DeFi Education

Share this post

User's avatar
DeFi Education
Caution: Hack Impacting Crypto-Savvy Users (+ Market Update)
Copy link
Facebook
Email
Notes
More

Caution: Hack Impacting Crypto-Savvy Users (+ Market Update)

Level 4 - Turbo Autist

DeFi Education's avatar
DeFi Education
Apr 20, 2023
∙ Paid
42

Share this post

User's avatar
DeFi Education
Caution: Hack Impacting Crypto-Savvy Users (+ Market Update)
Copy link
Facebook
Email
Notes
More
22
3
Share

Welcome Avatar!

There have been a series of crypto hacks taking down OGs and crypto savvy users. Our resident security expert BowTied Iguana is here to shed light on the situation.

What is most concerning about these hacks is that they seem to be affecting security conscious users who have been in crypto the longest, including some of the earliest Ethereum wallets.

It’s safe to assume these crypto OGs have a better understanding of crypto security than average users, so how are they being cracked?

It’s an evolving situation where all the details are not available (yet). Let’s go over what we know, and what you can do to mitigate risk for your on-chain funds.

What We Know

  • Started in December 2022

  • Has stolen over 5,000 ETH ($10M!) plus other tokens and NFTs

  • Across 11 chains

  • Seems to target OGs and security conscious users

(credit to @tayvano_ for researching)

Victims are users of the main crypto wallets:

  • Metamask and Metamask mobile

  • MEW (MyEtherWallet)

  • Ledger Live

  • MyCrypto

  • Trust

  • Exodus

  • Electrum

  • Coinomi

  • Coinbase Wallet

*bolded wallets are used and trusted by the DeFi team

So far, nobody has uncovered a pattern / common factor to the hacks.

Victims have used all the main operating systems: Windows, Mac, Linux, Android, iOS.

Different key storage methods were employed, ranging from 12-word or 24-word seed phrases to raw private keys, encrypted private keystores, wallet.dat files, and genesis presale wallets. Some of the victims stored their keys in cloud storage or password managers, while others did not.

The patterns of theft varied as well. In some cases, multiple accounts under the same seed were drained, while in others, only one account was drained. There were instances where multiple accounts not in the same seed were drained, as well as cases where multiple accounts not in the same seed, but stored together or in the same wallets, were not drained.

And that’s all we know. We don’t know how they are doing it. Not great.

What Now?

Let’s revisit the basics and dispel some common myths we’re seeing spouted.

First off, hardware wallet users have been affected. Hardware wallets are not bulletproof. People have been commenting on Twitter assuming that they’re safe because if they use a hardware wallet, any transaction requires “physical confirmation”.

No such thing as physical confirmation. Private keys (your seed phrase) can only be used in the digital/electronic world. If someone has accessed your keys, they can forge a transaction as you. If the attacker somehow has your keys, it does not matter where the keys are stored.

If you had malware on your computer, you could be into signing a malicious transaction with your hardware wallet.

For example, a targeted email attachment could make your Metamask present a false transaction, which you may sign with your hardware wallet unknowingly.

To be truly secure, you need to understand how crypto transactions work at a fundamental level.

Let’s go over actionable advice and close out with a market update.

Staying Safe: A Checklist

This post is for paid subscribers

Already a paid subscriber? Sign in
© 2025 DeFi Education
Privacy ∙ Terms ∙ Collection notice
Start writingGet the app
Substack is the home for great culture

Share

Copy link
Facebook
Email
Notes
More