REPOSITORY - TALES OF VICTIMS (POST-MORTEM)
Hey Guys, Can I get some opinion on whether or not its worth investigating a hack I was subjected to... A number of months back, my OneDrive was compromised, it had multiple seed phrases lying about and as a result, wallets got drained loosing a lot of value. Is it even worth my while having a company doing chain analysis to see if this can be recovered, or even filing a fraud case with the police?
📗 Date: 18 Mar, 2024 🧟 Author: @Toocool4skool
05:34
FC
Hey Guys, Can I get some opinion on weather or not its worth investigating a hack I was subjected to…
A number of months back, my OneDrive was compromised, it had multiple seed phrases lying about and as a result, wallets got drained loosing a lot of value.
Is it even worth my while having a company doing chain analysis to see if this can be recovered, or even filing a fraud case with the police?
A number of months back, my OneDrive was compromised, it had multiple seed phrases lying about and as a result, wallets got drained loosing a lot of value.
Is it even worth my while having a company doing chain analysis to see if this can be recovered, or even filing a fraud case with the police?
P
05:46
PapahBoehner
In reply to this message
It’s not fraud. And no, it is not worth the time to file with the Police. Declare the loss on your declaration of crypto related taxes, and move on.
This is why you should NEVER have your seeds on any electronic medium, and certainly not on anything that gets backed up to the cloud.
05:51
In reply to this message
1. Use a hardware wallet (Trezor or base model of Ledger). Buy only directly from the manufacturer: ie. Trezor.io
2. Manage your seed backups IRL, and not by taking a photo or entering them back into any electronic medium via a keyboard of any kind.
3. Use a Passphrase.
F
05:52
FC
In reply to this message
OK, OneDrive was hacked so would that not be technically be fraud…
Is there any point is getting a trace of the tokens done to see if they are linked to any KYC accounts…
Just looking at every possible scenario here before I call it case close.
Its a massive amount of value,
Is there any point is getting a trace of the tokens done to see if they are linked to any KYC accounts…
Just looking at every possible scenario here before I call it case close.
Its a massive amount of value,
05:52
In reply to this message
Everything I now own is back into a Trezor but all too little too late for above.
P
05:53
PapahBoehner
In reply to this message
It is not fraud.
It is theft.
You were robbed.
Sure, you can enjoy some chainalysis and see where the tokens went. And then?
F
05:55
FC
Ok, never realised there was a difference between fraud & robbed, excuse my ignorance.
I am not sure about the @ then part?
I am not sure about the @ then part?
P
05:55
PapahBoehner
Your problem was seed backup management. You put them in the cloud. The cloud gets compromised all the time.
If you would have used a Passphrase, and kept it IRL, then this would also not have happened, btw.
05:56
In reply to this message
The “then,” begs the question, “what do you expect to happen after that?”
05:58
Do you know what a Passphrase is?
F
05:59
FC
In reply to this message
As the saying goes, no use crying over spilt milk, it was lack of proper security on my part, knowing well the risks etc
P
05:59
PapahBoehner
This is not lambasting. It is tough love. You need to hear this message directly and clearly.
06:00
In reply to this message
Prove to me, now, that you know how to fix this problem, for the future. Lead me through the steps.
F
06:00
FC
In reply to this message
Its the reason I’ve reached out to this group, are they cases where people get there Crypto back, if so was there a process possible to achieve this or No?
P
06:01
PapahBoehner
In reply to this message
Not in my experience. Even when the thief is a known relative.
F
06:01
FC
In reply to this message
I dealt with many months of pain before this, I can’t be kicked any further on the matter…. 😞
P
06:02
PapahBoehner
This is the double edged sword of cryptography.
F
06:02
FC
In reply to this message
Of course, im in Crypto since 2017 but obviously got careless with security
P
06:02
PapahBoehner
In reply to this message
Hey. This is not kicking. This is boot camp so you are ready to do things right!
Tell me the steps in the process, please.
06:03
In reply to this message
You broke the first rule of seed management. Seriously, sadness is over, now get angry and think like an attacker!
F
06:04
FC
In reply to this message
Sure, I’ve setup with Trezor etc now so all good…
Some of my old HEX stakes are on those compromised addresses but thankfully they never emergency end staked…
Some of my old HEX stakes are on those compromised addresses but thankfully they never emergency end staked…
P
06:04
PapahBoehner
Break down the steps to PROPER OpSec.
F
P
06:05
PapahBoehner
Do you keep it with your Seed?
F
P
06:06
You NEVER trust a brain wallet for any seeds or Passphrases.
F
06:06
FC
seeds are the trezor right?
The passphrase is a normal password ive memorised
The passphrase is a normal password ive memorised
P
06:07
PapahBoehner
In reply to this message
I suspect that you don’t know the difference between password, and Passphrase.
06:07
That’s something to fix right now.
F
06:08
FC
A password is a short character set of mixed digits
A passphrase is a longer string of text that makes up a phrase or sentence
A passphrase is a longer string of text that makes up a phrase or sentence
P
06:08
PapahBoehner
A PIN, is the code that you use to login to your Trezor.
06:09
In reply to this message
You are first describing a PIN.
The next definition doesn’t address when and how it is entered or used.
The next definition doesn’t address when and how it is entered or used.
06:09
When is a Passphrase used and why is it important?
F
06:10
FC
Clearly I still need some scrubbing up on this…
Are there Video tutorials to summarise this?
Are there Video tutorials to summarise this?
P
06:10
Concentrate.
06:11
A password is what you enter into MM or Rabby. It is weak security to decrypt the seed that those soft wallets generate. This is why we don’t use soft wallets, except as an interface for hardware wallets.
06:12
PASSWORD definition.
06:13
A Seed is the 12 to 24 word representation of your private key. This should be generated through your hardware wallet.
06:13
SEED definition.
06:16
A Passphrase is a string of 1-50/100 characters that are not generated by the hardware wallet. They are entered in by you and this custom string of characters unlocks a “hidden wallet.” It is entered in the prompt when you connect your wallet to MM/Rabby as an interface. Without the proper Passphrase being entered, the account may not be accessed, nor any signing of transactions.
06:17
PASSPHRASE definition.
06:17
Now…. do you use a Passphrase?
06:18
It is also known as the “25th word”
F
P
06:19
PapahBoehner
Then grab your Trezor and let’s get you familiar with the process right now!
06:20
Waiting….
F
06:21
FC
Trezor and suite setup mow
P
06:21
PapahBoehner
You don’t need Trezor Suite open. Close it.
06:21
Did you install Trezor Bridge?
F
P
06:23
PapahBoehner
In reply to this message
Yes… but the Trezor Bridge allows interoperability between Chrome, Trezor Suite and Rabby.
F
P
06:25
Type it in yourself
06:25
Don’t click links.
06:26
Installed and running?
F
06:26
FC
looks like it was installed, looking to update now
P
06:26
PapahBoehner
Good
06:26
Let me know when done.
F
06:28
FC
done
P
06:28
PapahBoehner
Open rabby
F
06:28
FC
done
P
06:28
PapahBoehner
Are your accounts from your Trezor still visible in Rabby?
F
06:29
FC
yes
P
06:29
PapahBoehner
Ok
06:30
Copy paste the PUBLIC address of your Trezor in a word/excell/notepad/write it down. Just the first four/last four characters.
06:30
Trezor account.
06:30
That is visible in Rabby.
F
06:31
FC
done
06:31
Ive 2 wallets active there
P
06:31
PapahBoehner
No problem
06:31
Now, click the wallet icon in the upper right.
06:32
Select Trezor and then the Trezor Suite prompt opens, yes?
F
06:32
FC
done
P
06:32
PapahBoehner
Enter your PIN.
06:32
To unlock your device.
F
06:33
FC
In reply to this message
Â
Photo
Not included, change data exporting settings to download.
392×582, 25.0 KB
I dont see trezor?
P
06:33
PapahBoehner
Connect hardware wallet
06:33
Select that
06:33
Then select Trezor.
06:34
And next.
06:34
Then unlock your device.
F
06:34
FC
device unlocked
P
06:34
PapahBoehner
I assume you have a Trezor One.
06:34
Yes?
06:35
Or a Model T?
06:35
Or a Safe 3?
F
06:35
FC
safe 3
P
06:35
PapahBoehner
Ok
06:35
So, it is unlocked.
F
06:35
FC
yes
P
06:35
PapahBoehner
Now the prompt will as you to share your public address.
06:36
Agree.
F
06:36
FC
Sorry Ive the T model
P
06:36
PapahBoehner
Ok
06:36
Got it.
F
06:36
FC
ok
P
06:37
PapahBoehner
In the connection process, there will be a choice between Standard Wallet and HIDDEN Wallet. There will be an empty field to enter something into.
06:38
Can you please advance to that point?
F
P
06:38
PapahBoehner
Excellent.
06:39
Now, this is the point at which you create your own PASSPHRASE.
06:40
Write down (on paper), a robust string of characters and numbers.
06:40
could be a sentence, could be random stuff.
06:40
or one with a little bit of the other.
06:40
up to 50 characters long.
06:41
for now, just keep it simple.
06:41
this can be redone infinite number of times.
06:42
then enter it into the field and click next.
F
06:42
FC
done
P
06:42
PapahBoehner
On a Model T, you can even enter it into the device itself.
06:42
you need to select that below the field.
06:42
but for now, type it in.
06:43
Let me know when you get your list of account addresses.
F
06:44
FC
ok thats done also
P
06:44
PapahBoehner
now look at the addresses.
06:44
None of them should match the ones you used before.
F
P
06:45
PapahBoehner
These are accounts in your hidden wallet.
06:45
Protected behind a Passphrase.
F
06:45
FC
Copy
P
06:45
PapahBoehner
which is never stored in memory.
06:46
but….
06:46
Is your seed currently in your trezor the same one that was compromised?
F
P
06:47
PapahBoehner
ok.
06:47
but you should definitely move the goodies you still have to a passphrase enabled hidden wallet asap.
06:48
you should create, backup and practice getting into the hidden wallet at least twice before sending your goodies there.
06:48
if you fuck up the backup, there is no support team to help you.
06:49
trust NOTHING to memory.
F
P
06:49
PapahBoehner
keep your seeds and Passpbrase separate.
F
P
06:49
PapahBoehner
if you scramble them, then also write down the method to unscramble and keep that separare as well.
06:50
There are videos in the b9.cyz repository that can explain the fender washer backup method.
F
P
06:50
PapahBoehner
etching into metal or hammering into washers is a great method.
06:51
and now you understand how to elevate your security posture.
06:52
Never backup anything on electronic media again.
F
P
06:52
PapahBoehner
Cool.
06:52
Sadness is over.
06:52
Anger is now.
06:53
Think like a thief.
F
06:53
FC
In reply to this message
I just wish I had done this 12 month ago and saved myself, 1.3 Billion PLS & 12.5 Billion PULSEX…. and some other crypto 😞
P
06:54
PapahBoehner
I’m sorry for your loss….and I’m sorry for the price hit that all of those goodies will mean to us all!
06:54
We are all connected.
06:54
This is why we need to look out for each other.
06:54
You have a responsibility to spread the word about what you have learned today.
F
06:54
FC
yeah cheers mate, its a harsh lesson learned but hey we are still alive and still have all the HEX stakes from 2020 over 15 years.
P
06:55
So you are playing greed chicken with the attacker.
F
P
06:55
PapahBoehner
HEX19 hoped the same thing yesterday.
06:56
The attacker did come back and unzipped the rest of his staking ladder.
F
P
06:56
PapahBoehner
You should weigh the options and timing vs value on an EES.
06:57
Just because one attacker got some goodies, doesnt mean that there is only one attacker that can share that wallet.
F
06:57
FC
😑
P
06:57
PapahBoehner
You should weigh options over time.
06:57
Just sayin.
F
06:58
FC
Yeah copy mate!
06:58
will need to think this one over
P
06:58
PapahBoehner
Yep.
F
06:58
FC
Thanks again for your help before I sign off
P
06:59
PapahBoehner
My pleasure.
Pass it on to those who dont know.
Pass it on to those who dont know.
📗 Date: 4 Mar, 2024 🧟 Author: Mark Wild
Scammer’s twitter account: @NyaruguruDistr
Scammer’s URL: https://vote.pulsechains.network (DO NOT CLICK)
📗 Date: 25 Jul, 2023 🧟 Author: RHMAX
Reviewed By: Mellow & Chef
Publishing Editor: CryptoVince369
