$47 000 USD





"I spent years earning [cryptocurrency] and resisting pulling it out, hoping I could eventually use it to pay for college tuition." "[M]y cryptocurrency [was] valued over $40,000."


"I have a Ledger Nano S wallet." "That wallet had 4.77 LTC, 4.48 ETH, and 0.73 BTC." "It was directly from ledger sealed and everything. Even generated the seed phrase myself." "The Ledger generated a passphrase containing 24 words." "I recorded that passphrase on a piece of paper and hid it." "I used telegram, discord, and reddit regularly. Used known exchanges to transfer crypto. I was using a ledger nano s with only 24 seeds not 25 and downloaded ledger live directly from the website."


"No one had or has access to that paper." "That passphrase (those words) were NEVER entered anywhere. (Not even on my phone)." "Did not have the 25th digit only 24 passphrase." "[N]o one has ever been in the vicinity of where I stored [the seed phrase]. And the time of the transactions where in the middle of the night when no one is awake. And the history shows that it has stolen even more from other people."


"Trust wallet was saved to cloud cause it didn’t have much at the time so didn’t think it mattered, but now the value went up and it did. Ledger seed was never put online at all only on paper." "Bought [the wallet] directly from Ledger sealed years ago. And it was on trust wallet around the same time."


"I also has a Trust Wallet." "I had $1500 worth of NPXS and $1000 worth of TRX in that wallet." "The passphrase for the Trust Wallet is saved as a screenshot on my iPhone." "My iPhone has not left my possession." "My iPhone has a 6 digit passcode."


"[M]ost Apple devices backup to iCloud by default. OP maybe even doesn’t know." "Anyone with access to the phone would know it. Including anyone working for Apple." "It is my understanding that icloud backs up your data even if you haven't set it up. Your user name is your email, which I believe is no different than your itunes email. Your password is also the same. So getting into icloud is fairly easy, and if course it includes your photos and screen shots." "OP doesn't seem to know the difference between a passphrase and 24 word seed. This is unfortunate and suggests user error was to blame for all of this."


"On February 24th at 6:48 AM and 6:55 AM both of those were stolen." "On February 24th at 5:45 AM Eastern Time, the BTC was stolen." "On the same day, at 6:46 AM and 6:48 AM, the ETH and LTC, respectively, were stolen." "Just looked at my wallet [March 26th] when I was thinking of buying more bitcoin, all to to find out all my cryptocurrency is gone."


"Both wallets were hacked on the same day at around the same time. Both had separate passphrases."


"The recipient address for the BTC is: 3EP2Bq6yMpXQc3TvoxLtwDsd1tg2A59CJs" "[T]he thief’s wallet address for BTC has other larger transactions." "[I]t is still known where the funds are. They are parked on [a single address]. {T]herefore still possible to track (not sent to a mixer at least)."


"I'm really devastated." "I’m thinking of bringing it up to authorities. Probably won’t do anything but worth a shot." "[TrustWallet] never responded back to me. I just decided to start from scratch with riskier investments."


"I don't think it's fud, just the op is forgetting stuff or omitting something. My first guess is that he probably had a backup of his ledger passphrase on his iPhone too. His iCloud probably got hacked containing both of his passphrases."


"Confirmation that the Ledger device and it's firmware are verified as legitimate might be a good step. Then expand that confirmation to every one of your assumptions until something stands out as unreconciled. Include assumptions about your privacy when entering or recording seed words and any potential for eavesdropping."

Reddit user wuay reported that their cryptocurrency (valued at over $40k) was removed from their Ledger and TrustWallet. While they admit to storing the TrustWallet seed phrase online on their iCloud, they insist that the Ledger seed phrase was only stored via a paper copy.


It seems most likely that wuay had a screenshot of the Ledger seed phrase, or was using the same seed phrase for both wallets. When combined with a weak password on the iCloud account, this would have allowed a thief to get into the account and obtain both seed phrases.


The thief appears to have stolen cryptocurrency from multiple users. They don't appear to be using a mixer to obscure their tracks, so can likely be determined. It was reported that TrustWallet did not respond and it is unclear if Ledger has responded. wuay does not appear to have posted anything further on their thread.

Sources And Further Reading

 For questions or enquiries, email info@quadrigainitiative.com.

Get Social

  • email
  • reddit
  • telegram
  • Twitter

© 2021 Quadriga Initiative. Your use of this site/service accepts the Terms of Use and Privacy Policy. This site is not associated with Ernst & Young, Miller Thompson, or the Official Committee of Affected Users. Hosted in Canada by HosterBox.