I posted this on Nostr earlier today but thought it might be useful information for someone here...
I had been having problems with my zaps over the last few days and could not figure out why. I finally logged into Coinos (my NWC wallet) and found that the balance is zero. Looking at the history, everything went out of the wallet on Sept 12 (then I received a 21 zap and sent a 21 zap). The outgoing transaction does not show up in Alby or any other interface except for Coinos.
I kept enough Sats in there to use for zapping, but still a tough reminder that if you are using a custodial wallet, you are running a higher risk.
Coinos was able to reset the password and restore the sats.
Not clear if they reversed the transaction, or how they achieved that.
They said that there was a previous breech that exposed tokens, and my token had not been invalidated.
When you click on the transaction do you have any data in the "Notes" Field?
This is the only info I see - only other thing of note is that when I click on the profile, it shows
1 ₿ = R$612,886which maybe indicates the person is not in the US?R$ is brazilian real
Thats a coinos user, report to Adam.
I sent a message on the website
Use the Telegram group. https://t.me/coinoswallet
or email support@coinos.io
Let us know what ends up happening...
How are you logging in on the wallet? I had same issues using passwords, then I made a new wallet using nostr pubkey to log in and never was robbed again.
I use Alby to login, I don't think I ever created a password for Coinos
Maybe a good idea to set up a password on your coinos account...
Or use a nostr pkey to login
If you used login with nostr, I think your nsec might have been compromised in a previous breach iirc
I am considering to implement creating a Coinos account with one-click from within SN (like Damus does) but cases like this really makes me reconsider if we shouldn’t warn users about their previous breaches at least first
well I am not totally sure but thought I used Alby from the get-go, which should mask the nsec, but maybe it is all compromised - can't say I never put the nsec into an app.
I think you're account has been compromised and better to change the wallet.
I'm going to ask @adam_coinos_io and @coinoswallet
If you're using a custodial wallet, use it in a custodial way.
not sure what that means
Bummer, still cheaper than running an albyhub in the cloud I suppose!
Lol