On November 15, 2024, we received a report of an investment scam resulting in a loss of $31,433. The victim had staked approximately 4.81 ETH from their Ledger wallet with Lido on January 1, 2022. However, on April 10, 2023, they noticed an unauthorized send transaction of 5.10 ETH, raising concerns that their stETH/ETH might have been stolen. The scam involved multiple blockchain addresses, including 0x94dBC6D35bdFC55FbB507b860B91B8a8722208a6 , 0x5Dd997b2b4c77e0b6ad122ec8E40eE3fD1A8B4a3, 0xdAA7ab2007D6Bea4593aE2e86C135E9525693B2a, and 0xb7Dc706DC03546eaf8945a38c0936C8EBF3547F2.

The website associated with the scam was eumkouys.com, and the stolen tokens were in ETH.

The victim has shared the transaction records to aid in the investigation and hopes to determine if their funds can be recovered.

We have recently received a complaint regarding unauthorized withdrawals of funds, amounting to a substantial loss of $31,000 from a user’s cryptocurrency wallet. The transactions in question were made without any consent, and the funds were transferred to three receiving addresses: 0x132Fd618Fade2C7a61BbAcA059DD003c35C1dE3D , 0x32054C3e8c48A9eF8EE03D34bfF0B3107e3b0d8A, and 0x94dBC6D35bdFC55FbB507b860B91B8a8722208a6. We want to warn you about this situation, as it appears to be part of a larger fraudulent activity that could affect others in the crypto community.

These incidents often begin with unauthorized access to a user’s wallet, leading to sudden withdrawals, leaving the account holder without access to their funds. In this case, the withdrawal was significant, and the funds were directed to the addresses mentioned above. It is crucial to note that these addresses may continue to receive unauthorized transfers, indicating that they could be actively involved in a scam operation.

We urge you to take additional precautions if you notice any suspicious activity in your wallets or accounts. It is important to stay vigilant, especially if you have interacted with unfamiliar addresses or received unexpected messages. This kind of unauthorized access often points towards either compromised private keys or phishing attempts that have allowed scammers to gain control over wallets. In these cases, it is advisable to immediately enhance security measures, including enabling multi-factor authentication and reviewing recent transactions for any signs of compromise.

While we cannot definitively conclude if this specific situation was part of a larger coordinated scam, the details suggest malicious intent and fraudulent activity. The unsolicited nature of the transactions, the significant amount lost, and the repeated use of certain addresses are all signs that point towards organized theft. We urge anyone who has experienced similar incidents to report them and remain cautious. Staying informed and keeping your security protocols updated is key to avoiding such losses in the future.