About 45 minutes ago I received 0 ETH from an unknown address. This seemed odd but could have been an airdrop or something... didn't think much of it. Then approximately 11 minutes later, my account transferred [redacted] "ETH" (not actual ETH, more below) back out to that unknown wallet. Of note, the outbound ETH are not actual ETH, but they are an ERC20 token at contract address 0x6dB383F99e01D8ad6a1A4Ee5BC8de2F084369f2E which has a name of ETH and is only 6 decimals instead of 18.
Important, the most recent transaction which I executed was back in November and was transferring [redacted] ETH to a coinbase account. The 0 ETH that I received today came from an account that shares the same first 6 and last 6 addresses as that coinbase account:
Valid transfer to account: [redacted] (happens to be a coinbase account and was a legit transfer back in November)
Unknown 0 ETH sender: [redacted]
Here is my account in question: [redacted]
Please note the following transaction: 0 ETH received via txn hash [redacted]
Please note the following token transfer: [redacted] "ETH" transferred via txn hash: [redacted]
As far as I can tell, all of my funds are safe, but this is very stressful. This is a hardware wallet account. It has never been connected to Metamask or any web3 browser. My seed phrase has never been made accessible to a digital device. All other accounts on that hardware wallet appear to be intact and untouched (ETH and other assets).
As far as I can tell the attacker has achieved a partial address collision (of the first 6 and last 6 digits) and then used this transfer of 0 ETH to my account to initiate some type of transfer.
I was not at a computer during this time and have no idea how this outbound transfer would even be possible. Getting this notification from etherscan scared the ever living shit out of me.
Am alerting the community here for both advice and in case this is something more serious. Any thoughts?
Edit: the consensus is that my coins/tokens are safe and that this was an 'address poisoning attack' wherein the attacker sends zero ETH to my account using an address that they control which is similar to an address that I've previously sent ETH out to. Their hopes are that I will just go into my history and copy/paste that address again the next time I want to do a transfer and will thereby unwittingly send my ETH to them next time I make a transfer. Fuck scammers man.
Edit2: I have redacted all account-specific information in my post for ongoing OPSEC. Am leaving this post up in case it is helpful to others.
[link] [comments]
You can get bonuses upto $100 FREE BONUS when you:
π° Install these recommended apps:
π² SocialGood - 100% Crypto Back on Everyday Shopping
π² xPortal - The DeFi For The Next Billion
π² CryptoTab Browser - Lightweight, fast, and ready to mine!
π° Register on these recommended exchanges:
π‘ Binanceπ‘ Bitfinexπ‘ Bitmartπ‘ Bittrexπ‘ Bitget
π‘ CoinExπ‘ Crypto.comπ‘ Gate.ioπ‘ Huobiπ‘ Kucoin.
Comments