Help and Guidance Needed - Recovering Stolen .ETH Names

Hello ENS Domain Community,

I hope this message finds you all well. I am reaching out to this fantastic community in a time of need and seeking guidance on a situation I recently encountered. Unfortunately, I fell victim to a phishing scam, which resulted in the loss of some of my valuable .ETH names. I am posting here with the hope that someone in the community may be able to shed some light on the situation or offer advice on what steps I can take to recover my stolen domains.

To provide some context, I still have control over the Resolved Address and Controller settings for these domains. Thankfully, the hacker has not made any changes to the domains’ settings or ownership after the scam. I guess it gives me hope that there might be a way to regain control over my domains. But with my understanding only Registrant can control the domain, so not sure.

However, I am not sure where to start or what the best course of action is. Here are a few specific questions I have:

  1. Has anyone in the ENS community experienced a similar situation and successfully recovered their stolen domains?
  2. What are the recommended steps to take when trying to regain control over .ETH domains that are still under your Resolved Address and Controller settings?
  3. Are there any specific contacts or resources within the ENS community or Ethereum ecosystem that I should reach out to for assistance?

I understand that the ENS community is filled with experts and enthusiasts, and your insights and advice would be immensely appreciated. I’m hoping that by sharing my situation here, I can find a way forward and perhaps help prevent others from falling victim to similar scams.

Scammer wallet:

Thank you.

Hi there @0xB8A2cc18B353447b91 and welcome to the forum!

Unfortunately, if the ENS names were transferred into the scammer’s wallet it’s not possible to get them back even if the Controller and ETH Address (Resolved address) records still points to your wallet.

ENS is governed by a set of trustless smart contracts and does not have any administrative controls. We have no ability to transfer ENS names, cancel them or do anything that a regular user can’t do.

I hope this clarifies the situation, and I’m sorry you lost your ENS names to a scam :frowning:

One thing you can do is to contact the various marketplaces like OpenSea and ask them to delist the stolen names, which at least prevents the scammer from selling the names on second hand markets.

Thanks for the reply.
and yes, I have already filed an official complaint and forwarded it to opensea and all to ban this user address.

While I understand this, “ENS is governed by a set of trustless smart contracts and does not have any administrative controls. We have no ability to transfer ENS names” cant we have some proposal to in future when these name expires, the first eligible person to buy this again could be the original owner? or something similar. I guess this is decent solution for this.