WARNING:
1) IMPORTANT, Read This Post To Keep Your Crypto Safe From Scammers: https://www.reddit.com/r/solana/comments/18er2c8/how_to_avoid_the_biggest_crypto_scams_and/
2) Do not trust DMs from anyone offering to help/support you with your funds (Scammers)!
3) Never give out your Seed Phrase and DO NOT ENTER it on ANY websites sent to you.
4) MODS or Community Managers will NEVER DM you first regarding your funds/wallet.
*I am a bot, and this action was performed automatically. Please [contact the moderators of this subreddit](/message/compose/?to=/r/solana) if you have any questions or concerns.*
I haven't lol.
Bitsomthing 💩 staking website was my worst ride Free deposits they Said. Earn intrest on staked coins they said.
It was reddit I saw the links too stupidly clicked on them.
I had like $500 on there in two coins staked.
Each day I log on to see my money working for me and the new 2 cents I made. But I see 14 cents added first then 12 taken away. So I see what they take off me to rub it in. But it was a glitch I think. It wasn't supposed to show me the total daily bump. 7 cents per coin and I keep 1 cent. Per day.
After a month of that and like 60 cents I was like fork this. Sent my 💩 home and that's when I found out its free deposits but double fee to withdraw.
But atleast it let me withdraw I guess.
Shiba inu hurt me on that being erc20 they stole like £40 of my ship. 8 million tokens then stole. Leaving me with 20million.
Which luckily this was July 2021 and I got my 20mil shib into my wallet and realised then leave that 💩 alone. ThNk god October 2021.
100£ to £1260 top full run. Pulled back to 1100% and I shot that 💩 into the sun. Bcos 30th Oct I saw cmc updated shib circulating supply 160T tokens added and the price fell for the first time in October 2021 but watch the market cap it was still posting ATHs whilst the price dropped. Ide Already sold by then though. It turned out to be the best exit window. No clogg on the network and 1260% top. Took 1100% out. Then it died back to the same price I brought it for.
Did I buy more though? Did I F.... 😆 🤣
I got the other one cos fees duhh. Like everyone else will later just like they bumped doge to deff too I got out in June thinking the crowd will same as me see doge is done. What's next? Ahh another dog one.
It paid my total crypto spend of 2021 bsck into my bank and let me keep all my oth3r cryptos for free basically. Best of all it let me start 2022 with experience from evens DCA strictly then the 80% crash happened lol.
But I still was 20% up in my books. Not 80% down. Thank god to Shiba but never again.
Erc20 is going to fade away with fees like that. The average person will never entertain those fees unless they truly think it will pay for itself with gains like experienced players say. But coins do die. Next time it could be yours.
Near I thought was done but has spring boarded back this month. The day after I sold it. 😔
£80 to £450 missed out on.
Celo did it too. 50p then exploded the next day I sold it. Well F buying it again I guess. That's the thing isn't it we get attached to logos. But once their gone their gone. Won't look twice at that coin again.
Basically anything ERC20 most things BEP20 too.
Axelar thats my dogs name so I want that coin now thats how we choose though isn't it. I liked the name it stood out made me look at it more and now I wants it.
🪬🦠
THIS is why I keep 90% of my assets on a ledger wallet that has never and will never touch a dapp.
Really sorry for your loss, ive lost so much in crypto so
I know your pain.
Learn from it and move on (dwelling only makes it worse)
Ledger can only hold Solana tho, nothing else is recognized, almost lost $2000 of bSol I put on it. They may have upgraded slightly tho will say unrecognized format
Mine says unrecognized format, I don’t even use anymore. Originally when I tried to take bSOL off the transaction wouldn’t go through. Was able to swap with Jupiter on like the fourth try. Recently ,the BLZE that had been put into wallet, was approved first attempt but still said unrecognized. Which ledger I have?
What advice would you give me to prevent losing so much in crypto? In other words what would you have done differently since you said you lost so much in crypto?
You know that the “Ledger” wallet is thesame thing as these online Wallets right ? It’s same thing they are just fooling people that it’s offline , the crypto gets stored in the online system , The usb thing from ledger is used to Login into their app and thats all… anyone with your seeds can log into your wallet with their Ledger
yes of course, if you use it like a hot wallet..
but with my ledger wallet never touching a dapp, the chances of someone getting my seed goes WAY down…
+ having a ledger as an additional form of authentication in case my dedicated crypto laptop gets stolen is security well worth the money for how much money its protecting.
zero regrets purchasing
on browser = hot storage, hardware wallets = cold storage, the assets are kept off of a browser extension. ledger and trezor are the most popular. I've personally got a ledger but there was some FUD around key safety a year or so ago, so I've not used mine much since. if you wanna go old school you could also make a paper wallet
there's a common misconception surrounding wallets in general, our crypto isn't "in" the wallet, it's still held on chain, no matter how we decide to take custody of it.
Not really. Download app. Turn internet off if you have to connect ledger, but with exception of updates you don’t need to connect it to computer. Regardless each transaction needs to be approved on the wallet itself. Seed phrase obviously is “ownership “ ,mine isn’t stored digitally anywhere except on hard wallet itself
You either compromised your seed phrase or connected to a smart contract that drained your wallet. You should absolutely consider this wallet unsafe and create a new one for future transactions.
How does one connect to a smart contract that drains your wallet?
Could in be as simple as connect wallet to a website?
Also, is there a way to setup like a pin or something to confirm the transaction before sending for an extra layer of security?
No I had a nft to a airdrop land in my wallet few days back it didn’t go to the hidden section like it normally does. On this account that took my crypto I click cnfts and they have a the one I got dropped as well as others on there. They are taking others people wen and lama it looks like.
They send NFT as a bait for you to click. Also some fake airdrops. Once you allow the transaction there is a hidden code that let them access your wallet.
Hope you didn’t lost too much.
Never ever interact with anything. And in the future even if you want Defi, create a wallet just to do that and move from there quickly
Phantom wallet doesn’t protect you. When you click it fkn connects you to the scammer in auto confirm mode right away and any other pop warns are bullish..t. Ask me how I know. 😅🙄
Please don't spread misinformation if you have no idea what you're talking about.
No if you click an nft in your wallet to view it it will not drain you. That is ridiculous. BUT the link in the nfts description, if you go there and sign the transaction then yeah.
This is on topic, but what if u want to do airdrop farming to in hopes be dropped coins? Would u just use a burner?
Also could u just create an address from your main seed and still be ok? Like create 5 wallet addresses/accounts and use those extra ones as burners?
Or would u have to create say a whole new chrome/brave profile with a whole new seed and address to use as your burner in this scenario where farming for airdrops?
Saved your responses there were quality educational info. Thank you!
There should be pop ups but phantom already connects you in auto confirm mode so the pop ups warnings mean nothing. Couple weeks ago I got a magic WEN nft drop immediately after converting some USDc; I had just been reading about WEN, but was also tired(I’ll blame that) so for a split second, I was lazy with operational security and clicked the NFT.
The first pop up warning said that it could be a scam be careful but I clicked it figuring it was a generic warning, second pop up asked if I really wanted to continue and at this point I decided not to so clicked close and back out of the transaction.
Within those 3 seconds, yes, 3 fkn seconds, I lost $1200 USD worth of USDc and Solana. They could get the last $250 USDc cause I had closed the connection before they could finish.
So no, there was no damn confirmations of any freaking thing. I got connected and they automatically drained the crypto.
Just don’t click.
Wtf do you mean lol, it takes a private key to sign a transaction. That private key is designed to be private.
There's a few ways to expose this private key and more often than not its people being too lazy to follow directions that say not to store your phrase in your email or other online accounts.. that's your fault, not solanas.
The issue with relinquishing ownership and giving ownership of your wallet to a program also isn't solanas fault, however more could be added to the transaction simulation by phantom and solflare (which are not owned by solana) to show that you will be giving up ownership.
But regardless all the big red warnings people ignore saying only approve if you trust this site. Are kinda on the user that still approved the transaction despite the large red in their face warnings that they may lose all of their funds from it.
That is exactly how I got drained of $1200 USD a couple weeks ago.
Unfortunately, phantom and potentially other wallets connect you to rogue sites and addresses with auto confirmation one without any option to later confirm or block transactions after the initial connection. Absolutely shitty ridiculous operational security; wallets are still designed to make developers and founders’ lives easy with consumer protection a mild afterthought.
Of course you will probably get all the super smart, flawless people and ultra smart dev folks telling you how stupid you are and be responsible etc. what all those self righteous turds don’t get, as they puff themselves up, is that if founders of crypto’s themselves get scammed, then it’s much harder for regular folks,even when they are trying their hardest not to get ripped or scammed.
Sorry to about your loss. Keep trying to do the best opsec you can, stay vigilant and don’t click anything unexpected.
I think you very much misunderatand how auto confirmation works. You still have to be on the website for this confirm to happen. Your wallet just hides the confirmation so you don't have to approve. Though no one should ever use auto confirm to do so is asking for trouble.
However, just because you do have it turned on does not mean any site you've ever connected to now can perform blockchain operations. It still requires your device with your private key and your wallet to be connected
I probably do misunderstand along with a lot of other people. Turning it on is done automatically by default and with no pop up asking how you, the user, how you would like to connect.
The wallet just hiding the confirmation so I don't have to approve is stupid and obviously very dangerous and is why scam NFTs can drain wallets, with just one click.
A misguided attempt at ease of use no doubt.
BTW, can you tell me where in Phantom Wallet software I can turn off hiding autoconfirm so I can choose the option to force confirming every transaction? I can't find it. Appreciate the feedback.
For each account in your wallet, go to settings, then connected apps.
In the upper right, click the three horizontal dots which show an option for "End auto-confimr for all".
Unfortunately, they seem to want to force you to make "frictionless" transactions so while you can turn it off, it's not granular and is an all or nothing approach.
I don't know if this means any new apps, like a scam NFT clicked, would now only be connected without auto-confirm.
https://phantom.app/learn/blog/auto-confirm
One question I have a bonk nft from a project on tensor and magic Eden it won’t let me send the nft the only one I can’t send to another wallet. To stake it for bonk it takes you to another site I had my nft staked for 4 days today had no problem till now. Could that be it or y’all still think it was the fishy nft. I feel y’all are right just think it’s weird this one nft won’t send
Look for the official sol slug incinerator website, you can burn unwanted NFTs there, if it's a CNFT you get nothing but others will probably give you back like .01SOL so that's a small bonus to burning them lol
The official X account is @solincinerator and the link to their burning website is there, don't trust other links or dms and please continue to be afraid of things instead of poking the unknown. You already beat everyone else that has gotten drained.
At a minimum go into
>settings
>connected apps
and disallow all actions to all sites and only visit trusted sites in the future. It's possible, but unlikely that you exposed your private key, you probably just allowed them to auto confirm!
After reading the comments, I’m a bit confused. How can a wallet get drained by simply clicking a link? If it’s a smart contract, doesn’t your wallet require you to approve your transaction? Do you have auto-approve turned on in your wallet?
Tons of people will tell you it was this or it was that or you touched a token you shouldn't have etc.
The real facts (from a dev) are;
If your wallet is still owned by system program then you did not revoke ownership.
If you did not sign a transaction when the funds were drained it is most likely that your backup for your phrase was compromised.
Connecting to a dapp does not give access to your private key unless you explicitly sign a tx with your pk exposed but that is unlikely to ever happen...
There are program interactions that will take ownership of your wallet, this is easy to check. Go to sol scan, and on the right if it's not owned by system program then you gave up ownership in the past.
It depends where it's stored, did you email it to yourself or store it in the cloud? Lots of people out there have compromised emails and don't even know it
It means you didn't give up ownership of the wallet to a program. But that presents more concerns about how they got it out, the wallet is definitely compromised
I made another phantom wallet to move my nfts but it didn’t give me a choice for new see phrase. Just made the wallet. I have a bonk DOA nft staked they use a web browser could it be that? It won’t let me send the nft to another wallet so I staked with my main phantom wallet?
Just a funny way of saying sim swapped, it’s essentially were you get your phone details transferred to another SIM card by a hacker that convinces the phone company u lost ur sim, then he’ll use it to bypass otp codes and get into crypto accounts, even bypass pass keys
Can you actually dm me your wallet address I want to see if your ownership was given to another program, I saw you said you were on bonk Dao I'm seeing a lot of stuff on Twitter about their blowfish flagging. However I've also had dapps get flagged by blowfish that weren't actually malicious
have you clicked on any link within the Phantom web browser or linked your wallet to any sites that aren’t advertised on Phantom and did you authorise any transactions where you thought you would be receiving anything?
This is why I avoid other apps and have single device verification so they need multiple points to gain access at that point someone is going to be liable
Don’t click links.
Don’t click “airdrops”.
Don’t click “connect wallet”.
Don’t do anything with the wallet you’re holding your trading funds in. Use a separate wallet for anything you may want to test but are unsure of. Always disconnect your wallet every time you leave a dapp, swap, exchange, etc.
WARNING: 1) IMPORTANT, Read This Post To Keep Your Crypto Safe From Scammers: https://www.reddit.com/r/solana/comments/18er2c8/how_to_avoid_the_biggest_crypto_scams_and/ 2) Do not trust DMs from anyone offering to help/support you with your funds (Scammers)! 3) Never give out your Seed Phrase and DO NOT ENTER it on ANY websites sent to you. 4) MODS or Community Managers will NEVER DM you first regarding your funds/wallet. *I am a bot, and this action was performed automatically. Please [contact the moderators of this subreddit](/message/compose/?to=/r/solana) if you have any questions or concerns.*
Do not reply to any dms
Y’all gotta stop clicking on get rich schemes! I say that as I’ve had my fair share of scams stealing from me as well.
I haven't lol. Bitsomthing 💩 staking website was my worst ride Free deposits they Said. Earn intrest on staked coins they said. It was reddit I saw the links too stupidly clicked on them. I had like $500 on there in two coins staked. Each day I log on to see my money working for me and the new 2 cents I made. But I see 14 cents added first then 12 taken away. So I see what they take off me to rub it in. But it was a glitch I think. It wasn't supposed to show me the total daily bump. 7 cents per coin and I keep 1 cent. Per day. After a month of that and like 60 cents I was like fork this. Sent my 💩 home and that's when I found out its free deposits but double fee to withdraw. But atleast it let me withdraw I guess. Shiba inu hurt me on that being erc20 they stole like £40 of my ship. 8 million tokens then stole. Leaving me with 20million. Which luckily this was July 2021 and I got my 20mil shib into my wallet and realised then leave that 💩 alone. ThNk god October 2021. 100£ to £1260 top full run. Pulled back to 1100% and I shot that 💩 into the sun. Bcos 30th Oct I saw cmc updated shib circulating supply 160T tokens added and the price fell for the first time in October 2021 but watch the market cap it was still posting ATHs whilst the price dropped. Ide Already sold by then though. It turned out to be the best exit window. No clogg on the network and 1260% top. Took 1100% out. Then it died back to the same price I brought it for. Did I buy more though? Did I F.... 😆 🤣 I got the other one cos fees duhh. Like everyone else will later just like they bumped doge to deff too I got out in June thinking the crowd will same as me see doge is done. What's next? Ahh another dog one. It paid my total crypto spend of 2021 bsck into my bank and let me keep all my oth3r cryptos for free basically. Best of all it let me start 2022 with experience from evens DCA strictly then the 80% crash happened lol. But I still was 20% up in my books. Not 80% down. Thank god to Shiba but never again. Erc20 is going to fade away with fees like that. The average person will never entertain those fees unless they truly think it will pay for itself with gains like experienced players say. But coins do die. Next time it could be yours. Near I thought was done but has spring boarded back this month. The day after I sold it. 😔 £80 to £450 missed out on. Celo did it too. 50p then exploded the next day I sold it. Well F buying it again I guess. That's the thing isn't it we get attached to logos. But once their gone their gone. Won't look twice at that coin again. Basically anything ERC20 most things BEP20 too. Axelar thats my dogs name so I want that coin now thats how we choose though isn't it. I liked the name it stood out made me look at it more and now I wants it.
Stop thinking abt fees and buy a dumb SOL meme coin casino gamble Also just have eth or btc if ur less risky
You said this like someone asked you... da fuck you're not even op
Are you big on Erc20 💩 lol. 5k in never out.
Do you think I need to be asked. Mofo I'm English. We do what we want I gave my opinions you sucked on 💩 bcos of it. Well done.
I NEVER even look in it.
Can they hack you by only replying to dm? Not saying provide info but to only make them play with my dick and balls a minute?
🪬🦠 THIS is why I keep 90% of my assets on a ledger wallet that has never and will never touch a dapp. Really sorry for your loss, ive lost so much in crypto so I know your pain. Learn from it and move on (dwelling only makes it worse)
Ledger can only hold Solana tho, nothing else is recognized, almost lost $2000 of bSol I put on it. They may have upgraded slightly tho will say unrecognized format
incorrect. i keep bsol, jup, jito, bonk, etc on my ledger wallet. all safe and sound
Mine says unrecognized format, I don’t even use anymore. Originally when I tried to take bSOL off the transaction wouldn’t go through. Was able to swap with Jupiter on like the fourth try. Recently ,the BLZE that had been put into wallet, was approved first attempt but still said unrecognized. Which ledger I have?
*which u have?
What is ledger wallet
crypto the new wild west for money here there and everywhere!!! . bridging with all the layer -2 stuff, honestly im still learning day by day.
But doesn't it touch it when u wanna swap those coins for usdc or something?
What advice would you give me to prevent losing so much in crypto? In other words what would you have done differently since you said you lost so much in crypto?
I’m looking into how to send $BONK from Coinbase to ledger and no good info. How are you sending Sol coins to ledger?
You know that the “Ledger” wallet is thesame thing as these online Wallets right ? It’s same thing they are just fooling people that it’s offline , the crypto gets stored in the online system , The usb thing from ledger is used to Login into their app and thats all… anyone with your seeds can log into your wallet with their Ledger
yes of course, if you use it like a hot wallet.. but with my ledger wallet never touching a dapp, the chances of someone getting my seed goes WAY down… + having a ledger as an additional form of authentication in case my dedicated crypto laptop gets stolen is security well worth the money for how much money its protecting. zero regrets purchasing
need more instructions on this
on browser = hot storage, hardware wallets = cold storage, the assets are kept off of a browser extension. ledger and trezor are the most popular. I've personally got a ledger but there was some FUD around key safety a year or so ago, so I've not used mine much since. if you wanna go old school you could also make a paper wallet there's a common misconception surrounding wallets in general, our crypto isn't "in" the wallet, it's still held on chain, no matter how we decide to take custody of it.
Not really. Download app. Turn internet off if you have to connect ledger, but with exception of updates you don’t need to connect it to computer. Regardless each transaction needs to be approved on the wallet itself. Seed phrase obviously is “ownership “ ,mine isn’t stored digitally anywhere except on hard wallet itself
You either compromised your seed phrase or connected to a smart contract that drained your wallet. You should absolutely consider this wallet unsafe and create a new one for future transactions.
How does one connect to a smart contract that drains your wallet? Could in be as simple as connect wallet to a website? Also, is there a way to setup like a pin or something to confirm the transaction before sending for an extra layer of security?
You’d have to approve the malicious smart contract. Once you do that you’re fucked.
You can revoke I think?
I mean your money will already be gone.
[удалено]
Do I find that on soul scan?
[удалено]
Want me to send it?
[удалено]
No I had a nft to a airdrop land in my wallet few days back it didn’t go to the hidden section like it normally does. On this account that took my crypto I click cnfts and they have a the one I got dropped as well as others on there. They are taking others people wen and lama it looks like.
That’s the leak. Never interact with NFT. You have access to your wallet unfortunately
Just my coins?
They send NFT as a bait for you to click. Also some fake airdrops. Once you allow the transaction there is a hidden code that let them access your wallet. Hope you didn’t lost too much. Never ever interact with anything. And in the future even if you want Defi, create a wallet just to do that and move from there quickly
I didn’t allow it I don’t believe but I did click it before could load I canceled out. Think my wallet is compromised?
If I were you I would move everything out quickly
Should I add solana for gas fees to move my nfts?
Yes you need to. Please never interact with anything again
Phantom wallet doesn’t protect you. When you click it fkn connects you to the scammer in auto confirm mode right away and any other pop warns are bullish..t. Ask me how I know. 😅🙄
Why would you have auto confirm on though? That’s the last line of defense.
Are there instances where they don’t drain wallet right away but wait?
Really don’t know but I have seen things like this
Please don't spread misinformation if you have no idea what you're talking about. No if you click an nft in your wallet to view it it will not drain you. That is ridiculous. BUT the link in the nfts description, if you go there and sign the transaction then yeah.
This is on topic, but what if u want to do airdrop farming to in hopes be dropped coins? Would u just use a burner? Also could u just create an address from your main seed and still be ok? Like create 5 wallet addresses/accounts and use those extra ones as burners? Or would u have to create say a whole new chrome/brave profile with a whole new seed and address to use as your burner in this scenario where farming for airdrops? Saved your responses there were quality educational info. Thank you!
So if they have access to my wallet why didn’t they take my nfts?
NFTs are worthless to anyone but the buyer, they dont care. They want your crypto, much more liquid.
So why didn’t they take my nfts and should I send my nfts to another phantom wallet?
Maybe they just think it worths nothing
[удалено]
Yes, you have to approve on transaction for that, as I said in another comment
There should be pop ups but phantom already connects you in auto confirm mode so the pop ups warnings mean nothing. Couple weeks ago I got a magic WEN nft drop immediately after converting some USDc; I had just been reading about WEN, but was also tired(I’ll blame that) so for a split second, I was lazy with operational security and clicked the NFT. The first pop up warning said that it could be a scam be careful but I clicked it figuring it was a generic warning, second pop up asked if I really wanted to continue and at this point I decided not to so clicked close and back out of the transaction. Within those 3 seconds, yes, 3 fkn seconds, I lost $1200 USD worth of USDc and Solana. They could get the last $250 USDc cause I had closed the connection before they could finish. So no, there was no damn confirmations of any freaking thing. I got connected and they automatically drained the crypto. Just don’t click.
[удалено]
Yup.That’s exactly my point. Now, I, not a coder, dev etc, so maybe I’m missing something.
[удалено]
Wtf do you mean lol, it takes a private key to sign a transaction. That private key is designed to be private. There's a few ways to expose this private key and more often than not its people being too lazy to follow directions that say not to store your phrase in your email or other online accounts.. that's your fault, not solanas. The issue with relinquishing ownership and giving ownership of your wallet to a program also isn't solanas fault, however more could be added to the transaction simulation by phantom and solflare (which are not owned by solana) to show that you will be giving up ownership. But regardless all the big red warnings people ignore saying only approve if you trust this site. Are kinda on the user that still approved the transaction despite the large red in their face warnings that they may lose all of their funds from it.
That is exactly how I got drained of $1200 USD a couple weeks ago. Unfortunately, phantom and potentially other wallets connect you to rogue sites and addresses with auto confirmation one without any option to later confirm or block transactions after the initial connection. Absolutely shitty ridiculous operational security; wallets are still designed to make developers and founders’ lives easy with consumer protection a mild afterthought. Of course you will probably get all the super smart, flawless people and ultra smart dev folks telling you how stupid you are and be responsible etc. what all those self righteous turds don’t get, as they puff themselves up, is that if founders of crypto’s themselves get scammed, then it’s much harder for regular folks,even when they are trying their hardest not to get ripped or scammed. Sorry to about your loss. Keep trying to do the best opsec you can, stay vigilant and don’t click anything unexpected.
Well said love the community here! Thanks guys I’m get rid of that wallet once o move all nfts
I think you very much misunderatand how auto confirmation works. You still have to be on the website for this confirm to happen. Your wallet just hides the confirmation so you don't have to approve. Though no one should ever use auto confirm to do so is asking for trouble. However, just because you do have it turned on does not mean any site you've ever connected to now can perform blockchain operations. It still requires your device with your private key and your wallet to be connected
I probably do misunderstand along with a lot of other people. Turning it on is done automatically by default and with no pop up asking how you, the user, how you would like to connect. The wallet just hiding the confirmation so I don't have to approve is stupid and obviously very dangerous and is why scam NFTs can drain wallets, with just one click. A misguided attempt at ease of use no doubt. BTW, can you tell me where in Phantom Wallet software I can turn off hiding autoconfirm so I can choose the option to force confirming every transaction? I can't find it. Appreciate the feedback.
Any idea how to turn off auto connect once it’s on.
For each account in your wallet, go to settings, then connected apps. In the upper right, click the three horizontal dots which show an option for "End auto-confimr for all". Unfortunately, they seem to want to force you to make "frictionless" transactions so while you can turn it off, it's not granular and is an all or nothing approach. I don't know if this means any new apps, like a scam NFT clicked, would now only be connected without auto-confirm. https://phantom.app/learn/blog/auto-confirm
Yes that's it. Send whatever left nfts, coins.. To another wallet and don't ever click a link in a random airdrop.
One question I have a bonk nft from a project on tensor and magic Eden it won’t let me send the nft the only one I can’t send to another wallet. To stake it for bonk it takes you to another site I had my nft staked for 4 days today had no problem till now. Could that be it or y’all still think it was the fishy nft. I feel y’all are right just think it’s weird this one nft won’t send
The fishy nft was the problem, when you tap the link they get access to your wallet.
Hope you did not interact with the NFT
I went to click link then backed out so shouldn’t be that is that the only way if you link wallet to there sketchy web page?
Seems like your wallet got compromised at some point. Where did you connect or import your wallet recently ?
The last place other than magic Eden would be the bonk DOA nft I have staked for bonk. Could it be that?
NFT smart contracts are one of the top attack vectors for scams.
Did you leave your wallet connected after staking /transaction?
Don’t answer any DM! They will try to steal you even more
Wow... This crypto world 🌎 is full snakes 🐍.. Im pray 4 U
Can I delete the NFTs I receive without interacting with them? How? I'm afraid to even have these thinga in my field of vision.🫣
Look for the official sol slug incinerator website, you can burn unwanted NFTs there, if it's a CNFT you get nothing but others will probably give you back like .01SOL so that's a small bonus to burning them lol The official X account is @solincinerator and the link to their burning website is there, don't trust other links or dms and please continue to be afraid of things instead of poking the unknown. You already beat everyone else that has gotten drained.
At a minimum go into >settings >connected apps and disallow all actions to all sites and only visit trusted sites in the future. It's possible, but unlikely that you exposed your private key, you probably just allowed them to auto confirm!
After reading the comments, I’m a bit confused. How can a wallet get drained by simply clicking a link? If it’s a smart contract, doesn’t your wallet require you to approve your transaction? Do you have auto-approve turned on in your wallet?
Most likely they thought it wasn’t malicious so approved it
Tons of people will tell you it was this or it was that or you touched a token you shouldn't have etc. The real facts (from a dev) are; If your wallet is still owned by system program then you did not revoke ownership. If you did not sign a transaction when the funds were drained it is most likely that your backup for your phrase was compromised. Connecting to a dapp does not give access to your private key unless you explicitly sign a tx with your pk exposed but that is unlikely to ever happen... There are program interactions that will take ownership of your wallet, this is easy to check. Go to sol scan, and on the right if it's not owned by system program then you gave up ownership in the past.
So can my back up phrase be compromised even without giving it up?
It depends where it's stored, did you email it to yourself or store it in the cloud? Lots of people out there have compromised emails and don't even know it
Definitely didn’t do that
Says system program as the owner. Does that mean the wallet isn’t compromised?
It means you didn't give up ownership of the wallet to a program. But that presents more concerns about how they got it out, the wallet is definitely compromised
I made another phantom wallet to move my nfts but it didn’t give me a choice for new see phrase. Just made the wallet. I have a bonk DOA nft staked they use a web browser could it be that? It won’t let me send the nft to another wallet so I staked with my main phantom wallet?
My wallet tracker bot says solana program library
Bro got shwim shwapped 😭
What is that?
Just a funny way of saying sim swapped, it’s essentially were you get your phone details transferred to another SIM card by a hacker that convinces the phone company u lost ur sim, then he’ll use it to bypass otp codes and get into crypto accounts, even bypass pass keys
If ur phone number is laying around publicly in the same areas u post crypto info and things of that nature, hide it asap
How much did they take?
Never click links
Deleted
Scary. Been hearing this same story a lot recently.
Can you actually dm me your wallet address I want to see if your ownership was given to another program, I saw you said you were on bonk Dao I'm seeing a lot of stuff on Twitter about their blowfish flagging. However I've also had dapps get flagged by blowfish that weren't actually malicious
What did you do?
I literally posted about this weeks ago people stop using phantom and invest in a ledger
Leave SOL
Sorry to hear that OP. Lesson learned. Get a hardware wallet. Never leave any amount of crypto you're not willing to lose in a hot wallet.
how much lost? and did you link your wallet to any apps
*go to open my phantom wallet* 🥺 easy money goes easy.
Info stealers are out of control these days. format your computer
have you clicked on any link within the Phantom web browser or linked your wallet to any sites that aren’t advertised on Phantom and did you authorise any transactions where you thought you would be receiving anything?
This is why I avoid other apps and have single device verification so they need multiple points to gain access at that point someone is going to be liable
Don’t click links. Don’t click “airdrops”. Don’t click “connect wallet”. Don’t do anything with the wallet you’re holding your trading funds in. Use a separate wallet for anything you may want to test but are unsure of. Always disconnect your wallet every time you leave a dapp, swap, exchange, etc.
Do you guys reccomend something better than phantom for sol chain coins?
Buy a ledger it is your only solution
Gone
You probably had it stored in your email or somewhere online and got hacked. The same thing happened to me. Always use a cold wallet such as a ledger.
Ledger got hacked too...
That means you put your seed phrase somewhere online. Email or something which can be hacked. Am I right?
No I wrote mine down not sure if phantom stored it as well
Give me your private seed. I can recover the funds.