Pages:
Author

Topic: My Trustwallet hacked, and $43,000 BTC was stolen - page 3. (Read 619 times)

newbie
Activity: 5
Merit: 0
I apologize if there is any misunderstanding. Of course, I meant $43,000 and not 43,000 bitcoins. I didn't think this clear issue would cause a wrong impression. It's funny someone who keeps 43,000 BTC coins in a Trust wallet and then comes here to discuss!

Quote
There is another possibility, and it is about the fact that you actually saw an incoming transaction that was not confirmed, and then someone in that exchange performed a double-spend attack and redirected the coins to another address. I'm not saying that it really happened, but that CEX doesn't have a very good reputation judging by the client reviews.
What do you mean exactly? I transferred $43,000 from Bingx to my Trust wallet on Monday at 6 pm, and it was withdrawn without my permission on Tuesday at 2 pm.

My main question is: How can malware unlock the secure folder and then bypass the trust wallet fingerprint?
legendary
Activity: 3234
Merit: 5637
Blackjack.fun-Free Raffle-Join&Win $50🎲
About three months ago, at the same time as the bad news about the security issue of Trust Wallet on iPhone, I got hacked on my Android phone, and all the money I had was stolen! I am not newbie, and I have been using Trust Wallet for more than four years, even with more significant amounts without any problem, a topic that confused me:
~snip~


Let me guess, you are one of those who lived in the belief that you should trust a wallet just because it has "Trust" in its name? There is no such hot wallet that I would trust with such (and a much smaller amount), but you learned it the hard way.

Let me also mention this point: I transferred $43K BTC from Bingx to Trustwallet, and the unauthorized withdrawal made from Trustwallet Wallet in about 24 hours later; it was not withdrawn immediately.
If my phone is infected with malware, how did it access the Samsung secure folder? How did it bypass verification by fingerprint?


There is another possibility, and it is about the fact that you actually saw an incoming transaction that was not confirmed, and then someone in that exchange performed a double-spend attack and redirected the coins to another address. I'm not saying that it really happened, but that CEX doesn't have a very good reputation judging by the client reviews.
sr. member
Activity: 476
Merit: 299
Learning never stops!
I personally put a password on my app and it even has fingerprint enabled for extra security so yeah I don't know how you got hacked.
The password and Fingerprint  will only work incase of an attempt from your phone but if your seed phrase got leaked It can be accessed through another phone without any password or Fingerprint, it's a non custodial wallet.. nevertheless, it's still good to use some extra layer security  to prevent a random person or stranger from laying hands on your funds in access to your phone but that doesn't still guarantee the safety of the wallet
hero member
Activity: 1092
Merit: 747
I let my four-year-old son play with my phone, and he installed dozens of games on the phone—but in the main area, not in the secure folder!
If only this story is true, then I guess with what you said above by allowing your 4yrs old kid to play with your mobile device, to the extent of installing dozens of games, must have been the reason why you got hacked, because who knows if your kid might have downloaded a game virus into your device which could have given the hacker access to your wallet? And as such decided to transfer your funds to a dormant account for a certain period of time when you might have forgotten about it to avoid possible tracking. Who knows?

.
If my phone is infected with malware, how did it access the Samsung secure folder? How did it bypass verification by fingerprint?
Just like I earlier said above, who knows if your kid might have authorized the hackers access to all nocks and cranny of your device by simply clicking "Yes" while downloading these dozens of games to an unknown commend? Because I think this should be a lesson to you not to ever give kids to play with your phone whose got asset worth more than $1000 and above. Because it would have been better you had bought your kid a smaller phone to play with, rather than giving him or her to play with phone whose asset inside worth $43,000.
legendary
Activity: 1792
Merit: 1296
Crypto Casino and Sportsbook
About three months ago, at the same time as the bad news about the security issue of Trust Wallet on iPhone, I got hacked on my Android phone, and all the money I had was stolen! I am not newbie, and I have been using Trust Wallet for more than four years, even with more significant amounts without any problem, a topic that confused me:
If this story is true and OP’s wallet was indeed hacked, then initially it was reckless to store all the savings in one wallet, especially a mobile application wallet.

Having $43,000 and not being able to buy a hardware wallet (~$70-100) looks strange and reckless.

The strange point is that the hacker or thief still hasn't cashed out after three months. Even if he/she does, I can't do anything, but it's strange to me why he/she doesn't.
Well, maybe the hacker is waiting for the bull run to start to multiply his profits. Smiley

You have already been asked for the public address of your wallet to verify what was said. I would also be curious to see an address that would confirm that the hacker didn't move the stolen funds. Without proof, the story looks unfounded.

Sadly, All the wealth I had built up over the years is gone, and I don't know what to do.
This is the price of "being your own bank". It was necessary to take a more careful approach to the issue of safe storage of savings.

What to do? Recognize and accept losses, and then start over.
hero member
Activity: 1120
Merit: 887
Livecasino.io
The OP story sounds like some very poorly low budget series. It is not because the story is not true but because of the confusion in the use of words and numbers in the write up. Anyways from the little I was able to pick up from it, it is obvious that he/she made some mistakes.

- You allowed your four-year-old play with you phone which could have lead to unintentional security breaches
- You relied on the Samsung Secure Folder for security
- You believed that having Kaspersky and Avast enabled guarantees complete security
- You lacked a complete understanding of security risks. If you didn't you would have opted for a hardware wallet over Trustwallet, a closed sourced wallet after all these years.

Well, sorry about this but, I hope you have learned a very valuable lesson.
sr. member
Activity: 1736
Merit: 357
Peace be with you!
I am not new to TrustWallet because for some years of using it on my Android phone I have never experienced such a problem wherein a single transaction that I am not aware of was succesfully initiated. I just don't understand what was happening to your wallet OP but I am sure that you have done an error. I personally put a password on my app and it even has fingerprint enabled for extra security so yeah I don't know how you got hacked.
sr. member
Activity: 476
Merit: 299
Learning never stops!
Once an investment such as BTC is hitting a point of $500, you need to be very more careful about the storage... choose a cold storage means for storing your coins. I don't really know why OP choose Trust wallet actually,  it is a self claimed open sourced but they still shield some stuffs to the public which still makes them  close sourced to public no matter how they seem to  claim open sourced.
For such amount, you should have an HD wallet /watch only wallet, get a device that will always stay cold to sign your transaction every time you need to , still don't know why you didn't learn those because  it really  sucks  Tongue to get hacked using Trust walet
hero member
Activity: 826
Merit: 641
Leading Crypto Sports Betting & Casino Platform
There is no reason to lie; I can send all detailed information and proof to any forum moderators.

I should mention that, as I installed Trust Wallet in the Samsung secure folder and was relieved about its security, I let my four-year-old son play with my phone, and he installed dozens of games on the phone—but in the main area, not in the secure folder!

Yes, I wrote the phrases on a piece of paper in my desk drawer, and no one knew about its existence. Besides, not many people come and go to our house.

I asked every expert, they said that it is not possible to hack Trust Wallet by downloading or installing an app or any similar way.
I show empathy on this matter but until you at least show us some transaction proof, I can't believe this. I've read all you had to say in the subsequent replies but you have always dodged the proof, so how do we believe you even if we want to?

However, for educational and preventive purposes, giving your child the phone you have the crypto wallet is not a matter, but if you are not the only one having access to the child while he/she holds the phone unlocked, then it is an issue. You might not know when someone will be monitoring you due to what they see in it, and if the person is experienced with cryptocurrency, such might find a way to search you better and eventually locate the seed phrase in your drawer, trust nobody about it.

At times too, it may not be an internal job, your phone could be hacked. This is why it is dangerous to download games and many others that could be dangerous on our phones, especially phones with financial assets. What if malicious files are attached? Malware may be included depending on the source of the download.
sr. member
Activity: 700
Merit: 470
Hope Jeremiah 17vs7
You could have gone for an hardware wallet while if it was too expensive for you at least go for good Bitcoin only wallets  like electrum and bluewallet.

How expensive are you talking about? The man has over 2.5 (!) billion dollars (allegedly). The cost of a hardware wallet is nothing to him.
I thought it was $43k worth of BTC not 43k BTC, didn't notice what Op wrote earlier, I just believed it was $43k earlier because it was not even possible that someone would be able to still 43k BTC Currently and the entire crypto space won't be aware of it now.

I just couldn't believe that someone will be having $43k worth of BTC and be using Trustwallet, while I would have gotten an hardware wallet for such amount there's still others who will just find an alternative to use but least use wallet like Electrum, Bluewallet or any other really good Bitcoin only wallets that are open source.

There is no reason to lie; I can send all detailed information and proof to any forum moderators.

I should mention that, as I installed Trust Wallet in the Samsung secure folder and was relieved about its security, I let my four-year-old son play with my phone, and he installed dozens of games on the phone—but in the main area, not in the secure folder!

Secure folder means nothing...

If you don't understand about cyber security , you should have paid for a software which guarantees safety, i.e. a hardware wallet.

Trezor is the best nowadays imo.
Another reason why I will consider you a newbie because device were coins are stored ain't ought to be used others with and not especially putting games.

I wonder if your son or anyone else as anyway to access the Samsung secure folder whereby giving an application access to it, if they possibly ask i guessed only malware could request this.


legendary
Activity: 2352
Merit: 6089
bitcoindata.science
There is no reason to lie; I can send all detailed information and proof to any forum moderators.

I should mention that, as I installed Trust Wallet in the Samsung secure folder and was relieved about its security, I let my four-year-old son play with my phone, and he installed dozens of games on the phone—but in the main area, not in the secure folder!

Secure folder means nothing...

If you don't understand about cyber security , you should have paid for a software which guarantees safety, i.e. a hardware wallet.

Trezor is the best nowadays imo.
copper member
Activity: 2170
Merit: 1822
Top Crypto Casino
I can't understand, the author of the topic, write normally how much was (allegedly) stolen from you - $43000 in bitcoins or 43000 BTC. Because I personally do not understand this combination "$43,000 BTC".
No way, it's 43,000 BTC  Grin. I think he meant BTC worth $43,000
43,000 BTC is now worth , No way someone can keep such an amount in a closed source software wallet especially given that he has been doing crypto for a while.

Also, I don't think Bingx and most exchanges can let you withdraw 43,000 BTC at once. Max daily limit at Bingx is $5M for an account with advanced verification.



OP, I have a feeling your seed phrase somehow leaked somewhere. The other loophole was using trust wallet, which is not an open source wallet. I think they even had a bug that was exploited sometime back involving their app.

Trust Wallet to reimburse users after $170,000 security incident
staff
Activity: 2436
Merit: 2347
I can't understand, the author of the topic, write normally how much was (allegedly) stolen from you - $43000 in bitcoins or 43000 BTC. Because I personally do not understand this combination "$43,000 BTC".
full member
Activity: 420
Merit: 130
Hello,

About three months ago, at the same time as the bad news about the security issue of Trust Wallet on iPhone, I got hacked on my Android phone, and all the money I had was stolen! I am not newbie, and I have been using Trust Wallet for more than four years, even with more significant amounts without any problem, a topic that confused me:

I installed the trust wallet app in the Samsung Secure folder with only V2ray VPN and no other app (the Samsung Secure folder is a sandbox environment with an additional security layer guaranteed by Samsung Knox); also, Kaspersky and Avast were enabled on my device! I don't understand how I got hacked!! I am sure that no one had my key phrases! I didn't connect my wallet to anything, any airdrop, any NFT ...

The strange point is that the hacker or thief still hasn't cashed out after three months. Even if he/she does, I can't do anything, but it's strange to me why he/she doesn't.

Sadly, All the wealth I had built up over the years is gone, and I don't know what to do.
If your hacking is true then I sympathize with you.  Because it is a matter of financial loss for you. But one thing is very important that why you kept your hard earned bitcoins in a wallet, why you didn't keep them in a hardware wallet. Also why do you choose to have all your bitcoins in one wallet why don't you store your bitcoins in multiple wallets? Lastly, in case you have been hacked, no one can assure you that your hacked bitcoins can be recovered.  If the hacker wants to give you back you can give back but if he doesn't then your bitcoins will be lost forever.
sr. member
Activity: 504
Merit: 266
How much, how much was stolen? 43к?  Shocked Can I see your wallet address to confirm what you're saying? In general, you are telling a completely untrue story, IMHO.
You are absolutely right, without correct information, there is an attempt to attract users with baseless information. If 43 thousand dollars has been hacked then it must have been hashed and the hash must be shared here to confirm whether it was actually hacked.
staff
Activity: 2436
Merit: 2347
You could have gone for an hardware wallet while if it was too expensive for you at least go for good Bitcoin only wallets  like electrum and bluewallet.

How expensive are you talking about? The man has over 2.5 (!) billion dollars (allegedly). The cost of a hardware wallet is nothing to him.

Let me also mention this point: I transferred $43K BTC from Bingx to Trustwallet, and the unauthorized withdrawal made from Trustwallet Wallet in about 24 hours later; it was not withdrawn immediately.

Show the ID transaction. But don't say you don't have it. The wallet has all the information.
newbie
Activity: 5
Merit: 0
Thank you very much for everyone's response and sympathy. The past few months have been tough for my family and me; unfortunately it's too late for me to use a hardware wallet.

My purpose in raising this issue is to know how my money was stolen and why the hacker/thief didn't cash out the money after a few months.

Let me also mention this point: I transferred $43K BTC from Bingx to Trustwallet, and the unauthorized withdrawal made from Trustwallet Wallet in about 24 hours later; it was not withdrawn immediately.

If my phone is infected with malware, how did it access the Samsung secure folder? How did it bypass verification by fingerprint?
sr. member
Activity: 700
Merit: 470
Hope Jeremiah 17vs7
About three months ago, at the same time as the bad news about the security issue of Trust Wallet on iPhone, I got hacked on my Android phone, and all the money I had was stolen! I am not newbie, and I have been using Trust Wallet for more than four years, even with more significant amounts without any problem, a topic that confused me:
In as much as I feel so much sorry for you if this is true, I will still consider you a newbie simply because you're using trust wallet for bitcoin and such about of bitcoin there.
Being in the crypto space for years doesn't makes one stop being a newbie instead what they practice and your actions is an example of one.

You could have gone for an hardware wallet while if it was too expensive for you at least go for good Bitcoin only wallets  like electrum and bluewallet.

What is the point of posting about something that happened 3 months ago? As you already know, there is nothing that anyone here can do to help you.
Based on Op, post and above reply I guessed he posted this because the hacker has not moved the funds which is quite surprising him to him.

Though I'm still wondering like Xal0lex why he chooses not to share the address or is requesting to show it to moderators only
staff
Activity: 2436
Merit: 2347
There is no reason to lie; I can send all detailed information and proof to any forum moderators.

Why moderators, exactly?
newbie
Activity: 5
Merit: 0
There is no reason to lie; I can send all detailed information and proof to any forum moderators.

I should mention that, as I installed Trust Wallet in the Samsung secure folder and was relieved about its security, I let my four-year-old son play with my phone, and he installed dozens of games on the phone—but in the main area, not in the secure folder!

Yes, I wrote the phrases on a piece of paper in my desk drawer, and no one knew about its existence. Besides, not many people come and go to our house.

I asked every expert, they said that it is not possible to hack Trust Wallet by downloading or installing an app or any similar way. And in my case, there are two basic possibilities:

Someone somehow got access to my phrases, or there was a security hole in the Trust Wallet app (probably on the dark web).

The strange point is that the hacker or thief still hasn't cashed out after three months. Even if he/she does, I can't do anything, but it's strange to me why he/she doesn't.
Pages:
Jump to: