My Metamask was hacked!

[smil3y7]

So, as the title says - my Metamask account was hacked last night. I have absolutely no idea how it happened - I use randomly generated password stored in password keeping software, unlock Metamask with copy/paste (I don't type the password), never share private key except on rare occasions on legit MyEtherWallet website, when canceling pending transactions, scanned the computer for malware and viruses and everything seems clean... Last week my Twitter account was suspended due to accusation of creating multiple accounts (which I never did) and cross-posting between accounts which I believe might be connected.

The crook took out everything worth anything and I'm left with next to zero...

The thing is that he is still at it - if you check transaction logs for ETH address 0x27F0259f58dD6b33C808CAbE27f96810C0305A8f (https://etherscan.io/address/0x27f0259f58dd6b33c808cabe27f96810c0305a8f) you will see that he is still moving ETH and tokens to his wallet and I'm sure that he's not transferring funds from his own accounts.

Is there by any chance a way to get anything back or should I just cut my losses, lick my wounds and move on?

[DdmrDdmr]

<…>

Unfortunately, there is no way you are going to get the stolen crypto back. The guy, as you say, is still at it, and has amassed a fair share of ETH in just two weeks.  he best you can do now is to be wary of the security of all your devices and passwords, resetting them after you have a clean environment (you may even consider reinstalling your operating system and so forth before you proceed to changing passwords, or use a completely different device which is clearly not compromised).

The thing is that you do not know exactly what was the cause of the vulnerability in your security, so perhaps it is not just Metamask that was compromised, but it could even extend to your password access to other sites (banks, mail, etc.).

[smil3y7]

Yeah, that's what I'm afraid of. I'll do additional scans of my PC and as a last resort reinstall everything.

I reset Metamask password last night but I'm wondering - does the password reset apply for the wallet address in general (meaning on all devices I try to access this wallet) or just for the device I used to reset the password?

[CryptopreneurBrainboss]

Moving on is the only option and after following DdmrDdmr instructions, i will advice you create a separate account for your online transaction and another for storing of your tokens. As you said you have used your private keys to login some site you think are safe and since you have no idea how the scammer got hold of your account details. Using a separate account (different from the account used in storing your tokens) for all online transaction will be the best idea.

[G00DFe77a]

Wipe your computer completely and reinstall everything from scratch. He probably has a trojan into your system and everything is exposed. Be glad that it's just crypto and not your bank accounts.

[bitmover]

So, as the title says - my Metamask account was hacked last night. I have absolutely no idea how it happened -....
 never share private key except on rare occasions on legit MyEtherWallet website

That's the problem with metamask
You have to expose your private key often.

Not a safe wallet. It's a good initiative, however it's not safe. You can use for small amounts, but for real money you need to use a paper/hardware wallet.

Once you type your private key online, or copy/paste it, you should consider it exposed and move your funds elsewhere.

[erikoy]

Yeah it seems that your crypto holdings was being busted by a hacker. They are really that excellent and brilliant when it comes to hacking and controlling other computers as well. So one should hide files of the private keys and lock it to a folder so that it could have been also difficult for the hackers to access your keys to your wallets.

[DdmrDdmr]

<…> does the password reset apply for the wallet address in general (meaning on all devices I try to access this wallet) or just for the device I used to reset the password?

I’m not sure about the password. I think it is whatever you set it to on each device though. Anyhow, in order to get your wallets accessible to you on another device, you need to have the 12 word seed phrase, and follow the steps stated here: https://metamask.zendesk.com/hc/en-us/articles/360015289772-Using-MetaMask-On-Multiple-Computers.

I guess you want to rescue whatever you’ve got left on another device, or after reformating/or so your current device.

[mk4]

I use randomly generated password stored in password keeping software, unlock Metamask with copy/paste (I don't type the password),

There are certain malware and viruses that can gain access to your computer's clipboard(basically, the things you copy). So this might be it. Chances are that your antivirus software simply didn't detect the malware/virus. Unfortunately there's nothing you can really do. Next time, keep majority of your ETH on a cold storage, and only leave small amounts on Metamask.

[pptIox]

It’s terrible, it seems that there is a lot of knowledge need be mastered in crypto. Once you are not careful anywhere, you may encounter hackers or scams. This is not a good experience for crypto newcomers.
It seems to show that crypto is full of traps everywhere. 
Honestly, the concept of crypto really attracted me, but I am a bit hesitant now, because there is too much to learn here.

[smil3y7]

Thanks for your input, folks.

From what I've done I think the problem might be that when I was importing seed to Metamask I automatically did it through the website that opened when I installed the extension. I think it was this one >> chrome-extension://nkbihfbeogaeaoehlefnkodbefgpgknn/home.html#unlock Might be the website was compromised.

I'll definitely file a report with the authorities and see where things go from there.

In the meantime, prick cleared a couple more wallets today. Hopefully he'll make a mistake eventually and he'll get what he deserves...

[Zulfiyan]

Be careful to visit the other website, Soke websote is can see your private key, Do you try to delete metamask from your browser and instal again? Try it, i think that metamask error in your browser, so try to delete and instal it. Are you save your private key? Try login with private key