Собственно сабж (((((
Зашел на etherscan.io, пишет - баланс 0 токенов.
протер глаза, обновил страницу - 0 токенов...
Было 69. по курсу на сегодня - это примерно 770 долларов.
проверил кошелек - все токены "тихо и молча" ушли на неизвестный мне адрес.
Кошелек myetherwallet.com, пользовался всегда аккуратно, всегда проверял адресную строку, заходил всегда из закладок.
Вопрос - можно как то этот вопрос "оспорить"? Мысленно я уже простился с этим активом, но очень обидно, это в рублях на данный момент более 40000 рублей((( да и приобрел примерно неделю назад примерно по такой же цене.
Покупал на перспективу.
Повторяюсь - заходил всегда аккуратно, следил за адресом сайта и его сертификатом. Стоит антивирус.
Неделю назад была инфа по интернету, что myetherwallet.com был взломан и на нем заменили адреса ДНС серверов. Потом было официальное опровержение от владельцев myetherwallet.com. Я не придал значения.
А сегодня 4 часа назад все токены переведены на неизвестный мне адрес
https://etherscan.io/token/EOS?a=0xe2c3be13ef5a063dfd89567f4524eacb7a83a75d
Видимо myetherwallet.com - это очень не надежное место для хранения и оборота токенов и эфира.
Повторю цель поста и мой вопрос - Вопрос - можно как то этот вопрос "оспорить" и вернуть актив?
Вопрос №2 - как могли так просто утащить токены с этого популярного и всеми рекомендуемого кошелька
а у этого кошелька есть приватный ключ?Зашел на etherscan.io, пишет - баланс 0 токенов.
протер глаза, обновил страницу - 0 токенов...
Было 69. по курсу на сегодня - это примерно 770 долларов.
проверил кошелек - все токены "тихо и молча" ушли на неизвестный мне адрес.
Кошелек myetherwallet.com, пользовался всегда аккуратно, всегда проверял адресную строку, заходил всегда из закладок.
Вопрос - можно как то этот вопрос "оспорить"? Мысленно я уже простился с этим активом, но очень обидно, это в рублях на данный момент более 40000 рублей((( да и приобрел примерно неделю назад примерно по такой же цене.
Покупал на перспективу.
Повторяюсь - заходил всегда аккуратно, следил за адресом сайта и его сертификатом. Стоит антивирус.
Неделю назад была инфа по интернету, что myetherwallet.com был взломан и на нем заменили адреса ДНС серверов. Потом было официальное опровержение от владельцев myetherwallet.com. Я не придал значения.
А сегодня 4 часа назад все токены переведены на неизвестный мне адрес
https://etherscan.io/token/EOS?a=0xe2c3be13ef5a063dfd89567f4524eacb7a83a75d
Видимо myetherwallet.com - это очень не надежное место для хранения и оборота токенов и эфира.
Повторю цель поста и мой вопрос - Вопрос - можно как то этот вопрос "оспорить" и вернуть актив?
Вопрос №2 - как могли так просто утащить токены с этого популярного и всеми рекомендуемого кошелька
Уверен что пропали? Была транзакция на чужой кошелек? Просто myetherwallet часто подглючивает и токены так "пропадают" и эфиры, но на самом деле они никуда не делись и по прежнему в кошельке.
Уверен на 100%. Там по транзакциям можно посмотреть вчера тоже прилично увели у кого то и именно EOS. https://etherscan.io/token/EOS?a=0xe2c3be13ef5a063dfd89567f4524eacb7a83a75d причем ворует с 3 кошельков каждый день.
Писал в тех поддержку MEW сообщение примерно такого же содержания, как в первом посте - пожали плечами и принесли соболезнования. Текст ответа видимо стандартный.
А через метамаск реально не украдут? стоит какое то приложение в браузере, я туда же так же ввожу пароль как и при входе с JSON файлом. Чем он лучше и надежнее?
Quote
Hello Viacheslav,
I'm really sorry, but it sounds like you may have been the victim of a phishing attack. I understand how frustrating it can be.
Unfortunately, we encounter these phishing scams/attacks on a daily basis. Typically, the biggest reason for these incidents is accessing your wallet address from a malicious URL that was sent via email, DM, or in various other communication channels. Have you checked your browser history?
MyEtherWallet is a client-side wallet, which means we do not hold your keys. If someone gets your private key (keystore file, mnemonic phrase, passwords), they have complete access to your funds. There is no stopping transactions, cancelling transactions, or resetting passwords. Once a transaction is on the blockchain, it's final. We do actively attempt to track down the people behind these sites and do what we can to warn others, take down the site, or whatever we can given the particular situation.
Other major brands like Apple, Google and PayPal are also vulnerable and they are used as lures for phishing attacks as well.
There are things you can do to help prevent us and others from being victims of phishing. Help make the community safer. We can't always scan through the world wide web by ourselves.
Document & Share Information
Look through your history for any URLs that look like MyEtherWallet.com but are actually a very similar URL (e.g. myetherwallet . su or myetherwallet . com . co).
Fill out the form here: https://etherscamdb.info/report/.
Include your address, the URL you visited, and any additional information, including which Slack channels you were a part of or how you accessed the malicious link.
Move your Funds ASAP & Protect Yourself Moving Forward
Create new accounts, safely, and move any funds from any existing accounts to these new accounts as soon as you are in a place to do so. (Rushing does not help, doing it safely is the most important thing.)
Get a Ledger or Trezor Hardware Wallet
Create a Cold Storage Wallet
Use MEW + MetaMask
Never enter your private keys, passwords, sensitive data on a website that you were sent via message
ONLY unlock your wallet when you want to send a transaction. Check your balance via https://etherscan.io/ or https://ethplorer.io/
Do not trust messages or addresses or URLs sent via private message. Always verify information with a secondary source.
Install an extension to block malicious websites:
Install EAL
or Install MetaMask
or Install Cryptonite by Metacert
or Install the MyEtherWallet Chrome Extension
Tokens that haven't been distributed / can't be moved yet
If you recently participated in an ICO, you may have tokens remaining in your wallet. These are not currently transferable, or perhaps these tokens will be distributed at a later date to your now compromised wallet. You will need to find out when you can send these tokens from your wallet. The easiest way to determine that is to reach out to that token's creators and ask them for the information and if they can be of further assistance.
Once you know when you can move the tokens, you will need to plan on moving your tokens as close to that time as possible. First, send 0.01 ETH into your wallet (to cover the cost of gas) and then send your tokens out of your wallet to your new, secure wallet. You should do this as quickly as possible as soon as the tokens can be moved.
Lastly, read our Getting Started Guide & Protecting Yourself and Your Funds. Be proactive about your security.
Again, we are really sorry.
I'm really sorry, but it sounds like you may have been the victim of a phishing attack. I understand how frustrating it can be.
Unfortunately, we encounter these phishing scams/attacks on a daily basis. Typically, the biggest reason for these incidents is accessing your wallet address from a malicious URL that was sent via email, DM, or in various other communication channels. Have you checked your browser history?
MyEtherWallet is a client-side wallet, which means we do not hold your keys. If someone gets your private key (keystore file, mnemonic phrase, passwords), they have complete access to your funds. There is no stopping transactions, cancelling transactions, or resetting passwords. Once a transaction is on the blockchain, it's final. We do actively attempt to track down the people behind these sites and do what we can to warn others, take down the site, or whatever we can given the particular situation.
Other major brands like Apple, Google and PayPal are also vulnerable and they are used as lures for phishing attacks as well.
There are things you can do to help prevent us and others from being victims of phishing. Help make the community safer. We can't always scan through the world wide web by ourselves.
Document & Share Information
Look through your history for any URLs that look like MyEtherWallet.com but are actually a very similar URL (e.g. myetherwallet . su or myetherwallet . com . co).
Fill out the form here: https://etherscamdb.info/report/.
Include your address, the URL you visited, and any additional information, including which Slack channels you were a part of or how you accessed the malicious link.
Move your Funds ASAP & Protect Yourself Moving Forward
Create new accounts, safely, and move any funds from any existing accounts to these new accounts as soon as you are in a place to do so. (Rushing does not help, doing it safely is the most important thing.)
Get a Ledger or Trezor Hardware Wallet
Create a Cold Storage Wallet
Use MEW + MetaMask
Never enter your private keys, passwords, sensitive data on a website that you were sent via message
ONLY unlock your wallet when you want to send a transaction. Check your balance via https://etherscan.io/ or https://ethplorer.io/
Do not trust messages or addresses or URLs sent via private message. Always verify information with a secondary source.
Install an extension to block malicious websites:
Install EAL
or Install MetaMask
or Install Cryptonite by Metacert
or Install the MyEtherWallet Chrome Extension
Tokens that haven't been distributed / can't be moved yet
If you recently participated in an ICO, you may have tokens remaining in your wallet. These are not currently transferable, or perhaps these tokens will be distributed at a later date to your now compromised wallet. You will need to find out when you can send these tokens from your wallet. The easiest way to determine that is to reach out to that token's creators and ask them for the information and if they can be of further assistance.
Once you know when you can move the tokens, you will need to plan on moving your tokens as close to that time as possible. First, send 0.01 ETH into your wallet (to cover the cost of gas) and then send your tokens out of your wallet to your new, secure wallet. You should do this as quickly as possible as soon as the tokens can be moved.
Lastly, read our Getting Started Guide & Protecting Yourself and Your Funds. Be proactive about your security.
Again, we are really sorry.