Topic: Is there any other way wallet can be compromised? (Read 325 times)

Never use you're main wallet if you are going to join in an airdrop, best practice seperate wallets for those things, since there are instances that when you connect to an airdrop or any apps, there is a chance that the wallet is already compromise, I already seen people lost their whole funds because they are too lazy to make a new wallet, giving hackers a chance to get all their investment and profits.

If you are active in the NFTs and one of the trends right now is the airdrops, if you find a reliable project most of them are getting an announcement with their discord as possible don't expect any messages came from that channel most of those are pretending part of the projects and they will send some links that links once you open you will get compromised like they will get an access to your computer, stealing password and possible draining of wallet. Think before you click some links or else if you want to prevent this might happen to try to create a different machine like using a multiple OS or have a virtual machine to make sure you are safe with your account. Hot wallets are most likely to happen with this compromise but if you are using a cold wallet they might quite hard to access this with the confirmation as long as they didn't get your seed.

Which crypto it was precisely. Your story is weird because it means someone has been able to hack your Google account obviously. How do you explain it? Are you really sure that all people living at your home are trustworthy? Sometimes the culprit is less far away than we believe. Anyway you should change your Google password and add a 2FA security urgently.

On what kind of wallets, offline, online, closed source? etc. You cannot just say it is scary to keep huge assets in wallets these days, wallets that are online and one that you connect to different websites for airdrops have never been safe. From the replies of many in this topic, it should be clear to you now why you lost your funds.

If you don't want to lose more, keep your huge amounts in offline wallets, create an empty wallet if you want to claim airdrops or you can forget about airdrops completely. Being your own bank comes with quite a lot of responsibilities and anyone who isn't ready for it should prolly not be using bitcoin.

There are a couple of mistakes that you've made that you shouldn't make in the future.

The first mistake is to use a wallet that has funds for airdrops. That is one of the biggest mistakes one can make, newbies tend to do this but you seem to be a bit experienced, so you shouldn't do that. Always make and use new wallets when you are participating in an airdrop, and only use funds that you are using for the airdrop for like bridging or making transactions to become eligible, etc.

Your second mistake is keeping a lot of funds in decentralized wallet that is stored as an extension in your browser. You can't expect for such wallets to never get compromised because you visit a lot of websites when surfing the internet and things can happen. So it's best for you to keep your funds in a non-custodial wallet that isn't stored in a device that you use all the time. It's even better if you can use a hardware wallet for that.

I'm not sure if you are aware there were some email bridge from Coingecko and some exchanges some weeks ago, anyone can have access to that leak emails and other sensitive information and if your email is one of those comprised, they can try those emails with the leak password and if you are the type of person that use simple password or general password, your email content could be exposed through this way.

It could also be that someone close to you have access to your phone or email login and you don't know about it, so do well and check your email activity if there has been an attempted login from other devices or just check the devices your email login into.

About been connected to aidrops, this is not the safest way to use a wallet address. When running airdrops, you should never use your main wallet to participate in any of the airdrops because you might be compel to interact with a smart contract and this contracts are hidden, you don't know what they means or what they are to do, you might end up exposing your entire wallet doing these aidrops, next time use a new wallets with nothing on the address to claim or participate in airdrops.

This is my concern now honestly. I know it doesn't take a blink of eye to create a new wallet but as it is now, I can't tell whether my device entirely is comprised and creating a new wallet on the device might not be completely safe from future attack. I will just have to abandoned the device and anything that has to do with wallet while I get another device to create a new wallet.


Despite that I have no any proof against the airdrop site for stealing my funds, they still remain the top list of my suspect because I check their Twitter handle and many people were complaining of the same thing happening to them when they connect their wallet to the site. Although, someone explain under this thread that it is possible for them to have access to your wallet information as soon as you connect it and even if you disconnect the wallet, this information can be accessed by them. However, I'm still finding it hard to believe the whole scenario how it happened despite that I have moved on.

There is no other explanation need for you to that it was the site you connected your wallet to that wiped out your funds. Your funds were safe before the connection was made, and after the connection your funds vanished, that's to tell you that there are other ways your funds could be moved outside your private key or seed phrase. We learn everyday and you just discovered another way. The moment you approved the connection that was what exposed your wallet information. Airdrops are highly risky something. Even if the airdrop is legit, scammers will always come up with various malicious links and you won't know the one that got to you if it's the fake or the legit one. It's best you get two mobile devices one specifically for airdrops and the wallet in it if you must do airdrops. While the other device which have your main wallet should never have anything to do with clicking of any links, not to talk of connecting your wallet. Let's play safe, sorry for your loss.

To stay more Concious, I'll advice that disconnected the previous connected wallets may not be enough for your funds safety. So, I'd advice you to delete the wallet entirely and create a new one with new pass generated phrases to stay on a virgin or clean wallet.
Don't forget that not only airdrops projects that scammer can steal your funds, it could also be by malicious clicking of links and signing in to malicious platforms with the interest of earning rewards.
Don't also think anyone can't be reachable to where you hid your key phrases not untill you're more careful after much carelessness of your pasts.
Sorry for your lost.

This is I believe only useful if the Service you are using that requested the Signature of a Smart Contract is not malicious already.  It is a good thing to revoke Smart Contract Approvals from well Trusted Services such as Pancake Swap to avoid the compromise of funds in case of a malicious handling of the website, but if you approved a Smart Contract on an already malicious website then chances are your Money has been gone from the first seconds on.

Once the Wallet is emptied out, since there is no more Money OP owns, I rather not touch that Wallet ever again.  Revoking a Smart Contract Approval means more Money to be thrown at a Wallet that is already compromised.  And since it is not the 100 percent accurate explanation and it could be a completely different reason, risking to continue using the same Wallet is not worth it at all.  It could very well not be the Airdrop being malicious but OP having malware that compromised even the Seed of their Wallet.

OP, just accept the loss and move on to a different Wallet.  But secure it properly this time.

@knowngunman, simple and free advice for you and everyone else - stop doing things like airdrops, using pirated software, downloading content via torrent and visiting suspicious websites. If, in addition to all that, you have your backup saved safely (offline), then nothing bad will happen to you - unless you brag online that you have cryptocurrencies, and bad guys decide to visit you one day and ask you to give them a "donation".

Start acting like you have your own bank and not a charity giving out money to anyone who asks for it.

Firstly, not all airdrop sites are real, some of them are fake websites which the scammers use to trick their victims inorder to have access to their wallets. There are chances that you may have entangled yourself with a fake website, clicked on a malicious link or dealing with a scammer who is impersonating a legit airdrop site. I have seen people who have encountered this kind of issues and I must say the best way to stay safe with anything online is by having an offline wallet or creating a separate wallet for the purpose of that particular thing you want to achieve.

It was actually a big mistake which I admit. What happened is that I have many wallet imported in my metamask and trustwallet which I do switch from one to other whenever I want to use them. I didn't check the metamask to know the last address I used before connecting the wallet to the airdrop site, unfortunately it happen to be the wallet I have some assets which I disconnect immediately I noticed it. The site is actually a genuine site affiliated to the project but I can't tell whether the entire project is a scam. The gas fee required to claim the airdrop was too high despite being on BSC chain and that made me to be suspicious of their genuinty.


Thank you for the links you shared. If you read Op very well, that mistake of storing seed phrase in email was prior before I understand about wallet security, it is not something of recent. After reading people experience here and how to keep wallet safe, I desist from doing that. For the second time, lesson is being learned again but I don't think it will happen again for third time. I have read through every replies herein so far and I have taken the key points.

Storing your wallet seed phrase in email, it's hard to believe because it is one of worst practice. Either in text or image (screenshot), it's bad practice. It's worse if you did not secure your email with strong password and 2FA. Even you did have strong password and 2FA for your email, you can not trust Google.

Revoke your smart contract approval.

How to Revoke Token Approval
Revoke Smart Contract Allowance with unrekt.net
https://etherscan.io/tokenapprovalchecker
https://revoke.cash/
https://app.unrekt.net/

Most important, don't use any wallet with big fund to do tasks, claim airdrops. If bad things come, you will lose big fund. With airdrops, use very small and nearly empty wallets to do tasks and claim airdrop.

Your whole machine has been compromise so stop using it or at least format it clean although there could be malware that is going to be persistent after a clean wipe out of your PC and total reformat.

It could be that it might not be the airdrop or something, but you have click a link that has a malware on it and remain undetected by your AV because malware author are very intelligent to hide it from AV and somewhat it will take months before they can find out this new malware.

So it might cost you money, but it's a better investment, get a fresh laptop or PC and learn from your mistakes and only use the new machine for your crypto related. Everything else should be in that old laptop of yours. Or try to switch OS, Linux flavored will be one good option for the old machine total reformatted and run new OS.

Yes.  Many people are still unaware that disconnecting the Wallet is not enough and this is how they end up losing significant Money.  If you had to Sign a Contract and you have no idea what it truly does, you may become a victim very easily.  There are malicious Smart Contracts that, once signed, basically have access to the Coins in your Wallet.  So even if the Wallet is disconnected, the Smart Contract is still valid and working.

There are MANY ways it can be compromised.  To avoid over 90 percent of the fears and trouble, just have two separate Wallets.  One you ONLY use for Transfers, where you have the big stash, and one that you use for smaller actions such as Payments, Trades et cetera.

Stop trusting random websites and blindly signing Smart Contracts.  As you can see, they do NOT make you Rich and no body is doing volunteering for you.  Most of them are Scams, and the real ones offer a Reward so low it is not worth risking your whole stash for it.

Yes, depends on the permission too. That's why its recommended to use other wallet for connecting to other stuff like airdrop, dapps, also to browser-based wallet (extension/addon) to connect like in gambling and exchanges.

Also, by the time your funds was lost you should consider your device as compromised as well.

On your last compromised wallet, what kind of wallet you used? Also on the second one?

People lose their coins because they lack the key to be able to protect their assets. As someone involved in cryptocurrency, you should know to not leave huge amounts on hot wallets. Hot wallets are vulnerable to hacks, if you have more than $1k worth of bitcoins, you should buy a hardware wallet to store your coins. Do your research when choosing a hardware wallet, I recommend using open-source and airgapped wallets.

Of course, scammers can gain access to your assets even after disconnecting your wallet from the deceptive domain if you have granted them token approvals or malicious smart contract approvals and mistakenly signed transactions. Check out this [article] published by Metamask.

Also, I agree with several members who mentioned the possibility that your computer might be compromised. Therefore, if you have created a new wallet on this infected device, the scammers will know your seed phrases and private keys. I recommend using an alternative device that has antivirus protection. You should install trusted wallets because using malicious browser extensions, unofficial wallet applications, or downloading cracked software, in general, will threaten your wallets' security.

I also have same thinking of phishing attacks due to numerous sites he would have gotten himself into while trying to claim various airdrops and all that and even if he was to link his wallet address for airdrops it shouldn't have been the wallet where he still have some coins in it. He can restore the device factory settings and enhance all safety precaution measures are taken when using a new wallet.

I have seen many people linking their wallets more especially exchange wallet address to claim airdrops without knowing that storing your coins in an exchange is a very big risk coupled with linking it to other malicious sites to claim airdrops is even more riskier because exchanges doesn't give full security over your assets. He should also consider using an anti phishing codes when doing some transactions so that he can be notified if a transaction is being performed without his knowledge.

Your problem is that, you’re under some serious phishing attack by the amount of activities you might have been doing on various sites, getting mixed up with these and that airdrop along with the meme coins and the scams that comes with it.

Your window of compromise could be your device. Although, haven’t linked your wallet to one of these airdrops creates another window of complication. My advice would be that, you dish that device for a new one, create a wallet on the new device, use all appropriate safety types and you would be good.

Also, avoid linking wallets your Bitcoin wallet with any other wallet for airdrops, it’s just not worth it.

This is what your problem is, and you are not aware of how the Claim airdrop is done.
You don't check whether the claim link is genuine or just a phishing website.

Now it's very long with phishing that will expose your wallet to Drained Bot attacks.
When you connect your wallet with a phishing claim website, it will be catastrophic and make all your assets in the wallet be withdrawn to the scammer's address.



Like the incident a few days ago when the Zksync Airdrop was launched, many phishing claim websites appeared on Twitter.
In fact, not only on Twitter, a surprising incident occurred in the Bitget wallet which was once a favorite wallet, but when the Zksync airdrop was launched on the Bitget wallet browser, there was a fake zksync claim automatic link at the very top, and this caused many wallets to be drained.

In the end, I decided to throw away the Bitget wallet and those affected by the drain should also report to the Bitget wallet and of course get the lost funds replaced.

This was your first and avoidable mistake made, none of these should be a way that should contain the custody of our wallet security information's, they all involved the access of a third party on them because they are centralized routes which allows for the use of a third party access like the issuing organization involved.


Its another serious mistake that you have made here as well, you shouldn't make use of your main wallet for bounties, don't connect the wallet to all these airdrop platforms, create a separate wallet for them and also make use of a different devise for them.


Download links
malicious contents
third party access
your personal vulnerability

You should avoid connecting a funded wallet to airdrop sites. Create a separate wallet for your airdrops and then when you connect to such sites, you know that if anything goes wrong you only get to loose the wallet and not the funds in it. If they already invested your connected wallet then I guess they might still be able to access it even when it has been disconnected. There are several ways your wallet might be compromised. But then you have to make sure to save your seeds offline which is the major thing first. Leaving your seed saved on Google or online, you may get attacked by key loggers or Trojans and they end up accessing your mobile devices.

There have been a lot of scam report about Bitcoin and cryptocurrency at large but that doesn't make it a scam. Peoples ignorance is what leads to the loss of funds or they end up investing with a scammer out of greed.

If you are using hot wallets there is always a chance this can be exploited again even if you disconnect those wallets from all connected websites.
I would suggest using them in combination with good open source hardware wallets like Keystone, Trezor, Onekey, etc. because you always need to confirm every transaction with them.
Another advantage of hardware wallets is that it's much harder for seed words to be stolen, if you always keep them offline on paper or metal plates.

1. First thing to note is storing your coins on a hot wallet is already a security risk, then connecting the wallet to any DApps or site is a big security breach. It doesn’t matter what time frame it was left connected. Some DApps can immediately fetch the datas they need once it is connected. So even after you disconnect the wallet they might have had access to you private key and moved funds from it later. To be sure it is the same site that wiped out your funds try to check the other wallet. If not it might be that your device is already compromised.

2. There are numerous ways to compromise your wallet, phishing attacks, dust attacks where you mistakenly copy the scammers address later when sending funds and also the most popular copy and paste malware; where address changes to the scammers address.



People pay less attention to security tips just for there own convenience and later blame the system for the problems they caused themselves. My advice is prioritize the use of cold wallets and back up your seed phrase properly and most of this problems will be long solved

Are you sure your device isn't compromised  itself  you might have installed a mallware unknowingly(probably through  the internet or your e-mail account since it was breached  before) .. which might be staying hidden  on you device..
I don't think malware will survive factory reset... so have you tried doing a factory  reset on your device??

You said you connected your wallet,  for you to connect it then you have accessed  the wallet, were your coins and tokens still intact then??

I experienced something today on my EVM wallet and I'm still in shock how the hell it happened. Before now, I have some wallets that were compromised due to my carelessness with their security. I saved some passphrase in my email and saved some on Google drive as image because I took screenshot of the phrases. I learned lesson the hard way when my funds were wiped out from the wallet.

After that incident, I created a new wallet with utmost care and attention without copying or saving the seed phrases online. I carefully wrote down the seed phrase and mnemonic words and keep it safe which I believe no one aside me have access to it. Today, I was reading something about wallet here and I decided to check my wallet but I discovered that all my funds have been wiped out again for the second time despite being security conscious.

I have a rethink to figure out what might be the cause and then I realized that I mistakenly connect the wallet to claim an airdrop last week but I immediately disconnect the wallet without approving any transaction when I noticed that I connected the wrong wallet.

Could this be the cause? Mind you, my assets were intact after the incident until this happened three days ago thou I noticed it today.

My questions:
Is it possible for airdrop sites to access your funds even after disconnecting your wallet?
Is there any other way wallet can be compromised aside this mistakes?

It's becoming scary day by day to leave huge amount of assets on wallet this days. Perhaps this is one of the reason some people still think everything about bitcoin and crypto entirely is a scam as funds lost can not be recovered. I will appreciate detail explanation on this and the solution to avoid future occurrence.