/biz/ - Business & Finance

>>57188982
How much?

use a fucking burner

Future of Finance

>>57188982
>"hey bro, i think you lost your wallet"
>gives the wallet, all empty

Thats crazy...mine too, but I only had $3 in there

>>57188989
$200
I'm a poor fag so this hurts, my next car payment is gone.
Now I'm paranoid and wiping my whole PC. Fuck me this wouldn't have happened if Binance didn't close my account.

I was so poor they had to move gas into my account just to withdraw it
But now I have no clue, did I just get malware?
Or was my account hacked for months and they were just waiting for some threshold to be hit

>>57189033
They bought solidly with your funds?

>>57189046
no all my funds were in solidly and they drained it from the platform

>>57188982
What did you click? Who did you open the door for?

>>57189033

did you save anything to your clipboard? e.g your secret key.

>>57188982
Mine too, my account was dormant for almost 3 years
>Only 20$ though

>>57189062
>>57189063
no, and I didn't download anything other than pngs from this site for the past 3 days.
the only vulnerability I can think of was that my metamask password was literally 'apple'
but even if they knew that they would have to have access to my computer to get the secret key from that?

>>57189052
How did you get your solidly?

>>57189077

have you saved your secret phrase to your phone or somewhere else digital?

>>57189080
i bought it straight from this site:
solidly dot com
>>57189086
no, I had like 10 accounts on that meta mask extension, and used a different one in development where had the key in some server code in some now expired website, but I don't see how that would reveal the secret key to my main account? I dont think the seed phrases between accounts in a single metamask extension are connected?

>keeping your cryptos on a browser extension

>>57189108
I had no other choice cause Binance exited my country and I didn't have another platform ready

Must have approved something or clicked a link or downloaded something. Metamask itself doesn't just get hacked without the user opening the front door.

>>57189117
yeah I can't think of anything other than my account being hacked years ago and me just never filling the wallet with as much currency till now

>>57189108
Yeah I need to start running mine through a virtual machine or something.

Your machine was compromised. You would do well to wipe it but go a step beyond and clear cmos/ flash your bios too. Also factory reset your router and secure erase all your disks. At least you didn't lose much.

>>57188982
Seems that my old guys kumar and Sanjay did it again, desu mate recently ive been into many beoble groups which where shilling some interesting advice about cybersecurity might need to take a look, less braindeads there.
Also i might format my pc and change my wallet, maybe you've been monitored by last days or so.

what is weird is that they sent the funds to WhiteBIT 3, and looking at the whitebit website it requires KYC?

Some of those hacks are weird. Let's say you can trust when someone says they didn't do anything stupid. Is it plausible that those wallets are being breached by random collision of the seedphrase or the entropy used by metamask to generate them? Dunno the technicals. I know it is supposed to be mathematically difficult for this to happen but who knows

>>57189134
I plan to wipe it but there is other stuff I have to handle first. I'm too paranoid to even bring it up here, what if Kumar and Sanjay are watching this thread

Did you fuck with any airdrops or something recently?

>>57189254
the only think i messed with was solidify, but I dont think that was the issue, they had the secret key to my account, they signed transactions for it

>>57189259
Oh right, so they were actually using your private keys to sign transactions, it wasn’t just the account being drained by a malicious contract?

>>57189006
>$200

>>57189267
yeah,
they had full access to the private keys, dont think solidify was the issue. Ran an anti-virus and nothing came up though
>>57189273
thats 2% of my networth, it stings

>>57189273
That’s the monthly salary for like 90% of the planet

>>57189277
sorry for your loss brother
>>57189296
>That’s the monthly salary for like 90% of the planet
damn... really? I piss that much away a week on junk food and alcohol. really makes me feel grateful for being a firstie

>>57189143
Report it

>>57189328
to what? I dont have an account with them and they require me to have one to send a ticket

>>57189296
That's insane
Europeans really are a higher breed

>>57188982
Windows machine? What browser?

>>57189382
W10, Brave browser
dont see how either of those are relevant though

>>57188982
how does youre metamask get hacked

Pro-tip:

Store keys on paper (or even better, metal sheets) and never digitally.

Never use a windows machine and invest with it at the same time.

Use a Linux machine to invest and make sure it's always up to date.

I swear even torrented pirated software can load malware into your computer if you don't know what you are doing.

>>57188982
You minted an nft on some jeet site didn't you

>>57189450
I admit I do my banking and investing on Windows. I have a Synology NAS running a proprietary os that's a very cut down Linux kernel. I think I'll start doing all my banking and investing on that thing. It's probably the most secure device I have that isn't airgapped.

>>57189396
As I've said:

>>57189450

Windows 10 is by definition spyware.

>DO NOT EVER USE WINDOWS 10 PCs WITH CRYPTO INVESTING

You're basically asking to be hacked.

You probably got hacked by a pirated software through a torrent (I do that too by the way) which also installs malware.

I think they got remote access to your PC and used a RAT (Remote Access Trojan) to literally reveal your password

Then get inside of your wallet extension, share QR code to easily get recovery keys.
From there, it's as easy as doing it on their own PC.

>>57189336
Wait until you hear what Americans make.

>>57189498
yeah I agree I probably got hacked that way, but what does windows have to do with it? I would've got hacked on linux pirating the same stuff anyway.

>>57189108
There's fucking nothing wrong with that unless you're a retarded ape opening shaddy links or signing/giving green light to pajeet airdrop contracts.

Last time i had $300k in brave browser and nothing ever happened

TL:DR just don't be retarded and funds will always be SAFU

>>57189490
It would be more secure, yes. But like...

>Stealing crypto is a lot easier than stealing FIAT financials

A hacker would have a lot more work and trouble hacking your machine for that.

Regardless, switching to a Linux machine will guarantee you will be safe while investing in anything

>Provided you update regularly
>And also do not give permission to remote access to your Linux PC
>Otherwise a hacker would literally have to get physical access to your home internet

>>57189506
>would've got hacked on linux pirating the same stuff anyway.
That's not how it works. Malware designed to exploit vulnerabilities on windows will do nothing on linux

>>57189506
Hacking a Windows PC is a walk in the park for a hacker

Hacking a Linux Machine is a lot, lot, lot harder.

>Do this right now - do a web search on how many people got hacked with a Windows PC
>Do a web search on how many people got hacked with a Linux PC
>Compare

It's as light and day.
Do not touch Windows for anything crypto related.

>>57189332
Don't they have social media? Twitter?

>>57189100
If you created sub wallets on the same layer then they're all the same seed phrase

>>57189100
>>57189577
So OP got hacked because he was too lazy to write down his seed phrases on a piece of paper? If that's true, that's on him and has nothing to do with Windows or pirated software. Not saying that doesn't happen but vietually every story i read about wallets getting drained come down to user error.

>>57188982
did you have an antivirus?

>>57189615
If your computer gets compromised, even doing this won't be of much good.

A keylogger could easily get the wallet password and from there you can get the keys rather effortlessly.

>>57189567
probably, its a giant company if you search it up, but they will probably ghost me
>>57189615
my seed phrases were on a piece of paper, they are still stored in metamask regardless doofus
>>57189661
windows defender yeah

>>57189062
It's crazy how people don't know that avoiding clicking on random links is a very important move to survive here. Even interacting with a platform that hasn't been audited by the top audit firms like Trail of Bits(don't even consider Certik) for example, can put your whole portfolio at risk. Take your assets security seriously guys!

>>57189696
the future of finance huh. At least if my bank gets hacked I have free insurance from the Feds

>>57189675
Even if someone has the wallet password, it would still require remote access which would get noticed?
>>57189695
You said you stored your key in server code?
Run Malwarebytes and see if anything comes up

>>57189746
ran it and nothing came up except for my monero wallet, which it always red flags. Also I had other non-metamask wallets on my machine but they were left alone. Either the passwords on them were good enough that they didnt get to it even with remote access, or I got hacked long ago somehow and they were dormant for this long.

The thing is I have remote desktop on my machine turned off, see pic rel

>>57188982
Let this be a lesson to everyone reading this thread: only so crypto shit on Linux. Unironically an android or apple phone is more secure than windows

>>57189830
another thing I will add that I will do from now on

cycle your wallets yearly at least, to prevent you from losing them and to prevent some ancient mistake you made (screenshot of seed in cloud account that you forgot to delete getting hacked) coming back up to bite you

>>57189800
Ok, again. What about the key stored in the server code? It's the private key? Why would you save that there? Another anon pointed out that it's the same one for every sub wallet. I don't buy into the talk with Windows vs Linux, it sounds more like you did a mistake. I want to know what happened

>>57188982
How?

>>57189695
>windows defender

That explains.
This is super easy for hackers to get around.

You probably installed malware without knowing.

>>57189852
ok so 3 years ago I did a hackathon where I had a wallet call a contract automatically. This was not on the Ethereum chain, some other chain but still the same metamask extension. I then put the secret key in the server code so that it can do transactions automatically. The website shortly after the hackathon went offline as I stopped paying for it, but I didn't bother deleting the files of the server (I rented the server of some popular hosting platform called Floki) The server files weren't visible publicly, but I suppose it's possible some insider in the company looked at them.

The only other thing I can think of is like 2-3 years ago I had some malware on my PC but I quickly removed it, it's possible they got my metamask seed phrase then as my password was easy to brute force. But that is weird because I've had over $1000 on it at some points, but never got drained then, but it wasn't on the Ethereum chain. Maybe the hacker was only checking Ethereum?

>>57189879
this is what I'm thinking but malwarebytes found nothing either

>>57188982

Sorry to hear this happened anon. That sucks. Take the advice from what the other anons have said and wipe your computer clean, fresh install of everything. Use another wallet like Trust Wallet. It is never a good idea to have your crypto saved on a browser extension. Good luck to you on the next bullrun!

>>57189396
Okay now you’re just a troll or mentally retarded. You’re telling us that your OS and and browser aren’t relevant? What are you up to here?

>>57189898
metamask needs the chrome store to be downloaded, and malware, hackers will probably be knowledgable with all chormium based browsers
making malware for W10 is just as difficult if not more than on Linux, as Linux gives the base user more freedoms, and it is up to the user to implement security features like chroot

>>57189881
I still don't understand how even with the wallet password compromised, someone can transfer funds? Wouldn't it require remot access as well? Wouldn't you see if someone starts moving your mouse around, entering his wallet address and so on? The most plausible explanation is the server code theory. I'd have a serious discussion with the hosting company. Perhaps the hosting account was compromised and the intruder started snooping around, saw the code and stole the key?

>>57189963

This image can't be real.

>>57189534
>>57189675
I have a Windows PC but is it good enough that I only use crypto and defi with Ledger + Metamask + Ubuntu VM? These threads always worry me desu. I feel like I take it on faith that this system works sometimes.

>>57188982
WTF IS HAPPENING I JUST CHECKED MINE AND ITS ALL GONE $50K

>>57188982
Sorry to hear this. I have suffered 2 hacks during my time in crypto (one for life changing money, the other for $3k) It feels like the end of the world, but I'm still here, still grinding and up bigly

>>57190026
grats on recovering anon

It's only $200 so I just have to cut back on food for a month and I'll be fine. I'm just praying all my other funds are safu.
I'm transferring all my funds to new wallets but some of it is unstaking so I'm still a bit worried.

I just wish I knew how it happened. I'd pay another $200 just for that, so that I can make sure I never fall victim to it again

>>57190070
Thanks anon. Yeah, do that ASAP. Revoke permissions if you plan on using any of your previous wallets.
You'll bounce back in no time :) I literally lost everything and managed to bounce back

>>57189881
After they robbed your wallet, there's probably a script to leave no traces behind.

I didn't find anything either when I got hacked.

>>57189916

.>making malware for W10 is just as difficult if not more than on Linux, as Linux gives the base user more freedoms, and it is up to the user to implement security features like chroot

As I've said: with Linux it's a lot harder because you actually need to give an app permission for that.

With Windows you can just click on some shady link and it stores everything you have during said browsing session.

This is why you need to ditch Windows for investing.

You're still on the same mindset that made you lose money on the first place.

>>57190227
I was planning to ditch Windows entirely for a while, but this is the straw that broke my back.

But how do I transfer over my reaction folder knowing there are no viruses on it?

>>57188982
same happened to me but with 10k LINK

it could be worse OP

>>57189703
Why should the bank get hacked in the first place? Anyways, defi has improved significantly to help protect user's assets in the event of a hack. I know one of the new features on SpoolFi's v2 is insurance fees; definitely a much needed addition(y'all pay for these on tradfi anyways)

>>57190350
the bank will get hacked for the same reason I did? for money??
also the insurance fees for defi is if the platform itself gets hacked I imagine, not if a single user gets their wallet hacked.

>>57189006
$200, be extremely thankful of this lesson man.

How do you think it was hacked? Maybe a keylogger on your laptop?

>>57189077
bro don't give out your password even now

>>57190414
It's possible it was from a keylogger from long ago, they harvested my secret and just never used it till now.
>>57190418
my metamask is 100% drained and I already removed the extension. When I reinstall it i'll have to make a new password anyway

>>57190432
Do you post hardcore stuff on pol? This might be glowniggers fucking with you.

I just keep like 80% of my funds on binance, my theory is someone will at least care if the money is all gone

>>57190450
no, I just pirate a bunch of shit so my guess is some malware from that that only targets metamask and nothing else

>>57190465
That's fucked up man, the $200 is nothing compared to the stress of having it happen again.

I've had $600 then another $4000 lost from dodgy exchanges closing on me but at least I learn from them.

All the best poorfag

>>57190273
Just sent it to a Linux machine.

Malware and other bad scripts which would work on Windows have no effect on Linux whatsoever.

>>57190465
I pirate a bunch of shit and never had a problem while having a bunch of crypto on my meta and phantom wallets. I use Avast on top of windows own protection. I honestly don't know how people can introduce malware in their systems while having such modern paranoic software. Avast always dings at me when I open uniswap because there is some blacklisted website that it detects there lmao.

Ty anon, you reminded me to make a new wallet on Linux and transfer everything to it. You can at least rest knowing you saved me.

>>57190465

>no, I just pirate a bunch of shit so my guess is some malware from that that only targets metamask and nothing else

I guarantee it was the stuff you pirated.
Double sure if it was through torrenting.


Do this

>Buy old laptop for cheap
>Make sure it has enough RAM memory for web browsing
>Install web browsers (Firefox and Brave)
>Do your investment there

Only use the windows machine for researching and non-crypto activities.

A hacker would need to literally try to hack your own network physically before stealing any crypto.

>>57190465
that's definitely the most likely culprit and something you should not do on your main machine, but on some retarded gaming console/adobe nigger artsy fartsy secondary pc. windows itself is not the problem, been using ltsc with simplewall and firefox orofiles and a giant bunch of mostly open source software for gorillions of years without the greatest opsec in the world, i just don't literally shit where i eat and do my porn and torrenting degeneracy on that device lol. you can get some rare lunix malware as well if you act THAT retarded on your trading device, it's just less likely but by default it is not more secure, just more obscure. Eslecially if it still runs x11 and you copypaste your keys. Get a meme ledger as a hot trading wallet and neet paper wallets or gnosis if you're paranoid for cold storage and dont get phished

>>57190371
If you lose your passkeys to a thief, that isn't a hack, it's straightforward carelessness and theft. Hacks occur when there's an exploit probably from a smart contract that wasn't double checked and audited and that's why I mentioned the insurance fee part for Defi; the protocol itself doesn't have a central vault where assets are pooled and stored, so a hack would mean your wallets are affected or the protocols where users' assets are routed to are affected(like what happened with Euler); they've gone ahead to establish a 2-factor authentication for that: smart contracts have been audited by the best including Trail of Bits and in the case this exploit occurs, insurance fees would provide a buffer for affected users.

>>57191064
You are way too technical and normal people have included "hack" in their vocabulary in a broader sense. "Hack" is used as unauthorized access to a system. Most "hacks" are just people being careless and giving away key information. Social hackers literally ask questions to company employees to gain access to their systems.

>>57189296
Yeah but the cost of living in those places is also like 90% less, so it evens out.

>>57190227
>>57190529
T: I have no idea of what I am talking about

Now you're not a newfag anymore

>>57189033
I am sorry for you but this is just hilarious
Imagine having to invest into hacked account first to cash out
The state of crypto

>>57189842
>screenshot of seed in cloud account that you forgot to delete getting hacked

...bro

>>57189006
kek, you're fine then, imagine losing several bitcoins at once and look back on it

>>57189498
Imagine downloading fucking torrents then doing banking on the same machine

Op's mm password was "apple". Tells you everything about his iq

tfw I use arch btw

100 post begging thread
Pathetic samefagging.

>>57189077
>past 3 days
What makes you think viruses can only survive 3 days?
Literally get a job and work a couple days you fucking dunce