I got hacked today
.... By this wallet
Today I went to get a haircut and then to my aunt's house, and while I was there, I received a tag from one of the Discord channels to which I belong. Now the tag was that I had been granted access to this project's private testnet.
Now, I had been working hard to get a link to this Private testnet for a long time, so I was overjoyed when I finally got it. I checked the sender of the link, and it turned out to be an official bot from the Discord channel.
Now that I was seriously engaged in a conversation with my aunt, I simply connected my Metamask wallet with my raby wallet extension.
Then, after a while, I realized that this was a trading platform rather than a testnet. This is a hack! I hated my gut at the time because I knew I had already made a mistake.
So I asked the moderators if they were the ones sending private testnet access, and one of them said they weren't. Then I asked why a scammer had access to the official channel bot, and they did not respond.
Now, I believe some clicked because they were excited to be invited to the testnet. Funny enough, the admins didn't reply again, and went ahead with their normal chat and discussion.
I was upset because when most projects are hit by a smart hacker, they quickly address the issue and shut it down. These guys were simply relaxed, never responded, and continued to act as if it were another Tuesday.
So this made me feel like perhaps it's one of these inner circle guys that created the link and encoded the scam contract into it.
Because some scammers are not as intelligent as this. How does the scammer know that everyone is rushing to get the link to the project's official test net? The scam did not take the form of "claim airdop or claim money".
I already knew that interacting on testnet makes it nearly impossible to be scammed, so I assumed I was entering testnet. It gave me the impression that the scammer had insider information and had created a scam contract based on a testnet narrative.
Now, a testnet narrative is not compelling enough to entice people to click a link, but this person knew we all wanted to get into the testnet, so they hacked the bot command and used it to create a code that leads to a scam.
I have been interacting with a lot of testnet projects for a long time, and I generally know which links to avoid. However I attributed this scam to the closeness of the scammer with the admins and that's if it wasn't even these guys that created the scam.
So, basically, the Arb Ethereum in my wallet is for mainnet transactions, and I only used one project for mainnet interactions. Most of the remaining 20 to 30 projects are essentially testnet.
So the scammer decided to transfer the arb because the gas fee on native Ethereum is always high. So I was drained of my arb eth. So, basically, I can no longer do my mainnet interactions because I need to fund the wallet in order to interact with the mentioned mainnet project.
So I decided to track this wallet on etherscan, and I discovered the address they had hacked. The problem is that I hope this hack is a one-time thing and whether the scammer has not installed a sweeper bot on that contract.
This means that any funds I send to that address will be automatically transferred out. However, I hope the scammer is not as cunning as this.
However, they managed to create a website that was very smooth and appeared authentic when I clicked the testnet link and this makes me think they might be pro and it scares me.
So this wallet is anticipating a large number of potential airdrops, some of which I intend to use to purchase Hive if they prove to be significant airdrops. If this is a one-time occurrence, it is time to blacklist the project.
Not because they have scammers, but because the scammers are accessing users' wallets via the official channel bot, which leads me to believe it is an insider's job.
This is probably one of those sad days for me, but we will move on.
Interested in some more of my posts
Why Is the grind getting harder?
Monopoly Is the Death of Civilization
Survival: Choas and Scarcity
Crypto: Gut & meaningful Connections
What is the primary barrier to entry in Web3?
What Are Some Things You Should not Do During A Bull Market Year?
It is sad to be scammed.
The Discord admins have already replied?
Is very strange, the official bot send a scam link...
Like I said, they never cared
That is very strange.
Normally, the discord admins will try to shut down these things and talk with the members to see if it is possible to have a solution.
This because it was the official chatbot sending the links and people will not take care the same careful to check if it is a scam link.
!BBH
Sorry about that, I just hope the hack is a one time thing. Just to be on a safer side, maybe you shouldn't use that wallet for the time being.
Some people are so smart in scamming others.
Well I cannot stop using the wallet because of my interactions and involvements
Oooh okay. Maybe add a kind of protective measures then
I'm sorry it happened to you too. Others won't have your experience and won't even know they were scammed. At least you know that address is potentially hot and you shouldn't use it for new things in the future. And if airdrops unlock to it, you should get them out as quickly as possible.
Yeah, my plans is to get whatever airdop I get in that wallet out as quick as possible. Because I've been working so hard for over a year and to get it all undone by having a hacker access my wallet and potentially watching the wallet for any drop. I felt disappointed and sad.
Oh, this is not good. So sorry about the hack. The scammer is indeed good at this. Imagine using the official discord link.
I'm very much sure that one of the admins is behind this, owning to their nonchallant behavior when you reached out to them on discord.
I just hope this is a one time hack, and that your wallet isn't at risk afterwards.
They very much knew what was going on because of they way they acted. I was really pissed and angry then afterwards, disappointed.
That place wasn't even where I wanted to be, and it turned out I should have just listened to my gut and not join those guy in whatever useless things they were building
I'm guessing their motive was to launch that hack and not necessarily any testnet. Well now you know better to listen to your gut next time.
View more
Damn, that sucks! Scammers are very clever, and even use search engine optimization to trick you into clicking their sites that are copies of the real deal. Don't feel to bad, the world seems to be full of these crooks and I've been tricked in the past too.
The whole thing on Discord is weird though, sounds like it was all a scam from the get go. I hate crooks!
The discord mods, I don't even know what to call them, but I'm never participating in their useless project. Like, I wasn't even hacked because I was greedy, I was hacked because I saw an opportunity to test a project which wasn't even incentivized.
It was sad and disappointing though.
It is really sad to read this, and I can imagine how painful it must feel to lose your funds this way. You were just excited to be part of a project’s private testnet, but a scammer took advantage of that excitement. The fact that the scammer used the official channel’s bot to send the fake link makes it even more suspicious. It looked like someone on the inside might be involved.
I hope you recover soon and get stronger from this.
Honestly it begins to feel like an inside job because the scammers took hold of the discord channel that was supposed to be well protected, I mean. It was quite painful and disappointing for me. To think I've been very careful and never clicked any malicious link before, it's so saddening.
It is well. I hope it didn't cost you fortune.
I was wondering why you don't just open another address and move on, but then I read that you participated in many airdrops and you are "locked" to that address...
It sucks to be hacked... I was a couple of times, before crypto, and it's not a pleasant experience... :(
I hope you will be able to harvest airdrops, without getting skimmed again...
Yes, opening another wallet would have been the nicer path to take, but yes, unfortunately I can't. I'm already too far gone with the projects I'm using this wallet to interact with.
The hope is that this would be a one-time thing and that the hacker was not as clever as writing a sweeper code bot into that scam contract. This means everything I get in that wallet will be automatically transferred out.
Let's hope that the worst has passed... I wouldn't use that account with anything new, but rather just finish those airdrops and start with the new wallet... Just in case...
View more
I am sorry to hear about the hack, and it sucks that the discord moderators didn't even think about the issues this could cause. I guess you just have to learn from this and be way more careful when connecting any actual wallets on random links.
Yeah, I know to more careful, but then this occured randomly and caught me by surprise. It wasn't the regular or normal way of getting hacked. So that project is a sort of red flag
That’s so sad to hear
Sorry about your experience but it’s obvious those guys are behind that hack for them to be too relaxed. A friend of mine has a similar experience and lost over $2000. If it’s possible don’t use that wallet again to avoid a repeat
Unfortunately I cannot stop using the wallet because I have a lot of projects that I'm already using it to test. I didn't save huge money into it because I knew something like this might be possible, but the coin I have their was for interactions.
Wao, so sorry this happened to you. I almost fell for this sometime last but It’s tough. I believe you are strong and you’ll bounce back. Keep pushing forward bro!
This type of hack is a bit different from the regular one, so that's what makes it even weirder and painful.
You know technology is advancing and one really need to be very careful because things can be done in different ways to make us fall for it. But I hope you recover.
View more
Considering the above, I recommend you stay away from this project!
!BEER
Oh I will definitely stay away.. thanks for the concern
This is a concerning incident highlighting the vulnerability of even seemingly secure platforms to sophisticated hacks. The nonchalant response of the moderators is particularly alarming, suggesting a lack of security protocols or perhaps even complicity. It underscores the need for stronger security measures and more proactive responses from project administrators to protect users from similar exploits.
Thanks for sharing this. May it be a lesson learned for us.
A lesson indeed
So sorry for this. I hope these hackers will get caught.
Web3 hackers don't get caught
I think their nonchalant behaviour when you reported the scam is confirmation enough that they're involved, if not directly then indirectly. I wish not using the wallet address again was an option just to be on the safer side. But going forward you could create a new wallet address for future airdrops.