August 27, 2019

Fraud and stolen funds

Fraud and stolen funds

Yesterday afternoon my computer underwent, what seems to be a personal attack. It seems as if the attacker knew exactly what he was doing and has been preparing it for some time.

In the space of a few hours (until I noticed it), 99% of all my funds were stolen. All with a capital A.

To say that I’m upset or that I’m feeling down is not to say half of what I’m feeling right now. But there is nothing I can do now - at all. Of course, I have sent the necessary emails to the exchanges to which I managed to track the transactions (this morning already, doing it on a clear head).

Below are some mistakes that I made, that might help you in the future:

  • The attacker obviously had access to part of or the whole of my password base
  • Some of the ETH tokens that were stolen, were “washed” through IDEX. IDEX cannot help you recover funds obviously.
  • Everything is moved to Binance
  • If you require to transfer any files from one USB to another - never leave them on your PC, even for an hour (I’m talking important files)
  • Never, ever and ever use one address to store more than one asset - never!
  • 2, 3, 4 and even more chain-passwords systems are not enough. Even if they are 256 bit each. Use multi-signature address or cold wallet to store large funds (obviously, do not keep your passwords “warm”)
  • Change passwords more often than you think yo do
  • If for some reason you need to pass a part of, or a password over an unprotected channel (even if it seems like the password is not important, and this is not a password to your funds) change is straight away. 4 - 6 hours later is too late.

I’m not sure why I’m writing this post. But maybe it can help you to intake the above, even though - obvious, a bit more.

Not sure what else to add at this stage. Be careful, even if you think you are.