Self-Report: Private Key Leakage, How I Was Stolen $30 Million?

Author: Kuan Sun

Original link: https://x.com/KuanSun1990/status/1963947982396571840?t=2VbfvcVW5SZ7MqfG2E2Dfg&s=19

Statement: This article is a reprinted content; readers can obtain more information through the original link. If the author has any objections to the form of reprinting, please contact us, and we will modify it according to the author's request. Reprinting is only for information sharing, does not constitute any investment advice, and does not represent Wu's views and positions.


The cost of a foolish act, an expensive lesson; a bizarre drama, an unfinished pursuit

A recap of the $30 million theft in 2022

As previously mentioned, there is a kind of happiness called 'false alarm,' which corresponds to a kind of deep pain called 'I could have.' The night of June 4 to the early morning of June 5, 2022, was such a day for me. The entire event was filled with foolishness, absurdity, coincidence, ignorance, and deep regret.

After the incident, I spent quite a long time unable to emerge from the shadow. This was the first time in my life I encountered a relatively serious safety incident, so the pain it caused me is imaginable. The total loss at the time was about 15 million dollars (at June 2022 prices), but if calculated today (September 2025), the value has appreciated to nearly 30 million dollars. A significant portion of the assets is still sleeping on the blockchain address, but the pain caused to the involved party remains vivid whenever I think about it.

More than three years have passed since the incident, and now I can view it more objectively and have sorted out the most likely paths of the entire affair. Remembering the past serves as a lesson for the future, and learning from past mistakes is always beneficial; learning from others' experiences is even better.

In the past few days, some netizens said that I handled this Venus phishing incident very calmly, which is closely related to this matter. After all, having experienced similar incidents, I certainly have some experience and growth.

This is a very basic security incident, and the core issue lies in 'private key leakage,' such a basic mistake, yet accompanied by an extremely expensive bill.

However, there were many dramas and twists in the subsequent pursuit, which may inspire others, although I hope no one has to use these insights.

Evening of June 4: The alarm on Tron

During the USDD mining activity that night, I was dining out and casually opened my wallet on my phone to check my data in the USDD protocol, only to find something seemed off. When I returned home and opened my computer to look closely through the browser, I discovered that funds worth 2.75 million dollars had already been transferred out (victim address: TDFFoNasXaFoGb7CxtmcRgQHNiMpW1GQR5). At that moment, I panicked.

At that time, many friends comforted me, suggesting it might be a problem with the USDD protocol itself or a flaw in the TronLink wallet. In my panic, I even contacted Sun Yuchen to confirm whether there was a major issue with the ecosystem. Simultaneously, I transferred all assets on Tron to my Binance wallet.

This step was actually a significant directional mistake made in my panic. Because the real problem didn't lie with USDD or Tron, but rather that my entire environment had already been exposed.

Early morning of June 5: A night of entanglement

Believing the problem lay with Tron or USDD was a fatal directional error. At that time, it was my first encounter with a major safety incident, influenced by various voices, which made me think that my funds on other chains might be temporarily safe. At this moment, my EVM wallet actually still had a considerable amount of assets, but the EVM wallet's private key was different from Tron, and the generation time was much earlier.

Thus, on the night of June 4, I spent it in anxiety and panic, thinking that since the disaster had already occurred, perhaps it would stop there.
Many people ask why I didn't quickly transfer all the funds from the EVM at that time. The psychological process at that moment was as follows.
My psychological process was like this:
At that time, I indeed considered transferring the funds from the EVM wallet;
But 1) The EVM wallet had a large amount of DeFi structural positions, mainly leveraging mining positions built in Alpace Finance, which required complicated operations to unwind; it was definitely not a simple process of withdrawal and transfer;
2) That night, I could hardly sleep, but my family was nearby, asking if I was okay. Partly out of a desire to comfort their emotions, I thought I would 'sleep for my family,' instead of staying up to operate my assets while I was actually quite alert.
3) Although many exchanges and friends kindly gifted me a brand new hardware wallet, I always found it 'troublesome' and never used it. That night, I actually plugged in the ledger for the first time, and not to be embarrassed, when I saw the link, it produced a long string of addresses for me to choose from, and I was a bit uncertain. Moreover, the time was already between 2 AM and 3 AM, and I thought that in this panic, as a novice, I shouldn’t make mistakes on top of mistakes. I decided to find a tutorial tomorrow and learn slowly.

So, I told myself:
"I'll handle it tomorrow morning."

This seemingly casual decision became a turning point in my fate.

Morning of June 5: The real nightmare

I finally managed to fall asleep around 4 AM, but little did I know, the real disaster was approaching.
Without an alarm clock, I woke up at 7:50 AM, and when I opened my eyes, what I saw was a screen full of transfer reminders from Imtoken. At that moment, I felt as if I had fallen into an ice cellar.
Upon carefully checking the browser, I found that between 5 AM and 7 AM Beijing time, my EVM wallet (address: 0x5b76247e1fa700107d3eaf5ad4de09d0aca611bc) had been completely emptied.

At this point, I finally understood: this was a complete private key leakage.
What was even more heartbreaking was that none of this was completed by an automated script in one click; rather, the hacker operated on-chain for over two hours, slowly dismantling my positions and gradually transferring out the funds. During the operation, there were many mistakes, such as multiple failures during swaps, which did not resemble a professional hacker at all.
In other words—if I had been present at that time, choosing not to sleep but to stay at my computer, even racing against them, I could have likely salvaged most of the funds.
This is the part that pains me the most to this day: I could have.

Looking back, that night, I found many excuses: it was too late, my family was nearby, I was unfamiliar with Ledger, transferring structured positions was too troublesome... but these were not the fundamental reasons. The real reason was simply—my security awareness was insufficient.

If I had truly realized that this was a crisis that could lead to a loss of tens of millions of dollars, I would have immediately switched wallets and transferred assets. All the so-called excuses do not hold in the face of real disaster.

This is my most painful lesson.

Daytime of June 5: An unfamiliar letter

The development of the event was more bizarre than a novel.

The first batch of hackers, after transferring funds to ETH (address: 0x99ee113f2a8A55FFf2254568B9E2D41F18E95b2c), unexpectedly contacted me proactively.
In our conversation, he stated that taking a portion of the assets was to remind me of my security issues and told me the source of the problem, saying it was data bought from a database leak, which was pieced together to form the private key: "LONG STORY SHORT: DB LEAK, BOUGHT WITH 0.5 BTC, BILLIONS PIECES CONCATED AND GOT THESE." This statement can still be seen on the blockchain (https://etherscan.io/tx/0xcccf52c82979e6a6f0c68f29dd55f93224ba343e539472786c51109b57c89b1c).

What made me slightly relieved was that he was willing to return most of the funds he had stolen.
In the end, he returned about 2.2 million dollars to me, equivalent to 80% of the amount stolen at that time. The remaining funds were treated as a bounty for the security incident, marking the end of my first hacking experience.
As a gray hat, his methods, while somewhat controversial, I sincerely thank him today. If a more malicious person had acted first, my losses would have been even greater and more terrifying. In a sense, I was lucky to have met this person.

However, the second wave of hackers (0xA1ac23bE458E14AC0A0003DC1343D2AC575EA3b6) wasn't so benevolent. Despite repeatedly leaving messages to negotiate, this time, there was no dialogue, no explanation, and only cold on-chain transfer records were left.

The losses at that time were approximately as follows:
Currency Name Quantity Dollar Value
BTC 33.25 988510
BNB 25150 7560000
USDT 3920000 3920000
USDC 545000 545000
ALPACA 25000 8000
ETH 210 399000
SYN 318868 370000
LOOKS 502000 200000
BUSD 13300 13300
FTM 267500 101650
Total 13990510
The hacker exchanged these funds for 120 WBTC, 3485 ETH, 1800 BNB, and 6300000 DAI before transferring them into the Tornado protocol. If calculated at today's prices, it would be close to 30 million dollars.

June-July: The darkest aspects of human nature, a new trap

After that theft, what truly tormented me was not just the loss of money, but the ensuing doubt and instability.

The first batch of hackers mentioned 'private key leakage,' which made many people around me suspect that it might be an insider job. In such an atmosphere, I began to lose trust in those around me. Meanwhile, a large number of so-called 'help you recover funds' individuals approached me.

I can now clearly state: anyone whose main business is 'helping people find money' is 100% a scammer. A genuine security team never asks you for money; they seek data and on-chain evidence, not your emotions or wallet.

In my state of mind at the time, although I considered myself cautious and avoided being fooled by most, I was still briefly shaken by one person.
Why? Because he was 'recommended by many people in the circle.'

Those who recommended him may not have had malicious intent. They might just lack independent thought and feel that 'others say he is great,' thus repeating it, unknowingly providing endorsement to the scammer.
This is the most terrifying part of scammers: using human nature's 'herd mentality' to gain credibility.

At first, I did not believe him just because of the recommendation and remained cautious. However, this person's greatest 'advantage' was that he indeed had some friends in the public security system as 'insiders.'
So initially, he could provide me with some 'seemingly real' information for free:
• For example, he could tell me about some person's activity records;
• He could even describe a specific person's actions during a certain time period.

This information made me half-believe at first because some of the content was indeed real data illegally extracted from the system.
But scammers rely on a mixture of truth and falsehood to establish trust.

Then, he would base his own speculations on these 'real data': 'It seems that someone's behavior during a certain period is a bit suspicious?'

This is the brilliance of scammers: they do not directly deceive but use real information as a sugar coating, allowing you to gradually let down your guard.

Looking back, this is an entire psychological chain:
• Endless darkness: you have just been robbed, feeling only panic and helplessness.
• A glimmer of hope: they first hand you a 'candle,' making you feel as if you can really follow through.
• Gradual trust: As they provide several 'accurate pieces of information,' you start to rely on them.
• Final harvesting: Once trust accumulates to a certain level, they will propose their true demands—money.

For victims, the truly terrifying part is not losing money but the pain of being exploited and stripped of their last vestiges of belief in despair.

July 7: The climax and collapse of the scam

During that dark period, I was even gradually led to Shanghai. The scammer said that for the convenience of 'handling the case,' it would be best if I could personally go there and follow up with him. With a mindset of 'what if there really is a turning point,' I went and spent a month in Shanghai with them.

During this time, he claimed to have 'identified the biggest suspect,' making me feel that everything was about to turn around. To maintain this hope, he arranged some details for me every day:
• Sometimes he said he had a meeting with a certain department;
• Sometimes he said he would go persuade the leaders;
• Every step was vague yet seemed reasonable.

In this atmosphere of 'about to break the case,' his accomplices pretended to be friends and chatted with me privately, telling me that the key issue was not technical but was stuck with a certain 'leader' and 'needed some effort.'

After being strung along for several weeks, I finally wavered. I thought, since so much time had been wasted, I might as well give some money to see if it could push things forward. So I gave them 100,000 dollars.

The scammer's way of taking money was very clever: on the surface, they were still 'trying hard,' continuing to create various details that made me feel the money was well spent. But later, he even asked to borrow another 100,000 dollars and didn't return it at the agreed time.

At this point, I began to have serious doubts. To cover it up, they even arranged a so-called 'arrest operation' on short notice. Unfortunately, it was full of holes: previously, they played in gray areas, where the ambiguity was large and it was not easy to expose flaws; but this time, the fake arrest didn't hold up to scrutiny.

I decisively reported to the police. The police quickly intervened, and the scammer was eventually caught. I also recovered the 200,000 dollars.

This scam can be considered over at this point. Looking back, their methods were not sophisticated, but they precisely captured the psychology of a victim after a massive loss: the desire for hope, the anticipation of resolution, even being willing to pay a price with a 'let's give it a try' mindset.

During this time, the scammer also constantly fostered a 'friend-like' relationship. He often said that handling these matters was very hard and needed to relieve stress, so he invited me to play Texas Hold'em with him. Honestly, I had no mood to play at that time and didn't want to, but to avoid offending him and to maintain the so-called 'relationship,' I still forced myself to join.

The result was predictable—I lost quite a bit of money. This portion of money could not be recovered in the end. Looking back, this was completely the scammer exploiting the victim in multiple dimensions: on one hand, deceiving me of my trust and money; on the other hand, using the so-called 'entertainment' to continue consuming and controlling me.

The real reason: Input methods and database leaks?

After the scammer's act came to a pause, I gradually calmed down and began to review the root causes of the entire incident. Why were there two private keys leaked, generated three years apart?

After several reviews, the most likely path is—input method and clipboard leakage.

My operational habits at that time were very unsafe:
• Private keys were once inputted and pasted on Android phones and Windows computers (even when offline);
• I had various cracked software on my phone and used third-party input methods (like iFlytek voice input);
• Private keys were even directly sent in WeChat.

These behaviors, which seemed 'harmless' at the time, actually left fatal entry points for attackers.

The person involved in the Tron event mentioned 'billions pieces concatenated' (billions of pieces of data) and only spent 0.5 BTC. This type of database is mixed with massive amounts of clipboard and input method uploaded data, and my private key happened to be among them.

This explains why two wallets generated at completely different times would be exposed in the same leak:
• The common point is that they had appeared in the same environment and the same input method;
• Once the input method data is packaged and leaked, the private key is essentially exposed in plain text.

This painfully made me realize:

Input methods and clipboards—these most basic software—are actually the biggest hidden dangers;

No matter how secure the wallet itself is, it cannot withstand the complete loss of the input environment;

Being tempted by convenience (copying and pasting) could lead to losses on the scale of tens of millions of dollars;

It is essential to use cold wallets, with private keys never touching the internet.

The unfinished pursuit: Hope on the chain

The chapter of the scam has come to an end, but the real core loss still remains on-chain. After the incident, I refocused my attention on tracking the funds.

Fortunately, some of the funds actually did not truly 'disappear.' Due to sanctions against Tornado at the time of the incident, the user base plummeted, liquidity significantly decreased, and money laundering capabilities were severely limited. Moreover, the hacker's operations were quite 'foolish': he dumped the funds all at once into a Tornado pool with insufficient depth. This could not be cleaned up, leaving very obvious traces.

Thus, as of today, some funds can almost be confirmed to still belong to me; they are still quietly lying there, and three years have passed without a single movement.
Although three years have passed since the incident, I have never given up on the pursuit. For this, I am willing to publicly offer a bounty:
• Anyone who can provide effective clues to help me recover funds or confirm the direction of the funds will receive a bounty;
• The bounty amount will increase by 10% each year:
• First year = 10%
• Second year = 20%
• Third year = 30%
• ...
• Until capped at 90%;
• It is now the third year, so the bounty reward = 30%;

This is a commitment to myself and to the community and to anyone willing to extend a helping hand.

I am not afraid of waiting because on-chain data will not disappear. As long as the funds are still lying there, this pursuit has no end.

For many people, this may mean it has already 'ended.' But for me, this is merely 'an unfinished pursuit.' As long as the on-chain data is still there, I will not give up.

After all, do you still remember the gray hat in the first case? He left me another message on-chain:
"NEVER INTENDED TO DO HARM
PITY FOR EVM LOSE, CHASE HARDER" (https://etherscan.io/tx/0x5d76c4b5bb6059a673eeb4543566eac8b9f51bf1571c274a7119ee5916df2e7b)

This sentence is like a faint light, allowing me to continue on the road of pursuit, even if alone, I am unwilling to stop.

Acknowledgements

Although this case has not yet managed to recover the funds, I must thank the friends and teams that have given me immense support throughout this journey.

Thanks to my friend @0xblanker, who provided me with extremely detailed and continuous help along the way; my gratitude cannot be expressed in words;

Thanks to the PeckShield team @peckshield and Dr. Jiang @xuxian_jiang, who conducted extensive on-chain analysis and attempts, and offered me sincere help during the most challenging times;

Thanks to the SlowMist team @SlowMist_Team and Teacher Yuxian @evilcos, who provided insightful analyses and security advice.

Regrettably, looking back, from today's (September 2025) perspective, I have yet to fully absorb and digest these valuable experiences. But I will always remember this gratitude and respect.