Lost all ADA from my YOROI Wallet - HACKED!

Hello everyone,

I found out that my YOROI wallet has been hacked by someone and lost all my ADA. They all have been moved to this address listed below, listed is the path the tokens were moved

Mine : addr1q8wxlfg9vra4hf9jqgd0xj78earts8hdm52r7f688eyx8sxud7js2c8mtwjtyqs67d9u0n6xhq0wmhg58un5w0jgv0qqwzlrc4

First xfer to:

Second xfer to:

Which i found from Blockchain tracing the transactions…Is there any way for me to identify which exchange this address belongs to ? , so i can reach out to them and see if my tokens can be recovered?

Any help would be greatly appreciated.

It was my mistake to store the seed phrase in an online storage service without any encryption. Lessons learned.

1 Like


Thanks for sharing how the seed could be taken by someone else. Yes, writing down on a paper is the best way. Since you dont need to recover a wallet so often.

1 Like

Hello, It seems that I experienced the same issue at Yoroi wallet. I delegated 54K+ adas since february and I had 400 app. ada’s reward in my balance. Today the reward is “zero”, as I would widthrawed them.
It is very disappointing to deal with this matter, I use 2FA and Yubikey in another exchanges and this wallet does not work with of them…
I’ve already contacted to support of Yoroi, hopefully they could have an explanation or solution, if not I´d have to quit.

1 Like


And where did you store your recovery prhase?

1 Like

Always in a piece of paper…never in the pc. Never been disclosed to any other party.
Pls help me out with this matter, and tell me if a hacker has done it, the full balance is in risk ?


And NOW my adas reward are back again!!

Could you tell me what happened pls? … Today the 451,64 adas are displayed in my account as rewards granted so far.
Looking forward your comments.



there was an issue with Yoroi itself

it is a good practice to check the balance with the latest receiving address in explorer.cardano.org

1 Like

Hi, thanks for sharing your unpleasant experience. I am experiencing similar case from my Yoroi Wallet while staking in Pilot Pool. I am still waiting for the customer support’s response but there was in-wallet transaction before the ADA was sent to unauthorized address.

What is the best way to resolve this issue?

@handiman what’s your address, we can take a look at the blockchain to see what the in-wallet transaction was about.

Regarding the funds sent to an unauthorized address, most probably nothing can be done to retrieve them :neutral_face: Check for other options like if it is possible to report a theft to the authorities etc…


Btw I was staking in Pilot Pool. Any chance of hacker takung that route?

2021년 10월 8일 (금) 오후 5:17, Nik via Cardano Forum <cardano@discoursemail.com>님이 작성:

If anyone can help retrieve my lost ADA, I will gladly reward 10% SOS!

2021년 10월 8일 (금) 오후 5:17, Nik via Cardano Forum <cardano@discoursemail.com>님이 작성:

This is so unfortunate :neutral_face: :neutral_face: :neutral_face:
This scammer’s address has several transactions going in:

Same problem here. My ADAs has been stolen from my yoroi wallet.


This is the address where they went.

Is there something that can be done?

My seed phrase and so, are only in paper…

Btw, why yoroi doesn’t use 2fa???strong text

You can check that address here

Yoroi doesn’t need two factor authentication you may have misunderstood the concept of paper wallets.

You generate 15-24 words. At some point you have exposed them. This could be from typing them into a fake app or exposed via weak computer security. Adding two-factor would not add any more security to the wallet as once those words are known by someone else the whole wallet is exposed.

The words are basically a super long and secure password only the owner should know

Please follow these best practices:

  • You never share those words.
  • Avoid typing out all words in full, click the words as they appear when typing them into your wallet software such as Yoroi.
  • ALWAYS double check the app or wallet is official for example Yoroi has links to there official apps follow these. Don’t search directly on the app or play store as scammers can post apps that look official.
  • Avoid posting information about how much ADA you own, not even on these forums.

I am so sorry for your loss of ADA.

1 Like

@Jack7E When talking about some kind of 2-factor authentication, I assume people mean to prevent infected computers from emptying the wallet by sniffing or guessing the spending password and decrypting private keys.

Ture, it would be a good idea to implement a method in which the seed phrase is encrypted on the device by both a password and two factor authentication. But at this point the user is probably better off using a hardware wallet. I agree with the users frustration, but I don’t blame it on a lack of 2FA its unfortunately due to poor practice on the users side. They have managed to expose their seed either via a key logger or a poor password. If the case is the latter the first step would be to ensure that the official wallets do encrypt the seed phrase with the users password and that the chosen password is verified by a strong password policy.

Just opened Yoroi on Android to see how my staking was going…and found my entire balance has gone.

I was hoping to see delegation progress at Cardanians.io. But there’s nothing.

All 30,110 ADA were sent on 25 Oct via transaction ID e65d00e9d7254b2454ee129f2201b4049cfa96d88cdd5b4bf1b41bfb1f54d62b

to addr1qx2grpraxlm…w2zy9389hsxr4tlf

then to

Nobody knows my spending password or recovery phrase.

The only place I pasted the 24 word recovery phrase, there is a cut n paste error—it only has 23 words.

This is a serious security issue with the app. I have done nothing wrong or insecure, other than use the Yoroi app to store and delegate ADA, and now it’s all gone. I had held it since 2017.

Any ideas, anyone? I see there are a quite a few other victims.

Where did u pasted the seed words? With only one word missing I think it was just s matter of time … to find the 24th word :frowning:

BTW, sorry for your lost :(((

1 Like

Also an intrawallet transaction immediately prior to that, TRx ID 81a245d8c139ab0424717192e72c2074a961872462a864f55279112414b380a7

Some of the TRxs have the stake precursor…

Gmail draft.