How I « lost $1,200 in 100 seconds » and recovered some of them!

Earlier this year in May, I had stated that I lost « 1,200 in 100 seconds » the full post can be read here:


# The TL;DR from the post:

I had forgotten to gitignore a file that had my mnemonic phrase in it. I was submitting a project to the [Eth Global Hackathon]( and one of the required fields was to add the public git repository along with the submission. I was a little iffy about it, but I sent it anyway. Which only a minute later funds were being depleted from my account due to a bot draining the funds from it and I couldn’t do much as my email was being bombarded with notifications from ether scan alerts.

Hacked Address: [](


[Nearly 90 transactions happening fast af](

# Results from the post:

After I made that post and let all of the crypto world know about my mishaps, my story was featured on popular sources like [Decrypt]( and [many others]( I was interviewed by people in both DM’s and on the video to ask for more information about the story. I was invited on by [Dapp University to make a video about it on youtube]( One of the things that I like the most was all of the people who gave solutions on how to recover my locked funds. « Locked » meaning if ever I tried to send Eth to that address to pay for the gas fee, the bot(s) would instantly withdraw the eth and hijack the transaction. The hacker(s) took around $500 in actual assets, but there were about $600-$700 of eth remaining that was essentially locked in the DeFi []( that had a chance to be recovered. Of all the solutions I was suggested to me, only a few that stood out:


> » What we need to do is write a script that broadcasts a transaction sending eth to that wallet and a transaction from that wallet to a wrapper contract which atomically rescues the compound funds and sends them to your safe wallet. And if we do so at a time where the ethereum blocks are relatively empty. It should work  »

Another way was to follow [Operation Crypto kitties Rescue](

And many other instances that involve writing a smart contract to beat the bot with gas fees.

# How I Actually Recovered the Funds:

With all the wild solutions that were presented to me, I decided to try my luck at just rescuing them by simply trying to catch them at a time where the server the bot was on had some downtime. Near the end of July, I saw the funds in DeFi remain untouched appreciating in value. The $700 that was locked ultimately grew to $1,200. There was only one issue, I lost the private and mnemonic key to that address. Ironically, what got me into this mess, also got me out. With all the people reaching out to me, I sent my private key to different people in DMs who wanted to run tests and offer a solution however with no avail, they gave up hope. So I sorted through hundreds of messages until I found the private key I sent to someone on discord and reclaimed access.

Around this time, the ethereum gas fees were high like the weather, and all these DeFi coins were pumping hard so ultimately I spent around $100 in gas fees alone trying to recover these coins. I sent the coins to the wallet, praying to hope the bot was not activated, and swiftly sending those tokens to a safe wallet. I couldn’t send all the tokens since some of them had debt tied to them so I only withdrew 99% of the available amount before the collateralized coins were liquidated. All in all, the process in which I recovered the coins was very simple and very lucky.

The transaction in which I recovered my locked funds. [](

# In Conclusion


– News spread fast, and essentially live forever

– Triple check your code before you deploy sensitive information in a public git repository

– Thank Goodness for Decentralized Finance

– EthGlobal will have an important PSA about it for every future Hackathon they host about private key security

– I hope this happy ending enlightens your day.


Source :

Laisser un commentaire

Votre adresse de messagerie ne sera pas publiée. Les champs obligatoires sont indiqués avec *