DiegoPapi6 TrustWallet Theft: Difference between revisions

From Quadriga Initiative Cryptocurrency Hacks, Scams, and Frauds Repository
Jump to navigation Jump to search
(Much more description on DiegoPapi6 improved and expanded.)
(→‎Total Amount Lost: One easy correction.)
Line 59: Line 59:


== Total Amount Lost ==
== Total Amount Lost ==
In DiegoPapi6's original post, he did not mention the specific assets lost. He later described the amount as "$7700" on December 14th, 2021<ref name=":0" />. He also mentioned the stolen assets were "sold back in June for 14 BNB"<ref name=":0" />, which appears to be an incorrect statement of facts on a theft that was reported at the end of July. He has confirmed by private message that there was only a single theft, and we were also able to locate and confirm his blockchain wallet<ref>[https://bscscan.com/address/0x66d12a3501145af06d997118fc9532ce81754d40 DiegoPapi6's BNB Wallet Transactions - BSCScan] (Mar 14, 2023)</ref> and the specific theft transactions<ref name=":5" />.
In DiegoPapi6's original post, he did not mention the specific assets lost. He later described the amount as "$7700" on November 30th, 2021<ref name=":7" />, and again on December 14th, 2021<ref name=":0" />. He also mentioned the stolen assets were "sold back in June for 14 BNB"<ref name=":0" />, which appears to be an incorrect statement of facts on a theft that was reported at the end of July. He has confirmed by private message that there was only a single theft, and we were also able to locate and confirm his blockchain wallet<ref>[https://bscscan.com/address/0x66d12a3501145af06d997118fc9532ce81754d40 DiegoPapi6's BNB Wallet Transactions - BSCScan] (Mar 14, 2023)</ref> and the specific theft transactions<ref name=":5" />.


The closing market price of BNB on July 31st, 2021 was $333.55 USD<ref>[https://coinmarketcap.com/currencies/bnb/historical-data/ BNB Historic Price - CoinMarketCap] (Mar 5, 2023)</ref>. Taking his numbers at face value, this would make the value of 14 BNB at that time $4,669.70, which would be an extremely high degree of slippage when liquidating his assets, however that may make sense given a token with less liquidity.
The closing market price of BNB on July 31st, 2021 was $333.55 USD<ref>[https://coinmarketcap.com/currencies/bnb/historical-data/ BNB Historic Price - CoinMarketCap] (Mar 5, 2023)</ref>. Taking his numbers at face value, this would make the value of 14 BNB at that time $4,669.70, which would be an extremely high degree of slippage when liquidating his assets, however that may make sense given a token with less liquidity.

Revision as of 11:47, 15 March 2023

Notice: This page is a new case study and some aspects have not been fully researched. Some sections may be incomplete or reflect inaccuracies present in initial sources. Please check the References at the bottom for further information and perform your own additional assessment. Please feel free to contribute by adding any missing information or sources you come across. If you are new here, please read General Tutorial on Wikis or Anatomy of a Case Study for help getting started.

Notice: Some details of this case study are inconsistent with one another, and there is a lack of credible sources found to resolve the discrepancies. This could be because information has been reported inaccurately, details from multiple separate incidents have been incorrectly considered to be related, or there are additional facts not yet discovered which explain the discrepancies. Please check the References at the bottom for further information and perform your own assessment. If you have some time, please contribute back to our database by adding any missing information or sources you come across. If you are new here, please read General Tutorial on Wikis or Anatomy of a Case Study for help getting started.

Notice: This page contains sources which are not attributed to any text. The unattributed sources follow the initial description. Please assist by visiting each source, reviewing the content, and placing that reference next to any text it can be used to support. Feel free to add any information that you come across which isn't present already. Sources which don't contain any relevant information can be removed. Broken links can be replaced with versions from the Internet Archive. See General Tutorial on Wikis, Anatomy of a Case Study, and/or Citing Your Sources Guide for additional information. Thanks for your help!

Trust Wallet

DiegoPapi6 was tricked into signing a malicious smart contract which took their funds. While many details of their story don't line up perfectly, they've provided a blockchain address. They claim to have lost $8k in funds.

This is a global/international case not involving a specific country. [1][2][3][4][5][6][7][8][9]

About DiegoPapi6

DiegoPapi6 is a Christian[10] trucker[11][12][13] from Arizona[14], primarily operating in Texas[15][16]. He was 43 as of November 4th, 2021[17], and is happily married[18][19] with a son who was 19 on October 27th, 2021[20]. and has been a user of Reddit since August 11th, 2020[21].

He is a regular and enthusiastic investor in Shiba Inu[22][23][24][25], ZombieInu[26][27][28][29], Dogecoin[30], and BitRise[31]. He previously held an investment in Wink[32][33]. He does a high degree of research for every project he invests in[25][34]. According to his profile, he has been a crypto investor since 2016[21].

DiegoPapi6 used an Android smartphone on the TMobile network.

About TrustWallet

TrustWallet is a wallet available as a browser extension or mobile download for IOS or Android[35]. The wallet was originally released in November 2017[36]. TrustWallet was acquired by Binance on July 31, 2018[36].

The most trusted & secure crypto wallet

Buy, store, collect NFTs, exchange & earn crypto. Join 25 million+ people using Trust Wallet.

Wallets within TrustWallet are typically secured by a 12 word seed phrase[37].

Just like your bank account login or email credentials, your recovery phrase needs to be kept in a secure, hidden location. You need to write it on a piece of paper (or engrave it in metal) and ensure that the order of words is followed.

The Reality

Malicious links can often be sent to smartphones via text messages, and may be able to download malware onto a phone[38][39][40][41]. On Android, malicious applications can only be installed from outside the Play Store if install permissions have been explicitly set to "allow unknown app"[40]. Once installed, applications can either trick users into providing the desired permissions or exploit vulnerabilities to gain administrator level permissions and access sensitive data[41].

There is some speculation that phishing attacks are assisted through data that was acquired from privacy breaches on mobile carriers throughout 2018[39].

What Happened

According to private messages later received from DiegoPapi6, he received a text messages which he believed at the time was an update from TMobile for this Android smartphone. The provided link prompted him to download and install malware on his smartphone, which was then able to harvest his TrustWallet credentials and drain his wallet account.

I believe it was a down load via text that appeared to come from T-mobile that got me. Because all I remembered was accepting the download and then a few hours later my wallet was getting drained in real time 😱 I was able to witness 2 sells 😳

Key Event Timeline - DiegoPapi6 TrustWallet Theft
Date Event Description
July 31st, 2021 1:09:57 PM MDT BitRise Liquidation Transaction The very first unauthorized transaction is found on the blockchain, which is liquidating BitRise tokens for 5.533666193138193418 BNB[42].
July 31st, 2021 1:10:31 PM MDT LockLet Liquidation Transaction A second transaction liquidates DiegoPapi6's Locklet tokens for 3.429139695919401803 BNB[43].
July 31st, 2021 1:12:55 PM MDT Theft Transfer Transaction A blockchain transaction transfers 9.249016167190047758 BNB from DiegoPapi6's wallet to the attacker's wallet[44].
July 31st, 2021 9:28:29 PM MDT Original Reddit Post DiegoPapi6 posts on Reddit about their situation.
November 30th, 2021 9:33:02 PM MST Shiba Hacking Response DiegoPapi6 responds to another user who was hacked with support and recounting valuable lessons he's learned in the process of his own loss[45].
December 14th, 2021 2:47:32 PM MST anonymizeme Reddit Response DiegoPapi6 posts additional details on a Reddit thread by anonymizeme multiple months later[46].

Total Amount Lost

In DiegoPapi6's original post, he did not mention the specific assets lost. He later described the amount as "$7700" on November 30th, 2021[45], and again on December 14th, 2021[46]. He also mentioned the stolen assets were "sold back in June for 14 BNB"[46], which appears to be an incorrect statement of facts on a theft that was reported at the end of July. He has confirmed by private message that there was only a single theft, and we were also able to locate and confirm his blockchain wallet[47] and the specific theft transactions[42].

The closing market price of BNB on July 31st, 2021 was $333.55 USD[48]. Taking his numbers at face value, this would make the value of 14 BNB at that time $4,669.70, which would be an extremely high degree of slippage when liquidating his assets, however that may make sense given a token with less liquidity.

Immediate Reactions

DiegoPapi6 posted on Reddit with some high level details of what happened.

"I really didn't want to post this here today but I have exhausted all avenues and can't seem to get anywhere. I have the address to where the [individual] who sold two of my Tokens for BNB and then sent them off to his or her wallet.

My question is.., Is there there anything I can do at this point? Or should I just move on, dust myself off and try again?

Anyone with knowledge or advice on what I can do please go ahead and shoot it straight. I can handle it"

One of the responses believed that he had bought a scam coin:

"You didn't get hacked and trust wallet is safe. You bought a scam coin that was a smart contract. You should always be careful when you sign a smart contract because it's literally a contract."

Ultimate Outcome

DiegoPapi6 later posted about the situation on Reddit in response to anonymizeme's similar theft situation[46].

"Been there done that... I completely feel your pain. I had $7700 siphoned out of my old TW which would have translated to over $200,000 in today's price in $BRISE which was sold back in June for 14 BNB.

Good luck in getting your funds back. It will be near impossible but good luck."

He has clearly improved his security, noting that he never clicks on any email/link, even from a company he does business with. He also notes not connecting his phone to wifi, which is of questionable significance[45].

I know the feeling... I to, lost $7700 in BNB about 3 months ago and it happened while I was connected to my wifi at home. I never connect my phone to Wi-Fi...EVER💯. Learned a very expensive but valuable lesson. I also never click on just any email/link. Even if it says it's from paypal or any company I do business with😅

DiegoPapi6 posted that he feels that scammers in the cryptocurrency space should be regulated[49].

Way too many scammers- That definitely need to be regulated

However, from follow up discussion with DiegoPapi6 on Reddit, it would appear that DiegoPapi6 has lost track of many details of his wallet and is not pursuing any further investigation.

It’s been a while and I don’t remember where I put this information. But no worries, I’ve made 50x that amount since then

He no longer uses TMobile, however that is unrelated to this situation.

Total Amount Recovered

Based on the final comment from DiegoPapi6[46], there do not appear to have been any funds recovered in this case. This was also confirmed by private message.

Ongoing Developments

There are no remaining developments likely in this case.

General Prevention Policies

Store most funds offline, double check all transactions.

Individual Prevention Policies

No specific policies for individual prevention have yet been identified in this case.

For the full list of how to protect your funds as an individual, check our Prevention Policies for Individuals guide.

Platform Prevention Policies

Policies for platforms to take to prevent this situation have not yet been selected in this case.

For the full list of how to protect your funds as a financial service, check our Prevention Policies for Platforms guide.

Regulatory Prevention Policies

No specific regulatory policies have yet been identified in this case.

For the full list of regulatory policies that can prevent loss, check our Prevention Policies for Regulators guide.

References

  1. DiegoPapi6 comments on What do you believe is the biggest hurdle in crypto, and how can we overcome it? (Mar 4, 2023)
  2. DiegoPapi6 comments on It's my 6th year into crypto, and I'm still seeing people excited everytime the market goes up 0.9% (Mar 4, 2023)
  3. DiegoPapi6 comments on My Trust Wallet was hacked earlier today! (Mar 4, 2023)
  4. [https://old.reddit.com/r/bitrise/comments/ovdzm4/please_beware_all_of_my_bitrise_tokens_and_lock/h7a3dd6/ DiegoPapi6 comments on **** PLEASE BEWARE****. All of my BitRise Tokens and Lock let tokens (look at the bottom of pic) have been sold into BNB and transfer to another wallet without my authorization. This is the wallet that hass my money now �:...ff2a9] (Mar 4, 2023)
  5. DiegoPapi6 comments on Bitrise - Hyper Deflationary Token with BNB Rewards | Hold $BRISE & Earn BNB (Mar 4, 2023)
  6. ****PLEASE BEWARE*** MY TRUST WALLET WAS JUST HACKED AND COMPLETELY DRAINED OF ALL MY BITRISE AND LOCKLET TOKENS. SOME FROM THIS ADDRESS: 0x9c88eea9c217eedbeef80bc4f7ff2a95d1f3c65d. SOLD MY TOKENS FOR OVER 9 BNB. IS THERE ANYWAY TO TRACK THIS POS...BArmy (Mar 5, 2023)
  7. https://coinmarketcap.com/currencies/bitrise-token/ (Mar 5, 2023)
  8. Address 0x9c88eea9c217eedbeef80bc4f7ff2a95d1f3c65d | Etherscan (Mar 5, 2023)
  9. Binance Transactions Information | BscScan (Mar 5, 2023)
  10. DiegoPapi6 - "GOD (The Creator of Heaven & Earth) works on all those who believe and trust in HIM." - Reddit (Mar 9, 2023)
  11. DiedoPapi6 - "for us truckers" - Reddit (Mar 9, 2023)
  12. DiegoPapi6 - "I have trucker friends with 30 plus years experience and I have broker/dispatcher friends with 14 plus years experience" - Reddit (Mar 9, 2023)
  13. DiegoPapi6 - "“We” truckers are the life line to this whole economy" - Reddit (Mar 9, 2023)
  14. DiegoPapi6 - "Proud of my State" - Reddit (Mar 14, 2023)
  15. DiegoPapi6 - "I’m already here in Dallas" - Reddit (Mar 9, 2023)
  16. DiegoPapi6 - "In Laredo but honestly I’ve never had it that bad" - Reddit (Mar 9, 2023)
  17. DiegoPapi6 - "I'm 43 y.o. and I know how the majority of people are." - Reddit (Mar 15, 2023)
  18. DiegoPapi6 - "I have been with my wife for over 20 years" - Reddit (Mar 15, 2023)
  19. DiegoPapi6 - "She is definitely the best friend I needed in my life" - Reddit (Mar 15, 2023)
  20. DiegoPapi6 - "I even got my 19y.o. to invest" - Reddit (Mar 15, 2023)
  21. 21.0 21.1 DiegoPapi6's Profile - Reddit (Mar 15, 2023)
  22. DiegoPapi6 - "I’m on this game, on the daily." - Reddit (Mar 9, 2023)
  23. DiegoPapi6 - "strap on your moon boots because it will continue its rise" - Reddit (Mar 14, 2023)
  24. DiegoPapi6 - "Same" "I am 100% Shib staked!" - Reddit (Mar 14, 2023)
  25. 25.0 25.1 DiegoPapi6 - "I first started with the community." - Reddit (Mar 15, 2023)
  26. DiegoPapi6 - "I appreciate my ZINU homies" - Reddit (Mar 9, 2023)
  27. DiegoPapi6 - "Basically ZINU will go from having 1,000T to 1B tokens." - Reddit (Mar 9, 2023)
  28. DiegoPapi6 - "I been following ZINU since launch but did not jump in till recently" - Reddit (Mar 9, 2023)
  29. DiegoPapi6 - "I will hodl my tokens." - Reddit (Mar 9, 2023)
  30. DiegoPapi6 - "I have dog" - Reddit (Mar 15, 2023)
  31. DiegoPapi6 - "Bitrise...since the 1st message I sent about 5 hours ago." - Reddit (Mar 15, 2023)
  32. DiegoPapi6 - "I ended up investing in WINK" - Reddit (Mar 14, 2023)
  33. DiegoPapi6 - "So glad I pulled out about a month ago" - Reddit (Mar 15, 2023)
  34. DiegoPapi6 - "Basically I do my DD and Research." - Reddit (Mar 15, 2023)
  35. Best Cryptocurrency Wallet | Ethereum Wallet | ERC20 Wallet | Trust Wallet (Mar 9, 2023)
  36. 36.0 36.1 Trust Wallet - Golden.com Wiki (Mar 9, 2023)
  37. Could Someone Guess Your Recovery Seed Phrase? - TrustWallet (Mar 9, 2023)
  38. T-Mobile customers warned of unblockable SMS phishing attacks - BleepingComputer (Mar 14, 2023)
  39. 39.0 39.1 Government issues warning against unblockable phishing attacks on T-Mobile customers - Phone Arena (Mar 14, 2023)
  40. 40.0 40.1 How to Tell if Your Phone Has Been Hacked - Techlicious (Mar 14, 2023)
  41. 41.0 41.1 Android malware tries to trick you. Here's how to spot it - CNet (Mar 14, 2023)
  42. 42.0 42.1 First Unauthorized Theft Swap - BSCScan (Mar 14, 2023)
  43. Liquidation Of DiegoPapi6's Locklet Tokens - BSCScan (Mar 14, 2023)
  44. Stolen BNB Funds Transferred - BSCScan (Mar 14, 2023)
  45. 45.0 45.1 45.2 DiegoPapi6 - "Learned a very expensive but valuable lesson." - Reddit (Mar 15, 2023)
  46. 46.0 46.1 46.2 46.3 46.4 DiegoPapi6's Response To anonymizeme's Theft Case - Reddit (Mar 5, 2023)
  47. DiegoPapi6's BNB Wallet Transactions - BSCScan (Mar 14, 2023)
  48. BNB Historic Price - CoinMarketCap (Mar 5, 2023)
  49. DiegoPapi6 - "Way too many scammers- That definitely need to be regulated" - Reddit (Mar 14, 2023)
Retrieved from "https://quadrigainitiative.com/cryptocurrencyhackscamfraudwiki/index.php?title=DiegoPapi6_TrustWallet_Theft&oldid=3049"