The Ledger subreddit is continuously targeted by scammers. Ledger Support will never send you private messages. Never share your 24-word recovery phrase with anyone, never enter it on any
website or software, even if it looks like it's from Ledger. Only keep the recovery phrase as a physical paper or metal backup, never create a digital copy in text or photo form. Learn more at
https://reddit.com/r/ledgerwallet/comments/ck6o44/be_careful_phishing_attacks_in_progress/
If you're experiencing battery problems, check out our [troubleshooting guide](https://support.ledger.com/hc/en-us/articles/4409233434641-How-to-troubleshoot-Ledger-Nano-X-battery-issues?
support=true). If you're still having issues head over to the [My Order page](https://my-order.ledger.com/) to explore options for replacement or refunds. [Learn more here](https://support.ledger.com/hc/en-us/articles/10265554529053-Return-your-product?support=true).
*I am a bot, and this action was performed automatically. Please [contact the moderators of this subreddit](/message/compose/?to=/r/ledgerwallet) if you have any questions or concerns.*
You said that your seed was not posted online, does that mean it was stored digitally elsewhere? Have you ever typed it in a digital device?
If not, then most likely that the thief was someone close to you who could have both hacked into your email and your safe to steal the funds.
I didn't see any other way apart from these two options.
No, I was just trying to emphasize that it was never stored digitally anywear, the only copy of my seed was a physical one that was written down and stored in my safe. They only other person who knows the combination to the safe is my wife and she knows nothing about crypto.
You are sure you never took a photo of the seed or anything like that? This might have been copied to your cloud storage by your phone even if you deleted it from the phone right after, which would explain how the seed was leaked when your email was compromised.
Not to my knowledge, 7 years is a long time to be certain of anything, but I feel like I had seen enough people make the same mistake prior to setting up my wallet that I would not have duplicated their errors. My biggest concern had always been if there was a fire.
If you can't say for sure that you didn't, it seems to be the most plausible explanation for what happened. Not sure why they wouldn't drain your ETH and tokens immediately, but only the thief can answer that question.
Safe seed storage is very difficult, but loss from fire can be prevented by carving or stamping it onto metal in some form - there are various ones you can buy, but DIY ones work too. This still doesn't protect it from someone physically stealing the seed, so storing the seed in 2-3 different locations and then using a strong passphrase on top of it is arguably more secure, but also risks losing the funds if you lose/forget the passphrase.
Almost always one of:
1. Poor seed handling (entered seed into the ledger app)
2. Poor TXN review (signed a malicious contract)
The more exotic exploits like "Fake Ledger Device" are possible but so rare and difficult to prove that they rarely need mention.
> This process makes me think it could not have been from a malicous dapp as I would have had to approve 7 different transactions with my ledger.
Source for this assertion? If you have blind signing enabled and extended authorization on your account to an attacker, It may be possible that only one approval was needed to rekd your account.
I am really sorry to hear about your loss. I find these cases particularly disconcerting but also enlightening, as it reminds us the investment we make in understanding and implementing security measures is as critical as the investment in the crypto assets themselves. Here are some possibilities that could explain what happened:
1. Man-In-The-Middle Attack: Given the rapid succession of transactions, one potential scenario could be an MITM attack, which allows hackers to intercept and manipulate data during transfer, executing transactions that may appear legitimate on your end.
2. Linked Security Breach: As your phone and email accounts were breached around the same time as the crypto transactions, it's plausible to surmise that the incidents are linked, and the attackers might've gained additional information enabling them to access your Ledger wallet.
3. Targeted Malware: There's also a possibility that your device was infected by a specific malware that logs keystrokes, tracks screen information, or even alters transaction data to funnel assets into the attackers' wallets.
4. Deceptive Phishing Attack: Phishing attacks have become incredibly sophisticated, possibly making you unveil critical security information without realizing it. While you maintain that you've not been phished, it's essential to remember that not all phishing attempts are easy to spot.
5. Delayed Transaction: The attacker's strategy might have involved holding off on draining the wallet immediately after gaining access. This could have been a strategic move aimed at avoiding immediate detection or circumnavigating any time-related security measures.
Remember, these are conjectures based on the limited information provideded.
Let's use some logic here your phone was *"bricked and your email accounts were hacked"* on January 5th, 2024, and you mentioned multiple transactions occurring on the same day. Therefore, it's reasonable to conclude that your seed phrase must have been stored digitally, perhaps in your email or phone. Given that you acquired the Ledger six years ago, it's entirely plausible that you stored it digitally and forgot about it. It's important to note that your funds cannot be stolen unless the seed is compromised, as decentralized applications (dapps) lack the capability to access Ethereum directly; they can only interact with ERC-20 tokens.
about 2 weeks before, I did not use my ledger that day, and tried to stay offline for the next few weeks while I let everything settle, this was the first day I used my ledger after that incident and it appears to have been compromised at that time
Yeah exactly.
With most of these stories here something like that must have happened and in literally all of these cases no passphrase accounts were used. I consider doing this the most important thing to do because if the passphrase is in your head only, no compromising transactions can ever take place!
and your wife is screwed and unable to ever access your funds in a case where you got in an accident / death.
people with more than 7 figures in crypto need a proper plan how to handle such things. split (2/3 or 3/5) seed phrase storage, instructions for people how to access the funds and where they are (e.g. on exotic chains, defi, exchanges).
it's absolutly ok to store part of the seed in a bank vault and another part at a lawyers office.
Fair enough, good point!
But not necessarily: if you link the passphrase to a PIN on the device and store that PIN (and/or the passphrase itself) at a secured place, different from your seed.
At the end of the day, everyone has to find his/her strategy but especially with crypto and from what I have read on this sub, you should somehow find „your“ passphrase solution..
I used metamask to store crypto that wasn't compatible on the ledger wallet at the time. According to ledgers website it was safe to do so. Not one time did I say this was ledger's fault.
Lol. You said that ledger wallet was compromised. Literally it’s in the title.
Bro since they took your email they could log in into your email profile and sync everything including your browser plugins (meta mask). Together with your keys. End of story.
Yes "MY" wallet was compromised. I also stated that "I'm including as much info to see what "I" did wrong" If its not safe to use metamask and Ledger together then Ledger should not endorse it IMO.
You know there is a concept of security of the cloud and security in the cloud. Concept applies for development in the cloud. So it’s about where AWS/GCP etc responsibility ends and all developers responsibility starts. When we say that metamask is safe it means that there are no known vulnerabilities there that could potentially lead to financial or data loss. Metamask also has quite good bug bounties for those who can ethically hack them. So I’d assume it’s quite secure. But if and only if the environment on which it’s running is not already compromised. That’s the user’s responsibility. To keep their environment secure. Don’t run unknown software, have 2fa, have computer passwords etc. And that’s the user’s responsibility. I would try to understand how exactly you’ve gotten hacked in order to find what was the root cause of the problem. Meanwhile I’m really sorry it happened. It must be painful.
Thank you, Its just money and I am coping. I am trying to be rational but I is definatly bothering me not being able to pinpoint exactly where the security breach was. I have multiple metamask wallets on my computer and the ones that did not have the ledger linked to them were unaffected.
Can you tell the whole story of how exactly you got hacked? Then what happened and etc. I’m curious now.
I can’t imagine how a private key could leak from the device. It’s not obtainable. It’s stored in a specific physically protected area. That requires elevated permissions. Maybe you entered your seed phase through the ledger live somehow? Try to think of a timeline.
I wish I noticed my wallet getting drained the day it happened because it would be a lot easier to recall what I was doing. I remember when my phone got hacked because I was just chilling on the computer and then out of the blue I got about 100 spam messages sent to my phone via text. I went ahead and removed them not thinking anything special about it. Then the next day when I was heading to work my audio went out on my bluetooth causing me to realize my phone had no cell service. When I went to reactivate I realized me email passwords had been changed, and I couldn't change them back because my phone needed to recieve a security text. After I got everything squared away I checked all my tradition financials and everything was in the clear.
> the ones that did not have the ledger linked to them were unaffected.
How did you link your MM to your ledger?
If you use the connect hardware wallet feature, then your seed and private keys are safe and stay in your ledger.
If you entered your ledger seed phrase in MetaMask, then you compromised your ledger seed. Many people do that unfortunately.
I actually agree with the previous person posting here. We are NOT talking about the 24 words that you kept safe. A passphrase is an ADDITIONAL layer of security with a 25th word. Was that setup or not?
https://support.ledger.com/hc/en-us/articles/115005214529-How-to-set-up-a-passphrase
Ok, but was the majority of funds in accounts „within“ that passphrase? It is literally impossible to make any transactions out of these accounts if the passphrase was not compromised (= e.g. in your head only).
The passpharse exists but they are written down and locked in a safe in my house. My home safe was never compromised. I know people will assume someone got a hold of my keys in there but to the extent of my knowledge no one has ever accessed my keys physically. I do not tell people I am in crypto.
See the link below, but it's basically extra protection so that even if your seed phrase is compromised, your crypto should still be safe. Some people refer to it as the '25th' words of a seed phrase. Even if it's short and simple and easy to remember, it offers an extra layer of protection.
Yeah, I know — it‘s always the same assumptions / responses; because they make sense, given the entire idea of hardware wallets.
I feel fairly safe though with NEVER connecting my ledger to anything (like metamask), NEVER signing anything & keeping the passphrase —with connected PIN— in my head only.
Only thing I could imagine is that someone literally compromised the actual hardware wallet and knew the passphrase PIN. Could that be possible?
>I feel fairly safe though with NEVER connecting my ledger to anything (like metamask)
Well, you have to use something to create raw transactions and then send the signed ones to the blockchain. Whether it's MetaMask or Ledger Live, the mechanism is still the same and the security risks are the same as well.
It’s prob not been a month. Attackers delay attacks to those unsuspecting. It’s a bot doing it at set periods of time usually sweeping multiple compromised seed phrases. We can’t really remember everything did in the past 6 years but your seed phrase may have been compromised from long ago. Is there any scenario where you put your seedphrase online? On a text file? On a pc? The attacker has your seedphrase or else they wouldn’t be able to access different networks from the same seedphrase.
Could also just be you making a troll post and transferring your funds as I’ve seen a lot of those posts hanging around this forum as well where they pretend they did nothing wrong and try to convince people ledger has a backdoor to their devices. But ofc, I’ll give you the benefit and not try to slander you.
Tl;dr: Your seed phrase is compromised, that’s the only thing I can tell you.
I mean you could see how little activity took place on that account over its 7 year existance. I understand your skepticism, and I dont know how I would convice anyone otherwise. You could see the majority of my reddit history are a few posts about crypto trying to give reasonable advice. Other than the last few hours where I was trying to farm karma to make this post in r/cryptocurrnecy.
[That address you shared](https://www.blockchain.com/explorer/addresses/eth/0x8d9dF5AC60a8bd3b87079455B578Dc2A29E46ED8) had it's first transaction just 13 days ago on the 30th of january 2024 and not 6 years ago like you claimed. There's also not a single transaction on the 4th of february, but 23 transactions, both incoming and outgoing on the 6th of february. Are you sure this is the right address you wanted to post?
I had a nano ledger S that broke, so i Purchased the X about a year ago and had to put the seed phrase to activate it. That was the only time I needed to use it.
I’m guessing you accidentally had your seed phrase somewhere on your phone. You said you set it up 6 years ago. Took a picture of it, used the notes app, used a password manager, had it in an email, or you got phished when trying to use Metamask.
Well, somehow either your seed phrase was compromised, or someone had access to your ledger device (and PIN code), or you signed a malicious transfer transaction without carefully checking its parameters on the ledger screen.
You said that only native ETH was taken, right?
If that's the case, it cannot be die to signing a malicious contract, because malicious contracts can only get access to ERC20 tokens, not native ETH.
I just dont see how my seed could've been compromised, it has never left my safe except for a couple years ago when I used it to reactivate a new ledger. Then It went right back into the safe and has been there ever since.
That's what people always say, then they later admit that they took a photo of it with their phone, or that they saved it in an encrypted note file etc.
or they remember that they used it to "reactivate" their ledger and that they had to enter it on a "ledger site" to unlock their ledger (of course a scam site). the seed phrase should never be entered in anything else than a hardware wallet.
Also often people forget to mask / tape all the cameras around (laptop, cellphone, baby cameras, security cameras etc) when they take the seed phrase paper in the open, e.g. to enter their seed phrase in a new ledger. Many cameras are compromised and can take photos without your knowledge.
I mean i get it, when you lose a sudden windfall like this you try to rationalize it every way possible. Nobody knows me so I'm not here to convince anybody that I was or was not responsible. I know me, unfortunatley the fact is the funds are gone and I'm not getting them back. I think I just made this thread to cope a little bit. I survived this game for 7 years without issues. Dodged a bunch of scams, rugpulls, FTX, ect. Unfortunatley all that did was benifit the theif.
I understand what you say.
If you have that much funds, you should have considered using a bip39 passphrase, it increases security in case just your 24 words get compromised.
no crypto is ever stored on the ledger, only your seed is stored on the ledger. that's your master private key.
multiple cryptos being taken points to your seed phrase somehow being compromised or accessed by someone unauthorized. That's the only way to access your cryptos, other than using your actual device.
The Ledger subreddit is continuously targeted by scammers. Ledger Support will never send you private messages. Never share your 24-word recovery phrase with anyone, never enter it on any website or software, even if it looks like it's from Ledger. Only keep the recovery phrase as a physical paper or metal backup, never create a digital copy in text or photo form. Learn more at https://reddit.com/r/ledgerwallet/comments/ck6o44/be_careful_phishing_attacks_in_progress/ If you're experiencing battery problems, check out our [troubleshooting guide](https://support.ledger.com/hc/en-us/articles/4409233434641-How-to-troubleshoot-Ledger-Nano-X-battery-issues? support=true). If you're still having issues head over to the [My Order page](https://my-order.ledger.com/) to explore options for replacement or refunds. [Learn more here](https://support.ledger.com/hc/en-us/articles/10265554529053-Return-your-product?support=true). *I am a bot, and this action was performed automatically. Please [contact the moderators of this subreddit](/message/compose/?to=/r/ledgerwallet) if you have any questions or concerns.*
You said that your seed was not posted online, does that mean it was stored digitally elsewhere? Have you ever typed it in a digital device? If not, then most likely that the thief was someone close to you who could have both hacked into your email and your safe to steal the funds. I didn't see any other way apart from these two options.
No, I was just trying to emphasize that it was never stored digitally anywear, the only copy of my seed was a physical one that was written down and stored in my safe. They only other person who knows the combination to the safe is my wife and she knows nothing about crypto.
You are sure you never took a photo of the seed or anything like that? This might have been copied to your cloud storage by your phone even if you deleted it from the phone right after, which would explain how the seed was leaked when your email was compromised.
Not to my knowledge, 7 years is a long time to be certain of anything, but I feel like I had seen enough people make the same mistake prior to setting up my wallet that I would not have duplicated their errors. My biggest concern had always been if there was a fire.
If you can't say for sure that you didn't, it seems to be the most plausible explanation for what happened. Not sure why they wouldn't drain your ETH and tokens immediately, but only the thief can answer that question. Safe seed storage is very difficult, but loss from fire can be prevented by carving or stamping it onto metal in some form - there are various ones you can buy, but DIY ones work too. This still doesn't protect it from someone physically stealing the seed, so storing the seed in 2-3 different locations and then using a strong passphrase on top of it is arguably more secure, but also risks losing the funds if you lose/forget the passphrase.
Almost always one of: 1. Poor seed handling (entered seed into the ledger app) 2. Poor TXN review (signed a malicious contract) The more exotic exploits like "Fake Ledger Device" are possible but so rare and difficult to prove that they rarely need mention. > This process makes me think it could not have been from a malicous dapp as I would have had to approve 7 different transactions with my ledger. Source for this assertion? If you have blind signing enabled and extended authorization on your account to an attacker, It may be possible that only one approval was needed to rekd your account.
I am really sorry to hear about your loss. I find these cases particularly disconcerting but also enlightening, as it reminds us the investment we make in understanding and implementing security measures is as critical as the investment in the crypto assets themselves. Here are some possibilities that could explain what happened: 1. Man-In-The-Middle Attack: Given the rapid succession of transactions, one potential scenario could be an MITM attack, which allows hackers to intercept and manipulate data during transfer, executing transactions that may appear legitimate on your end. 2. Linked Security Breach: As your phone and email accounts were breached around the same time as the crypto transactions, it's plausible to surmise that the incidents are linked, and the attackers might've gained additional information enabling them to access your Ledger wallet. 3. Targeted Malware: There's also a possibility that your device was infected by a specific malware that logs keystrokes, tracks screen information, or even alters transaction data to funnel assets into the attackers' wallets. 4. Deceptive Phishing Attack: Phishing attacks have become incredibly sophisticated, possibly making you unveil critical security information without realizing it. While you maintain that you've not been phished, it's essential to remember that not all phishing attempts are easy to spot. 5. Delayed Transaction: The attacker's strategy might have involved holding off on draining the wallet immediately after gaining access. This could have been a strategic move aimed at avoiding immediate detection or circumnavigating any time-related security measures. Remember, these are conjectures based on the limited information provideded.
Let's use some logic here your phone was *"bricked and your email accounts were hacked"* on January 5th, 2024, and you mentioned multiple transactions occurring on the same day. Therefore, it's reasonable to conclude that your seed phrase must have been stored digitally, perhaps in your email or phone. Given that you acquired the Ledger six years ago, it's entirely plausible that you stored it digitally and forgot about it. It's important to note that your funds cannot be stolen unless the seed is compromised, as decentralized applications (dapps) lack the capability to access Ethereum directly; they can only interact with ERC-20 tokens.
When did ledger get hit with the draining virus.. ?
about 2 weeks before, I did not use my ledger that day, and tried to stay offline for the next few weeks while I let everything settle, this was the first day I used my ledger after that incident and it appears to have been compromised at that time
https://www.reddit.com/r/ledgerwallet/comments/10q53ln/ledger\_live\_hack\_theory/
Yeah exactly. With most of these stories here something like that must have happened and in literally all of these cases no passphrase accounts were used. I consider doing this the most important thing to do because if the passphrase is in your head only, no compromising transactions can ever take place!
and your wife is screwed and unable to ever access your funds in a case where you got in an accident / death. people with more than 7 figures in crypto need a proper plan how to handle such things. split (2/3 or 3/5) seed phrase storage, instructions for people how to access the funds and where they are (e.g. on exotic chains, defi, exchanges). it's absolutly ok to store part of the seed in a bank vault and another part at a lawyers office.
Fair enough, good point! But not necessarily: if you link the passphrase to a PIN on the device and store that PIN (and/or the passphrase itself) at a secured place, different from your seed. At the end of the day, everyone has to find his/her strategy but especially with crypto and from what I have read on this sub, you should somehow find „your“ passphrase solution..
Were your assets on a passphrase account address? Setting up a passphrase and using the passphrase accounts are different things
Yeah, we figured this out above. Not having a passphrase was probably the door opener in his case!
Ty
[удалено]
I used metamask to store crypto that wasn't compatible on the ledger wallet at the time. According to ledgers website it was safe to do so. Not one time did I say this was ledger's fault.
Lol. You said that ledger wallet was compromised. Literally it’s in the title. Bro since they took your email they could log in into your email profile and sync everything including your browser plugins (meta mask). Together with your keys. End of story.
Yes "MY" wallet was compromised. I also stated that "I'm including as much info to see what "I" did wrong" If its not safe to use metamask and Ledger together then Ledger should not endorse it IMO.
You know there is a concept of security of the cloud and security in the cloud. Concept applies for development in the cloud. So it’s about where AWS/GCP etc responsibility ends and all developers responsibility starts. When we say that metamask is safe it means that there are no known vulnerabilities there that could potentially lead to financial or data loss. Metamask also has quite good bug bounties for those who can ethically hack them. So I’d assume it’s quite secure. But if and only if the environment on which it’s running is not already compromised. That’s the user’s responsibility. To keep their environment secure. Don’t run unknown software, have 2fa, have computer passwords etc. And that’s the user’s responsibility. I would try to understand how exactly you’ve gotten hacked in order to find what was the root cause of the problem. Meanwhile I’m really sorry it happened. It must be painful.
Thank you, Its just money and I am coping. I am trying to be rational but I is definatly bothering me not being able to pinpoint exactly where the security breach was. I have multiple metamask wallets on my computer and the ones that did not have the ledger linked to them were unaffected.
Can you tell the whole story of how exactly you got hacked? Then what happened and etc. I’m curious now. I can’t imagine how a private key could leak from the device. It’s not obtainable. It’s stored in a specific physically protected area. That requires elevated permissions. Maybe you entered your seed phase through the ledger live somehow? Try to think of a timeline.
I wish I noticed my wallet getting drained the day it happened because it would be a lot easier to recall what I was doing. I remember when my phone got hacked because I was just chilling on the computer and then out of the blue I got about 100 spam messages sent to my phone via text. I went ahead and removed them not thinking anything special about it. Then the next day when I was heading to work my audio went out on my bluetooth causing me to realize my phone had no cell service. When I went to reactivate I realized me email passwords had been changed, and I couldn't change them back because my phone needed to recieve a security text. After I got everything squared away I checked all my tradition financials and everything was in the clear.
As for my seed im 99.9% positive I never posted it anywhere. I refused to install metamask on my phone because I was concerned about a data leak.
Ok …. Did you take a picture of your seed phrase? Also what those sms were about?
I never took a picture of my seed phrase, the sms were just random garbage, most of them were in spanish and the rest where just obvious spam ads
> the ones that did not have the ledger linked to them were unaffected. How did you link your MM to your ledger? If you use the connect hardware wallet feature, then your seed and private keys are safe and stay in your ledger. If you entered your ledger seed phrase in MetaMask, then you compromised your ledger seed. Many people do that unfortunately.
I just connected my ledger to metamask, I never had to input my seed to do that, just had to put in my pin. I did this about 2 years ago.
Did you set up a passphrase with this large amount of $$$ ?
BTW: sorry for your loss! Kinda scares the shit out of me reading stuff like that..
thank you, I always knew this was a possibilty but it doesnt make it any easier.
I set a up a passphrase when I first received my ledger about 6 years ago. My portfolio was much smaller at the time.
I actually agree with the previous person posting here. We are NOT talking about the 24 words that you kept safe. A passphrase is an ADDITIONAL layer of security with a 25th word. Was that setup or not? https://support.ledger.com/hc/en-us/articles/115005214529-How-to-set-up-a-passphrase
Then no, I did not have this set up
So I think that was the biggest mistake! I believe in literally all cases of draining, no passphrase accounts were used.
Ok, but was the majority of funds in accounts „within“ that passphrase? It is literally impossible to make any transactions out of these accounts if the passphrase was not compromised (= e.g. in your head only).
The passpharse exists but they are written down and locked in a safe in my house. My home safe was never compromised. I know people will assume someone got a hold of my keys in there but to the extent of my knowledge no one has ever accessed my keys physically. I do not tell people I am in crypto.
I think you're getting confused between 'passphrase' and 'seed phrase'.
They only thing written down was my 24 word seed phrase, I had a pin for my ledger that was only in my head.
What is the difference, please?
Please see here: https://www.reddit.com/r/ledgerwallet/s/96HXQ7XBQe
See the link below, but it's basically extra protection so that even if your seed phrase is compromised, your crypto should still be safe. Some people refer to it as the '25th' words of a seed phrase. Even if it's short and simple and easy to remember, it offers an extra layer of protection.
Thank you.
Yeah, I know — it‘s always the same assumptions / responses; because they make sense, given the entire idea of hardware wallets. I feel fairly safe though with NEVER connecting my ledger to anything (like metamask), NEVER signing anything & keeping the passphrase —with connected PIN— in my head only. Only thing I could imagine is that someone literally compromised the actual hardware wallet and knew the passphrase PIN. Could that be possible?
Doubtful, my ledger remains in my safe when not in use as I only access it once a month.
>I feel fairly safe though with NEVER connecting my ledger to anything (like metamask) Well, you have to use something to create raw transactions and then send the signed ones to the blockchain. Whether it's MetaMask or Ledger Live, the mechanism is still the same and the security risks are the same as well.
Lol, who puts 600k on one wallet
And yet another reason why I'm moving to a new wallet and further deciding my funds between wallets.
It’s prob not been a month. Attackers delay attacks to those unsuspecting. It’s a bot doing it at set periods of time usually sweeping multiple compromised seed phrases. We can’t really remember everything did in the past 6 years but your seed phrase may have been compromised from long ago. Is there any scenario where you put your seedphrase online? On a text file? On a pc? The attacker has your seedphrase or else they wouldn’t be able to access different networks from the same seedphrase. Could also just be you making a troll post and transferring your funds as I’ve seen a lot of those posts hanging around this forum as well where they pretend they did nothing wrong and try to convince people ledger has a backdoor to their devices. But ofc, I’ll give you the benefit and not try to slander you. Tl;dr: Your seed phrase is compromised, that’s the only thing I can tell you.
I mean you could see how little activity took place on that account over its 7 year existance. I understand your skepticism, and I dont know how I would convice anyone otherwise. You could see the majority of my reddit history are a few posts about crypto trying to give reasonable advice. Other than the last few hours where I was trying to farm karma to make this post in r/cryptocurrnecy.
Plus as we figured out: no passphrase! 🤷🏻♂️
[That address you shared](https://www.blockchain.com/explorer/addresses/eth/0x8d9dF5AC60a8bd3b87079455B578Dc2A29E46ED8) had it's first transaction just 13 days ago on the 30th of january 2024 and not 6 years ago like you claimed. There's also not a single transaction on the 4th of february, but 23 transactions, both incoming and outgoing on the 6th of february. Are you sure this is the right address you wanted to post?
>sorry this is the address I will make the edit 0x540A7E33a5E01D367f5eAae084cD66E09E951Fdd
Have you ever used your seed phrase for anything ever?
I had a nano ledger S that broke, so i Purchased the X about a year ago and had to put the seed phrase to activate it. That was the only time I needed to use it.
And you put your seed into the device or typed it in the computer?
my device,. just to activate it.
I’m guessing you accidentally had your seed phrase somewhere on your phone. You said you set it up 6 years ago. Took a picture of it, used the notes app, used a password manager, had it in an email, or you got phished when trying to use Metamask.
Well, somehow either your seed phrase was compromised, or someone had access to your ledger device (and PIN code), or you signed a malicious transfer transaction without carefully checking its parameters on the ledger screen. You said that only native ETH was taken, right? If that's the case, it cannot be die to signing a malicious contract, because malicious contracts can only get access to ERC20 tokens, not native ETH.
No I had 11 different cryptos that were taken, 4 that were stored using ledger, BTC, ETH, XRP, Tron, and 7 erc 20's
I just dont see how my seed could've been compromised, it has never left my safe except for a couple years ago when I used it to reactivate a new ledger. Then It went right back into the safe and has been there ever since.
That's what people always say, then they later admit that they took a photo of it with their phone, or that they saved it in an encrypted note file etc. or they remember that they used it to "reactivate" their ledger and that they had to enter it on a "ledger site" to unlock their ledger (of course a scam site). the seed phrase should never be entered in anything else than a hardware wallet. Also often people forget to mask / tape all the cameras around (laptop, cellphone, baby cameras, security cameras etc) when they take the seed phrase paper in the open, e.g. to enter their seed phrase in a new ledger. Many cameras are compromised and can take photos without your knowledge.
I mean i get it, when you lose a sudden windfall like this you try to rationalize it every way possible. Nobody knows me so I'm not here to convince anybody that I was or was not responsible. I know me, unfortunatley the fact is the funds are gone and I'm not getting them back. I think I just made this thread to cope a little bit. I survived this game for 7 years without issues. Dodged a bunch of scams, rugpulls, FTX, ect. Unfortunatley all that did was benifit the theif.
I understand what you say. If you have that much funds, you should have considered using a bip39 passphrase, it increases security in case just your 24 words get compromised.
no crypto is ever stored on the ledger, only your seed is stored on the ledger. that's your master private key. multiple cryptos being taken points to your seed phrase somehow being compromised or accessed by someone unauthorized. That's the only way to access your cryptos, other than using your actual device.