My Solana and NFTs were withdrawn from my account without me knowing

Hello, I logged my computer an hour ago and I logged back into my wallet and I noticed a lot of things were missing from my account.
A transaction was made without me knowing or authorizing it at all and I have never given ANYONE or clicked on malicious (discord) links, everything is gone and i’m not sure what to do anymore. Is there a way to track down whoever made the transfer?


this is the address that made the transfer without me knowing, they took out all of my assets.

Sorry if my wording looks a bit terrible, this is my first post and I’m frantically rushing to find answers to this because I’m at a loss for words on how this all happened and why someone would do this

1 Like

same thing happpend to me like an hour ago, keep me upptadet if there is a way to find these poelpe and get our money back, didnt click anything just opend my pc and it was gone

2 Likes

GwZLDJ8FcRDLdnuvpQggFM6d7SfesTQMJAkD2DRFb7Zp
this is the adress that took from me

Hi @whatdur and welcome to the forum! :wave:

Like @feelix said, this just happened to him, and the verdict is the same:

There’s not really a way for us to track who did it. If a scammer is determined enough they can take measures that make it practically impossible to trace.


Yeah, I understand. There are just a lot of people who can make a lot of money by trying to steal from other people and they don’t care about what harm that causes.

Someone did the same to me. Seems like if you can see every transaction you should be able to see what happened and who took them. Otherwise, why do we have so many protections in place for them to so easily get everything.
And no, I didn’t share my info with anyone or do anything wrong, yet somehow he got one of my NFTs and all of my sol, and the “sorry this happened to you” doesn’t put the money back in my account.

tl;dr:

  • There are too many ways for an attacker to hide their identity for us to assume that we can track them down and convince their jurisdiction to penalize them.
  • In crypto you are responsible for whom you trust, even when it’s your own computer. In this case you or your computer didn’t protect your seed phrase carefully enough to keep it outside of the hands of attackers.
  • I’m not saying this to blame you for your loss or to sound like I don’t care that you lost anything. I’m sorry for your loss, but that doesn’t mean that I, or anybody else, and do anything about it.

You can see what address took them, but you can’t know who in the world it is that is associated with that address. Finding that out would probably require, at least, cooperation by the internet service providers to snoop on people’s internet traffic and try and find out what IP address sent the original request to transfer the funds.

And even that wouldn’t help if they obfuscated the internet traffic by using a network such as Tor combined with a VPN. Finally, they can transfer the funds into an obfuscating pool such as Tornado cash on Ethereum or the Lava Pool on Solana. There’s just so many things they can do to hide who they are.

Even if you didn’t do anything wrong, if you connect to the internet, your computer or phone is ask risk from malware. Many things try to prevent hackers from accessing your machine, but there is a lot to it and you can’t be sure you’ve covered every possible threat.

Every program you install on your computer and many browser extensions fully have the ability to try and steal your information. That’s why I recommended a ledger, which keeps your seed phrase from ever even getting to your computer.

I understand that, but there’s nothing that I, or anybody else, can do about it. When you hold your crypto in a non-custodial wallet, you must now be your bank, and you are taking responsibility for the security of your funds.

There are many people and organizations we trust every day, and we must trust them to do many useful things. For instance, I am trusting the Phantom wallet to compose and send transactions to Solana for me. But I am still responsible for placing that trust, and it is me who is responsible for my own security, nobody else.

I have decided, for the sake of maximizing my security, not to trust my computer with my seed phrase, and to instead trust my Ledger device, which was designed specifically for storing the seed phrase and doesn’t have access to the internet or a web browser installed on it.

Maybe somebody else will choose instead to trust Binance or FTX to hold the keys to their wallet for them so that they don’t have to deal with securing their keys. But then you have to trust somebody else.

It’s all a matter of trust, but one of the major points of crypto is to put the power to choose into your hands, so that you, not somebody else, determines who you must trust.

I understand. My seed phrase is protected and not accessible to anyone, and I don’t use my computer to access my wallet, so I can only assume they were able to get my sol using my wallet and info on Magic Eden, so I don’t know if that is something others have had happen, but I have seen several people say the same thing with the same wallet address in the last 24 hours.

Hmm, what wallet do you use? I know that there are fake Phantom, Solflare, and Sollet mobile apps. The apps aren’t actually made by Phantom, Solflare, or Sollet, but they copy the look and feel and the steal the funds from wallets that are imported into them.

No, my app is the real one.

Check out the transactions on this account. It has been mentioned in multiple places for being involved with many accounts being drained over the last 24 hours.

71M9ZKhABrSdPsYgKQWJNJo5U9txqmrXt5NAa1FdaQ4F

What app is it, though? Phantom, Solflare, Sollet, Trust Wallet, etc. ?

Slope is the app I use to buy and sell NFTs. It is a burner wallet, but the purchase of my NFT and draining my wallet were so close together I didn’t have time to move my funds to my main account

How did you create the burner wallet? Was it with the slope app?

All my nfts and sol were stolen just now and they were transferred to this address
GwZLDJ8FcRDLdnuvpQggFM6d7SfesTQMJAkD2DRFb7Zp

Hi @Freeman and welcome to the forum. :wave:

Unfortunately there’s no way to recover stolen funds, I’m sorry. :confused:

wth, where is admins???

This forum full of scamers, private messages with links and Super genius tech which gonna help you upside, guys be careful

Yeah, there are unfortunately lots of scammers on the forum. :confused:

The best thing you can do to help is to flag the post as Spam like so:

image


image


image


This will often hide the post so other user’s won’t be as tempted to click their links/follow see emails, etc.

As for the admins, I’ve tried to message them, but they seem to be completely absent for at least the last 4 months or more. I’ve tried to apply to the Solana Collective and asked to get admin access here on the forum so I could help moderate, but I never got any reply. :confused: