I am really sorry this happened to you. Things like this make me very nervous.
I will suggest what has been suggested here before multiple times. Try to think hard about the way you handled your recovery key. Was there any point in time when you used the recovery key (12 words) in any place beside writing it down with pen and paper?
I never used the passphrase/recovery key, and they are safely stored on paperā¦ and since this is the same address as others users complained about, it is unlikely that the SOB physically found the passphrase in my office. No, there is a hole, and to be fair, the same way the financial system has complaints & prejudices processes and safeguards, all crypto should have this embedded. Food for thoughtsā¦
Ok, this sounds serious. I know that many people who lost their funds from Daedalus suffered through this issue because they entered their recovery phrase into a fake app (like the fake Daedalus app on Play Store or similar). If this is not the case and the recovery phrase has never been exposed digitally anywhere, then I am really curious how such thing can happen.
Did you use a spending password?
Yes, I do have a password setupā¦
Sorry this happened to you. Did you report it to local law enforcement? I wonder if we can flag that address with the exchanges.
FYI it seems like most if not all of the other people who were hacked tried to download bogus mobile wallets and inadvertently gave up their passwords. Do you recall trying to download and install any other wallets?
Because anyone who even dares to mention that gets his post deleted and gets ostracized or ridiculed by this community.
And yeah I decided not to buy any Cardano anymore till there is a secure option to store it.
With all due respect you have no idea how his Ada was stolen. 100% of cases I have heard about so far have been due to downloading of fake wallets. Iām not trying to ridicule or ostracize you but these are the facts as I have seen them so far. Right now you can download Yoroi which has Trezor support. As stated before however hackers have various tricks they use to get people to expose their private key and otherwise compromise someones PC. These are issues in all cryptocurrencies. Wherever people store value other people will try to steal it unfortunately.
Thatās not true and you know it. There were cases on this forum when people who didnāt download a fake wallet lost their funds. They didnāt expose their data either, so only options are their OS was hacked or the daedalus was hacked.
I have a Ledger. I wonāt buy Trezor just for Cardano.
3 people liking your post proved my point. Thank you.
Iām not trying to start an argument but it would be helpful if you sent a link to a case where something else was shown to cause the loss. I honestly canāt remember any but it is certainly possible that I am wrong. With that said you accused me of being a liar which I donāt appreciate.
For the record I believe the safest method for holding coins of any kind are with an offline air-gaped wallet that you use to send QR code transactions to the blockchain. I would love to see Daedalus or Yoroi easily support this one day.
With that said I have yet to see evidence there is some sort of bug in Daedalus that makes it especially susceptible to attack.
Iām not trying to start an argument either. I apologise if I offended you. I believe I recall you posting in the thread where someone downloaded a fake app and there was another person who had his funds stolen despite not downloading anything of such sort. Perhaps I remember wrong or you simply didnāt read that part of the thread.
The point is there were such cases. I donāt have links to them saved and no time to search. I donāt know the exact cause and I donāt claim Daedalus was hacked. Iām simply pointing to the issue of insufficient security and derived from it diminished interest in crypto/Cardano. I donāt expect crypto to succeed unless a better security measures are introduced, most people wonāt be interested in assets they can easily loose and majority donāt want to bother themselves with setting the security themselves - they want solutions provided to them. That is simply the reality.
Nards who create great technology donāt succeed because they donāt know how to sell it. People who steal those ideas and sell them succeed - Microsoft, Apple, Facebook - all based on stolen ideas created by superior minds who didnāt know how to market them.
Cardano is an open source, now what prevents anyone to steal a developed project make it more suitable for wider public (by adding better security etc.)? Cardano can just become Chromium to a more people friendly successor with a powerful tech giant pulling the strings behind the curtains.
Thanks for that I appreciate it. Iāll look tonight if I have time to see if I can find anything. Security is definitely an issue always will be. I agree it is a factor in preventing mass adoption of crypto. Itās definitely an issue being worked on by multiple parties (including me) and it angers me to no end to see someone lose their money to a thief.
Hi everyone,
Just after investigating, I found out that I am too paranoid and still carelessā¦ fake app from playstore it isā¦ And letting the wrong person access my office is the other mistakeā¦it seems one close to me that I wonāt name had the great idea to install a playstore app on his phone, and wanted to get the Ada for himself, but got doubled (by the fake app!!)ā¦ Anyway, it explains the same Ada address stealing the fund. I deleted the wallet now, no use.
Any chance we can track the author of the fake app?
I agree a layer of protection/insurance is the next move, as well as ledger nano compatibility. I handle all my other cryptos with ledger nano.
I still believe in Cardano, but global acceptance is still way away until the ecosystem can support complaints and inquiries ā¦
Thx all for your interest though, and I still have my health, so the rest I guess is just bonus.
Y
Wow, thats like a detective story. So if I understand this correctly, your co-worker stole your recovery sheet from your office and used a fake Android app to restore the funds which resulted in the loss of all ADA for both you and the malicious co-worker. Thatās hilarious and tragic at the same time.
I am sure that you will, at very least get some justice using your internal company laws and punish this d***head for stealing from your office, right?
Takeaways: Store your recovery phrase at a very trusted and secure place. Unlike spending password and public keys, this one is absolutely crucial not to expose to anyone you donāt trust with your heart.
Iām very sorry this happened to you.
Howās that for a plot twistā¦ The good news is that there is no (evidence for a) bug in Daedalus. The bad news is yet another huge amount of ADA got stolen. 
Cardano is a project that shows great promise. Unfortunately itās still under development and we will have to wait for some updates. Iām personally most concerned about security - perhaps Iām in minority - I donāt mind waiting for the project to develop but I couldnāt stand losing funds to a thief.
Itās quite a plot twist you had there. Thief robbed by another thief.
Thatās almost 1 million ADA stolen by that fake app, just reported in this one thread. 
If you look up the target address in the explorer itās much worse: https://adascan.net/address/DdzFFzCqrhsmLfQVpdMcZEKoMCbxynn2qpAoYoZZE2QbtrgAZXEgkMtkdzCpMTrNEo4SsdTBgjHnDPbrwZbnuivaCxe4VceuSL45UdEW/
Sums up to approximately 850 transactions with 7.2 million ADA.
Just following up, this is getting even worse. I tracked it then to the address below. Can someone just freeze this a```account? 11.5 Millions ADA from corrupted and stealing activity. I know freezing is not possible. We definitely need a usertag on these addresses, or a good KYC rule for ADA addressā¦ just kidding. but I will keep trackā¦
DdzFFzCqrhstmqBkaU98vdHu6PdqjqotmgudToWYEeRmQKDrn4cAgGv9EZKtu1DevLrMA1pdVazufUCK4zhFkUcQZ5Gm88mVHnrwmXvT
