Topic: My Kaspa Web Wallet was hacked (Read 602 times)

This tutorial will show you how to create your first Ledger Kaspa (KAS) account with your Ledger device and the KasVault web app.

Before you start
Update Ledger Live through the notification banner or download the latest version.
Update the firmware on your Ledger Nano S / Nano S Plus / Nano X.
https://support.ledger.com/hc/en-us/articles/12665738333853-Kaspa-KAS?docs=true

Ledger has a lot of bad news, but storing mined coins on this wallet is most likely safe.

this my waleet qzwk8fr58uc8eqr9tg4rcn72uqp69s04wss0mqlplssdnykq6la7gzxarsj5z

somon haked 2178 kaspa
2023-04-30 13:07:37
TRANSACTION ID
caeca1ec90c79c6629d3566c54643dd78e7c1a083ba5eec6f56c3e0e1d2a0507
AMOUNT
-2,178.158 KAS
VALUE
-57.07 $

OUTPUTS
Index
#0
Script Public Key Type
pubkey
Amount
+2,241 KAS
Script Public Key Address
kaspa:qp8zdhlg53y4q8zefww4hqd9xc69vs84vj24mpnnva2w0jatatvssfyht82qp
2023-06-04 13:23:36
TRANSACTION ID
d88be7f18927de6632f1ece8d0f9b08eeba351b234eabd4029df937f1f33be4f
AMOUNT
+5,514,433.8 KAS
VALUE
144,478.17 $

fuck kaspa

For new coins, this method is not the best. Recent events with the IronFish wallet force us to look for other solutions. Now miners need to install a full node because the wallet is not available. If you sell new coins all the time, then you don't need strong security.

Or you store your cold wallet in a VM and use another VM for web wallet if you actually need one.

I would never leave a Web Wallet open in a browser, same as normal browsing cannot understand those who keep tons of tabs open in whatever browser they have.

Hey bud - very sorry to hear this happened to you. Lots of us know, all too well, there are lots of people that are spending a tremendous amount of time and effort to steal crypto that isn't rightfully theirs. What I recommend doing is the following:

Assuming you're using windows, close ALL browsers and anything in your system tray that is communicating with the outside world - open up the command prompt as an administrator and type "netstat -ano". This will bring up a list of all of your computer's current connections to outside machines. You want to look, specifically at the "ESTABLISHED" connections that show a FOREIGN address that is not local (ie.. doesn't start with a local IP like 127.x.x.x or 192.x.x.x etc.). Next - open up your task manager with ctrl/shift/esc and click on "Details". You will see a Process ID listed that will correspond with the PID's listed in the netstat -ano page.

This is where you can see if anyone is spying on the computer in question.

Anti-Virus software, of course, is important. But - don't always assume it catches everything.

Always, always, always super important to be vigilant in your personal cyber security!

Tangem added KAS to his wallet

https://tangem.com/en/

As you know, the latest beta version of the app include new blockchains — Ton, Kaspa (available for iOS+Android), Kava EVM (available only for iOS for now).
Get exclusive access to new features and help us improve our products. Don't miss out on this exciting opportunity!
https://t.me/tangem_news/95

You got keylogged?

Another layer of security is a software keyboard like neo safekeys, unless you got videologged.

Make layers of security, make a mess so that even with remote access finding stuff is a head ache.

A software keyboard once saved a shitcoin i owned hehe

This is not my first time getting hacked and I have learned my lessons. The problem is that no matter the fact we managed to get 1 million KAS for Ledger Nano development its been 4+ months and the app is not ready yet. Also I didn't expect paid Bitdefender antivirus on my PC and GitHub to allow malware apps on their site

Yes ,but not only mine. Check Kaspa Discord wallet-help section. Mine are 87k Kaspa tokens for around 1200 usd at the time.

when the pump comes this would hurt very very much. welcome to crypto and sorry for your loss, hard lessons comes and hope you learn from it.

this crypto place is filled with vile snakes 

If you say so. You should still be more careful where and how you store your crypto.

How did they install remote desktop?

First it's not 75k usd in crypto. And second yes my seed was on my Desktop and the hacker got it via remote desktop I found was installed a day ago before the hack

If that's true where ever the keys were stored was hacked. You still haven't said if you actually had control of your keys or if your "wallet"
(probably more like an account) managed the keys "on your behalf". It doesn't matter whether you say, but it makes a big difference as to
who and what got hacked, or just plain scammed.

But seriously, with $75k worth of crypto you need to be more careful.

Can't check their discord help-wallet thread. I have no discord installed on my Linux

If you don't mind, sharing screenshots here wouldn't harm. But just like I said I saw similar complaints on Reddit. My question is What are the developers saying about the whole situation? have they confirmed that there is a hack or there's a bug?

Stay away from Closed source web wallets!

100% sure I didn't click on a phishing site. Also check the Discord help-wallet thread. There are more people like me now

It is better to download all available wallets using links from the official website, and a link to the official website can be found on the coinmarketcap service. I mine those coins that have a hardware wallet, and if you have a lot of coins, then you need to use a cold wallet that you create on a separate computer.

This question gets into investment strategy, which I won't comment on.

Hi folks,

I appreciated your feedback and agree with the warnings regarding web wallets.  What I don't understand is why the officially supported web wallet (https://wallet.kaspanet.io/) does not show the transaction where my all of coins are transferred? I see it on the block explorer, but not in the web wallet.  Can someone who knows more shed light on this?

Web wallet is red flag, every proof of work coins I own has a PC wallet software if they don't have mobile versions, you will need to download the blockchain data yourself to see your balance, why are you still using web wallet? If the coin don't have wallet software it is better to avoid such projects and look for a better one.

The moment I saw Web I immediately said to myself why do people still keep using web wallets and not desktop software wallets which are a bit safer than web wallets.When you are using web wallets you leave your coins at the mercy of the third party who operates that web wallet no matter how trustworthy they are.I am sorry for your loss and that you have learned the hard way that using web wallets is never safe as you are not in control of anything as I said,you do not own your private keys and the third party of the web wallet have those for you.

You have fallen victim of phishing which is another problem with web wallets as you must be very careful when typing the url as many hackers use the technique called "typo squatting" by creating url similar to the original one of the web wallet in this case and they harvest any credentials of any victim that falls into this phishing scam.This is also avoided when you use desktop wallets as you don't need to go to any website,you just open your app and you only need to be extra careful the first time downloading the wallet,it must be from the original site,everything else is in your control then.

It was not initially disclosed where they obtained the "web wallet". Most web wallets are provided by a third party and support many coins.
In this case it was an officially supported wallet from the coin devs.

A web wallet in nothing like a full node wallet you can mine. It's a managed wallet, meaning someone esle takes care of your crypto
on your behalf, often including the keys. They are no more secure than using an exchange to store your crypto.

This case now looks more like phishing or the keys, wherever they are stored, were stolen.
So my second sarcastic reply may seem more relevant. In a less sarcatsic way, don't blindly click on links that are offered to you.

It's sad but it's the world we live in. In Darwinian terms, adapt or die.

I have my keys offline. Encrypted linuxos is nice to have, but the safest place is offline.

This is very hard to believe, I have my kaspa wallet keys saved in an encrypted Linux OS and til date nothing happened to the wallet, I am more than sure that you did something wrong on your end, I feel skeptic about web wallets too and that's why I don't invest in some coins that have no standalone wallet but I just can't take eye off kaspa, somehow you have been phished, be more careful next time.

And you think you get your money back? Or what is your intention? I mean we speak about $1200 from you, the law enforcement agencies have more important things to do.
I have some coins in kaspa wallet and i also use for this coins the web wallet - all fine for me. Every transaction is in the transaction history - but it is not in a row.

Why you have the wallet always open? Is not so save. And why should the kaspa team help you to investigate where you money goes? You think you are the only person on the planet? I mean you made the mistake. And no one from us know how you work on your computer.
You should check your pc for running phishing software. Maybe you tried a phishing miner. Who knows


Hmm but he has the key for the wallet - so your sentence makes no sense in this case   Web wallet is a normal wallet, like every wallet you have on you pc.

... just begging to be phished. Googles's fault?

This has been going on for years and Google has not done a thing about it. Its not only for crypto. Its the same with banks and sites like Amazon.

Way too many people google the site and click the first link and sometimes that link is a "paid advertisment" and its usually a phishing site. Google won't do anything about it because thats how they earn their money.

Next time, type in the link in your browser AND bookmark it.

You clicked a phishing link or you have dodgy software on the computer that you setup the wallet with (keylogger etc)

It's a bitter pill to swallow but this happens a lot, across all cryptos.

Web wallets are always a risk. Not your keys, not your wallet.

The real lesson here is don't use web wallets, especially if you don't control the keys.

I have the same issue.  Hackers were able to drain my web wallet https://wallet.kaspanet.io/.  Web wallet shows no transfers, but explorer shows the hack.

https://explorer.kaspa.org/addresses/kaspa:qpjzr74gdseh60mzcjqkw7fy8la2f39vm9lgx2rwnkyu8aqjtw5yqqjtqkrx2?page=1

If this was intended to warn users then why no reference to the web wallet being used or how it was obtained?
It's hard to take this seriously.

I do see a lot of phishing web wallets when I just google kaspa web wallet. Are you sure you didn't enter your sends to the wrong site?
Don't you have any other alternative software wallets that support the coin?

I have seen a few individuals complain about their coins disappearing too on Reddit. May there's a problem with the blockchain or even the web wallet you guys think is official

I would like to inform Kaspa users that on 18.03.2023 at 00:24 and few minutes later somehow 2 unauthorized transaction stole around 87000 Kaspa tokens from my Web Wallet. The transactions appeared on the Kaspa Blockchain Explorer but did not on the Web Wallet transaction history or KDX GUI wallet. I have contacted Kaspa Telegram group and Discord but the only answer I got is that somehow I clicked on a fishing website which I 100% didn't because my Web wallet is constantly opened in my browser. First they thought that my coins just "disappeared" from the interface and still there and proposed steps to recover them. I tried all the suggested steps by moderators to recover the coins via Compound ,Delete Data Folder ,entered my seed in KDX wallet etc. In the end they agreed that I was hacked somehow but didn't even try to investigate where are my funds go no matter the fact I asked few times for help. I have showed them screenshots and pictures of my wallet that these transactions are not registered in the history and didn't get any reasonable explanation. I'm begin to think that this was an inside job because one more person contacted me that he has the same problem at the same time. Blockchain analysis shows that around that time at 18.03.2023 around 75k USD of Kaspa tokens were stollen and send via multiple transaction ,divided by 2 after each transaction. So at the end I contacted Uppsala security to investigate the issue and waiting second response from them with offer after which I will contact the law enforcement agencies. If someone experienced the same lost of their Tokens from the Web Wallet write here ,contact as many as possible groups in the crypto space ,blockchain investigation firms or DM me