cheezcarls (OP)
|
|
April 20, 2022, 04:33:40 AM |
|
Note: Admins or mods feel free to move this topic in an appropriate section if possible, because I am not sure which section can I post this.
As the title says, yes I am dealing with the worst day of my crypto life. My 3 Metamask wallets have been hacked (maybe because of that fake PDF file I have clicked in which I didn't double or triple check it which is my bad). A total of more than $12k in 3 wallets combined that was drained. This is the very first time that I got hacked on crypto, after a few years. And I certainly believe that the one who reached me out on Telegram was a fake dev (in which I am so blind in checking his real and actual Telegram account) because we were "suppose" to be "collaborating" for a video review that needs me to "sign" the document. But in the end, yes it's a ZIP file that needs to be opened but with docs, images and that "fake-looking" PDF file in which I lately found that it is a "SCREEN SAVER" file).
And yes I fell for it.
I didn't provide seed phrases online and did some revoking too on all wallets. But these hackers are now very intelligent and always found a backdoor despite that I did my very best to avoid getting hacked.
I should have put all of them in my Ledger before this happened, so my complacency gives me the karma that I deserve. It's very hard for me to move on right now. I only have a little savings left after everything I've worked and sacrificed all these years since the pandemic and now going back to square one, but for now I'll just have to deal with this and keep moving forward despite the difficulties and emotional pain that I am in right now. It's very hard to earn $12k for a guy like me living in a 3rd world country.
So the lesson that I have learned right now is to always triple check the files that I have downloaded and not going to be blind on who I am doing a convo with.
|
|
|
|
cryptoaddictchie
Legendary
Online
Activity: 2254
Merit: 1376
Fully Regulated Crypto Casino
|
|
April 20, 2022, 04:50:57 AM |
|
Mate reading your story makes me wanna think of something hopeless already but there you are sharing your experience which really helpful for all of us. Ive been scammed before, but not hacked so Ive dont know what it feels like and I can sense tremendous downfall possibly if I were in your case. But I believe you could surpass this and overcome in time. You are a good member of this community and been seeing your contributions. I do hope that some learned too on how to secure their asset.
Hoping for your ease cope mate. Sorry for that damn experienced, those hackers should pay their crimes and must be apprehended.
|
| CHIPS.GG | | | ▄▄███████▄▄ ▄████▀▀▀▀▀▀▀████▄ ▄███▀░▄░▀▀▀▀▀░▄░▀███▄ ▄███░▄▀░░░░░░░░░▀▄░███▄ ▄███░▄░░░▄█████▄░░░▄░███▄ ███░▄▀░░░███████░░░▀▄░███ ███░█░░░▀▀▀▀▀░░░▀░░░█░███ ███░▀▄░▄▀░▄██▄▄░▀▄░▄▀░███ ▀███░▀░▀▄██▀░▀██▄▀░▀░███▀ ▀███░▀▄░░░░░░░░░▄▀░███▀ ▀███▄░▀░▄▄▄▄▄░▀░▄███▀ ▀████▄▄▄▄▄▄▄████▀ █████████████████████████ | | ▄▄███████▄▄ ▄███████████████▄ ▄█▀▀▀▄█████████▄▀▀▀█▄ ▄██████▀▄█▄▄▄█▄▀██████▄ ▄████████▄█████▄████████▄ ████████▄███████▄████████ ███████▄█████████▄███████ ███▄▄▀▀█▀▀█████▀▀█▀▀▄▄███ ▀█████████▀▀██▀█████████▀ ▀█████████████████████▀ ▀███████████████████▀ ▀████▄▄███▄▄████▀ ████████████████████████ | | 3000+ UNIQUE GAMES | | | 12+ CURRENCIES ACCEPTED | | | VIP REWARD PROGRAM | | ◥ | Play Now |
|
|
|
mk4
Legendary
Offline
Activity: 2912
Merit: 3881
📟 t3rminal.xyz
|
|
April 20, 2022, 05:35:20 AM |
|
So the lesson that I have learned right now is to always triple check the files that I have downloaded and not going to be blind on who I am doing a convo with.
..and probably put most of your funds on your Ledger wallet. Because security is the main reason you purchased a hardware wallet, right? So use it. Not to twist the knife here, but yea. Best of luck in rebuilding, OP.
|
|
|
|
qwertyup23
|
|
April 20, 2022, 06:12:03 AM |
|
Ahh man, I definitely feel sorry for your loss. Given that the nature of cryptocurrencies can be easily hacked nowadays, it is arguably recommended to triple check all the files being sent to you. Again, as much as I pity for your loss, it is also your responsibility (though you mentioned that you were negligent) to check all the files and to doubt everything being sent to you.
Mistakes like these tend to shape our future decisions. As much as this is very unfortunate, this would actually help newbies to be more careful in selecting and choosing all the files being sent to them.
It also just got me thinking that scammers/hackers nowadays can conveniently create suspicious files that once you opened them, pandora's box will break loose. I really hope that your experience will save thousands of people from this event.
|
|
|
|
Rikafip
Legendary
Offline
Activity: 1932
Merit: 6421
|
|
April 20, 2022, 07:02:59 AM |
|
And I certainly believe that the one who reached me out on Telegram was a fake dev (in which I am so blind in checking his real and actual Telegram account) because we were "suppose" to be "collaborating" for a video review that needs me to "sign" the document. But in the end, yes it's a ZIP file that needs to be opened but with docs, images and that "fake-looking" PDF file in which I lately found that it is a "SCREEN SAVER" file). Damn, that's a sneaky way to scam someone and the one that is very easy to fall for if you are doing business on Telegram as there is a lot of stuff going on there all the time. I know its not the mistake that you specifically did, but I would advise everyone to disable the option to automatically download any files as this thing is enabled by default on Telegram and I heard many stories about people getting rekt that way. It's very hard for me to move on right now. I only have a little savings left after everything I've worked and sacrificed all these years since the pandemic and now going back to square one, but for now I'll just have to deal with this and keep moving forward despite the difficulties and emotional pain that I am in right now I can completely relate to your feelings right now as back in 2017 I went through something similar: my bitcoin wallet got hacked and I lost 0.1 BTC which was basically all I had at the moment. Even though the amount lost is smaller than yours I also thought about giving up and leaving crypto as it was very disheartening to loose everything. But after few days of mourning I owned my own mistakes and continue the journey, this time being way more careful than before. In the end it proved to be the best decision ever so I suggest you to do the same, no matter how hard it looks now.
|
|
|
|
DdmrDdmr
Legendary
Offline
Activity: 2492
Merit: 11048
There are lies, damned lies and statistics. MTwain
|
<…>
One thing that is not pristine clear to me is how your wallets got hacked, once the malware software was installed. By that, I mean whether they managed to achieve remote access to your environment, keylogged data, or whatever other means. I presume the former. Additionally, to let others know, what counter measures have you taken? (i.e. format your device and start from scratch, etc.). With regards to not having the crypto protected by the Ledger, I guess that either you didn’t want to incur in fees of some sort, or wanted to avoid the hassle of having to retrieve and use the Ledger device for each TX you performed (which is a core usage), thus leaving it on Metamask. Best of luck getting back on your toes.
|
|
|
|
pakhitheboss
|
|
April 20, 2022, 07:43:04 AM Last edit: April 20, 2022, 09:15:49 AM by pakhitheboss Merited by cheezcarls (1) |
|
Phising PDF hack has become a serious issue. When you open those PDF it activates a malware which in your case might have been attached with the multimedia content. The most common way PDF phising works is by luring an individual to click on a hyperlink, which then take them to a malacious site or activates a malware.
Sorry to hear that you have lost your hard earned money. 12k is a big amount for anyone living in a third world country. I have not been scammed yet, but I have incurred losses due to my own negligence. I hope you take this incident as a lesson and move forward in your life
|
|
|
|
Marvelman
Full Member
Offline
Activity: 1008
Merit: 139
★Bitvest.io★ Play Plinko or Invest!
|
|
April 20, 2022, 08:11:47 AM |
|
My question is similar to DdmrDdmr's. I still don't understand how exactly the OP was hacked. Was it a fake PDF that was basically an executable (screen saver)? What happened after that?
Phising PDF hack has become a serious issue. When you just open those PDF it activates a malware which in you case might have been attach with the multimedia content. The most common way to in PDF phising is to lure the individual to click on hyperlink which then take you to a malacious site or activate a malware.
If it was malware attached to a PDF file, what does that have to do with a phishing attack?
|
|
|
|
cheezcarls (OP)
|
|
April 20, 2022, 08:19:52 AM |
|
Phising PDF hack has become a serious issue. When you just open those PDF it activates a malware which in you case might have been attach with the multimedia content. The most common way to in PDF phising is to lure the individual to click on hyperlink which then take you to a malacious site or activate a malware.
Sorry to hear that you have lost your hard earned money. 12k is a big amount for anyone living in a third world country. I have not been scammed yet but I have incurred losses due to my own negligence. I hope you take this incident as a lesson and move forward in your life
It actually looks like a PDF file but when I double clicked it nothing happened. Now that's where I realize that it was indeed a malware. So it's a different kind of file with the end "SCREEN SAVER". But I am also curious that despite my main Trust Wallet wasn't connected to my Metamask wallet browser, why it was also drained. I have a total of 4 Metamask wallets attached there. But I am surprised that my two remaining wallets weren't touched despite having small decent amounts. In one of those Metamask wallets being hacked, I am also curious that the hacker didn't pull out the BCMC1 token I have worth almost $900. It was still there to be honest (unless the hacker may go back and strike again), but I have zero ETH now and I cannot transfer it to P2PB2B exchange, so I am stuck and wanted to pull it out but I have no more ETH anymore and depositing from the bank to the exchange has expensive fees.
|
|
|
|
Lucius
Legendary
Offline
Activity: 3416
Merit: 6143
Crypto Swap Exchange🈺
|
|
April 20, 2022, 11:02:45 AM |
|
First I'll say I'm sorry for your loss While it may be important now to determine how you were hacked to prevent this from happening to you again and from happening to someone else, I'll just say one thing - Telegram and every browser crypto wallet are a terrible combination. I have never used MetaMask because it is inconceivable for me to use a crypto-wallet as a browser extension, or to store thousands of $ valuable digital assets in this way (or in a mobile application). What else to say except that you paid dearly for one life lesson, and now you have to keep living no matter what happened to you. As worn out as it may sound, you only lost money - you are still alive, healthy, and have a roof over your head, unlike all those who have lost everything they had in the past months.
|
|
|
|
aysg76
Legendary
Offline
Activity: 1960
Merit: 2124
|
Damn, that's a sneaky way to scam someone and the one that is very easy to fall for if you are doing business on Telegram as there is a lot of stuff going on there all the time. I know its not the mistake that you specifically did, but I would advise everyone to disable the option to automatically download any files as this thing is enabled by default on Telegram and I heard many stories about people getting rekt that way.
Telegram is risky as well as useful at the same time so we need to be extra careful while dealing with the third person whom we don't know personally as this is pure risk dealing and you need to have all the safety measures.There are number of telegram scam cases like adding you to some fake groups and now this auto download.So for those who don't know how to turn it on here is the procedure for you all For not being added in any group without your permission:Telegram>Privacy and security> Groups>Who can add you to group> My contacts You can add exception to these cases anytime For turning off the auto download meadia features as sometimes it is by default on in Telegram: Telegram>Settings>Data and storage> Auto download media turn off on mobile as well wifi network ~snip~
This is sad to hear about that despite being aware about these crypto scams you unintentionally fall victim of it losing your hard earned money worth $12k and know how hard this must be for you at this time.But these scammers are always trying to find an opportunity which they gained in your case with this phishing PDF file and having access to your metamask wallet draining out the funds out of it. Recently as per reports the number of phising PDF scams have grown drastically over the past two years as scammers are finding out the new ways to make the fool of people.Mostly they are carried out by redirecting you to some fake websites and giving the hackers full control at the backend like installing some keylogger malwares and other virus that can access your files over the system.As per study these scams are classified into various types according to their percentage as follows: You see they have various ways to make you fool like by verify the captcha and other ways.As you said it was Screen saver scam so the hackers just sent you clickable pdf which was gaining access to your system and funds were withdrawn. Generally as said they are injected with with malwares that are stringed to hackers backend giving him the access to your wallets as Metamask is usually logged in your system as browser extension so it's easy once they gain access to your system.Here is one reference image explaining how it will redirect you to some fake websites: You must be thinking what's happening while the bad actor's are draining out your wallets and once you know whats happening and revoke the permission it's too late as happened with you.This is happening nowadays for the NFT's people having on Metamask wallet but you also haved funds over there.This is why you need hardware wallets and keep as low funds you could on these wallets for you safety. Read this article to check more about such scams in detail and be safe from them in future. Take it as lesson and be safe i future.
|
|
|
|
Daodex
Member
Offline
Activity: 252
Merit: 12
|
|
April 20, 2022, 11:07:58 AM |
|
I'm guessing this happened on a PC, sigh! Its always the PC, there are many ways to fall victim to hackers on a PC than on other devices out there, the PC is just too complicated when it comes to trying to stay safe and out of trouble, my advice is never to use a PC for crypto wallets at all .
|
|
|
|
sunsilk
|
|
April 20, 2022, 11:59:22 AM |
|
It's hard to read your story because it's saddening and I've felt your frustration. I'm very sorry for what has happened to you. It's really important to invest in a hardware wallet, whether it's Trezor, safepal, keepkey or a Ledger wallet to secure our crypto life savings. I'm guessing this happened on a PC, sigh! Its always the PC, there are many ways to fall victim to hackers on a PC than on other devices out there, the PC is just too complicated when it comes to trying to stay safe and out of trouble, my advice is never to use a PC for crypto wallets at all .
Yes, it's happened there whether it's PC or laptop, they're just the same. These hackers have been creative in doing their robberies. So, everyone has to be careful and mind to take care of their funds through a hardware wallet or anything you know as long as it's safe in your opinion.
|
|
|
|
Rockstarguy
|
|
April 20, 2022, 01:27:13 PM |
|
Sorry for what has happened to you I understand how it is like losing a huge amount of money like, this that you have worked for all this years. Don't loose hope , I believe your hard work will still give you more . Your experience will guild you from making another mistake like this and it will also help other to learn from it to avoid mistake of this kind .
|
|
|
|
R |
▀▀▀▀▀▀▀██████▄▄ ████████████████ ▀▀▀▀█████▀▀▀█████ ████████▌███▐████ ▄▄▄▄█████▄▄▄█████ ████████████████ ▄▄▄▄▄▄▄██████▀▀ | LLBIT | | | 4,000+ GAMES███████████████████ ██████████▀▄▀▀▀████ ████████▀▄▀██░░░███ ██████▀▄███▄▀█▄▄▄██ ███▀▀▀▀▀▀█▀▀▀▀▀▀███ ██░░░░░░░░█░░░░░░██ ██▄░░░░░░░█░░░░░▄██ ███▄░░░░▄█▄▄▄▄▄████ ▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀ | █████████ ▀████████ ░░▀██████ ░░░░▀████ ░░░░░░███ ▄░░░░░███ ▀█▄▄▄████ ░░▀▀█████ ▀▀▀▀▀▀▀▀▀ | █████████ ░░░▀▀████ ██▄▄▀░███ █░░█▄░░██ ░████▀▀██ █░░█▀░░██ ██▀▀▄░███ ░░░▄▄████ ▀▀▀▀▀▀▀▀▀ |
| | | | | | .
| | | ▄▄████▄▄ ▀█▀▄▀▀▄▀█▀ ▄▄░░▄█░██░█▄░░▄▄ ▄▄█░▄▀█░▀█▄▄█▀░█▀▄░█▄▄ ▀▄█░███▄█▄▄█▄███░█▄▀ ▀▀█░░░▄▄▄▄░░░█▀▀ █░░██████░░█ █░░░░▀▀░░░░█ █▀▄▀▄▀▄▀▄▀▄█ ▄░█████▀▀█████░▄ ▄███████░██░███████▄ ▀▀██████▄▄██████▀▀ ▀▀████████▀▀ | . ▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄ ░▀▄░▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄░▄▀ ███▀▄▀█████████████████▀▄▀ █████▀▄░▄▄▄▄▄███░▄▄▄▄▄▄▀ ███████▀▄▀██████░█▄▄▄▄▄▄▄▄ █████████▀▄▄░███▄▄▄▄▄▄░▄▀ ████████████░███████▀▄▀ ████████████░██▀▄▄▄▄▀ ████████████░▀▄▀ ████████████▄▀ ███████████▀ | ▄▄███████▄▄ ▄████▀▀▀▀▀▀▀████▄ ▄███▀▄▄███████▄▄▀███▄ ▄██▀▄█▀▀▀█████▀▀▀█▄▀██▄ ▄██▀▄███░░░▀████░███▄▀██▄ ███░████░░░░░▀██░████░███ ███░████░█▄░░░░▀░████░███ ███░████░███▄░░░░████░███ ▀██▄▀███░█████▄░░███▀▄██▀ ▀██▄▀█▄▄▄██████▄██▀▄██▀ ▀███▄▀▀███████▀▀▄███▀ ▀████▄▄▄▄▄▄▄████▀ ▀▀███████▀▀ | | OFFICIAL PARTNERSHIP SOUTHAMPTON FC FAZE CLAN SSC NAPOLI |
|
|
|
Luzin
|
|
April 20, 2022, 03:21:12 PM |
|
$12,000 is a huge amount. It took me a long time to raise that kind of money. It is indeed sad to lose such a lot of money. You can be sad you can regret it but it's already happened you can't turn back the clock. At least this article lets you and I know that PDFs can also carry viruses. Even I just found out today. I as a worker dealing with documents became a little scared. So far I don't want to experience, but is there a way to detect PDF files followed by viruses like this? Of course I am very curious. Hopefully, friends here can share the easiest and cheapest way.
|
|
|
|
R |
▀▀▀▀▀▀▀██████▄▄ ████████████████ ▀▀▀▀█████▀▀▀█████ ████████▌███▐████ ▄▄▄▄█████▄▄▄█████ ████████████████ ▄▄▄▄▄▄▄██████▀▀ | LLBIT | | | 4,000+ GAMES███████████████████ ██████████▀▄▀▀▀████ ████████▀▄▀██░░░███ ██████▀▄███▄▀█▄▄▄██ ███▀▀▀▀▀▀█▀▀▀▀▀▀███ ██░░░░░░░░█░░░░░░██ ██▄░░░░░░░█░░░░░▄██ ███▄░░░░▄█▄▄▄▄▄████ ▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀ | █████████ ▀████████ ░░▀██████ ░░░░▀████ ░░░░░░███ ▄░░░░░███ ▀█▄▄▄████ ░░▀▀█████ ▀▀▀▀▀▀▀▀▀ | █████████ ░░░▀▀████ ██▄▄▀░███ █░░█▄░░██ ░████▀▀██ █░░█▀░░██ ██▀▀▄░███ ░░░▄▄████ ▀▀▀▀▀▀▀▀▀ |
| | | | | | | | | ▄▄████▄▄ ▀█▀▄▀▀▄▀█▀ ▄▄░░▄█░██░█▄░░▄▄ ▄▄█░▄▀█░▀█▄▄█▀░█▀▄░█▄▄ ▀▄█░███▄█▄▄█▄███░█▄▀ ▀▀█░░░▄▄▄▄░░░█▀▀ █░░██████░░█ █░░░░▀▀░░░░█ █▀▄▀▄▀▄▀▄▀▄█ ▄░█████▀▀█████░▄ ▄███████░██░███████▄ ▀▀██████▄▄██████▀▀ ▀▀████████▀▀ | . ▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄ ░▀▄░▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄░▄▀ ███▀▄▀█████████████████▀▄▀ █████▀▄░▄▄▄▄▄███░▄▄▄▄▄▄▀ ███████▀▄▀██████░█▄▄▄▄▄▄▄▄ █████████▀▄▄░███▄▄▄▄▄▄░▄▀ ████████████░███████▀▄▀ ████████████░██▀▄▄▄▄▀ ████████████░▀▄▀ ████████████▄▀ ███████████▀ | ▄▄███████▄▄ ▄████▀▀▀▀▀▀▀████▄ ▄███▀▄▄███████▄▄▀███▄ ▄██▀▄█▀▀▀█████▀▀▀█▄▀██▄ ▄██▀▄███░░░▀████░███▄▀██▄ ███░████░░░░░▀██░████░███ ███░████░█▄░░░░▀░████░███ ███░████░███▄░░░░████░███ ▀██▄▀███░█████▄░░███▀▄██▀ ▀██▄▀█▄▄▄██████▄██▀▄██▀ ▀███▄▀▀███████▀▀▄███▀ ▀████▄▄▄▄▄▄▄████▀ ▀▀███████▀▀ | | OFFICIAL PARTNERSHIP SOUTHAMPTON FC FAZE CLAN SSC NAPOLI |
Hero - Legendary Member Quote from: Hero - Legendary Member R ▀▀▀▀▀▀▀██████▄▄ ████████████████ ▀▀▀▀█████▀▀▀█████
|
|
|
Avnerochi
Newbie
Offline
Activity: 9
Merit: 0
|
|
April 20, 2022, 05:24:45 PM |
|
Sorry to hear about it my friend, i can't image how you are feeling right now It could happen with Metamask wallets but not with ledger ? Thanks for sharing from your experience, it might just save someone one day from getting hacked himself. Sending positive vibes
|
|
|
|
CryptoATM
Member
Offline
Activity: 368
Merit: 15
|
|
April 20, 2022, 06:39:56 PM |
|
No matter how careful you are you can't always escape every form of scammers trap, there will be few you knew nothing about, scammers always find a less popular ways of scamming people, just move on mate, God is your strength.
|
|
|
|
The Cryptovator
Legendary
Offline
Activity: 2394
Merit: 2223
Signature space for rent
|
|
April 20, 2022, 06:42:13 PM |
|
Sorry for your loss, this is a costly lesson for you. This isn't a new hacking method but it's too late for you. The device you are using to store cryptocurrency should keep secure from the unknown file. That's how hackers take access to your wallet and funds. It's better always to store cryptocurrency in a hardware wallet. I always prefer that for good practice. Don't be hopeless, you can earn if you are alive. A few accidents tech is a lot of things. Just start from the beginning and be careful.
|
Signature Space for Rent
|
|
|
PrivacyG
Legendary
Offline
Activity: 966
Merit: 1997
Crypto Swap Exchange
|
|
April 20, 2022, 07:07:19 PM |
|
It should be general knowledge that you do not open an unknown file on the same device you are holding your fortune on. You either do not open it at all or you use another device or a Virtual Machine in the worst case to see what is up with it. Particularly when this file is received through Telegram.
Unfortunate, but you fell for it and all you can do now is learn. Learn to take more care of your valuables. Do not mix Cryptocurrency wallets with unknown files.
- Regards, PrivacyG
|
|
|
|
Rengga Jati
|
|
April 20, 2022, 09:42:55 PM |
|
-snip-
First of all, so sorry to hear that, and you share this very valuable experience with us all here, It is risky enough to click any kind of link moreover given by an unknown or someone else. This actually has been happening several times to some people, getting hacked because of the fake link, phishing, and others. This is actually a bad experience, but this can really teach us how to be wiser and also more careful. Once more, this is a worthy lesson for us to be more careful and never click any link, promotion, or others if we are doubtful and don't know enough about the source of the link, better to avoid
|
|
|
|
|