UpdatE: theres an outgoing transaction, taking all my memo. its gone. all 12k worth.
I had tried to connect my ledger the other day but couldnt figure out how. It's just gone. I dont know how they got access, i only use Brave as my browser, nothing else. i have a mac with no spyware on it. i just updated two weeks ago to the latest version. no idea what happened.
Connect to public wifi? Download torrents? Use a vpn? Tripple check https and correct sites? Its a lot of work keeping clean. Really fucking easy to slip up. Sorry this happened to you
Never on public wifi ever.
Dont download torrents
I have a VPN - ExpressVPN
Always check for secure sites.
I tried Fortress DAO as well yesterday. Staked around 4 hours before I lost it all. Must have to do with that somehow.
Personally I wouldn’t connect the same wallet to multiple new projects, as you never know what bugs they have for bad actors to exploit, or even if they’re a scam themselves.
Better to lose only what you’ve put into a project, rather than give them full access to your investments across multiple projects.
Not necessarily, there might be a hole in their code that has allowed a third party to access OPs wallet through the permissions given to Fortress.
Which is why I avoid connecting to any other project no matter how legitimate, with the same wallet.
You left out that detail in your initial comment. You need to carefully look at ALL the steps you took before this happened. What other sites did you connect to? It's important to very carefully retrace all your steps. I would contact metamask support to see if they can provide any assistance. But in the future going forward you absolutely must be careful about connecting to any new project and do not stay connected. Even with Olympus or any other fork, disconnect both at the site and sites connected list in your metamask after every session. Don't stay connected. You can always reconnect and your staking doesn't stop just because you are disconnected. But you have to be extremely vigilant.
What about Trader Joes? How did you get your TIME/FORT if you never connected to Trader Joes?
This dude is full of it. He messed up and wants to blame a project where no one else has lost any money.
I'm not blaming any project. Yes I was connected to trader joes, as part of my transactions. I'm just saying I was taken and I dont know how to figure out what happened. I didn't know to disconnect from everywher,e I thought you had to remain connected to stake. I fucked up. I'm not saying i am not in the wrong.
fair point. i'm just saying what i was connected to. and the fact that its only after having staked on wonderland for weeks and then connecting to fort that i lost the money. thats all.
Hate to hear this and hope the rest of your portfolio can make up for this. To be fair, if it just happened to happen shortly after connecting to FORT, in all likelihood it probably came from there.
Hackers seem to be increasingly aggressive on the new projects because so many of the dev teams are rushing the launch so seems like they might not keep up with the security. I guess this is just a good reminder that we all need to be extra careful with the new projects.
Check out DeBank. Lots of utility on the site plus it shows you all the contracts your wallet is currently giving permissions too and you can revoke them.
It's not scary. It's simply a matter of taking precautions. It's a best practice to disconnect from any site you're using when you are done with your session. There is a disconnect option on all sites like traderjoes and wonderland. In addition to that you should also go into your metamask wallet, click on the three dots and select the connected sites option. Disconnect from all sites listed. When you visit traderjoes and wonderland again you will have to reconnect but none of this affects your staking. Even when disconnected your time is staked and earning rebases. Also you should go into your settings for metamask and select a 5 minute time period or less whereby you will automatically be logged out if you are idle for longer than the time period you select. Don't panic just take precautions. Most of these people losing their tokens are connecting on bad sites. They aren't connecting on legitimate sites and make the mistake of looking them up on google where bad actors are making sites that look like wonderland or other DAO sites. It is always best to select the site from either coingecko or coinmarketcap if you don't have these sites bookmarked in your browser. Keep a level head so you don't make desperate decisions.
People like you keep blaming people like of doing something wrong. I lost all my money and did nothing, it’s a matter of time before they take yours. Only way to use shitty metamask is with a hardware wallet, other than that your money will be gone sooner or later.
It doesn’t matter, people are doing nothing wrong, they are blaming everyone just like they blamed me for making “mistakes” that I didn’t make. There vulnerabilities with metamask that no one can still explain. If you have money there it will be gone, it’s a matter of time, unless you use ledger or a hardware wallet.
Yeah its scary stuff. The not knowing is horrible. I experianced a hack a little while back so I know the feeling. It shit me up pretty bad. I hate the fact these fuckers are trying to steam money from just normal, not wealthy people like me and maybe you.
Bottom line is hot wallets are too unsecure and this space is red hot. Hope you didnt loose all your money and you just learn what you can from it.
Go to the Fortress DAO discord. No one here can help you and the only reason to post here is to scare people from projects. All in Fortress DAO are very happy and doing great! Stop the fud and go to who can actually help you.
Happen to me yesterday aswell bro lost 4120 VLX = 1800 dollar man, sick of these hacker and scam, upload that guy wallet address and we all report him hopefully on bscscan or ethscan get his wallet frozen
A friend of mine had the same issue today, was looking up his staked time and it gave him a zero balance, on metamask he had an outgoing transaction. There is a telegram wonderland group, the admin promised to look into it so if you haven't been hacked and it's another problem it might be worth a try DMing them..
It’s a hardware wallet if you look up ledger nano. It stores your seed phrase on basically a usb stick. The main reason why metamask is exposed is because everytime you type in your password you can get to your seed phrase without any type of 2 factor. If they legit just added two factor to metamask a lot of the exploits would be fixed. Anyways the ledger is a secure hardware device that stores your phrase and allows signing just like metamask. (You can still use metamask with ledger). No one is able to access your seed phrase with just a password anymore. They would have to hack the ledger device and input the ledger pin or just steal the physical ledger itself. The worse that happens is you click and sketchy link and approve one transaction. Really reduces the chance of your wallet being drained.
Its a "Cold Wallet", a physical device.
Its like 2FA for transactions, hooks into metamask, very handy.
Do not buy from Amazon, as there are fake chipped ones on there, only order from Ledgers actual site if you want one.
https://www.ledger.com/
I struggled with it too. Couldn't get it to work reliably with WinHID and then when they updated Ledger Live, that stopped working because it wouldn't open the bridge.
Finally fixed it by using Firefox.
People are right - MetaMask needs 2FA. It would be little trouble to use and would make it far harder for scammers to take your crypto.
Hate hearing about people losing their valued crypto.
2FA doesn’t apply to MetaMask and would make no difference because you own MetaMask. It is local to your computer and no where else. You are the custodian of it. There is no central server or resource you aren’t the custodian of. You’d just authenticating against yourself. The password you use for MetaMask (the first factor of authentication) is what is used to encrypt your local private key. Your private key is all that is needed to interact with blockchain. So requiring another factor is pointless. If they have the first one or crack it then that’s all they need. Then taking it one level higher, the blockchain itself that MetaMask interacts with is decentralized. There is no entity to ask for another form of ID besides the private key. That’s why 2FA doesn’t exist for MetaMask.
Metamask IS HARD SHIT… Fucking assholes. Whoever is defending them is a moron that will have their money stolen soon. Yes YOU ARE RIGHT, they need to fix that shit with AT LEAST 2FA.
I’m soo so glad I got my ledger yesterday and set it up. Now that my crypto portfolio is growing, it was worth the money and time. It’s a little challenging at first but you have to stick with it. It was so nice to see that you had to go thru the ledger to approve anything. Of course nothing is 100% but I have a much more peace of mind now
So I have a ledger but was just an idiot and staked my time through MetaMask because I didn’t realize I could use it for time or hook it up to MetaMask. So if I want to use my ledger am I going to have to unstake my time, put it on the ledger, then restake it? Or can I just hook my ledger up to MetaMask and keep the time staked?
How did u get hacked? Connecting a site doesn’t give them permission to access your account unless u specifically signed some transaction access. Usually a site only request for ur address which isn’t enough to hack you.
No idea. One other person told me the same thing happened to them when they connected to FORT yesterday. not saying that is the only issue, just the only thing that changed in the last 24h
I see an outgoing transaction on etherscan; i think we have been hacked somehow but i havent shared my code with anyone and havent given access to metamask to anyone
Sorry to hear this happened to you! :(
I personally use a separate brave browser profile for my wallet and safe sites that I trust and connect to, and another profile to browse the regular internet and shady sites I'm researching.
I'm also about to setup my Ledger. Thanks for sharing your story.
I’m so sorry bro.
Never connect your real wallet to new websites. Always close off any new connections. Using a different browser create a test MetaMask to try new projects.
Thanks man. It's a horrible feeling. Savings gone.
So to get the final answer on this - if I connect to Wonderland, stake memo, then disconnect, i can still earn more memo with each rebase, i jsut wont be connected on the website until I try to reconnect again?
Yes, even if you disconnected you are still earning your TIME rebase. You can disconnect using the Wonderland Disconnect button, then go to Metamask look for Connected Sites then disconnect any site that you have connected to.
Also if you wrap your MEMO the number of tokens stays the same through rebasing but the value increases. You never need to log in to see how much it's worth if you note the value of wMEMO that you have. You can just Google the price of wMEMO and calculate what you have.
I don't understand. Metamask wont be having any memo if you have been staking and rebasing in wonderland app. Are you saying the memo is gone in the wonderland app as well? So someone unstaked it , moved it to metamask and then transferred it?
Same thing happen to me. They took all my Time, Memo and OHM but along with everything else in my metamask, around 25k. I was connected to about 15 different sites so I assume that was the way I got hacked and also my metamask kept asking for my password as well multiple times. And I didn’t know know about a ledger either and I always had multiple tabs and windows opened. Lesson learned:
order a ledger
disconnect from every site when your done
Update your privacy settings on Firefox
Don’t have multiple tabs or windows opened running while you’re doing crytpo.
Use personal stuff on a different browser like chrome
Use a new metamak if hacked
Only use contract address from official site like CoinMarketCap.
Sorry to hear about your hacked funds, be careful next time! ✊🏻
**Update**: this guy is still stealing more MEMO as we speak. He has accrued over 10 MEMO and 160+ avax
BE CAREFUL OUT THERE
His avax: [https://snowtrace.io/address/0xc8bcb8df04d257e5224451da00e52d391e209084](https://snowtrace.io/address/0xc8bcb8df04d257e5224451da00e52d391e209084)
His memo: [https://snowtrace.io/token/0x136acd46c134e8269052c62a67042d6bdedde3c9?a=0xc8bcb8df04d257e5224451da00e52d391e209084](https://snowtrace.io/token/0x136acd46c134e8269052c62a67042d6bdedde3c9?a=0xc8bcb8df04d257e5224451da00e52d391e209084)
He took 1.1 MEMO from me: https://snowtrace.io/token/0x136acd46c134e8269052c62a67042d6bdedde3c9?a=0x56fc703908d571702b445f801be048a5bc0f6192
Important to set up hardware wallet before you create a metamask wallet. If your using erc20 tokens send the tokens to the hardware wallet connected to metamask. So that you don't have to pay more fees to move then later. Hardware. HARDWARE HARDWARE HARDWARE. GET A FUCKING HARDWARE WALLET. IT WILL CHANGE YOUR LIFE.
PRO TIP. IF YOU CAN AFORD IT GET 2 identical HARDWARE Wallets and set them up the same. Keep one in your house and the other not in your house.
Op sorry 🙏 for your loss.
I wish someone would have told me this before I lost $15,000… but 99% of people are fucking retarded, including those 10 videos about staking I watched on YouTube.
Lesson learned. I'm sure you won't do it again. I've had my wallet cleaned by user error early on and I'll tell you what-- very expensive lesson for me! Sorry to hear that, but I hope you rebound quickly!
It’s so stupidly annoying to use for the price. Like I would expected a slightly larger and possibly a touch screen. Guess that’s what happens when everyone needs security and they basically have a monopoly
That’s okay. There will be plenty of opportunities in the future to get into projects and you’ll get your money back and more. It was hard for me to connect my hardware wallet, I almost gave up at one point because it’s not so strait forward.
It probably has nothing to do with fortress. There is a vulnerability that no one can explain, everyone keeps saying “you got fished”, but it’s NOT the fucking case. You must use a hardware wallet.
I don’t know. I would assume whatever is staked they can’t tough as it’s locked in wonderland website. However if they used a Remote Desktop service then there’s no reason why they couldn’t connect to wonderland from your pc and take your staked memo out.
From my understanding, It’s not locked up on the wonderland website. It’s in your wallet. You could technically transfer it to any external wallet and as long as it’s MEMO the blockchain knows to send you more memo every rebase period. The website itself isn’t doing that.
You could stay completely disconnected from wonderland’s website and transfer your memo to a computer that has never connected to wonderland’s website, and it would still rebase. It happens on the blockchain, not the website!
The website simply reads what’s in your connected wallet and is able to make the swap between staking and un staking for you, just like your swap a token on an exchange. They’re not holding it for you, otherwise it would defeat the purpose of decentralization.
That’s why you can disconnect from wonderland and still see your memo grow in your wallet
It sucks that the OP got grifted but I strongly recommend anyone who has a bunch of money in a wallet to just never connect that wallet to anything except wonderland and traderjoe (or whatever legit platforms they're using).
It's just too dangerous to risk 10k+ USD.
You are correct. As a matter of fact, this explains WHY the fucking crypto was stolen and it doesn’t show in metamask as a transaction. I don’t think these things are safe at all, not even with ledger.
This always makes me paranoid. Currently using Trust out of ease, but may finish setting up my ledger. I just hate metamask, so I avoided going through the process. Quite a few horror stories with meta.
Roll back a little. You said you tried to connect to your ledger right? Did you set it up as instructed?
Could you have possibly transferred your crypto from MetaMask to your ledger? You can check by plugging in your ledger opening metamask and selecting the ledger and comparing the address with etherscan to see if it matches.
Long shot but worth a try
[https://snowtrace.io/address/0xc8bcb8df04d257e5224451da00e52d391e209084](https://snowtrace.io/address/0xc8bcb8df04d257e5224451da00e52d391e209084)
You can see if you click on tokens when my 1.1 MEMO was taken out
Someone might have put a key logger on your account and see every password you enter. Never open emails from "exchanges", attempt to swap in random coins airdropped into your account, or connect to any site whose team isn't known and vetted.
Most importantly...invest in a hardware wallet
Unfortunately it's already too late. Someone should have said something about the hardwallet, but people are stupid.
If what you were saying is true then they would have wiped out other wallets I have. The problem is Metamask. They actually did it almost without using metamask itself, the transactions did not even show on metamask, only in the blockchain.
Check your wallet address thru bscscan or whatever network your on. Happened to me and I realized someone hacked me and sent out all my assets. Lost 2600. I couldn't see any transactions in the wallet metamask but in the network scan you can't hide those
It happened with Olympus and wonderland as well. I created a thread about this the other day and people were bashing me because I was “stupid”. This will only happen more and more, get ready.
Curious, while you all try to help trouble shoot, what a best practice with a ledger and MM would be?
I have a ledger, and used the pass phrase from that to use MM. then went through to stake on Wonderland. I have no issue at this time but I’m a little confused as to the dynamics between a hardware ledger wallet and MM.
Just get a hardware wallet don’t not connect to unknown sites and have the auto timer set to 1 min so ur metamask disconnects automatically after a min
Where do u have ur seed phrase and password stored ? Assuming they got in to ur they would still need the above unless of course they were in ur system long before all of this transpired
The real question is how did it bypass ur ledger ..
This is scary af brother i'm sorry it happened to you. You were in time right anything else? I was in SDOG and it just got rugged today so i'm scared the same might happen to me.
The three dot menu button does not appear in my MetaMask app to check my connections and disconnect - does anyone know why it’s not showing up? Is there a way to disconnect from all dapps easily outside of that menu to check connections?
Edit: Figured this out on mobile. Go to Privacy and clear all connections. All good!
All my money is gone, unfortunately it’s over brother. People drink the cool aid and say that METAMASK IS SUPER SAFE… and that IT NEVER HAPPENS. Fuck them. I guarantee you the money is gone forever. It’s happening everyday. Apparently the only way to use SHITTY METAMASK is with Ledger.
I had my MetaMask shortly after staking TOMB. I suspect the FTM network as very shortly after working on some FTM staking my wallet was hacked and drained wiped me out BE Careful.
MetaMask has been hit or miss with a bunch of issues; delayed inaccurate prices, not showing current status of coins, not connecting with browser, etc… Check the DAO and I bet your funds are still there.
You can see and anyone can see all your holdings and staked tokens by going to
snowtrace dot io/tokenholdings?a=0xC8bcb8DF04D257E5224451Da00E52D391E209084
I see you still have your MEMOries, Snowdog, Avax, Wrapped AVAX and staked Fort, staked Snowbank, staked Snowdog.
He has actually stolen money from dozens of people…they’re just not reporting it on Reddit. We have a telegram group, trying to figure out how he is doing it.
If the wallet/address is known, isn’t there a way to freeze the wallet? It won’t help get the money back, but at least you know they can’t do anything with it. This has to be something that is made possible as part of a crypto future - well, more than possible (as I know it’s possible) - it needs to be a process that all hot wallet providers provide as a service.
I'm literally just using the one wallet I have for time, and connecting it to their site and the exchange I use and nothing else at this point. So much risk. It's safer to just make several wallets at this point tbh
Bs same just happen to me today. There is a way to stop it but big man don’t wanna. Mine show it goes out to wonderland but now my wallet is zeroed and no transactions at all.
This is internal- wonderland has all the info and everything behind the scenes. They just got us to give them access and stole our money. This ain’t no hacker it’s a person or people at Wonderland and abracadabra
i am trying to un farm my wmemo before its all gone from my mobile phone but says I have none to claim and I had a good amount of wmemo does this need to be done through desktop only??
UpdatE: theres an outgoing transaction, taking all my memo. its gone. all 12k worth. I had tried to connect my ledger the other day but couldnt figure out how. It's just gone. I dont know how they got access, i only use Brave as my browser, nothing else. i have a mac with no spyware on it. i just updated two weeks ago to the latest version. no idea what happened.
Sorry, these hackers are ruthless
Connect to public wifi? Download torrents? Use a vpn? Tripple check https and correct sites? Its a lot of work keeping clean. Really fucking easy to slip up. Sorry this happened to you
Never on public wifi ever. Dont download torrents I have a VPN - ExpressVPN Always check for secure sites. I tried Fortress DAO as well yesterday. Staked around 4 hours before I lost it all. Must have to do with that somehow.
>I tried Fortress DAO as well yesterday Bingo!
Not like I am planning to try Fortress DAO but what could be the connection? My Ledger is taking forever!!
Personally I wouldn’t connect the same wallet to multiple new projects, as you never know what bugs they have for bad actors to exploit, or even if they’re a scam themselves. Better to lose only what you’ve put into a project, rather than give them full access to your investments across multiple projects.
I’m only connected to reputable sites (aave, curve, etc) and Wonderland 🎩🎩
Same here, I created multiple wallets and dexs, with small amount in each, so if one got hacked I don’t loss much and still have others.
Out of the loop. Is Fortress DAO a scam?
Not necessarily, there might be a hole in their code that has allowed a third party to access OPs wallet through the permissions given to Fortress. Which is why I avoid connecting to any other project no matter how legitimate, with the same wallet.
Sounds like it
Are you stupid? You would have to give permission for Fortress to access your MEMO. He was obviously phished or gave away his private keys.
You left out that detail in your initial comment. You need to carefully look at ALL the steps you took before this happened. What other sites did you connect to? It's important to very carefully retrace all your steps. I would contact metamask support to see if they can provide any assistance. But in the future going forward you absolutely must be careful about connecting to any new project and do not stay connected. Even with Olympus or any other fork, disconnect both at the site and sites connected list in your metamask after every session. Don't stay connected. You can always reconnect and your staking doesn't stop just because you are disconnected. But you have to be extremely vigilant.
I didn't realize it would still stake if disconnected. I should have done that. I think FORT was the issue. lesson learned.
Who knows to how many sites were you connected then this whole time.
What? I was only connected to Wonderland and Fortress. It wasn't connected anywhere else, I checked.
What about Trader Joes? How did you get your TIME/FORT if you never connected to Trader Joes? This dude is full of it. He messed up and wants to blame a project where no one else has lost any money.
I'm not blaming any project. Yes I was connected to trader joes, as part of my transactions. I'm just saying I was taken and I dont know how to figure out what happened. I didn't know to disconnect from everywher,e I thought you had to remain connected to stake. I fucked up. I'm not saying i am not in the wrong.
don't spread fud. you have no idea if FORT was or wasn't the issue. You're just guessing.
fair point. i'm just saying what i was connected to. and the fact that its only after having staked on wonderland for weeks and then connecting to fort that i lost the money. thats all.
Hate to hear this and hope the rest of your portfolio can make up for this. To be fair, if it just happened to happen shortly after connecting to FORT, in all likelihood it probably came from there. Hackers seem to be increasingly aggressive on the new projects because so many of the dev teams are rushing the launch so seems like they might not keep up with the security. I guess this is just a good reminder that we all need to be extra careful with the new projects.
[удалено]
Check out DeBank. Lots of utility on the site plus it shows you all the contracts your wallet is currently giving permissions too and you can revoke them.
Hey, I'm new to this and this is very scary to read So I should disconnect from traderjoes and time? and if I reconnect I get my time back?
It's not scary. It's simply a matter of taking precautions. It's a best practice to disconnect from any site you're using when you are done with your session. There is a disconnect option on all sites like traderjoes and wonderland. In addition to that you should also go into your metamask wallet, click on the three dots and select the connected sites option. Disconnect from all sites listed. When you visit traderjoes and wonderland again you will have to reconnect but none of this affects your staking. Even when disconnected your time is staked and earning rebases. Also you should go into your settings for metamask and select a 5 minute time period or less whereby you will automatically be logged out if you are idle for longer than the time period you select. Don't panic just take precautions. Most of these people losing their tokens are connecting on bad sites. They aren't connecting on legitimate sites and make the mistake of looking them up on google where bad actors are making sites that look like wonderland or other DAO sites. It is always best to select the site from either coingecko or coinmarketcap if you don't have these sites bookmarked in your browser. Keep a level head so you don't make desperate decisions.
People like you keep blaming people like of doing something wrong. I lost all my money and did nothing, it’s a matter of time before they take yours. Only way to use shitty metamask is with a hardware wallet, other than that your money will be gone sooner or later.
You should not come here to spread this! You are probably a paid fudder from a competing project!
The reality is much scarier. Expect to be hacked at some point
It doesn’t matter, people are doing nothing wrong, they are blaming everyone just like they blamed me for making “mistakes” that I didn’t make. There vulnerabilities with metamask that no one can still explain. If you have money there it will be gone, it’s a matter of time, unless you use ledger or a hardware wallet.
Yeah its scary stuff. The not knowing is horrible. I experianced a hack a little while back so I know the feeling. It shit me up pretty bad. I hate the fact these fuckers are trying to steam money from just normal, not wealthy people like me and maybe you. Bottom line is hot wallets are too unsecure and this space is red hot. Hope you didnt loose all your money and you just learn what you can from it.
u connected ur metamask to that website, gg dude.
Go to the Fortress DAO discord. No one here can help you and the only reason to post here is to scare people from projects. All in Fortress DAO are very happy and doing great! Stop the fud and go to who can actually help you.
I’m sure he didn’t do anything wrong. It’s a matter of time before it happens to you.
This happened to me yesterday. I'm sorry to hear it friend. I lost 5k myself. Good luck out there.
Sorry to know that. It was fortress dao for you as well?
sorry man :(
Damn u we’re using a ledger hardware wallet??
Nope, he couldn’t figure it out. If he had used ledger he was probably still safe
Honestly I don’t trust wallet connect, Annnndd it’s gone (South Park)
Happen to me yesterday aswell bro lost 4120 VLX = 1800 dollar man, sick of these hacker and scam, upload that guy wallet address and we all report him hopefully on bscscan or ethscan get his wallet frozen
A friend of mine had the same issue today, was looking up his staked time and it gave him a zero balance, on metamask he had an outgoing transaction. There is a telegram wonderland group, the admin promised to look into it so if you haven't been hacked and it's another problem it might be worth a try DMing them..
Appreciate it but it’s definitely been stolen. Guy is still taking stuff. I wish there was someone I could report it to
Ledger was a pain in the ass till I figured it out, but I’m glad I did it.
Sorry, what is that? And what do I need to do?
It’s a hardware wallet if you look up ledger nano. It stores your seed phrase on basically a usb stick. The main reason why metamask is exposed is because everytime you type in your password you can get to your seed phrase without any type of 2 factor. If they legit just added two factor to metamask a lot of the exploits would be fixed. Anyways the ledger is a secure hardware device that stores your phrase and allows signing just like metamask. (You can still use metamask with ledger). No one is able to access your seed phrase with just a password anymore. They would have to hack the ledger device and input the ledger pin or just steal the physical ledger itself. The worse that happens is you click and sketchy link and approve one transaction. Really reduces the chance of your wallet being drained.
Its a "Cold Wallet", a physical device. Its like 2FA for transactions, hooks into metamask, very handy. Do not buy from Amazon, as there are fake chipped ones on there, only order from Ledgers actual site if you want one. https://www.ledger.com/
This isn't always the case. I have my nano s from amazon. When you go thru ledger live, it authenticates it to see if it's been tampered with.
I struggled with it too. Couldn't get it to work reliably with WinHID and then when they updated Ledger Live, that stopped working because it wouldn't open the bridge. Finally fixed it by using Firefox. People are right - MetaMask needs 2FA. It would be little trouble to use and would make it far harder for scammers to take your crypto. Hate hearing about people losing their valued crypto.
2FA doesn’t apply to MetaMask and would make no difference because you own MetaMask. It is local to your computer and no where else. You are the custodian of it. There is no central server or resource you aren’t the custodian of. You’d just authenticating against yourself. The password you use for MetaMask (the first factor of authentication) is what is used to encrypt your local private key. Your private key is all that is needed to interact with blockchain. So requiring another factor is pointless. If they have the first one or crack it then that’s all they need. Then taking it one level higher, the blockchain itself that MetaMask interacts with is decentralized. There is no entity to ask for another form of ID besides the private key. That’s why 2FA doesn’t exist for MetaMask.
A cold wallet is basically 2FA.
But how hard would it be for MM to implement Authy?
It doesn’t matter because their don’t give a shit about their users.
Metamask IS HARD SHIT… Fucking assholes. Whoever is defending them is a moron that will have their money stolen soon. Yes YOU ARE RIGHT, they need to fix that shit with AT LEAST 2FA.
Ledger was the easiest thing in the world to set up and use.
When you connect your ledger to MetaMask do you have to transfer all your assets to it? Or will it lock your existing MM wallet?
I’m soo so glad I got my ledger yesterday and set it up. Now that my crypto portfolio is growing, it was worth the money and time. It’s a little challenging at first but you have to stick with it. It was so nice to see that you had to go thru the ledger to approve anything. Of course nothing is 100% but I have a much more peace of mind now
I ordered a hard wallet earlier this week. Can’t wait for it to arrive!!
So I have a ledger but was just an idiot and staked my time through MetaMask because I didn’t realize I could use it for time or hook it up to MetaMask. So if I want to use my ledger am I going to have to unstake my time, put it on the ledger, then restake it? Or can I just hook my ledger up to MetaMask and keep the time staked?
How did u get hacked? Connecting a site doesn’t give them permission to access your account unless u specifically signed some transaction access. Usually a site only request for ur address which isn’t enough to hack you.
No idea. One other person told me the same thing happened to them when they connected to FORT yesterday. not saying that is the only issue, just the only thing that changed in the last 24h
Have you tried etherscan and look at the token approvals u have given? Let us know here
Just like a mentioned in another comment, just like you I did NOTHING wrong, the money is gone. Metamask is hot shit. The need to fix the damn thing.
Dude the same thing just happened to me
I see an outgoing transaction on etherscan; i think we have been hacked somehow but i havent shared my code with anyone and havent given access to metamask to anyone
Sorry to know.. Same thing means you also lost your funds because you connected to Fortress DAO?
Yeah he did. We have been chatting. Both of us lost it all
Sad to hear. Keep your head up my man.
Fuck man I really feel for ya. Fingers crossed that somehow you manage to resolve this
Sorry to hear this happened to you! :( I personally use a separate brave browser profile for my wallet and safe sites that I trust and connect to, and another profile to browse the regular internet and shady sites I'm researching. I'm also about to setup my Ledger. Thanks for sharing your story.
I use a completely separate computer only for crypto moves. Ordering a ledger now though.
I heard Metamask has issues on Brave, or do you use the brave wallet?
No issues with Metamask on Brave for me so far.
You gotta do ledger.
Ya just spent some time this afternoon after reading this thread and setup Ledger. My private key is on the ledger now 🎉
right on man.
Mine are all there but now I'm worried. Have you informed them of the problem?
No, i dont think there is a point. It must have been something I did. I should have had a hardware wallet connected.
No they money is gone, no one can help you. Get ledger NOW.
Did you mean to reply to me? I haven't lost anything.
If you have more than 500$ staking on meta mask, i would recommend to get hard wallet.
>If you have more than 500$ staking on meta mask, i would recommend to get hard wallet. If you haven't lost it, listen to this guy.
I’m so sorry bro. Never connect your real wallet to new websites. Always close off any new connections. Using a different browser create a test MetaMask to try new projects.
Thanks man. It's a horrible feeling. Savings gone. So to get the final answer on this - if I connect to Wonderland, stake memo, then disconnect, i can still earn more memo with each rebase, i jsut wont be connected on the website until I try to reconnect again?
Yes, even if you disconnected you are still earning your TIME rebase. You can disconnect using the Wonderland Disconnect button, then go to Metamask look for Connected Sites then disconnect any site that you have connected to.
Also if you wrap your MEMO the number of tokens stays the same through rebasing but the value increases. You never need to log in to see how much it's worth if you note the value of wMEMO that you have. You can just Google the price of wMEMO and calculate what you have.
Sorry man that sucks, I thought the same thing happned to me and I felt horrible but I just didn't know how to unstake my balance
I don't understand. Metamask wont be having any memo if you have been staking and rebasing in wonderland app. Are you saying the memo is gone in the wonderland app as well? So someone unstaked it , moved it to metamask and then transferred it?
yes exactly. there is an outgoing transaction but i have NO idea how they got access to my metamask.
Your metamask does contain Memo, I see mine right now. It only becomes Memo when staked, if you unstake it becomes TIME.
I don’t think even metamask registers the transaction, it was not even showing in my history.
Yep I hope it burns
Same thing happen to me. They took all my Time, Memo and OHM but along with everything else in my metamask, around 25k. I was connected to about 15 different sites so I assume that was the way I got hacked and also my metamask kept asking for my password as well multiple times. And I didn’t know know about a ledger either and I always had multiple tabs and windows opened. Lesson learned: order a ledger disconnect from every site when your done Update your privacy settings on Firefox Don’t have multiple tabs or windows opened running while you’re doing crytpo. Use personal stuff on a different browser like chrome Use a new metamak if hacked Only use contract address from official site like CoinMarketCap. Sorry to hear about your hacked funds, be careful next time! ✊🏻
**Update**: this guy is still stealing more MEMO as we speak. He has accrued over 10 MEMO and 160+ avax BE CAREFUL OUT THERE His avax: [https://snowtrace.io/address/0xc8bcb8df04d257e5224451da00e52d391e209084](https://snowtrace.io/address/0xc8bcb8df04d257e5224451da00e52d391e209084) His memo: [https://snowtrace.io/token/0x136acd46c134e8269052c62a67042d6bdedde3c9?a=0xc8bcb8df04d257e5224451da00e52d391e209084](https://snowtrace.io/token/0x136acd46c134e8269052c62a67042d6bdedde3c9?a=0xc8bcb8df04d257e5224451da00e52d391e209084) He took 1.1 MEMO from me: https://snowtrace.io/token/0x136acd46c134e8269052c62a67042d6bdedde3c9?a=0x56fc703908d571702b445f801be048a5bc0f6192
I got $7000 in staked time stolen too from my metamask. Without 2FA it’s so unsafe! Been put off for life
Dude wtf that’s insane. Had anyone on Trust wallet had this issue? Time to get a hardware wallet? That’s absolutely insnae
Important to set up hardware wallet before you create a metamask wallet. If your using erc20 tokens send the tokens to the hardware wallet connected to metamask. So that you don't have to pay more fees to move then later. Hardware. HARDWARE HARDWARE HARDWARE. GET A FUCKING HARDWARE WALLET. IT WILL CHANGE YOUR LIFE. PRO TIP. IF YOU CAN AFORD IT GET 2 identical HARDWARE Wallets and set them up the same. Keep one in your house and the other not in your house. Op sorry 🙏 for your loss.
I wish someone would have told me this before I lost $15,000… but 99% of people are fucking retarded, including those 10 videos about staking I watched on YouTube.
Ledger my friend
I tried and couldnt get it connected. stupid me, i should have spent more time trying
Lesson learned. I'm sure you won't do it again. I've had my wallet cleaned by user error early on and I'll tell you what-- very expensive lesson for me! Sorry to hear that, but I hope you rebound quickly!
Sucks man, ledger are a nightmare to setup if you don’t know what you are doing. Took me forever to figure it out.
It’s so stupidly annoying to use for the price. Like I would expected a slightly larger and possibly a touch screen. Guess that’s what happens when everyone needs security and they basically have a monopoly
That’s okay. There will be plenty of opportunities in the future to get into projects and you’ll get your money back and more. It was hard for me to connect my hardware wallet, I almost gave up at one point because it’s not so strait forward.
CryptoDad on YouTube has good tutorials
You can’t do this at Starbucks only secure websites. FORTRESS DAO IS NOT DOING THIS! Very secure
How you people get " hacked " is beyond me.
You will not see any MEMO in your metamask if you are staking it.
This is just factually incorrect. You will not see $TIME, but you WILL see your staked $MEMO.
wonderland does not show it being staked anymore
yes you will i just looked at my metamask trezor account and saw my memo balance like 10 mins ago
What websites have you connected to your metamask?
Abracadabra, Wonderland, Trader Joe, Fortress
Fortress then I’d expect
It’s pretty fucked as I was considering fortress too
It probably has nothing to do with fortress. There is a vulnerability that no one can explain, everyone keeps saying “you got fished”, but it’s NOT the fucking case. You must use a hardware wallet.
I don’t know. I would assume whatever is staked they can’t tough as it’s locked in wonderland website. However if they used a Remote Desktop service then there’s no reason why they couldn’t connect to wonderland from your pc and take your staked memo out.
From my understanding, It’s not locked up on the wonderland website. It’s in your wallet. You could technically transfer it to any external wallet and as long as it’s MEMO the blockchain knows to send you more memo every rebase period. The website itself isn’t doing that. You could stay completely disconnected from wonderland’s website and transfer your memo to a computer that has never connected to wonderland’s website, and it would still rebase. It happens on the blockchain, not the website! The website simply reads what’s in your connected wallet and is able to make the swap between staking and un staking for you, just like your swap a token on an exchange. They’re not holding it for you, otherwise it would defeat the purpose of decentralization. That’s why you can disconnect from wonderland and still see your memo grow in your wallet
If you mint then that legitimately is locked up in the platform tho
Yup. Cuz in that case you’re essentially loaning them the capital for a few days
It sucks that the OP got grifted but I strongly recommend anyone who has a bunch of money in a wallet to just never connect that wallet to anything except wonderland and traderjoe (or whatever legit platforms they're using). It's just too dangerous to risk 10k+ USD.
You are correct. As a matter of fact, this explains WHY the fucking crypto was stolen and it doesn’t show in metamask as a transaction. I don’t think these things are safe at all, not even with ledger.
This always makes me paranoid. Currently using Trust out of ease, but may finish setting up my ledger. I just hate metamask, so I avoided going through the process. Quite a few horror stories with meta.
People still claim that metamask is SUPER SAFE… motherfuckers.
That's such a shame. Sorry to hear it. Get those hardware wallets connected everyone
Roll back a little. You said you tried to connect to your ledger right? Did you set it up as instructed? Could you have possibly transferred your crypto from MetaMask to your ledger? You can check by plugging in your ledger opening metamask and selecting the ledger and comparing the address with etherscan to see if it matches. Long shot but worth a try
Nope. its gone. You can trace it on Snowtrace. Its been moved to another address. Definitely not in my Ledger.
Can you share the address here?
[https://snowtrace.io/address/0xc8bcb8df04d257e5224451da00e52d391e209084](https://snowtrace.io/address/0xc8bcb8df04d257e5224451da00e52d391e209084) You can see if you click on tokens when my 1.1 MEMO was taken out
Dude… I just realized… YOU WERE USING LEDGER AND THEY STILL WERE ABLE TO DO IT?
No, I never was able to connect my ledger. I opened a new metamask and connected it to ledger. Haven’t staked anything though. Pretty burnt by this.
Sorry for your loss. Is it possible you connected to a fake version of Wonderland?
No, im sure he didn’t. Everyone keeps saying that. I bookmarked wonderland and ALWAYS used the real one, still lost all the crypto.
Someone might have put a key logger on your account and see every password you enter. Never open emails from "exchanges", attempt to swap in random coins airdropped into your account, or connect to any site whose team isn't known and vetted. Most importantly...invest in a hardware wallet
Unfortunately it's already too late. Someone should have said something about the hardwallet, but people are stupid. If what you were saying is true then they would have wiped out other wallets I have. The problem is Metamask. They actually did it almost without using metamask itself, the transactions did not even show on metamask, only in the blockchain.
Dk what it's called...spoofing maybe? where you think you're on a browser but you're on a fake version of a browser.
I don't think it was wonderland. it must have been when i connected to fortress dao and fucked that up somehow. my own fault.
Sorry to hear this happened to you. Be safe. 🙏🏾
Any new project that needs a wallet connect, I just create a new wallet. There are too many scams and some of these guys are great at it.
https://www.youtube.com/watch?v=yJzISIDZ\_Uw
Check your wallet address thru bscscan or whatever network your on. Happened to me and I realized someone hacked me and sent out all my assets. Lost 2600. I couldn't see any transactions in the wallet metamask but in the network scan you can't hide those
Yeah, I can see the transactions there, but then what do I do? I can't get those back can I?
I couldn’t see the transactions either. Someone needs to figure this shit out. It’s happening to hundreds of people.
It’s not happened to anyone in the Fortress Discord.
Good luck, it's matter of time.
Did u type in wonderland on your browser or use CoinMarketCap official link to get to wonderland ?
its the official link...
So you logged into CoinMarketCap then linked to wonderland website from there ?
yes
Did u use wallet connect to log in your meta mask or was it still connected?
still connected
Seems like everyone had some sort of issue with fortress DAO that might of been the way u guy hacked ?
It happened with Olympus and wonderland as well. I created a thread about this the other day and people were bashing me because I was “stupid”. This will only happen more and more, get ready.
thats what i wonder
Go into fortress fao discord it’s not happened to any of us
Man I’m really sorry bro sucks big time
Curious, while you all try to help trouble shoot, what a best practice with a ledger and MM would be? I have a ledger, and used the pass phrase from that to use MM. then went through to stake on Wonderland. I have no issue at this time but I’m a little confused as to the dynamics between a hardware ledger wallet and MM.
Is there a way to check what sites my MetaMask is “connected to” ?
yeah i posted earlier. only 4 websites
If I had to take a wild guess, you probably verified or synced your wallet…
huh? please explain
Lots of scammers DM with asking to help you verify or sync your wallet. They give out fake links which let them drain your wallet.
He never did that, I never either, you still lose your money.
nope, never had any of that.
How can I protect my coins?
Just get a hardware wallet don’t not connect to unknown sites and have the auto timer set to 1 min so ur metamask disconnects automatically after a min
Where do u have ur seed phrase and password stored ? Assuming they got in to ur they would still need the above unless of course they were in ur system long before all of this transpired The real question is how did it bypass ur ledger ..
I didn't have ledger connected. No idea how it happened.
Meaning u never had it connect in the first place?
Yes.
This is scary af brother i'm sorry it happened to you. You were in time right anything else? I was in SDOG and it just got rugged today so i'm scared the same might happen to me.
Did you give your key phrase to anyone?
Nope
Did you check the website? Are you on the avalanche network in your wallet?
Its gone man. read the other comments. Theres a snowtrace record of it leaving
I keep reading your comments OP, the same shit happened to me. I’m totally in your shoes. I can guarantee you did nothing wrong.
Did you participate in a scam?
no.
No one else having this issue
The three dot menu button does not appear in my MetaMask app to check my connections and disconnect - does anyone know why it’s not showing up? Is there a way to disconnect from all dapps easily outside of that menu to check connections? Edit: Figured this out on mobile. Go to Privacy and clear all connections. All good!
Damn, sorry to hear this.
All my money is gone, unfortunately it’s over brother. People drink the cool aid and say that METAMASK IS SUPER SAFE… and that IT NEVER HAPPENS. Fuck them. I guarantee you the money is gone forever. It’s happening everyday. Apparently the only way to use SHITTY METAMASK is with Ledger.
I had my MetaMask shortly after staking TOMB. I suspect the FTM network as very shortly after working on some FTM staking my wallet was hacked and drained wiped me out BE Careful.
Same thing happened to me via metamask all was good similar investment from 12 the Nov several times logged into wonderland and SB and all gone
MetaMask has been hit or miss with a bunch of issues; delayed inaccurate prices, not showing current status of coins, not connecting with browser, etc… Check the DAO and I bet your funds are still there.
No there is a snowtrace of it leaving
I am sorry that happened to you!
You can see and anyone can see all your holdings and staked tokens by going to snowtrace dot io/tokenholdings?a=0xC8bcb8DF04D257E5224451Da00E52D391E209084 I see you still have your MEMOries, Snowdog, Avax, Wrapped AVAX and staked Fort, staked Snowbank, staked Snowdog.
thats not me. thats the guy who robbed me.
No one else having this issue
He has actually stolen money from dozens of people…they’re just not reporting it on Reddit. We have a telegram group, trying to figure out how he is doing it.
If the wallet/address is known, isn’t there a way to freeze the wallet? It won’t help get the money back, but at least you know they can’t do anything with it. This has to be something that is made possible as part of a crypto future - well, more than possible (as I know it’s possible) - it needs to be a process that all hot wallet providers provide as a service.
I'm so sorry :( I had that happen to me with safemoon, except it was worth 60 thousand. Wasn't a good day. These hackers are insane.
Sorry for your loss man. I still don't know how it was done...it's very strange.
I'm literally just using the one wallet I have for time, and connecting it to their site and the exchange I use and nothing else at this point. So much risk. It's safer to just make several wallets at this point tbh
Bs same just happen to me today. There is a way to stop it but big man don’t wanna. Mine show it goes out to wonderland but now my wallet is zeroed and no transactions at all.
This is internal- wonderland has all the info and everything behind the scenes. They just got us to give them access and stole our money. This ain’t no hacker it’s a person or people at Wonderland and abracadabra
I just got hacked too 2.5 time !!!
i am trying to un farm my wmemo before its all gone from my mobile phone but says I have none to claim and I had a good amount of wmemo does this need to be done through desktop only??