My account was hacked by the address “7HsWJe1gHFEQHB51tJHSufXX14cWQKrd4pciMrMbLZbt” and the address that was hacked I sent it to their main address. Below is the main address of those who hacked my account “ 2ojv9BAiHUrvsm9gxDe7fJSzbNZSJcxZvf8dqmWGHG8S “
I asked to ban the account and return my stolen balance
Hi @Mado and welcome to the forum.
Unfortunately if your account was hacked there’s nothing anybody can do to get your funds back. When you hold your funds in Phantom, you own it, and nobody else can prevent your account from being insecure or return your funds in the event that it is hacked.
Sorry for your lost funds!
a solution to prevent this from happening again, what should I do?
I highly recommend keeping your seed phrase totally off of your computer and storing it in two places:
- A durable, offline wallet of some sort like an engraved metal plate or something that you can put in a safe.
- A Ledger hardware wallet.
If you only ever put your seed phrase into the Ledger hardware device, then it makes sure that your seed phrase is never actually sent to your computer where it could be seen and stolen by malware.
The issue is that our computers and browsers are extremely vulnerable to malware. There are all kinds of malicious browse extensions and other things that may end up on our computers and if any of that malware can find your seed phrase, then they can steal all your money. So in order to keep your funds safe, you essentially have to make sure you keep your money as secure as a bank, or more.
If you use a ledger wallet ( and make sure nobody else ever finds out your seed phrase in some other way ), then the only way anybody can take money out of your wallet is if you press the two buttons on your ledger wallet to approve transactions.
Your money can still be stolen if you go to a malicious website and approve a transaction that will transfer all your money out, so you must still be very careful and make sure you trust any website that you approve transactions from. But you can make sure that no funds will ever be transferred without you approving it.
Regarding the account at 2ojv9BAiHUrvsm9gxDe7fJSzbNZSJcxZvf8dqmWGHG8S
This does not look like a hacker account. A client of mine was hacked and some of his coins ended up at this address as well. I think this might be a Binance SOL deposit account. It looks like some sort of exchange account.
Oh, interesting point. Exchanges, especially big ones like Binance, tend to have KYC/AML checks that require people to identify themselves, so that might make it possible to track the thief.
We would have to have some way to prove the funds were stolen, though, and that you guys didn’t just transfer tokens to the guy and then claim he stole them. ( I’m not saying you did, but we might need some evidence to back that up if we wanted to ask Binance to prosecute the thief. )