Topic: More than 5 WBTC (BTC) was stolen from my Metamask wallet!!! (Read 334 times)

You wont really be able to get hacked even if you do connect your wallet on a specific platform or something like that yet you are still the ones who would really be need to accept or approve everytime you do make

out transactions on your metamask thats why i dont really believe on such scenario.Most of MM wallet hacks are neither on exposed privatekeys or someone accessed their device while their pc is on
or no one is watching and the rest are just pure hoax or cant really be possible.

If none of those things happened then there's no way but only you could make out transactions which is likely the case.

Try to check if there's connected platform on your metamask and maybe you can see the reason on why you have been hacked since sometimes exploiters use this to drain the wallets of their victims. Also next time best to get a good hardware wallets because this one give us more guarantee than those type of wallets.

Yes, he did realize it but it was too late. The hack already happened. Now he learned his lesson because he is now using a hardware wallet to store his remaining coins. A hardware wallet has a better security than common wallets however I think there's still a risk once we connect it online or by doing a transaction so it's still important to check properly before we initiate a transaction.

Yes, metamask always shows a notification if we will confirm the transaction or not but maybe he wasn't online that time and his account is already controlled by someone else so it's always possible for them to allow the transaction and send the coins to their own wallet. I check the hacker's wallet via etherscan and the OP's coins are still there. Maybe there are still ways to recover it? We can try reporting it to the authorities. Let see if they can do something.

You should have opted for a hardware wallet to store probably 90% of your coins and leave 10% on mm for quick access. Very horrible thing to happen to anyone, i can understand your pain. i don't understand why you did not get notification of confirmation when the transaction was being made, isn't mm usually send notification of confirmation when you initiate a transaction! at least that would have notify you of something shady going on in your wallet. I hope you will recover your loss in some other ways.

Storing on exchange site wallet is more worth than on a non custodial wallet like metamask? Dont know on where you do get that idea and consideration but its never been recommendable on storing
your funds into any centralized platform on which you dont have the full control of it or simply doesnt really have the private keys or seeds on your wallet which is totally opposite on what we do have
in metamask.It turns out that op did make out some mistake on installing something which it resulted on getting hacked which isnt something new.If you do know about these potential risk
then you would really be that hesitant on downloading something on your pc thats why its really suggested on following those common security measures to at least avoid these kind of circumstances.

First of all we have to stay away from the illusion that IOS is completely safe and private as shown in their ads, you can find lot of malware apps took down from their app market from time to time so in the meantime all those devices were vulnerable to such hacks, also the phishing attacks can be the most reason for such kind of loss because the hackers are getting smarter everyday so be careful while clicking any links.

IMO, the seeds leaked in someway. Did you entered the seeds into wallet and asked again to enter like more times than usual because this is what commonly followed by the hackers to mask a clone version of a site over real one via links.

Same feeling here , this is why I really hate putting my funds in single wallet because of this kind of situation when Hacking is indeed the worst thing we can ever had in our investments.
maybe this will be a lesson to all of us that there is no really safe wallet if you are only saving in single wallet.
hacker is now a thousand dollars richer while OP is a loser.
I don't also believe in single wallet storing specially with this High value funds.

There is no way to keep such a huge amount in a hot wallet. Because we know that the security of these wallets is very weak. You must have used a hardware wallet and you also use a hardware wallet. So why did you store such a large amount in the metamask wallet? You might be spared such a great loss if you are a little more careful than to regret the mistake.

Hello all,
Thanks for all of your replies. I learned the lesson the hard way. Luckily that's not all the BTC I have. I still have some BTC stored in my Tresor wallet. I will never store crypto in Metamask ever again. I have reformatted both my desktop and laptop and reinstalled fresh Windows. The only thing I am not sure is that if my iPhone has been compromised? I deleted Metamask app on my iPhone and will never ever use it again on my iPhone. But it is enough? If my iPhone is compromised, there may be other things I need to worry about too. Does any of you have suggestion what I should do about my iPhone? I have iPhone 11 Pro with iOS 14.

Sorry about the loss of your assets but that's a lot of WBTC to be left lurking around in a software wallet in 3 different devices. In this case, you exposed your WBTC to far more risk that if it was in one device.

You say you already have a trezor wallet, why didn't you make full use of it and store your assets in there as soon as you bought the WBTC.

There's no better choice between Metamask and exchanges if we talking about the security, because both of them have high vulnerable to loss because of not-user fault. Malware, thief, hacker, virus etc will make your funds loss if you keep hold on web wallet and exchanges. Cold wallet or hardware wallet is the only choice if you want to hold for long term with huge amount. Verification isn't really help since they can backdoor it.

why have to store all btc in one wallet?
I suspect that the metamusk you downloaded in the apple store is not the original one. which makes you lose 5wbtc.
I've also experienced the same thing but in the form of a busd last year, at that time I bought an IDO on nano swap which made their smart contract able to withdraw the balance in the wallet when they interacted with it.

Hello OP! I'm so sorry that you've to learn the hard way. Hard wallet has always been the best way of storing cryptocurrencies. I believe there are persons making the same mistake. They can as well learn from this.

You didn't aware if have been installing a software that already contained virus from the hacker. This is the most possible answer for your case. There was no notification on sending from the metamask as this doesn't require 2fa. That's why 2fa implementation in metamask is the most important thing. Storing in exchange site was a bit better rather than metamask. Why do you put all of your money in metamask?
You shall learn a lot from this case. If you are holding bunch of money and better to store it into the exchange sites which so many security verification or cold wallet.

sorry for your loss,
one point I didn't see other people commenting is that metamask store transactions locally only, so transactions done on phone wouldn't show up on computer and vice versa
only on etherscan which is the block explorer itself

I haven't tested it but almost sure this is how it works.
when you hit "reset transactions" all the transaction history disappears too

high chances that this case was a malware on phone or computer, many users report that metamask mobile is not really safe.

For huge balance like this its better to use hardware wallets because this is more safer than any web wallets or apps around. And this is expensive mistake which many people learned off so for the incident happened to OP most provably many people are much careful upon using metamask and also we need to avoid downloading unknown things since this is also one of the method used by hackers to stole the balances on the wallet of their victims.

What I've said about metamask is that it's not really a cool place to store your funds for long. I did mentioned that the cause might be the software that he has downloaded.

It could have been a spyware or malware that was able to penetrated the system and we don't know how they do that but that's where they are expert for, in stealing other people's money.

This is a lesson that everyone have learnt now.
Always we should use hardware wallet to store such a large amount of Cryptos.
Really feeling sad for the OP, but nothing can be done. I can understand that the amount was big and might be hard earned, but still we are hopeless.
The hacker might be also very smart, so after taking money from the OP’s wallet, he might used a mixer service to mix the coins and hence his address cannot be traced.
Wishing that this should not happen with anyone in the near future.

Anti-virus software will not protect you from scams because they are not sophisticated enough to detect them in the first place. They can only check if you are running known malicious programs and kill bsaically every program (including system processes) that is compromised by malware.

Besides, you most likely weren't infected from your PCs anyway. You must have downloaded a bugged iOS version of Metamask - Apple doesn't provide any means of knowing that you are downloading the legit app. (even google play just puts a stupid Play Protection symbol next to apps on its store but that doesn't tell you anything about whether its a real or fake copy of an app.)

That is a very high amount of BTC you had there lying on the hot wallet and I hate to say but you were just fighting with the odds of them being stolen one day or the other.
People need to understand that much of Bitcoin needs a hardware wallet which costs below $100 and then store it in an environment which is not exposed to internet, that's the part.
I am sorry for your loss once again but nothing else can be done as of now.

I am very sorry for your loss. But you were completely careless about your money.

A seed is considered exposed when you type in a computer with internet acess

How come you mirrored a wallet in two computers using the same seed and send hundreds of thousand dollars to it?

For everyone using cryptocurrencies: study, understand what you are doing before putting your life savings into a wallet.

Don't get met wrong. Metamask is an amazing software. But you used it the wrong way.
You can use metamask with a hardware wallet and it will become a cold wallet.

But you cannot store your life-savings into a wallet where you type your seed in different computers.

---

Personally,  I consider all my devices compromised and I use only hardware wallets.

I have a few bucks in my mobile phone .about 100 usd. That's it.

Sorry for your loss bud. It sucks to get weaseled out of your hard earned funds and more so when you don't know who did it or how it was done with certainty.

It's not a wise choice to have one address spread over different devices. A hardware wallet is definitely the best option, but if you must use a wallet on a device for regular transactions, it's best to install it on the device you use least to access the internet; This was you limit the level of exposure to hack attempts and can also be certain where a breach occured through in the off chance that it happens.

I'm sorry for your loss OP. If anything the best that I can tell you is that you should assume that your devices are compromised and the following should be done:

• Fully analysis on your PC to check for malware/virus. - You mentioned that you've installed some program (not related with crypto) on June 14. May I ask which was it and where did you got it from? There's a slight possibility that it was the vector attack that allowed to have access to private information of yours.
• Verify if you got the real application installed in your iPhone - See who was the developer behind the app and make sure that you've installed the official one. While the Apple store has more quality control in their store than Google's Play Store, it wouldn't be the first time that a fake application related with crypto was available to download on it[1].
• Transfer all your funds to HW wallets - Since the seed words within a HW never "exit" the device, it's the most safest way to have them stored (assuming you don't share the seed words nor loose the device).
• Consider changing the password to every account (or the most essential accounts) that you use - This goes from either bank accounts to e-mail accounts. Again, we don't know how long your information may have been exposed to someone else.
• Activate 2FA on every service that you can - For instance, if you got e-mail confirmation + 2FA activated on Metamask (I don't know if it's possible (?)), the attacker would still have to access to both your e-mail and your 2FA device in order to successfully execute the transfer. In Binance, for instance, I know that some users have to insert a code that is sent to their e-mail plus their 2FA code in order to send money between addresses (friends experience regarding BTC usage).

These were just some ideas that came to my mind while reading your story but I highly advice you that you consider at least some of them so that you can prevent further similar events to happen. It seems that you already use a HW device (which is good by itself), I just hope that this event makes you consider extending the usage of the HW device to all of your (crypto) holdings...

---

[1]https://www.washingtonpost.com/technology/2021/03/30/trezor-scam-bitcoin-1-million/
[2]https://github.com/beemdevelopment/Aegis
[3]https://github.com/andOTP/andOTP

I think, it is not the metamask itself that failed the security here.
The OP mentioned about installing a software application and at the same time expiring his norton security subscription.
So that case, he was very vulnerable to outside attacks. And how did hackers know about his large crypto funds?
It may be someone that knew him from social media channels, and that they knew he is into crypto with good amount of coins.
Because we don't know the whole story, the hackers may know the OP for all we know.
So aside from securing your funds in your own hardware wallet, make sure you don't disclose your crypto activities in social media.

wow.. phishing on real time bro..

one question, windows correctly ?

Beacause in linux u cannot exec command directly on OS. Maybe living on this crypto world as good option try linux or hackintosh,
`impossible` to hack as your example.

i never leave bigger ammounts in hot wallet, trust, fearless etc. All bigger amount is in nanoX with 24 keywords offline from internet and from world.  5/6 years using, no problems so far

Sorry for you loss bro, i tried track something, but used decentralized exchanges ,impossible to track.

As a Advice,

 use hardware wallet always with bigger amounts, backp phrase paper, with your familiar wife, or son.

Sorry for what happened to you lately man. I know how you feel because my Metamask and Trust Wallet accounts were hacked last April 20th of this year. Even though $12,000 might not be big to you, but it is to me because I am living in a 3rd world country. The hacker have successfully penetrated my mind by acting like he is the CEO of a P2E company (stupid of me for not doing my own diligence) pretending to be interested to have a collaboration with me on Youtube.

He asked me to download the ZIP file with a password. When I opened it, I saw a bunch of document files along with the fake PDF that I have clicked which turned out to be a malware. That time, I also didn't renew my Avast antivirus. No matter how much I tried avoiding myself to get hacked, but the hacker is finding new ways and they are not stopping until they finally get what they want.

Now I am doing my own diligence must not be in a rush for some things for the sake of opportunities.

That's a lot and sorry for your loss.

It's not really a good storage to keep your money on a metamask. A small amount would do but having that sums of money, it should have been into a hardware wallet. You should have swapped it into actual btc and not wrapped so that you'll be forced to keep it onto a hardware wallet.

The cause might be that software you've downloaded prior to the hack and whether you use mac os or windows, there has been a lot of hijackers in different app marketplaces.

Im very sorry for you loss   the worst part is that now the hackers have 100k USD more to fund their hacking operation and they will for shure advance more with their stealing. So everyone be careful and never store more than you need in that exact moment on a hot wallet!

Very sorry to hear this bad news.
I hope you can get the money back as soon as possible through the success of your investments.

Two things can be learned from your story:
First, hot wallets cannot in any way be suitable for long-term storage or be used to store large amounts of money. Using a hardware wallet is the best solution, and there are no other solutions that compare to it.
Secondly, altcoins never represent a real alternative to Bitcoin, and nothing guarantees that it will not collapse overnight. I find it very risky that a huge amount exceeding $100,000 at the current price of Bitcoin will be put into token on the Ethereum network.

5 WBTC is a huge sum to be lost.  But however I am pretty sure those new softwares downloaded without a proper internet security most have led in virus into your desktop which gave room for your metamask  wallet to be wipe out. And secondly, who else knows you have such money in your metamask wallet? Because these days you can't trust anyone again, but am still convince the lickage most have come as a result of the newly downloaded softwares because Metamask is an encrypted wallet that can only be unlocked with the use of a password or seed phrase

advice to all.

never have more then a few weeks salary(reasonable amount to lose without causing life changing loss) on a hot wallet (easy access wallet that is used daily and spends too easily)

I have been storing some crypto in Metamask wallet since early 2021. Last week, I opened my wallet and saw it empty. First I thought it was an error, but after reviewing the transactions, I realized my wallet has been drained out. About 5.6 WBTC (equivalent to 5.6 BTC) was sent out to some unknown address without my knowledge on June 15, 2022. 

Here's the history of my Metamask wallet: I installed the wallet on a desktop in early 2021 and transferred some fund into it. Shortly after, I installed Metamask wallet on my laptop using the same seed. So, I have the same wallet on two PC mirroring each other. A few months ago (around April) I installed the wallet on my iPhone with the same seed, so basically all three devices had the same wallet. Up to that point I had about 126K USD Coin in the wallet. On June 14 I swapped all the USDC for WBTC, with amounted to about 5.6 WBTC. All transactions were done through iPhone. A few days later I opened the wallet on my iPhone and was shocked to see that the wallet was empty. Some transactions were made on June 15, sending all the WBTC and ETH out without my knowledge.

Needless to say, it was a trauma for me. I was scrambling to find out how it happened. Did I download a rogue version of Metamask, or one of my devices was compromised? For the PC, I downloaded it from metamask.io. For the iPhone, I used Apple store. Here's a few things that may give clues to how the attack came through:

1) The fund has been in my wallet for months so if the attackers wanted to take it they could have done so earlier. It must be something I have done lately. One June 13 I downloaded some software and installed it on my desktop. The software was not related to crypto. At the same time, my Norton Security subscription just expired and I didn't renew it right away. So there's lapse of security on my desktop around the time of the attack. The desktop is used on daily basis and it is on most of the time during my work hours. 

2) All the latest transactions was done through iPhone, so I wonder if the attack could be on my iPhone? One thing I notice is that while all the latest activities are shown on my iPhone Metamask wallet, they are not shown on my desktop nor laptop wallet. All the transactions I made on June 14 (to swap USDC to WBTC), and the unauthorized transaction of sending WBTC out, are shown on iPhone, but not on desktop or laptop. Looks like someone has erased the transactions to hide them from me. Though I can view them on Etherscan.

3) I did not turn on the laptop in the week leading up to June 15, the date of the unauthorized transaction. I actually barely used my laptop to access Metamask.

Here's my wallet activities on Etherscan:
https://etherscan.io/address/0xbf0a095f3479847c8bf677e33046a5e7b5dcce94

I learned that I can store my BTC in hardware Tresor wallet and trade through Metamask, instead of storing the coin in Metamask itself. I wish I knew that sooner. I take my consolation in the fact that this is not all the BTC I have. I still have some BTC stored in Tresor wallet. If anyone is storing your coin in Metamask, I urge you to use Tresor instead. Use Metamask to trade only, not to store the key.