Topic: Coinomi wallet hacked, all funds stolen (Read 915 times)

Quote from: rby on May 16, 2023, 02:13:10 PM

The wallet was drained on Feb 14th. The password was in my head not on paper. The seed phrase was on paper in a safe which only I have access to. Coinomi denies all responsibility and basically says too bad so sad. My wife and I are retired, the wallet held our "safe" retirement cash savings. Stay away from this wallet.

W normally tell people to use Open Source wallets preferable Electrum, Wasabi others. Well sorry for your lost, since the owners of the wallet app said, they can't do anything then your coins are gone. Coinomi supposed know how the coins move from the wallet to another wallet. Something phishing is here. Op. Said he has the keys with him and the password is in head so how come the wallet was hacked? Is it that the hackers used software to hacked the wallet. And if it is like that then Coinomi wallet is not secure to use and recommend to others. This is very sad news because your old age with your wife savings were there and have been hacked by the negligent of Coinomi company because their app or website is not well secured.

Pmalek

legendary

Activity: 2730

Merit: 7065

Farewell, Leo. You will be missed!

Very good way to trace a discrepancy in your wallet. But I have a concern, if the allegations that the developers behind a closed source wallets manipulate is real. Will it not be easy for them to wipe the transaction history from the wallet. Then, the victim won't have any link to the blockchain immutable ledger to verify.

Manipulating the native software is possible, but they can't manipulate a decentralized database and a 3rd-party blockchain explorer. If you know your addresses, you have ways to check your balances. If your wallet shows you have X of BTC on address A, you can always confirm that on the blockchain. The native software can lie about what you have, but the blockchain data tells the truth.

rby

hero member

Activity: 742

Merit: 611

Brotherhood is love

The wallet was drained on Feb 14th.

What a poor coincidence? A day meant for love turned to grief. Take heart.

The password was in my head not on paper. The seed phrase was on paper in a safe which only I have access to.

I have a couple of passwords in my head, very strong and I cannot forget unless I have a brain issue in the future (not anticipating though). But the disadvantage is that I tend to repeat same password for different purposes which is bad. If it leaks in one platform, you'll become a 360deg victim. A password manager is cool.

Quote from: Pmalek on May 15, 2023, 02:16:26 AM

Coinomi denies all responsibility and basically says too bad so sad.

I do not think that it's from the end of Coinomi. You didn't mention how you access your wallet, maybe from an insecure device, using public network, et

Whenever there is a discrepancy, the first thing you do is to check the transaction history. Look for outgoing transactions you didn't make. If the software reports that it's up-to-date and the transaction history is ok, then check your address/addresses on blockchain explorers. Again, if there is nothing unusual there and it doesn't show unknown transactions, you can safely say there is something wrong with your wallet.

rat03gopoh

hero member

Activity: 2002

Merit: 633

Your keys, your responsibility

Quote from: Artytom on May 14, 2023, 02:28:44 PM

I thought the same thing had happened to my eth in my coinomi wallet but resetting the app cache and restarting then loading the eth coin restored it.

It is impossible to recover crypto sent to an address other than yours, or you actually wanna say that the balance is just not reflected correctly so your case is different from the OP's.
But in essence, you're not recommended to keep using the Coinomi wallet if you read some of the facts above.

Pmalek

legendary

Activity: 2730

Merit: 7065

Farewell, Leo. You will be missed!

Quote from: Artytom on May 14, 2023, 02:28:44 PM

I thought the same thing had happened to my eth in my coinomi wallet but resetting the app cache and restarting then loading the eth coin restored it.

Artytom

newbie

Activity: 6

Merit: 2

I thought the same thing had happened to my eth in my coinomi wallet but resetting the app cache and restarting then loading the eth coin restored it.

pooya87

legendary

Activity: 3444

Merit: 10537

Quote from: DaveF on April 27, 2023, 12:06:40 PM

Fading activity and interest of the owners of the project could be seen as a negative sign since they could have reached the conclusion that this project is not going to make them the money they were hoping for. The risky part is that they could decide to "run away" but not before stealing some money from their users.

DaveF

legendary

Activity: 3458

Merit: 6231

Crypto Swap Exchange

Quote from: bettercrypto on April 26, 2023, 11:44:17 AM

It's sad that there has been theft of assets from other communities here in the crypto space. Both of you are retired and then the same thing happened.

As far as I know, this coinomi does not provide the latest updates on their social media platforms. Their last announcement on twitter was in April 2022, after these times they have not given any latest plan and development for the community of coinomi and there are many users complaining about it.

IMO Coinomi has gone from an active project to a 'side hobby' of whoever is maintains it.
Their social media is just about dead. XMR and other coins are having issues and a few other minor things come to mind.

This is not to say it's any less safe then it was or worse then any other closed source hot wallet, just that it's not as actively supported as it once was.
The flip side is that there are some actively supported wallets that do suck so there is that......

Just as people have issues it looks like it's going to fall more on the community to support them then Coinomi.

-Dave

Z-tight

hero member

Activity: 854

Merit: 1031

Only BTC

Quote from: virasog on April 25, 2023, 06:59:39 PM

I never advise newbies or recommend them to use centralized wallets or exchanges. The only thing i am saying is that they should educate themselves on how to secure the seed phrases before storing their crypto in wallets like Electrum. Yes, the process is easy to learn but there may be some who may never want to learn. Sad

I get the thing you are saying now, but i don't think they should educate themselves by depositing their money into centralized exchanges and leaving it there for the period of learning, they may lose it before they learn anything. Newbies can start directly with Electrum, it is easier to use and set up that registering on a centralized exchange and giving them your kyc documents, so Electrum is a good start, and i think everyone knows how to hide something, so with good opsec they will keep their seed phrase safe, and afterwards they can start learning things like how to set up a wallet in an air-gapped way and how to use a hardware wallet, etc.

bettercrypto

sr. member

Activity: 1316

Merit: 268

★Bitvest.io★ Play Plinko or Invest!

Aikidoka

sr. member

Activity: 1078

Merit: 342

Sinbad Mixer: Mix Your BTC Quickly

Quote from: virasog on April 25, 2023, 06:59:39 PM

It's true that many newbies do not take security as a serious deal and no joke about it, but it's actually one of the most important aspects to consider when creating a Bitcoin wallet. It's crucial to think carefully about how to secure your seed phrase, private keys, and passwords from potential hackers. I would not recommend trusting any centralized hot wallet, but instead I'll suggest at least to create an open-source wallet like Electrum. It would be even better to use a hardware wallet or make your electrum wallet air-gapped, which is impossible to hack online, but only just physically.

Unfortunately, many people only learn about the importance of security after experiencing a loss or hack Sad

. It's essential to prioritize security when dealing with Bitcoin, rather than focusing solely on earning more BTC.

pooya87

legendary

Activity: 3444

Merit: 10537

Quote from: virasog on April 25, 2023, 06:59:39 PM

The reason i said this because newbies are well aware and used to access the websites which are accessed by passwords only. You can see the OP example where he loses the funds from Coinomi wallet and it is most probably because he was not able to safe guard his private seed (though he do not admit his mistake)

That makes more sense. Although I still wouldn't call it "the best" but I can see the benefit of using a custodial account for certain types of people who have a hard time using things that are different. But only as long as they see it as the transitional wallet, something they use first but are planning on moving on from it to a better solution.

virasog

legendary

Activity: 2954

Merit: 1159

Quote from: pooya87 on April 20, 2023, 01:36:31 AM

Quote from: Z-tight on April 20, 2023, 04:18:00 AM

The best bet for the Newbies is to use a centralized exchange and / or centralized wallet which is controlled by the password and 2fa.

People should never sacrifice security for convenience even newbies. The centralized exchanges and in general all custodian accounts are very risky to use regardless of how convenient they may look like. There are countless cases of exchanges being hacked, accounts being shut down for no reason, exchanges scamming their users and running away, etc. No amount of password and 2FA can save you from it.

The best bet for the Newbies is to use a centralized exchange and / or centralized wallet which is controlled by the password and 2fa. Newbies know this stuff and until they learn about the seed phrases, wallets, and stuff the best option would be the centralized wallets.

No, this is not a recommended advice to give to newbies, if newbies start storing their funds in a centralized exchange, it will be hard for them to stop it, and before you know it they could have a large amount of funds stored in a centralized exchange, which is not safe for them, centralized exchanges gamble with users money, they can be hacked or they can even confiscate users funds without any notice. Newbies can start with a wallet like Electrum, it is so easy to use and they will have their seed phrase, though it is a hot wallet, but with time they will learn how to set up and use an airgapped computer in a safe enviroment or use a hardware wallet easily.

Z-tight

hero member

Activity: 854

Merit: 1031

Only BTC

pooya87

legendary

Activity: 3444

Merit: 10537

Quote from: PX-Z on April 09, 2023, 06:55:13 PM

The best bet for the Newbies is to use a centralized exchange and / or centralized wallet which is controlled by the password and 2fa.

virasog

legendary

Activity: 2954

Merit: 1159

I just read this thread and it's very unfortunate. I used coinomi wallet although i don't store large funds there but i have never been hacked even on other wallets that is "closed-source" i used and currently using.
So in this case the problem i only see is the users' device, or the way or where the backup seed is saved.

The problem is most probably with the user's carelessness and then blaming the Coinomi wallet not build upto the standard.
No matter the wallet is closed source or open source, we need to know the basis on how to keep our wallet safe and unfortunately most people in the crypto world don't know the basics.

Quote from: Z-tight on April 13, 2023, 11:34:52 AM

Quote from: Pmalek on April 10, 2023, 08:54:47 AM

A properly airgapped computer has no internet access or contact with anything else that does. Everything you do remains in that local (much harder to penetrate) environment.

You are correct, but to properly set up an arigapped wallet in a completely safe enviroment is hard for newbies to do, and they can easily mess up and lose their funds, hardware wallets are easier for them to use correctly. I have even seen someone suggesting using an airgapped computer that is only connected to the internet once in a while Roll Eyes

, once connected to the internet it really isn't airgapped anymore, so on that note i think there is more work to be done generating and using an airgapped wallet than a hardware wallet.

For newbies, even a hardware wallet may not be suitable unless they know how to use it. The best bet for the Newbies is to use a centralized exchange and / or centralized wallet which is controlled by the password and 2fa. Newbies know this stuff and until they learn about the seed phrases, wallets, and stuff the best option would be the centralized wallets.

Pmalek

legendary

Activity: 2730

Merit: 7065

Farewell, Leo. You will be missed!

Quote from: Z-tight on April 13, 2023, 11:34:52 AM

In truth, It's not something that newbies should do. Airgapped systems are for the more advanced userbase. Beginners will be safe enough if they move their coins from centralized exchanges (or don't use them to begin with), are careful what they click/download/give permissions to, and use a hardware wallet from a top manufacturer. They can slowly improve their knowledge with time and if they want to.

Quote from: Z-tight on April 13, 2023, 11:34:52 AM

I have even seen someone suggesting using an airgapped computer that is only connected to the internet once in a while Roll Eyes

, once connected to the internet it really isn't airgapped anymore...

That's like saying I am a virgin because I only have sex once a week. I am a 100% virgin during the other days, though.

Z-tight

hero member

Activity: 854

Merit: 1031

Only BTC

Quote from: Pmalek on April 10, 2023, 08:54:47 AM

A properly airgapped computer has no internet access or contact with anything else that does. Everything you do remains in that local (much harder to penetrate) environment.

, once connected to the internet it really isn't airgapped anymore, so on that note i think there is more work to be done generating and using an airgapped wallet than a hardware wallet.

Quote from: virasog on April 09, 2023, 06:34:24 PM

I don't think it is a pandora box but a reality. How many times it is our near and dear ones who took away our money and we blame the software company developing the wallet to be not up to the standards?

I believe if you cannot trust your spouse with your seed phrase or very important things, you both should not be married at all.

Pmalek

legendary

Activity: 2730

Merit: 7065

Farewell, Leo. You will be missed!

Quote from: Z-tight on April 06, 2023, 10:55:35 AM

Properly generated and stored airgapped wallets are even safer than hardware wallets. You still have to have some trust in the device manufacturers and their abilities to not mess up. If they are closed-source, like the biggest hardware wallet seller is, you need even more trust. Remember the recent case with OneKey hardware wallets and how their team messed up.

A properly airgapped computer has no internet access or contact with anything else that does. Everything you do remains in that local (much harder to penetrate) environment.

PX-Z

hero member

Activity: 1428

Merit: 836

Top Crypto Casino

virasog

legendary

Activity: 2954

Merit: 1159

Quote from: Z-tight on April 06, 2023, 10:55:35 AM

It all makes more sense now why a hardware wallet is far safer to all these software wallets.

Hardware wallets are safe because the keys are stored offline, any software wallet that the keys are generated offline and the wallet software kept in an airgapped device that would never be connected to the internet is as safe as a hardware wallet. Protecting your backup is also very important, and it does not matter the wallet that is used, if your recovery phrase is stolen, your money would be stolen.

Quote from: Z-tight on April 06, 2023, 10:55:35 AM

Next time, don't dump all your savings in a single wallet

Using a multisig wallet or more than one wallet is good and safer, but you have more backups to protect.

No matter whether you have a hardware wallet or software wallet, you need to protect it, and keep the seed phrases safe and at a secure place. Even if you got a hardware wallet and someone in your home has access to the seed phrase and the wallet itself, anything can happen.

and if I may ask, does your wife have any idea about your PSW or seed phrase?

Hey, do not open a pandorax box here Cheesy

Z-tight

hero member

Activity: 854

Merit: 1031

Only BTC

It all makes more sense now why a hardware wallet is far safer to all these software wallets.

Next time, don't dump all your savings in a single wallet

Using a multisig wallet or more than one wallet is good and safer, but you have more backups to protect.

Quote from: virasog on March 24, 2023, 09:10:05 AM

and if I may ask, does your wife have any idea about your PSW or seed phrase?

Hey, do not open a pandorax box here Cheesy

Mame89

sr. member

Activity: 1512

Merit: 418

Why is it that every time a person losses his fund from a personal wallet, he makes the owners of the wallet company scam and responsible for his / her? Most of the time people lose money by their own carelessness but they try to put the blame on others that the wallet is not secure and other things which are not true.

No one will take anyone's loss, therefore we need to protect our assets and protect our wallets by ourselves. Nothing would be benefit by blaming others.

agree with your opinion, because the security of a wallet or trading account in the crypto market can occur and may be caused by security failures on the platform used. However, in some cases, hacking can occur due to the trader's own fault. Like Phishing, it is sometimes our fault that we are always careful and not thorough when providing personal information online or through suspicious emails.

As a trader, it is very important to take proper security measures to protect accounts and crypto assets from hacking attacks. By paying attention to this security, we can minimize the risk of losses caused by hack attacks or the like.

Lida93

hero member

Activity: 728

Merit: 512

Quote from: virasog on March 24, 2023, 09:10:05 AM

It all makes more sense now why a hardware wallet is far safer to all these software wallets. Situations like this one are very complicated in actually pointing a finger on where the compromise emanated from either from OP or coinomi. Sometimes these computer's we use for our wallets could generate a malware unknown to the owner or at one point we might have click on an unsuspecting link or ads unknowingly or it could have been a security breach on the part of Coinomi (which is rare) or maybe OP PSW wasn't strong enough. Like the more the hints on the issue the more it keeps getting complicated as both OP or Coinomi ain't even ready to take responsibility for the loss funds.

Next time, don't dump all your savings in a single wallet and if I may ask, does your wife have any idea about your PSW or seed phrase?

Z-tight

hero member

Activity: 854

Merit: 1031

Only BTC

No one will take anyone's loss, therefore we need to protect our assets and protect our wallets by ourselves. Nothing would be benefit by blaming others.

When people's wallet gets hacked and their funds are stolen, at that immediate time they are usually very confused and since they do not know what exactly happened, they blame the software or hardware wallet they used to store their money, this is because many people who own crypto today do not even know how to store it in a safe enviroment, they wrongly think it is the software or hardware wallet they use that secures their funds, they do not know their funds are only safe through their actions.

Pmalek

legendary

Activity: 2730

Merit: 7065

Farewell, Leo. You will be missed!

Quote from: Pezroly on March 23, 2023, 01:13:03 PM

This is very strange.
"Someone can only access your coins if; - He has access to your recovery phrase/private keys. - If he has access to your device and knows your app password."

I guess you mean it's strange that the OP claims Coinomi is somehow at fault for his coins being stolen. If not, let's analyze those support comments. I didn't read the sources, so I am only focusing on the parts you highlighted.

There is nothing strange about what the source says. Whoever has the seed or private keys can remotely access and spend whatever coins are stored in the corresponding addresses. If someone gets hold of your phone where you have Coinomi installed, he can open the app without a password. However, if he wants to make a transaction, he needs to enter the password. If he wants to see the seed or make account changes, he also needs a password.

virasog

legendary

Activity: 2954

Merit: 1159

Quote from: Pezroly on March 23, 2023, 01:13:03 PM

This is very strange. From Coinomi support - https://coinomi.freshdesk.com/support/solutions/articles/29000009711-if-a-hacker-penetrates-your-servers-will-he-steal-my-coins- - "Someone can only access your coins if; - He has access to your recovery phrase/private keys. - If he has access to your device and knows your app password." - https://coinomi.freshdesk.com/support/solutions/articles/29000013344-can-a-thief-hack-bruteforce-my-stolen-lost-device-and-spend-my-funds- - "Coinomi is a security-first wallet, it has been around since 2014 and no user wallet has ever been hacked or otherwise compromised, and that is for a reason."
Maybe you have serious malware or keylogger in your computer. Try to scan your computer with good antivirus software and also Malwarebytes software from here https://www.malwarebytes.com/.

Pezroly

jr. member

Activity: 67

Merit: 8

sheenshane

legendary

Activity: 2366

Merit: 1206

Quote from: Pmalek on March 21, 2023, 10:00:56 AM

Quote from: Z-tight on March 20, 2023, 04:01:41 PM

I don't know any wallet that can be held responsible for the actions of its users, open or closed-source. If Coinomi (or any other wallet for that matter) was stealing money left and right, you would have hundreds of people finding this forum the same way OP did and sharing their stories of waking up one day and noticing all their crypto was gone. But we don't have that.

Mostly some cases that I've heard in Coinomi wallet are that frustrating with huge fees but not losing their fund or being scammed.
It might difficult to hold their developers or providers liable for any loss of funds (even any wallet, an open-source, close-source, and even software wallet). Without access to the source code, it can be challenging to prove any wrongdoing on their part or determine if any vulnerabilities in the code led to the loss. As also many we can see that most wallets will include disclaimers in their terms of service to protect themselves from liability in case of a loss.

Quote

I think the most nefarious client that is often mentioned in the scam accusation board is Freewallet.

Worst than the Coinomi wallet and I tend to agree with this.

Pmalek

legendary

Activity: 2730

Merit: 7065

Farewell, Leo. You will be missed!

Quote from: Z-tight on March 20, 2023, 04:01:41 PM

Z-tight

hero member

Activity: 854

Merit: 1031

Only BTC

Quote from: Wind_FURY on March 15, 2023, 04:19:47 AM

or if Coinomi was a nefarious entity that steals private keys themselves like what OP is giving that impression. Because if it's true/proven, then they are legally liable.

How do you hold them liable or prove it, they are closed source and you cannot verify their codes or check if they did something behind the scenes that caused the loss, so there is no case to even begin with. And i am sure their terms of service would read that they are not "liable for any customers loss", these companies know things like loss of funds and assets would happen, so do not think they will leave themselves exposed, they can defend themselves easily, that's why it is better to protect your funds than to be in this "helpless" situation.

Pmalek

legendary

Activity: 2730

Merit: 7065

Farewell, Leo. You will be missed!

Quote from: DaveF on March 12, 2023, 08:26:23 AM

Actually it's in the ToS that nobody reads. And stated a few other times & places. More or less it boils down to 'we are not responsible for anything'...

That's right. You can find the same things in the terms of centralized exchanges. They use a few different ways for how they call it. For example, "unforeseen circumstances" or "extraordinary situations". Getting your wallet/account hacked is considered an extraordinary situation because the service provider can't do anything about the way you handle your security.

Quote from: aylabadia05 on March 14, 2023, 12:21:20 AM

...there are also software wallets that provide good security such as Electrum.

Electrum's cold wallet feature is a good solution. Using Electrum as a hot wallet isn't such a security upgrade if you don't know what you are doing. We don't know how OP lost his coins. Whatever he did with Coinomi, he could have in theory also done with Electrum with the same outcome.

Wind_FURY

legendary

Activity: 2898

Merit: 1823

The thing with software wallets is that there's always a chance of a private key leak simply due to the fact that your wallet's private keys were generated through your computer/mobile device. And add the fact that it's closed source? We have no idea how secure the wallet app is.

Next time, grab a hardware wallet.

I believe it's more probable that OP was a victim of a phishing attempt, or his/her computer was hacked, than Coinomi software had a private key leak, or if Coinomi was a nefarious entity that steals private keys themselves like what OP is giving that impression. Because if it's true/proven, then they are legally liable.

aylabadia05

hero member

Activity: 1470

Merit: 755

Quote from: hosseinimr93 on March 06, 2023, 09:43:14 AM

What to say if the kite has broken the rope that causes it to be lost to the wind. It is not the wind's fault that the kite broke, but that the string was not strong enough.

The three possibilities mentioned by hosseinimr93 are very accurate. In storing assets, please make sure that the source of the wallet has nothing to do with them regarding the seed phrase.

1. It's possible that you used a weak password and someone was able to brute-force it.
2. It's possible that someone had access to your seed phrase.
3. It's possible that your device was compromised.

Storing assets for the future, why not spend a little money to buy a hardware wallet to be truly secure, although there are also software wallets that provide good security such as Electrum.

hosseinimr93

legendary

Activity: 2380

Merit: 5213

Quote from: virasog on March 13, 2023, 12:43:16 PM

Do you think coinomi themselves stole these funds because it is closed source and they can get access to keys or anything ?

There is no way to know that. We don't know whether they have access to users keys or not.

Quote from: virasog on March 13, 2023, 12:43:16 PM

The coinomi wallet is being used by so many people and they have a name in the market. They would not stole people funds, as if they do, they will have a bad reputation and people will stop using this wallet.

Being used by many people doesn't mean that's safe. Visit the following topic and see how a vulnerability caused a coinomi user to lose all his money.
WARNING - Coinomi Wallet CRITICAL Vulnerability Made Me Lose My Life Savings

Quote from: virasog on March 13, 2023, 12:43:16 PM

I guess there may be fault at the OP end which made him lose all his money.

This is the most probable case.

Agbe

hero member

Activity: 854

Merit: 1246

Quote from: hosseinimr93 on March 06, 2023, 09:43:14 AM

Op did you login your wallet in another person's device which you forgot to logout? Even though coinomi is a close source wallet I don't think they took your Coins back to themselves but I am suspecting someone very close bto you did it. Normally wallet password is always in the brain and it is not written down on paper except the seed phrase which is very long to memorize. I believed it was your carelessness make the person to transfer the coins to his or her wallet.
I have heard such similar story ina family, a boy took his mom phone and transfer $20 to his account and delete the debit alert from the mother's phone so that she would not know that he took the money from her account, and finally he was caught on other times. So I am trying to also think from that angle too that someone you know might have used your device to do the transfer and returned or dropped it the way it was so you wouldn't notice.

virasog

legendary

Activity: 2954

Merit: 1159

Coinomi is a close-source wallet and we don't know how the keys are generated and whether they have access to users keys or not.
Take note that this doesn't mean they have definitely stolen you fund. There can be many other reasons.

1. It's possible that you used a weak password and someone was able to brute-force it.
2. It's possible that someone had access to your seed phrase.
3. It's possible that your device was compromised.

Even if they have stolen your fund, it's still your own fault. Because you used a close-source wallet.

Do you think coinomi themselves stole these funds because it is closed source and they can get access to keys or anything ?

The coinomi wallet is being used by so many people and they have a name in the market. They would not stole people funds, as if they do, they will have a bad reputation and people will stop using this wallet.

Another argument can be that they stole from this one wallet which may have contain billion or trilions of dollars, i don't think anyone's retirement saving can be something so big that coinomi decided to scam. I guess there may be fault at the OP end which made him lose all his money.

DaveF

legendary

Activity: 3458

Merit: 6231

Crypto Swap Exchange

Quote from: pooya87 on March 12, 2023, 12:44:42 AM

Quote from: doomloop on March 10, 2023, 03:49:09 AM

Regarding Coinomi, it's not uncommon for wallet providers to disclaim responsibility for lost funds, especially if the funds were not stolen due to a flaw in the wallet software or the company's infrastructure. So what they said is all they can do actually.

That only works for open source software that is released under certain licenses such as MIT that ensures the developers aren't liable for any "damages". But for a closed source software that we can't even verify where the vulnerability was that led to the loss, it should not work although the companies behind them will make it work.

Actually it's in the ToS that nobody reads. And stated a few other times & places. More or less it boils down to 'we are not responsible for anything' and although not with Coinomi specifically similar ToS it have made it though the courts in a few places and so long as it was not hidden and mentioned several times it's been upheld. Nobody is making you closed source software with an iffy reputation. Nobody is making you not use a hardware wallet / multisig wallet. Nobody is forcing you to store your funds in a hot wallet. And so on.

Perhaps a bit harsh, but in the end it's what it comes down to.

-Dave

pooya87

legendary

Activity: 3444

Merit: 10537

Quote from: doomloop on March 10, 2023, 03:49:09 AM

bettercrypto

sr. member

Activity: 1316

Merit: 268

★Bitvest.io★ Play Plinko or Invest!

It's sad what happened to you, as everything in your coinomi wallet was drained? How long have you been using that wallet? Are you new to coinomi?

in that situation, it's a bit stressful on your part, since you're retired, that means you're old enough, I hope you're okay after things like that happen to you, I also hope that if you save crypto, it's good to just buy a hardware wallet or use you of Electrum wallet.

doomloop

hero member

Activity: 2268

Merit: 581

Quote from: Lucius on March 08, 2023, 07:56:18 AM

I'm sorry to hear about your loss, I can understand how stressful and saddening that can be.

Regarding Coinomi, it's not uncommon for wallet providers to disclaim responsibility for lost funds, especially if the funds were not stolen due to a flaw in the wallet software or the company's infrastructure. So what they said is all they can do actually.

You need to always do your due diligence and research a wallet provider before trusting them with your funds. Look for wallets that have a proven track record of security and have been audited by third-party security experts. Also, consider using hardware wallets, which are generally considered to be more secure than software wallets, as they store your private keys offline.

taufik123

legendary

Activity: 2464

Merit: 1703

airbet.io

I probably have some coins in old Electrum wallets, but regardless of caution and premium AV protection and the fact that I do not use the computer for any risky activities, I would still not recommend anyone who has a choice to keep more than what they are ready to lose in any hot wallet. We are aware of some dangers such as clipboard malware or fake wallets, but the bad guys who try to steal our coins never sleep and we can never know when they will find some vulnerability in Windows OS or Electrum itself.

The danger of malware is always lurking when the device is used for activities on the internet.
But for the use of the electrum wallet on the device that I use, it is only a second wallet or wallet to receive payments from signature campaigns and some other payments, not a main wallet.

I am aware that Electrum's vulnerability also depends on how we use the device.
I also always separate the Seed wallet from the device used and the storage I use for Offline seeds is not connected to any internet and also in physical form.

Pmalek

legendary

Activity: 2730

Merit: 7065

Farewell, Leo. You will be missed!

A lot of more information could have been added to the OP.

- Was it Coinomi mobile or the desktop version?
- What activities is the device with the wallet used for?
- You said you were retired. Can we assume you are +60? How good are you with general online security, and do you know how to protect yourself?

Quote from: Justtoons on March 06, 2023, 09:54:18 AM

But did you keep your seed phrase in a safe location, how sure are you that only you have access to it.

The questions were already answered in the OP. He/she said that the seed is kept in a safe and only OP can access it.

Quote from: Justtoons on March 06, 2023, 09:54:18 AM

My advice is that you should create a new wallet and this time use a much stronger password.

I hope you don't mean a new wallet on Coinomi. I wouldn't use any software wallet for money I consider my "retirement funds". Go for a quality hardware wallet or an airgapped system. Sadly, it's too late to do anything about it for OP regarding the coins that disappeared.

Quote from: taufik123 on March 06, 2023, 11:10:00 AM

and Electrum is the answer, more secure and free and Open Source.

That depends on how you use it. The mobile app or Electrum on desktop as hot wallet are still vulnerable software wallets. Its open-source nature isn't going to protect you from getting hacked if you make a serious mistake. However, Electrum as a cold wallet is one of the best options there are.

Lucius

legendary

Activity: 3220

Merit: 5634

Blackjack.fun-Free Raffle-Join&Win $50🎲

Quote from: taufik123 on March 07, 2023, 09:47:02 PM

I keep some assets in Electrum Windows and it's still safe, as long as users can keep themselves safe and use premium antivirus protection.

taufik123

legendary

Activity: 2464

Merit: 1703

airbet.io

Quote from: NotATether on March 07, 2023, 02:56:44 AM

Why are people with thousands of dollars in cryptocurrency still chasing airdrops that will only give you $5 dollars. Is it really worth the risk (let alone the gigantic waste of time it is)?

If you ask why are people with thousands of dollars in cryptocurrency still chasing airdrops? The answer is of course because some airdrops provide sizable incentives. Airdrops don't just do tasks share, like and fill out assignments and get a $5 reward.

Currently, some of the airdrops are quite hidden, those who try Tesnet on a new network, try a new platform, and make some transactions have a chance to get an airdrop for early adopters. We all already know about the UNISWAP, 1INCH, ENS airdrops, and several new airdrops for NFT users, namely BLUR, they get thousands or even hundreds of thousands of dollars from the airdrop.

For those who don't understand how to get the jackpot on multiple airdrops it might seem like a waste of time, but they do some research first. Because many of my friends (including me) get several airdrops that can replace all the gas fees used for conducting trials etc.

Quote from: NotATether on March 07, 2023, 02:56:44 AM

Don't store any cryptocurrency on Windows. Not even Linux if it is running inside a Windows host.

I keep some assets in Electrum Windows and it's still safe, as long as users can keep themselves safe and use premium antivirus protection.
I also use Hardware Wallet as the main storage and it is not connected to other devices.

gunhell16

sr. member

Activity: 1666

Merit: 453

Based on what I discovered here at coinomi, although it has been around for a long time in the crypto space, it seems that there have been many issues with these wallet apps that have not solved the problems of their users.

According to the Trustpilot review, the latest negative feedback here was only last February 2023, and even every month of the last year 2022, coinomi has issues with its users from January to December, no issues have been resolved and those that are not beautiful and can be a reason for anyone to stop using it in this community.

Coinomi Unresolved issues

DaveF

legendary

Activity: 3458

Merit: 6231

Crypto Swap Exchange

Quote from: NotATether on March 07, 2023, 02:56:44 AM

Don't store any cryptocurrency on Windows. Not even Linux if it is running inside a Windows host.

How about this instead:

Don't store any cryptocurrency that you cannot afford to loose on ~~Windows~~ ANY DEVICE CONNECTED TO THE INTERNET WITHOUT A HARDWARE WALLET. Not even Linux ~~if it is running inside a Windows host~~ is secure against everything and if you do something wrong because you were not fully paying attention since you have done it a hundred times before, no matter how secure you think you are your crypto is gone.

Telling people to use this OS vs that may help in the desktop environment, but it still comes down to the user.

If you are not familiar with linux / windows / mac OS an older un-patched un-secured version of an OS you know may actually be more secure then one you don't since you are not trying to figure something out while trying to move money around.

-Dave

Ben Barubal

member

Activity: 476

Merit: 16

Eloncoin.org - Mars, here we come!

What was your issue with coinomi? apart from the fact that your assets were drained on February 14 2023? You didn't recover it? have you reported this to coinomi support? As far as I know, this coinomi has been around for a long time.

But I think there are a lot of people complaining here at coinomi because last year there were a lot of people who used this app and most of them didn't get their assets out and others made deposits but what they deposited didn't arrive at the address they gave. And the other is that the support does not even care about the concern issues of its users.

rat03gopoh

hero member

Activity: 2002

Merit: 633

Your keys, your responsibility

Quote from: taufik123 on March 06, 2023, 11:10:00 AM

The password was in my head not on paper.

Is that a series of words that are easy to guess? Then it's useless. Btw, the seed phrase can also be seen on the settings page right? simply use a password to access it (or biometrics if you enable it). As I recall, Android devices can add multiple biometric IDs. If in fact there is other IDs on your device, I don't think you need to suspect it's a malware attack, wallet vulnerability, or other online attacks.

NotATether

legendary

Activity: 1568

Merit: 6660

bitcoincleanup.com / bitmixlist.org

Apart from that, other methods such as phishing dApps pages are usually found in several airdrops which require connecting using dApps and finally the hacker has control over the wallet. To be able to overcome these hacking attempts, you can Revoke several suspected dApps.
https://study.bitkeep.com/en/?ht_kb=dapp-authorization-scam

Why are people with thousands of dollars in cryptocurrency still chasing airdrops that will only give you $5 dollars. Is it really worth the risk (let alone the gigantic waste of time it is)?

PS.

Don't store any cryptocurrency on Windows. Not even Linux if it is running inside a Windows host.

dkbit98

legendary

Activity: 2212

Merit: 7064

Cashback 15%

Quote from: hosseinimr93 on March 06, 2023, 10:34:21 AM

Sorry, but this is ultimately your own fault, this is a hot wallet and there is always a risk that something gets leaked if you are not careful.
I bet if I scanned your device used for installing Coinomi (probably with wInD0ws OS) that I would find several malware, or software that records what you type.
That is why people invented hardware wallets and that is why they are using airgapped devices.
On top of everything, Copinomi is closed source software, it's mistake using closed source Bitcoin wallets.

Rigon

sr. member

Activity: 994

Merit: 441

Op are you sure that your seed phrase was very safe? I don't think so. Maybe someone stole from you. Which you don't think at all. I have never used the wallet you used. But why did you set such a weak wallet for your hard earned money. You should better choose a secure wallet and keep your funds there. This case of yours seems really sad to me.

DaveF

legendary

Activity: 3458

Merit: 6231

Crypto Swap Exchange

Quote from: S A KHAIR on March 06, 2023, 10:26:21 AM

It's hard to tell if it's their fault or yours,

It's OP's fault.
Even if there was a vulnerability or a backdoor caused OP to lose the fund, it's still OP's fault that he/she used a close-source wallet while there are many good open-source wallets.

Closed / open does not matter when you get to the fact that crypto was stored in an online hot wallet.
As I have said dozens of times. I use Coinomi on my phone, I know it's unsafe. But, on that note so is electrum on my phone, and desktop because wait for it.....it's a hot wallet on an internet connected device.

Any real funds are stored offline and secured with hardware.

-Dave

Lucius

legendary

Activity: 3220

Merit: 5634

Blackjack.fun-Free Raffle-Join&Win $50🎲

The wallet was drained on Feb 14th.

Then you didn't really have a happy Valentine's Day - but someone else obviously had a smile on their face...

The password was in my head not on paper. The seed phrase was on paper in a safe which only I have access to.

Has the password ever been written down on paper or anywhere online? In any case, keeping such information in your head is a bad option, not only because you can forget it naturally, but also because of a possible head injury. Are you sure only you had access to the safe?

Coinomi denies all responsibility and basically says too bad so sad. My wife and I are retired, the wallet held our "safe" retirement cash savings. Stay away from this wallet.

What else do you expect them to say? No matter how much you think it's the wallet's fault, it's hardly an inside job - because if there was any vulnerability, hundreds or even thousands of wallets would be emptied. No matter how you look at it, you and your wife should have been much smarter and informed yourself first, and if you had done that, maybe this wouldn't have happened.

taufik123

legendary

Activity: 2464

Merit: 1703

airbet.io

Private key leak due to user negligence and the device used is infected with malware or trapped on a phishing website which requires entering the private key. Quite often such hacks happen, even I also get a lot of spam emails that redirect to phishing websites.

and what becomes even more dangerous is when the address or wallet that we have is exposed to a dusting attack and has been marked and sent with several foreign coins that cannot be traded.
https://en.wikipedia.org/wiki/Dusting_attack

Apart from that, other methods such as phishing dApps pages are usually found in several airdrops which require connecting using dApps and finally the hacker has control over the wallet. To be able to overcome these hacking attempts, you can Revoke several suspected dApps.
https://study.bitkeep.com/en/?ht_kb=dapp-authorization-scam

Quote from: hosseinimr93 on March 06, 2023, 10:00:39 AM

Next time, grab a hardware wallet.

Highly recommended, but choose a hardware wallet that is really suitable because there are currently various types of hardware wallets available.

and Electrum is the answer, more secure and free and Open Source.
If really want to use a Multi-Wallet, then the last, safest choice is a Hardware wallet

Quote from: hosseinimr93 on March 06, 2023, 10:00:39 AM

It may worth mentioning that even if you use a trustworthy open-source wallet an an online device, your fund isn't still completely secure. Any online device is prone to hacking.

Every online device will still have the risk of hacking.
Besides that, the user's vigilance and how he keeps his wallet safe also matter.
No matter how secure the user is, the loss of assets may occur.

laurenB7742

full member

Activity: 1302

Merit: 128

Vaccinized.. immunity level is full.

Quote from: Cantsay on March 06, 2023, 10:09:02 AM

My condolences for your loss, I hope you didn't invest all your savings in bitcoin and store them with Coinomi. Although Coinomi is a closed source wallet, you shouldn't immediately blame them as it is possible that your computer was hacked or you accidentally leaked the seed phrase.
If you don't have any proof, then you can't do anything and they won't have any liability to you. Not only stay away from Coinomi wallet, but you should stay away from all closed source wallets, better buy a hardware wallet.

hosseinimr93

legendary

Activity: 2380

Merit: 5213

And I know alot of people have suggested that you go get a hardware wallet but if can't afford a hardware wallet you should look for a reputable open source wallet and we have Electrum as an example.

It should be noted that electrum can provides the same security as a hardware wallet only if it's used on an air-gapped device. Otherwise, it would be still a hot wallet and prone to hacking.

Quote from: S A KHAIR on March 06, 2023, 10:26:21 AM

It's hard to tell if it's their fault or yours,

S A KHAIR

full member

Activity: 952

Merit: 108

1xBit recovered their reputation

It's hard to tell if it's their fault or yours, sometimes, you keep your password and seed phrase safe, but the chance of your device getting a virus is also possible. But you were careless in the beginning, you should get yourself a hardware wallet instead of using online software wallet frequently.

Cantsay

hero member

Activity: 700

Merit: 541

Top Crypto Casino

Op sorry for your loss. It's never a good thing to use a closed sourced wallet because you never know if there's a backdoor for devs to look into your account and steal your funds. And I know alot of people have suggested that you go get a hardware wallet but if can't afford a hardware wallet you should look for a reputable open source wallet and we have Electrum as an example.

Another thing you should consider aside from the type of wallet is how you keep your secret phrase. How sure are you that your private key or secret phrase never got exposed? Did you at anytime input your key into any online service? And since you said you didn't write it down so they'll be no way for someone outside you and your wife to know it except your system was infected with malware that steal information.

m2017

legendary

Activity: 1792

Merit: 1296

keep walking, Johnnie

Quote from: Justtoons on March 06, 2023, 09:54:18 AM

Any such loss is an occasion to grieve. But there is nothing to fix and not return. Try to use other, safer crypto storage methods next time. You have already been advised to use a hardware wallet, so I will not repeat myself. Can you tell me how much money was in your wallet? If this is a significant number, then why didn't you think about buying HW devices? Also, I agree with the rest of the comments above that the cause of the loss is not necessarily the Coinomi. Too little information to draw such a conclusion and be sure. Perhaps you yourself made a mistake somewhere or the attackers who hacked turned out to be very lucky. In general, more evidence is needed to identify the culprit.

Plaguedeath

hero member

Activity: 672

Merit: 557

It's a very very low chance if Coinomi's developer is steal your coins, I believe the fault was from your side for clicking random link, downloading unknown apps, using crack or mod apps etc. You need to know when you're installing any apps on your device, those apps often ask for permissions to access your device, like your album. If you've screenshot your seed phrase, they're already know your seed phrase since they can spy your album.

hosseinimr93

legendary

Activity: 2380

Merit: 5213

My advice is that you should create a new wallet and this time use a much stronger password.

No. OP shouldn't use Coinomi anymore and should go for an open-source wallet.
As I already said, coinomi is close-source and even if you use a strong password, there is no guarantee that your wallet is safe.

It may worth mentioning that even if you use a trustworthy open-source wallet an an online device, your fund isn't still completely secure. Any online device is prone to hacking.

Justtoons

jr. member

Activity: 70

Merit: 5

Bet2Dream.com

Quote from: Macadonian on March 06, 2023, 09:45:28 AM

Coinomi either has a weak process or poor security or when you were accessing your wallet your computer might be compromised and they used a keylogger or malware to get the password of your wallet and logged into it. Are you sure that your computer is secure?

I'm so sorry for your loss.maybe the wallet was hacked using malwares. But did you keep your seed phrase in a safe location, how sure are you that only you have access to it. What about your house how many of you are living there. My advice is that you should create a new wallet and this time use a much stronger password.

Macadonian

sr. member

Activity: 467

Merit: 578