development & Technical Discussion>Wallet software
Jump to: