RarityCheck VIBGYOR gilded #12 swept yesterday.

[2stout]

based on the quality of the paper and ink used - I recommend peeling all of RC coins - many of them have ink that is bleeding which will only get worse over time.

I believe Krogoth mentioned the Vigilante coin keys were crystal clear.

[2stout]

Walletgenerator.net has had known vulnerabilities since at least 2019: https://medium.com/mycrypto/disclosure-key-generation-vulnerability-found-on-walletgenerator-net-potentially-malicious-3d8936485961

But one other issue is that walletgenerator does not support the creation of Vanity keys...so I'm confused why you even switched to using this software from bitaddress?

This is for the website- not for the code on github which RC said he used.
One of the main reasons this vulnerability was found was by comparing the two code bases, which revealed the addition of the malicious code.

From that medium article you posted in (2019):
'At this time, the code on GitHub is not malicious nor vulnerable, nor has it been malicious or vulnerable previously.'
Last checkin for that code on github appears to be 7 years ago.

Even if that code was compromised, if it was on an air gapped system theres no way it could have communicated the keys back to the malicious actors.
Something doesnt smell right here.

Okay I was about to remove my negative trust for this incident considering the refunds and finally revealing the software, but it still doesn't add up.  If the github repo that raritycheck cited is not vulnerable, then there is more to the story.  Surely after 7 years someone would have reported an issue on github. 

It was pure luck. We wanted to try creating vanity addresses (1O) for VIBGYOR coins so we looked at multiple options.
In the end we didn’t end up creating vanity addresses
But still went with the software we trying to generate vanity addresses

We are currently trying to help every impacted customer.
Please note that we aim to reach out to every single one by Sunday evening.

Additionally, you stated that you used this software to generate vanity addresses, but it does not support generating vanity addresses.  From what I can tell it offers no functionality above what bitaddress.org does except for supporting dead shitcoins. 

I don't want to seem like we are being overly critical, and I want to commend you for refunding people, but the fact you waited this long to even give us the name of the software tells me you are still not sharing the full story. 

Perhaps because it said vanitygen, they assumed it would do such but maybe they changed their mind or figured after the fact it didn't, but decided to stick with it for whatvever reason(s).  Not sure, but maybe that's possible.  The addresses that were sweeping seemed to be collecting coins from a few, if not many sources.  Seems things will come to light sooner than later.

[MoparMiningLLC]

based on the quality of the paper and ink used - I recommend peeling all of RC coins - many of them have ink that is bleeding which will only get worse over time.

I believe Krogoth mentioned the Vigilante coin keys were crystal clear.

that would be refreshing considering the ones I have seen so far.

[seavodin]

Walletgenerator.net has had known vulnerabilities since at least 2019: https://medium.com/mycrypto/disclosure-key-generation-vulnerability-found-on-walletgenerator-net-potentially-malicious-3d8936485961

But one other issue is that walletgenerator does not support the creation of Vanity keys...so I'm confused why you even switched to using this software from bitaddress?

This is for the website- not for the code on github which RC said he used.
One of the main reasons this vulnerability was found was by comparing the two code bases, which revealed the addition of the malicious code.

From that medium article you posted in (2019):
'At this time, the code on GitHub is not malicious nor vulnerable, nor has it been malicious or vulnerable previously.'
Last checkin for that code on github appears to be 7 years ago.

Even if that code was compromised, if it was on an air gapped system theres no way it could have communicated the keys back to the malicious actors.
Something doesnt smell right here.

Okay I was about to remove my negative trust for this incident considering the refunds and finally revealing the software, but it still doesn't add up.  If the github repo that raritycheck cited is not vulnerable, then there is more to the story.  Surely after 7 years someone would have reported an issue on github. 

It was pure luck. We wanted to try creating vanity addresses (1O) for VIBGYOR coins so we looked at multiple options.
In the end we didn’t end up creating vanity addresses
But still went with the software we trying to generate vanity addresses

We are currently trying to help every impacted customer.
Please note that we aim to reach out to every single one by Sunday evening.

Additionally, you stated that you used this software to generate vanity addresses, but it does not support generating vanity addresses.  From what I can tell it offers no functionality above what bitaddress.org does except for supporting dead shitcoins. 

I don't want to seem like we are being overly critical, and I want to commend you for refunding people, but the fact you waited this long to even give us the name of the software tells me you are still not sharing the full story. 

Perhaps because it said vanitygen, they assumed it would do such but maybe they changed their mind or figured after the fact it didn't, but decided to stick with it for whatvever reason(s).  Not sure, but maybe that's possible.  The addresses that were sweeping seemed to be collecting coins from a few, if not many sources.  Seems things will come to light sooner than later.

Hybridsole's point, is that nowhere on either the website or on github does it say that it supports generating vanity addresses. RC said that this was the impetus for switching to this keygen method, which makes zero sense given that its not listed as a feature. There's a whole bunch of things here that do not line up or make sense, which is worrying.

My bet, is that for whatever reason they didnt have the original systems that they used to create keys for the vigilante coins. They then, to shortcut, decided to generate keys using walletgenerator.net, but not by using the code from github on an air gapped system- but directly from the webpage.

That medium article came out in late 2019: we know the webpage was vulnerable around that timeframe. In looking at a lot of the funding transactions that were swept the other day (both the VIGBYOR coins and other unfortunate souls), the ones i looked at appeared to be in the timeframe of 2020 to 2022. My guess is that the malicious code was removed from the webpage in 2019 right after the article came out, then added back in, in 2020. It collected keys throughout 2020 to 2022, catching the VIGBYOR coins that were done through the webpage, and then are now being swept in 2024.

There is nothing more important than key generation and preservation on these collectables, and these coins (and the lost coins it seem), fail spectacularly in this regard. Not only was the key generation done with little to no care or research, but then the preservation medium (paper, ink, legibility), was done with little regard to redeeming in the future.

Most worrying of all, is that this maker has been dodging questions, not sharing information in a timely fashion that would help other scam victims, and then when they do share information- none of it makes logical sense. You guys really want to give a pass to that? Say everything is 100% in order and RC should be trusted? More than likely they didnt want to share that they used the website because it is extremely negligent and would shatter trust.

[ZipReg]

I may have responded a bit harshly originally, but it infuriates me when this level of incompetence is allowed to flourish in this space.

It's good to see rarity making people whole, but there is zero room for incompetence in this space.
You should never make and sell another key ever again rarity, have someone trusted do it or stick to DIY.

Furthermore, I have no skin in the game here, however, in case I have to point it out to everyone,
he's been saying the whole time that he was using a new vanitygen software then the big reveal is that he used a compromised walletexplorer.net

Last I checked, walletexplorer.net has never been a vanity address generator, so I'm calling BS on that.. And don't even get me started on those ghetto ass printed keys shown.

I ain't buyin' any of it guys. And like I said, I have no skin in this game, I'm just speaking truth and offering advice.

I have played around with compromised wallet software before, when you fund a compromised address, 99% of the time the funds are swept within minutes.

I would advise everyone to secure their BTC. Don't say I didn't warn you if this turns out to be a test run and the next one sweeps everything.

[DaveF]

Raritycheck is 100%. Swiped bitcoin has been refunded. An honorable man. Proven trusted in my book. A shame this stuff happens to good people on all sides. Yet another part of history, and a mistake turned into a lesson for us all.

No, no he sure as shit has not proven to be “proven trusted”.

I threw up at about every other post in the last few pages. I mean for the dear love of Christ why in the fck do you guys want to keep purchasing funded coins..WHY?!?! Some of you are just complete fools, many of you I love to death, but I think you’re being incredibly foolish and setting a TERRIBLE precedent for the future of this hobby. Yall want to the hobby to last, take sound advice when given. DIY or Krogos funding method are solid options if you HAVE to have your wallets loaded, anything else..no.

I read that last couple pages quickly but still don’t believe we’ve been given a breakdown of how keys were generated. @RC you should have addressed this at least by like the 10th time it was requested. Also please STOP telling people not to peel..what’s it to you??? That’s really none of your concern and should have no opinion in the matter. I’m not sure I’ve seen a maker ever tell someone they shouldn’t peel their coins.

Coin refunds should absolutely unequivocally be above just load value, anything less is a slap in the face and bullshit, period.

Why load coins moving forward? You clearly don’t have the proper equipment or knowledge and I can’t fathom anyone ever wanting anything funded by you again. Also, who is “we”.  Do you really have a team helping you? How many people? What’s their names /background?

Wake up people, I’m bn a grumpy asshole here because I care !! Not because I’m some negative spirit trying to tear down the hobby, one I’ve spent a whole lot of hours trying to help build. I want it to continue without question, but in a proper manner. 

I guess I’ll just repeat this in the next compromised thread..and then the next (and they will be coming, I assure you).

End rant.

What I posted yesterday:

...

I am at the point that I am no longer even looking to buy or even keep anything funded.

Selling off what I have and sticking to only keeping coins that I generated the keys for. Was shrinking my collection anyway and this just gives me another push to keep moving them out.

Might be a bit of a knee jerk reaction but why take the risk. Even makers that are long gone might still have a piece of paper somewhere with a list of private keys on them.

-Dave

Going to follow up with this next thought of that last line of mine really has me thinking.
There are a bunch of people that produced coins and things that are no longer around. If they did have that paper with private keys on it they have no loss of business if they move all the BTC that may exist in their products. If it's been years since anyone has heard from them all we can do would be to sit here and scream into the void.

People that are still here do have the potential profits of future sales to loose.
But if say mrbrt (maker of ravenbit coins) has copies of all the private keys and took all the BTC what would it matter to him. Has not been here in years, has not sold anything in even longer.

How long till all the people we know and trust here slowly leave and then YEARS later still have the potential to scam.

And what makes it worse is some of these coins may change hands many times holograms are not perfect: https://bitcointalk.org/index.php?topic=5401502.0

-Dave

[MoparMiningLLC]

that is why I prefer DIY or BF coins - and I completely hate the fact that some makers refuse to sell DIY or BF and force you to fund the coins or they deface them if you do not do so.

I want the coin unloaded preferred.

[raritycheck]

Guys

We are being very honest here.
Yes we made a mistake.
Too many things happening here
1. For the vigilante coin ink doesn’t bleed nor for other coins. That’s not true. Yes the hole coins are not very easy to read but we are here to help anyone who has issues.
2. About vanity addresses, We were saying that we were trying different key gens to try vanity and honestly it’s been so long that but that’s the only reason we remember why were switching between keygen is because we were trying different software and yes, a mistake has been done. Yes we messed up. what else you want us to say. It’s not like we intentionally do this. We took some time because some of us have day jobs as well. The keys were done in 2022 and we were trying to research as much as possible.
3. Yes, incompetence has been done. Yes we made a mistake and trusted a software which is also impacting other people along with our wallets.
4. Given that we have made a mistake, we are trying to help the customers as much as possible.

It feels too much negativity in the group honestly.

Has it happened with you? You trusted a software or a person and the trust is broken.
We didn’t realize walletgenerator has an issue.

So yes we were incompetent. Yes we have made a mistake.

But what do we do from here? Sit with hands on hand? No
1.We have nothing to hide and we have been refunding every single coin collector who has sent us a message.
2. We learn, we will make the key gen process even more clear from here on,but we will sell DIY coins if needed
3. We will share generated private key pictures and ask for feedback for next round of coins

Look at the negative feedback given, it keeps on saying we are hiding the truth what truth are we hiding exactly?
Yes, we made a mistake. Now whether we used the site or we used the software or whatever.x props have been impacted and we are apologizing . And we are tying to help.
We have told James to return VIBGYOR coin series.

We are tying as best as we can. And we have apologfised.
If you don’t trust us going forward that makes sense. Please don’t
If you want to peeel the existing RC coins please go ahead.
But whoever has been impacted yesterday, we will help you.

And yes we will learn from this mistake and improve our process. and try again with better key gen.
Please stay a little supportive and positive.

[raritycheck]

based on the quality of the paper and ink used - I recommend peeling all of RC coins - many of them have ink that is bleeding which will only get worse over time.

This is not true. During the printing itself it looks some hole coins might have not properly printed paper but we have used waterdrop water proof paper and the ink does NOT bleed. Please don’t spread lies.

[raritycheck]

Walletgenerator.net has had known vulnerabilities since at least 2019: https://medium.com/mycrypto/disclosure-key-generation-vulnerability-found-on-walletgenerator-net-potentially-malicious-3d8936485961

But one other issue is that walletgenerator does not support the creation of Vanity keys...so I'm confused why you even switched to using this software from bitaddress?

This is for the website- not for the code on github which RC said he used.
One of the main reasons this vulnerability was found was by comparing the two code bases, which revealed the addition of the malicious code.

From that medium article you posted in (2019):
'At this time, the code on GitHub is not malicious nor vulnerable, nor has it been malicious or vulnerable previously.'
Last checkin for that code on github appears to be 7 years ago.

Even if that code was compromised, if it was on an air gapped system theres no way it could have communicated the keys back to the malicious actors.
Something doesnt smell right here.

Okay I was about to remove my negative trust for this incident considering the refunds and finally revealing the software, but it still doesn't add up.  If the github repo that raritycheck cited is not vulnerable, then there is more to the story.  Surely after 7 years someone would have reported an issue on github. 

It was pure luck. We wanted to try creating vanity addresses (1O) for VIBGYOR coins so we looked at multiple options.
In the end we didn’t end up creating vanity addresses
But still went with the software we trying to generate vanity addresses

We are currently trying to help every impacted customer.
Please note that we aim to reach out to every single one by Sunday evening.

Additionally, you stated that you used this software to generate vanity addresses, but it does not support generating vanity addresses.  From what I can tell it offers no functionality above what bitaddress.org does except for supporting dead shitcoins. 

I don't want to seem like we are being overly critical, and I want to commend you for refunding people, but the fact you waited this long to even give us the name of the software tells me you are still not sharing the full story. 

Perhaps because it said vanitygen, they assumed it would do such but maybe they changed their mind or figured after the fact it didn't, but decided to stick with it for whatvever reason(s).  Not sure, but maybe that's possible.  The addresses that were sweeping seemed to be collecting coins from a few, if not many sources.  Seems things will come to light sooner than later.

Hybridsole's point, is that nowhere on either the website or on github does it say that it supports generating vanity addresses. RC said that this was the impetus for switching to this keygen method, which makes zero sense given that its not listed as a feature. There's a whole bunch of things here that do not line up or make sense, which is worrying.

My bet, is that for whatever reason they didnt have the original systems that they used to create keys for the vigilante coins. They then, to shortcut, decided to generate keys using walletgenerator.net, but not by using the code from github on an air gapped system- but directly from the webpage.

That medium article came out in late 2019: we know the webpage was vulnerable around that timeframe. In looking at a lot of the funding transactions that were swept the other day (both the VIGBYOR coins and other unfortunate souls), the ones i looked at appeared to be in the timeframe of 2020 to 2022. My guess is that the malicious code was removed from the webpage in 2019 right after the article came out, then added back in, in 2020. It collected keys throughout 2020 to 2022, catching the VIGBYOR coins that were done through the webpage, and then are now being swept in 2024.

There is nothing more important than key generation and preservation on these collectables, and these coins (and the lost coins it seem), fail spectacularly in this regard. Not only was the key generation done with little to no care or research, but then the preservation medium (paper, ink, legibility), was done with little regard to redeeming in the future.

Most worrying of all, is that this maker has been dodging questions, not sharing information in a timely fashion that would help other scam victims, and then when they do share information- none of it makes logical sense. You guys really want to give a pass to that? Say everything is 100% in order and RC should be trusted? More than likely they didnt want to share that they used the website because it is extremely negligent and would shatter trust.

We are not hiding anything.
We are sorry if something doesn’t make sense. When we were creating keys for VIBGYOR we were (don’t remember what other soft gen) but we were looking to generate 1O (1Orange) for the first coins in the series. That’s all we remember the real reason For change of key gen solution.
And moved from bitaddess to walletgenerator. That’s what we meant that we unluckily changed software.
We took. Sometime because it was 1 am last night until we were responding to messages.
 Then we woke and went to work(day job)  Then we came back and checked as much history as possible and we researched as much as possible and researched only to realized that walletgenerator is compromised.

But we are not hiding anything.

We didn’t answer because weren’t sure how this happened but as soon as possible we had time we responded.

Seavodin you have bough few coins from
Is, what does your heart say? Did we really do something intentionally ?
What does your interactions with us say? Will we hide somehting or makeup somehting ?
Do you not think we are always helpful and caring as much as possible
We are humans and yes a mistake is made for VIBGYOR series.

[raritycheck]

based on the quality of the paper and ink used - I recommend peeling all of RC coins - many of them have ink that is bleeding which will only get worse over time.

I believe Krogoth mentioned the Vigilante coin keys were crystal clear.

VIBGYOR coins are also crystal clear. For hole coins sometimes there can be slight doubt between 3 and J.
But we are here to help and we will try our best to help others.

[MoparMiningLLC]

based on the quality of the paper and ink used - I recommend peeling all of RC coins - many of them have ink that is bleeding which will only get worse over time.

I believe Krogoth mentioned the Vigilante coin keys were crystal clear.

VIBGYOR coins are also crystal clear. For hole coins sometimes there can be slight doubt between 3 and J.
But we are here to help and we will try our best to help others.

I have seen several VIBGYOR pk's that were NOT clear.

[raritycheck]

I may have responded a bit harshly originally, but it infuriates me when this level of incompetence is allowed to flourish in this space.

It's good to see rarity making people whole, but there is zero room for incompetence in this space.
You should never make and sell another key ever again rarity, have someone trusted do it or stick to DIY.

Furthermore, I have no skin in the game here, however, in case I have to point it out to everyone,
he's been saying the whole time that he was using a new vanitygen software then the big reveal is that he used a compromised walletexplorer.net

Last I checked, walletexplorer.net has never been a vanity address generator, so I'm calling BS on that.. And don't even get me started on those ghetto ass printed keys shown.

I ain't buyin' any of it guys. And like I said, I have no skin in this game, I'm just speaking truth and offering advice.

I have played around with compromised wallet software before, when you fund a compromised address, 99% of the time the funds are swept within minutes.

I would advise everyone to secure their BTC. Don't say I didn't warn you if this turns out to be a test run and the next one sweeps everything

Apologies. Just to clarify we were  saying that we were  trying different software and we only remember why we changed the software was because we were trying vanity address generation and toward the end abandon the vanity generation and in the whole process (for god knows what reason) we needed up using walletgenerator.
We really regret making the switch.
But that was the whole reason why we went away from bitaddress in the first place.

[MoparMiningLLC]

based on the quality of the paper and ink used - I recommend peeling all of RC coins - many of them have ink that is bleeding which will only get worse over time.

This is not true. During the printing itself it looks some hole coins might have not properly printed paper but we have used waterdrop water proof paper and the ink does NOT bleed. Please don’t spread lies.

not spreading lies - I have shown the keys to multiple people - Polymerbit and Minerjones - both agreed they ink was bleeding.

and if they were crystal clear multiple people would not have had issues and needed help. one pk had 2 "Q" and they were not even the same size - one appeared to be either a different font or a different size if the same font.

[raritycheck]

based on the quality of the paper and ink used - I recommend peeling all of RC coins - many of them have ink that is bleeding which will only get worse over time.

I believe Krogoth mentioned the Vigilante coin keys were crystal clear.

VIBGYOR coins are also crystal clear. For hole coins sometimes there can be slight doubt between 3 and J.
But we are here to help and we will try our best to help others.

I have seen several VIBGYOR pk's that were NOT clear.

Not clear and not bleeding are different things.
All VIBGYOR coins are readable . And if someone peels their coin and cannot make the key please message us we will help.

based on the quality of the paper and ink used - I recommend peeling all of RC coins - many of them have ink that is bleeding which will only get worse over time.

This is not true. During the printing itself it looks some hole coins might have not properly printed paper but we have used waterdrop water proof paper and the ink does NOT bleed. Please don’t spread lies.

not spreading lies - I have shown the keys to multiple people - Polymerbit and Minerjones - both agreed they ink was bleeding.

We used waterdrop waterproof paper. How can the ink be leaking ?
We are asking so we make sure this doesn’t happen again.

[raghavsood]

We made a mistake. We have been doing lots of digging since morning on how this could have happened. We knew this isn't a hardware issue as we never connect any of our hardware to internet. Plus, we have no backups so this isn't a  personnel issue.

Issue is with the keygen software we used.

In full transparency, for the first version of vigilante series, and for the hole coins we have used https://github.com/bitaddress/bitaddress.org to create keys on an airgap computer.

For VIBGYOR orange we used https://github.com/walletgeneratornet/WalletGenerator.net again on an airgap computer.
Unfortunately, since morning we started digging into looks like walletgeneratornet is actually compromised.

We have learned from our mistake and we can only look forward from here. We have been refunding the clients (still few to go).

For next generation of our coins, we will use better keygens + also, print and post sample private keys before using those for the coins.

We appreciate all support from the forum members.

Thank you for sharing the software. However, this does raise more questions, and it would be very helpful to have as many answers as possible.

1. Were the keys generated using the code from this specific GitHub repository on an offline computer (i.e. are you certain it was this repo and not a fork/similar looking clone?)
2. If the repo wasn't directly used and you used the website instead, are you certain it was "walletgenerator.net"? .org has been known to be a phishing site for a long time, and .net presently redirects to .com
3. Are you able to provide the exact date (or narrowest date range) when the generation was done? In the event that there is a malicious site or repo, knowing the exact time frame will assist in scouring sources such as archive.org to find more details
4. You mentioned previously that you still had the original hardware used - I would suggest quarantining it and not using it any further. On that hardware, do you still have a copy of the source code used/website listed in the browser history?

For anyone to look into this in more detail, it is imperative that we have as much information as possilbe.

[MoparMiningLLC]

based on the quality of the paper and ink used - I recommend peeling all of RC coins - many of them have ink that is bleeding which will only get worse over time.

This is not true. During the printing itself it looks some hole coins might have not properly printed paper but we have used waterdrop water proof paper and the ink does NOT bleed. Please don’t spread lies.

not spreading lies - I have shown the keys to multiple people - Polymerbit and Minerjones - both agreed they ink was bleeding.

We used waterdrop waterproof paper. How can the ink be leaking ?
We are asking so we make sure this doesn’t happen again.

I will share the pics tomorrow, I am in bed just on my phone so not on PC with the pictures.

[raritycheck]

Walletgenerator.net has had known vulnerabilities since at least 2019: https://medium.com/mycrypto/disclosure-key-generation-vulnerability-found-on-walletgenerator-net-potentially-malicious-3d8936485961

But one other issue is that walletgenerator does not support the creation of Vanity keys...so I'm confused why you even switched to using this software from bitaddress?

This is for the website- not for the code on github which RC said he used.
One of the main reasons this vulnerability was found was by comparing the two code bases, which revealed the addition of the malicious code.

From that medium article you posted in (2019):
'At this time, the code on GitHub is not malicious nor vulnerable, nor has it been malicious or vulnerable previously.'
Last checkin for that code on github appears to be 7 years ago.

Even if that code was compromised, if it was on an air gapped system theres no way it could have communicated the keys back to the malicious actors.
Something doesnt smell right here.

Okay I was about to remove my negative trust for this incident considering the refunds and finally revealing the software, but it still doesn't add up.  If the github repo that raritycheck cited is not vulnerable, then there is more to the story.  Surely after 7 years someone would have reported an issue on github. 

It was pure luck. We wanted to try creating vanity addresses (1O) for VIBGYOR coins so we looked at multiple options.
In the end we didn’t end up creating vanity addresses
But still went with the software we trying to generate vanity addresses

We are currently trying to help every impacted customer.
Please note that we aim to reach out to every single one by Sunday evening.

Additionally, you stated that you used this software to generate vanity addresses, but it does not support generating vanity addresses.  From what I can tell it offers no functionality above what bitaddress.org does except for supporting dead shitcoins. 

I don't want to seem like we are being overly critical, and I want to commend you for refunding people, but the fact you waited this long to even give us the name of the software tells me you are still not sharing the full story. 

Perhaps because it said vanitygen, they assumed it would do such but maybe they changed their mind or figured after the fact it didn't, but decided to stick with it for whatvever reason(s).  Not sure, but maybe that's possible.  The addresses that were sweeping seemed to be collecting coins from a few, if not many sources.  Seems things will come to light sooner than later.

Yes this is correct.
Unfortunately, we decided to sill change and hence this mishap.

[buckrogers]

but we will sell DIY coins if needed

This would be nice, and I look forward to seeing some nice designs 

Thanks!

[raritycheck]

We made a mistake. We have been doing lots of digging since morning on how this could have happened. We knew this isn't a hardware issue as we never connect any of our hardware to internet. Plus, we have no backups so this isn't a  personnel issue.

Issue is with the keygen software we used.

In full transparency, for the first version of vigilante series, and for the hole coins we have used https://github.com/bitaddress/bitaddress.org to create keys on an airgap computer.

For VIBGYOR orange we used https://github.com/walletgeneratornet/WalletGenerator.net again on an airgap computer.
Unfortunately, since morning we started digging into looks like walletgeneratornet is actually compromised.

We have learned from our mistake and we can only look forward from here. We have been refunding the clients (still few to go).

For next generation of our coins, we will use better keygens + also, print and post sample private keys before using those for the coins.

We appreciate all support from the forum members.

Thank you for sharing the software. However, this does raise more questions, and it would be very helpful to have as many answers as possible.

1. Were the keys generated using the code from this specific GitHub repository on an offline computer (i.e. are you certain it was this repo and not a fork/similar looking clone?)
2. If the repo wasn't directly used and you used the website instead, are you certain it was "walletgenerator.net"? .org has been known to be a phishing site for a long time, and .net presently redirects to .com
3. Are you able to provide the exact date (or narrowest date range) when the generation was done? In the event that there is a malicious site or repo, knowing the exact time frame will assist in scouring sources such as archive.org to find more details
4. You mentioned previously that you still had the original hardware used - I would suggest quarantining it and not using it any further. On that hardware, do you still have a copy of the source code used/website listed in the browser history?

For anyone to look into this in more detail, it is imperative that we have as much information as possilbe.

Hi Raghav

We know you are trying to help and we will answer your questions.
But please note that most of the team are software engineers in their day job and the only mistake in this whole process is that we truly blindly trusted a compromised software.

We think the wallet generator either has a back door or someone has done an RNG attack

How we created the keys were we connected the computer via lab cable to the internet to download the client side side site from walletgenerator and the disconnected the cable
No hardware (printer) was connected to wifi.

All hardware is wiped (windows uninstalled and hard disk  wiped) after usage.

About dates that is the main reason why we took sometime. After i reached home after my day job I started looking at my personal device to check historically  when was the first time i was researching on key gen software and looking at all sales thread and when exactly it could be that we created the keys.
But unfortunately as we have no back up of any kind it is impossible to tel exactly. But we feel it might be between July and November  2022.