[ad_1]
need urgent help understanding some suspicious token transfers that are happening from my wallets.
- A few days ago I saw an outgoing ERC20 token transfer from my hot MetaMask wallet. The token was one I had never interacted with before (token address: 0xc09d668a04360475819f1de5a6f5ee11cbefcf0c). It was flagged to a phishing address.
- This morning, a similar outgoing transfer happened, but this time from a different wallet: my cold Ledger wallet, which is completely air-gapped and which I haven’t used directly.
- Even stranger: while I was drafting this post, a third outgoing transfer of the same type just happened again, back on the hot wallet.
- Another suspicious token I saw being transferred is here: token address: 0xd1396f7cd157eea7d096326ddec871c9fe22eda8.
The only link between these wallets is that they have interacted with each other in the past, but I don’t understand how both can now be showing these weird outgoing internal transfers of scammy ERC20 tokens.
What I know / observed:
- These don’t show up as “normal” transactions I signed.
- They only appear in Token Transfers on Etherscan.
- No ETH has been stolen so far — I even tested by putting a small amount back, and it wasn’t drained.
- Some months back I had received a huge incoming transfer of these junk tokens (1M units), which I ignored at the time.
Now I’m seriously worried:
- Could both wallets really be compromised, even the cold Ledger?
- Is this instead some kind of “phantom” transfer (like dust / spam ERC20s moving around) that doesn’t mean my keys are compromised?
- Or maybe something related to allowances / approvals that I don’t remember granting?
👉 If anyone wants to dig into this more deeply, I can share the full transaction details by DM. I’ll happily send a small ETH tip to whoever helps me understand and monitor what’s going on.
(Scammers welcome too 😂)
Thanks a lot in advance — I’m really lost here.
submitted by /u/adv4nced
[comments]
[ad_2]
Source link
