I was stolen 20.2 XCH from wallet by Chia database downloader

I worked hard farming for over a year and earned 20.2 XCH in the wallet 【xch1guctg8xqp8jleq2eqcs4zs8gucjyhpyhzy4e7x0cktv7dgmt0wtslkmrl4】. This morning, it was all stolen by https://chiadownload.net/.

The reason: my farming hard drive broke yesterday and I needed to synchronize all the blocks. To download database v2, I downloaded MultiThreadsDownloader [6.6Mb] from this website. After downloading, it was a command-line exe that did not actually download the database. Instead, it stole my .chia directory and a few hours later, stole 20 XCH to this wallet address 【xch1my048f64l4qdau8yzd5eceff3nlcv7jyx5c6fgww4kwr2c6ugulqp9clmt】.

All someone needs to do is steal the .chia directory to steal all the XCH from the wallet.

Is there anyone or any way to help me retrieve the 20.2 XCH? My new wallet address is 【xch12xajvy7z8anhej6kh4kfjp4jdlqwydy50pymz4acn0lz704yjqlsq4tt5u】.

Brutal for sure, but we’re talking less than $1,000 - I’d consider at this point either wiping and starting over or wiping and taking what you can off ebay to offset the losses. That’s tough to see, sorry for the luck.

1 Like

The thief web

The thief’s wallet address

My wallet and farming

Could you file a report with godaddy.com which is the registrar they are using. You can use either one:

  1. “Registrar Abuse Contact Email: abuse@godaddy.com
  2. Report Abuse / select “Malware” block
  3. contact us: 1-480-366-3550 - 24/7 - GoDaddy Help Center - Contact Us

Point to your post here as well as this one - This program is stealing your private keys!

I filed such report (using the second link) a week ago and three of their websites were taken down for a while. Maybe if reports will be repeated, they will take more aggressive stance.

1 Like

who is flagging these posts and why ?

I guess those fucks behind that downloader.

@dchuk Could you disable rights for those overnight account to flag legit posts. This is an utter nonsense that criminals can abuse this forum.

@swagg Could you remote “cold” from the post title. I doubt your wallet was cold, as in such case there should be no trace of it anywhere on your box, so whether you would have downloaded that crap or not it would make no difference.

1 Like

Maybe Chia company? I post it on the reddit also. https://www.reddit.com/r/chia/comments/128fwiu/202_xch_was_stoled_from_cold_wallet/?utm_source=share&utm_medium=web2x&context=3

euhm no…

They have a legit db download since recently and have always (strongly) advised against using any website to download the database form.


yes, you are right. My wallet is not cold. Now, I think the design of CHIA Wallet is unreasonable and insecure. xch is extremely vulnerable to theft in a network environment, as long as the computer is compromised.

was clear that immediately again said that the chia network is to blame because it is insecure without simply recognize that you yourself are the problem if you do not follow the most basic security measures.

apart from this fact is known for a long time that exackt through this multi downloader the keys are stolen!

and even if that wasn’t the case, there is an official chia DB download, and if you still have to use some dubious “exe” it’s your own damn fault!

I really have no more understanding for these unjustified crying treats, sorry

learn from your mistakes and do it better in the future!

anyway have a nice weekend


As is your bank account if you keep your pin in your wallet along with your bank card

1 Like

??? What the fuck kinda thinking is that?

My god I get it you lost a chunk of XCH but it’s your own fault for downloading and using random software on your computer where your keys are.

Stop trying to blame everything else, only you can protect yourself

1 Like

You’re weird. First of all, my 24 words is not on this computer. Secondly, unlike chia, other virtual currency wallets cannot steal all tokens by just stealing configuration files (like .chia), to transfer money you must have a private key, like XMR. For Chia’s wallet, on the other hand, doesn’t need 24 words , it only needs .chia files to steal all xch. Are you asking every user of chia to be on an absolutely secure computer? Install the wallet?

please finally stop spreading such nonsense here, if you use other cryptos the original with their included wallets, you have the same problem as long as you do not immediately put a password on it, then your key.dat is also not encrypted with the master key it contains!
and every malicious program can copy this and then empty the complete wallet even if you set a password afterwards.

you are here just because of your own mistake and try to blame others for it.

in the beginning there was also something about an alleged cold wallet.
I miss actually only that you have never used 3 party software and 1000 other wallets were hacked :wink:

He has actually a point there. Other wallets like metamask for instance ask for your password each time you do a transaction. IMHO the chia standard wallet could use better security measures.