please help,
Some how someone has accessed my daedalus account on a sole use PC with no stored keys on and transferred all my ADA that was being staked to an unknown address, transaction ID:
Did you download an official Daedalus wallet for official website? Did you ever install scam Daedalus mobile app? Any other malicous software that you install in your PC?
Best protection is using hardware wallet paired with Daedalus wallet.
I think you did okay with writing down the seed phrase on a paper. It’s probably that your PC is breached due to malicious software or your Daedalus is unofficial. Another reason is that you use scam mobile app Daedalus.
this was completed on a Windows 10 PC, i have not enetred my seed on anything…i do not access Daedalus on my smartphone. Any other suggestions on how this may have occured?
Thanks for the reply, any idea on what this programme may look like or be disguised as, ive run a malware and virus scan and come back clean. Windows 10 is the latest version, and daedalus is also the latetst version 4.0.4 #1745.
Really looking for a solution and hopefully prevent anyone else from being caught in this trap…
The fact that it occurred while the PC was off suggests the keys were obtained at a different time or through different means. You say that you do not store keys on the machine, but at some point you must have either lost control of the encrypted seed phrase (spending password key logger perhaps) or somehow ended up transmitting the seed words through the internet, which is less likely but still possible. Smart phones have cameras, can potentially photograph seed phrases, lower probability things like that.
The password only has to be recorded once for the wallet to be compromised, it does not matter if you remove the keys afterwards or unplug the machine from the internet if at the moment you were restoring the wallet / setting the password you were using a compromised computer. This is the most likely scenario.
As others have said a hardware wallet would probably have helped you. Unfortunately nothing can be done about lost or stolen crypto after the fact. The best lessons here are for people to be very cautious with machines they restore wallets on, use a hardware wallet if you don’t understand much about computer security, and be wary of smart phone cameras and seed phrase exposure.
There are plenty of other measures one can take and if you have significant crypto investments it is very much worth your time to learn about what is safe and what is not.
Guys, same just happened to me…
A non-authorized sent transaction from the daedalus wallet of all my ada. I followed the guidelines for secure storing the credentials and everything but it was useless.
This is the address where “they” sent my ada:
In my case, I was delegating to https://voltairera.com/ (since February):
poolid: 7e82a949dc775005761ec3446a9358261416cbdd8de2c6530cb3270b
I decided to buy some ada every month to increase the rewards from this delegation, and
I’ve sent some ADA’s to my pool to register it, that’s all.
My spending password was very difficult. No mobile app downloaded. 24-words key phrase written on paper. I made a photo of it and stored crypted in my cellphone but was 2 months ago and for a brief time.
It must be it.
It is strange because i hade more adas before, and it happened now when i had less.
Maybe it is a stupid question, is it possible to know from the address id the geographic
location of the wallet?
But there is not any identifying information there and it could be in anyone’s hands. Without the help of law enforcement agencies and cyber forensics there isn’t much that can be done about things like this. If stolen crypto goes to an exchange address you can try to appeal to them and maybe something will be done about it, but don’t hold your breath.
In regards to what you “should do”, if you are not sure whether your setup is secure i.e. you do not have experience dealing with computer or network security issues, you should most certainly be using a hardware wallet device if you cannot afford to lose your investment.
Unfortunately that is all I can offer you at this point.
Yes, I do not advise anyone to store seed phrases on digital media, like phones, camera photos, etc. It should always be hand written and then put away in a protected place that it is not visible. You could also even break it into pieces so that the complete phrase is never visible at once.
It is very unlikely you could find this information without assistance from larger entities like network infrastructure providers, criminal investigation agencies, exchanges, etc. For the time being we do not have digital identity hashes so unfortunately a wallet is just a string of gibberish that could be anywhere. Someone with the necessary resources and access to information about your computer and internet connection would need to examine the incident, and even in that case it would probably be a difficult task.
Not a stupid question, though. It’s a big problem we need to solve.
Thank you very much for all the useful info. I will create another wallet strictly following the security procedures.
It was a hard lesson, but I’m not intended to quit. This month i try to save some more money in some way, i want to delegate the same sum again.
Hi, Y’all guys.
Wow, this thread just breaks my heart. Sadly, I was lost all my funds too.
Now I’m pretty sure it’s unrecoverable.
I just lose my stacked ADA in Yoroi and came here to find some hope.
I’m able to trace the destiny of my humble funds to the same hacker’s wallet, there is a way to block those funds?
I think that some kind of “authority/judge/cop” must be implemented in Cardano’s environment, but probably I’m wrong too.
For sure, those events affect my “faith” in (at less) Yoroi.
Here some facts:
*Download Daedalus from the official site.
*install, set, deposit funds, then delete Daedalus(too heavy)
*install Yoroi (from the official site), use the same keys.
few ePoch later… funds are gone! (but not rewards)
I created a digital wallet and took a screenshot of the recovery phrase. However, I cannot see any of the currency in the wallet and it would appear there are two transactions showing? Have I been hacked?
The transaction were made 3 years ago, I think in 2018 we were in byron era, now we are in shelley era; try to contact coinmama support and ask them to check
