ENS Tokens Being Taken NOW

All of my ENS tokens were just taken by the following accounts just a minute ago:

ENS: ENS Token | 0xc18360217d8f7ab5e7c516566761ea12ce7f9d72 (etherscan.io)

0x10a36f41531A0C78c9D1E70A9ada04e59e1A9bFf

I hope a solution is found or I am just misunderstanding something. But I’m concerned about others and getting this stopped ASAP.

Thanks

1 Like

Seems from what everyone has told me about my stolen claim, that its our fault. And in no way does it have anything to do with ens domains. Although considering the 1000’s of dollars I have had in and out of this account in the past 4 years, this is the only thing ever hacked. Someone has figured out a flaw in the ens management system. But noone knows anything. Good luck mate

1 Like

The ENS token story for rustyhenderson.eth seems to go like this:

  • Address 0xa6062cde1b8f96323624be5309bb99353b5b32c7 adds enough ETH to claim the tokens and transfer them out.
  • The tokens are claimed by 0xd0c23aa1e5648aadf8f558f6b4ef7f00a1368257
  • The tokens are transferred to 0xa6062cde1b8f96323624be5309bb99353b5b32c7
  • The unused ETH that was transferred in is then transferred back.

This operation requires use of the wallet private keys. You’ve stated in other threads that the tokens were already claimed when you checked. So, that would mean that the private keys to your wallet were compromised. The compromise would have needed to occur well before the airdrop and is in no way the fault of ENS or the token contract.

The wallet history has significant interaction, including recent transactions within the past few weeks. There are numerous drops value to $0.00 in the last 2 years.

I’m not saying that I don’t believe you when you write that your wallet was hacked. However, there’s nothing ENS can do about that…

Of course, you might be a random individual trying to claim something was taken from you when it wasn’t.

If you are indeed the owner of the claimant address you could sign a message that can be publicly verified:

https://app.mycrypto.com/sign-message

5 Likes

Signed. You are correct that it would take an individual or organization having my private keys to make this happen. I am also well aware that nothing at all is there for me to prove that I am not a malicious individual myself. This is a significant amount of tokens taken from not only myself, but several other wallets. You seem very intelligent and well-versed within these confines and I implore you to do a bit of investigating as to how so many wallets were compromised with this particular airdrop. If you need numbers I can provide. I was there for the uniswap airdrop with no problems and others again with no issue. There is something within this that doesn’t sit right with the sheer amount of compromised accounts. I have signed and verified. I can also provide information about the ens domains I have owned, used, and sold in the interim. Lets be really clear here. I have 0 expectations that ens as an organization is going to magically make 195+ tokens that were claimed on my behalf reappear. I understand how this works, and if I can prevent anyone else feeling that type of loss then I have done at least some good. Thank you
{
“address”: “0xd0C23AA1E5648AadF8F558F6B4Ef7F00a1368257”,
“msg”: “Russell Henderson”,
“sig”: “0x2be29feb2019eb314672dca99dc891feca85dea81d590ddc8b55199a3342d8e63081d80d9b7583b9c70970c0ed1ce817b10b07cd8b5f77cd2b1a4a6bc20b277b1b”,
“version”: “2”
}

3 Likes

If they did, they would just be giving the hacker another 195+ tokens because your wallet is compromised. You need to get a new one and stop using that one. Your PC might be compromised also.

5 Likes

Absolutely. Hence the 0% being used in the previous message. Thank you moses.

1 Like

Now that you know it is me claiming, and I have signed the message with my own personal information. Also in bio. Now what? Nothing. Just clout that I am a sad little miscreant that lost out on a good opportunity. Thank you though for at least allowing me to vent. Best of luck to all of you and thank you for all your help.

1 Like

There’s literally nothing that anyone can do for you.

It’s very unfortunate. I’m sure everyone reading this thread feels extremely bad for you. However, there’s no solution to retrieving the tokens.

The best advice is to forget that previous address, since all assets are now subject to immediate theft by the attacker who has your private keys somehow.

There’s a “report address” option on Etherscan.

I strongly suggest that you file a report with them, as they can mark the address as a possible “Heist” account. They might add it to the Heist List

3 Likes

thank you for your kind words. It is tragic indeed. Lesson learned.

Thank you again. After looking at the other possible hacks, it seems that well over 1mil in ens domain tokens have been absconded. Maybe someone can help me with the math on that one. How many total were issued? And in terms of eth value, what is the percent that has gone into nefarious hands?

If you have an idea about token theft, try your hand at Dune…

https://dune.xyz/msilb7/ENS-BuySell-Pressure-Uniswap-v3

But please remember that the theft has nothing to do with ENS… it’s possible that many tokens are being stolen from various wallets. But the theft is not related to ENS - except that the tokens are high value items worth stealing. Wallet compromise is fairly common, unfortunately…

2 Likes

Agreed that it has nothing to do with ens and that it has everything to do with compromised wallets. I suppose my question was more related to how 1 to 2% of all tokens being stolen by other recipients rather than the intended, has or will have any effect on the value. A more important distinction should be if the token is used as a governance token, then how does that affect the governing of proposals when tokens are in the hands of someone or something that has no desire to be a part of this community. Thank you

1 Like