Hi, I’ve just paid for Mullvad VPN (personally recommend) with XMR. That looked like this:

  1. I copied the address (one time subaddress) and the amount, checked if everything matched (and it did) and pressed send.
  2. On my Ledger I checked the fee, accepted, checked the amount, accepted, checked the address… REJECTED, because the address was different.
  3. Repeated the step above probably 2 times, installed ClaimAV and started full scan of my machine for malware.
  4. Because the Monero Wallet GUI was freshly installed from official Arch Linux repo and it showed the right address I decided to still accept the transaction. Worst case I lose 10 €.
  5. While the transaction was pending I tried to prove payment using LocalMonero’s block explorer and I got an error. So I basically got hacked and lost 10 € …
  6. Checked Mullvad VPN app and… it was paid???

Can someone explain me what just happened? My ledger showed a different address than what I copied, but the transaction still went to the right person. I started using Ledger only a month ago and I haven’t been paying with it much. If this is all good and right, how can I tell if I’m being scammed on my Ledger?

  • Rucknium
    link
    fedilink
    arrow-up
    8
    ·
    11 months ago

    Good question. You didn’t get hacked. You approved the payment to Mullvad.

    When you send XMR to an “integrated address”, Ledger does not display the integrated address on the device. It displays the raw Monero address. Mullvad probably uses integrated addresses.

    SethForPrivacy said:

    At present, the UX around integrated addresses can be confusing and even outright dangerous, like how the Ledger always displays the underlying address instead of the integrated address, making address verification difficult or impossible depending on the application.

    I don’t know if there are plans to fix this or if it can be fixed at all.