I fell for the google play store Daedalus scam. They emptied my wallet. Is there any way to get it back?
No sorry there is absolutly no way to restore your funds…
Report it to your local police is the only thing you can do.
It’s too late for me, but maybe something can be done for the future. Can it be made so that to transfer there should be some 2FA like Google Authenticator? How Binance is done where there’s separate protection for sign in, transfer, funding, and a master key to make any changes to the account.
I can see more scam like this will come out as ADA is gaining value and many people will fall for it.
Sorry for your loss.
The problem is that the scammer can just supply their fake app without 2FA.
I understand that. But at most is they get to is view the restored account. They won’t be able to transfer or make changes to the account settings without a 2FA. At least that will give us time to react. Right now, they get the key to the kingdom. What I’m suggesting is compartmentalize to prevent them from causing irreparable damage.
It’s great that ADA is secure, but if the end users are not protected it’s going to be hard to use.
I lost over 120K of ADA.
It is highly unlikely that they made the transfer on your device, so 2FA will not help.
They stole your funds by:
- Providing a fake application that you downloaded and installed.
- You typed your secret key phrase into that fake app.
- The fake app sent your secret key phrase to the thieves.
- They restored your wallet using the secret key phrase.
- They transferred your funds to an account they control.
Once the thieves have your secret key phrase, the only thing you can do is transfer your funds to another wallet before the thieves do.
If someone is convinced to type keys on a fake site, they will absolutely type the 2 factor authentication code as well. It is a common phishing psychology that helps scammers target the human mind, to actually unlock and (even if unintentionally) give them their funds by giving all access needed. There is nothing that adding another 2FA would do in such cases.
Best that can be done is perhaps having multi-sig and hoping another human will not fall for same phishing, but even that’s not a guarantee either.
All the cardano social mediums do send alerts every day not to fall for these scams, but unfortunately users only join/read these after the damage has already been done.
I totally get what you’re saying. I’m just wondering if there’s more we can do to protect the end users.
Can we agree that as ADA gets more valuable this issue will be more prevalent? And I know it’s not just a Cardano issue, it’s an issue for all crypto. I’m just saying this should get more thought than just, sorry that how it goes. As for me, I’m going to rebuild and spread my holding across multiple wallets.
Yes, I agree.
I’m just wondering if there’s more we can do to protect the end users.
The only option I can see is if the Apple and Google stores banned all things that claimed to be a Daedalus wallet, but I still think the thieves will find a way around that. IOHK or CF name squatting “Daedalus” would not be effective either (if Apple/Google even allowed it).
Here’s an idea. Why don’t IOHK release an official app? The only think in there is a warning for people to not use any mobile app or the usual warning on the forum. Hopefully that will help prevent some people from falling pray to scams.
The mobile app for Cardano is Yoroi released by Emurgo.
Something like this should be standard: https://www.ngrave.io/
Unfortunately, it doesn’t support ADA afaik.
End-users should not know about private keys other than making their metal backup once and then split up the pieces in two locations. There are too many possibilities for it to go wrong at the moment. I do think that at some point, custodians will be more trusted to centrally manage financials like banks centrally do. You don’t have to use it, but if you’re unsure about your own capabilities, then you might want to.
CH has some ideas: https://youtu.be/K3l3_SAGXEE?t=889
Awesome! That’s that I’m asking for, surfacing this issue and see if we can find a solution.
Other hardware wallets like Trezor and Ledger do support ADA.
Yes, but if you’ll look more into ngrave, you’ll see it’s a step further from the other wallets and provides more usability to the average user.
Anyone that has been affected by the Google play store daedalus Fake App.
There is a class action lawsuit against google for verifying the fake app.
We need all the people that have fallen victim to this scam.
My twitter is @Josh88065262.
Please get in touch!
Hi josh Ive been scammed by this fake app in February aswell, how can i help with the class action lawsuit ?
Hi Josh. I was scammed too. I would like to join the class action too?