12k ADA got stolen

About 12,500 ADA,were stolen from two separate wallets, while a third wallet was untouched. All three were recently connected to the browser (URL) version of Eternl, and the only potentially unsafe thing I did was clicking the “Connect Dapp Browser” button on Eternl. Can someone help me to look into the addresses my tokens got sent to (see below)? I was able to see some of the recent transactions of those addresses but nothing more. But I want to at least know if these addresses are known to be used for stealing assets.

I have other tokens in the wallets as well but they were not touched.

Thanks in advance.

For wallet #1 (15 phrases), my ada was sent to:
Block #: 9045281

For wallet #2 (24 phrases), my ada was sent to:
Block #: 9045287

Any instances people getting their ada back after being stolen?

Thank you in advance!

Hey @ad_cardani

No, the chances are very low. Fill a report at your local authority and hope for the best, but assume that they are lost.

Your funds was sent to this address


and it looks its an exchange but i wasnt able to figure out which one.

Any recommendation for cold storage I can put all my other Cardano chain tokens onto?

Definitly get a hardware wallet like a Trezor or Ledger.

Can Ledger storage tokens like WMT, MIN, etc?

1 Like

Yes you are able to manage those tokens on a Ledger but you have to use a third party wallet like Eternl or Typhon to do so.

I think I figured out the actual culprit here.

A few days ago, my Chrome browser started crashing while I couldn’t fix it after multiple attempts, and I therefore switched to Firefox, which I tried to install the browser extension for eternl. I used the recovery phrases for the two wallets I lost my ADA on, while the wallets were never restored. I thought they were poor design for the Firefox version of the extension, but now I realized I must have added a compromised version and therefore compromised my wallets.


Yes, that sounds plausible… Sorry.

Given the current low price on ADA, I wouldn’t consider it a server loss, but it is a lesson for the Firefox users out there.


So sorry for your loss,

My experience when I use software wallet,

  • Disconnect your device from the internet when entering the secret words
  • Try to input some characters and choose the words are hint by app (prevent keylog malware)
  • Try create complicating spending password. this will make it difficult for hackers to decrypt the JSON file that stores the private key.
  • Remove your wallet from the wallet software when you no longer need it.

It sounds like this is the case. The Eternl extension is not available for Firefox according to the Eternl Discord.

Some good tips from @Jimmy_Lee_Vcoincheck for people not using a hardware wallet.

It’s recommended to always use a hardware wallet for any amount of crypto you would be sorry to loose.

@Oyster_Pool-OYSTR @Zyroxa Please forgive a perhaps-naive question (I’ve only looked at hardware wallet standards & code libraries a bit; I’ve never owned or used one)…

What’s to stop a fake, malicious browser extension from using the same hardware wallet access primitives that the real extension uses, and therefore compromise the hardware wallet users in exactly the same way as the software-only wallet users?

Of course there is still a risk, if the user isnt aware of how a hardware wallet works. But with a hardware wallet you wouldnt have to enter your seedphrase anywhere, expect in your device.

Hardware wallets arent 100% secure, as there is always a user behind the device which may is uneducated or just not aware and got tricked. But you definitly have less attack surfaces than with a software wallet.

1 Like

You need to confirm each transaction on the hardware wallet by pressing some hardware buttons, while also watching on its screen the transaction details.

1 Like

The private key is signed inside the hardware device and outside just see encryption of the transaction. So if someone control the fake extension then they must decrypt the content of transaction to take the private key.
But the risk, you must believe HW creator.

But if you are entering your seedphrase into a fake extension, you will get your funds drained anyway.

1 Like

That’s not correct. The transaction is not encrypted and the private key is not inside the “encrypted” transaction.

Signing a transaction means signing the hash of the transaction body with the signing key, and the result is a witness, which can be verified (verify that the signing key signed the transaction body hash) using the verification key.


That’s actually the simple answer I was looking for. I know how these devices work but it’s easy for me to miss this part of the user experience… it provides a level of confirmation for the transaction that exists outside of the on-chain activity and computer-based UI. To get scammed or robbed you’d first have to explicitly confirm the loss of funds on the hardware device.

Although it wouldn’t be useful in my own workflow I do see how it would help a great deal with scammers or hackers. An alternative would be to use something else deliberately that creates a different user environment which is only used for the occasional crypto transaction. I am still hoping for more feedback about this platform other than the expected “It’s too hard to set up such a thing, so everybody should just buy a hardware wallet.”

1 Like

Hello @ad_cardani

I’m sorry to hear that.

I checked Fire Fox browser add-ons and you are correct. There seems to be a fake Eternl wallet with fake developer on there. It looks like it’s been on there for 2 months already.


Can you please report and/or give it a 1 :star: review with a warning so we can warn others and get it removed (hopefully). You can report it from FireFox page for that developer:

Thank you for letting everyone know :+1:
Hopefully community can get them removed before they do more damage.