For the First Time in 10 years, My very first Crypto Wallet was Hacked

avatar
(Edited)

When you noticed your borrowed funds were suddenly "burnt", you should have known something was wrong.

When I saw this sale this morning I was happily telling @elizacheng and @khimgoh about the good news.


I usually do not use credit card to purchase any new property tokens but use its borrowing service to get some xDAI over because bridging is kind of troublesome especially the multichain compromise of late.

I never had that problem before to be honest, until this week when I did something stupid to try to revoke some contract out of a support's advice on a site.

When the site was having unusual hanging I should have known something was up. But somehow my mind was foggy and I went to load my private keys on my Trust wallet to try and use the dapp browser to do so.

It was hanging still.

And because it was on the trust wallet unlike metamask I can just disconnect my wallet to the site, I left the site and totally forgotten about it as work was piling up during the day.

Little did I know when the site was hanging, my wallet was already being hacked.

Exactly during that time it was hanging, a few hours later my ETH was drained from it.



And to make it worse, I thought it was a Real T problem so I decided to bridge the amount over from another account in order to just pay up the invoice that is hanging there at the moment.

Lo and behold, 90% of the arrived wallet was GONE

It feels very painful because this is the first Ethereum wallet I ever had for years and I hardly use it except for RealT as I wanted to split my wallet in different usage.

Now all my RealT assets are stuck there including a hacked borrowed approximately 49 DAI.

Scammers are everywhere! No where is safe!


Ironically, over the official discord group when I was inquiring this issue at the support, this community moderator told me to message him to see the details

The conversation started normal but then when he kept saying "your account is just out of sync, just go to the website for Rectification" something triggered my trauma memory of a few days ago.

It felt like Déjà vu all over again when this happened and insisted me to key in the seed words...

And that's where all my 😨 🚨❌⛔️ senses all fired up!

This is exactly how the scammers did on the other protocol that I was inquiring to remove some contracts

Immediately I went to check from https://www.scamvoid.net/ recommended by search engine to find out, and when I showed this user this image , the scammer seems to be reading from the script

If I do as it is instructed, I WILL LOSE ALL MY FUNDS.

Immediately I just reply this kindly and learn to be patient and wait for official assistance because it is Thanksgiving holiday after all.

I have reached out to @bitrocker2020 for help to triple confirm that my account is compromised and I will not be engaging anymore of this current wallet until I can get RealT support team to officially move my assents out manually from their end.

A hard lesson learned. I have lost 0.05 ETH from this account and $100 over DAI from any transactions, with 50% of the DAI is stuck as borrowed and I have to pay them back later.

In a way, if I have never taken this trade today, I wouldn't have noticed that my account was compromised at all.

It is a super painful and expensive lesson to learn, but I hope those who read this will know how to detect any scammers who are getting better impersonating the real mods and admins with their way of talking now.

Somehow they the first scam in Telegram group that scammer managed to "hack as admin status" and that is why I didn't detect it; so in some ways, Telegram itself is greatly compromised too.

I guess that is part of the consequence of "open source". There are just **way more scoundrels than honest integrity people in the cyberspace.

Trust the people you know personally seems to be the way?

Or compromise and have KYC tied to it.


But the one thing I will NEVER DO right now is to consolidate everything into a single hardware wallet.

The Hardware wallet should be used as a wallet that is never going to be used for any contracts.

I personally remembered that the WalletConnect itself was also once compromised, that is why I ported this first wallet to metamask.

Another thing is IF EVER A SITE ASK YOU TO KEY IN YOUR SEED WORDS when it cannot connect to your hot wallet, know that IT IS A SCAM SITE

Now the scammers are very smart they will never ask your seed words directly anymore.


If you find this experience useful, please feel free to share it to your friends as much as possible to avoid horror.


Until Then

Stay healthy, stay curious and learn new things, and stay happy!

Posted Using InLeo Alpha



0
0
0.000
13 comments
avatar

Congratulations @littlenewthings! You have completed the following achievement on the Hive blockchain And have been rewarded with New badge(s)

You received more than 110000 upvotes.
Your next target is to reach 120000 upvotes.

You can view your badges on your board and compare yourself to others in the Ranking
If you no longer want to receive notifications, reply to this comment with the word STOP

0
0
0.000
avatar

that's crazy ! these scammers will go thru all lengths just to take ur precious crypto. The worsts ones are those who have patients and wait till you are fully loaded and BOOM !! they snatch everything.

0
0
0.000
avatar

Yeah man! That scammer some more said you need 2 to 4 eth to revoke contracts.
I told him , hanging non stop. Forget it.

So even 0.05 they knew I wasn't gonna budge and they just took what's there

0
0
0.000
avatar

I guess that is part of the consequence of "open source". There are just **way more scoundrels than honest integrity people in the cyberspace.

This has nothing to do with open source. Open source is good. And the open source softwares in general are even more secure than the closed source softwares.

0
0
0.000
avatar

But at the same time open source allows hackers learn the vulnerability and then use it for their advantage by making fake sites to trick unsuspecting victims

0
0
0.000
avatar

I thought me losing the forex investment with near margin call is bad.... looking at your situation this feels worse .... 😥
!PIZZA
!BEER

0
0
0.000
avatar

We are sorry to hear what has happened to you. Please if you need any essential for your parents, let us know.
This post has been manually curated by
Daily Bread Food Bank Crypto Updates Media Team

0
0
0.000
avatar

Thank you so much for the kind offer. DBFB has already been a huge blessing

0
0
0.000
avatar

It feels like you just woke up from a nightmare into a nightmare. 😓 And yet you still encouraged us not to give up. Thank you. Hope you can restore what you lost soon.

From
AN, KT, KL and MK

0
0
0.000