Topic: Is there any other way wallet can be compromised? - page 2. (Read 325 times)

Your problem is that, you’re under some serious phishing attack by the amount of activities you might have been doing on various sites, getting mixed up with these and that airdrop along with the meme coins and the scams that comes with it.

Your window of compromise could be your device. Although, haven’t linked your wallet to one of these airdrops creates another window of complication. My advice would be that, you dish that device for a new one, create a wallet on the new device, use all appropriate safety types and you would be good.

Also, avoid linking wallets your Bitcoin wallet with any other wallet for airdrops, it’s just not worth it.

This is what your problem is, and you are not aware of how the Claim airdrop is done.
You don't check whether the claim link is genuine or just a phishing website.

Now it's very long with phishing that will expose your wallet to Drained Bot attacks.
When you connect your wallet with a phishing claim website, it will be catastrophic and make all your assets in the wallet be withdrawn to the scammer's address.



Like the incident a few days ago when the Zksync Airdrop was launched, many phishing claim websites appeared on Twitter.
In fact, not only on Twitter, a surprising incident occurred in the Bitget wallet which was once a favorite wallet, but when the Zksync airdrop was launched on the Bitget wallet browser, there was a fake zksync claim automatic link at the very top, and this caused many wallets to be drained.

In the end, I decided to throw away the Bitget wallet and those affected by the drain should also report to the Bitget wallet and of course get the lost funds replaced.

This was your first and avoidable mistake made, none of these should be a way that should contain the custody of our wallet security information's, they all involved the access of a third party on them because they are centralized routes which allows for the use of a third party access like the issuing organization involved.


Its another serious mistake that you have made here as well, you shouldn't make use of your main wallet for bounties, don't connect the wallet to all these airdrop platforms, create a separate wallet for them and also make use of a different devise for them.


Download links
malicious contents
third party access
your personal vulnerability

You should avoid connecting a funded wallet to airdrop sites. Create a separate wallet for your airdrops and then when you connect to such sites, you know that if anything goes wrong you only get to loose the wallet and not the funds in it. If they already invested your connected wallet then I guess they might still be able to access it even when it has been disconnected. There are several ways your wallet might be compromised. But then you have to make sure to save your seeds offline which is the major thing first. Leaving your seed saved on Google or online, you may get attacked by key loggers or Trojans and they end up accessing your mobile devices.

There have been a lot of scam report about Bitcoin and cryptocurrency at large but that doesn't make it a scam. Peoples ignorance is what leads to the loss of funds or they end up investing with a scammer out of greed.

If you are using hot wallets there is always a chance this can be exploited again even if you disconnect those wallets from all connected websites.
I would suggest using them in combination with good open source hardware wallets like Keystone, Trezor, Onekey, etc. because you always need to confirm every transaction with them.
Another advantage of hardware wallets is that it's much harder for seed words to be stolen, if you always keep them offline on paper or metal plates.

1. First thing to note is storing your coins on a hot wallet is already a security risk, then connecting the wallet to any DApps or site is a big security breach. It doesn’t matter what time frame it was left connected. Some DApps can immediately fetch the datas they need once it is connected. So even after you disconnect the wallet they might have had access to you private key and moved funds from it later. To be sure it is the same site that wiped out your funds try to check the other wallet. If not it might be that your device is already compromised.

2. There are numerous ways to compromise your wallet, phishing attacks, dust attacks where you mistakenly copy the scammers address later when sending funds and also the most popular copy and paste malware; where address changes to the scammers address.



People pay less attention to security tips just for there own convenience and later blame the system for the problems they caused themselves. My advice is prioritize the use of cold wallets and back up your seed phrase properly and most of this problems will be long solved

Are you sure your device isn't compromised  itself  you might have installed a mallware unknowingly(probably through  the internet or your e-mail account since it was breached  before) .. which might be staying hidden  on you device..
I don't think malware will survive factory reset... so have you tried doing a factory  reset on your device??

You said you connected your wallet,  for you to connect it then you have accessed  the wallet, were your coins and tokens still intact then??

I experienced something today on my EVM wallet and I'm still in shock how the hell it happened. Before now, I have some wallets that were compromised due to my carelessness with their security. I saved some passphrase in my email and saved some on Google drive as image because I took screenshot of the phrases. I learned lesson the hard way when my funds were wiped out from the wallet.

After that incident, I created a new wallet with utmost care and attention without copying or saving the seed phrases online. I carefully wrote down the seed phrase and mnemonic words and keep it safe which I believe no one aside me have access to it. Today, I was reading something about wallet here and I decided to check my wallet but I discovered that all my funds have been wiped out again for the second time despite being security conscious.

I have a rethink to figure out what might be the cause and then I realized that I mistakenly connect the wallet to claim an airdrop last week but I immediately disconnect the wallet without approving any transaction when I noticed that I connected the wrong wallet.

Could this be the cause? Mind you, my assets were intact after the incident until this happened three days ago thou I noticed it today.

My questions:
Is it possible for airdrop sites to access your funds even after disconnecting your wallet?
Is there any other way wallet can be compromised aside this mistakes?

It's becoming scary day by day to leave huge amount of assets on wallet this days. Perhaps this is one of the reason some people still think everything about bitcoin and crypto entirely is a scam as funds lost can not be recovered. I will appreciate detail explanation on this and the solution to avoid future occurrence.