Cryptocurrency Wallet Drained - Twice! 21,000 USD gone.
This is the story of a cryptocurrency user who got a cryptocurrency wallet drained TWICE.
Unfortunately, this person didn't have the tools or knowledge to prevent hacking his wallet and losing Crypto assets for a total value of 21,000 USD.
We cannot go back in time, advise him, and prevent the hack, but we hope that after reading this story, you will be better prepared to prevent falling victim to a similar hack.
Summary of the Incident
The whole story can be read on Reddit, but here is a summary for those who do not have that much time:
- Person X clicked on a phishing link, approved a malicious transaction (smart contract), and the wallet crypto assets were stolen (drained).
- During this first hack, the user lost 13,000 USD to the wallet drainer,
- Person X decided to add Biometric 2FA authentication to the crypto wallet to prevent the same situation from happening again and proceeded to add additional crypto assets to the same wallet.
- The wallet got drained again, and the user lost 8,000 USD.
What went Wrong?
First, Person X clicked on a phishing link and approved a smart contract without understanding it.
We all need to be extremely careful when approving any blockchain transaction (smart contract):
- We all must read and fully understand any smart contract before approving it.
- Or do we need to use web3 security tools* that automatically review smart contracts and warn us about dangers like wallet drainers?
- However, the best solution is to combine our knowledge (understanding the contract) and good practices (using web3 security tools) to prevent falling from such hacks.
*For example, Wallet Guard Extension - How To Proactively Secure Your Crypto Wallet
Second, Person X didn't know that once approval has been granted to a malicious contract, it remains valid until revoked. This is why the wallet drained twice; the 2FA didn't prevent it.
Two-factor authentication is a very good security measure everyone should consider implementing when possible. However, it does not protect against malicious smart contract approvals.
Once again, so this very important point is fully understood: Once you approve a malicious contract, it remains active until it is REVOKED.
In the post, Person X provided the wallet address of the drained wallet.
Using Revoke.cash, we can have a look at all the approvals that Person X granted to this wallet:
Note the column 'Approved Spender'. Do you recognize any reputable wallet or exchange on it? We just see a bunch of approvals granted to Permit ...A3.
If this was our wallet and we had or planned to have any valuable crypto assets, we would revoke all those transactions.
In the same post, Person X provided a second wallet address, hoping that someone could provide some small support to balance the losses.
If we analyze this wallet using Revoke, we notice a bunch of approvals, but this time to a reputable hot wallet (Metamask)
No need to revoke all those approvals to Metamask... correct?
Well, having 18,000 USD (or even nearly 3,000 USD - see the approval for CAH token) in a hot wallet is a very high risk, and it may be worth revoking ALL the approvals... or, even better, just transferring those crypto worth 18,000 USD to a cold wallet.
What Can You Do To Prevent Wallet Dainers?
We have provided some hints in the post, but let's sum them up:
- Increase your Web2 and Web3 security knowledge: YOU and your knowledge are the best preventive defense against hacks and scams that will drain your wallets from all the crypto assets you have accumulated.
- Apply good Web2 and Web3 security practices: Some tools warn you when you are about to visit a malicious website (e.g., Wallet Guard Extension), but there are other security practices that everyone should consider, such as creating and using Burner Wallets.
- Keep Yourself Informed: You are reading this post and are already on the correct path.
The five minutes you have dedicated to reading it may save you a lot of future stress, time, and money.
You may want to consider subscribing to this blog for short but informative stories about how to protect your digital and crypto assets.