I thought I did things safely and was so careful but somehow someone still got me.
3 min read
I’ve been in crypto for a little while now… 5+ years easily. I’m no expert by any means (proven by the fact that I was somehow hacked) but I thought I was still pretty damn careful. Air gapped PC’s, encrypted drives, etc… I take my security serious.
Somehow, someone was able to access the wallets on my phone as well as my Coinbase account. I had 2fa with Google authenticator on CB that they were somehow able to get by as well, allowing them to send my funds to their wallet. They also attacked my Metamask, MEW, and VeChain wallets- but luckily haven’t been able to withdraw the bulk of my assets which are currently controlled on a Ledger- nor did they access my Pera Algo, which is also controlled by the Ledger.
I do not believe my seeds have been compromised simply because they didn’t drain the Ledger account which is where most of my funds are, and also because they were able to get into my coinbase account somehow, purchase more crypto, and send everything that was on there to another wallet. It is because of this that I believe my phone was hacked somehow, as none of these wallets are on my PC.
At this point I am unsure how my phone would have been compromised but it’s the only thing I can come up with as the MEW, metamask and VeChain wallets were limited to my phone and have never transacted with any smart contracts or anything. I run Malwarebytes on the mobile, utilize a trustworthy VPN, don’t download apps that aren’t well known and trusted- if I even download any at all, and I keep my phone locked and encrypted- and furthermore I even have my wallets and authenticators further encrypted in Samsung’s “Knox” Vault which requires a second, different password to access. Nobody has access to my phone- it is on me at all times. I never connect to unknown wi-fi networks, and keep my network pretty secure I feel- again using a VPN in addition to WPA2 network encryption.
I’ve scanned my phone, reviewed my apps and permissions- and haven’t found anything to reveal exactly how it happened. I have recently transferred these wallets from another mobile device I had, so I am in the process of checking that device too. I have contacted CB to have my account flagged and have decided to do a hard reset on my mobile device and just re-establish everything new from the ground up- but not knowing exactly how it happened to begin with has me pretty damn worried. I have to believe it originated online since I don’t discuss my crypto with anyone irl. I lost a bit of money, a few random nft’s, .eth domains, etc. but luckily it seems the majority of my assets have remained safe with the hardware wallet so I’m quite thankful for that little guy- more than I can tell you.
I will update if I figure anything out but be careful out here seriously guys as annoying as it is to hear it needs to be said- this is wild and if it can happen to me with as many precautions as I’ve taken, it can probably happen to a lot of other people who think it couldn’t. I wish I could offer more to help everyone stay safe- but if you can learn anything from my story it would probably be to buy a hardware wallet to have somewhere truly safe that you can store your funds.
submitted by /u/daddyneedsanewlife
[link] [comments]
