Author

Topic: Had 165k ETH stolen last night. (Read 612 times)

jr. member
Activity: 44
Merit: 6
August 06, 2023, 04:48:32 AM
#54
If you're holding private keys you should sign a message Signing a Message on Ethereum or else we can't know if you're telling the truth.

Honestly, I don't see any reason why he needs to do that. There is no reason to doubt his story, so far. It's not like he came up with this story to ask for donations or anything like that. He just want help to figure out what happened.

OP, I see that you reported the address to etherscan.io and posted a comment there. Be careful of those who replied to you pretending they can help you recover your lost money. They are scammers, do not trust them!

Thank you for the advice about signing a message to verify my ownership. However, as khaled0111 pointed out, the intent of my post was not to ask for donations or mislead anyone, but to understand what happened and seek help. That said, in an effort to address any lingering doubts, I have followed the advice and signed a message which you can find here: https://etherscan.io/verifySig/22663.

I'm well aware of the various scams circulating and want to reassure everyone that I'm approaching this with a high degree of caution.

I sincerely appreciate the support and guidance from this community during this incredibly stressful and challenging time
copper member
Activity: 2156
Merit: 983
Part of AOBT - English Translator to Indonesia
August 03, 2023, 09:58:20 PM
#53
damn I know a similar case like this it happen to my brother wallet, so the story was one of my brother's friend sent him around ~0.3 Eth but after receiving it took a couple of hours for that money transferred from my brother wallet to scammer wallet.

and then I ask him about the current private key but he told me never shared the private key and never approved any smart contract but the money is long gone

legendary
Activity: 2702
Merit: 3045
Top Crypto Casino
August 03, 2023, 04:09:20 PM
#52
If you're holding private keys you should sign a message Signing a Message on Ethereum or else we can't know if you're telling the truth.

Honestly, I don't see any reason why he needs to do that. There is no reason to doubt his story, so far. It's not like he came up with this story to ask for donations or anything like that. He just want help to figure out what happened.

OP, I see that you reported the address to etherscan.io and posted a comment there. Be careful of those who replied to you pretending they can help you recover your lost money. They are scammers, do not trust them!
hero member
Activity: 2996
Merit: 598
Leading Crypto Sports Betting & Casino Platform
August 03, 2023, 07:00:06 AM
#51
If the OP doesn't know how it happened he's at risk of it happening twice. It's process by elimination so a malware program's needed. OP didn't prove it's his cryptocurrencies so it isn't easy accepting what he's saying but I'm feeling sad if he's lost $165k.

Problem is also that is not going to be easy to determine if your device is clean or infected with something malicious.

I don't know how to prove that I own that wallet or that I lost the funds. However I did receive a voicemail from law enforcement today, I am certain I will be speaking with them tomorrow. So not sure how much more I should share. However I'd be glad to prove it's my wallet.

It's good to know that you are moving forward, You will need a lawyer who knows about cybersecurity to help you with your case, I'm sure the funds from that wallet will move so can get ready to have communication with exchanges if ever hacker moves it to these exchanges.
Checking the address it is now marked as phishing.



full member
Activity: 896
Merit: 193
web developer for hire
August 03, 2023, 06:13:58 AM
#50
You've said you've lost 88 ETH $165k from the address you own 0xbed5681AB526863c4CCee75e394db537A75DA761. Etherscan's added Fake_Phishing185501 warnings about the receiving address. If you're holding private keys you should sign a message Signing a Message on Ethereum or else we can't know if you're telling the truth.

I don't know how to prove that I own that wallet or that I lost the funds. However I did receive a voicemail from law enforcement today, I am certain I will be speaking with them tomorrow. So not sure how much more I should share. However I'd be glad to prove it's my wallet.

Earlier today, I had a significant deposit of ETH enter my digital wallet. Barely 8 minutes later, it was gone. The transaction ID? 0x094f01f9174845200e6324bf18a242e0b19ce7f058a4cb928144d22df8313bcc. Destination? A new wallet, 0x4b9e0ddabad6dff604db3d827f5fa7e1c6952aa8.
jr. member
Activity: 44
Merit: 6
August 03, 2023, 05:42:16 AM
#49
If the OP doesn't know how it happened he's at risk of it happening twice. It's process by elimination so a malware program's needed. OP didn't prove it's his cryptocurrencies so it isn't easy accepting what he's saying but I'm feeling sad if he's lost $165k.

Problem is also that is not going to be easy to determine if your device is clean or infected with something malicious.

I don't know how to prove that I own that wallet or that I lost the funds. However I did receive a voicemail from law enforcement today, I am certain I will be speaking with them tomorrow. So not sure how much more I should share. However I'd be glad to prove it's my wallet.
legendary
Activity: 2730
Merit: 7065
August 02, 2023, 04:35:28 PM
#48
The little research I did on that Rewind.io app says that it can remember and view everything you have seen, written, or said on your device. This information can cause massive problems in the wrong hands. Another source I found says that the backups aren't "fully" encrypted, and there exists a possibility of stealing someone's data. I have no idea what they consider as "fully encrypted". It either is or isn't. The encryption could be weak or strong, not sure what fully or semi encrypted is supposed to mean. Some data is encrypted while the rest isn't? Who knows.


So Rewind.io was installed on your Mac after your Metamask wallet. The wallet is older. Did you make any outgoing transactions from your wallet during the time that Rewind.io was installed? More precisely, did you make any outgoing transactions prior to the 26 ETH one that you moved to Kraken?
full member
Activity: 896
Merit: 193
web developer for hire
August 02, 2023, 03:15:14 PM
#47
If the OP doesn't know how it happened he's at risk of it happening twice. It's process by elimination so a malware program's needed. OP didn't prove it's his cryptocurrencies so it isn't easy accepting what he's saying but I'm feeling sad if he's lost $165k.

Problem is also that is not going to be easy to determine if your device is clean or infected with something malicious.
hero member
Activity: 714
Merit: 1010
Crypto Swap Exchange
August 02, 2023, 02:29:33 PM
#46
Question #1:
OP, you say your wallet is older than when you started using Rewind.ai. After you started using that tool, did you ever display your private keys or your mnemonic recovery words of your wallet on screen so that such sensitive details could've been recorded by Rewind.ai?
Think hard and try to remember any possibility for such to happen.

You say Rewind.ai stores recordings only on your local device. Question #2: how are such recordings secured? Any encryption or password necessary to replay such recordings? (I don't know this tool.)

Question #3: have you ever granted someone remote access to your device? Do you have remote access tools installed, like TeamViewer, Anydesk, ...?

Question #4: I assume your MacBook wasn't ever in any repair shop or Apple repair while there's still your data on it and since you have your wallet active? (Just to exclude the most obvious things.)

My brainstorming is about how could your wallet's sensitive data leaked. You didn't say or answer anything about browser extensions. Is this Bitcasino only a website or did you install some software from them on your device?

Pmalek's idea that the stealing transaction could be somehow related to your transfer to Kraken is a path worth to explore but frankly I don't have an idea how this could lead to a leak of data allowing a malicious party to transfer your funds.

Problem is also that is not going to be easy to determine if your device is clean or infected with something malicious.
full member
Activity: 896
Merit: 193
web developer for hire
August 02, 2023, 02:28:33 PM
#45
It's more money than I'll see in my life I'm sorry you've lost $165k ETH it's got to hurt. I'd be broken if it happened to me. I don't want to be unsympathetic but are you able to prove you've lost it? It's hard to believe every thing we're told so can you prove it?

Listen up. I messed up. Seriously. My negligence ended up costing me $165k in Ethereum, and a bit of MATIC. Here's what happened.

Earlier today, I had a significant deposit of ETH enter my digital wallet. Barely 8 minutes later, it was gone. The transaction ID? 0x094f01f9174845200e6324bf18a242e0b19ce7f058a4cb928144d22df8313bcc. Destination? A new wallet, 0x4b9e0ddabad6dff604db3d827f5fa7e1c6952aa8.

I know what you're thinking. "Should've used a hard wallet." And you're correct. I have a Ledger, and it was sitting unused while my ETH was taken. Worth noting, I had about $7k in my wallet all day, untouched. But as soon as the large deposit came in, it was swiped. Clearly, it was a targeted operation.

I'm not avoiding blame here. I failed. Despite being cautious, I wasn't vigilant enough. I'm reeling from it.

So, here's my request: If anyone knows advanced methods to trace this wallet or the transaction, beyond just setting alerts, I'd be grateful for the help. I'm clinging to the slim hope that I might retrieve my lost funds.

To everyone else: learn from my mistake. If you've got substantial crypto, move it to your hard wallet immediately. Don't let overconfidence or negligence jeopardize your assets. It can happen to anyone, myself being a stark case in point.

TL;DR: I lost $165k in ETH from my wallet moments after it was deposited. It went to a new wallet (0x4b9e0ddabad6dff604db3d827f5fa7e1c6952aa8). I didn't use my Ledger, and that's a decision I'm paying for dearly. If you can help trace the transaction or the wallet, please share your advice. Keep your crypto assets secure, folks. It's a hard lesson I've learned firsthand.
hero member
Activity: 2212
Merit: 670
Signature designer - start @$10 - PM me!
August 02, 2023, 10:14:33 AM
#44
We share everything
Including private keys? (pls don't say yes)
I'm not gonna accuse him just for ruining your relationship. But in this case (about a large sum of money), if this were to happen to me, I'd be more realistic and not limit any suspicions. For me that's natural, because "money can blind a person".

But it's up to you, what I quoted actually... never mind
jr. member
Activity: 44
Merit: 6
August 02, 2023, 07:42:25 AM
#43
Yes I am referring to Rewind.ai, Screen and audio recordings from Rewind.ai are stored locally and never leave my computer.

This is the first Web3 App I have used in a very long time, and I used connected to it on July 21st for the 1st time. I reached out to them directly to let them know but they blew me off. The only person that has access to my devices is my long time partner who lives with me.

All right, let's slow down.
Everything I'm going to ask and say next is just assumptions and possibilities, I don't mean to accuse anyone. Up to this point, I'm with Pmalek that your privatekey was leaked.

Since when was your rewind application installed? did it also record the screen when you generated the privatekey?
Then about your old partner, is there any chance that s/he can also watch the saved recording?


Anyway, reviews about Rewind.ai that might be worth reading: https://www.lifewire.com/rewind-ai-records-everything-on-your-mac-privacy-nightmare-or-amazing-memory-tool-6826733


I began using Rewind quite early on but my wallet is much older, and it's been a real lifesaver on numerous occasions, helping me recall things I'd forgotten or needed to retrace my steps on. While the article you've linked to does cover both the pros and cons of Rewind AI, the fact that all the data is stored locally mitigates my concerns.

As for my partner, we maintain a high level of transparency and are both keenly aware of crypto-related issues. We share everything, so there's no conceivable motive for him to engage in such behavior.
jr. member
Activity: 44
Merit: 6
August 02, 2023, 07:36:00 AM
#42
Maybe your keys leaked with the 26 ETH transaction that you made from Metamask to your Kraken account. After that, someone got the secrets that they needed to steal the remaining coins. I don't know how, though.

My intuition leads me to this conclusion as it appears to be the most logical, but from a technical standpoint, it feels like a stretch.

Quote
What about your partner that you said lives with you. Does she use your computer? It doesn't have to be that she stole from you, maybe she used some fake app. Does she play games or use some dubious apps and permissions over social media?

He does not use my computer, and we have our own rooms, he also is good about crypto security.
hero member
Activity: 2212
Merit: 670
Signature designer - start @$10 - PM me!
August 02, 2023, 05:53:57 AM
#41
Yes I am referring to Rewind.ai, Screen and audio recordings from Rewind.ai are stored locally and never leave my computer.

This is the first Web3 App I have used in a very long time, and I used connected to it on July 21st for the 1st time. I reached out to them directly to let them know but they blew me off. The only person that has access to my devices is my long time partner who lives with me.

All right, let's slow down.
Everything I'm going to ask and say next is just assumptions and possibilities, I don't mean to accuse anyone. Up to this point, I'm with Pmalek that your privatekey was leaked.

Since when was your rewind application installed? did it also record the screen when you generated the privatekey?
Then about your old partner, is there any chance that s/he can also watch the saved recording?


Anyway, reviews about Rewind.ai that might be worth reading: https://www.lifewire.com/rewind-ai-records-everything-on-your-mac-privacy-nightmare-or-amazing-memory-tool-6826733
legendary
Activity: 2730
Merit: 7065
August 02, 2023, 03:15:28 AM
#40
Maybe your keys leaked with the 26 ETH transaction that you made from Metamask to your Kraken account. After that, someone got the secrets that they needed to steal the remaining coins. I don't know how, though.

What about your partner that you said lives with you. Does she use your computer? It doesn't have to be that she stole from you, maybe she used some fake app. Does she play games or use some dubious apps and permissions over social media?
hero member
Activity: 560
Merit: 511
August 01, 2023, 11:40:41 PM
#39
Sorry  for your loss OP,this is a hard lesson for you. I am not blaming you but it has always been an advice here by experts that don't keep big amount of bitcoin in an online wallet because you will be vulnerable to hackers but instead use a hard wallet to keep your coins but this information was irrelevant to you not until you have become a victim. A link with malware was sent to you and that was how your wallet was compromised. I don't think that such an hacker will transfer the funds to an exchange only if he is dumb. If crypto is not illegal in your country and the funds was sent to an exchange, then it is possible to freeze the account with the help of the police.
sr. member
Activity: 924
Merit: 365
August 01, 2023, 05:16:45 PM
#38
For someone who is unable to regulate their emotions, the notion of this enormous loss can be intolerable. This is a tragic tale that OP will carry on with.

If there was a way to get your stolen $165k Eth back, we would have all taught you the way, but in this situation, there is no way to discover the person who stole your crypto assets.

Have courage, and consider it a lesson well learned. You should not use your Eth wallet once again because it has been compromised. Instead, use a hard wallet to create a more secure wallet that won't be vulnerable to hackers.
hero member
Activity: 714
Merit: 1010
Crypto Swap Exchange
August 01, 2023, 04:07:08 PM
#37
As OP uses MetaMask which is a browser based wallet: which browser extensions do you have installed? If you don't pay attention to what extensive rights some extensions demand and if you install shady ones, you're quick in trouble.

Do you have some sort of extension from Bitcasino installed??

I consider a browser based wallet like MetaMask already as a very bad idea. Browsers are very complex software beasts that constantly interact with the www, that is mostly external data thrown at your try-to-be-everything-software-renderer which has gazillions of bugs, constantly.

Any exploit in your browser puts your browser wallet at risk. What could possibly go wrong here? Nevermind...

That is indeed quite uncommon behavior of a malicious actor who has enough control to send coins from OP's wallet.
jr. member
Activity: 44
Merit: 6
August 01, 2023, 03:56:46 PM
#36
Yes, the address is correct. I received 111 ETH from Bitcasino.io. I managed to transfer 28 ETH to a contract address (Kraken), and then the remaining 88 ETH was maliciously taken. The involvement of a smart contract is indeed peculiar, and if anyone has insights into this, I'd be grateful to hear them.

I am truly sorry for your loss but this whole thing is very strange to me.
You said that there was about $7k at that address earlier, but that the "hacker" (or whatever is behind it) did not touch that money, but was waiting for a larger amount. When that larger amount has arrived, he hesitates and allows you to transfer a solid part of that money (about 1/3) and only after that, he transfers the rest of the ETH.
This really doesn't look like a serious hacker to me, To me, this really doesn't look like a serious hacker, it's just that he would leave the possibility of saving $50-$60k.


Certainly, the scenario you described is indeed puzzling. I agree that if a malicious actor had gained control of my private key or seed phrase, we would expect them to act more opportunistically. The presence of 12 Ethereum (~$35K as of my case) sat in my wallet untouched for almost 18 hours, I was withdrawing from that amount so it is highly unusual if a hacker had control over my wallet that they wouldn't touch those funds.

The sequence of events is indeed perplexing. The malicious activity started almost synchronously with the deposit of the larger sum of 111 Ethereum that I won from Bitcasino. Within minutes of this deposit, I successfully managed to transfer 26 Ethereum to my Kraken account. Only after this transaction, the unauthorized transfer of the remaining funds began.

The hacker's hesitation and the delayed reaction seem counterintuitive if we're dealing with a classic case of private key compromise. It doesn't make sense why they left a significant amount untouched in the wallet for so long, and why they waited until after a large deposit and a subsequent withdrawal by me before they moved the funds.

One potential explanation is a triggered event or condition - possibly a smart contract interaction or some other automated mechanism that was set to activate upon the receipt of a large deposit. I mentioned in my previous responses about a smart contract transaction that occurred immediately after the 111 Ethereum deposit. While the connection is uncertain, it's a point of interest that could potentially explain the odd timing.

Of course, these are all speculations based on the peculiar circumstances surrounding this incident. The reality may be different, and a thorough investigation is underway to get to the bottom of it.

It's indeed a perplexing situation, and I appreciate your interest in understanding this unusual case. I'll continue to update as I make progress with my investigations and hopefully provide some clarity in due time.

It's literally driving me crazy.
legendary
Activity: 3472
Merit: 3507
Crypto Swap Exchange
August 01, 2023, 02:56:20 PM
#35
Yes, the address is correct. I received 111 ETH from Bitcasino.io. I managed to transfer 28 ETH to a contract address (Kraken), and then the remaining 88 ETH was maliciously taken. The involvement of a smart contract is indeed peculiar, and if anyone has insights into this, I'd be grateful to hear them.

I am truly sorry for your loss but this whole thing is very strange to me.
You said that there was about $7k at that address earlier, but that the "hacker" (or whatever is behind it) did not touch that money, but was waiting for a larger amount. When that larger amount has arrived, he hesitates and allows you to transfer a solid part of that money (about 1/3) and only after that, he transfers the rest of the ETH.
This really doesn't look like a serious hacker to me, To me, this really doesn't look like a serious hacker, it's just that he would leave the possibility of saving $50-$60k.
jr. member
Activity: 44
Merit: 6
August 01, 2023, 02:01:15 PM
#34
With 'Rewind' on my MacBook, I've been able to track all actionsMy private key or secret seed phrase was not stored on my device, adding to the mystification of this event.
I'm not a macbook user, are you referring to this app: rewind.ai? How does it work, how to make sure that this app also doesn't stalk your screen then feed it to the server?

Yes I am referring to Rewind.ai, Screen and audio recordings from Rewind.ai are stored locally and never leave my computer.


Quote
The only notable event was connecting to MetaWin Dapp via Metamask.
Is it your habit to interact with the web3 app with the main wallet? That's another faux pas.

Who are the people around who are allowed to access your device?

This is the first Web3 App I have used in a very long time, and I used connected to it on July 21st for the 1st time. I reached out to them directly to let them know but they blew me off. The only person that has access to my devices is my long time partner who lives with me.
legendary
Activity: 2730
Merit: 7065
August 01, 2023, 01:43:05 PM
#33
About my wallet safety: I've been vigilant with my wallet, private keys, and funds. With 'Rewind' on my MacBook, I've been able to track all actions. The only notable event was connecting to MetaWin Dapp via Metamask. My private key or secret seed phrase was not stored on my device, adding to the mystification of this event.
When did you connect your wallet to this MetaWin application? Was it sometimes in the days leading to the hack or long time before that? You could check their social media and official website to see if there are any reports of hacks or vulnerabilities on their side. Regarding your private keys and seeds not being on the device. You are using MetaMask, right? That's a hot (browser) wallet that holds the necessary signing keys, otherwise you wouldn't be able to sign and broadcast transactions.
hero member
Activity: 2212
Merit: 670
Signature designer - start @$10 - PM me!
August 01, 2023, 10:49:25 AM
#32
With 'Rewind' on my MacBook, I've been able to track all actionsMy private key or secret seed phrase was not stored on my device, adding to the mystification of this event.
I'm not a macbook user, are you referring to this app: rewind.ai? How does it work, how to make sure that this app also doesn't stalk your screen then feed it to the server?


Quote
The only notable event was connecting to MetaWin Dapp via Metamask.
Is it your habit to interact with the web3 app with the main wallet? That's another faux pas.

Who are the people around who are allowed to access your device?
jr. member
Activity: 44
Merit: 6
August 01, 2023, 07:02:12 AM
#31
Sorry for your loss.

Care if I ask which wallet(s) you used to access this account?

Worth noting, I had about $7k in my wallet all day, untouched. But as soon as the large deposit came in, it was swiped. Clearly, it was a targeted operation.

So, the first question you should be asking yourself is who knew you were about to receive the large deposit.  Obviously you don't want to answer that here.

It was an unforeseen windfall from a game, and thus nobody could have known about it beforehand, including myself.

First, I'm sorry for your loss.
Based on the little information you have shared, I suppose this is your eth address: 0xbed5681AB526863c4CCee75e394db537A75DA761, right!
According to etherscan.io, you received 111eth from bitcasino.io then, few minutes later, ~28eth were sent to a contract address and the remaining balance sent to the address you have mentioned.

I'm not an expert when it comes to ethereum and other altcoins but I think your case hase more to do with the smart contract than with the wallet you are using.


Yes, the address is correct. I received 111 ETH from Bitcasino.io. I managed to transfer 28 ETH to a contract address (Kraken), and then the remaining 88 ETH was maliciously taken. The involvement of a smart contract is indeed peculiar, and if anyone has insights into this, I'd be grateful to hear them.


About my wallet safety: I've been vigilant with my wallet, private keys, and funds. With 'Rewind' on my MacBook, I've been able to track all actions. The only notable event was connecting to MetaWin Dapp via Metamask. My private key or secret seed phrase was not stored on my device, adding to the mystification of this event.

What makes this situation even stranger: I had earlier withdrawn 12 ETH, which remained untouched, yet 88 ETH was swiped suddenly after I sent 28 ETH to Kraken. Moreover, the hacker took the minuscule MATIC I had, followed by a confusing sequence of events involving ACS on the Solana chain. The entire series of transactions has left me bewildered.

Why I don't think it's a sweeper bot: I've even tested depositing a small amount of ETH (as suggested on Reddit), and none of that was taken.

The lingering questions: I'm grappling with how this could have happened. The fact that the funds haven't been moved from the thiefs address and that 12 ETH was left untouched nearly all day that day has me questioning my sanity.

The links to the transactions are:

ETH withdrawal
MATIC transfer
Solana block explorer

I appreciate everyone's understanding and continued assistance. If anyone has insights into this matter, I would greatly value your input.

Best Regards,
legendary
Activity: 1568
Merit: 6660
bitcoincleanup.com / bitmixlist.org
August 01, 2023, 03:38:39 AM
#30
What was the Ethereum wallet software used? Scammers cannot steal your coins unless they already have your private key or seed.

Also I saw on Reddit how a hacker who stole ETH was "frontran" by a bot and lost the coins to it, and someone explained to be that frontrunning is just when you take a high-value transaction and change the receiving address to your own and sign the transaction with your own keys - that still doesn't make much sense to me but I think that's what happened in your case. TBH I have no idea how an ETH hard wallet is supposed to protect you from that since it seems to be a network feature.
sr. member
Activity: 1680
Merit: 379
Top Crypto Casino
July 31, 2023, 08:05:47 PM
#29
CertiK's Skytrace is a blockchain exploration tool that might be helpful in tracking your stolen funds. Using a hardware wallet wouldn't have been helpful if you already interacted with a malicious smart contract and hadn't yet revoked it's permissions. Your wallet has thousands of transactions. With that level of activity you are bound to lose track of what contracts you've approved and what sites you interacted with. Scammers are clever and will disguise their scam to look legitimate enough so that you will overlook it amongst all your other activity.
legendary
Activity: 2268
Merit: 1655
To the Moon
July 31, 2023, 06:02:35 PM
#28
Worth noting, I had about $7k in my wallet all day, untouched. But as soon as the large deposit came in, it was swiped. Clearly, it was a targeted operation.

But there was another withdrawal on 26.8381 ETH, which you don't mention, which at that time was $50 thousand dollars. And this transaction was carried out 5 minutes earlier than the amount of 88 ETH was stolen. Maybe someone saw how you made the first withdrawal from the wallet?
legendary
Activity: 2730
Merit: 7065
July 31, 2023, 01:36:32 PM
#27
Sorry for your loss. So after reading the story I realized that someone targeted you because he didn't transfer the funds even after looking into your $7k wallet. He knew that you have a large amount of funds and that you will use this wallet again to make transactions.
It's quite possible. Sometimes it's those closest to us that we forget to look into or don't suspect initially. I would like to ask OP who else close to him/her has access to the computer/phone they were using? Who knew about the money they had and were expecting to receive in the wallet that got emptied?

It is also possible that your computer was already under the control of the hacker, so that he could see all your activities.
I think that if the hacker had prior access to the wallet, he would have emptied it when he saw the $7k in it. Unless, of course, the person knew it's only a matter of time before something more vulnerable gets deposited there. The question OP needs to ask themselves is how could they have known, and who knew of the upcoming transaction?
hero member
Activity: 714
Merit: 1010
Crypto Swap Exchange
July 31, 2023, 12:02:45 PM
#26
~snip~

For someone who does not understand the basics, even a hardware wallet will not help, because even such wallets are vulnerable when it comes to clipboard malware. It may be a sophisticated attack, but it is very likely that you have a compromised computer with a possible RAT (remote access trojan) installed.

For such a large sum, I would have definitely made a much better effort and checked everything at least ten times, but obviously everyone has their own standards when it comes to such things. The problem is that these standards sometimes come back like a boomerang and hit an inconvenient place, and then we find ourselves in a big problem.

This doesn't look like a case of some clipboard malware as the OP described that the large transfer reached his software wallet, only to find it being swiped 8 minutes later.

OK, the OP lacks to provide some very basic case details  (e.g. which wallet he used), how and with what he interacted with his wallet in the past (some gross mistakes like connecting your metamask to some shady website and granting ridiculous access rights or similar stupid stuff). Who knows, too much room for speculation open.

On the other hand you're very right that much better effort to secure such amounts is mandatory. I mean the user still appears quite composed regarding such a loss, but anyway, no judgement. Even Ledger hardware crap could've prevented this very likely and as OP said, it sat unused in his desk. No further words...
legendary
Activity: 2702
Merit: 3045
Top Crypto Casino
July 30, 2023, 04:55:50 PM
#25
So after reading the story I realized that someone targeted you because he didn't transfer the funds even after looking into your $7k wallet. He knew that you have a large amount of funds and that you will use this wallet again to make transactions.

This is exactly what I wanted to say.
If the hacker had previous access to his wallet, why he didn't steal those $7k? It doesn't make sense. The only explanation is that the hacker didn't have access to the wallet at that moment.
Saying that he was expecting such large deposit doesn't make sense, unless it's someone clise to OP who knew he will receive this large amount if money and was waiting for the right moment to empty the wallet. This is why we need more information from OP to understand what've happened.
hero member
Activity: 1876
Merit: 721
Top Crypto Casino
July 30, 2023, 04:43:21 PM
#24
If you can help trace the transaction or the wallet, please share your advice. Keep your crypto assets secure, folks. It's a hard lesson I've learned firsthand.
Sorry for your loss. So after reading the story I realized that someone targeted you because he didn't transfer the funds even after looking into your $7k wallet. He knew that you have a large amount of funds and that you will use this wallet again to make transactions. It is also possible that your computer was already under the control of the hacker, so that he could see all your activities.

Now if this hacker takes this fund in any centralized exchange, then you can trace him and complain to that exchange and the fund can be held with the help of the exchange. But hackers don't seem to send funds to a centralized exchange.
legendary
Activity: 2268
Merit: 1655
To the Moon
July 30, 2023, 04:05:13 PM
#23
...This is huge amount and you should hire someone to track it, hoping that hacker will deposit on centralized exchange...

I am sure that this fraudster will not transfer the stolen ETH to a centralized exchange, as he is too smart for this to allow such an oversight. In addition, it can be assumed that this is not the first theft of other people's coins for him and he has already developed an appropriate algorithm of actions. And do not forget that he can make the exchange he is interested in on one of the many decentralized exchanges.
legendary
Activity: 3234
Merit: 5637
Blackjack.fun-Free Raffle-Join&Win $50🎲
July 30, 2023, 06:00:41 AM
#22
~snip~
To everyone else: learn from my mistake. If you've got substantial crypto, move it to your hard wallet immediately. Don't let overconfidence or negligence jeopardize your assets. It can happen to anyone, myself being a stark case in point.

For someone who does not understand the basics, even a hardware wallet will not help, because even such wallets are vulnerable when it comes to clipboard malware. It may be a sophisticated attack, but it is very likely that you have a compromised computer with a possible RAT (remote access trojan) installed.

For such a large sum, I would have definitely made a much better effort and checked everything at least ten times, but obviously everyone has their own standards when it comes to such things. The problem is that these standards sometimes come back like a boomerang and hit an inconvenient place, and then we find ourselves in a big problem.
legendary
Activity: 2730
Merit: 7065
July 30, 2023, 02:06:36 AM
#21
To know if the person sent it to an exchange, I think there are wallet explorer that can do that?
Such services exist for Bitcoin. If the coins get sent to an address that is a known exchange address, the sites will tag them as such. But here we are talking about Ethereum and I don't know if anyone is running a similar wallet explorer analysis service.

These are the ones I know of:
https://oxt.me/
https://www.bitcoinwhoswho.com/
https://www.walletexplorer.com/

The only one that supports altcoins I have heard of is https://www.breadcrumbs.app/.

To everyone: I am afraid about it. Even though I never keep my private key online, is there any way I can check if my wallet is already compromised or not? Is there any wallet that shows login logs? Do you guys believe we can request such a feature to some wallet providers and do you think they may consider it?
If your wallet was compromised, your coins would most probably have been stolen by now. You can't have such a service of tracing who logs in and from where without infringing on your privacy. Serious wallet developers will never consider something like that. Tracking logins is something you have on centralized exchanges, and that's not where you should keep your crypto.
legendary
Activity: 3570
Merit: 1959
July 29, 2023, 06:53:26 PM
#20
He have another topic in which he talks about the same story here https://bitcointalksearch.org/topic/m.62616437 And really,
The date shown on Reddit is 29 and here is 28, so I don't know if the problem is in formatting the dates, or is it the same user.

I don't know what the details of the story are, but with the loss of such an amount and without disclosing legal data, no one will be able to help him, whatever it is. Details we give him here.


If you look at the comments section of the receiving address on etherscan.io, you can see it's already full of bullshit-scammers looking to make or steal more BTC from anyone who's been robbed ... Tongue

Sad story OP. Sorry for the loss. The consequences of contract-interaction are still pretty weak. What the heck were you using anyhow, metamask, .... or??
legendary
Activity: 1596
Merit: 1288
July 29, 2023, 06:49:37 PM
#19
Well, at least reply for what people has asked to offer you some help.

After searching the address in google, i found this reddit thread[1], OP is much more active there responding every reply, only if the OP here is the same person on that reddit thread.

[1] https://www.reddit.com/r/ethereum/comments/15cc1la/lost_165k_in_eth_straight_talk_about_crypto_safety/
He have another topic in which he talks about the same story here https://bitcointalksearch.org/topic/m.62616437 And really,
The date shown on Reddit is 29 and here is 28, so I don't know if the problem is in formatting the dates, or is it the same user.

I don't know what the details of the story are, but with the loss of such an amount and without disclosing legal data, no one will be able to help him, whatever it is. Details we give him here.
hero member
Activity: 2212
Merit: 670
Signature designer - start @$10 - PM me!
July 29, 2023, 06:44:42 PM
#18
I am afraid about it. Even though I never keep my private key online, is there any way I can check if my wallet is already compromised or not?
If you're talking self-control addresses, if that address has output transactions that aren't from your activity, its definitely compromised.

Quote
Is there any wallet that shows login logs? Do you guys believe we can request such a feature to some wallet providers and do you think they may consider it?
Technically your address is active all the time and can be exported to other wallet platforms by some key derivation method, so there is no log detection and no point in requesting such a feature.
hero member
Activity: 1554
Merit: 880
pxzone.online
July 29, 2023, 06:38:42 PM
#17
Well, at least reply for what people has asked to offer you some help.

After searching the address in google, i found this reddit thread[1], OP is much more active there responding every reply, only if the OP here is the same person on that reddit thread.

[1] https://www.reddit.com/r/ethereum/comments/15cc1la/lost_165k_in_eth_straight_talk_about_crypto_safety/
legendary
Activity: 3416
Merit: 1225
July 29, 2023, 05:25:16 PM
#16
Sorry for your loss.

Care if I ask which wallet(s) you used to access this account?

Worth noting, I had about $7k in my wallet all day, untouched. But as soon as the large deposit came in, it was swiped. Clearly, it was a targeted operation.

So, the first question you should be asking yourself is who knew you were about to receive the large deposit.  Obviously you don't want to answer that here.

That's a good question that is worth an answer, for a hacker if they have malware in your machine will move that amount right away because $7k can be considered a big amount but it seems it waited for that huge amount to move in so he can do, it can be considered a targeted operation if the hacker knows there's an incoming huge amount or the malware can only read amount that is higher than $7k so it remains untouched until the big amount move in and sent the notification to the hacker to move the funds.

Since it mentioned that there is an interaction to a smart contract address can you give us the name of the platform where you interact, that could be the culprit, this is a lesson here, do not put a huge amount on the wallet that has an interaction with any platform, use a new address on a new wallet.
sr. member
Activity: 672
Merit: 416
stead.builders
July 29, 2023, 05:07:11 PM
#15
I know what you're thinking. "Should've used a hard wallet." And you're correct. I have a Ledger, and it was sitting unused while my ETH was taken.

Ledger cannot do anything than compromising the whole privacy and security measures in place, don't even think of ledger in this, but you can make use of Trezor or any other hardware wallet, but before then, let's hear the complete part of the story, i think it's getting more interesting.

Worth noting, I had about $7k in my wallet all day, untouched. But as soon as the large deposit came in, it was swiped. Clearly, it was a targeted operation.

Have you been careless with the way you handled the wallet or what could have caused this, also, one of the reasons why there's no more trust confided with ledger is in such scenario of data breach they do behind your permission to spy and steal your crypto asset unknowing to you
legendary
Activity: 2702
Merit: 3045
Top Crypto Casino
July 29, 2023, 04:55:12 PM
#14
First, I'm sorry for your loss.
Based on the little information you have shared, I suppose this is your eth address: 0xbed5681AB526863c4CCee75e394db537A75DA761, right!
According to etherscan.io, you received 111eth from bitcasino.io then, few minutes later, ~28eth were sent to a contract address and the remaining balance sent to the address you have mentioned.

I'm not an expert when it comes to ethereum and other altcoins but I think your case has more to do with the smart contract than with the wallet you are using.
hero member
Activity: 770
Merit: 538
Leading Crypto Sports Betting & Casino Platform
July 29, 2023, 02:24:22 PM
#13
This is really a huge amount. Sorry for such a huge loss. Tracking your coin can be a bit possible with the idea of Pmalek, but unfortunately those Ethereum are still sitting in that new wallet, and if the hacker decides never to send out those coins hastily, I don't think there's any other possible way you can easily gain back your asset. Perhaps the hacker can also decide not to send those out at once to any exchange. Still, as others are deliberating on the matter, I am also shocked that the $7k you talked about was untouched, even after the ETH was pulled off, which makes me think you have someone around you who knew you had more than just $7k and that you will still deposit it in that wallet.
copper member
Activity: 2338
Merit: 4543
Join the world-leading crypto sportsbook NOW!
July 29, 2023, 11:49:07 AM
#12
Sorry for your loss.

Care if I ask which wallet(s) you used to access this account?

Worth noting, I had about $7k in my wallet all day, untouched. But as soon as the large deposit came in, it was swiped. Clearly, it was a targeted operation.

So, the first question you should be asking yourself is who knew you were about to receive the large deposit.  Obviously you don't want to answer that here.
hero member
Activity: 2926
Merit: 567
July 29, 2023, 11:01:52 AM
#11
I am afraid after hearing these things. Why wouldn't a hacker take the $7K in your wallet before the transaction? $7K is not a tiny amount that hackers can throw away. Or was it someone who knows that this wallet will get some large deposit in the future? Who knows? Maybe it was someone who know you very well and he may get access to your wallet somehow. This could be your friends or neighbors or even a family member. Do you remember sharing information related to your crypto investment?
This is something OP should consider either there is malware or there is an intrusion and the hacker knows that you have a big amount coming so he waited for it, this is a big concern, it's not recommended to put the big amount in one address we should divide the amount to a different address and different wallet.

Quote
To everyone: I am afraid about it. Even though I never keep my private key online, is there any way I can check if my wallet is already compromised or not? Is there any wallet that shows login logs? Do you guys believe we can request such a feature to some wallet providers and do you think they may consider it?
All I know is your wallet is compromised if there are unauthorized transactions, the community will be benefited if developers can add this feature but still nothing beats a hardware wallet.
hero member
Activity: 770
Merit: 482
July 29, 2023, 10:25:29 AM
#10
I am afraid after hearing these things. Why wouldn't a hacker take the $7K in your wallet before the transaction? $7K is not a tiny amount that hackers can throw away. Or was it someone who knows that this wallet will get some large deposit in the future? Who knows? Maybe it was someone who know you very well and he may get access to your wallet somehow. This could be your friends or neighbors or even a family member. Do you remember sharing information related to your crypto investment?

To everyone: I am afraid about it. Even though I never keep my private key online, is there any way I can check if my wallet is already compromised or not? Is there any wallet that shows login logs? Do you guys believe we can request such a feature to some wallet providers and do you think they may consider it?
hero member
Activity: 2996
Merit: 598
Leading Crypto Sports Betting & Casino Platform
July 29, 2023, 10:23:23 AM
#9
TL;DR: I lost $165k in ETH from my wallet moments after it was deposited. It went to a new wallet (0x4b9e0ddabad6dff604db3d827f5fa7e1c6952aa8). I didn't use my Ledger, and that's a decision I'm paying for dearly. If you can help trace the transaction or the wallet, please share your advice. Keep your crypto assets secure, folks. It's a hard lesson I've learned firsthand.

This is a sweeper bot which is popular hacking techniques when you exposed your private key through phishing or malware. This is huge amount and you should hire someone to track it, hoping that hacker will deposit on centralized exchange.

This money is too huge to be stored on a software wallet alone. You knew your mistake and I'm sure this a great lesson to teach newbs here.

This is indeed a big lesson for all of us and its a reference for those who do not want to use hardware wallets and check their machine regularly for malware like all the others here your chances is for the hackers to move the wallet to a centralized exchange to trace the identity of the hackers.

Can you give us more details so people here will learn how scammers work, OP is right that this is a targeted operation how did the malware land it seems he is tracing the wallet for a big amount to come, and when it did it triggered the malware to hack the wallet.
hero member
Activity: 1120
Merit: 554
🇵🇭
July 29, 2023, 09:10:17 AM
#8
TL;DR: I lost $165k in ETH from my wallet moments after it was deposited. It went to a new wallet (0x4b9e0ddabad6dff604db3d827f5fa7e1c6952aa8). I didn't use my Ledger, and that's a decision I'm paying for dearly. If you can help trace the transaction or the wallet, please share your advice. Keep your crypto assets secure, folks. It's a hard lesson I've learned firsthand.

This is a sweeper bot which is popular hacking techniques when you exposed your private key through phishing or malware. This is huge amount and you should hire someone to track it, hoping that hacker will deposit on centralized exchange.

This money is too huge to be stored on a software wallet alone. You knew your mistake and I'm sure this a great lesson to teach newbs here.
legendary
Activity: 1596
Merit: 1288
July 29, 2023, 09:02:58 AM
#7
People in an online forum can't help you recover millions of dollars because all the information we have is available to everyone. you have to start by filling out papers at the nearest police station, enclosing your data, source of income, and details of what happened.
And if you have little money or acquaintances, you can ask a specialized company to track those currencies with the issuance of personal data and statements that you will get from the police.

If you are lucky, the money will be frozen through a judicial order from the court, but it depends on the source of income and on the state whether it is friendly to cryptocurrencies and whether they cooperate or not.
staff
Activity: 2436
Merit: 2347
July 29, 2023, 03:34:47 AM
#6
Listen up. I messed up. Seriously. My negligence ended up costing me $165k in Ethereum, and a bit of MATIC. Here's what happened.

That word mean anything to you "couchbeerrob"?
sr. member
Activity: 1484
Merit: 323
July 29, 2023, 03:20:00 AM
#5
I was shocked at first when I read your title, 165k ETH but when I clicked the topic it's 165k USD worth, my first thought when I've read the title is that "how come this person lost all of that Ethereum in one go?". Regarding your plight, you need to talk to a cybersecurity company for this kind of thing, also you should probably file a police report about the theft so at the least you know that you've taken some measure to catch the thief. Cybersecurity companies wouldn't magically return the stolen crypto though, most like they will find out who's the person through the investigation that they're going to conduct.
legendary
Activity: 1624
Merit: 1200
Gamble responsibly
July 29, 2023, 03:08:14 AM
#4
Regarding the transaction and tracking it. You can hope the scammer makes a mistake and sends it to a CEX with a KYCed account. But even if they do, you'll have to file a police report with local authorities who will have to start an investigation. The exchange won't lock or freeze anyone's coins without proof and the involvement of a government agency.
It is also possible that the person did not send it to an exchange. Hackers are perfect in some ways. If an exchange is used and the person have scam tactics, it is possible that everything about the person is fake, like fake KYC. To know if the person sent it to an exchange, I think there are wallet explorer that can do that? Chain analytic organizations can also help him out, even beyond sending the money to an exchange.
hero member
Activity: 700
Merit: 541
Bitcoin Casino Est. 2013
July 29, 2023, 02:59:24 AM
#3
To everyone else: learn from my mistake. If you've got substantial crypto, move it to your hard wallet immediately. Don't let overconfidence or negligence jeopardize your assets. It can happen to anyone, myself being a stark case in point.

I'm sorry for your lose. Losing that kind of money in a blink of an eye is not something one pray or hopes happens to them.

If I may ask, have you ever done anything that you feel might be the cause of you losing your funds? Like how well do you secure your wallet and what other things do you use your system that has your wallet for?
I know alot of people might not want to use their system that has that amount of money to do any other thing as it will reduce the security of their coin... So I'm asking if perhaps you normalize downloading files from unknown source and also the type of Os you're operating.

I'm asking since you made of of others learning from your mistake, providing this information might help others avoid making the same mistake as you did.

As concerning the tracking I'm afraid I don't have that much knowledge to track a transaction deep down the Blockchain but I do hope you get the necessary help needed to help you recover your funds or give you a tip that'll help you.
legendary
Activity: 2730
Merit: 7065
July 29, 2023, 02:56:22 AM
#2
What wallet did you use to deposit those ETH tokens to and on what kind of system? Phone, desktop?
Very little you can do about it now unfortunately.

I would reformat my device, wipe everything, and seriously consider my online actions and personal security. You need to ask yourself what you did to get infected, how, and where. You must have downloaded something, clicked on some malware links, or given permissions to dubious software.

Regarding the transaction and tracking it. You can hope the scammer makes a mistake and sends it to a CEX with a KYCed account. But even if they do, you'll have to file a police report with local authorities who will have to start an investigation. The exchange won't lock or freeze anyone's coins without proof and the involvement of a government agency.
jr. member
Activity: 44
Merit: 6
July 29, 2023, 02:45:28 AM
#1
Listen up. I messed up. Seriously. My negligence ended up costing me $165k in Ethereum, and a bit of MATIC. Here's what happened.

Earlier today, I had a significant deposit of ETH enter my digital wallet. Barely 8 minutes later, it was gone. The transaction ID? 0x094f01f9174845200e6324bf18a242e0b19ce7f058a4cb928144d22df8313bcc. Destination? A new wallet, 0x4b9e0ddabad6dff604db3d827f5fa7e1c6952aa8.

I know what you're thinking. "Should've used a hard wallet." And you're correct. I have a Ledger, and it was sitting unused while my ETH was taken. Worth noting, I had about $7k in my wallet all day, untouched. But as soon as the large deposit came in, it was swiped. Clearly, it was a targeted operation.

I'm not avoiding blame here. I failed. Despite being cautious, I wasn't vigilant enough. I'm reeling from it.

So, here's my request: If anyone knows advanced methods to trace this wallet or the transaction, beyond just setting alerts, I'd be grateful for the help. I'm clinging to the slim hope that I might retrieve my lost funds.

To everyone else: learn from my mistake. If you've got substantial crypto, move it to your hard wallet immediately. Don't let overconfidence or negligence jeopardize your assets. It can happen to anyone, myself being a stark case in point.

TL;DR: I lost $165k in ETH from my wallet moments after it was deposited. It went to a new wallet (0x4b9e0ddabad6dff604db3d827f5fa7e1c6952aa8). I didn't use my Ledger, and that's a decision I'm paying for dearly. If you can help trace the transaction or the wallet, please share your advice. Keep your crypto assets secure, folks. It's a hard lesson I've learned firsthand.
Jump to: