Wallet drainer in a malware emptied my Metamask savings

Kemarit

legendary

Activity: 3080

Merit: 1353

Quote from: BitcoinGirl.Club on July 12, 2024, 02:06:56 PM

Quote from: Nwada001 on July 12, 2024, 01:59:39 PM

Quote from: BitcoinGirl.Club on July 12, 2024, 01:32:46 PM

Quote from: Ciokapic on July 12, 2024, 12:45:08 PM

I want my money back and this bastard in prison!

Unfortunately without having the private key you can not get the money back. You seem to be a developer and you must know it.

Guess what? This address mentioned here is also among the addresses mentioned in this thread . SCAM: Fake Cryptocurrency Mixer Phishing Network

Whoever is in charge of those addresses is not stopping anytime soon, and they have had a lot of manpower to pull off such a scam since December 2023, when they first reported it here, until today.

It's obvious they have different phishing sites or fake business sites in different niches. Scamming the internet users and sending the scammed coins to that address. They must have a way to cash it out and it they do it via a KYC verified account then it was supposed to be an easy job to catch them.

Correct, or this is one sophisticated crime groups, that they have the infrastructure to scam and spread their malware and stole people's money. And then they also have system in place on how to hide the money and then cash it out.

There are fly by night exchanges that facilitated the exchange, so there could be KYC or not or this groups could have tied to this exchanges so that they will not go into KYC.

I'm sorry to hear OP's dilemma, and the only thing that we can do for ourselves is to learn from them. And we all know when we are in crypto, we should be very very careful on what we download or what link we click.

albon

legendary

Activity: 1778

Merit: 1432

Quote from: holydarkness on July 16, 2024, 05:42:39 AM

I'm quite curious, I understand correctly that these drainer accidents so far happened to PC users? How likely is same situation happen to people who access their wallet through mobile device [tablet and phone]? Android has these "block third party installation" things [not sure what they really called] where we need to manually grant an apk installation from app other than play store and other official app market, but how "compatible" is those drainer with android or iOS? Can they be executable on both OS or [currently] they're only spread through PC?

Of course, if a mobile phone user, especially an Android user, downloads any applications outside the official stores from unknown sources in APK format and ignores the security feature that prevents the installation of apps from unknown sources, then these malicious or fake applications can, through the permissions granted by the user, access private data, violate user privacy, and drain wallets.

What happened with the OP was that he downloaded the Pumpfun sniper bot, which was developed in exe format for the computers that contained Malware. However, unscrupulous developers can develop an APK version to target phone users. Therefore, anyone should avoid downloading anything before being aware of security measures and ensuring that his sensitive data is in a safe place, not connected to the internet.

holydarkness

legendary

Activity: 2632

Merit: 1462

Yes, I'm an asshole

I'm quite curious, I understand correctly that these drainer accidents so far happened to PC users? How likely is same situation happen to people who access their wallet through mobile device [tablet and phone]? Android has these "block third party installation" things [not sure what they really called] where we need to manually grant an apk installation from app other than play store and other official app market, but how "compatible" is those drainer with android or iOS? Can they be executable on both OS or [currently] they're only spread through PC?

ContentWriter

member

Activity: 70

Merit: 11

I report crypto news and write gambling articles

I;m sorry about this. As a developer, I suggest that you make use of a virtual machine while testing new apps. I learnt about VMs while trying to access the dark web as a reporter. It does give you a high level of protection.

dkbit98

legendary

Activity: 2212

Merit: 7064

Quote from: Ciokapic on July 12, 2024, 12:45:08 PM

My Metamask was emptied on the ETH chain by this wallet drainer hidden in a malware. I'm an application developer, and I was looking on Github for an Pumpfun sniper bot example application, I downloaded this so-called bot, which was an .exe file.

Sorry about your loses.
Metamask wallet is crap and I wouldn't use it for anything, but using it in combination with good hardware wallet would probably prevent your coins from being stolen.
Another way to protect yourself is to stop using wind0ws spy OS, switching to good linux OS would make it impossible for any .exe malware to operate.

Ultegra134

hero member

Activity: 1638

Merit: 817

I'm not going to go in depth that you're a developer and you should have known better, but it's common knowledge to not open unknown executables. Unfortunately, sometimes even the most experienced users suffer from such scams, which are quite common, and I've almost fell victim to one myself.

I'm really sorry for your loss, but the chances of recovering your money are practically zero, and I think that deep down you already know that.

JeromeTash

legendary

Activity: 2254

Merit: 1236

Heisenberg

That was a rookie mistake. In fact, very many people get hacked via those executable files. If you are trying to test out new apps, please make sure you use your old laptop/computer that you never use for transactions or personnel files

Also, try to set up a virtual environment within your PC to test and run potential malicious apps.

Sorry for your loss.

BitcoinGirl.Club

legendary

Activity: 2800

Merit: 2736

Farewell LEO: o_e_l_e_o

Quote from: Nwada001 on July 12, 2024, 01:59:39 PM

Quote from: BitcoinGirl.Club on July 12, 2024, 01:32:46 PM

Quote from: Ciokapic on July 12, 2024, 12:45:08 PM

I want my money back and this bastard in prison!

Unfortunately without having the private key you can not get the money back. You seem to be a developer and you must know it.

Guess what? This address mentioned here is also among the addresses mentioned in this thread . SCAM: Fake Cryptocurrency Mixer Phishing Network

Whoever is in charge of those addresses is not stopping anytime soon, and they have had a lot of manpower to pull off such a scam since December 2023, when they first reported it here, until today.

It's obvious they have different phishing sites or fake business sites in different niches. Scamming the internet users and sending the scammed coins to that address. They must have a way to cash it out and it they do it via a KYC verified account then it was supposed to be an easy job to catch them.

Nwada001

hero member

Activity: 658

Merit: 660

Quote from: BitcoinGirl.Club on July 12, 2024, 01:32:46 PM

Quote from: Ciokapic on July 12, 2024, 12:45:08 PM

I want my money back and this bastard in prison!

Unfortunately without having the private key you can not get the money back. You seem to be a developer and you must know it.

Guess what? This address mentioned here is also among the addresses mentioned in this thread . SCAM: Fake Cryptocurrency Mixer Phishing Network

Whoever is in charge of those addresses is not stopping anytime soon, and they have had a lot of manpower to pull off such a scam since December 2023, when they first reported it here, until today.

BitcoinGirl.Club

legendary

Activity: 2800

Merit: 2736

Farewell LEO: o_e_l_e_o

Quote from: Ciokapic on July 12, 2024, 12:45:08 PM

I want my money back and this bastard in prison!

Unfortunately without having the private key you can not get the money back. You seem to be a developer and you must know it.

Ciokapic

newbie

Activity: 1

Merit: 0

My Metamask was emptied on the ETH chain by this wallet drainer hidden in a malware. I'm an application developer, and I was looking on Github for an Pumpfun sniper bot example application, I downloaded this so-called bot, which was an .exe file. I knew about these drainers, I never connected my Metamask wallet to any site other than the official ones, but I didn't think that there were already hidden drainers as malware in executables so I stupidly opened it and later after 3 days I found out that my Metamask wallet was emptied and also my Phantom wallet were stolen.

Thief wallets: CM1BCf2riR9eCCX1HF45ZoVvDcm9LK1LMTBd3xDwSgsq - Solana
0xc445a832f6ab39Dc248135bbf9b9c5707CCE248B - ETH

After a more detailed investigation, I found out that the funds previously stolen by this wallet (0xc445a832f6ab39Dc248135bbf9b9c5707CCE248B) are sent to an intermediate wallet: 0xa8a2C9e3fbCde807101dBD87aF7b51583f83d1D5 which in turn sent a lot of money to the final address who owns over $500k: 0x1bAc08001D761C303901d5E32273a24c07D3f3Da. I looked for this final address on the internet and found that it actually belongs to a wretched Russian who has harmed a lot of people. Must be caught!! So there are many victims, and the law should intervene urgently, it is a massive case and is directly related to this case: https://bitcointalksearch.org/topic/scam-fake-cryptocurrency-mixer-phishing-network-5478625

Another case here on twitter: https://twitter.com/solmaker_app/status/1793289483732795691

I want my money back and this bastard in prison!

Topic: Wallet drainer in a malware emptied my Metamask savings (Read 115 times)