When I first got this ledger, I have now remembered that I saved a photo of the seeds to my secure folder(mistake #1).
That's an important - and unfortunately a costly - lesson to learn. This seems the most plausible explanation.
This is the only way I can see that they have accessed it. I've run anti virus etc on there but it's found nothing.
An AV is not guaranteed to find malware. Most of them are using signatures to find old and already known malware and some behavior analysis which - depending on the AV - can be circumvented by the malware relatively easy or with quite some work only.
ok, thank you for that explanation. I always believed that when you chose your passcode, this effectively became the 25th seed word that is used to generate the private keys....so you need the card of 24 seed words + the secret passcode.
As o_e_l_e_o already mentioned, that exists.
Unfortunately a lot of people are using a lot of different terms for that. It is (and should be called) a
passphrase. This passphrase is used as a salt in the key derivation function, resulting in exactly what you have mentioned.
Dont listen to this legendary person, he is TOTALLY WRONG.
You sir, have no clue at all.
Azorult and hydra takes screenshots, so whenever you wrote those words down, they might have been snap shot and sent to hackers.
Ye.. you just missed one important thing.. the mnemonic code never ever appear on the PC, neither do they need to be entered there.
So, the next time you want to "correct" someone, take a look
here and make use it.