Tycooperaow Lost Funds Published Mnemonic
Notice: This page is a freshly imported case study from the original repository. The original content was in a different format, and may not have relevant information for all sections. Please help restructure the content by moving information from the 'About' section to other sections, and add any missing information or sources you can find. If you are new here, please read General Tutorial on Wikis or Anatomy of a Case Study for help getting started.
tycooperaow published their mnemonic unintentionally, and a hacker was able to use the information to extract the funds from their wallet.
About Mars Robertson (tycooperaow)
"A few days ago, a hacker got my mnemonic and stole $1,200 in ethereum from my Metamask wallet in under 100 seconds. The hackers were using a bot to scan for the mnemonic phrases across GitHub, and I accidentally left it in my code on a GitHub repo while I was sending to a Hack Money hack-at-hon. Although there are some coins and tokens left, the bot will siphon any ethereum I have to prevent me from moving my coins, and/or outmatch my attempts by supplying more gas."
"I just want you all to be aware to NEVER have a digital copy of your mnemonic or private key[, e]specially not online."
"If you are using metamask, randomly generate private keys for new accounts not associated with any mnemonics, and imported onto metamask"
"There is still $600 supposedly that's locked in Compound DeFi protocol and if anyone is interested in helping solve this, here is a suggestion someone made for me who we are seeking ways to solve this."
"I was foolish and this mistake was costly, but I know how to be extra secure when dealing in crypto. I was very upset and scared at first, but I can't dwell on it and I'll move on. No need to stress over thousands when I can focus on making millions."
This is a global/international case not involving a specific country.
The background of the exchange platform, service, or individuals involved, as it would have been seen or understood at the time of the events.
- Known history of when and how the service was started.
- What problems does the company or service claim to solve?
- What marketing materials were used by the firm or business?
- Audits performed, and excerpts that may have been included.
- Business registration documents shown (fake or legitimate).
- How were people recruited to participate?
- Public warnings and announcements prior to the event.
- Any wording which directly states or implies that the business is/was illegitimate, or that a vulnerability existed.
- Anything that wasn't reasonably knowable at the time of the event.
There could be more than one section here. If the same platform is involved with multiple incidents, then it can be linked to a main article page.
This sections is included if a case involved deception or information that was unknown at the time. Examples include:
- When the service was actually started (if different than the "official story").
- Who actually ran a service and their own personal history.
- How the service was structured behind the scenes. (For example, there was no "trading bot".)
- Details of what audits reported and how vulnerabilities were missed during auditing.
Mars Robertson reports that they accidentally published their mnemonic seed phrase on GitHub, which allowed an attacker bot to steal the funds. He was working on software which depended on having a wallet with live funds, and tested using his own wallet. When he made the mistake of committing that version to GitHub, his funds were instantly taken by the attacker.
|May 24th, 2020 8:06:21 PM MDT||High Gas Fee Transfer||A transaction removed the funds from Mars Robertson's wallet. It appears that the vast majority of the funds (0.511444448688285 ETH) are paid as a mining fee, while only 0.030391583018461703 ETH are received by the attacker.|
|May 25th, 2020 3:39:27 PM MDT||Ethereum Stack Exchange Post||The incident is posted to the Ethereum Stack Exchange discussion board.|
|May 26th, 2020 4:25:58 PM MDT||Reddit Post||tycooperaow posts about their Incident on Reddit including their Ethereum address.|
|May 26th, 2020 4:35:44 PM MDT||Speed Of Attack Clarification||tycooperaow clarifies that the attack was basically instant after they loaded code onto GitHub.|
|May 26th, 2020 4:42:53 PM MDT||Deminero30 Ethereum Sacrifice||Reddit user Deminero30 reportedly sends some Ethereum into the compromised address and it's instantly taken.|
|May 26th, 2020 4:59:55 PM MDT||Clarification Of Events||tycooperaow replies to clarify that he didn't intentionally store his mnemonic seed on GitHub, and elaborates on his situation.|
|May 27th, 2020 1:03:42 AM MDT||Clarification of Experience||tycooperaow clarifies that he is not new to the cryptocurrency space.|
|May 27th, 2020 1:04:47 AM MDT||Project Needed Live Funds||tycooperaow further clarifies that, while his project needs a wallet with funds, it didn't need to be his personal wallet.|
Total Amount Lost
The total amount lost has been estimated at $2,000 USD.
How much was lost and how was it calculated? If there are conflicting reports, which are accurate and where does the discrepancy lie?
Mark Robertson describes his very initial reaction as a combination of anger and fear and specifically describes his shock at how quickly his funds were taken. The incident was posted to the Ethereum Stack Exchange the next day, and then to Reddit a couple of days after it happened.
A few days ago, a hacker got my mnemonic and stole $1,200 in ethereum from my Metamask wallet in under 100 seconds. The hackers were using a bot to scan for the mnemonic phrases across GitHub, and I accidentally left it in my code on a GitHub repo while I was sending to a Hack Money hack-at-hon. Although there are some coins and tokens left, the bot will siphon any ethereum I have to prevent me from moving my coins, and/or outmatch my attempts by supplying more gas.
How did the various parties involved (firm, platform, management, and/or affected individual(s)) deal with the events? Were services shut down? Were announcements made? Were groups formed?
What was the end result? Was any investigation done? Were any individuals prosecuted? Was there a lawsuit? Was any tracing done?
Total Amount Recovered
There do not appear to have been any funds recovered in this case.
What funds were recovered? What funds were reimbursed for those affected users?
What parts of this case are still remaining to be concluded?
Individual Prevention Policies
No specific policies for individual prevention have yet been identified in this case.
For the full list of how to protect your funds as an individual, check our Prevention Policies for Individuals guide.
Platform Prevention Policies
Policies for platforms to take to prevent this situation have not yet been selected in this case.
For the full list of how to protect your funds as a financial service, check our Prevention Policies for Platforms guide.
Regulatory Prevention Policies
No specific regulatory policies have yet been identified in this case.
For the full list of regulatory policies that can prevent loss, check our Prevention Policies for Regulators guide.
- gas - How to retrieve ERC20 from a hacked address monitored by a bot? - Ethereum Stack Exchange (Apr 3, 2023)
- tycooperaow - "Nope I'm not new. Just made a careless mistake" - Reddit (Apr 4, 2023)
- Mars Robertson/tycooperaow's Compromised Ethereum Address - Etherscan (Apr 3, 2023)
- tycooperaow - "I lost $1,200 in 100 seconds" - Reddit (Sep 15, 2022)
- tycooperaow - "A project that needed it to test. Just didn't needed to use my own personal ones" - Reddit (Apr 4, 2023)
- tycooperaow - "Literally right after I pushed it public on github, I started to see my funds being drained faster than XRP transaction" - Reddit (Apr 4, 2023)
- tycooperaow - "After the code was pushed to public yes" - Reddit (Apr 4, 2023)
- Potential Theft Transaction - Etherscan (Apr 3, 2023)
- Deminero30 - "I just sent some eth there and it was taken instantly." - Reddit (Apr 4, 2023)
- tycooperaow - "It was an accident obviously. I was testing out some code locally. I forgot to get rid of that line of code when I pushed publically" - Reddit (Apr 4, 2023)
- tycooperaow - "Yeah I was [angry], and scared. But I can't lie that the ingenuity to do that is impressive" - Reddit (Apr 4, 2023)
- tycooperaow - "I'm more so shocked that it happened in a span of literally 100 seconds" - Reddit (Apr 4, 2023)