技術メモ兼ADHD闘病記

自分がハッカソンなど参加した参加録とか技術を公開していきます。最近はガジェット系やアスリートやアマチュアドライバーやプロドライバーのことも書いています。今後はADHDの闘病記録も書いていきたいと思います。

What happened on 11/16?

This blog is a re-transcription in English of the events that occurred on 11/16.
We hope that readers will take note of what is written here.
These are defensive measures you need to take to protect your own software wallet.
We pray that you will spread the word around you.
By Hiro_Matsuno.

Hi, this is Hiro_Matsuno.

The day before yesterday and yesterday, I was helping OpenSea and MetaMask to track down a wallet cracker.
I was helping OpenSea and MetaMask to track down a wallet cracker who was taking ETH and Matic from my wallet.
While the wallet cracker was taking away my ETH and Matic, I contacted MetaMask's support team in Japanese and asked them to help me because my Matic was in danger.

The day before yesterday, I was sending and receiving emails in English for 2 hours after the incident occurred, and yesterday, I was sending and receiving emails in English from the time I woke up until 7:10am.
The day before yesterday, I thought the response was behind schedule, but I was able to get the data without letting the wallet cracker have time to escape.
MetaMask's support team was very quick.
I then instructed them to close the gap between the OpenSea and MetaMask amounts.
Yesterday, the results of the investigation came in, and they found that the wallet cracker was also working on fraud, so they prepared a second wallet and separated the migration from the cracker investigation.
The instructions led to a damage report to BitFlyer and Spatial.
We are still working on it.

It can be said that those who have NFTs are susceptible to damage and influence from secondary sellers, and that creators who sell NFTs are susceptible to damage.
Be suspicious rather than wary of users who write to you in English asking you to link to them with too-good-to-be-true Twitter reviews about NFTs.
Their primary purpose is to talk to you and send you a DM.
Never send them a DM and block the user.
This should prevent most of them.
If you do send a DM, it is important to read the content as soon as possible.
They will only reply in English.
If you block the user, you will have to block the DM and send the message to them.
Then block the user and delete the DM.
If you proceed, you will be at the mercy of the wallet cracker, so I recommend blocking the user by this point.
I can tell you that they will ask you for 500$ and send you Google Forms for cracking, and if you write it down, you are done.
Even if you don't write it down, they will try to guess your passcode or a passphrase consisting of 12 passphrases.
All I can say is that you don't want to deal with anyone who speaks in English who is suspected of being a wallet cracker.
While you are dealing with them, you will lose NFTs, ETH, and Matic from your wallet.
If you don't deal with them, there will be no problem.
Remember that even this will only suppress 30%.
Remember that it is possible that the wallet cracker is able to get the ETH constructor address because it is listed in the marketplace.
It is important to be aware that even if you are not attacked, you can be sure that they will be the next one.

If you are affected, you will need to talk to MetaMask's user support on Twitter, as they are always monitoring the situation.
At that time, I spoke to MetaMask's user support in Japanese and asked them to investigate the problem with the Matic.
I think it is a good idea to use Deepl Translate for the tool you were using because you will need to translate it.
Deepl Translate is useful because it provides a common colloquial translation.
It is important to send information to MetaMask Support as soon as possible.
We need to tell them what happened and bring it to the joint investigation of MetaMask and OpenSea's support team.
This is because there may be a discrepancy with the wallet.
Since the wallet cracker is likely to be working in a team, it is important to move quickly and get the evidence.
This time the joint investigation between MetaMask and OpenSea's support team went well.
We were able to catch them in the act.
Thanks to MetaMask and OpenSea's support team for their joint investigation.
It is not often that we have a chance to get evidence against wallet crackers.
The most important thing is that we didn't give them a chance to escape.

The most important thing I learned this time is that even if you are attacked by a wallet cracker, as long as you have good moves, you should not give your opponent an opening.
What happens if you give them an opening?
As you may have guessed, the record of the extracted money will be erased and they will be looking for the next sucker.
The necessary response is to avoid giving them that opening.
You have to be quick about it.
You will need to act without their notice and contact MetaMask's support team in Japanese.
They can't translate, so you won't have a chance to escape.
That means they will leave a footprint.

I can only thank the MetaMask and OpenSea support staff for their help.
Thank you very much.

This is Hiro_Matsuno.

See you soon.