Phantom Wallet - Phished - LOST ALL MY SOL

Just want to warn the community so this doesn’t happen to anyone else.

On Friday, Sept 24, 2021, all my SOl (28.5 coins) was stolen from my Phantom wallet.

Before I used Phantom, I had kept it on an exchange with 2FA and yubikee, whitelisting etc, but I was curious about the Bocachica Allbridge IDO, so staked Sol on Phantom, to gain SolPower to participate.

It wasn’t worth it.

The IDO didn’t show the correct purchase amount, there was an error, so I was trying to fix this.
Someone laying in wait, masquerading as BocaChica support sent me a link and said I needed to sync my wallet.

Very quickly I realized something was wrong when they then asked me if I had any other wallets and I should sync those too, but it was too late. I went to check on my Sol and noticed my staked Sol had started the process of unstaking. I feel ashamed that I fell for it. I tried to contact Phantom to put a stop to it, and lock the whole wallet down, but I didn’t hear back. I couldn’t restake my Sol, I knew the wallet was compromised, and I couldn’t do anything, then almost 30 hours later the criminals transferred it all out.

Solana team, please can something be done?
There are addresses where it was sent to.
Please could it be reclaimed?

Anyone reading this, please don’t click any links, please don’t try to re-connect any wallet with the 12 word phrase. I didn’t think they could steal my Sol this way, it all seemed very real, and very genuine, but it was a phishing attack. I feel so stupid, but also Phantom needs 2FA, or a firebreak, withdrawal passwords - something… something because some of these criminals are one step ahead and very prepared AND because losing all that Sol, that I just cannot hope to replace, is incredibly hard.

1 Like

Hi @ASTONMV8, I’m sorry to hear about how you were ripped off.

As you know, there are so many scammers and so many despicable people in the crypto space. I hope we will be rid of most of them with better security and greater education, some day.

Thankyou for sharing your story so that others can learn from your misfortune.

I’m hoping you are in it for the long term, that some good kharma will come to you and over time, you will make up your loss and so much more, many times over …

Thank you so much Neil for your kind and thoughtful words today, much needed and appreciated encouragement.

2 Likes

So sorry you got your tokens stolen!

Yes, unfortunately, I am almost certain that there is no way to reverse transactions, freeze accounts, or anything similar. Once a transaction has been made and finalized ( which takes less than a second ) it is permanent, and the only way for you to get the tokens back is to have the other side transfer it back willingly.

This is the only way the blockchain can remain secure without us having to trust even a company or organization such as Phantom or the Solana Foundation. Unfortunately this takes out the ability of those organizations to help us when we run into trouble as well.

Because of this we’re going to have to learn how we can help each-other as a community and you posting your experience here is one way to start! We’ve got to raise awareness and help educate people so that they are more ready for these things before they happen.


I’ve found that on this forum there seem to be a lot of people who run into the same issues, either scammers or transferring tokens to an account that doesn’t exist ( which effectively moves their tokens to a black hole ), and I’m sure there are other things too.

I was thinking that maybe we should start working on user-targeted documentation for Solana, and maybe blockchains in general, with a big focus on safety best-practices and calling out common problems that people have so that they can be aware of them early on, instead of after they run into trouble.

I’ve found that cryptocurrencies are often somewhat complicated and hard to tell what’s going on for new users. There is so much out there and so many different tools that it is hard to get a clear picture of how it works. Even things that seem simple such as restoring your account from the seed phrase can have surprising behavior as found by another user on the forum ( see this post ).


It also seems like there are lots of other common things that users want to know how to do as well, such as bridge between different currencies, etc. Now that I’m thinking about it, maybe we should make a blog site or something with tips and guides for people. And then we could even integrate with Like.co so that writers could get rewarded for writing useful guides! We’d want to have some sort of board or approval group that would make sure that all of the info posted to the site is of a high quality and accurate, but that could be really neat.

This kind of got off-topic ( sorry! ), but that might be worth looking into if I can find the time.

This happened to me too. I lost 20k in NFT’s. Just drained from my SOL wallet. 2FA could have prevented it. I use 2FA for everything. I realize 2FA is not completely impenetrable, but it sure as hell makes it a lot harder for hackers and scammers.

Hi @graben and welcome to the forum. :wave:

I’m sorry you lost all your tokens. :confused:

My recommendation is to use a Ledger Hardware Wallet to store your seed phrase. If your seed phrase is only ever put on your hardware wallet ( and some backup medium such as engraving the seed phrase into a metal sheet ), then the only way for somebody to steal your funds is if they trick you into hitting the approve buttons on your hardware wallet on some malicious website.

When using the hardware wallet your seed phrase is never transferred to the computer and even malware on your computer can’t figure out your seed phrase and steal your tokens. Nobody will ever be able to spend your money without you hitting the approve button on your hardware wallet.

This is the closest thing that you get to 2FA in crypto, and it is even more secure than 2FA if you make sure you keep your seed phrase off the computer and securely in a safe or safe-deposit box, etc.


Anyway, it’s obviously too late to save your funds now, and I’m so sorry you got phished, but hopefully that can help in the future if you stay involved in the crypto space.

Feel free to ask if you have any questions or need help here in new topics. I hang out here a lot and I’ll see it if you post.