If the BTC's are still there, move them asap to a much secure wallet and probably you will be the only one who knows. Crypto is money and the personal interest of other people with other's fund is there.
Yea i directly moved all BTC to a secure wallet.
The other possibility ist that your friend used a MEW phishing site, not the original one.
The safest way to use MyEtherWallet is to use it through the trezor interface or use the offline version from github: https://github.com/kvhnuke/etherwallet
Last year there was DNS poisoning attack targeting Trezor users: https://blog.trezor.io/psa-phishing-alert-fake-trezor-wallet-website-3bcfdfc3eced
But I don't think that's what happened to you.
Why didn't you use a multisig wallet / multisig contract?
The safest way to use MyEtherWallet is to use it through the trezor interface or use the offline version from github: https://github.com/kvhnuke/etherwallet
Last year there was DNS poisoning attack targeting Trezor users: https://blog.trezor.io/psa-phishing-alert-fake-trezor-wallet-website-3bcfdfc3eced
But I don't think that's what happened to you.
Why didn't you use a multisig wallet / multisig contract?
I dont think it was a phishing site since there was no reason for a transfer on that day. He saved the right MEW link on chrome.
Even tho it would be a phishing site, he still need to confirm the transaction on Trezor which he didn't(thats what he says).
multis wallet/ contract are def. something for the future. I actually didn't expect that someone can steal money from a cold wallet tbh.
This is also the reason why i think my friend didn't steal the money because it would be a very stupid scam tho.We share a lotto friends and even the amount was big, i think not big enough to risk a lot friendship and be marked as a scammer