Numerous Crypto Wallets Raided for Funds, Cause Remains Unclear
On April 18, the crypto community on Twitter was abuzz with reports of numerous crypto wallets being drained under mysterious circumstances.
Numerous Crypto Wallets Raided for Funds, Cause Remains Unclear
The information was shared by the Twitter account "Tay," a member involved in developing MetaMask. Specifically:
"In the past 48 hours, I’ve observed a significant number of crypto wallets being drained. I’m unsure of the extent of this situation, but since December 2022, approximately 5,000 ETH has been stolen, including tokens, NFTs, and various platform coins across more than 11 different blockchains. The cause remains unknown."
For the past 48hrs I've been unwinding a massive wallet draining operation 😳😭
— Tay 💖 (@tayvano_) April 18, 2023
I don't know how big it is but since Dec 2022 it's drained 5000+ ETH and ??? in tokens / NFTs / coins across 11+ chains.
Its rekt my friends & OGs who are reasonably secure.
No one knows how. pic.twitter.com/MafntG7RkP
Tay also noted that there were no signs of phishing websites or identity fraud involved. What's concerning is that the targeted addresses are all OG (veteran) wallets rather than newly created or recently active ones.
Additionally, common features among the compromised accounts include:
- Keys created between 2014-2022.
- High activity in the crypto market, with multiple accounts held.
"My current guess is that it could be due to someone having stored a large amount of cache data from a year ago, which might have been used to trace the keys of these wallets. But this is just a guess; I’m not certain. This isn’t related to cryptography. Don’t waste your time on it."
My best guess rn is that someone has got themselves a fatty cache of data from 1+ yr ago & is methodically draining the keys as they parse them from the treasure trove.
— Tay 💖 (@tayvano_) April 18, 2023
But that's just a guess. I *don't* know.
It is NOT cryptographic/entropy related tho, don't waste your time.
Hackers typically operate between 10 AM and 4 PM UTC, with scattered attack attempts occurring from 4 PM to 10 PM UTC. With a large volume of tokens, hackers will often swap them to ETH directly within the victim’s wallet before performing the theft.
Notably, staked positions, NFTs, and less popular tokens appear to be left untouched by hackers.
Currently, there is no detailed information regarding the cause or methods of the attacks. Consequently, Tay recommends users to diversify their storage locations to mitigate potential risks.
I'm tired af but I'll lay out some details of the attacker below.
— Tay 💖 (@tayvano_) April 18, 2023
Really the ONLY thing you need to read is this:
PLEASE DON'T KEEP ALL YOUR ASSETS IN A SINGLE KEY OR SECRET PHRASE FOR YEARS. THE END.
Split up your assets. Get a hw wallet. Migrate. Now.
