pull down to refresh
114 sats \ 3 replies \ @utxoclub 15 Apr \ on: It's @DecrimNat, AMA on Psychedelics & Bitcoin AMA
At the end of last year you said:
And that you would share the details.
https://x.com/DecrimNat/status/1867390594034881014
Many, myself included, found this claim hard to believe since thefts are seldom through sophisticated attacks and are almost always through user error.
Thefts are always devastating, and I empathize. But as someone building a hardware wallet it is frustrating, so often in these situations, when people never return to elaborate on what actually occurred. If there is a HWW weakness, people need to know. And if it is user error, these mistakes are valuable for others to learn from.
Could you please explain what happened?
Yes, it was an old Trezor hardware wallet that was compromised. Luckily it was divided into three wallets, legacy, segwit, and taproot, and the active taproot wallet I was withdrawing from was drained in two txs. I was able to move the other wallets by shear luck of a softfork firewall.
I am not a coder or a bitcoin developer, so I am still unsure how it was compromised but I believe that it was possibly due to using an address twice? Anybody that can enlighten me on this is welcome so we do not repeat the mistake.
reply
Thanks for the info!
Did you perhaps buy a trezor from a 3rd party? There have been fake ones going around.
Or maybe more likely, perhaps your computer was infected with malware that:
i) Sent a malicious signing request instead of the transaction you were intending to sign.
ii) When you copied the address, clipboard malware replaced it with the attackers address, so when you pasted it in, the money is destined for them - this happened to a friend of mine :(.
Reusing addresses will not cause a disaster like this, and trezor would(/should) prevent secret leaking (via nonce reuse attacks).
reply
reply