My wallet was drained… But how?
Somehow, someone managed to drain one of my wallets with this transaction https://etherscan.io/tx/0x64cdfe23e9e656971e3ca21a272e9321f4dc6763852e46515503948a2ecfa961
Luckily I only had about 200USD worth of ETH on this wallet – plus an .eth name that luckily wasn't stolen (just ordered a Ledger and moving the name there immediately once it arrives).
The wallet in question was initially generated on MetaMask a while back on a MacBook. Even though I'm generally insanely careful when it comes to installing things and browsing sketchy sites, I checked that device with a few malware scanners, including Malwarebytes, and all checks came back negative. Checked all my other devices too for good measure – nothing.
I wrote down the secret phrase for the wallet on a piece of paper which I had hidden at home, and a few weeks back used that to import the wallet into Rainbow Wallet on Android (the early access version). Few weeks later, the wallet was drained. I honestly cannot imagine that Rainbow is the culprit, given that I'm on always on the latest security update of Android and app sandboxing should prevent anything being able to access Rainbow's stored data… right?
I'm super confused and honestly scared. Even though I didn't lose a lot here, I have no idea how this happened, which is making me quite paranoid.
Edit.: Turns out I set Rainbow to back up secret phrases to Google Drive, but my Google account seems 100% secure. I use my Pixel phone as a hardware 2FA security key and there is no suspicious activity visible in my account at all.
submitted by /u/efstajas
[link] [comments]