Weekly livestream, daily shorts w/ @GrizzlyPeak. We share our experiences abt our onchain journey. Entertain and educate to onboard the next 100M!

/diverightin

There were multiple transactions that I haven’t initiated… 

My address: 0x72866E0FB4a66BC5e15e15E763b447b77AC30D59

This one on main: https://etherscan.io/tx/0x7f8b3331bde41d6fda5d4de1a36cf0f32cbbd50b7a76953805f04f64e2557fd7

This one on ZKsync: https://era.zksync.network/tx/0xa4923113364540125a67eff7b386e577088beb0a55db636b86eac10b527a0941

And this one on Arbitrum: https://arbiscan.io/tx/0x0b1a7446e65c6b9067350afa564f0dabf64718b9a4a01ee4e9f69e7e89b91b79

And this one, also arbitrum: https://arbiscan.io/tx/0xe21d87bb0cb8bf7096ad49b8af4f1140ed7fb41bc73a58f81bf253a7b159d4bd

All kind of small amounts but still annoying and a reason to migrate all remaining assets I want to keep

@cryptocoops not sure if I casted this one correctly and you saw it?

It seems so weird that this would happen to me, as I’m very very careful what to click and where to connect. 

Then again, about three months ago I know I messed up. I fell for a fake telegram bot mimicking the AML bot I subscribed to. Things is, that was ‘just’ a “send $MATIC to address 0xdhhs….. tx” so how would that translate to attacker having access to send on multiple chains now?

Took a break. Now gearing up for the next round. Still checking out everything onchain. 

https://portrait.so/notfloris

Sorry i did actually miss this, I’ll get back to you. It could infact be the same bot… they’ll attack whenever they want and when you least expect it…

Have you revoked approvals?

no no that is not over reacting at all that’s how it should be, if you don’t know to be safe revoke all. I’ve not had the time to check just yet but i will ASAP. 🫡

I tried looking into the permissions I have open, but couldn’t identify which one was relevant in this attack… 

I could just revoke all, but that seemed, well, overreacting. (Now that I say that out loud it sounds rather dumb actually lol.)