ENS guru help needed for a semi-hacked acct

šŸŖ³ Bug Reports
1

Are there any alternative ways to update the controller address? :cry: :cry: :cry:

My wallet[old] got hacked and I got just enough time to transfer two of my ens domains to another wallet[new].

However, I am unable to setup the reverse record due to hacker activitiesā€¦
Although I am the registrant(wallet[new]), but the ā€œcontrollerā€ is still with my ā€œpreviously hackedā€ wallet[old] addressā€¦

I have tried sending just enough ETH to wallet[old] just to get the transfer going but no matter how fast Iā€™ve tried to sign and approve the transfer request, hacker(I presume bot?) beats me every time (Iā€™ve already lost $300+ USD).

What makes me more upset is that my ENS airdrop seems to be taken away by the hacker as soon as I claimed it. :cry: :cry: :cry:

Once again, due to my situation aboveā€¦ are there any alternative ways to update the controller address without having to fund my wallet[old]? :cry: :cry: :cry:

Any suggestions or helps are hugely appreciated!!!

1 Like
2

Hi guys, I think i have a similar issue for this problem but mines got a bit of a twist,

I think old wallet may have been exploited and some stuff taken but thats all whatever for me.

For me, i bought an ENS domain a while back but just never interacted with it due to lack of compatibility issues at the time with my stuff i used and was a told i pretty much had to wait.

So i waited all that time and now am trying to figure and finalize it. I was wondering if that purchase of domain i bought would be eligible for airdrop?

3

hi i was very stupid and interacted with a smart contract on arbitrum and someone compromised my keys. they stole 2 potentially high value domains: legoland.eth and daytona.eth
is there anything I can do?
thanks

4

Please share what contract you interacted with.

1 Like
5

Hi @mdefina

Could you create a support ticket on one of the support channels?

DM on Twitter: @ensdomains
#create-a-ticket on Discord: https://chat.ens.domains

Support team there can take a look together with you.

1 Like
6

Yeah, They have an auto withdraw bot on your account.

Itā€™s a node.js and another web3 javascript library listening to all the transactions that go through. Most likely connected to a private node. Very hard to beat, but itā€™s possible it can be doneā€¦but Iā€™m not 100%, have not done that before.

Wish I could be of help for you.

edit read post above from @zadok7

7

it was one of these 2 contracts that scammed me: ArbitrumGuildRolesTokenFullBundle | Address 0xc2bc78eb86d1eea90e378e235f405c00e0659d59 | Arbiscan
ArbitrumGuildRolesTokenBundle | Address 0x1879822678f5d295bc76dda858c781a113cdc058 | Arbiscan

I used metamask to connect and ā€œpurchase bundleā€

8

Iā€™m confused.
If your new wallet is the registrant, you can change the controller.

9

no I didnā€™t transfer it, it was stolenā€¦ what are you confused about?

10

not sure what you mean by withdraw bot? - I had to fund a few of my compromised accounts in order to transfer what wasnā€™t already stolen, nfts, etc and nothing else has been taken at this point. It appears they spent about 30 minutes withdrawing and have not seen them sinceā€¦

11

it appears i was phished by portal.arbitrum.one a fake website :frowning:

12

what ā€œnewā€ wallet are you referring? I never said anything about a new wallet.