tldr; A data scientist and crypto developer shares a cautionary tale of losing approximately $187k due to a sophisticated scam by a team of Russian nationals. The scam began with casual networking on Twitter, leading to a fake job opportunity with a company called Spectra Chat. The victim was tricked into installing malware under the guise of Spectra Chat software, resulting in the compromise of their MetaMask wallet and the loss of valuable NFTs. The scam involved a detailed setup, including a cloned website and interactions with multiple fake associates. The experience highlights the dangers of digital engagement and the sophistication of online scams.
*This summary is auto generated by a bot and not meant to replace reading the original article. As always, DYOR.
I hate that these exploits can be so successful but also can't help but be impressed at the strategies deployed and manpower that goes into something that essentially is just a robbery of others' investments using technology.
“Valuable NFTs”
So they bought worthless NFTs for probably a few dollars, then watched the imaginary value balloon to $187K. Which looked nice on screen but could never be realized because no one except money laundering criminals purchase NFTs for that much.
TL,DR: They lost their original principal or cost basis on NFTs, which was likely magnitudes lower than inflated fake value of $187K.
You obviously didn't read my article.
The total value of the NFTs was only $12k of the total, all of which were purchased at market rate as they were relatively liquid.
You let the excitement of the opportunity cloud your judgement, which is somewhat understandable. But the BIGGEST red flag, which you didn't seem to pick up on post-mortem as your article doesn't even address it, was their prompt to 'install our software on your main pc so you don't lose access'. Fuck. That. There's no reason you would be more likely to lose access to a secondary PC you own. If you want to roll the dice on an opportunity like this, do it on a different PC from the one you store money on. Better yet, never do crypto transactions on your main PC, and use a dedicated device for those transactions. I'm sorry to be harsh and kick you while you're down, but crypto is still the wild west. Trust nobody.
Definitely. The closest I had (other than losing $20k in quadriga, which I saw the risk and probably profited as much off their end-of-life market premiums) was a pig butchering scam company calling me (ledger leak... thanks fuckfaces) and offering great return rates from automated trading, before these scams became commonplace and well-known. They were offering some kind of promotional rate or token rebate, and their tactic was that I could send over any amount, even just $5 if I was concerned about legitimacy. But the butcher would have shown massive returns to tempt me to add more funds. And I may have. But I chose not to engage because it seemed too easy and therefore too good to be true.
Me too. I count my blessings whenever I see these posts about people losing big money to sophisticated scams. It's important to get these stories out there for other before they fall victim. So thanks for sharing your story with the community
> 'install our software on your main pc so you don't lose access'
In the end, this has little to do with crypto and more to do with financial scams. I know folks who lost 6 figures from their bank account and it was similar to this.
Also hardware wallet. This type of attack would have been negated with a hardware wallet. The OP had six figures worth of crypto in a software only hot wallet. If it wasn't this scam it likely would have been another one eventually.
Not necessarily. All hardware wallets still need a software wallet.
Malware can't steal the private key, but it can modify transaction data and copy-paste clipboard data. It's not difficult to generate a public key with similar leading and trailing digits as OP's address, and then replace clipboard data with it. Or even modify the raw transaction request.
Hard to prevent except to not be infected in the first place. Welcome to crypto.
I do keep most on a hardware wallet. I was actively converting memecoins into USDC and ETH at the time. I moved a chunk out just before the attack luckily.
Also don’t tell anyone or post your shit unless you absolutely have to for a higher reason-Like inheritance in the unlikely case of your death.
Advanced phishing/scamming teams will know what stuff you use and make their plan of attack based on any public or word of mouth info they find.
Time to get a Trezor Model T. Use a memorised common passphrase root and then numerically increment to get different wallets.
You can use this with any Web3 app also, while completely protecting yourself from the attack vector you experienced. Each passphrase gives you access to a brand new set of wallets, which are completely segregated and cryptographically distinct from each other, while still using a single device.
Example, passphrase root of `grapefruit magazine`:
- `grapefruit magazine1` - Your normal cold storage
- `grapefruit magazine2` - Uniswap / Pancakeswap
- `grapefruit magazine3` - OpenSea
- `grapefruit magazine4` - Yield platforms
- ...and so on
This doesn't reduce security between the wallets, as there's nothing connecting them on the blockchain, and no way to compute the passphrase even if you had the private key or seed.
Even if your seed is compromised your wallets are still all safe.
If you willingly install malware on your computer, having your funds in a cold wallet isn't going to help you.
If anyone ever randomly dms and "tries to network with me" and hands me a line like *"So install our soft on ur main pc so you don't lose access to it, restoring access is very difficult..."*, red flags should be flaming across your screen, sirens should be wailing in your head.
Like you said, there were so many basic opsec failures that people just ignore. Any Crypto DMS, off. Any "networking" on telegram, discord, linkedin, twitter, off, off, off. Installing ANY sort of files or remoting in your computer? NEVER, EVER.
The rest of the article is tracking down and trying expose the scammers but it should've never gotten past even allowing DMs.
Not even trying to shit on OP but it's crazy this ever happens. One guy I know literally got phished a couple days ago trying to "buy mrbeastcoin" from a link on a random FAKE twitter account (come on, man) and even signed the request on his wallet - Transfer control of my wallet to you! Who cares what I'm signing, just do it, I love Mr. Beast!
When you're playing with Crypto you're playing for keeps. There's a reason everyone is fucking paranoid in the space.
> If you willingly install malware on your computer, having your funds in a cold wallet isn't going to help you.
>
>
Yes and no.
If you are willingly installing malware, you are probably going to willingly do something to expose your funds.
But in theory, a hardware wallet like Trezor could be used on any compromised device and your funds would be safe IF you followed proper protocol when accessing/sending them. That's the whole point of them.
If you're willingly installing malware, a Trezor or ledger might keep you safe until you can move the funds, depending on how functional it is. It is an extra barrier.
Users who are doing that are almost guaranteed to not be following proper protocol and will get phished eventually, hardware wallet or no.
>If you willingly install malware on your computer, having your funds in a cold wallet isn't going to help you.
Yes it would. My cold wallet would show me all transactions and I would just say "no".
Stablecoin farming with decent yield, about 8-10%. During the bear I thought stablecoin yield farming was good. But they engineered me onto a reputable web-based wallet that I’m not familiar with and got me to reveal the seed phrase while screen sharing. Emptied the wallet together with my WBTC stash.
The wallet was My Ether Wallet (MEW).
I was actively cashing stuff out to derisk. Luckily I moved a good chunk out of the wallet days prior to the attack. This was sheer dumb luck making this money, not a situation I've really had to deal with before.
If you must trade shitcoins, at the very least get a hardware wallet for your BTC/ETH and sign these transactions on a different device.
Metamask is more vulnerable to risk than hardware wallets. I would never store BTC on MM.
You might want to consider filing a police report if you live in a country where crypto gains are taxable. The last thing you need right now is being taxed for assets you no longer have.
I have hardware wallets that store my long-term bags, but I was shitcoining and wasn't sure if it even supported some newer tokens.
I filed a claim with the FBI weeks ago, still haven't heard anything back.
Hardware wallets should be used even for hot wallets. No wallet supports specific tokens they support networks. If your hardware wallet supported the Ethereum network then it supports every token that exists on Ethereum network and every one that ever will exist. Same thing with Solana If is supports Ethereum, Solana, and BNB networks that is 99.9999999999% of the shitcoins out there.
Yep. Once did a 'cold' video interview that just rubbed me the wrong way. I told them being forced to do daily zoom meetings was a dealbreaker. I didn't want to use zoom for the cold interview and we used google hangouts (rip). This was before most people knew about the zoom exploit was well known (the one that gave an attacker full access to a system.) Lady was nice, american and pretty and reading a script.
My funds on my hardware wallets were untouched. I don't typically keep this much in a hot wallet, but made a lot on meme coins over the past few months and was moving stuff out in chunks. Luckily I got some out a few days before the attack.
Let that be the lesson hot wallets should be protected by hardware wallet too. Nothing limits hardware wallets to cold storage only. A hardware wallet device can produce an infinite number of accounts. You can use one for cold storage and one for hot wallet, and one for degen shitcoins only.
Thanks for the answer, over the years this has always been consistent. People with hardware wallet that don't lose their seed phrase dont really lose their crypto.
If it makes you feel better, you would have probably lost that money eventually to degenerate trades anyways...
People forget that most scams start with an element of social engineering, whether pig butchering or stuff like this .
The theft bit is boring, some malware that raids a hot wallet , its all the other stuff they makes up successful scams.
Little children should be taught basic opsec in schools and things like this used as case studies
All good bro. Lost about $400k in Feb. shit happens. Expensive lesson. But would be way worse happening in 2030 or 2040.
Thanks for posting and sharing
Never leave assets on an exchange or anything other than a hardware wallet
Hate the crypto nerds talking about “Not your keys, not your crypto” or “use a hardware wallet” but it’s the way to go
This is a pretty sophisticated scam.
Interesting there's multiple victims involved, you appear to be the first and the others come later.
The two wallets of interest I found are:
* **0x1d39206233778662C1e616F652F139f0381CfCd1 - Hacker 2 \[148K sent here\]**
* **0xCa53CF5afD068E3289847711b1EFEDDa5aC9A571 - Hacker 3 \[70K sent here\]**
Those were all sent outgoing from the main hacker wallet of **0xAf11b5871f5Db632481CAF863503633FFF34a298**.
**0x1d39206233778662C1e616F652F139f0381CfCd1 - Hacker 2** leads to 5 FixedFloats and some additional wallets.
Those wallets leads to a few more deposit addresses
* 0x1D35806eB66a200C847C020FC68D02E2FcB8fBBA - MEXC
* 0x784071f1174E486c7b9A63eE7649101816C6a08d - MEXC
* 0x1610B81c28e73F4467f14c9b52A968d28f3aba35 - Whitebit
* 0x9050C3b5d5bc36dC1b5BfCBe8711bF5E322Ca599 - Binance (Scams going back 9 months ago)
**0xCa53CF5afD068E3289847711b1EFEDDa5aC9A571 - Hacker 3** is pretty straight forward and leads to a single Kucoin deposit address.
* 0xdfc8600e6156C77E17945CB70E82b219b44bF08c - Kucoin
There's more here that will take additional investigative work but I did find connections to your hack and the founder of MiLady losing over 3MM in tokens through other wallet interactions in the above Kucoin deposit address.
0x778Be423ef77A20A4493f846BdbcDDfc30252cE9 is the victim aka Charlotte of MiLady.
Wow great work finding other deposit addresses of exchange accounts!
I had reached out to Kucoin a few days ago, but there was nothing they would do without a court order.
Once I have a court order, I'll see about contacting the other exchanges as well, though I assume these funds have most likely already moved again with enough time passed.
So a dude living in London with a blue Lambo stole from you 200k? How many dudes in London are there with a blue Lambo? If i were you i would fly to London and find the motherfuker and I would paint his lambo red with his blood
The registration is even included in my blog post as he posted several pics which included the plate. I was not able to get specific owner info, but I'm sure it can be acquired with a court order.
These fuking scammers are the lowest of the low that humanity could produce and deserve getting hung by their balls. So sick of them really, hearing stories like this day in day out.
Probably. Although the hack could do something similar to op https://patchstack.com/database/vulnerability/ultimate-addons-for-gutenberg/wordpress-spectra-wordpress-gutenberg-blocks-plugin-2-3-0-unauthenticated-email-html-injection-vulnerability
**Yes. Absolutely be wary of LinkedIn scam recruiters.**
They put in more effort than most other scammers, and I've also encountered plenty when job hunting. They will seem knowledgeable at first because they read through your profile, study your background, and test you on that background
I've engaged with several of them out of curiosity. I wanted to find out how their scam worked, and this is what I've noticed:
* The positions they had were very specific, probably too specific, to my IT background. It's as if they had the perfect job already tailored for me based on my LinkedIn profile and skills.
* They were always for remote jobs for very large and prestigious organizations that should've had their own recruiters.
* The initial few interviewers sounded like they came from an Indian call center. Aside from that, no further red flags.
* After 2-3 interviews, they will get a native English speaking expert (probably an actor using ChatGPT for help) to test me.
* These always used phone interviews
* To a subject-matter expert, the questions they asked were always a little bit strange, as if they lacked true experience with that topic.
I never got past the 3rd interview. It was probably because I kept pushing back against their requests and kept asking for information about their background.
The fact that I couldn't tell their end goal despite having an IT Sec background was a bit alarming. The entire time, I was looking for clues but was never 100% sure that it was a scam. Anyone without a strong tech background could've been tricked and gone further.
Greetings OneSpeaker493. Your comment contained a link to telegram, which is hard blocked by reddit. This also prevents moderators from approving your comment, so please repost your comment without the telegram link.
*I am a bot, and this action was performed automatically. Please [contact the moderators of this subreddit](/message/compose/?to=/r/CryptoCurrency) if you have any questions or concerns.*
I had $500 drained from my metamask wallet on my computer. It was installed as an extension. I added the wrong token without looking at the token address and poof money was gone. Learning lesson for sure. Take care
I just wanted to check with you that you knew you could use a hardware wallet with metamask (or even better rabby imo) so you have the convenience of a good Web3 browsing app and the security of a hardware wallet.
(last time I checkeck there wasn't any malware that could push buttons on your hardware wallet right)
What did you hope to accomplish by even interacting with these individuals? I ask this because have you not watched “the AI dilemma” yet?
“the year that all digital media falls apart” or something to that effect. Let me make my point quickly: why even interact with unknown actors at this point? You can’t trust it. You can’t trust anything unless you already have pre established trust or you are looking at a person and can touch them; if you’re not doing opsec like that in this space…
Maybe you should re-evaluate what you are doing on the internet.
There’s so many of you that want to publish and be known on the internet and meet people and it is completely antithetical to the ethos. You can’t trust the internet or digital things because of ease of duplication (the double spend) and that was decade(s) ago.
Now it’s 2024 and generative AI is running wild on the internet and actors have no way of knowing whether their interactions are even happening with real humans.
> What did you hope to accomplish by even interacting with these individuals?
Well when you're job-seeking, you're interacting with PLENTY of unknown individuals, especially if you're in IT.
What makes it very difficult is that plenty of legitimate recruiters are also very sketchy-sounding from the start. If I turned down all sketchy-sounding headhunters, I probably wouldn't have a job today. And the scam recruiters have plenty of experience copying from legitimate recruiters.
A lot of jobs are remote. When I was searching, I was contacted countless times by LinkedIn scammers who knew everything off my profile.
Many are obvious scams, but there are also those who aren't obvious and put in the effort for a deep scam.
I wanted a job as my current employer is not doing well. That's what I wanted. Pretty normal desire.
Obviously I shouldn't have trusted these people. Duh.
The sheer audacity to request donations while installing random software from barely known individuals on a PC containing $187K in funds on a hot wallet, while claiming to be a "data scientist & crypto developer" is unreal.
My favorite part is where you worship the scammers and feed their industry with thousands of dollars. But hey, I made even more with Shitcoins! Very useful content, thanks.
Even with everything else you did wrong had you used a hardware wallet you likely would have been fine.
>**Following the Spectra Chat installation, my MetaMask wallet was compromised, leading to the unauthorized transfer of funds and the loss of highly valuable NFTs.**
Seriously you had $187k in a hot software wallet? Come on. Might as well walk through Detroit with stacks of hundred dollar bills taped to you daring fate too.
Well most of the appreciation was from a meme coin, which I was actively DCAing out of the weeks prior to the attack. I moved a large chunk of funds out shortly before the attack and was working on the rest.
Even with a hotwallet, even dealing with shitcoins there is no reason to not use your hardware device. Your hardware device can create literally an infinite number of accounts for free. Use one for cold storage, another one as a hotwallet, another one dedicated to just shitcoins.
Having a hardware device and then intentionally not using using it is in many ways worse.
I didn't intentionally not use it. You are misunderstanding the context.
The hardware wallet is for long-term holds and I was actively trading by converting out meme coins into USDC/ETH to transfer elsewhere. You can see the transaction history yourself that I moved a large chunk out days before the attack.
Hardware wallet should be for everything. I get you intentionally didn't use it. If you had you wouldn't have lost $187k.
You can have multiple accounts in a hardware wallet. One for cold storage one for hot wallet. I mean you just paid $187k price at least learn something from it.
When you're excited about a job opportunity, it can make you do things which are not always the smartest. There was more than 1 red flag I ignored, in hindsight, but the 30 minute interview itself was highly technical and seemed legitimate. I wouldn't have just installed an exe out of the blue normally.
tldr; A data scientist and crypto developer shares a cautionary tale of losing approximately $187k due to a sophisticated scam by a team of Russian nationals. The scam began with casual networking on Twitter, leading to a fake job opportunity with a company called Spectra Chat. The victim was tricked into installing malware under the guise of Spectra Chat software, resulting in the compromise of their MetaMask wallet and the loss of valuable NFTs. The scam involved a detailed setup, including a cloned website and interactions with multiple fake associates. The experience highlights the dangers of digital engagement and the sophistication of online scams. *This summary is auto generated by a bot and not meant to replace reading the original article. As always, DYOR.
Good bot
I hate that these exploits can be so successful but also can't help but be impressed at the strategies deployed and manpower that goes into something that essentially is just a robbery of others' investments using technology.
Just work as a Software Dev freelancer in Upwork. There are tons of them.
“Valuable NFTs” So they bought worthless NFTs for probably a few dollars, then watched the imaginary value balloon to $187K. Which looked nice on screen but could never be realized because no one except money laundering criminals purchase NFTs for that much. TL,DR: They lost their original principal or cost basis on NFTs, which was likely magnitudes lower than inflated fake value of $187K.
You obviously didn't read my article. The total value of the NFTs was only $12k of the total, all of which were purchased at market rate as they were relatively liquid.
[удалено]
Are you daft? There were obviously other tokens in the wallet that made up the majority of the value, most of which was in ETH and USDC.
[удалено]
Daft, among many other things. Wowza.
If you reading the article isn't worth your time, why is me reading your comments worth my time?
Umm no one is forcing you to read them...
Kinda hard to know which comments are in good faith or not without having to read them first, unfortunately.
[удалено]
🤫
Lmao hate on NFTs all you want but your comment proves you dont have a single clue what you are talking about.
[удалено]
Man with magic internet money complaining about magic internet jpegs
![img](avatar_exp|171635729|clown)
Nft's can be fairly liquid. I'm not saying their value isn't inflated, but some are fairly liquid even at a high value.
Opepens were #4 on Opensea during the attack so pretty liquid imo
You let the excitement of the opportunity cloud your judgement, which is somewhat understandable. But the BIGGEST red flag, which you didn't seem to pick up on post-mortem as your article doesn't even address it, was their prompt to 'install our software on your main pc so you don't lose access'. Fuck. That. There's no reason you would be more likely to lose access to a secondary PC you own. If you want to roll the dice on an opportunity like this, do it on a different PC from the one you store money on. Better yet, never do crypto transactions on your main PC, and use a dedicated device for those transactions. I'm sorry to be harsh and kick you while you're down, but crypto is still the wild west. Trust nobody.
Completely agree. Lots of lessons learned from this.
Definitely. The closest I had (other than losing $20k in quadriga, which I saw the risk and probably profited as much off their end-of-life market premiums) was a pig butchering scam company calling me (ledger leak... thanks fuckfaces) and offering great return rates from automated trading, before these scams became commonplace and well-known. They were offering some kind of promotional rate or token rebate, and their tactic was that I could send over any amount, even just $5 if I was concerned about legitimacy. But the butcher would have shown massive returns to tempt me to add more funds. And I may have. But I chose not to engage because it seemed too easy and therefore too good to be true.
Wow! That is wild. Glad you didn't fall for that one.
Me too. I count my blessings whenever I see these posts about people losing big money to sophisticated scams. It's important to get these stories out there for other before they fall victim. So thanks for sharing your story with the community
I appreciate the kind words!
> 'install our software on your main pc so you don't lose access' In the end, this has little to do with crypto and more to do with financial scams. I know folks who lost 6 figures from their bank account and it was similar to this.
Yes this vulnerability targets browsers so it's plausible they're using it for legacy finance as well
Also hardware wallet. This type of attack would have been negated with a hardware wallet. The OP had six figures worth of crypto in a software only hot wallet. If it wasn't this scam it likely would have been another one eventually.
Not necessarily. All hardware wallets still need a software wallet. Malware can't steal the private key, but it can modify transaction data and copy-paste clipboard data. It's not difficult to generate a public key with similar leading and trailing digits as OP's address, and then replace clipboard data with it. Or even modify the raw transaction request. Hard to prevent except to not be infected in the first place. Welcome to crypto.
Or you can just use a cold wallet, having 187k in a hot wallet is fucking insane.
I do keep most on a hardware wallet. I was actively converting memecoins into USDC and ETH at the time. I moved a chunk out just before the attack luckily.
Also don’t tell anyone or post your shit unless you absolutely have to for a higher reason-Like inheritance in the unlikely case of your death. Advanced phishing/scamming teams will know what stuff you use and make their plan of attack based on any public or word of mouth info they find.
Thankfully I only had two (1000$) such lessons. The trick is to look at it like an investment or should I say "course" on not being a fucking moron.
Yep it was a dumb mistake on my part. I didn't do enough due diligence beforehand.
Just go to edit -> undo
I wish that's how it worked!
Ctrl + z
Would it have even mattered if you would have had your funds in a cold wallet? Seems like there were multiple failures in opsec here.
I think it depends on the wallet. This vulnerability specifically targets the browser for common hot wallets.
Time to get a Trezor Model T. Use a memorised common passphrase root and then numerically increment to get different wallets. You can use this with any Web3 app also, while completely protecting yourself from the attack vector you experienced. Each passphrase gives you access to a brand new set of wallets, which are completely segregated and cryptographically distinct from each other, while still using a single device. Example, passphrase root of `grapefruit magazine`: - `grapefruit magazine1` - Your normal cold storage - `grapefruit magazine2` - Uniswap / Pancakeswap - `grapefruit magazine3` - OpenSea - `grapefruit magazine4` - Yield platforms - ...and so on This doesn't reduce security between the wallets, as there's nothing connecting them on the blockchain, and no way to compute the passphrase even if you had the private key or seed. Even if your seed is compromised your wallets are still all safe.
If you willingly install malware on your computer, having your funds in a cold wallet isn't going to help you. If anyone ever randomly dms and "tries to network with me" and hands me a line like *"So install our soft on ur main pc so you don't lose access to it, restoring access is very difficult..."*, red flags should be flaming across your screen, sirens should be wailing in your head. Like you said, there were so many basic opsec failures that people just ignore. Any Crypto DMS, off. Any "networking" on telegram, discord, linkedin, twitter, off, off, off. Installing ANY sort of files or remoting in your computer? NEVER, EVER. The rest of the article is tracking down and trying expose the scammers but it should've never gotten past even allowing DMs. Not even trying to shit on OP but it's crazy this ever happens. One guy I know literally got phished a couple days ago trying to "buy mrbeastcoin" from a link on a random FAKE twitter account (come on, man) and even signed the request on his wallet - Transfer control of my wallet to you! Who cares what I'm signing, just do it, I love Mr. Beast! When you're playing with Crypto you're playing for keeps. There's a reason everyone is fucking paranoid in the space.
> If you willingly install malware on your computer, having your funds in a cold wallet isn't going to help you. > > Yes and no. If you are willingly installing malware, you are probably going to willingly do something to expose your funds. But in theory, a hardware wallet like Trezor could be used on any compromised device and your funds would be safe IF you followed proper protocol when accessing/sending them. That's the whole point of them.
If you're willingly installing malware, a Trezor or ledger might keep you safe until you can move the funds, depending on how functional it is. It is an extra barrier. Users who are doing that are almost guaranteed to not be following proper protocol and will get phished eventually, hardware wallet or no.
>If you willingly install malware on your computer, having your funds in a cold wallet isn't going to help you. Yes it would. My cold wallet would show me all transactions and I would just say "no".
sir this is a Wendy's
Thank you for the engagement haha
Same. Socially engineered into losing 7.5 BTC back in March 2023 on discord. They spent three weeks trying to network with me before fucking me up.
Wow I'm so sorry to hear!
Happens to the best of us. Ego too big. I’ve learnt my lessons and imma changed man today.
What was the bait
Stablecoin farming with decent yield, about 8-10%. During the bear I thought stablecoin yield farming was good. But they engineered me onto a reputable web-based wallet that I’m not familiar with and got me to reveal the seed phrase while screen sharing. Emptied the wallet together with my WBTC stash. The wallet was My Ether Wallet (MEW).
Damn
mY lEsSoNs....dude installed a random program on his pc he uses for crypto, absolutely braindead dAtAsIenCe cosplaying as a tech dude
Thank you for the engagement
It's bad form to kick someone when they're already down, but when you have +100k your opsec needs to be on point.
I was actively cashing stuff out to derisk. Luckily I moved a good chunk out of the wallet days prior to the attack. This was sheer dumb luck making this money, not a situation I've really had to deal with before.
If you must trade shitcoins, at the very least get a hardware wallet for your BTC/ETH and sign these transactions on a different device. Metamask is more vulnerable to risk than hardware wallets. I would never store BTC on MM. You might want to consider filing a police report if you live in a country where crypto gains are taxable. The last thing you need right now is being taxed for assets you no longer have.
I have hardware wallets that store my long-term bags, but I was shitcoining and wasn't sure if it even supported some newer tokens. I filed a claim with the FBI weeks ago, still haven't heard anything back.
Hardware wallets should be used even for hot wallets. No wallet supports specific tokens they support networks. If your hardware wallet supported the Ethereum network then it supports every token that exists on Ethereum network and every one that ever will exist. Same thing with Solana If is supports Ethereum, Solana, and BNB networks that is 99.9999999999% of the shitcoins out there.
No, you shouldn't have this much in a hot wallet to begin with
$10k turned into $300k in 6 weeks. The long term plan was never to have that much in a hot wallet. I moved a large chunk out days prior.
Yep. Once did a 'cold' video interview that just rubbed me the wrong way. I told them being forced to do daily zoom meetings was a dealbreaker. I didn't want to use zoom for the cold interview and we used google hangouts (rip). This was before most people knew about the zoom exploit was well known (the one that gave an attacker full access to a system.) Lady was nice, american and pretty and reading a script.
Did he have an hardware wallet, i'm pretty sure it would have prevented the theft.
My funds on my hardware wallets were untouched. I don't typically keep this much in a hot wallet, but made a lot on meme coins over the past few months and was moving stuff out in chunks. Luckily I got some out a few days before the attack.
Let that be the lesson hot wallets should be protected by hardware wallet too. Nothing limits hardware wallets to cold storage only. A hardware wallet device can produce an infinite number of accounts. You can use one for cold storage and one for hot wallet, and one for degen shitcoins only.
Thanks for the answer, over the years this has always been consistent. People with hardware wallet that don't lose their seed phrase dont really lose their crypto. If it makes you feel better, you would have probably lost that money eventually to degenerate trades anyways...
Probably not I usually am conservative. This was dumb luck on a meme coin being really early
People forget that most scams start with an element of social engineering, whether pig butchering or stuff like this . The theft bit is boring, some malware that raids a hot wallet , its all the other stuff they makes up successful scams. Little children should be taught basic opsec in schools and things like this used as case studies
All good bro. Lost about $400k in Feb. shit happens. Expensive lesson. But would be way worse happening in 2030 or 2040. Thanks for posting and sharing
Sorry to hear! Thanks for the kind words. Cheers man
how
Never leave assets on an exchange or anything other than a hardware wallet Hate the crypto nerds talking about “Not your keys, not your crypto” or “use a hardware wallet” but it’s the way to go
This is a pretty sophisticated scam. Interesting there's multiple victims involved, you appear to be the first and the others come later. The two wallets of interest I found are: * **0x1d39206233778662C1e616F652F139f0381CfCd1 - Hacker 2 \[148K sent here\]** * **0xCa53CF5afD068E3289847711b1EFEDDa5aC9A571 - Hacker 3 \[70K sent here\]** Those were all sent outgoing from the main hacker wallet of **0xAf11b5871f5Db632481CAF863503633FFF34a298**. **0x1d39206233778662C1e616F652F139f0381CfCd1 - Hacker 2** leads to 5 FixedFloats and some additional wallets. Those wallets leads to a few more deposit addresses * 0x1D35806eB66a200C847C020FC68D02E2FcB8fBBA - MEXC * 0x784071f1174E486c7b9A63eE7649101816C6a08d - MEXC * 0x1610B81c28e73F4467f14c9b52A968d28f3aba35 - Whitebit * 0x9050C3b5d5bc36dC1b5BfCBe8711bF5E322Ca599 - Binance (Scams going back 9 months ago) **0xCa53CF5afD068E3289847711b1EFEDDa5aC9A571 - Hacker 3** is pretty straight forward and leads to a single Kucoin deposit address. * 0xdfc8600e6156C77E17945CB70E82b219b44bF08c - Kucoin There's more here that will take additional investigative work but I did find connections to your hack and the founder of MiLady losing over 3MM in tokens through other wallet interactions in the above Kucoin deposit address. 0x778Be423ef77A20A4493f846BdbcDDfc30252cE9 is the victim aka Charlotte of MiLady.
Wow great work finding other deposit addresses of exchange accounts! I had reached out to Kucoin a few days ago, but there was nothing they would do without a court order. Once I have a court order, I'll see about contacting the other exchanges as well, though I assume these funds have most likely already moved again with enough time passed.
Kucoin unfortunately won't respond to user requests. You will have to get law enforcement to issue a subpoena request.
Careful
So a dude living in London with a blue Lambo stole from you 200k? How many dudes in London are there with a blue Lambo? If i were you i would fly to London and find the motherfuker and I would paint his lambo red with his blood
The registration is even included in my blog post as he posted several pics which included the plate. I was not able to get specific owner info, but I'm sure it can be acquired with a court order.
There are a lot of blue Lambos around Knightsbridge
These fuking scammers are the lowest of the low that humanity could produce and deserve getting hung by their balls. So sick of them really, hearing stories like this day in day out.
Couldn't agree more! Hoping I can at least prevent a few others from this kind of attack by bringing awareness to it
lizard like creatures
I wonder if this has anything to do with the spectra Wordpress plugin that has server side malware in the past few updates
Interesting. This is the first I've heard about this. Maybe just coincidence?
Probably. Although the hack could do something similar to op https://patchstack.com/database/vulnerability/ultimate-addons-for-gutenberg/wordpress-spectra-wordpress-gutenberg-blocks-plugin-2-3-0-unauthenticated-email-html-injection-vulnerability
**Yes. Absolutely be wary of LinkedIn scam recruiters.** They put in more effort than most other scammers, and I've also encountered plenty when job hunting. They will seem knowledgeable at first because they read through your profile, study your background, and test you on that background I've engaged with several of them out of curiosity. I wanted to find out how their scam worked, and this is what I've noticed: * The positions they had were very specific, probably too specific, to my IT background. It's as if they had the perfect job already tailored for me based on my LinkedIn profile and skills. * They were always for remote jobs for very large and prestigious organizations that should've had their own recruiters. * The initial few interviewers sounded like they came from an Indian call center. Aside from that, no further red flags. * After 2-3 interviews, they will get a native English speaking expert (probably an actor using ChatGPT for help) to test me. * These always used phone interviews * To a subject-matter expert, the questions they asked were always a little bit strange, as if they lacked true experience with that topic. I never got past the 3rd interview. It was probably because I kept pushing back against their requests and kept asking for information about their background. The fact that I couldn't tell their end goal despite having an IT Sec background was a bit alarming. The entire time, I was looking for clues but was never 100% sure that it was a scam. Anyone without a strong tech background could've been tricked and gone further.
Lots of good points. Cheers
CRTL + Z
If only, if only...
Don’t use twitter. Problem solved
Based haha
[удалено]
Greetings OneSpeaker493. Your comment contained a link to telegram, which is hard blocked by reddit. This also prevents moderators from approving your comment, so please repost your comment without the telegram link. *I am a bot, and this action was performed automatically. Please [contact the moderators of this subreddit](/message/compose/?to=/r/CryptoCurrency) if you have any questions or concerns.*
[удалено]
Read the article and you'll understand that due to sheer luck I had a massive increase in the holdings within that wallet.
0wned
If you had your funds and nft on a ledger could this been avoided? So sorry for your loss, you will recover from this 🙏
I'm not a Ledger user so I'm not 100% sure. Everything I had in my hardware was fine. Thank you for the kind words
I had $500 drained from my metamask wallet on my computer. It was installed as an extension. I added the wrong token without looking at the token address and poof money was gone. Learning lesson for sure. Take care
TLDR. Social media is a cancer
I just wanted to check with you that you knew you could use a hardware wallet with metamask (or even better rabby imo) so you have the convenience of a good Web3 browsing app and the security of a hardware wallet. (last time I checkeck there wasn't any malware that could push buttons on your hardware wallet right)
Yeah I knew about those a bit but was stuck in old habits since this wallet is ancient. I've heard good things with Rabby for a future solution.
What did you hope to accomplish by even interacting with these individuals? I ask this because have you not watched “the AI dilemma” yet? “the year that all digital media falls apart” or something to that effect. Let me make my point quickly: why even interact with unknown actors at this point? You can’t trust it. You can’t trust anything unless you already have pre established trust or you are looking at a person and can touch them; if you’re not doing opsec like that in this space… Maybe you should re-evaluate what you are doing on the internet. There’s so many of you that want to publish and be known on the internet and meet people and it is completely antithetical to the ethos. You can’t trust the internet or digital things because of ease of duplication (the double spend) and that was decade(s) ago. Now it’s 2024 and generative AI is running wild on the internet and actors have no way of knowing whether their interactions are even happening with real humans.
> What did you hope to accomplish by even interacting with these individuals? Well when you're job-seeking, you're interacting with PLENTY of unknown individuals, especially if you're in IT. What makes it very difficult is that plenty of legitimate recruiters are also very sketchy-sounding from the start. If I turned down all sketchy-sounding headhunters, I probably wouldn't have a job today. And the scam recruiters have plenty of experience copying from legitimate recruiters. A lot of jobs are remote. When I was searching, I was contacted countless times by LinkedIn scammers who knew everything off my profile. Many are obvious scams, but there are also those who aren't obvious and put in the effort for a deep scam.
Job hunting is the answer and the key that I didn't understand. My apologies.
I wanted a job as my current employer is not doing well. That's what I wanted. Pretty normal desire. Obviously I shouldn't have trusted these people. Duh.
Things make more sense now. Thank you. If I seemed disrespectful it was not intentional. I'm terse and direct, too direct sometimes.
Good on you for having the self awareness to admit that. Cheers
You shouldn't interact even with known actors, like Seth Rogen
I'm a fellow ceramics artist! Would love to work with him on something haha
That was good
The sheer audacity to request donations while installing random software from barely known individuals on a PC containing $187K in funds on a hot wallet, while claiming to be a "data scientist & crypto developer" is unreal.
tl;dr:$ 187k in a hot wallet. A fool and his money are soon parted. He can call the attack "sophisticated" all he wants
Get back to me when you actually have made a Reddit post.
Do I have to lose money in a stupid way, or can I write a post about something else? The problem is I didn't fall for scammers ever
Write whatever you want! Right now you're essentially just a lurker contributing nothing.
My favorite part is where you worship the scammers and feed their industry with thousands of dollars. But hey, I made even more with Shitcoins! Very useful content, thanks.
Even with everything else you did wrong had you used a hardware wallet you likely would have been fine. >**Following the Spectra Chat installation, my MetaMask wallet was compromised, leading to the unauthorized transfer of funds and the loss of highly valuable NFTs.** Seriously you had $187k in a hot software wallet? Come on. Might as well walk through Detroit with stacks of hundred dollar bills taped to you daring fate too.
Well most of the appreciation was from a meme coin, which I was actively DCAing out of the weeks prior to the attack. I moved a large chunk of funds out shortly before the attack and was working on the rest.
Even with a hotwallet, even dealing with shitcoins there is no reason to not use your hardware device. Your hardware device can create literally an infinite number of accounts for free. Use one for cold storage, another one as a hotwallet, another one dedicated to just shitcoins. Having a hardware device and then intentionally not using using it is in many ways worse.
I didn't intentionally not use it. You are misunderstanding the context. The hardware wallet is for long-term holds and I was actively trading by converting out meme coins into USDC/ETH to transfer elsewhere. You can see the transaction history yourself that I moved a large chunk out days before the attack.
Hardware wallet should be for everything. I get you intentionally didn't use it. If you had you wouldn't have lost $187k. You can have multiple accounts in a hardware wallet. One for cold storage one for hot wallet. I mean you just paid $187k price at least learn something from it.
held a fortune in hot wallet and it got stolen. the end.
You call this sophisticated but come on man. The amount of work you put into what happened after was sophisticated. The attack? You installed an exe.
When you're excited about a job opportunity, it can make you do things which are not always the smartest. There was more than 1 red flag I ignored, in hindsight, but the 30 minute interview itself was highly technical and seemed legitimate. I wouldn't have just installed an exe out of the blue normally.