Pages:
Author

Topic: Coinomi wallet hacked, all funds stolen - page 3. (Read 975 times)

legendary
Activity: 1022
Merit: 1341
March 13, 2023, 02:14:32 PM
#33
The wallet was drained on Feb 14th.  The password was in my head not on paper.  The seed phrase was on paper in a safe which only I have access to.  Coinomi denies all responsibility and basically says too bad so sad.  My wife and I are retired, the wallet held our "safe" retirement cash savings.  Stay away from this wallet. 
Op did you login your wallet in another person's device which you forgot to logout? Even though coinomi is a close source wallet I don't think they took your Coins back to themselves but I am suspecting someone very close bto you did it. Normally wallet password is always in the brain and it is not written down on paper except the seed phrase which is very long to memorize. I believed it was your carelessness make the person to transfer the coins to his or her wallet.
I have heard such similar story ina family, a boy took his mom phone and transfer $20 to his account and delete the debit alert from the mother's phone so that she would not know that he took the money from her account, and finally he was caught on other times. So I am trying to also  think from that angle too that someone you know might have used your device to do the transfer and returned or dropped it the way it was so you wouldn't notice.
legendary
Activity: 3136
Merit: 1172
Leading Crypto Sports Betting & Casino Platform
March 13, 2023, 11:43:16 AM
#32
Coinomi is a close-source wallet and we don't know how the keys are generated and whether they have access to users keys or not.
Take note that this doesn't mean they have definitely stolen you fund. There can be many other reasons.

1. It's possible that you used a weak password and someone was able to brute-force it.
2. It's possible that someone had access to your seed phrase.
3. It's possible that your device was compromised.

Even if they have stolen your fund, it's still your own fault. Because you used a close-source wallet.


Do you think coinomi themselves stole these funds because it is closed source and they can get access to keys or anything ?

The coinomi wallet is being used by so many people and they have a name in the market. They would not stole people funds, as if they do, they will have a bad reputation and people will stop using this wallet.

Another argument can be that they stole from this one wallet which may have contain billion or trilions of dollars, i don't think anyone's retirement saving can be something so big that coinomi decided to scam. I guess there may be fault at the OP end which made him lose all his money.

legendary
Activity: 3500
Merit: 6320
Crypto Swap Exchange
March 12, 2023, 07:26:23 AM
#31
Regarding Coinomi, it's not uncommon for wallet providers to disclaim responsibility for lost funds, especially if the funds were not stolen due to a flaw in the wallet software or the company's infrastructure. So what they said is all they can do actually.
That only works for open source software that is released under certain licenses such as MIT that ensures the developers aren't liable for any "damages". But for a closed source software that we can't even verify where the vulnerability was that led to the loss, it should not work although the companies behind them will make it work.

Actually it's in the ToS that nobody reads. And stated a few other times & places. More or less it boils down to 'we are not responsible for anything' and although not with Coinomi specifically similar ToS it have made it though the courts in a few places and so long as it was not hidden and mentioned several times it's been upheld. Nobody is making you closed source software with an iffy reputation. Nobody is making you not use a hardware wallet / multisig wallet. Nobody is forcing you to store your funds in a hot wallet. And so on.

Perhaps a bit harsh, but in the end it's what it comes down to.

-Dave
legendary
Activity: 3472
Merit: 10611
March 11, 2023, 11:44:42 PM
#30
Regarding Coinomi, it's not uncommon for wallet providers to disclaim responsibility for lost funds, especially if the funds were not stolen due to a flaw in the wallet software or the company's infrastructure. So what they said is all they can do actually.
That only works for open source software that is released under certain licenses such as MIT that ensures the developers aren't liable for any "damages". But for a closed source software that we can't even verify where the vulnerability was that led to the loss, it should not work although the companies behind them will make it work.
sr. member
Activity: 1498
Merit: 271
DGbet.fun - Crypto Sportsbook
March 10, 2023, 12:08:43 PM
#29
The wallet was drained on Feb 14th.  The password was in my head not on paper.  The seed phrase was on paper in a safe which only I have access to.  Coinomi denies all responsibility and basically says too bad so sad.  My wife and I are retired, the wallet held our "safe" retirement cash savings.  Stay away from this wallet. 

It's sad what happened to you, as everything in your coinomi wallet was drained? How long have you been using that wallet? Are you new to coinomi?

      in that situation, it's a bit stressful on your part, since you're retired, that means you're old enough, I hope you're okay after things like that happen to you, I also hope that if you save crypto, it's good to just buy a hardware wallet or use you of Electrum wallet.
hero member
Activity: 2408
Merit: 584
March 10, 2023, 02:49:09 AM
#28
The wallet was drained on Feb 14th.  The password was in my head not on paper.  The seed phrase was on paper in a safe which only I have access to.  Coinomi denies all responsibility and basically says too bad so sad.  My wife and I are retired, the wallet held our "safe" retirement cash savings.  Stay away from this wallet. 
I'm sorry to hear about your loss, I can understand how stressful and saddening that can be.

Regarding Coinomi, it's not uncommon for wallet providers to disclaim responsibility for lost funds, especially if the funds were not stolen due to a flaw in the wallet software or the company's infrastructure. So what they said is all they can do actually.

You need to always do your due diligence and research a wallet provider before trusting them with your funds. Look for wallets that have a proven track record of security and have been audited by third-party security experts. Also, consider using hardware wallets, which are generally considered to be more secure than software wallets, as they store your private keys offline.
legendary
Activity: 2716
Merit: 1855
Rollbit.com | #1 Solana Casino
March 09, 2023, 03:30:14 AM
#27
I probably have some coins in old Electrum wallets, but regardless of caution and premium AV protection and the fact that I do not use the computer for any risky activities, I would still not recommend anyone who has a choice to keep more than what they are ready to lose in any hot wallet. We are aware of some dangers such as clipboard malware or fake wallets, but the bad guys who try to steal our coins never sleep and we can never know when they will find some vulnerability in Windows OS or Electrum itself.
The danger of malware is always lurking when the device is used for activities on the internet.
But for the use of the electrum wallet on the device that I use, it is only a second wallet or wallet to receive payments from signature campaigns and some other payments, not a main wallet.

I am aware that Electrum's vulnerability also depends on how we use the device.
I also always separate the Seed wallet from the device used and the storage I use for Offline seeds is not connected to any internet and also in physical form.
legendary
Activity: 2730
Merit: 7065
March 08, 2023, 01:40:17 PM
#26
A lot of more information could have been added to the OP.

- Was it Coinomi mobile or the desktop version?
- What activities is the device with the wallet used for?
- You said you were retired. Can we assume you are +60? How good are you with general online security, and do you know how to protect yourself?


But did you keep your seed phrase in a safe location, how sure are you that only you have access to it.
The questions were already answered in the OP. He/she said that the seed is kept in a safe and only OP can access it.

My advice is that you should create a new wallet and this time use a much stronger password.
I hope you don't mean a new wallet on Coinomi. I wouldn't use any software wallet for money I consider my "retirement funds". Go for a quality hardware wallet or an airgapped system. Sadly, it's too late to do anything about it for OP regarding the coins that disappeared.

and Electrum is the answer, more secure and free and Open Source.
That depends on how you use it. The mobile app or Electrum on desktop as hot wallet are still vulnerable software wallets. Its open-source nature isn't going to protect you from getting hacked if you make a serious mistake. However, Electrum as a cold wallet is one of the best options there are.
legendary
Activity: 3234
Merit: 5637
Blackjack.fun-Free Raffle-Join&Win $50🎲
March 08, 2023, 06:56:18 AM
#25
I keep some assets in Electrum Windows and it's still safe, as long as users can keep themselves safe and use premium antivirus protection.

I probably have some coins in old Electrum wallets, but regardless of caution and premium AV protection and the fact that I do not use the computer for any risky activities, I would still not recommend anyone who has a choice to keep more than what they are ready to lose in any hot wallet. We are aware of some dangers such as clipboard malware or fake wallets, but the bad guys who try to steal our coins never sleep and we can never know when they will find some vulnerability in Windows OS or Electrum itself.
legendary
Activity: 2716
Merit: 1855
Rollbit.com | #1 Solana Casino
March 07, 2023, 08:47:02 PM
#24
Why are people with thousands of dollars in cryptocurrency still chasing airdrops that will only give you $5 dollars. Is it really worth the risk (let alone the gigantic waste of time it is)?
If you ask why are people with thousands of dollars in cryptocurrency still chasing airdrops? The answer is of course because some airdrops provide sizable incentives. Airdrops don't just do tasks share, like and fill out assignments and get a $5 reward.

Currently, some of the airdrops are quite hidden, those who try Tesnet on a new network, try a new platform, and make some transactions have a chance to get an airdrop for early adopters. We all already know about the UNISWAP, 1INCH, ENS airdrops, and several new airdrops for NFT users, namely BLUR, they get thousands or even hundreds of thousands of dollars from the airdrop.

For those who don't understand how to get the jackpot on multiple airdrops it might seem like a waste of time, but they do some research first. Because many of my friends (including me) get several airdrops that can replace all the gas fees used for conducting trials etc.

Don't store any cryptocurrency on Windows. Not even Linux if it is running inside a Windows host.
I keep some assets in Electrum Windows and it's still safe, as long as users can keep themselves safe and use premium antivirus protection.
I also use Hardware Wallet as the main storage and it is not connected to other devices.
hero member
Activity: 1666
Merit: 453
March 07, 2023, 01:06:27 PM
#23
Based on what I discovered here at coinomi, although it has been around for a long time in the crypto space, it seems that there have been many issues with these wallet apps that have not solved the problems of their users.

According to the Trustpilot review, the latest negative feedback here was only last February 2023, and even every month of the last year 2022, coinomi has issues with its users from January to December, no issues have been resolved and those that are not beautiful and can be a reason for anyone to stop using it in this community.

Coinomi Unresolved issues
legendary
Activity: 3500
Merit: 6320
Crypto Swap Exchange
March 07, 2023, 11:20:53 AM
#22
Don't store any cryptocurrency on Windows. Not even Linux if it is running inside a Windows host.

How about this instead:

Don't store any cryptocurrency that you cannot afford to loose on Windows ANY DEVICE CONNECTED TO THE INTERNET WITHOUT A HARDWARE WALLET. Not even Linux if it is running inside a Windows host is secure against everything and if you do something wrong because you were not fully paying attention since you have done it a hundred times before, no matter how secure you think you are your crypto is gone.

Telling people to use this OS vs that may help in the desktop environment, but it still comes down to the user.

If you are not familiar with linux / windows / mac OS an older un-patched un-secured version of an OS you know may actually be more secure then one you don't since you are not trying to figure something out while trying to move money around.

-Dave

member
Activity: 560
Merit: 17
Eloncoin.org - Mars, here we come!
March 07, 2023, 10:18:42 AM
#21
The wallet was drained on Feb 14th.  The password was in my head not on paper.  The seed phrase was on paper in a safe which only I have access to.  Coinomi denies all responsibility and basically says too bad so sad.  My wife and I are retired, the wallet held our "safe" retirement cash savings.  Stay away from this wallet. 

   What was your issue with coinomi? apart from the fact that your assets were drained on February 14 2023? You didn't recover it? have you reported this to coinomi support? As far as I know, this coinomi has been around for a long time.

     But I think there are a lot of people complaining here at coinomi because last year there were a lot of people who used this app and most of them didn't get their assets out and others made deposits but what they deposited didn't arrive at the address they gave. And the other is that the support does not even care about the concern issues of its users.
hero member
Activity: 2212
Merit: 670
Signature designer - start @$10 - PM me!
March 07, 2023, 05:19:25 AM
#20
The password was in my head not on paper.

Is that a series of words that are easy to guess? Then it's useless. Btw, the seed phrase can also be seen on the settings page right? simply use a password to access it (or biometrics if you enable it). As I recall, Android devices can add multiple biometric IDs. If in fact there is other IDs on your device, I don't think you need to suspect it's a malware attack, wallet vulnerability, or other online attacks.
legendary
Activity: 1568
Merit: 6660
bitcoincleanup.com / bitmixlist.org
March 07, 2023, 01:56:44 AM
#19
Apart from that, other methods such as phishing dApps pages are usually found in several airdrops which require connecting using dApps and finally the hacker has control over the wallet. To be able to overcome these hacking attempts, you can Revoke several suspected dApps.
https://study.bitkeep.com/en/?ht_kb=dapp-authorization-scam

Why are people with thousands of dollars in cryptocurrency still chasing airdrops that will only give you $5 dollars. Is it really worth the risk (let alone the gigantic waste of time it is)?

PS.

Don't store any cryptocurrency on Windows. Not even Linux if it is running inside a Windows host.
legendary
Activity: 2212
Merit: 7064
March 06, 2023, 01:56:40 PM
#18
The wallet was drained on Feb 14th.  The password was in my head not on paper.  The seed phrase was on paper in a safe which only I have access to.  Coinomi denies all responsibility and basically says too bad so sad.  My wife and I are retired, the wallet held our "safe" retirement cash savings.  Stay away from this wallet. 
Sorry, but this is ultimately your own fault, this is a hot wallet and there is always a risk that something gets leaked if you are not careful.
I bet if I scanned your device used for installing Coinomi (probably with wInD0ws OS) that I would find several malware, or software that records what you type.
That is why people invented hardware wallets and that is why they are using airgapped devices.
On top of everything, Copinomi is closed source software, it's mistake using closed source Bitcoin wallets.

sr. member
Activity: 994
Merit: 441
March 06, 2023, 12:10:56 PM
#17
Op are you sure that your seed phrase was very safe? I don't think so. Maybe someone stole from you. Which you don't think at all. I have never used the wallet you used. But why did you set such a weak wallet for your hard earned money. You should better choose a secure wallet and keep your funds there. This case of yours seems really sad to me.
legendary
Activity: 3500
Merit: 6320
Crypto Swap Exchange
March 06, 2023, 10:48:29 AM
#16
It's hard to tell if it's their fault or yours,
It's OP's fault.
Even if there was a vulnerability or a backdoor caused OP to lose the fund, it's still OP's fault that he/she used a close-source wallet while there are many good open-source wallets.

Closed / open does not matter when you get to the fact that crypto was stored in an online hot wallet.
As I have said dozens of times. I use Coinomi on my phone, I know it's unsafe. But, on that note so is electrum on my phone, and desktop because wait for it.....it's a hot wallet on an internet connected device.

Any real funds are stored offline and secured with hardware.

-Dave
legendary
Activity: 3234
Merit: 5637
Blackjack.fun-Free Raffle-Join&Win $50🎲
March 06, 2023, 10:41:05 AM
#15
The wallet was drained on Feb 14th.

Then you didn't really have a happy Valentine's Day - but someone else obviously had a smile on their face...

The password was in my head not on paper.  The seed phrase was on paper in a safe which only I have access to.

Has the password ever been written down on paper or anywhere online? In any case, keeping such information in your head is a bad option, not only because you can forget it naturally, but also because of a possible head injury. Are you sure only you had access to the safe?

Coinomi denies all responsibility and basically says too bad so sad.  My wife and I are retired, the wallet held our "safe" retirement cash savings.  Stay away from this wallet. 

What else do you expect them to say? No matter how much you think it's the wallet's fault, it's hardly an inside job - because if there was any vulnerability, hundreds or even thousands of wallets would be emptied. No matter how you look at it, you and your wife should have been much smarter and informed yourself first, and if you had done that, maybe this wouldn't have happened.
legendary
Activity: 2716
Merit: 1855
Rollbit.com | #1 Solana Casino
March 06, 2023, 10:10:00 AM
#14
The thing with software wallets is that there's always a chance of a private key leak simply due to the fact that your wallet's private keys were generated through your computer/mobile device. And add the fact that it's closed source? We have no idea how secure the wallet app is.
Private key leak due to user negligence and the device used is infected with malware or trapped on a phishing website which requires entering the private key. Quite often such hacks happen, even I also get a lot of spam emails that redirect to phishing websites.

and what becomes even more dangerous is when the address or wallet that we have is exposed to a dusting attack and has been marked and sent with several foreign coins that cannot be traded.
https://en.wikipedia.org/wiki/Dusting_attack

Apart from that, other methods such as phishing dApps pages are usually found in several airdrops which require connecting using dApps and finally the hacker has control over the wallet. To be able to overcome these hacking attempts, you can Revoke several suspected dApps.
https://study.bitkeep.com/en/?ht_kb=dapp-authorization-scam

Next time, grab a hardware wallet.
Highly recommended, but choose a hardware wallet that is really suitable because there are currently various types of hardware wallets available.



No. OP shouldn't use Coinomi anymore and should go for an open-source wallet.
As I already said, coinomi is close-source and even if you use a strong password, there is no guarantee that your wallet is safe.
and Electrum is the answer, more secure and free and Open Source.
If really want to use a Multi-Wallet, then the last, safest choice is a Hardware wallet

It may worth mentioning that even if you use a trustworthy open-source wallet an an online device, your fund isn't still completely secure. Any online device is prone to hacking.
Every online device will still have the risk of hacking.
Besides that, the user's vigilance and how he keeps his wallet safe also matter.
No matter how secure the user is, the loss of assets may occur.
Pages:
Jump to: