Scammed but I can't imagine how it is possible.

[Perplex0]

I recently decided to switch to Exodus to recieve, send and hold my crypto. So I make an account earlier today. The password I use is completely unique to any password I've used anywhere else. I wrote it on a piece of paper, not digitally. The security phrases were also of course, completely unique, which I also wrote on a piece of physical paper. Throughout this process, there was absolutely no potential for anyone to have seen in any way as I was the only person in the room at the time and I am the only human on earth to have seen the pieces of paper. This alone rules out the potential for it to have been a malware attack, but to be certain that there was no malware like a keylogger, I ran malware bytes and avast, both of which came up with 0 detections. Not a single other human could know my password and phrases. and there is no malware on my computer at all. I make my first deposit into this brand new wallet, quite literally about 30 seconds after I created it. 10 minutes later, the BTC comes through as pending, and before it's even cleared and fully through, someone or something else CPFP'S it to a different wallet address, not owned by me. How is this physically possible to have happened? My only thought of how was that maybe it was an internal issue with exodus, but they are reluctant to give a clear answer on whether this is the case.

TXID of me sending the BTC in from an external exchange: 6968ae58150feef12af762f3709c38cc4493f94a6581c458bcb715b8f6561f04
TXID of the BTC being sent out: c25143fa3315b51861f0644200e24f6ce25d6b4127e2a98d99c008d2b110480b

I'd appreciate anyone who is good with crypto to explain any possibilities of how this could have happened. I don't exaggerate when I say it is literally impossible for any other human to have found out my password and phrases at all letalone in the 2 minute period between making them and depositing. I have 0 malware detections and none of the details are digitally stored. They haven't been seen by any other person in real life either.

I'd also appreciate anyone who knows whether this type of stuff is even able to be traced. It's not a big enough sum of money for anyone to care about but it's all I had in my bank so if anyone's able to find out how the breach happened or who/what took it, it would be greatly appreciated

[1713576878]

1713576878

[1713576878]

1713576878

[BitMaxz]

On what wallet is your BTC coming from before you send it to Exodus? or Are you talking about Exodus wallet and sent to another wallet?
Ow didn't notice it is from the exchange but what exchange exactly? So that we know if the exchange site is a scam or legit.

Another thing is that I stop using the Exodus wallet I heard many issues using it there are lots of people having problems with their wallets like stolen coins or hacked coins. If I were you if you are planning to hold a large amount of coins buy a hardware wallet you can also use it on a daily basis just make sure to keep your PC from any viruses and malware. I do not recommend you to use avast I suggest using Kaspersky to protect your PC I've tested it for so many years.

Edit: Like you said it seems someone has control of your wallet and it was sent to someone else wallet based on the TXID you share above the hacker sent BTC from bc1qvlcmsaq2x2frjff3plw8v8nyh6r2xqtt6duy6h to bc1q57f4xlzqpdtzy4ta9hx3sf9kxm27mhmyrqxzfu which is you don't own. The first transaction have a very low fee so it was not yet confirmed until the hacker made another transaction from Exodus to another wallet with a 0.001BTC TX fee he did CPFP to speed up the transaction because if the first transaction didn't confirm yet the transaction he made will also be stuck that is why he increases the fee to speed up transaction and to help confirm the first transaction.

That is why I stop using exodus due to this there is no difference from what other people experienced using their wallets so I guess it's an inside job. For now, there is no way to reverse the transaction and I suggest switch to a better wallet like Electrum or hardware wallet.

[bitcoindusts]

If there is no chance that outside factor can affect that transaction, it is possible that the malware is from the downloaded file itself.  It is possible that you have downloaded an infected or modified exodus wallet file that was injected with hijacking script that transfer your received Bitcoin automatically.  

There is no other reason than what I stated since you have zeroed out a third party intrusion.


It looks like there is a lot of cases like this that is using exodus wallet.

https://www.reddit.com/r/ExodusWallet/comments/ug7vai/my_exodus_wallet_got_hacked/

That is why I stop using exodus due to this there is no difference from what other people experienced using their wallets so I guess it's an inside job. For now, there is no way to reverse the transaction and I suggest switch to a better wallet like Electrum or hardware wallet.

I also think that it is highly likely an inside job.

[hosseinimr93]

I recently decided to switch to Exodus to recieve, send and hold my crypto.

What do you mean by switch?
Did you generate a new wallet in Exodus, or you imported your seed phrase from another wallet into Exodus?

Exodus is a close source wallet and there is no way to know what's happening behind the scene. There is no way to know whether they have access to users keys or not. So, you shouldn't use Exodus in the first place. Of course, this doesn't mean what happened to you is due to a vulnerability in Exodus. Someone probably had access to your keys and it could be to due to having a malware or using a fake version of exodus.

[Perplex0]

I recently decided to switch to Exodus to recieve, send and hold my crypto.

What do you mean by switch?
Did you generate a new wallet in Exodus, or you imported your seed phrase from another wallet into Exodus?

Exodus is a close source wallet and there is no way to know what's happening behind the scene. There is no way to know whether they have access to users keys or not. So, you shouldn't use Exodus in the first place. Of course, this doesn't mean what happened to you is due to a vulnerability in Exodus. Someone probably had access to your keys and it could be to due to having a malware or using a fake version of exodus.

No, I just downloaded it for the first time. I assure you, the download was the official one, and the possibility for it to have been a malware attack is 0. I didnt store any of the details to the account digitally so it can not have been malware or a keylogger, and malware bytes scan and avast scam both came up with 0 detections.

[BitMaxz]

No, I just downloaded it for the first time. I assure you, the download was the official one, and the possibility for it to have been a malware attack is 0. I didnt store any of the details to the account digitally so it can not have been malware or a keylogger, and malware bytes scan and avast scam both came up with 0 detections.

Since it's close source we don't know what actually their software doing like I said the issue you experience is the same as other users experience.
If I were you stop using exodus and better use a wallet which is known safe like Electrum, bitcoin core or hardware wallet.

Which wallet software you used previously to send your Bitcoin to Exodus wallet?

[1] https://www.tomsguide.com/news/avast-avg-data-collection

I think it is from exchange to Exodus wallet based on the OP details above .

And I agree about Avast most of their free software includes malware that collects data which is not safe.

[Perplex0]

This alone rules out the potential for it to have been a malware attack, but to be certain that there was no malware like a keylogger, I ran malware bytes and avast, both of which came up with 0 detections.

Off-topic, but Avast was caught collecting and selling user personal data for long time[1]. You might want to use different anti-virus with better history instead.

I make my first deposit into this brand new wallet, quite literally about 30 seconds after I created it. 10 minutes later, the BTC comes through as pending, and before it's even cleared and fully through, someone or something else CPFP'S it to a different wallet address, not owned by me.

Which wallet software you used previously to send your Bitcoin to Exodus wallet?

[1] https://www.tomsguide.com/news/avast-avg-data-collection

Yeah it was straight from exchange to the wallet. Nothing went wrong with the transaction from the exchange and they were clear with their response when I emailed. Exodus are being dodgy though.

[misterserious]

Did you check signatures of your downloaded installer? It acts like a fake one that automatically sends the incoming funds above.
Do you have some strange freeware software on your PC or do you use non-genuine softwares? A lot of RAT are not caught by most of the AV softwares and steal a lot of data like wallet related stuff, cookies, etc.

[Perplex0]

Did you check signatures of your downloaded installer? It acts like a fake one that automatically sends the incoming funds above.
Do you have some strange freeware software on your PC or do you use non-genuine softwares? A lot of RAT are not caught by most of the AV softwares and steal a lot of data like wallet related stuff, cookies, etc.

Yeah I checked it all to be sure. It was definitely the official site

[hosseinimr93]

No, I just downloaded it for the first time. I assure you, the download was the official one, and the possibility for it to have been a malware attack is 0.

But the chance of being hacked is never 0, if you use an online wallet. There's always the possibility of being hacked.
As I said in my previous post, Exodus is a close source wallet and there is no way to know whether they stole your fund or not.
If you want your fund to be secure in the future, you should use a reputable open-source wallet on an air-gapped device or go for a good hardware wallet.

[o_e_l_e_o]

This alone rules out the potential for it to have been a malware attack

No it doesn't. Screen capture malware could have stolen your seed phrase as soon as it was displayed to you.

but to be certain that there was no malware like a keylogger, I ran malware bytes and avast, both of which came up with 0 detections.

All that these can do is test software against a known database. They are not infallible, and there is malware out there which can evade such detection.

No, I just downloaded it for the first time. I assure you, the download was the official one

Again, this doesn't mean anything. Exodus is closed source, so actually you have no idea at all what you downloaded. Perhaps some malicious Exodus employee inserted some code to steal coins. Perhaps the app pulls from some library which has been replaced with a malicious version. Perhaps their download server was hacked and you downloaded a malicious app even though you were on the official site. Perhaps you weren't on the official site at all, and were redirected to a clone site without realizing. Perhaps you were victim of a homograph attack.

This is why it is important to use open source wallets which can be reproduced from the downloaded code, and which can be verified against signatures of their developers. It still doesn't make you immune to a malicious wallet software, but it certainly helps.