I am urgently reaching out to report the theft of 29.9 KSM from my wallet, which I manage using the Talisman extension. Below are the relevant details:
Date of incident: [Insert date here – e.g., June 18, 2025]
Time of transaction: 10:35
Receiving address: G7YiZnHG…31Kuq1SX
Inbound transfer (June 1): +29.99 KSM from address EwsehEPV…7iK28RBm at 23:04
I did not authorize this outgoing transaction, and I believe my wallet may have been compromised or misused.
Important context:
The destination address (G7YiZnHG…31Kuq1SX) is the same address I interacted with a few days ago when joining a staking pool. This leads me to suspect that the pool connection was used to gain unauthorized access or execute the withdrawal without my consent.
I am from Ecuador, and I have very limited financial resources. These 29.9 KSM represent a significant part of my savings and efforts. It is devastating and absolutely unfair that someone – possibly a whale with millions of dollars in assets – has taken advantage of my situation and drained my wallet.
I respectfully ask for:
Investigation into the destination address and any associated service or pool.
Clarification on whether a pool or staking interaction could have led to this breach.
Guidance on securing my wallet and avoiding such risks in the future.
Support in raising this case with the Kusama ecosystem or any relevant exchange if the funds landed there.
Please find attached evidence. I am willing to provide more information as needed and truly hope for your support in this matter.
the TX was performed on the Kusama relay chain. A chain exploit seems unlikely, given the high degree of auditing that has gone into it.
Life time indicates that the tx was signed just before.
I don’t see any proxies attached.
The transfer went through a clearing account into a CEX hot wallet (possibly Binance)
The two most likely scenarios here are that either you got compromised/gave away your seed phrase or signed a malicious transaction just in that moment. Since you did not indicate signing anything at the time, it would most likely point to you having been compromised.
There is nothing the network can do here for you.
You might want to consider filing a theft report with the police and submitting it to the CEX in question.
If you control further funds on the same machine you had your compromised wallet on, you might want to consider keeping the potentially compromised machine offline, and securing your funds by importing the seed phrases to an uncompromised device to transfer remaining funds to new wallets asap.
Never store a seed phrase digitally in any device. Use pen&paper or Banana split for paper backups.
Create a specific profile in your browser for your crypto Ops and only use when you interact with wallets, exchanges and other crypto services. Use the bookmark function to access these websites.
Keep your browser and OS up-to-date.
For storing passwords, use a password manager. There are some nice open source options out there (https://keepassxc.org/ / Bitwarden) or other paid options. Create a “long but easy to remember/difficult to guess” password for the password manager, and let the password manager to create and manage the rest of them ( dont reuse passwords, create a new passw for every service and leave the Password manager to manage all of them: the only password you need to remember is the one to access the password manager).
If the password manager has a browser extension install it, and use its autofill function whenever you log in. Using a password manager is one of the most important digital hygiene habits out there. Just get use to it and incorporate to your digital life.
Encrypt your computer drive and have the habit of making regular backups ( in also encrypted drives).
Take a look to some protecting tools like firewalls and malware detectors and give them a try. You can find open source alternatives in the net.
Ecuador