Got my crypto hardware wallet drained, almost 6 figures gone
 

I still have no idea how it happened. It did not happen when I was using the hardware wallet, which was a Trezor.

I had the Trezor linked to Metamask to trade on DEXes like Uniswap, 1inch and Jupiter. I always access those sites through bookmarks, so I don't click on shady links or open typo domains.

One day I fired up Metamask without the Trezor connected just to check the balances and saw they were at zero. The transactions happened when I wasn't using the computer. It's possible that it was even turned off when it happened. All my tokens were quickly swapped into USDT then moved to other wallets. My guess is whoever did it swapped it to Monero and disappeared without a trace.

Been using crypto for a decade without any incidents, until now. I've since wiped out my drive and reinstalled the OS from scratch. Also won't be using that Trezor again.

I was really counting on it to pay upcoming bills, so I'm in a bit of a bind right now.

I have put up one of my better domains for sale today in the Sell and Buy forum here. If anyone wants to check it out and maybe snag it I would be grateful. I'm letting it go for less than I would ever consider under normal circumstances. The quicker it goes the better.

I don't know if this is against the rules, I apologize if it is. At least I'm not asking for donations. :1orglaugh

:(

I'm sorry mate, I know a few people that lost a lot of money with crypto hacking/stealing. The more early aou accept the situation, the better it is. Happens the best. All the best - it's just money, better that get hit by a bus right?

sorry to hear that, man.

That is a tough one . . . good luck with your sale (that domain name is great)!

You are right, but with a hardware wallet where every transaction has to be signed on the device, it's not really something you expected. The seed was locked in a safe that no one else has access, not on some text file or image on my computer or phone.

It must have been a really sophisticated attack because I did not notice anything unusual. That or I'm just not as smart as I thought.

Thanks, guys.

Yeah I really liked the domain and had no intention of selling it. I hope I'm not delaying things by asking too much. You know how it is, you always think your stuff is worth more than it is. I can't edit the asking price now.

I put it on Namecheap Market, so whoever buys it will have it automatically transferred to their Namecheap account, hassle-free.

Use a proper exchange like kraken that has real security..

I'm not sure if you are saying the Trezor was part of the problem or not.

did you enter your keys into the site?

Sorry to hear it. Lots of us have been in a similar situation. Never lost crypto but have lost similar amounts not declaring, things at border crossings, day trading, in poker games , drunk at the craps table at the Palms, and other dumb shit. Just gotta wake up and be grateful you have the opportunity make it back through hard work.

Ouch, man... that sucks...

i've read trezor can mistakenly show a zero balance. did you verify on the blockchain? seedphrase compromised? i don't see how this happened if you have possession of your trezor and your seedphrase is not compromised.

Could it have just bee changed from the token changing their name/symbol? This happened to me a few months back and that was the reason it showed a zero balance on Metamask. A few days later it updated to the new symbol and showed the correct amount of funds.

Thanks for the feedback, everyone.

I wish it was a glitch showing zeroes, but it wasn't. The transactions are all there on the blockchains showing the swaps and transfers to random wallets.

I wasn't trying to give Trezor a bad rep. In fact, I might even buy another Trezor. I just won't use this one again, just in case.

dang, after reading Dyna's post I was wishing that was it

yes, in the end it's just money but still, fuck that was quite a hit. really sorry this happened to you :/

good luck with your domain sales and know you will bounce back

I'd really like to know if i can't trust my Trezor now.

I lost money in a wallet back in 2021, and it put me off crypto... there are just too many hackers, scammers, and thieves in that space.

I'm sorry for your loss.

When the internet goes down completely – cash, gold & tangibles will be better than online digits.

This is what chatgpt has to say about this :

Key points and what likely happened, based on the facts given.

• The hack did not target the Trezor directly.
If the attacker could drain funds without the Trezor being plugged in, it means the compromised wallet was a software wallet, not the hardware one. A hardware wallet requires physical confirmation. So the stolen assets were probably in Metamask under a hot wallet address, not the Trezor secured address.

• The user likely *imported* a seed phrase somewhere or connected the Trezor to a malicious dApp previously.
Even if he only used bookmarks, a malicious approval can come from a fake signing popup, a rogue browser extension, or a malicious smart contract that was approved earlier. Most people underestimate how powerful token approvals are.

• The timing fits a classic: unlimited token allowance exploit.
If he approved a DEX aggregator or another dApp in the past, and that dApp or a spoofed version got compromised, attackers could pull assets out without further signatures. Metamask shows the balances from the address, but the Trezor is just the signer. If the address had given approval, no signature is needed for the attacker to spend ERC20 tokens.

• Computer likely compromised before OS reinstall.
The attacker executed transactions while the PC was off or unused, meaning they didn’t use his machine directly. They already had the keys or had access to the allowances on chain. Reinstalling the OS now does nothing to reverse the hack, but it’s the right move to avoid future problems.

• The statement “I won’t be using that Trezor again” is emotionally understandable but not logical.
Hardware wallets don’t sign outgoing transactions without physical confirmation. If funds left without the device plugged in, the Trezor is innocent. The damage came from either Metamask, malicious approvals, or leaked seed phrase (if any seed phrase existed outside the device).

• If the seed phrase of the Trezor was ever typed into Metamask or any software wallet, the hardware security is nullified.
Many users do this without realizing the consequences. If he ever imported that seed into Metamask, game over. Drainer bots watch for compromised seeds and empty everything instantly.

• If he connected the Trezor to Metamask and then approved risky contracts, that alone is enough to lose funds.
The Trezor protected the *private key*, not the *token allowances*. Allowances bypass the hardware wallet entirely.


• Nothing in the story suggests a flaw in Trezor itself.
The attack vector almost certainly involves one of these:

1. Malicious browser extension (most common).
2. Metamask compromise, possibly from an injected script.
3. Seed phrase exposure at some earlier time.
4. Unlimited token approvals exploited.
5. Fake frontend of a DEX that created a rogue approval.
6. Supply chain issue in the PC itself.

Given the described workflow, the most probable explanation is (4) combined with a malicious dApp or approval that was hijacked months later.

Trezors are secure and fine. When you use shitcoins and their software with any wallets incl. hardware you invite vulnerabilities. When using Trez you can opt for the Bitcoin-only and avoid any issues like these.

:pimp

in other words, stack sats, hodl, and stay humble.

in the words of the great Ed McMahon... "You are correct sir, YES"

Wait till BTC drops to 54,000 then buy as much as you are able.

Having all your crypto in a CEX where you don't hold the keys to your wallet comes with its own risks. I do use Kraken, but only as an on-ramp / off-ramp.

Yeah I would be in a better place right now if all my crypto was there, but you can't predict the future.

Exactly.

Suggesting others store their digital assets on exchanges is terrible advice. We have witnessed Mtgox to Cryptopia to FTX and countless others. Some don't learn from the past.

Storing on hardware wallets is the most secure, by far, as long as you have proper backups.

:thumbsup :thumbsup