Topic: Currently dealing with the worst day of my life in crypto - page 2. (Read 519 times)

Yep, the one where they add you to fake groups without your permission is probably the most popular way to get scammed on Telegram, and yet again it happens because that option is enabled by default, same like it is for automatically downloading files. And as we know, new users rarely bother to check apps thoroughly.

These two options being enabled by default never made much sense to me, especially since Telegram is privacy oriented chatting platform (or at least they claim to be) and its the cause of like 90% of the Telegram scams.

First of all, so sorry to hear that, and you share this very valuable experience with us all here,
It is risky enough to click any kind of link moreover given by an unknown or someone else. This actually has been happening several times to some people, getting hacked because of the fake link, phishing, and others.
This is actually a bad experience, but this can really teach us how to be wiser and also more careful.
Once more, this is a worthy lesson for us to be more careful and never click any link, promotion, or others if we are doubtful and don't know enough about the source of the link, better to avoid

It should be general knowledge that you do not open an unknown file on the same device you are holding your fortune on.  You either do not open it at all or you use another device or a Virtual Machine in the worst case to see what is up with it.  Particularly when this file is received through Telegram.

Unfortunate, but you fell for it and all you can do now is learn.  Learn to take more care of your valuables.  Do not mix Cryptocurrency wallets with unknown files.

-
Regards,
PrivacyG

Sorry for your loss, this is a costly lesson for you. This isn't a new hacking method but it's too late for you. The device you are using to store cryptocurrency should keep secure from the unknown file. That's how hackers take access to your wallet and funds. It's better always to store cryptocurrency in a hardware wallet. I always prefer that for good practice. Don't be hopeless, you can earn if you are alive. A few accidents tech is a lot of things. Just start from the beginning and be careful.

No matter how careful you are you can't always escape every form of scammers trap, there will be few you knew nothing about, scammers always find a less popular ways of scamming people, just move on mate, God is your strength.

Sorry to hear about it my friend, i can't image how you are feeling right now 
It could happen with Metamask wallets but not with ledger ? Thanks for sharing from your experience, it might just save someone one day from getting hacked himself.
Sending positive vibes 

$12,000 is a huge amount. It took me a long time to raise that kind of money. It is indeed sad to lose such a lot of money. You can be sad you can regret it but it's already happened you can't turn back the clock. At least this article lets you and I know that PDFs can also carry viruses. Even I just found out today. I as a worker dealing with documents became a little scared.
So far I don't want to experience, but is there a way to detect PDF files followed by viruses like this?  Of course I am very curious. Hopefully, friends here can share the easiest and cheapest way.

Sorry for what has happened to you I understand how it is like losing a huge amount of money like, this that you have worked for all this years. Don't loose hope , I believe your hard work will still give you more . Your experience will guild you from making another mistake like this and it will also help other to learn from it to avoid mistake of this kind .

It's hard to read your story because it's saddening and I've felt your frustration. I'm very sorry for what has happened to you. It's really important to invest in a hardware wallet, whether it's Trezor, safepal, keepkey or a Ledger wallet to secure our crypto life savings.

Yes, it's happened there whether it's PC or laptop, they're just the same. These hackers have been creative in doing their robberies. So, everyone has to be careful and mind to take care of their funds through a hardware wallet or anything you know as long as it's safe in your opinion.

I'm guessing this happened on a PC, sigh! Its always the PC, there are many ways to fall victim to hackers on a PC than on other devices out there, the PC is just too complicated when it comes to trying to stay safe and out of trouble, my advice is never to use a PC for crypto wallets at all .

Telegram is risky as well as useful at the same time so we need to be extra careful while dealing with the third person whom we don't know personally as this is pure risk dealing and you need to have all the safety measures.There are number of telegram scam cases like adding you to some fake groups and now this auto download.So for those who don't know how to turn it on here is the procedure for you all

For not being added in any group without your permission:

Telegram>Privacy and security> Groups>Who can add you to group> My contacts

You can add exception to these cases anytime

For turning off the auto download meadia features as sometimes it is by default on in Telegram:

Telegram>Settings>Data and storage> Auto download media turn off on mobile as well wifi network


This is sad to hear about that despite being aware about these crypto scams you unintentionally fall victim of it losing your hard earned money worth $12k and know how hard this must be for you at this time.But these scammers are always trying to find an opportunity which they gained in your case with this phishing PDF file and having access to your metamask wallet draining out the funds out of it.

Recently as per reports the number of phising PDF scams have grown drastically over the past two years as scammers are finding out the new ways to make the fool of people.Mostly they are carried out by redirecting you to some fake websites and giving the hackers full control at the backend like installing some keylogger malwares and other virus that can access your files over the system.As per study these scams are classified into various types according to their percentage as follows:



You see they have various ways to make you fool like by verify the captcha and other ways.As you said it was Screen saver scam so the hackers just sent you clickable pdf which was gaining access to your system and funds were withdrawn.

Generally as said they are injected with with malwares that are stringed to hackers backend giving him the access to your wallets as Metamask is usually logged in your system as browser extension so it's easy once they gain access to your system.Here is one reference image explaining how it will redirect you to some fake websites:



You must be thinking what's happening while the bad actor's are draining out your wallets and once you know whats happening and revoke the permission it's too late as happened with you.This is happening nowadays for the NFT's people having on Metamask wallet but you also haved funds over there.This is why you need hardware wallets and keep as low funds you could on these wallets for you safety.

Read this article to check more about such scams in detail and be safe from them in future.

Take it as lesson and be safe i future.

First I'll say I'm sorry for your loss

While it may be important now to determine how you were hacked to prevent this from happening to you again and from happening to someone else, I'll just say one thing - Telegram and every browser crypto wallet are a terrible combination. I have never used MetaMask because it is inconceivable for me to use a crypto-wallet as a browser extension, or to store thousands of $ valuable digital assets in this way (or in a mobile application).

What else to say except that you paid dearly for one life lesson, and now you have to keep living no matter what happened to you. As worn out as it may sound, you only lost money - you are still alive, healthy, and have a roof over your head, unlike all those who have lost everything they had in the past months.

It actually looks like a PDF file but when I double clicked it nothing happened. Now that's where I realize that it was indeed a malware. So it's a different kind of file with the end "SCREEN SAVER".

But I am also curious that despite my main Trust Wallet wasn't connected to my Metamask wallet browser, why it was also drained. I have a total of 4 Metamask wallets attached there. But I am surprised that my two remaining wallets weren't touched despite having small decent amounts.

In one of those Metamask wallets being hacked, I am also curious that the hacker didn't pull out the BCMC1 token I have worth almost $900. It was still there to be honest (unless the hacker may go back and strike again), but I have zero ETH now and I cannot transfer it to P2PB2B exchange, so I am stuck and wanted to pull it out but I have no more ETH anymore and depositing from the bank to the exchange has expensive fees.

My question is similar to DdmrDdmr's. I still don't understand how exactly the OP was hacked. Was it a fake PDF that was basically an executable (screen saver)? What happened after that?
 

---

If it was malware attached to a PDF file, what does that have to do with a phishing attack?

Phising PDF hack has become a serious issue. When you  open those PDF it activates a malware which in your case might have been attached with the multimedia content. The most common way PDF phising works is by luring an individual to click on a hyperlink, which then take them to a malacious site or activates a malware.

Sorry to hear that you have lost your hard earned money. 12k is a big amount for anyone living in a third world country. I have not been scammed yet, but I have incurred losses due to my own negligence. I hope you take this incident as a lesson and move forward in your life
 

One thing that is not pristine clear to me is how your wallets got hacked, once the malware software was installed. By that, I mean whether they managed to achieve remote access to your environment, keylogged data, or whatever other means. I presume the former. Additionally, to let others know, what counter measures have you taken? (i.e. format your device and start from scratch, etc.).

With regards to not having the crypto protected by the Ledger, I guess that either you didn’t want to incur in fees of some sort, or wanted to avoid the hassle of having to retrieve and use the Ledger device for each TX you performed (which is a core usage), thus leaving it on Metamask.

Best of luck getting back on your toes.

Damn, that's a sneaky way to scam someone and the one that is very easy to fall for if you are doing business on Telegram as there is a lot of stuff going on there all the time. I know its not the mistake that you specifically did, but I would advise everyone to disable the option to automatically download any files as this thing is enabled by default on Telegram and I heard many stories about people getting rekt that way.


I can completely relate to your feelings right now as back in 2017 I went through something similar: my bitcoin wallet got hacked and I lost 0.1 BTC which was basically all I had at the moment. Even though the amount lost is smaller than yours I also thought about giving up and leaving crypto as it was very disheartening to loose everything. But after few days of mourning I owned my own mistakes and continue the journey, this time being way more careful than before. In the end it proved to be the best decision ever so I suggest you to do the same, no matter how hard it looks now.

Ahh man, I definitely feel sorry for your loss. Given that the nature of cryptocurrencies can be easily hacked nowadays, it is arguably recommended to triple check all the files being sent to you. Again, as much as I pity for your loss, it is also your responsibility (though you mentioned that you were negligent) to check all the files and to doubt everything being sent to you.

Mistakes like these tend to shape our future decisions. As much as this is very unfortunate, this would actually help newbies to be more careful in selecting and choosing all the files being sent to them.

It also just got me thinking that scammers/hackers nowadays can conveniently create suspicious files that once you opened them, pandora's box will break loose. I really hope that your experience will save thousands of people from this event.

..and probably put most of your funds on your Ledger wallet. Because security is the main reason you purchased a hardware wallet, right? So use it. Not to twist the knife here, but yea. Best of luck in rebuilding, OP.

Mate reading your story makes me wanna think of something hopeless already but there you are sharing your experience which really helpful for all of us. Ive been scammed before, but not hacked so Ive dont know what it feels like and I can sense tremendous downfall possibly if I were in your case. But I believe you could surpass this and overcome in time. You are a good member of this community and been seeing your contributions. I do hope that some learned too on how to secure their asset.

Hoping for your ease cope mate. Sorry for that damn experienced, those hackers should pay their crimes and must be apprehended.