/biz/ - Business & Finance

>>49405611
Uuuu
F
But why were you in stables, bottom was in you would have fomoed

>>49405611
>>49405611
Uuuu
F
Ledger or what wallet?
Why were you in stables, bottom was in you would have fomoed

>>49405611
metmamask only?

Based retard, I bet you can't use a computer and got a trojan on it

>ETH wallet.
That's your problem right there...

>>49405662
I was in stables to scoop up bottom, I check balance every day and noticed it was 0 today.
>>49405678
I did link it to metamask a long time ago. It's possible it was a metamask bug. Fuck.

The worst part is, since I know crypto, I know there is literally no recourse for me. My money is fucking gone, gone, gone. And it's not coming back in any remotely likely way.

>>49405611
Windows? Metamask?

>>49405611
that's why i always keep my coin on an exchange

>>49405715
Yes.
>>49405716
My exchange coins are good, but I fell for the "not your keys not your coins" meme.

>>49405711
answer the question: you use a ledger / hardware wallet or not?

Larp. Why hide the address if its “stolen” retard

good morning, sir
all your apes gone
:-)

>>49405611
you're in crypto from 2017 and your net worth is/was 400k? rip just buy fucking trezor or some shit

>>49405737
No, never used a ledger for this account.

>>49405780
I know, I sold like 100k link when it was around a dollar and nearly shot myself when it went to like $25

>>49405611
great asset you have there cryptotards.

>>49405787
why would you hold ~420k on a fucking browser holding your private key in fucking memory? why anon? are you retarded? seriously why would you do that (yeah I found your address easily, should have hid everything in the screencap)

>>49405611
>This is half my net worth
>I'm in total shock

I don't know what you want me to say.

>>49405731
if that's half your crypto then it sucks but you'll be fine, you can get an easy 2x on any top 10 shitcoin

also lent your stable instead of keeping them on metamask

>>49405787
I had a ledger when my folio > 10k, imagine anon. why would you do that to yourself? how could you fucking sleep at night holy shit, seriously how can someone so dumb have so much money, in crypto. fucking hell

>>49405740
this

Anon, I think you probably signed a malicious contract. So many of them out there with defi. Stay safe out there with all these dApps

>>49405731
>My exchange coins are good, but I fell for the "not your keys not your coins" meme.
this is actually the biggest meme ever
I hold 95% of my crypto on an exchange precisely because I trust their ability more than mine

>>49405787
lmao 6fig and too cheap to buy a ledger. you deserve it bruvva

>>49405611
oh boy

Look, the same shit happened to me in 2020
Here's my suggestion. Never, EVER, EVER EVER, use a wallet for more than a few months, ALWAYS SWITCH WALLETS IF YOU CAN.

>>49405787
Are you legitimatelt retarded anon? What have we learned today?

>>49405937
>>49405787
Also, holy fuck are you retarded keeping money that large in an unprotected wallet, jeezus.
Hell, even centralized wallets are safer, christ you are retarded.

>>49405731
So.. no hardware wallet?

I'm paranoid about this shit too, but I DO use a trezor with my metamask. Is there any known way of this happening with a hardware wallet? So far I haven't heard of such a thing

>>49405980
I learned that I'm now too old to have a measurable risk tolerance so I'm probably never making that sort of money back again. Oh, and to use a hardware wallet, of course.

>>49405997
>>49406079
I own a fucking Ledger but never unwrapped it. I guess I was spooked by the email address leak (mine was on it). But the greater fool, me.

>>49405932
true I done goofed

>>49405918
Yeah no idea how it happened but that must have been it.

>>49405883
I fucked up, buddy. I obviously didn't deserve the money so God took it away.

There's no way to know if OP just created a second wallet to screw with people, but you can easily verify that this wallet transferred all of it's money away. Sorry OP, that sucks.

>>49405924
true. exchanges are based. most retards are phonefags that reply to email phishers and get their accounts swiped then they spread hate for said exchanges on social media when it was all their fucking fault to begin with

if anything, OP can even join coinbase one. it's $30 a month, zero trading fees and coinbase will insure you up to a million dollars

>>49405924
>>49406241
It also sucks since if the exchange goes under you're screwed. So ledgers are objectively the safest.

But centralized exchanges like Binance are good too. Much better than some wallet you make on the internet

>>49406226
>Anon, I think you probably signed a malicious contract. So many of them out there with defi. Stay safe out there with all these dApps
>Yeah no idea how it happened but that must have been it.

so it wasn't your wallet, a ledger wouldn't have saved you, having money on an exchange wouldn't have saved you.
the issue was you were involved in a lot of dapps and you traded into those dapps from your main wallet and one of those dapps fucked you in the contract.

the way to avoid this then in the future is to not fund dapps from your main wallet. if you're putting say $1000 into an app do it from a secondary wallet that you only put $1000 into.

i'm not too technical on any of this so correct me if i'm wrong but wouldn't he have been safe if he did that?

>>49406353
I moved all my money onto gemini and coinbase when biz started the "not your keys, not your coins" bullshit. I figured it was some scammer trying to get access to as many coins as possible.

>>49405811
Jesus. What'd you think Link was for then? I have just under half what you had and I had zero motivation to sell at $50.

>>49406361
Yes it would have been safe if a malicious contract was the cause. He would have only risked the secondary wallet.

>>49406361
>a ledger wouldn't have saved you,
A hardware wallet used properly should NEVER be signing any contracts. You hold your funds there and move small amounts to other wallets that you sign with.
Why the fuck would you ever let any amount of access to basically your crypto bank to others?

>>49406441
A ledger would have saved him though, even if there was a malicious contract the signing still has to be done on the device.

>>49406226
>I fucked up, buddy. I obviously didn't deserve the money so God took it away.

DON'T YOU TALK LIKE THAT

>>49406493
A hardware wallet doesn't stop you from signing malicious contracts. All it does is add an extra steps of plugging in the device and unlocking it.

>>49406441
This. Signing contracts from a cold wallet makes it hot.

>>49405731
It’s not a meme when you do it right. Cold storage and a browser extension are not the same thing. Sorry for your losses but this was preventable.

>>49406544
If you sign a malicious contract that steals from you at the time of signing yes, but you would probably notice that at the time. But a malicious contract that steals from you later would have to sign another transaction that would need the device.

>>49406602
yea I would take a $5 wrench attack for 250k

>>49405611
Compromised private key, nothing to do with token approvals since ETH was moved away from your wallet aswell, it's malware or you gave away info on a phishing website

>>49406441
>>49406493
Ledger doesn't save you from malware/malicious interface, you would be misled into giving away your key anyways

>https://etherscan.io/address/0x69bd53d34dfb8479a078d1b3def7085188ab07ee#tokentxns
OP's wallet.

and your funds transferred to :
https://etherscan.io/tokentxns?a=0x74de5d4fcbf63e00296fd95d33236b9794016631&p=200

same contract deployed to 8 different networks, including test networks.
https://blockscan.com/address/0x74de5d4fcbf63e00296fd95d33236b9794016631

which looks like usdc contract ? i dont get it.

Yo Op if this is true, try contacting FixedFloat

>>49406847
Could they do anything about it?
>>49406809
I figured they just sent it to some mixers.

>>49406605
Not how it works. Once you grant a third-party contract perpetual approval to spend your tokens it can do so at any time. Even if the contract initially appears legit, if it's update-able then it can be edited to swipe everyone's tokens at a later date. However, OP's approvals look okay - this was probably theft by malware and a hardware wallet would have prevented it.

>>49406914
Yeah they could block the funds

>>49406798
Have you even read what that anon said you dummy dum, the point is that you should never use your hardware wallet for anything but cold storage.
Which means that you should never do anything with that wallet but send and receive, never approve any contract or sign any message whatsoever. Whenever you do you need to interact with a dApp, you then send funds from your cold storage to a burner wallet and then mint whatever jpeg or participate in whichever DeFi ponzi you want etc

Stuff like this should be absolute common knowledge with self custody, but people just don't care until they get fucked I guess

>>49407022
Unless Im a retard and cant read etherscan correctly

>>49405611
rip bozo lmao

>>49406985
but 'metamask: swap router' added today. so, hacker was able to approve it ? this prooves hacker was able to sign tx's, probably metamask hack.

i just saw many tx's to theft address from different addresses too. probably someone put malware into some application, email, etc, and decide to attack today.

i checked OP's first tx's, legit guy, sold 165k $link 3 years ago etc. i am sorry for you OP, just dont store half of your wealth into chrome extension after cathing those fish man.

>>49407126
Nope. USDC was withdrawn but isn't approved on any dApp.

>>49405611
Metamask + Windows + Chromium browser = Guaranteed loss

>>49407035
Ledger won't save you from being a retard and being fooled by malware which is my point

>>49407249
>Ledger won't save you from being fooled by malware
Malware steals your keys from your computer. If you use a hardware wallet then your keys aren't on your computer.

>>49407249
Nothing will save you if you're a retard.

If you use something like a Ledger as intended you won't have any problems.

Issue: >>49405787
See Resolutions: >>49405866 & >>49406441 & >>49407231
While it's not helpful emotionally, you must understand you did this yourself.

/thread

>>49406985
I get that if the contract is updated at a later date then any funds in that contract are at risk. But to be able to send tokens from the main wallet that you approved the contract from wouldn't you again need to sign with the device? Unless they somehow swiped you pk at the time of approval too. Glad I'm paranoid anyway and have two ledgers and only use one for signing.

>>49407353
Can't you create multiple addresses on 1 ledger and only use 1 of them as a hot address?

>>49407387
Not as far as I know but maybe. Whenever I create a new account on mm it's always just a standard browser based signing one even though my ledger is the main account.

>>49407353
No. When you approve a contract to spend your tokens it can spend your tokens.

>>49406985
As for token approvals, should I revoke everything there which isn't in use on my address?

It's mostly just Uniswap/Bancor/Sushiswap allowance. One example would be LPL, should I revoke the Bancor contract which has allowance for unlimited LPL spending even though I don't even hold LPL anymore? Does it matter at that point?

>>49407335
No, fuck you, the thread is not done until we learn how exactly he was hacked.

you'll make it back martin shkreli lost 500k, which was all his money at the time, before he made his millions

this thread makes me understand how bitcoin adoption would be really, REALLY easy for normies... not.

>>49407608
... and then he got fined tens of millions because he was convicted for fraud.

>>49407445
Approvals are limited to specific tokens and 'big' projects like Uniswap are probably okay. However, there's no harm in revoking everything for peace of mind.
See:
>https://www.radixdlt.com/post/its-10pm-do-you-know-where-your-tokens-are
Apologies for the inadvertent shilling

>>49407605
He wasnt hacked. He allowed money to be taken from him.

"Hey, here's my private key, but please promise you just take money automatically a couple times..in the future please don't do it again okay otherwise u will have hacked me"

low iq morons

>>49407708
If he wasn't using a ledger then his keys were on his machine, so yes he could have been hacked retard.

>>49407646

>>49405611
sorry for your loss anon, that's the problem with crypto

>>49407607
Dont worry biometric wallets with TEE powered by Chainlink™ are on their way

>>49405711
>The worst part is, since I know crypto, I know there is literally no recourse for me. My money is fucking gone, gone, gone. And it's not coming back in any remotely likely way.
So this is what it took for you to realize one of the biggest flaws in crypto?

Thanks for playing.

don’t listen to these ugly faggots in the thread OP, you’ll make it back just use a ledger

>>49406226
>I own a fucking Ledger but never unwrapped it

>>49407665
Decently written security article thanks. Yeah I think I'll revoke exactly for that peace of mind to not have to even think about it for one millisecond.
If anything threads like these always make at least a few anons double check and possibly upgrade their security practices

>>49407847
A lot of people do this. Probably people that had an easy time, made a lot of money but never bothered learning about security.

>>49405787
>keeping half his net worth on an unsecured browser extension
lmao

>>49407789
>>49407708
>>49407249
>>49406412
signaling faggots, ugly faggots
>>49405780
You are a heartless ape and should end life

>>49407884
>i need to understand the pathetic stories of others so I can learn from an image board to not fuck myself over the same way because while i larp to pretend to care for others.
I don't think OP wants to fuck you anon

what's the best site to check open approvals on your tokens?

>>49407708
Approving tokens for transferring is not the same as giving out your private key.

>>49407605
There is nothing suspicious in his transactions, unless he was retarded enough to give out his private key he most likely got done by malware.

>>49407936
https://revoke.cash
https://etherscan.io/tokenapprovalchecker

>>49407605
it wasn't approvals, holy fuck how chain illiterate are you tards

>>49407936
https://etherscan.io/tokenapprovalchecker

>>49406809
>>49406985
Looks like he sold it all to eth and sent it to fixed float, which is doesn't require kyc.

Given that op hasn't had any txs within the last year I can only assume he was retarded and clicked on a link/went to a phishing site/installed metamask on his phone and had malware on his phone.

Would you idoits either get a clean computer that is only used for crypto and a hardware wallet. Jesus Christ.

>>49407932
Poor people use these threads to signal their fake wealth so that the OP feels bad

it happens so often that I think it may be the same schizo just larping over and over

>>49408123
Also I want to point out that the retard who did it is JUST AS RETARDED AS OP. Holy fuck.

He used the metamask swap feature which cost him a percent and also gusd has low liq. What a fucking idoit.

>>49408193
He got $400k pretty easily, so he wasn't as big an idiot as me, who lost sleep over that money for a long time.

>>49407884
back to r*ddit summerfags

>>49405611
yes yes

>>49408123
this metamask is only secure if you use it on an isolated computer you only use for crypto
using your phone for metamask is beyond retarded

>>49408287
This. Mobile fags deserve to get hacked

>>49405711
why would you check balance every day if you're in stables? nice larp faggot

>>49405611
you did something retarded that you're not telling us

>>49408287
>Use 1inch/matcha/other dex aggregators
>Just saved yourself about 4 grand and could get the best rate

Op is a dummy. Run a clean machine that you don't use for anything else.

This means:
>No torrenting
>No porn
>No 4chan
>Use is limited to crypto and well known safe websites (i.e. YouTube)

>>49408012
>>49408021
>>49407335
>>49407605
Dude, fuck you. https://etherscan.io/tx/0xfe794619b3e98ad770eb5e63e2c73649b00383aebecbd744e7dbe7f66f310abe
the last tx of 5.7 ETH, emptying his eth after the hacker withdraw all tokens is the proof that it is not a "authorize"-scam contract who did it, but a malware/someone got access to the private key.
Can't authorize ETH. Simple as.

>>49405692
the very fact he blurs out his address without realising it's trivial for us to copy the hacker address then see his
suggests he did something stupid with his security. like holding his keys on google cloud or something

>>49408693
As I said in my first post >>49406985 yes.

so did you download some torrents or did you watch trannyporn?

>>49406441
>A hardware wallet used properly should NEVER be signing any contracts. You hold your funds there and move small amounts to other wallets that you sign with.

how do you move funds away without signing? I am missing something here

>>49405611
nobody in this thread noticed that it's TUSD and OP is a larping faggot. holy shit we still have so much further to fall

>>49408728
Noticed this is well, key.

Trace your past activity. What did you do? What did you download? What did you run on your machine?

Are you using Windows+Chrome? It's a hilariously easy setup to steal your keys from.

Oh also since OP is clearly a dumb shit:

Did you screenshot or photograph your Metamask seed phrase, to help you remember it when Metamask first asked you to re-type it?

Did you then store/backup these photos on iShitCloud or Google ShitDrive?

Welcome to cloud hacks.

>>49406412
>>49405811
Hot take: you are both retarded.

Can we have a discussion on the best practice for storing your funds so we can all prevent this from happening to others, myself included.

Also did I just get hacked by replying to this thread?

>>49405611
Just ask for a refund, the devs are active on twitter

>>49410202
Buy old thinkpad, replace Motherboard with nvme SSD compatible one, generate 20-word seedphrase locally and generate 500 derivative privatekey-address pairs.

Store all those locally and encrypted, use a USB to export 1 address at a time and import on your live machine only through privatekey, never with the master seed phrase. Hell, I'd advocate even deleting that altogether.

Keep the laptop turned off all the time unless you need to grab addresses off of it.

Keep 3 re-encrypted backups of the whole encrypted drive (should be only a few gigs) on a different laptop, a USB, an external SSD and 2 DVDs.

>>49410308
I have all my shit on my desktop and ipad, i revoke all approvals on polyon scan, am i retarded? U sound like a schitzo desu

>>49405662
>bottom was in
you keep saying bottom was in since 41k retard. lol, shut the fk up lmao. if you're not in stables since october-november 2021 you're a fking idiot.

>>49410202
Wrap your Eth into goEth on the Algorand blockchain. There you can just regularly rekey your account, like it has been security best practice since cryptographic keys were invented

>>49405866
even if he hid all addresses in the screencap, can still just look at token txs within the past day - especially for GUSD and TUSD as I can't imagine there being a lot of volume flowing through there... newbs gonna newb

So it's not safe to connect your ledger to your metamask in case you want to tether up?

>>49405611
>>49410202
Let’s say I have some PC, can be any PC. I then install Linux on it. Let’s say Linux mint. I use the firefox browser and install ublock origin on it.
On this PC I will trade crypto and do nothing else. How secure is my crypto?
How could I get fucked?

>>49408287
>>49408123
even back in 2010 i knew how to make worms as a kid, you are a fucking idiot if you think having a "clean" pc will work, you need a whole new network that doesn't touch anything to be completely safe

>>49410837
It's good enough, it's very unlikely that something is going to infect a computer that is used occasionally just by connecting to the internet for some minutes.

>>49410837
Anon, I am basically to you what an 80 IQ monkey is to me.
How does one even get to use a clean network? How can I go from using a standard network (family uses it etc) to a clean one?
What is and isn’t a clean network?

It's safer to keep your coins on a large, centralised exchange with 2fa. Not even memeing

>>49405711
Linking it to metamask is the same as having it in metamask. It's probably not a bug. You probably have a keylogger installed on your browser that stole your metamask password or somebody found a zero-day to break through browser local storage security.

Seriously, nobody should EVER use a browser based wallet. They are huge security vulnerabilities.

>>49405611
did you use Windows as operating system?
Why did you not keep half of yur NW in custodial solutions?

rule number one of security : never use windows

>>49411085
What about phones.

>>49411118
phones are android (LINUX) not windows. but its still android is more targetted than GNU+LINUX

>>49411154
Aren’t they Unix based?

>>49405787
You deserved what came to you I must. There are lots of privacy protocols like Secret Network which offers flexible features while protecting your funds. I hope you have learned not to be too careless with your funds.

Can one not just scan revoke.cash to look for vulnerabilities? If you do t approce of a tokeb allowance, a smart contrsct can drain u. The default is usually unlimited allowance, which most sign. I mitigate risk. A project ir no longer using, u can revoke or lower the token allowance. Scan revoke.cash to analyze ur wallets token allowances

>>49410775

Nearly fully imprevious on most linux distros. Just don't be dumb.

You're not imprevious to hardware failulres though, encrypt and keep backups

>>49410535
>t. zoomer that hasn't experienced data loss in his business or personal life

>>49407757
Kek. Secret network is already using TEE to execute smart contracts and keep everything private and encrypted. This is different from any other.

>>49410984
hotspot off a phone

>>49411176
yes they are. thugh the mobile market is huge and many retards use it. so android is a bigger target than GNU+LINUX.

get Kali Linux or Gentoo as OS for your "secure" machines

>>49410716
I think only if you surf the internet on that computer.
What if you had a meta mask set up on a clean Mac and then didn’t unlink everything but completely wiped the computer?
Could someone crack the password and username used and steal the keys that way?
Assuming of course the email wasn’t used for anything else?

For any anons who are now concerned they might get fucked from malicious contracts go here to void all existing contracts on your wallet.
https:// debank .com/

>>49405787

breh

>>49406080
If you did the set up correctly (generated your seed phrase on the trezor and never typed them into your PC), there is no way for a hacker to take your coins. Even if he has full control over your Metamask, since your keys are not saved on your PC you have to connect the Trezor and push a button to approve the transaction.
Always check if the addresses are correct on your Trezor when you do a transaction. In theory a hacker could change the receiving address when you initiate the transaction in Metamask, however the Trezor shows you the receiving address so just double check if it is your address.

>>49406361
>having money on an exchange wouldn't have saved you

bro some degen farm can't suck coins off gemini

>>49411530
Really? It’s that simple? Are there any caveats? And is there any other way to go about this?
>>49411549
Makes sense.
I’ve never heard of Kali, and isn’t gentoo a meme? Do distros really make a difference security wise?

>>49409953

its a bitcoin boomer who's used to doing nothing with his coins

>>49407249
You could plug a ledger into a virus raped computer and still be safe

>>49411067
>Linking it to metamask is the same as having it in metamask

no

>>49411067
You linking it to metamask is nothing more than providing an interface for your wallet. All approvals are still done on your hardware device. Keys are still located on your hardware device.

>>49405787
LOL

This is a terrible day in crypto. Lets all learn from this and move forward with a new zeal and even deeper extremes with our security practices

Just buy a hardware wallet, you morons.
Don't be retarded and sign suspicious contracts with it.
The only way a virus could fuck you when you have a hardware wallet is if your hardware wallet doesn't have a display of your transaction and relys on your computer screen to display the information

>>49405811
You’re going to actually do it when it’s 5 figures, (before the decimal). ;^)
I am sorry for your loss

>>49411751
op believes he may have been screwed over by some dapp. in order to buy from a dapp he would have to move his money off gemini. in which case it's not gemini that saved him and he could have gotten the same effect just by keeping a cold wallet separate from his hot wallet. he was using his main wallet directly with the dapps is the issue not that he wasn't using a cex or ledger.

>>49412019
Tell us more about signing transactions anon. Is there a way to see if something is safe to sign? Should we just avoid things like "SET APPROVAL FOR ALL"?

>>49412064
The only dapps I interact with using my ledger are trusted dapps that have been reviewed a countless amount of times. (Literally only AAVE)
If there's some new dapp you want to try or some NFT you're trying to buy, use a hot wallet.
You see what you're giving approval for when you give it, but most people are on auto pilot and just click approve

>>49412118
https://etherscan.io/tokenapprovalchecker

Good advice, I'm pretty reckless with token approvals but I review my approvals regularly on etherscan a revoke anything I dont use or am not sure of. I genuinely worry about signing things tho I've heard thats where they can really fuck you

>>49410308

>the future of finance

>>49411067

>just never use defi bro the only usecase of crypto

>>49412231
Token approvals and display viruses are usually the only way they can get you once you have a ledger.
As long as you manage your approvals and double check your transaction on your ledgers display, you're safe.
All of these hacked threads can always be tracked to either approvals, or malware.

>>49411766
just make sure your phone isnt compromised first, i wouldn't bother with this level of safety unless you have high 6 fig

>>49405611
Ask the FDIC for a refund

>>49412231
What about binance wallet token approvals?Seems to be no website that supports it.

>>49412552
I didn’t bother with security that much until I found out that my MetaMask must’ve been compromised from the start after being robbed off of airdrops I learned of when it was too late.

Get a GPD Pocket 2/3 with Trezor wallet, install Linux on it and then create a whilelist of trusted internet websites. Simple as.

>>49406234
Could be. I made a larp post on here like this a while back and I just searched Twitter for some random person who got their crypto stolen and pretended it was my address

larp thread

how pozzed is LTSC+firefox for hot wallets as several people pointed out windows+chrome being retarded? Guess i should pick wayland over x11 since x11 security also feels like a joke? Also nobody mentions trezor so i take it the enclave just makes it that much better, i went with trezor due to ledger's mongod debacle

>>49410580
lmao
All stables to zero eoy.
checkem.

>>49413825
Not checked
All stables to two dollars eoy
checkem

>>49413825
>>49413837
Stables still $1 eoy
CHECK EM NOW

>>49405611
>half net worth on exchange, half in private wallet
You did the right thing in that sense
Have you been downloading stuff on the same computer

>>49413825
>>49413837
>>49413848
all stables to $10 EOY
checkem

>>49413883
Lost my ID but no

Maybe someone from keys.lol steal your etherium tokens sir
Sorry you have such bad luckful situation op

>>49405787
holy shit
the first thing i did once i made $1000 in crypto was to buy a hardware wallet. when i made $50k i bought two more . my god you are retarded

>>49409953
you dont

https://etherscan.io/address/0x69bd53d34dfb8479a078d1b3def7085188ab07ee

>tokens AND eth out

the guy had your private key

>>49408123
theres 0 exploits known that send your private key to an attacker unless you manually enter it
assuming he didnt get duped into entering his key this was an inside job, had a keylogger on day one, used a brainwallet (unlikely) or simply had his private key in plaintext on his computer

This thread was up a few days ago. Guy is full of shit.

what are some good procedures to keep from getting hacked? is this outlined anywhere?

>>49412552
No, get into the habit early on or you'll be like op and make over 6 figs and just not use your ledger

>>49405787
Bro :^(

It's like walking around with 200k in your pocket wallet

>>49408463
does feel like a larp to me. he's way too calm about it, like "well garsh, I guess I learned my lesson then". attention-seeking loser.

>>49405611
well OP, i feel pretty bad for you. this is pretty scary and sad stuff. but i think this should motivate you in life to work 10x harder to make that money back and more before you rest on your laurels. and always take security in all aspects of life very seriously, especially when it comes to finances.

>>49412341
so true

>>49415736
Don't fuck around with random websites that ask for your wallet permissions - if you must, do it on a fresh wallet with limited funds. Don't get malware - have working antivirus and adblockers like Ublock Origin and ABP always on. Don't visit shady foreign websites to pirate media unless you absolutely know what you're doing. Don't have your crypto passwords saved in plaintext on your PC, retard! Don't ever input your seed phrase unless you're recovering a wallet. Ideally use hardware wallets for an extra level of protection. Try to spread out funds among many wallets, so if one goes south, it's not your entire fund base.

Google cloud is perfectly safe for your passwords

Prove me wrong

>>49407445
I was in the same boat and revoked everything it only costs a couple of dollars.

wait, it's not safe to hold my cash in a browser extension?

>>49405787
Shit larp.

>>49405787
why the fuck no HW when you have that amount

>>49410202
Easy and many others have already said in this thread.

Have a PC that you use only for crypto trading and nothing else. Install Firefox with uBlock Origin and Metamask, no other extension whatsoever, and only use it to log into and browse exchanges (never give in to temptation to browse even sites like Youtube, Tradingview, Twitter or /biz/ on this machine out of laziness and convenience). I use an old laptop for this.
My seedphrases, passwords, PINs and keyfiles are stored in two (for redundancy) USB thumb drives encrypted with VeraCrypt, and also in an encrypted VeraCrypt volume uploaded to the cloud (don't feel totally comfortable doing this but need to have some kind of offsite backup).
If you're really paranoid or have millions in crypto, might also be a good idea to take another further step by never connecting your crypto PC to your shared home / office LAN. When you need to use it, disable wifi on your ISP router and connect your crypto PC directly to it with an Ethernet cable.

And never, ever, under any circumstances, do crypto or enter any crypto-related credentials on mobile devices. If you do this you're begging to get hacked.

My entire crypto net worth is less than $30k. It baffles me that fags with 10x, sometimes 100x more don't take these precautions.

>>49405611
Get a hw wallet and try again man, don’t go all out and just hold , it’s coming rapidly and very soon

>>49410202
https://silentcicero.gitbooks.io/pro-tips-for-ethereum-wallet-management/content/

>>49411576
i went to that site and all my link is gone

>>49405937
>mfw I'll never be able to marry Mari

>>49414643
I'm 8-figs, and by now I have
>9 hardware wallets (various manufacturers)
>4 cold metal wallets
>3 yubikeys
>Dozens of different seed phrases for various things, all split and stored in separate places with levels of redundancy
>Cipher-encoded instructions also split, different trusted lifelong friends of mine in different states will be delivered separate puzzle pieces if my dead-man's switch activates

>>49407745
>that pic
WTF

>>49417753
Just memorize your private key. It's simple, I can type mine from muscle memory: fffffffffffffffffffffffffffffffebaaedce6af48a03bbfd25e8cd0364141

>>49405611
There are several new critical security vulnerabilities in
>chrome
https://googleprojectzero.github.io/0days-in-the-wild/0day-RCAs/2021/CVE-2021-30551.html
>firefox
https://www.forbes.com/sites/daveywinder/2022/05/22/firefox-browser-hacked-in-8-seconds-using-2-critical-security-flaws/
>Microsoft office
https://www.bleepingcomputer.com/news/security/new-microsoft-office-zero-day-used-in-attacks-to-execute-powershell/
You don't happen to use any of these software, do you?

Wait, browser extensions aren't secure? How do I cold store all my DOT & ETH shitcoins properly?

>>49406605
Yeah that's why I have a isolated hardware wallet and a defi hardware wallet. Not ending up like this anon.

>>49405787
kek based retard

>>49407231
Concise

>>49408674
>>49408287
>>49408123
you are all fucking retards

t. have metamask on gaming/porn pc for 2 year and a half and never had any problems with it

>>49418239
Me too, but what IF our luck is running out?

>>49405611
did you recently install any browser extensions or new phone apps?

>>49418239
Thanks for the heads up.
I also want to have no issues.
Therefore I will immediately start downloading porn and torrents onto my online-banking-pc.

>>49405924
i dont trust either of our abilities. however, i cant sue myself for lost coins

>>49418293
doubt but don't hold all your money there. I've used my seed phrase just 3 times- once on metamask and 2 times on facebook. So it should be fine.

>>49418561
I never ever typed my seed phrase but still scared

>>49405611
deserved

>>49411809
cope

>>49407387
All I know is that whenever I try to deposit BTC or ETH into my Trezor wallet, it always gives me the option to generate a new address. I don't think this is an entirely new wallet, it just creates a new deposit address for some reason, so if my keys were ever swiped it wouldn't matter. I'm quite certain it gives me the option to create multiple "hidden" wallets though using a secret phrase, and those are safe even if my keys get swiped as long as my secret phrase isn't compromised.

>>49410775
I would argue the biggest threat is phishing where you interact with a malicous dApp or you share your seed with someone. I would just get a hardware wallet, store your seed on paper (or one of those fancy metal tablets). Literally never share your seed and pay close attention to what URL you are on/what you are interacting with.

Should be simple and bulletproof.

>>49412473
>>49412231
How the fuck do you rescind your approvals? I try to connect my wallet via web3 on BSCscan and it just redirects me to some retarded brave tab

>>49419788
Same

Great thread. Thanks to the advice here I've revoked outstanding token approvals on my account.

>>49419788
Got no advice for you, I use metamask eth wallet and the etherscan token approval app works just fine. It's in beta so maybe it doesn't have full accessibility yet

bump

>>49417833
>car crash
>hit head
>forgot basic shit

this happens more often than you know

on the good side: If this was just HALF your networth you're still rich my man. Next bullrun you'll be loaded again, hard to pity you

>>49405937
>Never, EVER, EVER EVER, use a wallet for more than a few months, ALWAYS SWITCH WALLETS IF YOU CAN
Is it fine to use a new address on same hardware wallet, or do you mean new hardware wallet entirely?

>>49406441
how? metamask just tells you what you are signing for. it's mostly transferfrom unlimited amount of chosen token for the swap on dex

>>49417313
>My seedphrases, passwords, PINs and keyfiles are stored in two (for redundancy) USB thumb drives encrypted with VeraCrypt, and also in an encrypted VeraCrypt volume uploaded to the cloud (don't feel totally comfortable doing this but need to have some kind of offsite backup).
You are begging to get rekt. Seedphrases should NEVER, EVER, EVER, be held in some digital format. You generate the seed in a HW wallet and maintain the seed via paper or titanium. You are over-complicating things and you will pay the price down the line.

>>49424685
huh... no fucking midwit. if the password is strong enough nobody can't do shit

>>49405787
WOMP TEHRE IT IS
>close thread
>hide thread from catalog

Be yourself and hope everything works out OP.

Is there no way to do cold storage without a paper wallet? What if you just remove the web browser wallet from your PC, is it then protected?

>>49424817
>paper
*without a hardware wallet

alright fuck this

what's the best hardware wallet to get?
ledger or trezor?

what has the best user interface
would I need to create a new metamask wallet for it or will it just work with my current metamask eth wallets?

>>49407708
you don't give your key to contracts for them to have access to certain tokens you fucking retard

>>49411067
But even if the metamask password was stolen, the thief would need the seed phrase to access it

>>49405611
Cold storage your shit. Stake only what you can afford to lose.

>>49424865
I use Ledger NanoX. It's easy and I feel secure as fuck using it. Trezor is fine, but I haven't used it. Only, and I mean ONLY buy from the source. I bought from an Airbnb address when I was traveling, and this was the exact time when all the buyers' deets were leaked.

These threads suck, you are all just claiming people are gonna “get hacked” without any reason.

>>49425417
If you haven't been hacked yet, you're too new. You need to protect against moments of weak-mindedness - too many glasses of wine or just tired/whatever. You need to protect yourself from yourself.

>>49405787
Ledger would have saved you

Proof that this is real and that OP didnt just send money to his own wallet?

>>49425417
If you ever get knowledgeable on cyber security you'll become paranoid too trust me, and for good reason.

Sorry this happened to you man. Wait for the 90+% crash and then buy ISO 20022 coins. Really shitty but with a few hundred bucks put in at the coming bottom you will be back above where you were. Keep your keys safe and (did you keep a digital copy of them or screenshot? Possible it was uploaded to a cloud someone else has access to? Have a bunch of shitty plugins on your comp? Sorry, not saying you are this stupids, just saying in case you made the mistake.) if you are working with that amount, you should have several hard and cold wallets you spread it across.

ive used 1 wallet(ledger) that holds my entire networth for 5 years, ive interacted with dozens(hundreds?) of the shadiest defi apps possible. no problems

signing transactions is safe unless metamask warns you its executing code and you just ignore the warning(ive never even gotten the warning tho)

it can only sign a message and nothing more

losing half your networth isnt even that bad, you'll get it back. i lost 80% because i fell for the 100k eoy meme and held all the way down. an expensive lesson, but you'll rebuild surely.

I hold only BTC on paperwallets generated offline and on an air gapped device. Come at me faggots. Going strong for fifth consecutive year without incidents.

>>49425597
>>49425669
Please explain how you would get hacked unless someone had your seed phrase or remotely accessed your PC.

>>49425417
you're new right?
once you go over $10k you should have a hw wallet. no excuses

>>49426437
Im not new ive had the same Metamask for like 4 years, you literally cant just "get hacked" something you have done will have caused it

>>49426437
lmao

>>49405854
>assets
>Crypto
pick one

>>49405711
>>>49405662
>The worst part is, since I know crypto, I know there is literally no recourse for me. My money is fucking gone, gone, gone. And it's not coming back in any remotely likely way.
Look on the bright side, crypto is not real money so you didn't lose anything.

If you are too dumb or lazy to use a ledger at least leave your money in a hyper secure exchange like Binance or Gemini. Good luck anon you will make that back easily in the next bull run.

>>49405611
This kind of thing happens all of the time unfortunately. Metamask should require 2FA by default on all transactions. Also, use a MAC exclusively for your crypto. Fortunately there is a generous Candle Chain airdrop and bounty program right now, so you have a chance to make your money back with minimal effort. Also consider looking at other bounties on Bitcointalk. There is an entire board for them there.

>>49426537
No, there is no way to cash that out. Stragely, in some magical way I have been able to pay for everything in my life with crypto the past few years tho.

Metamask is unhackable, you are fucking retarded

>>49426430
Fake sites and elaborate orchestrated schemes, they are all around. They're designed to lure you in and gain your confidence/lower your guard and enter your keys or visit a clone site or click on malware. You need to be on guard all of the time. The hardware wallets stop you from doing stupid fucking shit. All the scams are focused on people who are not using them.

>>49405787
Holy shit you dumb motherfucker

>>49405611
You kept half your net worth in a browser extension?

>>49417883
>First Patched Version: 91.0.4472.101
>"new" vulnerability
bro lol

>>49427660
Do you have an example of something like this? It sounds like the kind of thing a boomer would fall for but I doubt the average seasoned internet user would.

>>49428351
e.g. you're in a project's discord and one of the team member's discord account gets hacked through phishing and then the hacker posts a phishing announcements, some kind of giveaway or sale. People ape in because the team member has so far been credible and they don't wanna miss out, but in the process they end up getting their wallets hacked.

>>49428772
many such cases

>>49428772
This.... happened to an acquaintance.
>>49426430
>>49427660
>>49428351
>>49428772
It's good to make a distinction between hacking from phishing/social engineering and hacking from malicious code/contracts. The former is the most common, but the latter, even though it's much harder to pull off, can compromise the security of a good chunk of the crypto community. It's funny that people here are shilling hardware wallets since they're also known to having been hacked

>>49405611
Either you approved them on some contract that got exploited which you should be easily able to check by seeing if the transfer was initiated from your address or from another one or you got your keys stolen, possibly by a virus. Few days ago some new Microsoft word exploit came to light, maybe you received some fishy word file.

>>49410308
Why an old Thinkpad over just a hardware wallet? Isn't it the same effectively?

>move a big chunk of funds to arbitrum
>create a gnosis safe there
>secure it with two hot wallets (generated by different seeds+ use those wallets on different computers) and one hardware wallet
>deposit funds to gnosis safe
It's beyond easy and cheap.

Is a clean iphone + metamask combo safe? Ios must be safer than windows.

>>49424685
Isn't the chance that your house burns down or whatever higher than someone cracking your password on top of gaining access to your USB drive? Whereas someone would only have to steal your paper/plate and has access to your seed without having to go through another password.
Would be curious about the arguments here since I've also been pondering it.

this is a jewish larp bot thread to make you keep your crypto on an exchange. dont fall for it