Pages:
Author

Topic: My Trustwallet hacked, and $43,000 BTC was stolen (Read 619 times)

legendary
Activity: 4410
Merit: 4766
the OP should look at when the funds moved from their address to the hackers address. and look at the phone activity and what got downloaded or which emails/websites they viewed around the time of the hack to narrow down how it happened

looking at my junk mail of my disposable email i use to sign up to crap sites, i see lots of scammers mailing scams about trust wallet, trying to tempt people to pass info to scammers..

even if someone had a official wallet, stored in a safe encrypted area of phone storage can still get scammed/hacked by being redirected to a site or conversation where they are asked to reveal info like a passphrase or download an update(trojan).

other things can happen like letting someone else use your phone, and while pretending to make a call/text on your phone they are actually logging into your wallet and moving funds

blockchains are secure against funds moving from an address on the blockchain, by not allowing funds to move without a signed transaction using the keys. but that does not stop things happening where the source of the key becomes open to attack. no matter how secure a wallet is. you need to be careful about who accesses the device/person that holds the key/phrase/wallet
hero member
Activity: 1316
Merit: 787
Rollbit - The #1 Solana Casino
-snip-

He has not provided the BTC address that contain that much amount. I do not know what is the reason to hide it as we are not asking any private keys but the public bitcoin address  Cool

I really doubt OP story and will only believe to some extent if he share the bitcoin address that had this amount stored on it. If this is a false story, i also do not get what could be the purpose of it  Huh
This means that you and I can draw our own conclusions about the truth of the OP's story, which doesn't need to be opened again because other people can also judge it.
Trust Wallet is not a good wallet to use amidst the many open source wallets that can be used because Trust Wallet is a closed source wallet that users often complain about incident after incident.
From the OP's story and the opinions of everyone present here it should be an important lesson for you and me that there is no benefit in making up stories if there is no truth to them.
legendary
Activity: 2422
Merit: 1083
Leading Crypto Sports Betting & Casino Platform
Hello,

About three months ago, at the same time as the bad news about the security issue of Trust Wallet on iPhone, I got hacked on my Android phone, and all the money I had was stolen! I am not newbie, and I have been using Trust Wallet for more than four years, even with more significant amounts without any problem, a topic that confused me:

I installed the trust wallet app in the Samsung Secure folder with only V2ray VPN and no other app (the Samsung Secure folder is a sandbox environment with an additional security layer guaranteed by Samsung Knox); also, Kaspersky and Avast were enabled on my device! I don't understand how I got hacked!! I am sure that no one had my key phrases! I didn't connect my wallet to anything, any airdrop, any NFT ...

The strange point is that the hacker or thief still hasn't cashed out after three months. Even if he/she does, I can't do anything, but it's strange to me why he/she doesn't.

Sadly, All the wealth I had built up over the years is gone, and I don't know what to do.
What do you exactly mean by the scammer hasn't cashed out even after three months, do you mean to say that the funds are still in your wallet waiting to be withdrawn by the scammer?, or that the funds were withdrawn by the scammer to another wallet, but he or she is yet to spend it by moving it to another wallet?, if the later be the case, then the scammer sure have cashed out your funds since it's no longer on your wallet and in your custody.

But if the former be the case, then that clearly means that you've not been hacked, and you can still take possession of your fund.

Overall, your story seems to me like you are a complete crypto newbie, contrary to your claim of not being a newbie, maybe you might want consider sharing with us the transaction hash generated when the scammer withdrawed the funds out of your wallet, not as if doing this will help recover back your funds, but just to prove that you are not lying to the community here.
Up to you though.
hero member
Activity: 1344
Merit: 583
Hello,

About three months ago, at the same time as the bad news about the security issue of Trust Wallet on iPhone, I got hacked on my Android phone, and all the money I had was stolen! I am not newbie, and I have been using Trust Wallet for more than four years, even with more significant amounts without any problem, a topic that confused me:

I installed the trust wallet app in the Samsung Secure folder with only V2ray VPN and no other app (the Samsung Secure folder is a sandbox environment with an additional security layer guaranteed by Samsung Knox); also, Kaspersky and Avast were enabled on my device! I don't understand how I got hacked!! I am sure that no one had my key phrases! I didn't connect my wallet to anything, any airdrop, any NFT ...

The strange point is that the hacker or thief still hasn't cashed out after three months. Even if he/she does, I can't do anything, but it's strange to me why he/she doesn't.

Sadly, All the wealth I had built up over the years is gone, and I don't know what to do.

OP, I am so sorry that this happened. Its devastating for something like this to happen, but if life has taught me anything is that everything happens for a reason and there is a light at the end of the tunnel. You can re-build. You will re-build. As long as you believe that one day you will have more than you lost and never give up trying to get it all back and then some & do it with perseverance than nothing can stop you. I know this is a tough pill to swallow, but when times are good you thank God, & in turn when times are bad you thank God. Even now, thank God for this. He may have been protecting you from a purchase that could have resulted in a life ending incident or caused severe harm, we never know why these things happen but if you have this attitude of gratefulness in any circumstance then I believe that nothing but good things are in store for your future. God bless!
hero member
Activity: 770
Merit: 538
Leading Crypto Sports Betting & Casino Platform
This sounds like a fictitious story. Well,  I don't know what to believe, but if it is true that your wallet got hacked and all your assets got hijacked, I believe you will definitely share with us your wallet and the address it was sent to. Right at this moment, your wallet has already been hacked, as you claim, and there is nothing you are hiding again. If perhaps you had some coins in that address and you didn't want to share them here, it is quite understandable, but now that the wallet is empty, it will do you no harm to share the address. 

But if what you said is the truth, that means someone has access to your phone, and the person must have been monitoring you very closely. 
jr. member
Activity: 75
Merit: 6
Those mobile app games you let your son play could have malware that security breached your phone. Temu app and TikTok app is known for hackers and other Chinese apps as well.
legendary
Activity: 3234
Merit: 5637
Blackjack.fun-Free Raffle-Join&Win $50🎲
Quote
There is another possibility, and it is about the fact that you actually saw an incoming transaction that was not confirmed, and then someone in that exchange performed a double-spend attack and redirected the coins to another address. I'm not saying that it really happened, but that CEX doesn't have a very good reputation judging by the client reviews.
What do you mean exactly? I transferred $43,000 from Bingx to my Trust wallet on Monday at 6 pm, and it was withdrawn without my permission on Tuesday at 2 pm.

You made a transaction worth $43k in BTC to your Trust wallet - and what I assumed as one of the possible scenarios is that this transaction was never even confirmed on the blockchain, but every incoming transaction is visible in every wallet that is online regardless whether confirmed or not. If you are 100% sure that the transaction is confirmed, then my theory is not correct.

My main question is: How can malware unlock the secure folder and then bypass the trust wallet fingerprint?

How is it possible for hackers to break into the most protected systems in the world and steal terabytes of data when those same systems are far more advanced protected than your mobile phone? Any protection can be bypassed, but the answer to that question will certainly not be found on a forum like this.
legendary
Activity: 2716
Merit: 1855
Rollbit.com | #1 Solana Casino
Whether this is just a fictional story or a true story? but if you can afford to have $43k in BTC,
why not afford to buy a Hardware wallet that only costs $100-$200 and even that would be safer.

Using Trustwalllet is indeed quite safe, but is the device used safe, how careless is possible by the user.

There have been many responses to seniors about safety and advice given, but the OP has been reluctant to share the details publicly.
At the very least, it provides evidence that the $43k hack on trustwallet actually happened.
copper member
Activity: 2940
Merit: 1280
https://linktr.ee/crwthopia
I'm curious as to how and what Samsung should do for this kind of thing happening with them. It's as if they managed to bypass the security with the biometrics and stuff, would they be responsible? 

I don't think this is a common hacking incident if there should be protection with the Samsung app. If it has the phrases there, it's only with the app.

As much as possible, I think the best approach when this is happening is to have a manual or offline way of security measures.
hero member
Activity: 2170
Merit: 503
Reward: 10M Shen (Approx. 5000 BNB) Bounty
It would be better if this story was accompanied by screenshots or hacked addresses. Even though it is almost impossible to return it, I think some people here have a detective spirit and can trace the hacked money.
If this is a genuine story, then I am also concerned about it. This could be a lesson that with that much money, it's best to save it in several places, and not keep it all in one basket. However, we will never know what will happen, it could be that someone else accesses your smartphone without your knowledge, or there are many factors. That $43k is a lot of money, personally I would probably put it in the bank, and use some of it for investments.
staff
Activity: 2436
Merit: 2347
How much, how much was stolen? 43к?  Shocked Can I see your wallet address to confirm what you're saying? In general, you are telling a completely untrue story, IMHO.

To be honest it's unreasonable for you to say this member is lying. He even offered to show forum moderators and you questioned that. There is no reason someone needs to send any other forum member a link to their cryptocurrency wallet address, especially on a public forum like this. There is no doubt that bots index this forums addresses, and any address posted here will be linked in some Bitcoin big database, that the address belongs to a specific BitcoinTalk user.

What kind of privacy are you talking about? His wallet was hacked (if he's not lying). His address no longer belongs to him and it would be the greatest folly on his part to continue using that address. So if he posts his former address here, it will not affect his anonymity and privacy in any way. Of course, if the author of the topic wants to lose more by using that address, then please let them not publish it.
member
Activity: 210
Merit: 31
How much, how much was stolen? 43к?  Shocked Can I see your wallet address to confirm what you're saying? In general, you are telling a completely untrue story, IMHO.

To be honest it's unreasonable for you to say this member is lying. He even offered to show forum moderators and you questioned that. There is no reason someone needs to send any other forum member a link to their cryptocurrency wallet address, especially on a public forum like this. There is no doubt that bots index this forums addresses, and any address posted here will be linked in some Bitcoin big database, that the address belongs to a specific BitcoinTalk user. I completely empathise with OP not wanting to share his address here for his own personal privacy. Also whether or not it's $43k or $40 in BTC stolen, the advice he is seeking is based on the scenario he mentioned.

@ OP, regarding your post, it may be possible that a supply chain attack has occurred where a malicious update has been pushed to the application itself and funds exfiltrated that way. In general this is an expensive lesson on the importance of having a hardware wallet like Ledger or Trezor, where funds can't be sent without a physical token.
legendary
Activity: 2534
Merit: 1338
Once an investment such as BTC is hitting a point of $500, you need to be very more careful about the storage... choose a cold storage means for storing your coins. I don't really know why OP choose Trust wallet actually,  it is a self claimed open sourced but they still shield some stuffs to the public which still makes them  close sourced to public no matter how they seem to  claim open sourced.
For such amount, you should have an HD wallet /watch only wallet, get a device that will always stay cold to sign your transaction every time you need to , still don't know why you didn't learn those because  it really  sucks  Tongue to get hacked using Trust walet

I agree, I can understand that someone that has a low amount of money invested on this market could be apprehensive about buying a hardware wallet, as there are good open source alternatives that are free, but once the money invested hits a sizable amount, getting a hardware wallet should become a priority, especially if the person is not really knowledgeable about computers and how to secure them, otherwise losing their coins is just a matter of time.
sr. member
Activity: 1204
Merit: 290
Who keeps $43,000 worth of assets in a custodial wallet that doesn't even give you access to your private keys? Just having your Trust Wallet seed phrases doesn't guarantee that your funds are safe and that you are the only one having access to them. As they say, not your keys, not your bitcoins, which means that if you don't have the private key to your Bitcoin wallet then those coins and assets aren't completely yours even if you have bought them but you aren't keeping them only to yourself.

Your statements that you are not a newbie and that you have been using Trust Wallet for 4 years for storing amounts larger than this contradict each other because someone who isn't a newbie should know and understand that they are not supposed to use custodial wallets for large amounts. If you think they are convenient for use and easy to connect with websites and services, you can keep a small amount in them and keep the rest somewhere safe, in a non-custodial wallet, preferably a hardware one.

If your story is true, I don't know if you have any hope for getting your funds back because I don't have much knowledge about Trust Wallet, but I would suggest that you start studying about wallets and their security, compare custodial and non-custodial wallets, and choose one that you think is the best for the future.
legendary
Activity: 1904
Merit: 1563
OP doesn't have any kind of evidence provided but still keeps on replying and trying to explain to everyone that it's real and all that he's said before is true and honestly it's a good call for @Xal0lex to call OP out and now OP is trying to do something but keeps on fumbling on the attempt.
Ahhhaa ...Are you surprised? That's another clown from the off topic section as usual.. I'm not surprised he's jumping in his bedroom for getting so much attention over a story he just made up.
It's not surprised that I'm feeling right now, I feel more on the pity and shame for this kind of action, I mean there's a lot of things that you can do in the forum and on the Internet in general but you've chosen to be a pathetic and sad troll that only gets off the reaction of other people, that's just sad to me and it feels like people are really into having this kind of arrangement in life, to be a troll and get people's attention the wrong way.
legendary
Activity: 1064
Merit: 1228
Playgram - The Telegram Casino
-snip-
Honestly, you have not provided any evidence for this.
This is why I'm not sure where the truth lies in the story. He just trusts the moderator and is willing to tell him [wallet address and transaction id] - but some moderators have asked questions, while he has not sent any evidence justify his story.

The OP asked about how he was hacked - the answer can be found based on clues to how he used his phone. As for why the hacker didn't move those bitcoin - it's not in our capacity to know what the reason behind it is. Only the hacker knows why he hasn't sold or moved the bitcoin to another wallet - it could be that the hacker hasn't found a safe way to do it or maybe he's waiting for new ATH. If all of these stories are true - then sorry for your loss, OP.
hero member
Activity: 798
Merit: 1045
Goodnight, ohh Leo!!! 🦅
Op, as much as your story doesn't sound like the truth, I'd like to give my own little contribution...
One of the lamest things I've heard ever since my crypto journey began is that someone kept an amount as high as that on a hot software wallet, but claims to have atleast 4 years experience in crypto... Secondly, why are you refusing to put up your Txid for confirmation? That looks fishy to me too.
This is what I have to advice you; let's assume this is true, I'd say you were wrong in the first place. How could you not decide to purchase a hardware wallet? It's too expensive? Oh, is better to have lost everything like you did? C'monnn..You need to be careful with your earnings...
OP doesn't have any kind of evidence provided but still keeps on replying and trying to explain to everyone that it's real and all that he's said before is true and honestly it's a good call for @Xal0lex to call OP out and now OP is trying to do something but keeps on fumbling on the attempt.
Ahhhaa ...Are you surprised? That's another clown from the off topic section as usual.. I'm not surprised he's jumping in his bedroom for getting so much attention over a story he just made up.
legendary
Activity: 1904
Merit: 1563
OP doesn't have any kind of evidence provided but still keeps on replying and trying to explain to everyone that it's real and all that he's said before is true and honestly it's a good call for @Xal0lex to call OP out and now OP is trying to do something but keeps on fumbling on the attempt. It's as simple as posting the address because that has the record of the money that was stolen but it seems that OP can't do it and I don't see how that can be a problem or anything like that, it's not like anything changes for the better if you withhold such information.
sr. member
Activity: 364
Merit: 195
Buy on Amazon with Crypto
Hello,
About three months ago, at the same time as the bad news about the security issue of Trust Wallet on iPhone, I got hacked on my Android phone, and all the money I had was stolen! I am not newbie, and I have been using Trust Wallet for more than four years, even with more significant amounts without any problem, a topic that confused me:

I installed the trust wallet app in the Samsung Secure folder with only V2ray VPN and no other app (the Samsung Secure folder is a sandbox environment with an additional security layer guaranteed by Samsung Knox); also, Kaspersky and Avast were enabled on my device! I don't understand how I got hacked!! I am sure that no one had my key phrases! I didn't connect my wallet to anything, any airdrop, any NFT ...

The strange point is that the hacker or thief still hasn't cashed out after three months. Even if he/she does, I can't do anything, but it's strange to me why he/she doesn't.

Sadly, All the wealth I had built up over the years is gone, and I don't know what to do.
Why didn't you take out security when you had $43k? Here you should have used hardware wallet because 43k dollars is a lot. You used a wallet like trust wallet which is not very secure. There will be no regrets as lost money will never come back. You can try again and again to see how much you can earn later in life. However, it is always important to exercise caution. Also you can add your hacked wallet address here for everyone to see.
legendary
Activity: 1526
Merit: 1359
Someone using Trustwallet to store bitcoins does not mean that they are a newbie, even though I said goodbye to the cryptocurrency market and actually don't have any other money!

Right. This does not mean that they are a newbie but it means that they did not take the security of their coins seriously. Trust wallet, or any other type of hot wallet on your mobile phone, has never been a recommended method of keeping any significant amount of money. If youve really been at this for four years, you should know that.

However, this incident was not caused by my mistake and is clearly due to Samsung's lack of security on the Samsung security folder.

Honestly, you have not provided any evidence for this.
Pages:
Jump to: