Scammed for $20k, seeking advice on what went wrong
<table> <tr><td> <a href="https://www.reddit.com/r/CryptoCurrency/comments/18g025k/scammed_for_20k_seeking_advice_on_what_went_wrong/"> <img src="https://external-preview.redd.it/lF8BYd1ySs1mvx0KEcOIMsy_oXxCcR4DE3SlwJNmTUQ.jpg?width=640&amp;crop=smart&amp;auto=webp&amp;s=d80f8c4ad811301ff79f38454d1e90c76130d0d4" alt="Scammed for $20k, seeking advice on what went wrong" title="Scammed for $20k, seeking advice on what went wrong" /> </a> </td><td> <!-- SC_OFF --><div class="md"><p>A scammer gained access to two of my wallets and within 5 minutes, managed to drain about $20K worth of coins (at the time).</p> <p>I know I&#39;m at fault here, but I&#39;m trying to learn from this. I&#39;m aware I can kiss these coins goodbye.</p> <p>What baffles me is how they accessed not one, but two of my different seed phrases.</p> <p>Some of my suspicions:</p> <ol> <li>The seed phrases were stored in 1Password (I know, stupid, it&#39;s now fixed). However, there were other seeds in there for wallets containing about $5K, which the scammer didn&#39;t touch. Why would they leave those?</li> <li>10 days earlier, I used portalbridge.com to bridge ETH to SOL. But I confirmed it was legit, and only connected one of the compromised wallets.</li> <li>Hours before the hack, I used [this guide](<a href="https://shoprestatement.com/blog/how-to-block-fast-fashion-brands-from-google-shopping-search-results/#paste-this-code">https://shoprestatement.com/blog/how-to-block-fast-fashion-brands-from-google-shopping-search-results/#paste-this-code</a>) to filter some Google Shopping search results using uBlock Origin, but nothing seemed out of the ordinary.</li> <li>I had some apps cracked by m0nkrus, but they are considered legit as far as community trust goes. Also, these were installed quite some time ago.</li> </ol> <p>Here&#39;s a breakdown of the transactions that occurred during the scam:</p> <p><a href="https://preview.redd.it/5j2krire9p5c1.png?width=3392&amp;format=png&amp;auto=webp&amp;s=884c528cab883560e138d328eac097cc8329572b">https://preview.redd.it/5j2krire9p5c1.png?width=3392&amp;format=png&amp;auto=webp&amp;s=884c528cab883560e138d328eac097cc8329572b</a></p> <p># Wallet 1a (ETH): 0xdcD7F0CC4B01d02Ab3963270F0Dd242ee2108d6C</p> <ul> <li>2.92 ETH stolen and transferred to 0xAfFD49F769F2Afc92b98C0BcAE86FBFb567f8F6D, then moved to FixedFloat (0x4E5B2e1dc63F6b91cb6Cd759936495434C7e972F).</li> <li><p>1,456.38 AGRS and 0.019 ETH stolen and transferred to 0x9a49DD07481B3B6e6452F7970CfE9Bfb12F234D6, where they currently remain.</p> <p># Wallet 1b (BNB): 0xdcD7F0CC4B01d02Ab3963270F0Dd242ee2108d6C</p></li> </ul> <p>124,583.39 SAITO and 55.44 XCAD swapped for 4.02 BNB via 0x1a1ec25DC08e98e5E93F1104B5e5cdD298707d31, then 4.49 BNB transferred to 0x9a49DD07481B3B6e6452F7970CfE9Bfb12F234D6.</p> <p># Wallet 2 (BNB): 0x805b2c2012f5Ea9607f4F2B8F8BeAdD126D10c7b</p> <p>52,665.91 SAITO swapped for 1.59 BNB, which was then transferred to 0x9a49DD07481B3B6e6452F7970CfE9Bfb12F234D6.</p> <p>The BNB from Wallet 1b and Wallet 2 was consolidated in 0x9a49DD07481B3B6e6452F7970CfE9Bfb12F234D6, and 6 BNB were moved to 0x6297EC9F725919A5FD2ca95240f59e09585871dA, before being transferred to a FixedFloat hot wallet (0x4727250679294802377dD6cA6541B8E459077c9).</p> <p>---</p> <p>The address 0x1a1ec25DC08e98e5E93F1104B5e5cdD298707d31 appears to be a contract linked to ongoing scams, judging from the comments posted on it, but I wasn&#39;t able to infer anything from these.</p> <p>I&#39;ve also filed a police report and reached out to FixedFloat. They&#39;ve responded that they can investigate the scammer&#39;s server and order logs, potentially retrieving the IP address and other identifying details.</p> <p>Any help would be appreciated!</p> </div><!-- SC_ON --> &#32; submitted by &#32; <a href="https://www.reddit.com/user/davesp1"> /u/davesp1 </a> <br/> <span><a href="https://www.reddit.com/r/CryptoCurrency/comments/18g025k/scammed_for_20k_seeking_advice_on_what_went_wrong/">[link]</a></span> &#32; <span><a href="https://www.reddit.com/r/CryptoCurrency/comments/18g025k/scammed_for_20k_seeking_advice_on_what_went_wrong/">[comments]</a></span> </td></tr></table>
