This is not how it works, none have been accessing your wallet. If your seed phrase has been stolen, they’ve used that to access your funds on the blockchain. A wallet is essentially just a windows to the blockchain.
1 Like
Yes, I agree - the 24-word seed phrase must have gotten compromised. If someone managed to extract that from Daedalus it would be a major problem, but at the same time quite unlikely. The second layer of protection that you’re looking for is a HW wallet. A potential attacker must not only “know” something (i.e. the shared secret) he/she must also “have” something (i.e. the device).
1 Like
If the seed phrase is compromised, then if the attacker tried to recover the funds from a new wallet then it should require the spending password right. Then how they could know my spending password. Very strange.
Hi @frznfrg ,
I think, the spending password can be different in another restored wallet in different PC. For example: in your 1st desktop PC, you restore your wallet using the seed phrase & use “password1” as the spending password. In 2nd desktop PC, your install Daedalus and restore the same wallet using the same seed phrase, but you use different spending password “password2”.
So, for different PC that has the same wallet, their spending password could be different & it works. This is only my hypothesis, I might be wrong. Maybe someone else could add or correct me if I’m wrong.
Spending password is just for encrypting the master private key generated from seed on your PC to prevent illegal access to the private key.
So, no spending password is required to recover your wallet.
Few things could happen:
- your pc was compromised and your spending password was too weak and therefore brute-forced or
- your pc was compromised and the attacker and could get your spending key somehow (keystroke logging etc),
- your recovery seeds were compromised sometimes, somewhere or some other tools/technics I am not aware of (e.g betrayal etc.).
2 Likes
Does mining new coin like uplexa coin in CPU is the main reason I lost my ADA, actually I have Norton internet security, but obviously it didn’t help. Is there any possible reasons? Any suggestions how to prevent from not happening again?
1 Like
Hardware wallet. As you do not expose any of your private key to your desktop.
2 Likes
@frznfrg Like I suggested yesterday. Buy Ledger Nano S or Trezor, pair your Daedalus/Yoroi wallet with this hardware wallet. And write your seed phrase for the hardware wallet in a paper, do not put it in harddisk, USB, cloud.
Hope it helps. Do not give up on Cardano! Wish you a nice day 
1 Like
sir my ADA is just sitting on this wallet …can it be transferred back to my wallet??
Hi @frznfrg,
Yes you can, if you have the seed phrase / spending password for that sitting wallet. You just need to send it back to whichever wallet you want.
i remember creating many daedalus wallet and actually i have many seed phrases which I don’t know which wallet it belongs…but my question is how to open that wallet using that address…?
1 Like
Then if you create several wallets in the past, I hope that you still have all of the seed phrase of each wallet. Try to restore all of your wallet in Daedalus/Yoroi. Check which one has that 3083 ADA.
but who did the transfer…i was at work when it happened…if this is hack then he/she should have withdrawn the ADA by now right…anyhow I will do what you suggest. I will restore all my wallets…
i noticed also that this wallet keeps on sending funds to other wallets…which i actually didn’t do. The last one is biggest where i lost almost all my ADA…can someone explain…
Somebody hacked your PC or somehow has your seedphrase. Just transfer whatever ADA you have at the moment, to the very new wallet or better if you have Ledger/Trezor.
Your computer already compromised. I think you know better your situation.
And try to check which wallet has 3083 ADA from all of your Daedalus wallets.
Create a new wallet and write down the seed phrase on a piece of paper, recover all the old wallets using the seed phrases, send all the funds to the new wallet.
2 Likes
it’s also worth noting that too many are using Windows that uses cracked activation, also Office for that sake, and the problem could be there. also it’s also quite remarkable, this is happening for Cardano, if one thinks about this did not happen for Bitcoin in that degree, nor Ethereum. So many should consider…am i using a cracked windows/office ( cause someone was to cheap to buy a licens ) before saying " my ada is missing. It’s also worth for the Development team to get a team together to solely test the Daedalus wallet for backdoors / penatraction testing, and show results !! just to rule that out. The reason why many things are leaked or “hacked” comes from the “insider man” and not the end user. Just an remote assumption from a forensics consultant. But just a thought.
1 Like
I absolutely agree…i started to doubt daedalus wallet now. I created this byron legacy paper wallet during the early days of cardano, restored, incentivized, transferred to new wallets many times on different PCs…maybe there is a bug somewhere…and why my eth and other coins were not touch…
@anon96829572 while this investigation may happen or may not, it is also worth noting, that accidents like this would also not happen, if folks stopped entering their private key naively in any piece of software. That software may be bug free today (according to some investigation), but not tomorrow any more. There may be external factors that can compromise your key. In short, their cannot be a guarantee provided by somebody else that nothing will ever happen.
Therefore, please (and pretty please) use a HW wallet! No bug in the world can push the buttons on your devide and it is guaranteed (at the hardware level) that your private key will never leave the device.
If you catch yourself reaching for your 24-words more often than once every few years, you’re doing something wrong and this could potentially open the door for all sorts of attacks (every time).
1 Like
thanks for advice…i already cleaned and changed whatever seeds, pwd, etc in my hot environment…however, I’m sure the system is not yet perfect and there could be errors somewhere…the address where my ADA was sent has not move the coins…if this is a real attack…it should have been traded by now right…