Exodus Bitcoin Wallet: $490K Swindle \ stacker news ~bitcoin

Exodus Bitcoin Wallet: $490K Swindle popey.com/blog/2024/02/exodus-bitcoin-wallet-490k-swindle/

4158 sats \ 25 comments \ @TonyGiorgio 20 Feb bitcoin

tl;dr: A Bitcoin investor was recently scammed out of 9 Bitcoin (worth around $490K) in a fake “Exodus wallet” desktop application for Linux, published in the Canonical Snap Store. This isn’t the first time, and if nothing changes, it likely won’t be the last.

Dang

10 sats \ 7 replies \ @m00ninite 21 Feb

Wow. Your distro's package manager is supposed to be fairly trustworthy. That's real bad.

0 sats \ 6 replies \ @JuanMiguel 21 Feb

No one should use shitcoin wallets like Exodus.

No one should download wallets from any source besides the devs repository (GitHub/GitLab).

No one should input their seedphrase on a internet conected device, specially a computer.

He got what he deserve.

0 sats \ 5 replies \ @m00ninite 21 Feb

No, people don't deserve to lose their life savings for acting rationally, using the recommended method of installing apps in their OS. Get off your high horse. This is an obvious failure on Canonical's part.

11 sats \ 0 replies \ @kepford 21 Feb

I think we miss the main point when we start talking about what they deserve.

Canonical should not state apps are safe. Users should not do all of the things that Juan says but that could be ignorance.

Bottom line, a hard lesson was learned. When you trust others, you are depending on them. That is risky. Canonical should either do a much better job vetting apps or remove this safe language. False security is VERY dangerous.

1 sat \ 3 replies \ @kepford 21 Feb

Put another way. I personally feel bad for this person. I'm not saying others should. I don't care if Juan believes this person deserves this. Point is this person made some choices that resulted in losing 9 BTC. These are choices that most stackers would not make. If they asked me I would have told them pretty much what Juan writes. People have a false sense of security in general. It would be nice if you could trust package managers for bitcoin but really you can't.

None of that excuses Canonical. I wasn't using snaps and I never will.

0 sats \ 2 replies \ @JuanMiguel 22 Feb

#1 rule of Bitcoin - Trust no one.

He trusted: a package manager + a shitcoin wallet + his internet connected device.

Rekt.

0 sats \ 1 reply \ @m00ninite 22 Feb

I'm sure you build all your distros by hand, write all your own software, and manually solder the components of your PC together, since you don't trust anyone

0 sats \ 0 replies \ @JuanMiguel 22 Feb

i don't have to. my bitcoin is never connected to the internet. you missed the point.

reply on another page

42 sats \ 4 replies \ @kepford 20 Feb

Stuff like this scares the average non-technical person away from self custody. I hesitate to blame the user because Canonical is presenting a false sense of security. I think all these app stores are doing that. Other side of this is that once again bitcoin will force companies to do a better job with security.

33 sats \ 2 replies \ @Fabs 21 Feb

Man, I'm pretty darn sure that I've did the deed "according to the books", but I still find myself paranoid at times, then again: if there'd be a loophole, they would've drained my wallet already.

0 sats \ 1 reply \ @kepford 21 Feb

I know what you mean.

0 sats \ 0 replies \ @Fabs 21 Feb

Thanks.

0 sats \ 0 replies \ @JuanMiguel 21 Feb

Bro, it's entirely the user's fault. He's holding 9 Bitcoins yet using a shitcoin wallet like Exodus, and he doesn't even download the software through the developer's official repository (such as GitHub or GitLab).

Somehow in 2024 people are still inputting their seed phrases on internet-connected devices, absurd...

33 sats \ 0 replies \ @TheBTCManual 21 Feb

Oef, these fake Bitcoin wallets are so scary, it makes me think twice about shilling a wallet because you're not there to view the experience of the user and they end up on a phishing ad or link, or worse they get a fake app from the app store and then get rekt like this,

10 sats \ 3 replies \ @wealthcrumb 20 Feb

as someone playing with Ubuntu for the first time, the impression that I got was that Snap apps were vetted. Is that not the case?

21 sats \ 2 replies \ @kepford 20 Feb

Vetted is another word for trust. Honestly, this kind of thing makes me want to NEVER trust these types of apps stores. Download from source and verify the gpg keys if at all possible. I've used flatpaks for a while but never for anything bitcoin or serious. You are trusting whoever compiles and uploads the binaries that they aren't doing anything nefarious.

One problem with app stores is the idea that they vet stuff. They may attempt to do so but that is just it. Its an attempt. You are trusting they did it and that the did a good job vetting. Apple and Google do this as well. Could happen on their platforms as well. For bitcoin, I would not trust any app store for apps touching any kind of real money. To much to risk for the convenience.

33 sats \ 1 reply \ @Atreus 21 Feb

Apple and Google do this as well. Could happen on their platforms as well.

Not even a hypothetical

RIP your Bitcoin if you ever write your keys into a fake wallet downloaded from those platforms.

0 sats \ 0 replies \ @kepford 21 Feb

Yup

21 sats \ 1 reply \ @cyberpunk0101 21 Feb

Hope it was a Boating Accident.

0 sats \ 0 replies \ @cyberpunk02 21 Feb

ah we must beware of the app stores

11 sats \ 0 replies \ @kepford 20 Feb

I'm very careful and would never use an app like Exodus and for sure not via a Snap install but man this is a great warning to be VERY careful. Losing 9 bitcoin. Oooof. 9 bitcoin is a lot more than $490k regardless of market price. I can't imagine.