whats up,
On 28feb2022 I get hacked, 2.4bitcoin from u/coinomi android pockets received stolen.
It is an outdated Android 7, Samsung Galaxy s6edge (no root).
In 2017-2019 I take advantage of u/Coinomi pockets to retailer my bitcoin as a result of was easy straightforward to make use of.
In summer season 2019 I resolve to make use of that telephone solely like a “chilly storage” I’ve u/coinomi app, windscribe vpn and google apps. I select that as a result of was easy , as soon as a month I energy the telephone do the replace on u/coinomi and the opposite apps checking the pockets and shut it down.
The u/Coinomi pockets wouldn’t have the BIP39 passphrase implement ate at the moment however I safe the pockets with a password , with a pin quantity in case someone had the telephone to be laborious to unlock it.
On the finish of February2022 I replace the u/coinomi pockets to model 1.25.2 construct 430 core 220 all work nice replace carried out, I examine the pockets the bitcoin was there (I additionally select the function ” Mark do-not-spend ” in case someone open the pockets no quantity was show ) however right this moment I examine the handle of my pockets (I’ve it saved in tor browser to be easy to examine the utxo ) and I see the cash have been moved https://oxt.me/transaction/812f73d94bc1eb029e72930427ea27bee4e668accaad4d3fc167a24f1de364a5] https://oxt.me/transaction/812f73d94bc1eb029e72930427ea27bee4e668accaad4d3fc167a24f1de364a5 how can this occur ? since no person have entry to the telephone.
The seed was saved on paper ,no person see it ,plus I wrote the phrases in different order so solely I can know the proper order.
I am certain one thing was improper with the replace since is just not an open supply pockets no person is aware of what that pockets can ship out butt I believe the pockets ship the seed out to someone as a result of handed 3 and half years and the seed was protected inside it solely know occur..solely after the replace.
After 5 hops I noticed the bitcoin Is distributed to Binance alternate handle https://oxt.me/transaction/2984598d66601f7cf922f819b32da464733ec00bd5e71ce76ca6627fdc97e38f]https://oxt.me/transaction/2984598d66601f7cf922f819b32da464733ec00bd5e71ce76ca6627fdc97e38fI wouldn’t have a binance account however I chat with them to the reside chat:
Greetings from Binance safety crew! We’re very sorry to listen to about your scenario. Upon checking we have now discovered that the funds are in Fastened Float pockets.
The funds seem within the blockchain to have been despatched to Binance as a result of Fastened Float is a Binance Dealer, this implies it’s one other firm that has a pockets with Binance for its liquidity and order ebook. This dealer has many customers, so we do not know the precise finish person who obtained your stolen funds, we solely know the funds have been switch to the Fastened Float scorching pockets.
I do know fixedfloat is a noKYC alternate personal by russians and plenty of bitcoins come and go to the Hydra Market.
I discuss on telegram with the assist man named Angelo and through assist ticked however they are saying that the pockets is working excellent and they’re in the marketplace since 2014 and no person have points, some years in the past I bear in mind a man that additionally lose funds from coinomi desktop pockets was an enormous fuss then however no person consider it neither I however now I believe one thing is just not okay.
My query is how can someone take the seed from the pockets if that pockets was shut down 95% of the time since summer season 2019 ?
I used to be cautious with the coinomi app , all the time FORCE STOP and solely open the app if the VPN was on.
For me could be very unusual that my bitcoin was stolen after the replace.
That replace had one thing that learn the seed and despatched it out, I am unable to see different explication.
I simply wanna share my expertise , I do blame the blokes that work on Coinomi , they all the time say [i]the pockets is protected no person lose funds it is unattainable to have the ability to see your seed [/i]however the app is just not open supply so how can this be true ?
By way of assist ticket they wrote me this:
After wanting by the small print given we are able to verify the transaction was despatched from a tool the place Coinomi was put in. Nonetheless, because of the nature of cryptocurrency transactions we can not say ‘whom’ made this transaction since we’re a non-custodial pockets software program which implies we don’t monitor any form of person information.
Coinomi is likely one of the most generally recognized multicoin wallets and likewise one of many best to make use of. This implies it’s extra doubtless than you suppose for somebody to pick to revive any seed into Coinomi
Please may you inform me, do you entry the app from the identical IP on a regular basis? Do you utilize a VPN?
FixedFloat reply through electronic mail:
We’re sorry that you just have been subjected to theft of funds.
FixedFloat is an prompt non-custodial exchanger. After the receipt of funds and the receipt of the required variety of confirmations, the alternate takes place instantly.
We don’t require any private information for the alternate. We are able to solely request a search of the server logs (IP, user-agent, language) from our technical specialists. However we’d like an official request out of your regional police or different consultant, from their official electronic mail handle so as to challenge confidential data.
After receiving an official request from regulation enforcement, we will ship server log information and order information.
Sadly, that is the utmost we can assist on this scenario.
I submit this story on reddit they shut the submit, If i wrote on they telegram group they inform me to cease as a result of the pockets is nice.
I believe was an inside job.. or can someone inform me how the hacker get the seed from a pockets that’s energy off nearly on a regular basis?
One of many largest lack of my life.
Right here you may see how the hacker transfer the bitcoin
https://oxt.me/transaction/812f73d94bc1eb029e72930427ea27bee4e668accaad4d3fc167a24f1de364a5
https://oxt.me/transaction/59448820438e21501673e6c732419a3f1b9a04fcce086ab3638c58238348b0b6
https://oxt.me/transaction/b266a2d1d586f0bcb3bd6c1003969b0930382531d0c166755fd1ed1a1aa5cbc0
https://oxt.me/transaction/67b8563a226c864c12fd059b5ca29f2c9ccb556958b08b2ada1a5de79c6aa677
after which In u/binance u/FixedFloat
https://oxt.me/transaction/2984598d66601f7cf922f819b32da464733ec00bd5e71ce76ca6627fdc97e38f
I scan the telephone witth malwarebyte and is all nice
