I opened my yoroi wallet today to notice that practically all of my ADA had been sent to an unknown address. A significant amount. I did not authorize a transaction. It has been a few weeks since I added funds and staked them in the waller and I have not even opened the wallet for several days. The transaction occurred yesterday . I am using an Iphone app. Is there anything I can do? The transaction is still showing in red. Does that mean it has not totally gone through yet? Is there a way to freeze a transaction on my end? I have all the transaction information. I have emailed support and have not heard back. Help!
1 Like
If the transaction has been confirmed by the network, there is nothing you can do anymore.
Your seedphrase has probably been compromised in someway so the scammer had access to your funds…
Im sorry for you but the funds are gone.
Just out of interest, what spending password did you use? But make sure you don’t use it for any other service before posting, and that you change it for your wallet, in case there is still Ada in it or you plan to use it. You might have some malware on your computer which stole the wallet and hacked the password.
I think the spending password test for Yoroi is a disaster. Looks like it just checks if the password is 10 characters long. Here is a nice password test tool, which tells you how long criminals need to crack a password:
Of course, don’t enter any of your real passwords in it, they might collect it. But they are using a wordlist to check the secuirty, so if you try “helloworld”, it can be hacked in less than a second. Worse for something like “1111111111”, which is all accepted and perfectly fine for the Yoroni wallet software.
And always report such thefts to the police. They have more possibilities to get the money back, e.g. collaborate with exchanges and then catch them, when the criminals want to exchange the Ada, or examine your computer to trace the malware back to the originator (but they might do this only for lots of stolen Ada).
Hi, I am experiencing same hacking issue and can’t understand how anyone can hack my wallet. I left an inquiry to Yoroi customer support but is this something that they can’t recover?
Unfortunately, there is no way to stop a transaction once it has been submitted to the network. One tell-tale sign of a hack is if your ADA ends up at a Byron address (begins with DdzFF). A few of the smaller exchanges still use these; that’s where hackers tend to launder the stolen ADA.
To any hodlr reading this, please buy a ledger Nano X (directly from Ledger). Hardware wallets will prevent such hacks.
2 Likes
are you all hacked using ledger or something else?
They arent hacked. They compromised their seedphrase somehow.
1 Like
Thanks for the kind explanation. I have staked my ADA to one of the staking pool and is there any chance that it was hacked during the staking process? There was in-wallet transaction before it was sent out.
2021년 10월 8일 (금) 오전 5:12, Chris Graffagnino via Cardano Forum <cardano@discoursemail.com>님이 작성:
Yes, I am waiting for the Yoroi customer support 's answer but is there 24/7 support Live Chat support in Yoroi Wallet? Their response is too slow.
I only access Yoroi Wallet from my smartphone and left untouched after the staking. So I contacted Staking Pool company, Pilot Pool, and their answer is that it’s not normal.
I trusted Yoroi Wallet security and can’t believe what has happened to my account. SOS!
2021년 10월 8일 (금) 오전 6:50, Norah via Cardano Forum <cardano@discoursemail.com>님이 작성:
1 Like
Thank you so much!
2021년 10월 8일 (금) 오전 7:31, Norah via Cardano Forum <cardano@discoursemail.com>님이 작성:
But this is more suspicious. Why are they asking Seed phrase?
2021년 10월 8일 (금) 오전 7:48, Norah via Cardano Forum <cardano@discoursemail.com>님이 작성:
1 Like
Norah is clearly a scammer that is phishing. Don’t contact that number!
1 Like
As @ADAproblems mentioned lately there are many bots and scammers on the forum. The administrators are not able to remove those immediately. So be cautious and NEVER give away your seed phrase to anyone.
For sure! Thanks for your advice.
2021년 10월 8일 (금) 오후 5:10, Nik via Cardano Forum <cardano@discoursemail.com>님이 작성:
Of all the advice I’ve read, and believe me, I’m still reading, the information about Byron era addresses being used by hackers has by far shed the most light. I just can’t figure it out. Some of the advice about just leaving seed words lying around doesn’t apply to everyone. PLEASE comment some more about hackers’ use of Byron era wallets and some of their known techniques. 
I wondered if you could answer my question please as you seem knowledgable, I bought some ada off coinmama early in 2021 and I had downloaded the Yoroi wallet which I sent the ada into.
The Yoroi wallet was IOS on my smartphone I could see the balance I’d not done anything with them more a hodler, recently I got an upgrade phone and when all the apps had transferred I had no ada or transaction history, so I got my 15 word seed phrase and did a wallet restore but even though the wallet restored the balance was zero and no transaction history not even the arrival transaction from sending from coinmama.
My seed words haven’t been compromised, I tried another wallet restore but the ada still don’t show and neither does the past transaction.
I did link the Yourio Shelly era wallet to Ledger but I never transferred the funds, it’s as if they’ve completely vanished and I’m at a loss to explain it.
Any advise welcome.
That’s at least a sign that it was not a hack/theft.
You did sent to a Shelley addr1… address?
Most often the reason is: There is another seed phrase somewhere, you had two and mixed them up.
(But could also be synchronisation issues of Yoroi. You could try with another wallet app like Eternl, Flint, or Typhon.)
1 Like
Hi thank you, it was a Shelly era wallet yes, I don’t believe I had two sets of phrases but I can check as I know where all my things are.
Syncing issues could you explain please?
It’s not possible for the transaction history to just disappear.
It means that the wallet you are restoring is not the same as the one you were using back then.
Do you remember one of the addresses back then? Does it match one of the addresses for the wallet you are restoring now?
Can you remember if you did several attempts at creating a wallet and maybe recorded several seed phrases?
Or did you connect the Ledger before receiving the ADA and just received them on the Ledger wallet instead of the software seed phrase wallet?
1 Like
Wallet apps have to sync to the blockchain to display data to you. Yoroi has been known to sometimes be slow or unreliable at that. But since you wrote in the other thread that you already tried with Eternl, we can pretty surely exclude that.