All my assets were just stolen from my Trezor device after I fell for a phishing attack that gave the scammer acess to my recovery phrases. Apart from feeling like a moron and losing my life savings, two questions if anyone knows:
How can scammers access the secret passphrase wallet inside the Trezor wallet without knowing the specific passphrase for this one? As I didnt give that away.
What if anything can be done with the transaction number / recepient address that I can see in the account (assume nothing but any advice welcome)?
Knowing the recovery seed, the attackers can try as many passphrases as they like without limits.
If your passphrase isn’t strong, it can fall in a brute-force attack.
In theory, they could also have had the passphrase from some unrelated malware, if you ever typed it on a computer.
Or they can try credential stuffing, that is, test passphrases that are associated with logins to breached sites. (no need to even know your login, they can just try every password they have)
In other words, if you used a passphrase that is also a password to your account on some random forum on the internet, that makes it vulnerable.
Well, you’re a victim of theft so you can report it to the police.
It’s an unlikely chance, but there were cases where thieves were caught and funds returned, so, maybe worth a try.
Still a lot of people don’t realize this. That’s why the thieves are so successful.
For next time, think of it this way: the recovery phrase is a backup of your wallet. It works if the physical fob breaks and you buy a new one.
If you give the backup to someone, of course they can use it to clone the wallet – that’s the point of the backup.
Hi, luckily my Son saved me from losing everything a few months back.
I posted a comment on Moon Lambos site, and then got the scam message, HIM DM, I have important info to share, they used his name, his logo and well I was going down that rabbit hole until my wife said he is a scammer, Son went searching and sure enough it was a scam
Turns out they are on every XRP etc crypto site, using the same message, I used to post warnings to others, but it looked like it was wasted breath
They are very professional, and an old fart like me, nearly fell for it
Sorry to hear what happened, it must truly hurt
Same happened to me… hackers gotten root access of my Ubuntu 26.04 LTS laptop…
And although I went to the official Trezor Suite page - stand alone AppImage refused to run for obvious reasons. I lost a lot. I am devistated.