bloomADA DAP scam - lost 31K ADA

Updated screenshot of malicious site URL here.

[UPDATE: Contact me if you have also lost funds through the scam site [Link removed by @Zyroxa]. I do not need your personal info, but can provide a reference to the FBI case file that has been opened.]

Just lost over 31K ADA through a Yoroi wallet. I was completely unaware that there were any possible ways to loose ADA through a wallet, other than sending to a another address. I’ve cataloged my experience here to hopefully prevent even one person from suffering my fate.

NOTE TO CARDANO FOUNDATION - The link being provided to report a scam is pointed to a missing page.

Latest-English-topics-Cardano-Forum1084×296 29.2 KB

404-This-page-could-not-be-found-2542×156 4.47 KB

I hadn’t been on the Yoroi platform in a while, so I got on and started poking around. With complete ignorance, I started exploring different areas of Yoroi that I had never visited before. It never occurred to me that a dangerous option could possibly show up within my own account.

On the Connector page, I found something called bloomADA, reminiscent of the Bloom Pool that I am Staking with and a 2400 reward was offered. On clicking on it [Link removed by @Zyroxa] displayed and I was prompted to enter my Yoroi password. Since I had started within my own account, it didn’t seem suspicious as a safety precaution. @bigpey

Home-Bloom-Pool2986×1278 164 KB

On entering my password, it produced an error that it didn’t connect. Shortly after that, a transaction completely emptying the account had gone through, showing up in the Wallet transactions.

Yoroi2836×1354 235 KB

As best I can track down, following is a screen shot of cardanoscan.io showing the transactions and adreesses.

Transaction-f1134fab88b49ed426d920571c8396637fc329dfbfffb088a30ab642de91db54-Cardanoscan2840×776 173 KB

The two receiving addresses were:
addr1q9lllldv4jm5ulklk3m78h3eht9ury20gr5pt03yx32j8sa6vc62qzfd7kng2hwqv2qjh74waw48qqujlzfrvz4clpzq9urrsm
addr1qx9t7a7jlaapl05renqpnl9tex2ydffhvvm56jalcl89ermgg7dp9c7m2rhsjrcy5ezt8us8nds9pa0mmdufs0c9cr9qcfjart

It goes without saying that this loss is absolutely sickening. It represents an investment that I’ve held onto for many years with the intention of being involved with Cardano well into the future as it becomes the cornerstone of the digital marketplace globally.

I thought I was fairly savvy with crypto, having not lost any over the years and being very aware that scams exist. This loss was a complete blindside and is absolutely devastating.

If there are scam warriors out there recovering stolen ADA, I would be eternally grateful to get some lost funds back at my new address. It’s a long shot, but I remain hopeful:
addr1qxvngn3xkzy3mxd7s79g57gfl43puejkth634kkhgd0dxutgg7dp9c7m2rhsjrcy5ezt8us8nds9pa0mmdufs0c9cr9q7tekxy

I have removed that link.

There are a lot of scam tokens going around for months now. Yoroi did warn about them on their medias a month ago (and that was already quite late, this is going on since early December): https://x.com/YoroiWallet/status/1761154665906159899

Other wallet apps have slowly added features to warn about them (and other scams).

But to fall for them, you first have to follow the link on said token. Possible that they have found other ways than the tokens to lure people on these sites, but it is simply impossible that it showed up in your Connector page out of nowhere. Only pages for which you have previously acknowledged this page show up there:

The URLs on the Connector page are not active links. You have to actively open another tab or page and navigate to that page:

screenshot-2024-03-19-21:48:311906×581 47.8 KB

When clicking on the “Receive ADA” button, a transaction is built and you are asked to sign it, but Yoroi will have told you very explicitly that it is a transaction sending away all of your funds and not just a login.

Yes, can be overlooked, yes, wallet apps can do more to warn.

Is explained in the about post of this category:

Linking to them has a) the chance that additional people fall for them and b) the possibility that it improves their search engine rankings.

Thank you for writing on this thread. Not having been on Yoroi in so long, I missed the warnings as this scam rolled out.

The path you describes seems correct, but I did not see a notice of funds being sent. Perhaps it was happening back in Yoroi as I was reading an error message on bloompool<dot>net about the connection having failed.

I guess I would have expected more warnings has you’re describing, but just didn’t see/get them.

Moreover, the concrete scam site is not that interesting. There are dozens of them and they are typically non-operational quite fast.

https://pool.pm/$scamexamples for example collects those tokens. https://github.com/Tastenkunst/eternl-guard/tree/main/src/entries is a repositiory of scam sites and tokens used for Eternl’s new scam warning system.

This is the main reason we started the Detokenizer.com service.

So that we have a way to safely and easily remove these scam tokens from our wallet and still retain only the minAda that were attached to them.

The other reason is that there is now also a growing number of tokens that are no longer used or are just dead. But they can no longer be burned because their policies are already locked, or the admins holding the minting keys are no longer around.