xmrwallet.com is a Scam — Use These Safe Monero Wallets Instead
If you found this article because you are looking for a Monero wallet, you may have come across xmrwallet.com in search results or been recommended it in a forum. Do not use it. PhishDestroy Research has confirmed through forensic code analysis that xmrwallet.com is a theft operation that steals your private view key through the session_key parameter (encoded in base64) and hijacks your transactions by returning raw_tx_and_hash.raw = "0" instead of valid transaction data.
This article lists the Monero wallets that are actually safe and explains what makes them trustworthy compared to xmrwallet.com.
Why xmrwallet.com Is Dangerous: Quick Summary
- Steals your private view key by encoding it as base64 in the
session_keyparameter sent to the server - Hijacks your transactions by returning
raw_tx_and_hash.raw = "0"instead of valid transaction data - 15+ documented victims with estimated losses exceeding $2 million USD
- Active since 2016 — nearly a decade of stealing Monero
- Operator deletes evidence — 21+ GitHub issues were wiped after exposure
- Escape domains (
xmrwallet.cc,xmrwallet.biz) were registered and subsequently suspended
Safe Monero Wallet Alternatives
1. Official Monero GUI / CLI Wallet
The official Monero wallet maintained by the Monero Project core team. This is the gold standard for Monero security. Your private keys never leave your computer. The software is fully open source, has been audited multiple times, and is built by the same team that develops the Monero protocol itself.
- Platforms: Windows, macOS, Linux
- Type: Full node (GUI) or lightweight (CLI with remote node)
- Keys stay on your device: Yes, always
- Open source: Yes, fully auditable
- Best for: Maximum security and full control
2. Feather Wallet
A free, open-source Monero desktop wallet focused on usability and privacy. Feather Wallet is lightweight, connects to remote nodes by default (no need to download the full blockchain), and is widely recommended by the Monero community. It is developed transparently on GitHub with regular releases.
- Platforms: Windows, macOS, Linux, Tails
- Type: Lightweight desktop wallet
- Keys stay on your device: Yes, always
- Open source: Yes, fully auditable
- Best for: Desktop users who want ease of use without running a full node
3. Cake Wallet
A popular open-source mobile wallet that supports Monero (along with Bitcoin and other currencies). Cake Wallet is available on both iOS and Android and is one of the most widely used mobile Monero wallets. Your keys are stored locally on your phone and never sent to a server.
- Platforms: iOS, Android, macOS, Linux
- Type: Mobile and desktop wallet
- Keys stay on your device: Yes, always
- Open source: Yes, fully auditable
- Best for: Mobile users who need Monero on the go
Comparison: xmrwallet.com vs Safe Alternatives
| Feature | xmrwallet.com | Safe Alternatives |
|---|---|---|
| Keys stay on device | NO — view key sent to server | YES — always local |
| Transactions constructed | Server-side (hijacked) | Client-side (local signing) |
| Open source (verifiable) | Claims to be, but live code differs | Fully auditable, matches releases |
| Community trust | Operator banned from r/Monero | Recommended by Monero Project |
| Track record | $2M+ stolen, 15+ victims | Years of safe operation |
| Transparency | Deletes evidence, threatens researchers | Open development, public audits |
How to Identify a Dangerous Wallet
The xmrwallet.com scam teaches several important lessons about evaluating cryptocurrency wallets:
- Web wallets are inherently risky. Any wallet that runs in your browser must communicate with a server. This creates a trust point that can be exploited. Desktop and mobile wallets that keep keys entirely on your device eliminate this attack surface.
- "Open source" claims need verification. xmrwallet.com claimed to be open source, but the code running on the live server did not match the public repository. Always verify that a wallet's published source code matches the actual deployed application.
- Check community reputation. The Monero subreddit (r/Monero) had banned the xmrwallet operator. Legitimate projects have positive standing in their communities. Bans, warnings, and victim reports are red flags.
- Examine network requests. If you have the technical knowledge, monitor what a wallet sends to its server. xmrwallet.com sent the private view key in every request. A legitimate wallet should never transmit your private keys.
- Use wallets listed on getmonero.org. The official Monero website maintains a curated list of trusted wallets. If a wallet is not listed there, treat it with extreme caution.
If You Previously Used xmrwallet.com
- Download a safe wallet (Monero GUI, Feather Wallet, or Cake Wallet) from the official website
- Create a brand new wallet — do NOT import your xmrwallet.com seed phrase
- Send any remaining funds from your xmrwallet.com address to your new wallet address
- Never use the old seed phrase, private keys, or wallet address again
- Consider any key material from xmrwallet.com permanently compromised
Your old seed phrase and keys are in the hands of the xmrwallet.com operator. Even if your funds have not been stolen yet, they can be taken at any time. A clean break with completely new keys is the only safe path.
All Investigation Mirrors
- phishdestroy.github.io/DO-NOT-USE-xmrwallet-com
- phishdestroy.codeberg.page/DO-NOT-USE-xmrwallet-com
- phishdestroy.gitlab.io/do-not-use-xmrwallet-com
- phishdestroy.bitbucket.io/DO-NOT-USE-xmrwallet-com
- phishdestroy-research.on.drv.tw/DO-NOT-USE-xmrwallet-com
- phishdestroy.neocities.org/DO-NOT-USE-xmrwallet-com