Jump to content

XRP Stolen, EXFI Phishing site, XRP, EXFI and Spark Airdrops at Risk (Disclaimer: The claims I made here about XUMM being compromised were incorrect. I’ve since found that I used a phishing site as the root cause of the problem]


Offthegrid
 Share

Recommended Posts

46 minutes ago, Offthegrid said:

@wojake My wallet’s secret key is held offline in a physical journal. There is no way for someone to get that key unless they break into my house and steal it. Perhaps Vagabond is not guilty but there is a strong connection between their trust line and this incident. I have other XUMM accounts without that trust line, and they were not affected.
Also, the trust line I used for Vagabond was blackholed. Correct me if I’m wrong, they also seized some Vgb from accounts they claimed were farmed accounts for their airdrop. If this is true, then perhaps my tokens were at risk.

I never was qualified for any airdrops so I just swapped some XRP for VGB via their trustline and 2 days later, my VGB and XRP gets taken right before my eyes. They even removed a Gatehub trustline completely from my account.

Nevertheless, i understand that my XRP sits on the XRPL, but XUMM is a gateway to that ledger. So please explain how someone can bypass secret keys and manipulate a wallet like that

Other people can answer better - 100%

(I am just a drunk fool)

 

but, the part where you say that Vagabond did a sketchy airdrop is correct in my books!

 

and, if they froze trustlines of people who bought their token up?! i hope not; but i saw the data...but who am i to disagree....

 

they claim; that they investigate this and that?! who ta F*cK are they to investigate and control people?!

( have you asked yourself, have we asked ourselves?! .....)

REALLY!? WAKE UP?! WHO TO FCUK ARE THEY?!!!

 

Investigate THEM - not US!!!!

 

:punish:

Link to comment
Share on other sites

First off, I don't think XUMM is a scam, they are one of the most trusted parties currently working with the XRPL. 

2nd, a trustline cannot be blackholed? Maybe a poor choice of wording. Checking your transactions, it was a trustline to gatehub that was set to 0, which a hacker can do if they have access to your private key.

Which rings some other bells, Gatehub has been victim of a hack in the past and if your account has been previously used on Gatehub, then that might very well be the source of your account hacked. Curious to know, did you register this account also at Gatehub? See a thread on the subject here.. 

 

Link to comment
Share on other sites

23 hours ago, Offthegrid said:

I want to issue a dire warning to anyone who participated in the VGB airdrop or has purchased VGB on a trust line via XUMM. I believe this company has ran an elaborate scam and has somehow managed to steal XRP from peoples trust wallets. 

If you have XRP on XUMM, get them off now. They are not to be trusted and your XRP are at serious risk. This morning, I just had $3000 worth of XRP stolen from just buying VGB the other day.

 

This is the address of the thieves: r9GGaudh3dfTGLe4GEZNbiVurrammkWuWz

OP sounds stupid, not sure isn't it just some kind FUD against Vagabond.

 

23 hours ago, Offthegrid said:

anyone who participated in the VGB airdrop

Not possible. The main thing to check when u setting up TL is to make sure there is NoRipple flag 

Another thing is to make sure that an issuer address is correct.

 

23 hours ago, Offthegrid said:

purchased VGB on a trust line via XUMM

How do you purchase via trust line?

23 hours ago, Offthegrid said:

I believe this company has ran an elaborate scam

I belive this is elaborate FUD from someone who didn't get Airdrop.

 

 

Edited by Canducus
Link to comment
Share on other sites

@jn_r

I don’t think XUMM is a scam either. In fact, I have been using them since their beta stage. I never had a problem with them or the XRPL until now.

As I mentioned earlier, my private keys were thought to be secured as I held them offline in a book. My XUMM account in question was imported with a private key from a cold wallet. As for Gatehub, I never had a personal account with them. My only interaction with them is through their trustlines – which I never felt comfortable with as these objects are not truly in your possession. Nevertheless, The VGB trustline was created via a link between XUMM and SOLO DEX -both which operates on the XRPL. For your information, I did not have to give up my private keys during that process.

I am fully aware of the Gatehub hacks, but those types of hacks are very synonymous with exchange level hacks. For such reasons, I do not keep my coins on exchanges.

I have been in the crypto space since the beginning of Bitcoin. I only hack I can remember was with the fall of Mt. Gox. Since then, I took great care to make sure none of my coins sit on exchanges. I always secure my private keys. And I never been hacked.

This situation greatly disturbed me and makes me question all hot wallets like XUMM -particularly those that employ trustlines. Its like having your house broken into and burglars found a way to bypass the alarms. Its hard to sleep well when you have thousands at stake. Perhaps XUMM is not at fault, but deductive logic states that a fatal vulnerability exists within the XRPL ecosystem. And someone has found a way to exploit it. And until you have something mysteriously stolen from you, you will see how I feel and you will want answers.

For the record, I did not have any breaches of this nature until I created that VGB trustline. This the issuer address i used when I created the VGB trustline:   rhcyBrowwApgNonehKBj8Po5z4gTyRknaU

It was not blackholed at the time of creation but afterwards, this hack occurs.

I am still investigating and have alerted crypto forensic teams and law enforcement to find the responsible party or parties. I will post updates as they come in.

Link to comment
Share on other sites

7 minutes ago, Canducus said:

OP sounds stupid, not sure isn't it just some kind FUD against Vagabond.

 

Not possible. The main thing to check when u setting up TL is to make sure there is NoRipple flag 

Another thing is to make sure that an issuer address is correct.

 

How do you purchase via trust line?

I belive this is elaborate FUD from someone who didn't get Airdrop.

 

 

You can buy/sell on the DEX once a trust-line is set up. 
 

However I agree and I do believe this is either FUD or somehow OP set up a trust-line to an incorrect or scam issuer

Link to comment
Share on other sites

@Canducus I can give a crap less about an airdrop. I tried to buy in low when everyone was selling off their airdrops. Its what you do in this business. What happened to me is confusing and mysterious. Perhaps a scam issuer was at play. But Scams vs  Hacks are to different things. If a scam issuer is able to pull a stunt like this, then this is dangerous to the community.

Link to comment
Share on other sites

4 minutes ago, Offthegrid said:

@RussianStandards I find this weird too. But further analysis says that the address may be part of an exchange. Im trying to find that exchange that uses that series of Destination Tags. I think something bad is occurring and other victims might be isolated by DTs. Its just a matter of time in finding out who is behind this.

Don’t get me wrong I does make me a tad worried thinking about the XRP I have in my trustline account going, since it’s a sizeable amount (relative for me).

Link to comment
Share on other sites

  • Offthegrid changed the title to XRP Stolen, EXFI Phishing site, XRP, EXFI and Spark Airdrops at Risk (Disclaimer: The claims I made here about XUMM being compromised were incorrect. I’ve since found that I used a phishing site as the root cause of the problem]

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
 Share


×
×
  • Create New...

Important Information

We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.