Hey everyone,
I’m freaking out right now. This morning I logged into my Ledger wallet to check my holdings and saw that almost all my ETH and USDT had been drained overnight. The transactions were confirmed directly from my Ledger, but I swear I never approved them.
-
I bought my Ledger Nano X directly from Ledger in 2022.
-
I’ve NEVER entered my recovery phrase anywhere online, and I keep it written down in a safe.
-
My computer is clean (Windows + updated antivirus). I mostly use MetaMask + Ledger to interact with DeFi protocols.
-
I remember last week connecting to a new DeFi project that required signing multiple approvals. The transactions on the Ledger looked normal at the time, but now I’m wondering if I blindly signed something malicious.
Looking at Etherscan, it seems the attacker drained my funds through a series of token approvals, then swapped everything into ETH before sending it to a mixing service.
I always thought Ledger was “unhackable,” but clearly something went wrong. Could this be a blind signing exploit? Is there ANY chance to trace or recover my funds?
I’m posting here in desperation—if anyone has advice (besides the usual “never share your seed phrase”), please help. I feel sick knowing I might have lost everything.
