For the last couple hours, I’m just staring at the screen of my computer, go to bed and lay down, come back to my computer and rinse and repeat. I just wanted to write to let it flow and also share my very expensive lesson with you.
It all started me wanting to harvest my JOE rewards on USDC.e/AVAX farm in TraderJoe. The harvest transaction didn’t go even though I tried 3 times. Couple hours later I tried again, it didn’t go through and I tweeted to Trader Joe team.
​
The scammer replied to me from the account below and asked me to message.
I’m adding the rest of the conversation between me and the scammer below.
And after this I just couldn’t believe what I did. The link took me to [multisync.ml]( and I connected my damn wallet there. Immediately they started draining my holdings in my wallet, then went to Trader Joe and liquidated all my positions. I have traced the transfers from my wallet to the scammers, but have no idea about what happened to my positions in Trader Joe. Basically, I had lost $35,000, a wallet where I paid to get to my name -umurcan.eth-, access to the all the platforms that I was using through that.
The worst is, I was unemployed and literally solely yield farming to hedge my student loan. I deposited almost the same amount of my debt, and was leveraging the fact that the return I was getting was higher than my loan’s APR. While trying to earn $8-9 more, I lost $35k and my financial freedom.
Unfortunately there are many bad players here. Be safe and don’t enter your private key or recovery phase anywhere.
Scammer’s wallet address: 0xdF1e45e10bdcfE904136007965dB80d9e9703C3DThe first transaction where the scammer stole my ETH funds: 0x7f94c74f4dcf27f3b7c1c5d036c1ac658749e5127732796f2728d684d2c6b7fa
Edit: As some questions are coming I wanted to clarify some things.
1. Unfortunately this was the webpage the link took me. I thought it was a legitimate website as it has most of the commonly used wallets here. I entered my private key to connect, that was the stupidest thing I could do. Now the scammer can access my wallet anytime, anywhere.
2. They withdrew 0.63 ETH and 4 AVAX from my wallet (0x9Ef49E1679725369E715B1A74578875A3b08F3F2) to theirs (0xdf1e45e10bdcfe904136007965db80d9e9703c3d)
ETH Transaction Hash: 0x7f94c74f4dcf27f3b7c1c5d036c1ac658749e5127732796f2728d684d2c6b7faAVAX Transaction Hash: 0x6fd1575afaaa0f12486acd0b915537f3ec26530773be2e9f6fddb8dfd055ae51
3. Rest of the loss occurred as they liquidated my positions on Trader Joe. The total position was over $30k, mostly on USDC.e/AVAX pool and I lent about $10k worth AVAX.
I can’t track what happened to these positions. These holdings weren’t transferred to the scammer’s wallet and there are no activity signatures I could see.
I messaged on Trader Joe’s discord but haven’t heard back yet.
4. OK someone helped me on the discord and a transaction almost $30k in USDC was made couple minutes ago from Scammer’s wallet (0xf8d0abd9f5f84ab70db2be5f9896f199bc6e25a00e72489a3e1492d56649ed96) to 0xd186062a1d99458982283269e3f54981c841a7c7
Transaction hash: 0xf8d0abd9f5f84ab70db2be5f9896f199bc6e25a00e72489a3e1492d56649ed96
There are 2 transactions equaling to 47,788.71 USDC ( 29,676.73 – 25 mins ago and 18,111.99 – 15 days 21 hours ago)
Edit 5: A redditor commented that the scammer’s wallet was funded by Binance multiple times. I contacted Binance and even though they didn’t share account details with me, they helped me file a IC3 Crime to Federal Bureau of Investigation and I think they will coordinate with them after they make an official application. Very likely that the scammer is a KYC’ed member of Binance and legal authorities will be able to get ahold.
Edit 6: Interestingly, I had noticed something in the scammer’s wallet. There was multiple back-and-forth transfers between burcakdolanay.eth and that name just caught my eye as I’m Turkish too.
I’m a US resident but a Turkish citizen, so I also have filed a criminal report in Turkey after noticing this. I don’t want to point fingers to that person, but it was weird that they had a back-and-forth multiple transactions in those wallets.
Edit 7: Many people are asking what I was multitasking with. I am in interviewing process with multiple companies and I was preparing for an interview that was yesterday afternoon.
Edit 8: I’m finding new information all the time. burcakdolanay.eth was sold to the scammer’s wallet on December 24.
Transaction hash: 0x89c937191f6a00596d4a9936f52f6cfcd55752e7a4ba15f8fe555b307f663d08
> Be safe and don’t enter your private key or recovery phase anywhere.
Crypto wallets aren’t trolling when they say never give out your seed phrase or private key.
If you can go to the chain explorer and you see them interacting with like “Binance Wallet 5” or some hot wallet for a CEX, the CEX and a police report might be able to help you get to the bottom of this.
the misspelling and bad grammar would definitely give it away for me
You have given out your seeds phrase (private keys). Even legit support do not need that information to correct your problems. Asking for seeds phrase is already a red flag to begin with.
When you say you ‘connected’ your wallet, do you mean you just connected as normal to any DeFi app or did you actually enter your private keys on the scammer’s wallet app?
I’m wondering if their site was able to drain you if you simply connected or did you give the key?
Sorry for the loss man. The name is cool though umurcan
Hard to read this, we all know tons of people got scammed, but is rare read posts like yours, detailing what’s really happened, im feel bad to read this, but thanks you, for your courage to get here and told us your loss, maybe this reading will prevent someone to do same mistake.
I hope you recover some of your loss, good luck!
🤦🤦🤦
I just don’t understand how you can give out your private key, regardless if you’re multitasking or not. Giving out your private key is like giving out your SSN, passwords, bank details, personal info. If you didn’t hear massive alarm bells in your head when a website asks for your private key, maybe crypto isn’t for you.
Sorry for your loss
I believe the real mistake that started this was when you publicly announced your issue before you connected your wallet to their scam site.
That is where you made yourself the most vulnerable. The majority of scamming and hacking has less to do with tech and almost all to do with behavior and psychology.
All the crypto communities I’m involved in use help tickets within discord for any issues of this nature and the team is vetted, including a no DM rule, and even put it in their Telegram handles “I’ll never DM you” bc this is that freaking serious as you now know, and would never even come close to run their support on Twitter let alone Telegram.
You’re young and can recover, know that. Please learn your lesson and stop this behavior, and stop DMing or allowing anyone to DM you, unless you already have vetted them HARD.
Vetting of handles and URLs, etc is secondary to opening yourself up to attacks through public announcements.
Sorry bud, expensive lesson. As a full believer in defi, this kind of risk is a real roadblock for mass adoption and banking disruption.
I am crying.
Unbelievable to me that someone can figure out how to deposit $35k onto DeFi and fall for such an absurdly pathetic scam. How is this even possible?
That’s rough. Hope you can somehow recoup some of your losses.
I’m sorry to hear this. Thanks for sharing. Hope you can get in touch with the CEX and potentially get your money back. Stay strong
There is one rule you hear over and over… don’t give out your private keys or anyone can access your wallet. Noone will EVER need them, EVER..except YOU.
hey op, i’m not a pro at this but let’s say that I can track shit [gimme some sats if you happen to get those eths back]
so I had to wake up [its 3 am over here , eya] turn on my pc and do sum research just 4 u
anyways if you go to the first time that the scammers address received the eths , you can see that the scammer received the eths from this address :
0xcacbd29c68edea9ca3273357ab51a508112b5d81
now if you look at all the transactions in input to this address you can see that this address got funded a couple of times by binance
so yeah , my job is done, now I connected the hacker to an exchange , [he is prolly kycd, idk how it works , but you can try asking binance or sum , even though the scammer won’t ever deposit the coins in binance ever again]
Brooo.. not just your keys, even the twitter page looks dodge.
Official discord or even asking for advice here is better.
Sorry about your loss man.
Wow you were trading 35K USD without any sort of 2FA or hardware wallet?
You didn’t realize this trader joe account only had 1200 followers?
You intentionally handed over your seed phrase on request?
​
Dude you might need to read the security manuals on Metamask because you should have been aware this was a trap from the jump.
Tough day.
Good reminder that anyone coming to you is a scammer. DM on discord? Scammer. Everybody on Telegram? Scammer.
In your defence OP, it was a good looking twitter account. But – scammer.
And nobody will ever ever ever need your words for anything except to rob you blind…
this post takes “if they keep on doing it, it means that it works for them” to a whole another level.
btw op, how could you know about yield farming and still give away the seed?
Dude,
I feel bad for you but I don’t feel bad for you. You made several mistakes here smh. #facepalm. Sorry man. Don’t ever talk to anyone ever outside of comments. Never give your key.
How many people are going to fall for fake support DM’s?
How did they drain your wallet by simply connecting it to a website? What did the website ask of you?
Sorry to hear 🙁
Bruh, I’m so protective of my seed that I won’t even put my Trust Wallet seedphrase into Metamask. So I can’t imagine putting it into a random site.
The circumstances screwed you though. Asking for help, and getting a reply that started out sounding like good help. Very unfortunate.
I know you’re super bummed i lost 10k on 100x futures trading before i knew what it was/how it worked. All the experience did was drastically increase my risk tolerance when trying to make it back. I don’t really support staking, i think PoS is inherently geared toward centralization and those in power, but liquidity mining is fine to support a Dex. But if you get into actually trading crypto, a 100x is always around the corner here in defi land, so hope is not lost and 10 bucks today can be 1000 tomorrow and 1000 tomorrow can be 100000 the day after (though with micro cap and smaller you might struggle with liquidity).
Stick around the space you’ll make your money back, quit coffee or smoking and you’ll have an extra 50-100 bucks a week to invest. And you’ll be much more careful now that you fucked up so badly. Plenty of entrepreneurs go bankrupt once or twice before they figure it out.
Dang bro, I lost $27K to a scammer right before a Christmas.. it sucks but don’t lose faith! You’ll make it back and then some. Stay focused! 👊
Very unfortunate and sorry to hear the about the loss. It is very important to be cautious what you click and especially where you connect your wallet. Never trust any personal messages with ANYONE online. This was naive of you and in the end I hope you and everyone else here will learn from it.