Topic: HELP: Hacked Wallet (Read 448 times)

That's sad to hear that, someone wallet hacked is devastating to hear. Metamask is a safe wallet it just that end-users might have the fault for it. So never trust some sites and never authorized it on your metamask because it is reversible and once hacked there is nothing to do about it.

I'd advise you to watch your mouth. I went to metamask.io which I was told, and researched,  is the legitimate site. Just stay off my post.

That's obvious, but during this year I personally have never seen and heard that those who use Metamask wallets were hacked, because Metamask wallets are generally very safe and also have a double amount of security that has been implemented in them, but if it can still be hacked, it means it is the wallet user who is often negligent in guarding it.

As for now, you can't do anything as you wallet has already been hacked. You can't write to support team and ask for refunding, it is impossible. I wonder what kind of transaction you signed. If it was the transaction that allowed this web-site to spend your tokens, it is important to set a limit so that this webs-site is able to use only the sum of money that you want to use on it.

I have used metamask for years and i just heard that someone could access our wallet with connected nodes, i'm sure everytime i want to log in into metamask i was asked for password or create a new password with seed phrase.
For safety if you still could access your wallet you should transfer all your balance to new wallet and just leave that passive income that caused you got hacked.

It's never a good feeling when one is hacked especially in this period when the value of cryptocurrency are on the increase. I've heard of several news about people getting hacked on metamask wallet and there really nothing that has been done to curb or prevent the reoccurrence of this issue.

The transaction wouldn't occur without your permission from Metamask. Either your device was hacked or you gave permission for a transaction. I know hackers could creak the password of Metamask, they need to access your device. That's the problem using a wallet that you aren't familiar with. You have to learn first before using a wallet because its fund related and there is a chance of losing funds. Cryptocurrency is irreversible, you can't get back your funds anyway. It's quite important to store your fund securely and the same wallet shouldn't use for a Ponzi or suspicious sites. There would be malware to jack your wallet or device. Hope you will take a lesson from this mistake and others as well.

Many previous post have already advised op to create new wallet offline so that it is safe. The fake sites are called phishing site or a clone site of the original. It's function is to steal what you have submitted to the site. Many have fallen for such trick if you are not careful about the site you are going to access.

Maybe wrong authorization that you accepted on your wallet is what is causing all the mess now My advice is move any fund if you have any and stop using the wallet Is already been compromised and also make sure the site you do visit and the real ones Scammers can make fake ones and have you click it. As for the wallet and node My advice is to set another node with a different wallet to be safe

Your wallet was not hacked, but you were the victim of your own stupidity. Most likely, you have fallen victim to a phishing scam and linked your wallet to a scam site. You should be more careful in the future.

You should do nothing and im sorry for your lose, the most important thing is if you wanna try to run or use 3rd service in your computer and you must try to make sure that you didn't use it in the same device that being used to store your wallet that contains all of your coins. Your coins can be returned and it seems like that the program that you have used it to sign up thru strongblock was a fake program.
There may some possibilities but i do believe that if this is making the hacker was able stealing your money.

You must be careful there are so many fake software. So many people got hacked caused by they were accessing the program that already had keylogger on it.

If the hack is a private key leak I don't think there's anything you can do, but if the hack happened because you visited a phishing website and linked it to your wallet, you can revoke the permission at https://app.unrekt.net/

@OP seems I saw everything from you almost sending a token on a wrong network, and later you still did that, and this. I can safely say that it is a *preventable* costly lesson. The amount you lost might cost a fortune but what next can be done is to start slowly learning the basic security practices about cryptocurrencies as a whole. There's nothing you can do regarding the lost amount, that's that. But if you still "blindly" continue without taking into account your expensive error that will be absurd.

From what I see that you are still new within this space, my only suggestion is to take a thoughtful steps to learn about cryptocurrency. Regarding the basic security practices I can recommend a collection of threads by @Ratimov, I suggest you should learn and comprehend what it is all about: Beginners & Help Encyclopedia: Security.

Don't use metamask wallet on PC they are vulnerable to attacks because they are just web plugins meaning that codes can be run easily to hack them, the most safest wallet are hardware wallet and mobile wallets as far as they aren't centralised wallet.

Use metamask only in conjunction with a ledger or trezor hardware wallet. Then your wallet will be reliably protected.
This creates some inconvenience to use, but it comes at the cost of security.
If there are several hundred dollars stored on the wallet, then you can risk it.

The real Metamask web wallet is alright. I haven't heard or read anything that the codes were compromised/exploited. In most cases, these hacks happen because of the user's fault. Some of them are careful in not giving their seed phrase but careless in reading the Metamask pop up message before they click sign or confirm. In the latter's case, I've seen a message asking for authorization to spend your token.

Absolutely nothing, just abandon the wallet and get another, the fact is hacking schemes works better on windows OS so any slightly mistake your coins will be gone, it's why I advice people against metamask on PC I prefer the mobile version more, PC isn't the place you want to store your coins if you use the pc for other things online

I recall my experience few years ago, when my metamask wallet was Alsop hacked. It feels like metamask wallet is prone to hackers, maybe because it's a web wallet or the security features are not strong enough. There's really nothing anyone could do when your wallet get hacked and your funds are transferred out. We all need to be careful and cautious of metamask wallet.

Earn passive income by connencting your wallet? that is the trick used by telegram scammers to hack your wallet. No one should fall prey of such. Consider that wallet gone and never use it again, just uninstall and clean up your computer and start afresh.

If the Op was exposed to the stolen of all the coins in his Metamask wallet, I advise him to make a new Windows for his PC, perhaps someone hacked his device, or if he connected his wallet to one of the suspicious sites, he can create a new wallet and leave the old one, but you should know that next time if you connect Your wallet in one of the sites and you feel that it is a suspicious site, you should immediately click on your wallet, then ► the account option ► the connected sites ► disconnect the suspicious site.

I don't understand how this Strongblock nodes creation works but no one can break through your Metamask wallet if it's not authorized by you, you exposing your secret recovery phrase/private keys, or the Metamask you used is from a phishing site.
I have a question for you. Did the Strongblock site ask you to enter your wallet's private information on their site?

Maybe you browsed a link around the internet without knowing its called phishing links. It's very common actually.. But sometimes it happens in some sites that need access in your wallet to enjoy the full features of the sites itself especially when it comes swapping token.. So i suggest never used such wallet when it comes swapping or joining bounty around the internet, just create wallet for storing only not to used in different sites.

To be focus now, is look your metamask connected to which sites. And then just leave it, make new and move on. To avoid something like this again, make sure made 2 wallet which 1 for big assets and save money, and the other one to use if require to connect in some sites. Maybe you will pay more fees, but it is worth than hacked and lose all money.

Safe or not depends on the user. If you use metamask and you want to connect to a new website that doesn't have a reputation; it's better to use a new wallet and separate the main wallet from the wallet to be connected to websites. And of course, the better choice is to store your crypto assets in a hardware wallet.

Meta mask hacked like a passwords. See forums lice hashkiller, they cracked MANY metamask min 1 per week, 90-100% of wallets.

Meta mask not secure wallet.

I believe the topoligical ideal there is to use Metamask, as seemingly required in your case, but using a set-up that uses the hardware wallet instead for key management.


There are often phising sites that use a very closely related name to the original site, and that are promoted through different social media channels, web links, or simply come up high in search engine results (sometimes even as paid Ads, giving them a priority position in the search results).

Out of curiosity, take a look at the results from DNS Twister for Metamask:
https://dnstwister.report/search?ed=6d6574616d61736b2e696f

You’ll see that there are plenty of existing domains with a similar name, and any of them can, at a given point in time, be used for a phishing expedition (they are not all currently phishing sites – perhaps some- but they are at last latent potentials).

Even here you need to take some precautions (i.e. this is not https://metamask.io/).

Thanks; I'll need to read up how to integrate MM with my Trezor. I didn't know that could be done. The site where you set up the nodes prompts you to download the Metamask extension. I've known several people to do it successfully and thought I was doing it right. I still cannot figure out the site I went to was a phishing site because the URL is the same "metamask.io". If I cannot figure it out, I'll be terrified about visiting ANY crypto/wallet/exchange type site. I just need to understand.

I expressed regret for your loss, I don't know what else I could do to help you in the situation you are in. Unfortunately, no one here can help you get things back to square one, you messed up and this will be a very expensive life lesson for you. Good luck with the nodes, I hope someone will give you the right advice.

The references to a hardware wallet being made here are not incompatible with using Metamask. The hardware device will be the one that actually signs your TXs, and will physically need to be connected to do so, thus mitigating the chances of certain hacks taking place. Ledger & Trezor should work for sure.

See: https://www.ledger.com/academy/security/the-safest-way-to-use-metamask

Well, this calls then for a complete new wallet, unrelated to the HW. But now you know that, I guess.


I'm sorry for your loss. But actually that's why I am so angry and harsh too. You can skip the harsh part and just take note of the useful part. Most probably you'll find that you know most of those things, but.. let's make sure you do... I mean that the mistake you've done is the result of missing some steps in understanding the hardware wallets and I don't know which one.
As said, you cannot do much more than learn all you can from the expensive lesson. From your last post I am sure you'll be more careful in the future, so yeah, whenever you're not sure, ask.

NeuroticFish, if you would take the time to read the previous comments, it is stated that a hardware wallet could not be used with the sites I was on and the processes I was doing. For example, to set up/purchase STRONGBLOCK NODES, you MUST use a Metamask Wallet. This is why the MM wallet was introduced into the process of me purchasing nodes and as well as attempting to stake coins on Wonderland. I have a hard wallet and use it, but it was irrelevant in this situation. Some processes cannot be done through a hard wallet such as purchasing/maintaining nodes, staking on Wonderland and other DAOs, etc. The seed phrase for the Metamask wallet was stored offline. I entered it because I thought that the site was trying to authenticate my wallet since it was my 1st time installing Metamask as a Chrome Extension (which has now been deleted)...

And again, please refrain from your condescending comments to me and others that make this mistake. The loss of the money is hard enough. If you can't exercise any more self control than that, please don't even comment.

OMG... if you give the seed to any legitimate-looking request, what you think is the use of the hardware wallet, really?!

OK, so since your wallet is now empty, please start with resetting the wallet to a completely new seed, write that down for backup and ever use it again only when your hardware wallet will ever stop working.
Keep the new seed safe (offline!) and remove the old seed from all the places you've stored it (so you don't get confused in 5 years which one was the correct seed).

And from now on, anything you want to do with crypto, do through the hardware wallet. If Metamask cannot handle the hardware wallet, use MEW with the hardware wallet.

And, sorry if it sounds harsh, but learn to ask here when you are not sure before doing something stupid, not after doing that.



You can answer to one post, press enter twice for some spacing, scroll down, insert the next quote and answer to the next user.
The problem is not the number of answers, it's the fact they're spread into many consecutive posts.

My apologies, I didn't know that multiple posts were not allowed. I was simply trying to respond to some of the users that commented.

I am aware now that I shouldn't have entered the seed phrase. I thought MM was trying to authenticate my account and I went to the site that is said was the authentic site, which is metamask.io. So, I thought it was legitimate. Please refrain from any condescending comments to anyone going through this. If you've read my previous threads you see that I acknowledge I messed up. Therefore, I really don't need the "I told you so's". I'm already dealing with enough.

@KHamilton, please respect the rules of the forum : "Posting multiple posts in a row (excluding bumps and reserved posts by the thread starter) is not allowed."

---

It is inconceivable to me that I would use a wallet that works through a browser and any add-ons/extensions - so it's like Russian roulette that you play every day and you wonder when luck will leave you. I was closest to it when I used the Chrome app for one HW and I’m glad they gave up on it, it’s just the wrong way and should be avoided.


You failed the most important test, because the seed from HW should not be entered anywhere except in HW - or in case you have no other choice in some proven desktop wallet whose files have been previously verified. I'm sorry for your loss, but you confirm what I keep saying - regardless of the type of crypto wallet, the weakest link in the security chain is the people who use them.

No, according to Strongblock's website, you cannot switch a node to a different wallet address. So, I have no idea what to do when it comes time for the to claim the rewards, because in doing that the rewards are transferred to the wallet. In this case, that's the one that was compromised. See here (the 10th question): https://strongblock.com/faq.html

---

I do have a hardware wallet. I was using Metamask because this wallet is required to set up the Strongblock node. There's no way around it. It will only connect to Metawallet and this was actually my 1st time even using this wallet.

---

When I set up the Strongblock node, that was my 1st time using Metamask. The app was downloaded on my phone and never used. In setting up the node I downloaded a Chrome extension on my computer. During this process I was only using Strongnode, Metamask, and Traderjoexyz's site.

---

I do understand that I cannot recover my coins. My biggest concern is the possible access to my Strongblock nodes. I bought 3 and they cost me a lot of money. I checked the strongblock site and it appeared to be the same one that all the youtube tutorials I watched on how to set the strongblock node up used. It is strongblock.com.

I have gone back to review one of youtube clips over and over and the difference I am noticing is that when I go to "strongblock.com" it takes me to the home page. When the youtuber is putting in strongblock.com, his home page says "strongblock.com/index.html". When I go to manually put in "strongblock.com/index.html", however, it takes me to the exact same page that strongblock.com is. 

When I downloaded the Metamask Chrome extension it asked me for my seed phrase. Since I'd never downloaded it on my computer before, I figured it was legitimate and that it was trying to authenticate my account. I really think this is where I messed up. Since the URL's of everything appeared to be legitimate I thought it was ok. I've seen one youtuber say it may ask for that during initial set up but that you should never have to enter that info again. My seed phrase was not stored online; I have them written down.

I'm devastated and not sure where to go from here. I can get over the lost eth and avax token they took out of my MM wallet. I'm just concerned about the hefty investment made in the 3 nodes. It would take me at least 4-5 months to recoup that based on the current price of the STRONG token and the amount of reward percentage they're paying out.

In the meanwhile, I have removed the Chrome extension. Is there a suggested method for claiming my rewards when it's time?? I'd planned to claim them once a month as to avoid recurring gas fees. Should I just install the MM when I'm ready to claim them, move the coins, and then off the wallet really fast? I at least want to get my investment back IF the hacker doesn't take that. I figure I have nothing else to loose..If I dont do it the coins are lost...If I try to move the coins really fast at least there's a slight chance of it going unnoticed by the hacker.

---

Hi, I used strongblock.com. I did connect my wallet to the Uniswap at app.uniswap.org. I used this to convert the ETH token to the STRONG token, which is used to set up the node.

On another venture I was trying to buy TIME token to stake on the Wonderland site. With that I had to convert AVAX token to TIME and I used the JoeTrader site at https://traderjoexyz.com/#/home.

Both my remaining eth and avax were stolen.

---

How do I ensure nothing else on my device is affected?

[moderator's note: consecutive posts merged]

He connects his wallet to a decentralized application for running a node. There's no way to change the receiving address since the wallet itself is the OP account to run that node. I doubt too the website that OP describing for running a node. I believe that is the main reason why his Metamask has been hacked since he allowed it to access his wallet when he connects it there for running a node.

@OP, Can you share the website you use so that we can check and verify the root of your loss. If you didn't connect your wallet to any dapps, Then its 100% sure that you are using a fake node services.

First thing that you need to do is to remember that aside from signing up through strongblock's node. What are the other applications that you've probably signed up and applications that have downloaded that required you to sign in through metamask.

I've been using metamask for a long time and if there's some unfamiliar websites that are requiring me to sign up and it's forcing me to do so, I'm closing quickly the browser.

Never use that wallet anymore, don't deposit anymore any amount.

There are many similar recent cases reported around, such as:

https://www.reddit.com/r/Metamask/comments/ppg78a/was_i_hacked/
https://www.reddit.com/r/strongblock/comments/q0kk9u/if_metamask_gets_hacked_are_your_nodes_safe/
https://www.reddit.com/r/strongblock/comments/qe5qyj/hacked_on_metamask_lost_my_nodes/
https://www.reddit.com/r/strongblock/comments/qhufec/metamask_security/

I’d read through the above, and iterate the search for more cases to get a better oversight on what people are doing. Some of the comments point to it being difficult to associate a new wallet after the events, but other seem to indicate that they managed to through support. Plenty of comments stating that they should have bought a hardware wallet.

The important thing would be to try to suss out the door in your security that allowed this to happen. I’d consider your environment compromised, and would not currently trust anything in your environment. You may have downloaded some software, even different to the one you mentioned, from a malicious installation, that could have piggybacked any kind of keylogger/rat or else during its deployment (see for example https://bitcointalksearch.org/topic/kmspico-malicious-windows-activator-stealing-crypto-5375639 on how malware can piggyback around).

Unfortunately, there is no way to recover your coins because transactions in the blockchain are generally considered irreversible if several confirmations have already taken place. Regarding the reasons hackers were able to break your wallet, it is not easy to identify the problem and how that exactly happened because you have given us too little information. For example, did you check if strongblock domain was genuine? It may be you have fallen victim to a phishing website that steals sensitive user information or makes you sign fake transactions. How do you store your Metamask seed phrase and password? Do you have them written up on a piece of paper or in Notepad, which is on the same device you installed the wallet?

That is right - forget about your wallet address, even if you have crypto there. Once it was hacked, your funds dont belong to you. Hacker might leave some crypto there on purpose, waiting for you to fill the wallet with funds for withdrawal. Once you top it up with funds, the script will move crypto quicker than you would set new address for withdrawal and hit send.

Your steps - forget hacket wallet, create new, dont regret about what happened (your expensive experience), if you have participated in bounties - ask BM to change wallet so hacker wont get more.

I am not familiar with Metamask, but after finding out how you've got hacked and clean up the system if needed, you should consider the old wallet compromised and create a new clean wallet.
And I keep preaching it: consider buying a hardware wallet.

AFAIK, Metamask can't be hacked unless you give Authorization to the site you've connected with, so if you gave the access already then your wallet is already compromised so if you see any balance leftover there better move to a new wallet as soon as possible and never do such kind of mistake again.

Did you set up the nodes yourself or did you have someone else do it for you?
Also, did you verify the extension being added, the Strongblock Ponzi or project is becoming quite popular and this is sure to attract scammers who would create fake versions to get into user's wallets.

There's really nothing you can do as the coins are already gone besides checking for the loophole and ensuring it does not affect any other app on your device.

Can you not change the wallet connected to the node? Can't you also use another better wallet that is not a web wallet? Just saying this because one thing j hate about Metamask wallet is that it is vulnerable to hacks because it is a web wallet. There will be a way you can change the wallet or address that can be used.

I set my Metamask wallet up to be a chrome extension on my computer yesterday and someone hacked into it and stole all of my coins/tokens. The thing is, I'd just signed up for a program where you create nodes thru Strongblock and get paid passive income to host that node on the ethereum network, meaning that node is connected/Affiliated with your wallet. There is no reversing it and you have to have the node associated with a wallet. Now that the MM wallet has been hacked, what should I do??