My eth address is 0xBecc49443DEfE3300271e21BDe43a6815CBe69Aa
My Coinbase deposit address is 0xAcd88288eCC4d3d0aD4Fee50E30C5574A8750150
Whenever I send eth using my trezor, two or three transactions are created that either say “transfer” or “sent eth” and the extra transactions are to a different address and have something to do with ERC-20 tokens.
Last time I sent 1 eth to coinbase, it had “transfer” to 0xAcd88288eCC4d3d0aD4Fee50E30C5574A875 (my coinbase deposit address) as well as “transfer” to 0xACdC85504c0d4a017A0D2D5b44aC38a981450150 (?) and “Sent ETH” to 0xAcD871c01f32a28682bB8F4A76519B2FAAf60150 (?). The 0xAcD871c01f32a28682bB8F4A76519B2FAAf60150 has appeared in other transactions as well, every time I send to coinbase.
txid id from the successful transfer to coinbase: 0x08e7d6bb6ec24f40aeefbb382355cf785532eb39e815e4f3b403fd8517db3b7e
Today I wanted to send another 2 eth to coinbase and instead of getting my deposit address from coinbase again I foolishly just copied the last thing in my trezor history. The thing I copied wasnt my coinbase deposit address, it was the other ERC20 contract address or whatever. It was 0xAcD871c01f32a28682bB8F4A76519B2FAAf60150.
Coinbase did not receive the transaction, When I contacted support, they said “this address isnt associated with your coinbase account, and we cant help you. Next time be more careful”.
txid of the failed transaction to who knows where: 0x024e4846fd05b6f164907d194e6c963346a1e68c511d7a3931370126cc93da80
Looking in my trezor, 3 new transactions show up. It is “transfer” to 0xAcD871c01f32a28682bB8F4A76519B2FAAf60150 and then “transfer” to 0xACDC5cCFbE196321711727007e5beebF89D60150 and then “sent eth” to 0xacD81Be3A219b89a6123c2b393dC099751BE0150.
Looking at 0xAcD871c01f32a28682bB8F4A76519B2FAAf60150, today is the first time it has actually received any eth. During my previous transactions, it was not this address that received the eth but some kind of erc20 token contract that received them.
Anyway, 25 minutes after they were received at that address, they were moved to another address 0x22A5457bD98617bbAA2197260108102F50f437B8. This address was created 16 days ago and currently still has 3.6 eth including $1960 of USDC tokens. In the transaction history there are multiple transactions regarding Circle USDC Tokens and “contract creation”.
Where exactly are these coins now in this contract wallet, who controls it, and is there any chance of getting them back somehow? Again, Coinbase already told me off.
The Eth is gone. If you thought it was coinbase and they have told you it’s not, then unfortunately I don’t rate your chances.
Bub-bye. It’s gone
Sounds like you fell victim to an address poisoning attack.
In an address poisoning attack, a scammer looks for transactions on the blockchain and identifies wallet addresses. They then create a new wallet with an address that is very similar to the one used in the transaction, usually differing by only a few characters. The scammer is betting on the fact that when you make another transaction, you might not double-check the entire address and end up sending your funds to their similar-looking address instead.
These attacks exploit the user’s oversight and the complexity of wallet addresses. To avoid such attacks, it’s crucial always to double-check the entire address when sending or receiving cryptocurrency and to use address book features in wallets that allow you to save and label trusted addresses.
Your funds, unfortunately, are irretrievably gone. You could consider filling a police report, but police aren’t helpful with most small crimes and even less so with cybercrime so that’s a decision you should make on your own.
It seems pretty sure to me that two of them have been created by a scammer to look similar:
0xAcd88288eCC4d3d0aD4Fee50E30C5574A8750150 <== (that’s the Coinbase address?)
0xAcD871c01f32a28682bB8F4A76519B2FAAf60150
0xACdC85504c0d4a017A0D2D5b44aC38a981450150
Na na na na. Na na na na. Hey hey hey. Good bye.
I did this one time to a polygon bridge contract address. They sent it back to me without me asking (or it’s some automated thing they have). Well except that it was with my non-custodial wallet, not Coinbase.
Hopefully you’re just as lucky.
Well, it’s a simple case of hacking. The hacker tampered with your system, which I actually experienced myself with TRX. It was a tough lesson, but I learned from it and now I always keep an eye on the address that stole my coins. Ever since that incident, I’ve been extra careful by double checking and sometimes cancelling my transactions before sending them out. It may not seem like much, but taking these precautions gives me peace of mind for my BTC, SOL, DOT, and TON coins. Stay safe out there!