My wallet wasnât compromised. I have taken a number of steps to safeguard my crypto and assets, including 2FA Yubico keys to permit transactions from coinbase.com
1 Like
The Scorpio in me wants to track every NFT that this person owns and report it, but that would cause trouble for others. There has to be a way to target a single entity, regardless of the wallet they use. Iâll find a way. Someone will. This is still the âWild Westâ, but plain thievery cannot be toleratedâŠ
Thatâs whatâs strange about my situation. Nothing else in my âcompromisedâ wallet was touched. It makes me think that I signed something I didnât read clearly while my old computer was possibly hijacked. Or, thereâs something about the ENS names that make them vulnerable. Idk. But this is the only ENS name that Iâve transferred to another wallet (from MM to CB) and it was months later before being stolen. Again, I think I must have signed something I didnât look at closely enough. Still a mystery, but Iâll figure it out
There is an exploit that prompts the victim to accept a wallet transaction which grants the attacker permission to control your .eth name. It communicates directly to the ENS registrar contract. The attacker phishes victims into thinking it is some other type of approval transaction with things like fake websites. I can look through your transactions and see if that happened, if you want.
If you have the time and resources, Iâd love to know how it happened. Not only to avoid future mistakes like this, but warn others what to be on the lookout for.
What would you need from me?
Iâll see if I can find anything, just message me the old wallet address.
2 Likes
My original address: 0x361fC0ED3D5a3d0bDfDfde855E46d9c04de6b7eE
The address I transferred âregistrantâ to: 0x2d63bf0766c94d54955b6cb4044babe6b0b58bab
The thief: 0x6F69D2Efe0e663506d4Ee3A5DdB72D14aE8f8D56
Iâve since bought the name back under a different walletâŠOnly bc itâs important to my son. I hate myself for it, but this person will get theirs one way or another. Anything for my kids.
@daylon.eth Would something like revoke.cash be able to kill the permissions for the approval transaction? I guess it would depend too on if gas could be sent to the wallet without getting swept.
In this instance, I was only able to find a single transaction in which the theft transfer happened. I would guess it happened through a fake website that looked like Opensea or some other reputable site, and the approval and transfer was all one process. Iâm not certain about revoke.cash, but it never hurts to review what has approvals to your wallet and remove anything you donât know or recognize.
1 Like
I just discovered the same thing happened to me. What measures should I take to see if I can retrieve it? How do I inform OpenSea?
Transaction: 0x98e8f5c0022257b7ea3c6e5a0f7dd9900d84ecc6d1f474f1b1127f57c46628a0
In this case, your name does not appear to have been stolen. Instead, you just did not renew the name, so it expired and was released.
The previous registration (presumably you) was made here for 1 year, with an expiration date of 2023/01/31. Since you never renewed it, the name was released, and someone else re-registered it.
Thank you!