Hacker wallet Chia Version 1.7.0

Yesterday all the chia coins I had grown were stolen from my wallet, from this address xch1ftaqc6jf7p3cdmwt9uecmhq37haueqeaze609s2ag9nq45w3ep2s3tp2y2

Sorry to hear this,

What pool were you using?

What applications were installed on your device?

Did you download any chia DB files that were not in a raw sqlite database form (like .exe)?

Any other information would be helpful…

1 Like

That address is still showing 7.997742237454 XCH are you sure you are synced?

EDIT: Is the address you posted yours or is it the address your coins were sent to?

1 Like

It’s the address where my coins were sent.

The pool is Space Pool, I only use the PC for Chia, the only installed software is Chia 1.7 and Chrome remote desktop. The database is the one downloaded by the Chia software.

I know you said on reddit that you access via chrome remote desktop. Have you checked your google account for recent activity from unknown ips? You can check by going to gmail and scrolling all the way down and at the bottom right it says Last Account activity - you can click on details.

You can specify 3 addresses in the gui, are all three set to yours, or just one?

I assume all those sessions have been since the theft?
You may be able to use event viewer to find older ones. I have not done this myself but it is referred to in this article How To Check If A Windows Computer Accessed by Chrome Remote Desktop Remotely - Edge Talk

Chrome Remote desktop would be the last program on the list to use for remote desktop.

In the event viewer there are only my logins.