About 12,500 ADA,were stolen from two separate wallets, while a third wallet was untouched. All three were recently connected to the browser (URL) version of Eternl, and the only potentially unsafe thing I did was clicking the “Connect Dapp Browser” button on Eternl. Can someone help me to look into the addresses my tokens got sent to (see below)? I was able to see some of the recent transactions of those addresses but nothing more. But I want to at least know if these addresses are known to be used for stealing assets.
I have other tokens in the wallets as well but they were not touched.
Thanks in advance.
For wallet #1 (15 phrases), my ada was sent to:
addr1qxxpl8ke55uzulaq44ae3fshuu0r9ptkv5e27uj4lj8t6ngpjalyd4cf8xwhsg4tkgrz054fxlj9dt4u20ph0smejj8qp4l079
Block #: 9045281
For wallet #2 (24 phrases), my ada was sent to:
addr1qxqegqcsandn703v3qgqe803vsdukarrj5gpg3ug33nevcfjtdl6vrmxpeaua3umegjp7w72cdcpvchw7nxpeqzcm3rsegnxm6
Block #: 9045287
Any instances people getting their ada back after being stolen?
A few days ago, my Chrome browser started crashing while I couldn’t fix it after multiple attempts, and I therefore switched to Firefox, which I tried to install the browser extension for eternl. I used the recovery phrases for the two wallets I lost my ADA on, while the wallets were never restored. I thought they were poor design for the Firefox version of the extension, but now I realized I must have added a compromised version and therefore compromised my wallets.
@Oyster_Pool-OYSTR@Zyroxa Please forgive a perhaps-naive question (I’ve only looked at hardware wallet standards & code libraries a bit; I’ve never owned or used one)…
What’s to stop a fake, malicious browser extension from using the same hardware wallet access primitives that the real extension uses, and therefore compromise the hardware wallet users in exactly the same way as the software-only wallet users?
Of course there is still a risk, if the user isnt aware of how a hardware wallet works. But with a hardware wallet you wouldnt have to enter your seedphrase anywhere, expect in your device.
Hardware wallets arent 100% secure, as there is always a user behind the device which may is uneducated or just not aware and got tricked. But you definitly have less attack surfaces than with a software wallet.
You need to confirm each transaction on the hardware wallet by pressing some hardware buttons, while also watching on its screen the transaction details.
The private key is signed inside the hardware device and outside just see encryption of the transaction. So if someone control the fake extension then they must decrypt the content of transaction to take the private key.
But the risk, you must believe HW creator.
That’s not correct. The transaction is not encrypted and the private key is not inside the “encrypted” transaction.
Signing a transaction means signing the hash of the transaction body with the signing key, and the result is a witness, which can be verified (verify that the signing key signed the transaction body hash) using the verification key.
That’s actually the simple answer I was looking for. I know how these devices work but it’s easy for me to miss this part of the user experience… it provides a level of confirmation for the transaction that exists outside of the on-chain activity and computer-based UI. To get scammed or robbed you’d first have to explicitly confirm the loss of funds on the hardware device.
Although it wouldn’t be useful in my own workflow I do see how it would help a great deal with scammers or hackers. An alternative would be to use something else deliberately that creates a different user environment which is only used for the occasional crypto transaction. I am still hoping for more feedback about this platform other than the expected “It’s too hard to set up such a thing, so everybody should just buy a hardware wallet.”
I checked Fire Fox browser add-ons and you are correct. There seems to be a fake Eternl wallet with fake developer on there. It looks like it’s been on there for 2 months already.
Can you please report and/or give it a 1 review with a warning so we can warn others and get it removed (hopefully). You can report it from FireFox page for that developer:
Thank you for letting everyone know
Hopefully community can get them removed before they do more damage.
review with a warning so we can warn others and get it removed (hopefully). You can report it from FireFox page for that developer:
