Damus
Open in Damus
nobody profile picture
nobody
@nobody
Early this morning I woke up and noticed on my watch only wallet in BlueWallet and Sparrow desktop that someone has initiated an unauthorized transfer of all of my UTXO's to a BTC address that is not mine. It has not confirmed yet. It is showing as a low priority transaction that is set to clear in about 3 hours.I am unable to enter a higher priority transaction to drain my wallet before this unauthorized transaction does. Because Sparrow says I have an insufficient balance.

Doesn't this unauthorized transaction always need my signing device in order to finalize the transaction?

Any ideas what I should do? Thanks
483❤️3🧡2👀1💜1
[ARCHIVED] Jay · 111w
Dude, that's awful. So is sparrow not allowing a new transaction because the previous transaction is still pending? Or because you don't have enough to pay a higher fee?
Dan⚡️ · 111w
Check if FaceID / TouchID is working on your phone or Mac. I recently discovered BlueWallet is skipping both to unlock…
nobody · 111w
Here is the TXID: 87be9389913a86ed6e1e43e57755ac545a07b51dde940a6dd6e7d654cd39bb03
Moon · 111w
I think you could boot up your keys in Blockstream green wallet and RBF it
Arthur Amendt · 111w
Did the replace by fee work? I See the transaction is confirmed now. https://mempool.space/tx/ba928440f7a4b4a004199ca60001831cccd8ce0363ae0eef99dd50ab23d171fa
nobody · 111w
OK so I did a replace by fee TX for the whole balance to an alternate wallet. It is confirming on the chain as we speak. The unauthorized TX hung indefinitely while this new rescue TX is clicking along. I will keep you all posted. A couple questions for discussion and education of the community: 1) ...
BUB · 111w
Is your seed compromised? What was your process when migrating from ledger to cold card? Did you create a new seed? I see you had difficulties with cloning a cold card, lots of potential places you could be screwing up. If you didn't send this TX I would consider yourself compromised and replac...
nobody · 111w
Haha fuck you hacker. https://image.nostr.build/e0fd340c9dfeccec03bf1b60b92779e624f96616e3dec57540d659dd7fc3e9ca.jpg
nobody · 111w
OK so final rundown. Cold Card is the shit. No signing device and I’ve been air gapped since day 1, so despite the unauthorized TX showing “signed”, it would not progress to completion. Did a Replace With Fee to override the unauthorized TX and send sats to a temp address. Renewed my HW wallet...
nobody · 111w
Ask me how nervous I was moving my entire stack twice in three hours to counteract an unauthorized TX of all of my UTXO’s by a drainer exploit. Still don’t know where my security broke down but I suspect it was BlueWallet mobile. It was behaving strangely and opening without faceID etc. Deleted....
djmeistro✝️ 🍊💊⚡️ · 111w
Just read this thread and holy sh!t... Glad your corn is safe though 🫂
<old>cypherhoodlum · 111w
You probably nuked your account already but if you didn't, it would be great for the community if you could answer some questions now that the worst has been prevented. 1. You said you never entered your seed to a internet connected device. Did you enter the seed to Blue Wallet or Nunchuck when you...
William K⚡Santiago🔑☢️ · 111w
https://m.primal.net/Haox.webp