Wurde Ledger gehackt?

[root_s2yse8vt]

Up

0

Down

::

Ich habe gerade entdeckt, dass jemand alle meine 3 Bitcoin aus meiner Nano Ledger Wallet im Mai 2021 transferiert hat. Könnte mir bitte jemand erklären, was der mögliche Selbsttransfer bedeutet? Ich habe sie definitiv nicht an eine andere Adresse transferiert. Danke, ich fühle mich im Moment etwas schwindelig…

​

https://preview.redd.it/ul4rwsvckln91.png?width=940&format=png&auto=webp&s=c56863a2714979548863bd2a7ad64eee6f9651ce

https://preview.redd.it/2ckyhyjhjln91.png?width=940&format=png&auto=webp&s=11ac0c7ea5426fb5ce4b95558df941b1133a4d64

[Knurlinger]

Up

0

Down

::

Possible self transfer is assumed because everything was transferred. So it wasn’t a payment and you normally only do this when you send your coins to another address you control.

In this case: looks like you leaked your seed somehow (typed it in a keyboard, stored it digitally…) or someone got hold of the ledger and knows the pin.

[nyugimugi]

Up

0

Down

::

Okay… So again, because everyone forgets this everytime, even Ledger on their extra-detailed website is that you not only keep your seed phrase completely offline and completely off of ANY electronic devices, you also need to make sure your seed phrase is NEVER spotted by a device’s camera in your home (phones, security cams, laptops, tablets, etc) OR anywhere in the world, PLUS you NEVER SAY those words OUT LOUD not even when home alone, because anyone could be spying on your phone’s / laptop’s / tablet’s / tv’s / anything’s MICROPHONE!

I am stating this not because I blame you, but because everyone tends to forget about these things. I am very sorry for what happened to you, that must’ve been quite a few years to save that money 🙁

[Yavuz_Selim]

Up

0

Down

::

https://www.blockchain.com/btc/address/bc1qa65mmr0lndut3wkk904suxwfytq89uszpxrdvg.

At 13.22h (1.22 PM) the 3 BTC is transferred in.
At 14.28h (2.28 PM) 1 BTC is transferred out.
At 15.50h (3.50 PM) the remaining 2 BTC is trasferred out.

 

So, everything has happened within 3 hours after you send the 3 BTC to your Ledger address.

 

I don’t understand the first transaction though. It seems like the BTC is indeed send from your address to itself…

View post on imgur.com

I would’ve expected a change address (1 BTC to selected address, 2 BTC back into a change address).

[bigbowl_of_KIX]

Up

0

Down

::

I think Ledger should write in MASSIVE font, in RED, full size sheet of paper the rules for owning a ledger..

AND last step should be to RE-READ 20 times.

[GetEmDaddy902]

Up

0

Down

::

I’m more concerned that had 3 BTC and didn’t check on them since May 2021

[loupiote2]

Up

0

Down

::

You somehow leaked your seed. Your seed should never be used again, as it is compromised. Anyone who has access to your seed (24 words + optional passphrase) has full control of your cryptos and does not need a ledger to access / take them.

Common causes of leaked seeds (unauthorized access).

Have you ever:

– entered in your ledger a seed that you got from „ledger live“ (in that case it would be a fake ledger live, and the seed is known by the scammer)

– used a seed that came pre-printed on a card with your ledger (the common pre-seeded ledger scam), or used the seed from MetaMask (or any other wallet)

– taken a phone photo of your words? (this is the most common source of leakage)

– entered your words on your computer or phone (i.e. typed it on your keyboard, e.g. to make a print), e.g. sending an email to yourself (second most common source of leakage)

– entered your seed in „Ledger Live“ when you updated your computer, to recover from „damaged ledger memory“ or to „unlock your ledger account“ or „sync or validate your wallet“? (all those are scam apps that will steal your seed)

– entered your words in a computer or phone notebook or notepad or any app (e.g. password manager) or website, or in MetaMask, or on the cloud?

– have your words in sight of any webcam, laptop cam, phone cam, security cam etc. This can happen if your seed words card is exposed in a public space like a library.

– printed or photocopied your words using a computer printer or wireless printer or a commercial copy machine?

– digitalized your words or encrypted them in anyway with a computer?

– used off-line or on-line tools to generate or check your seed or to verify it or to access other software or phone wallets?

PSA: Learn the importance of your 24-word seed
byu/loupiote2 inledgerwallet

[Tabea_Ledger]

Up

0

Down

::

We can definitively do some further investigations on this. Please submit a ticket here and share your case number

[UnderLagger]

Up

0

Down

::

sorry for your loss mate, it’s wild. The real questions that matter are: where did you buy your Ledger ? Where did you download Ledger Live application ? How did you create your wallet account and its mnemonic phrase ? and how did you secure the phrase ? and maybe what was the state of the device you used to do this all.

I’ve read the ‚robbery‘ happened within 3h after you deposited the funds. This let me thinking that your wallet was already compromised at the time when you deposited the funds. Meaning that someone else had the mnemonic phrase beside you.

It can be your device that was already compromised with a payload (from phishing or something else), it could be the creation process of your wallet account that was the problem. some people bought a legit Ledger but within a falsified box with a mnemonic phrase written in a leaflet they had to use after they scratch the thing to reveal the words. it can be a Ledger Live you used that was not authentic.

Anyway, take care bro

[kilianv3]

Up

0

Down

::

Fuck, sorry, man. Looks like you lost your cryptos. It’s pretty much impossible that your Ledger got hacked directly. Either someone had physical access to your ledger and initiated the transfer, or you somehow lost your seed phrase. Maybe you had it saved in a password manager that got hacked? Or did you have a picture of it on the cloud that got hacked? Endless possibilities.

[JarAC77]

Up

0

Down

::

Did you buy the Ledger from eBay? Is it possible that it could be a hardware wallet that was tampered with?

[PasdaranXBT]

Up

0

Down

::

Another genius who took a photo of his 24 words (which was then almost certainly automatically backed up to Google or apple photos) and is now in total shock that he got robbed.

Moving on.

[krissbubu8080]

Up

0

Down

::

This shit with revealing seed phrase is getting ridiculous.
I’ve held on numerous shitty wallets with pc running 24/7,downloading from suspicious sites,torrents dozens of malware and spyware on my pc and Never Ever anyone stealing from me anything.
How a high end hardware for not so small price is now vulnerable to almost anything.Shit you can now even spit it on it and your btc is gonne.

[CrustyBus77]

Up

0

Down

::

Stop using Windows for crypto related tasks. It’s a massive mistake. People will eventually learn this.

[AutoModerator]

Up

0

Down

::

The Ledger subreddit is continuously targeted by scammers. Ledger Support will never send you private messages. Never share your 24-word recovery phrase with anyone, never enter it on any website or software, even if it looks like it’s from Ledger. Only keep the recovery phrase as a physical paper or metal backup, never create a digital copy in text or photo form. Learn more at https://reddit.com/r/ledgerwallet/comments/ck6o44/be_careful_phishing_attacks_in_progress/

*I am a bot, and this action was performed automatically. Please [contact the moderators of this subreddit](/message/compose/?to=/r/ledgerwallet) if you have any questions or concerns.*

[faceof333]

Up

0

Down

::

How did you download ledger live? what is the version? did u enter seeds in any app or site?

[Waterboy980]

Up

0

Down

::

You gave up your private keys / seed phrase somewhere. That’s the only way it can happen, be more careful.

[Stebbin8r]

Up

0

Down

::

I am so sorry this happened to you. Did you buy your LEDGER device directly from the manufacturer, or did you buy it on Amazon or at a store (ie Best Buy)?

…and just to better understand, did you ever enter your seed phrase on anything outside of your device?

[Huth_S0lo]

Up

0

Down

::

Someone got a copy of your seed phrase. Did you have it stored electronically somewhere? Your physical device is the embodiment of your seed. You dont need the ledger at all. You only need the seed.

[tommobile]

Up

0

Down

::

Where did you buy your ledger from? Official website? Amazon?

[Wayne2018ZA]

Up

0

Down

::

Ledger itself cannot be hacked. Also, the number of combinations of the 24 words is infinite, so no-one can brute-force it. Check out https://youtu.be/hjRntYh0ot8 and https://youtu.be/S9JGmA5_unY for more mathematical info.

[loupiote2]

Up

0

Down

::

> could anybody please explain what does the possibly self-transfer mean?

This message is displayed when all your balances (on multiple sub-addresses in your BTC account) are transferred to a simgle address. This is often something people do to consolidate their funds on a single address that they control (hence the message „possible self-transfer“), but it is not necessarily a self-transfer. e.g. if a scammer got hold of your seed phrase and transferred all your BTC to their address, this would obviously not be a self-transfer.

[Brilliant_Dot_742]

Up

0

Down

::

Holy shlt, didn’t realize how serious that a screenshot could get hijacked. Are there that many things spying on us? Some bot sorting through it all for recognizable passphrases?

How do you combat this?

[Stockoholic]

Up

0

Down

::

That s bad

[su5577]

Up

0

Down

::

Sure maybe someone spouse or relative?

[kizernal]

Up

0

Down

::

The more I see these post makes me think I need to go Multisig.

[Autor]

Beiträge