Scammed on Daedalus Mainnet

Hello everyone

A few weeks ago I have installed Daedalus and didn’t have any trouble with the program. I transferred my money from Coinbase to Daedalus without any troubles. I delegated my ADA to a stake pool and one day later there’s a transaction sending my ADA to an address. I just lost all my money to a scammer and I wouldn’t know how. I have no passwords or recovery phrases written down on my PC, it’s all on paper. I know it is not because I delegated it to a stake pool. I just logged in and bam gone was 2000€.

What’s the point of being able to see addresses if you cannot track them down or get your money back.

I even downloaded the program from the original website and my computer is malicious free, you would think, right?

Please be careful out there.

this was my checksum which was correct
7f3d6d4404ecd6e4fd0c5f5aa0048467626f206140315ba39b2d234b13fbefd8 (taken from daedalus website)


I feel sorry for you.

Because you mentioned your download of Daedalus a few weeks ago… Did you check the checksum before installing?

I’m very much interested in investigation.


Thank you for your comment.
And yes sir I did the checksum check!

1 Like

I did a lookup on the destination address and it seems they did a lot of transactions today probably all scams. Till now for around 60.000ADA.

1 Like

Maybe your recovery seed and your password, but the secret key surely isn’t. Unless your PC is not as malware-free as you think, I don’t see how an attacker could have had access to that.

Anyway, it’s not the way a scam works, you would need to send ADA to some address under false pretenses but with your agreement. It looks more like a hack.


Hi @Loupan,

I am so sorry for your loss. Did you perhaps install Daedalus scam mobile app?


Oh yes totally, I am sorry I used the wrong words. But yes I’m also thinking about malware but I’m not sure as I did some scans and security checks and nothing seems to be found.

1 Like

The program on my pc is the only thing I’ve had downloaded and installed. According to the checksum I had the correct program.

1 Like

No harm done. It is an eternal game between antivirus editors and malware writers, I mean there are techniques to evade or bypass antivirus software.

All the more reasons to start looking for alternative explanations. In case you installed any other cryptocurrency-related software (prior to Daedalus install), then I’d advise you to check them on VirusTotal (automated malware analysis).

That’s indeed another plausible explanation, could you have restored the wallet on another machine or using a suspicious app ?


Is there a way to locate the IP address of a wallet? Or is there a way to see if this guy holds a wallet at a crypto exchange? There must be a legitimate way to end this kind of fraudulent behaviour. This guy scammed me out of 24k ADA coins 5 days go. I have reported this incident to kraken, to the local police and consulted a lawyer, but with little success.


So you did have the exact same problem? I do have the adresses of the transfer.


You should be able to look that up on Cardano explorer. And yes. this must be ended. We can never be sure, maybe they found a new way to hack people, right?

You can find my transaction there which was 1291.249858 ADA.
I’m so sorry this also happened to you.

1 Like

No, a wallet per se is a cryptographic key pair, you can have the same wallet on several machines, you can have a wallet on one machine and have its IP address change, so no relation whatsoever.

Possible on a few blockchains, not that I know of for Cardano, I mean it could be done, has been suggested before but «not a priority», for the foreseeable future at least.

Of course there is, again, a few suggestions have been made in this direction, to no avail so far.

If Kraken is «your» exchange (as opposed to the scammer’s exchange), there is nothing they can do about it. As for law enforcement, you did well, nothing can be done without them regarding the identification or freezing of the assets (provided they are located on an exchange first) but to make this case a priority it would help to find other victims of the same scammer. That wouldn’t be so hard if some central authority would accept playing a part. Unfortunately, I fear that for some, «personal responsibility» is understood as «every man for himself».

As it has been said, scammers are often abroad, so even a success will require time and efforts. It’s not impossible though, it is only so for those who don’t even try.

1 Like

I take full responsibility for my stupid behaviour because in that moment I didn’t use my brain properly but the livestream with 7k, and a Youtube channel called Cardano foundation with 280k subscribers let my guard down. I have traced back all transactions of the scammer. b54e24e3364683f6012e5d554d79f78abd2006bd45e25b7ba8efd0c5 . The wallet shows 1.3 Million ada coins in total. The email address of the Youtube Channel owner is but most likely it was hacked. Anyway hopefully we can create a loud voice to stop this.


Scams are all about bypassing your better judgement. It’s easy to pinpoint the greed or the mistake after the fact and sometimes say that you should have DYOR. Even though there is some measure of truth in it, education has to be done upstream. As for stopping this, you’ve got several options depending on your objective (short/long term, not mutually exclusive), all being already covered. PM me should you need.

You’re probably right, hacking a YT account or a Gmail address often requires only a bit of social engineering, there is nothing very sophisticated about that.

1 Like

Sorey to hear, but welcome the the club, lost 1.9K ADA to the same address and in the same way.

I can understand if you clicked on a link or had a hack with Spyware but to be honest, I do not believe this is how this happend as the same happend to me, same address, same process, and again, all they say is that you have been hacked.Nothing found on PC with any virus scanning tool. Out of all the people in the world that has ADA, he picked you to be hacked, what’s the odds.

In my case I didn’t even have the laptop on during the time that my ADA was transfered out of my wallet.

And there is nothing anyone can do about it, they just closed the ticket after a few weeks…

The crypto criminals are smart and getting smarter everyday.

Get a hard wallet only think that I think is save as I do believe there is a flaw somewhere that someone is exploiting.

It may appear like you were intentionally targeted, but that’s not how malware work in most cases. I mean except a few State-sponsored hacking cases, it’s more like fishing (or phishing for that matter), in the way of casting a wide net and then see what comes back.

There is no need for your computer to be online, or even powered on, as it has been said, all that is needed is a copy of your secret key to spend the corresponding ADA. If someone copies a file from your machine (or a mnemonic seed from which he will derive the secret key) then the original file is not needed anymore.

Some of them are, brilliant even, most scammers are not.

I beg to differ, a hardware wallet is not safe per se, you still need to implement basic rules for security. The cryptocurrency is not stored in your wallet, like with the real-life analogy, the UTXO are on the blockchain, anyone with your recovery seed can access your funds, there is no need for physical access to the device. You could also make a paper wallet with Yoroi (not anymore with Daedalus).

There always is, it’s as old as human error.

1 Like

It’d be interesting to know if this malware is affecting only a particular OS.

Which malware ? It’s a hypothesis until proven otherwise. That said, most malwares target Windows. In the case of the fake Daedalus for Android it’s more of a deceptive app installed with the consent of the user.

1 Like

Would be interesting to know if this could have been mitigated if one would have spread the total Ada over multiple wallets on different machines? Could we set up a virtual machine with only Daedalus installed, downloaded from the official source, and nothing else?

If there was such a «flaw» and provided you don’t keep your recovery seed on your computer, nor on the cloud, not even a photo of it, then a hardware wallet or a paper one would be the best mitigation. That makes the private key unavailable to any remote attacker. A virtual machine may be hacked just like any other machine if it’s connected.