Sundae Swap Scam

I was conacted by user Discord user Pickachu#1450 as i was getting frustrated with the lack of information coming regarding the rewards payments.
He directed me to [link deleted by @napoles] to check (without thinking asi was suffering from covid) i clicked the link and put my seed in(again not thinking straight) and within 30 mins my ADA funds had been cleared out to this wallet


i was then contacted by Discord user 1999#2704 who said that his nephew had a similar thing happen and lost $52k, funnily enough a hacker then contacted him who could retrive his funds for $500usd + 10% of funds revocered.

i conacted this hacker ([link deleted by @napoles]) who says he has a 100% success rate with funds revocery with a tool called “9plusHagav”.

Is this even possible, can a “warning marker” be put on this wallet that its used stolen funds?


I am sorry to hear you have fallen victim to a scam.

No it is not possible to recover your funds by using a tool or program.

The only way someone could “recover” your funds in this case is if the guy who stole them from you was offering them back to you for the $500 + 10% … Which is unlikely as I am sure you would have to pay up front and they would simply have stolen another $500 from you.

In the latest catalyst fund 7 there was a category where the community voted on different projects that will hopefully help reduce people falling victim to a scam.

Gotta guard your seed phrase.
I would be careful navigating to sketchy webpages as they could have zero day, zero click malware on them. Malicious websites could allow the attacker to potentially gain control of your workstation. That could put other data and browser extension type wallets in risk of theft and attacks like ransomware.


Here is a threat analysis report on one of the links you provided.
The other appeared to be unavailable for hybrid analysis to scan.

1 Like

is what it is, mark it up as a hard lesson learnt!
What would be good is if there was 2FA enabled/embede on wallets, exchanges have it why cant our SW wallets.

Two factor wouldn’t have stopped the malicious site from taking your funds. Once you gave them the seed phrase they don’t need your password or anything else to be able to restore your wallet and remove the funds.
In the case of the exchange you do not own your seed phrase. The exchanges keeps it and you are authenticating onto their platform. Each exchange has different recovery methods and two factor options.
This doesn’t necessarily make it more secure. It just means that there isn’t a seed phrase that you are able to give a malicious site. However if an attacker is able to get your email and other personal identifiable information. They could try a social engineering attack and attempt to trick the exchange into letting them into your account. Create strong passwords and do NOT reuse them.

1 Like

Sorry for your loss. Don’t pay to the ”hacker”. It can’t be done, criminals would have perfected this technique by now if it was possible.

This tactics is recycled from nigeria email scams. If you were du,b enough to fall for the email scam, you may be dumb enough to pay, in advance, to a ”lawyer” who can ”claw your money back” or so they claim. Same people who do both scams.

Too bad you didn’t realise that you never use them for any other purpose than restoring a lost wallet. Someone lost around $30k because he failed to understand that you had to press a button. So he went to what he thought was support and they, of course, claimed there was a bug and gave him a new executable. Then, he did the same thing.

1 Like

I think best practice is to use several wallets, one of which should be a hardware wallet. So does guy from the coinbureau. You should keep small amounts on one which you use to learn and experiment. Be very careful when connecting.

If you have a really large amount of coins, use one hardware wallet for every $10k or so.

I should mention that he guy who got scammed noticed that the fake telegram support site had more ”followers” than the real site. Of course, these followers were generated by bots. Coingecko gives you the real sites. Also, I suppose you can’t make any kind of comment for these sites. Just like the giveaway scam videos found on youtube. If there are comments but you can’t make one. then you know it’s fake

All very good points for security. One thing i am not seeing anywhere or anyone talking about is being able to flag wallets and coins/tokens that have been acquired fruadulently?
I can follow the money but i cant do anything about thi, if this was a bank or govenment they would be able to.
There needs to be a team setup within the ecosysmtem from IOHK that can look at whats happened and make the final call.(this doesnt have to be employees to keep it decentralised but someone who is variefed by IOHK).


I think these accounts can be flagged at exchanges to prevent scammers from getting fiat currency. However, it is problematic at best. How can you be sure a reported address belongs to a scammer. It could be someone who wants to revenge someone. I’m not sure youtube reports the websites or the addresses. I’m not sure iohk can make a final call.

1 example would be, i live in 1 part of the world with an ip range and all of a sudden my account/wallet is showing up in another part of the world in another ip range to move money/crypto quickly to some off ramp. this looks suss on any level.
Most users will have a normal pattern and the common new user(masses that need to come to crypto (MUMS/DADS)) will too.
this would give these users some form of security that funds are safe.

That would indeed be suspicious. It would be nice if you could lock your wallet to a certain ip range. Maybe there will be some kind of smart contract that can do this in the future. Who knows? Or prevent coins from being sent to fishy addresses. I’mmtrying to come up with ingenious ways of using a yubikey with cryptocurrency.

Actually, if you go to developer/CIPs you will find a suggestion and that is that you shoud be able to digitally sign an address. Then, if you send money to that address you would know that it could only belong to the person/company that signed it. You wouldn’t need to worry that you send money to some unknown receiver.

1 Like