[doggosphere]

Simplest explanation is the most likely.

Both wallets were accessed at the same time, indicating seed words for both wallets were exposed.

Regardless of what your nephew remembers, or believes about how he handled his seeds, someone got access to that data.

One culprit could be cloud hosting like iCloud, google docs, dropbox, etc.

[gruez]

> Simplest explanation is the most likely.

not to mention, there's probably ledger wallets holding much more than that. think bitcoin whales or HODLers from 2012. If they really had a 0day they certainly wouldn't be wasting it on some kid with only $40k in crypto holdings. If they did, it would be part of some sort of coordinated attack that everyone would be reporting.

[fadys]

I cannot stress this enough. The seed words on paper were never exposed.

iCloud could explain his Trust Wallet, but not his Ledger wallet (with the seed words on paper, hidden and literally not seeing the light of day for years).

[sarakayakomzin]

>I cannot stress this enough. The seed words on paper were never exposed.

AND they were generated via secure hardware? or did he just spin up a new key on an already compromised machine?