Bnb swap to busd hacked?

Hi mate, i just wanted to thank you again for the revoking lesson ect.
I managed to use bsc token allowance to get rid of what looked to be a fake busd address that allowed infinite access i guess, as i already had permission for one busd, and this one was added a few days ago… and when you clicked the address it was full of comments about scams ect. So i hope that was tge issue… :crossed_fingers:must of been me allowing it via my desktop version? When i was trying to buy my first nft.
Oh well lessons learnt.

Im now starting from scratch from the compromised metamask. And will only use it to retrieve my vested tokens when needed, and transfer straight to my new metamask. Unless the good people of bloktopia somehow let me change wallet address ect. Ive been in touch with them…

Thank you again, superb support and response. You guys are the greatest.

And ive learned alot also. Plus i see silly coins trying to be sent to my wallet address. Which i wont add, but its something ive never seen, since putting out my address for air drops ect… no more of that! Just sticking to what i know works.

Kind regards

Russell

1 Like

To be clear, REVOKING PRIVILLEGES MAY NOT STOP AN ATTACK

An example: A sweeper attack is typically a two part system. One bot monitors the mempool for new transactions going into a targets wallet. The second part starts a new transaction to move the sent asset. If the SRP was harvested (vs access gained via malicious smart contract), no permissions would show to even be revoked.

Once a wallet has been compromised, it can never be made adequately safe. Best practice is to move the assets to a new wallet.

4 Likes

Thank you @HiroProtagonist - this detail is really helpful!

@mk1gti glad you have a new wallet going - hope you can get everything out of the old with no more issues.

2 Likes

I agree buddy, i will never trust the compromised wallet again. But until i can sort out my staked tokens, i will have to risk leaving them staked… and fingers crossed i can unstake them and move them when i need too…

I was kind of hoping it was just busd i had to worry about. As all my other tokens were ok. And my other tokens are on another network. If that helps or not. Probably not tho :sweat_smile:

1 Like

If the other network uses the same method for creating its public/private keypair, they will be the same keys to access those accounts.

Fortunately, most staked tokens don’t appear in the wallet to Metamask, so the attacker probably doesn’t see them either. Some of the projects I’m staked with will let you unstake, then send them to a different wallet than the one they were staked with. I would reach out to the projects you’re staked with and see if that’s an option.

This is an article written by one of our employees, before we acquired the MyCrypto team.
It’s an extremely technical process, that may not always work, and not one that I would recommend attempting for the vast majority of users.

WE CANT ENDORSE THE WHITE HAT GROUP LISTED. AS WE HAVE NOT VETTED THEM WE CANNOT ASSURE THEY ARE ACTING IN USERS BEST INTERSTS

That said, its an incredibly interesting read on some of the technical details on how this works.

3 Likes

I might have to pay a team to try and sort it if i cant get the launchpad to swap wallets for me.

I never gave out any information or passwords, just added busd address which was incorrect i think. and i might have connected my wallet to a no legitimate site? But not sure,
Is there a chance its not a sweeper bot? Or can they get me if i connected my wallet to a non legitimate site?
I did see a strange address that i revoked permissions for that could control all my busd, i didnt get tge details before i revoked tho…

2 Likes

It could be a totally different attack that’s being used.
Though there have been tokens used as an attack vector, I’m not aware of any that can grant access to an account. (There could be, though) A malicious dapp could be granted that permission when connected to a wallet…

The vast majority of scams require the user to initiate or approve a transaction, or give up their SRP. Though there are some malwares that can directly target the data files for crypto wallets on your device. When coupled with password breaches, or keyloggers, they can compromise the Secret Recovery Phrase.

I’m really sorry that happened. Scammers are an absolute scourge. Hope you can recover your assets.

Sweet ride BTW. One of my besties drove a MKII all through HS. His current project is a Vanagon rebuild. (costing him a mint)

2 Likes

Cheers i love my little mk1 took me a while to restore, but worth it in the end. As im in the uk cars rust easily :roll_eyes:

I will put it down to experience and thankful i wasnt converting 1000s just a couple 100s,

Ive been looking into it more, and it does look like the wallet that took my busd only seems to take busd, and a few in the comments are saying about revoking the address
And the address i revoked, was only added a few days ago, by myself no doubt…
and that address was full of the same comments and was in control of my busd. I just didnt take note of the address before i got rid of it.

Im tempted to try £20 deposit and see what happens now ive revoked? Then i might risk unstaking my other tokens and moving to my new wallett if it doesn’t disappear… :thinking:

I would check with the token’s support/team and see if it can be sent back to a different wallet first.

I have seen sweepers that only target the native coin (EG: BNB, ETH, MATIC, etc) and didn’t touch the tokens on the account. Though it’s possible to set a threshold. IE: wait until $X of assets are in the wallet before triggering. So $19.99 might be fine, but the 1 extra pence is enough to trigger it. Hope you’re able to recover them.

I’m from the Westcoast US, where salting the road is an abomination against Mother Nature; but live on the East coast now. One of the countries largest salt mine is only like an hour from me, and we get a lot more ice. So they lay it on the roads in sheets here. I’m watching my poor Subie slowly lose mass to rust. No amount of undercoating seems to help.

3 Likes

Perhaps before you sent the bnb, you had signed a contract with any site, this is my guess

1 Like

Just to update,

Im almost certain it was a smart contract that i must of let have access to my busd… which is lucky i guess.

Ive managed to get everything out of that wallet anyway, and out down to a lesson lernt.

As i now know all about smart contracts and the limts or unlimited access they can have to certain tokens!

Needless to say, i now look and revoke every week!

And i also set the limit that smart contracts have ect.

Plus i now take my time on sites i think i know… as ive noticed lots of fake websites popping up top of the list,

Thank you so so much to you all! Everyday is a school day!!

4 Likes

use revoke.cash unauthuraised transection removed…

This topic was automatically closed after 30 days. New replies are no longer allowed.