Bitcoin Forum

Alternate cryptocurrencies => Service Discussion (Altcoins) => Topic started by: leigh2k14 on April 02, 2016, 03:35:12 PM



Title: Multiple Bittrex accounts hacked everyone enable 2fa
Post by: leigh2k14 on April 02, 2016, 03:35:12 PM
Mine and another member of this forum have been hacked today, I lost 8BTC worth of alts, i'm not sure how much CosaNostra lost.

https://bitcointalk.org/index.php?topic=1416068.msg14399775#msg14399775

And before you ask, no I did not have 2fa set up (lesson learned).

Have any others been hacked?


Title: Re: Two Bittrex accounts hacked today.
Post by: bathrobehero on April 02, 2016, 03:50:52 PM
Not me, but I just wanted to say that people reading this should really use 2FA before they also learn the same pricey lesson you and I did (it was a long time ago for me).


Title: Re: Two Bittrex accounts hacked today.
Post by: leigh2k14 on April 02, 2016, 03:54:22 PM
Not me, but I just wanted to say that people reading this should really use 2FA before they also learn the same pricey lesson you and I did (it was a long time ago for me).

I was lazy and thought that nobody would hack me, damn I was wrong.

If your reading this and don't have 2fa set up, DO IT!


Title: Re: Two Bittrex accounts hacked today.
Post by: CosaNostra on April 02, 2016, 04:09:03 PM
Not me, but I just wanted to say that people reading this should really use 2FA before they also learn the same pricey lesson you and I did (it was a long time ago for me).

I was lazy and thought that nobody would hack me, damn I was wrong.

If your reading this and don't have 2fa set up, DO IT!

Yep, I was lazy to set 2fa too  :(
All the coins I had there were dumped and I can see a lot of "stupid" orders in my history...

What I can say? SET 2FA!!!

leigh2k14, have you been using the same password anywhere else?


Title: Re: Two Bittrex accounts hacked today.
Post by: leigh2k14 on April 02, 2016, 04:11:21 PM
Not me, but I just wanted to say that people reading this should really use 2FA before they also learn the same pricey lesson you and I did (it was a long time ago for me).

I was lazy and thought that nobody would hack me, damn I was wrong.

If your reading this and don't have 2fa set up, DO IT!

Yep, I was lazy to set 2fa too  :(
All the coins I had there were dumped and I can see a lot of "stupid" orders in my history...

What I can say? SET 2FA!!!

leigh2k14, have you been using the same password anywhere?

No, I only have one password for bittrex.

Did you lose much?

I'm going to format both my machines, I suggest you do the same mate.


Title: Re: Two Bittrex accounts hacked today.
Post by: sillug on April 02, 2016, 04:15:43 PM
I don't have a Bittrex account, so I'm not concerned, but I would like to know how you were hacked, to protect my YoBit account in case of.


Title: Re: Two Bittrex accounts hacked today.
Post by: leigh2k14 on April 02, 2016, 04:23:25 PM
I don't have a Bittrex account, so I'm not concerned, but I would like to know how you were hacked, to protect my YoBit account in case of.

I would like to know as well, we're still trying to figure that one out.

Make sure you have that 2fa enabled.

So far it's only two of us.


Title: Re: Two Bittrex accounts hacked today.
Post by: defined on April 02, 2016, 04:36:15 PM
How did the hack happen? Did your computer get hacked or did someone guess the password?

I always get an email to confirm a withdraw, does that mean 2FA is active? I never asked for it to be activated.


Title: Re: Two Bittrex accounts hacked today.
Post by: leigh2k14 on April 02, 2016, 04:41:24 PM
How did the hack happen? Did your computer get hacked or did someone guess the password?

I always get an email to confirm a withdraw, does that mean 2FA is active? I never asked for it to be activated.

I'm guessing they either knew our emails and brute forced somehow, or we have a keylogger installed on our machines.

It doesn't matter about the withdrawal, they set a high price on a coin that they own and dump your coins, then buy the coins from them selves, so no withdrawal.


Title: Re: Two Bittrex accounts hacked today.
Post by: onlinedragon on April 02, 2016, 04:51:19 PM
Sad that you are scammed today and good you earn us to use always 2FA protection.

When you use 2FA is this always going without problems. What happens when you lose your phone can you still enter 2FA?


Title: Re: Two Bittrex accounts hacked today.
Post by: shinep on April 02, 2016, 04:53:15 PM
Always use 2FA guys...Its a wild world out there


Title: Re: Two Bittrex accounts hacked today.
Post by: sandiman on April 02, 2016, 04:55:58 PM
Thanks for sharing your experience, going to set up 2FA right now (was lazy as well).


Title: Re: Two Bittrex accounts hacked today.
Post by: M4z on April 02, 2016, 04:59:55 PM
Damn, sad it happens for you.
Well, at least you shared the word and I respect you for that, use 2FA guys, 2FA!


Title: Re: Two Bittrex accounts hacked today.
Post by: Master_dandosha on April 02, 2016, 05:03:10 PM
Sorry for your lost dear hope some members here including bittrex would donate some btc to cover some of your lost. the 2 factor authentication is very important i learn this lesson too .
i hope bittrex & other exchanges will enable mobile number as 2fa instead of google auth


Title: Re: Two Bittrex accounts hacked today.
Post by: leigh2k14 on April 02, 2016, 05:04:24 PM
Sad that you are scammed today and good you earn us to use always 2FA protection.

When you use 2FA is this always going without problems. What happens when you lose your phone can you still enter 2FA?

You write your private key down on some paper.


Title: Re: Two Bittrex accounts hacked today.
Post by: shkbits on April 02, 2016, 05:11:18 PM
Sad that you are scammed today and good you earn us to use always 2FA protection.

When you use 2FA is this always going without problems. What happens when you lose your phone can you still enter 2FA?

You write your private key down on some paper.

Even though it is not the most safest method, I always save the qr image to my backup folder, just in case if I loose my phone.

Writing down the private key would be the safest method (I don't remember if they show private key on Bittrex while generating QR for 2fa) . Test that private key to restore the code, to make sure you did not make any spelling mistake.


Title: Re: Two Bittrex accounts hacked today.
Post by: CosaNostra on April 02, 2016, 05:12:33 PM
Not me, but I just wanted to say that people reading this should really use 2FA before they also learn the same pricey lesson you and I did (it was a long time ago for me).

I was lazy and thought that nobody would hack me, damn I was wrong.

If your reading this and don't have 2fa set up, DO IT!

Yep, I was lazy to set 2fa too  :(
All the coins I had there were dumped and I can see a lot of "stupid" orders in my history...

What I can say? SET 2FA!!!

leigh2k14, have you been using the same password anywhere?

No, I only have one password for bittrex.

Did you lose much?

I'm going to format both my machines, I suggest you do the same mate.

I don't remember exact amounts, but it was about 1.5BTC in total, so not that much, fortunately!
No, it's not connected with the machines I'm using and the password is not that easy, so I'm wondering how could that happen at all  ???


Title: Re: Two Bittrex accounts hacked today.
Post by: shkbits on April 02, 2016, 05:13:28 PM
leigh2k14,

Did you use the same email and password for any mining pool or other sites?


Title: Re: Two Bittrex accounts hacked today.
Post by: BellaBitBit on April 02, 2016, 05:15:15 PM
Sorry to hear this happened  :( That is a lot of btc.  This is a great reminder to everyone and myself to do 2F whenever offered.


Title: Re: Two Bittrex accounts hacked today.
Post by: leigh2k14 on April 02, 2016, 05:17:38 PM
leigh2k14,

Did you use the same email and password for any mining pool or other sites?

No, I haven't mined for quite some time.

It's unique to bittrex.


Title: Re: Two Bittrex accounts hacked today.
Post by: shkbits on April 02, 2016, 05:20:16 PM
Sorry to hear this happened  :( That is a lot of btc.  This is a great reminder to everyone and myself to do 2F whenever offered.

Yeah man, I wouldn't sleep for 2 weeks if I have lost that much BTC.

leigh2k14,
You said you used to compile wallets from source, is that on windows or linux?


Title: Re: Two Bittrex accounts hacked today.
Post by: leigh2k14 on April 02, 2016, 05:21:45 PM
Not me, but I just wanted to say that people reading this should really use 2FA before they also learn the same pricey lesson you and I did (it was a long time ago for me).

I was lazy and thought that nobody would hack me, damn I was wrong.

If your reading this and don't have 2fa set up, DO IT!

Yep, I was lazy to set 2fa too  :(
All the coins I had there were dumped and I can see a lot of "stupid" orders in my history...

What I can say? SET 2FA!!!

leigh2k14, have you been using the same password anywhere?

No, I only have one password for bittrex.

Did you lose much?

I'm going to format both my machines, I suggest you do the same mate.

I don't remember exact amounts, but it was about 1.5BTC in total, so not that much, fortunately!
No, it's not connected with the machines I'm using and the password is not that easy, so I'm wondering how could that happen at all  ???


Same here mate.

If any more people were to get hacked i'd say that bittrex had been compromised, but just two I would have to say no.


Title: Re: Two Bittrex accounts hacked today.
Post by: leigh2k14 on April 02, 2016, 05:22:10 PM
Sorry to hear this happened  :( That is a lot of btc.  This is a great reminder to everyone and myself to do 2F whenever offered.

Yeah man, I wouldn't sleep for 2 weeks if I have lost that much BTC.

leigh2k14,
You said you used to compile wallets from source, is that on windows or linux?

Linux mint.


Title: Re: Two Bittrex accounts hacked today.
Post by: shkbits on April 02, 2016, 05:24:38 PM
I have never heard of a keylogger existing on Linux, maybe there is, I am not an expert. If you are using a complicated and unique password, bruteforcing would be difficult and also Bittrex uses captcha for every login, so brute-forcing will also be very slow.


Title: Re: Two Bittrex accounts hacked today.
Post by: shkbits on April 02, 2016, 05:27:40 PM
Have you logged into your Bittrex account from any other PC which you don't own?


Title: Re: Two Bittrex accounts hacked today.
Post by: leigh2k14 on April 02, 2016, 05:32:09 PM
I have never heard of a keylogger existing on Linux, maybe there is, I am not an expert. If you are using a complicated and unique password, bruteforcing would be difficult and also Bittrex uses captcha for every login, so brute-forcing will also be very slow.


My password was only eight characters, one uppercase and two numbers.

Not the best.


Title: Re: Two Bittrex accounts hacked today.
Post by: leigh2k14 on April 02, 2016, 05:32:24 PM
Have you logged into your Bittrex account from any other PC which you don't own?

No.


Title: Re: Two Bittrex accounts hacked today.
Post by: target on April 02, 2016, 05:37:04 PM
has this something to do with easy passwords? is your password easy to predict?

I hate setting up 2FA actually mobile isn't my thing. I wouldn't mind if I getto login to the site regularly but if not, I would simply avoid setting it up.
I don't login much to my bittrex account i just login in there once and got out since I prefer to buy coins on polo.


Title: Re: Two Bittrex accounts hacked today.
Post by: shkbits on April 02, 2016, 05:39:28 PM
Someone might have got your email and he might be bruteforcing manually. I don't know if there is any tool which can be used to bruteforce forms with captcha.


Title: Re: Two Bittrex accounts hacked today.
Post by: andyatcrux on April 02, 2016, 05:40:30 PM
Sorry to hear this happened to you. Yeah, 2FA is a MUST. But if you do have a keylogger you should probably get Spyshelter and then change all your passwords using a manager like Lastpass.


Title: Re: Two Bittrex accounts hacked today.
Post by: Master_dandosha on April 02, 2016, 06:02:39 PM
Sorry to hear this happened  :( That is a lot of btc.  This is a great reminder to everyone and myself to do 2F whenever offered.

Yeah man, I wouldn't sleep for 2 weeks if I have lost that much BTC.

leigh2k14,
You said you used to compile wallets from source, is that on windows or linux?

Linux mint.
I thought Linux is a free operating system from Trojan or keylogger or any similar hacking virus ?
is that possible ?????


Title: Re: Two Bittrex accounts hacked today.
Post by: leigh2k14 on April 02, 2016, 06:07:43 PM
Sorry to hear this happened  :( That is a lot of btc.  This is a great reminder to everyone and myself to do 2F whenever offered.

Yeah man, I wouldn't sleep for 2 weeks if I have lost that much BTC.

leigh2k14,
You said you used to compile wallets from source, is that on windows or linux?

Linux mint.
I thought Linux is a free operating system from Trojan or keylogger or any similar hacking virus ?
is that possible ?????

If a key logger was used, they would only be able to install in my home folder, the rest of the OS needs root privileges.


Title: Re: Two Bittrex accounts hacked today.
Post by: leigh2k14 on April 02, 2016, 06:23:24 PM
Someone might have got your email and he might be bruteforcing manually. I don't know if there is any tool which can be used to bruteforce forms with captcha.

I changed my password on my email just for good measure.


Title: Re: Two Bittrex accounts hacked today.
Post by: rokkyroad on April 02, 2016, 06:29:52 PM
Most likely a browser exploit but Mint linux was hacked a while back and a compromised iso was downloaded for a day or two.

http://www.pcworld.com/article/3035682/security/hackers-planted-a-backdoor-inside-a-compromised-version-of-linux-mint.html


Title: Re: Two Bittrex accounts hacked today.
Post by: leigh2k14 on April 02, 2016, 06:42:43 PM
Most likely a browser exploit but Mint linux was hacked a while back and a compromised iso was downloaded for a day or two.

http://www.pcworld.com/article/3035682/security/hackers-planted-a-backdoor-inside-a-compromised-version-of-linux-mint.html

My copy pre dates Feb 20th.



Title: Re: Two Bittrex accounts hacked today.
Post by: cryptoheadd on April 02, 2016, 08:37:02 PM
Shit!
You lost 8 BTC.

Setting up 2FA on all of my accounts.


Title: Re: Two Bittrex accounts hacked today.
Post by: alyssa85 on April 02, 2016, 10:27:11 PM
Someone might have got your email and he might be bruteforcing manually. I don't know if there is any tool which can be used to bruteforce forms with captcha.

There are email lists for bitcoiners - when Cryptsy was dying, I got a phishing email, but it was to an old email address that I'd had at Mintpal not the email address I actually used at Cryptsy. So i knew they hadn't been hacked. I'm pretty sure that people with accounts at mtgox are on a list somewhere too. If the password you are using is similar, then they probably tried a variation of that.


Title: Re: Two Bittrex accounts hacked today.
Post by: traK4Ubitl on April 02, 2016, 10:35:00 PM
hello.  im sorry about your coins.  id like to ask.  do you have teamviewer, vnc or skype installed in your computers?
it sounds like the attacks may have been local?

also have you installed https everywhere from eff? it is possible a browser or spoof attack


Title: Re: Two Bittrex accounts hacked today.
Post by: leigh2k14 on April 02, 2016, 11:08:55 PM
Someone might have got your email and he might be bruteforcing manually. I don't know if there is any tool which can be used to bruteforce forms with captcha.

There are email lists for bitcoiners - when Cryptsy was dying, I got a phishing email, but it was to an old email address that I'd had at Mintpal not the email address I actually used at Cryptsy. So i knew they hadn't been hacked. I'm pretty sure that people with accounts at mtgox are on a list somewhere too. If the password you are using is similar, then they probably tried a variation of that.

I forgot about craptsy, my passwords are very similar.


Title: Re: Two Bittrex accounts hacked today.
Post by: leigh2k14 on April 02, 2016, 11:12:06 PM
hello.  im sorry about your coins.  id like to ask.  do you have teamviewer, vnc or skype installed in your computers?
it sounds like the attacks may have been local?

also have you installed https everywhere from eff? it is possible a browser or spoof attack

I have skype installed. Do you know any hacks that can be used on skype?

No I don't have https everywhere, I used to.


Title: Re: Two Bittrex accounts hacked today.
Post by: alyssa85 on April 02, 2016, 11:29:41 PM
Someone might have got your email and he might be bruteforcing manually. I don't know if there is any tool which can be used to bruteforce forms with captcha.

There are email lists for bitcoiners - when Cryptsy was dying, I got a phishing email, but it was to an old email address that I'd had at Mintpal not the email address I actually used at Cryptsy. So i knew they hadn't been hacked. I'm pretty sure that people with accounts at mtgox are on a list somewhere too. If the password you are using is similar, then they probably tried a variation of that.

I forgot about craptsy, my passwords are very similar.


Remember that bitcointalk got hacked a while back too. If you are using the same email and a similar password here too, that that could be how they got in.

I know you said you have changed your passwords, but it might be worth using a different email as well. And having completely different passwords for each exchange you use.


Title: Re: Two Bittrex accounts hacked today.
Post by: traK4Ubitl on April 03, 2016, 12:49:59 AM
hello.  im sorry about your coins.  id like to ask.  do you have teamviewer, vnc or skype installed in your computers?
it sounds like the attacks may have been local?

also have you installed https everywhere from eff? it is possible a browser or spoof attack

I have skype installed. Do you know any hacks that can be used on skype?

No I don't have https everywhere, I used to.

yes skype reveals ip.   do you use standard isp password too? also yes if not forcing ssl you could have got browser spoofed.

  lol and yes bitcointalk has been hacked many times with all the info dumped.. dont use any monetary account related email username or password here id say


Title: Re: Two Bittrex accounts hacked today.
Post by: traK4Ubitl on April 03, 2016, 01:17:49 AM
but to check first of course check your last skype contacts, any remote access users youve allowed. 

I cannot see brute forcing bittrex a possibility.   even if  they had your username somehow.   spoofing the site would be much easier, so if that's the case then others should be aware of a fake bittrex site.


Title: Re: Two Bittrex accounts hacked today.
Post by: Spoetnik on April 03, 2016, 02:40:15 AM
it wasn't random.. you were targeted but by whom?

First guys i would suspect are Bittrex staff.. but i doubt they are behind it.
But IT is possible !

And if you use similar passwords on other sites then i bet one of the other sites staff targeted you.
See how these places can not be trusted?

Or you got nailed with a keylogger maybe.. they get posted here occasionally in wallets.
downloading any sketchy altcoin wallets?

If my password was compromised Bittrex would be getting blamed.
I use Password Depot to generate complicated & advanced 24 char random passwords.
So no one is going to guess it..

PS:
Watch out for ransomware guys.. they are on pretty much all OS's these days now. (even Mac's)


Title: Re: Two Bittrex accounts hacked today.
Post by: bandofgypsys on April 03, 2016, 02:57:34 AM
it wasn't random.. you were targeted but by whom?

First guys i would suspect are Bittrex staff.. but i doubt they are behind it.
But IT is possible !

And if you use similar passwords on other sites then i bet one of the other sites staff targeted you.
See how these places can not be trusted?

Or you got nailed with a keylogger maybe.. they get posted here occasionally in wallets.
downloading any sketchy altcoin wallets?

If my password was compromised Bittrex would be getting blamed.
I use Password Depot to generate complicated & advanced 24 char random passwords.
So no one is going to guess it..

PS:
Watch out for ransomware guys.. they are on pretty much all OS's these days now. (even Mac's)

Good advice!!

Also, I read a story on a hacker he said that if ppl use passwords that auto complete, the kind in keychains. Then you don't type in the passwords and
key loggers never see what your typing.

Even with my 2fa I wait till the last second to type them in incase I'm being logged.


Title: Re: Two Bittrex accounts hacked today.
Post by: leigh2k14 on April 03, 2016, 03:13:33 AM
Just got this reply from bittrex: 

 Ryan Hentz (Bittrex)

Apr 2, 19:51

Hi,

We have looked into multiple accounts that were hacked in the same way as yours. All of the orders placed on these hacked accounts were done so from the users own machines as we have login data that shows this. The attacker also immediately withdrew the stolen funds via the api. The attacker seems to also be using a VPN as their account has lots of different ip's for the login

Have you installed any wallet software within the past couple of days? Another one of the users said they had installed some items and even saw that the attacked cleared their log files (they were on linux), it could even be something like a browser extension. Any changes to the system....

Thank you,

Ryan


Title: Re: Two Bittrex accounts hacked today.
Post by: kiklo on April 03, 2016, 03:28:20 AM
Just got this reply from bittrex:  

 Ryan Hentz (Bittrex)

Apr 2, 19:51

Hi,

We have looked into multiple accounts that were hacked in the same way as yours. All of the orders placed on these hacked accounts were done so from the users own machines as we have login data that shows this. The attacker also immediately withdrew the stolen funds via the api. The attacker seems to also be using a VPN as their account has lots of different ip's for the login

Have you installed any wallet software within the past couple of days? Another one of the users said they had installed some items and even saw that the attacked cleared their log files (they were on linux), it could even be something like a browser extension. Any changes to the system....

Thank you,

Ryan

Few things to check
Do you use any other exchanges beside Bittrex , were they compromised?

Were you and everyone else running Linux Mint?
If so what version, it may have been the earlier version were also infected and no one caught it.
Did you confirm the check sum when you downloaded the original ISO?
(If the check sum of your ISO , does not match , odds are that was your infection point.)

Is your PC connected directly to a Cable or DSL modem, with no hardware Firewall in-between?

What new software have you downloaded in the past week or so?

 8)



Title: Re: Two Bittrex accounts hacked today.
Post by: leigh2k14 on April 03, 2016, 03:42:37 AM
It's really early here in the UK, i'm gonna get some sleep.

I have a possibility of what might of happened. It's obvious I was targeted.

Is there anyone here with hacking skills willing to help? i'll have to speak through PM.

Leigh.


Title: Re: Two Bittrex accounts hacked today.
Post by: alyssa85 on April 03, 2016, 03:43:17 AM
Just got this reply from bittrex: 

 Ryan Hentz (Bittrex)

Apr 2, 19:51

Hi,

We have looked into multiple accounts that were hacked in the same way as yours. All of the orders placed on these hacked accounts were done so from the users own machines as we have login data that shows this. The attacker also immediately withdrew the stolen funds via the api. The attacker seems to also be using a VPN as their account has lots of different ip's for the login

Have you installed any wallet software within the past couple of days? Another one of the users said they had installed some items and even saw that the attacked cleared their log files (they were on linux), it could even be something like a browser extension. Any changes to the system....

Thank you,

Ryan

Interesting that they mention multiple accounts - that means that more than two were hacked... It looks like they must have used some sort of bot. Too many to manually bruteforce.


Title: Re: Two Bittrex accounts hacked today.
Post by: leigh2k14 on April 03, 2016, 03:45:05 AM
Just got this reply from bittrex: 

 Ryan Hentz (Bittrex)

Apr 2, 19:51

Hi,

We have looked into multiple accounts that were hacked in the same way as yours. All of the orders placed on these hacked accounts were done so from the users own machines as we have login data that shows this. The attacker also immediately withdrew the stolen funds via the api. The attacker seems to also be using a VPN as their account has lots of different ip's for the login

Have you installed any wallet software within the past couple of days? Another one of the users said they had installed some items and even saw that the attacked cleared their log files (they were on linux), it could even be something like a browser extension. Any changes to the system....

Thank you,

Ryan

Interesting that they mention multiple accounts - that means that more than two were hacked... It looks like they must have used some sort of bot. Too many to manually bruteforce.

Multiple!


Title: Re: Two Bittrex accounts hacked today.
Post by: Spoetnik on April 03, 2016, 06:39:19 AM
it wasn't random.. you were targeted but by whom?

First guys i would suspect are Bittrex staff.. but i doubt they are behind it.
But IT is possible !

And if you use similar passwords on other sites then i bet one of the other sites staff targeted you.
See how these places can not be trusted?

Or you got nailed with a keylogger maybe.. they get posted here occasionally in wallets.
downloading any sketchy altcoin wallets?

If my password was compromised Bittrex would be getting blamed.
I use Password Depot to generate complicated & advanced 24 char random passwords.
So no one is going to guess it..

PS:
Watch out for ransomware guys.. they are on pretty much all OS's these days now. (even Mac's)

Good advice!!

Also, I read a story on a hacker he said that if ppl use passwords that auto complete, the kind in keychains. Then you don't type in the passwords and
key loggers never see what your typing.

Even with my 2fa I wait till the last second to type them in incase I'm being logged.

I think these days rootkits can be very sophisticated and hard to detect.
Not sure it would help but there are things you can use to help thwart more simple keyloggers.
I once put one on my own PC to spy on my slutty ex-girlfriend.
The one i used was called "Steel Keylogger" and it was free etc. (worked good too)  ;D
Point being is i know you could see it running in the processes list.
So a good thing to know is what every process running does and then verify them all.. keep tabs on them!
Another thing you can try doing..
Windows comes with a pre-installed onscreen-keyboard you can use your mouse to click on letters.
Kaspersky Password Manager and Antivirus etc has one too pretty sure.
(any OS should have something similar)

I like Password Depot for many reasons..
First off i think you can use it free perm with up to 20 passwords (or buy / pirate it)
The Android version is free though and cool too.
One of the cool things it has is an easy to use high quality password generator.
(right click tray icon & hit generate password)

It also monitors your clipboard for spying (will alert you if something is sniffing your password & prompt you to act)
The Manager window is pretty cool too.. nice layout and easy enough to add entries manually.
It has browser plugin(s) Chrome/FF etc but even if those don't work or are not wanted you can still
tap on the tray icon once then right click the pass entry and hit copy name / pass etc
So you can choose to have them auto filled out on sites or do it manually.

There is tools for security out there learn them and use them !
If you can remember the password it's probably crap LOL

One thing you can do is Run Sysinternals Sigcheck (Windows)
It is a command line tool that check Authenticode Digial Cert's on various files (also supports VirusTotal lookups)
So it would give you a list of suspicious files to go and Google etc
Just an example of how much stuff is out there.. Sysinternals + Nirsoft are great free windows programs.


Title: Re: Two Bittrex accounts hacked today.
Post by: Aesthete on April 03, 2016, 12:38:20 PM
yesterday my bittrex account was also hacked
14 btc were withdrawn through transactions with YBC and XDQ ://


Title: Re: Two Bittrex accounts hacked today.
Post by: jrpatking on April 03, 2016, 01:04:49 PM
It seems very weird. I feel sorry for all those who have lost funds. We need to immediately start a new thread here to deal with this issues. First thing is to get information from people who have lost to this hack. Second, they need to think and try to explain what they have done in the past two weeks like downloading apps, new website visits, browser extension installs, email subscriptions that they have made. So far, Bittrex since its beginning didn't fall into hacks. But it is happening now. People, please address your issues immediately.


Title: Re: Two Bittrex accounts hacked today.
Post by: Za1n on April 03, 2016, 01:15:15 PM
I had a small amount of alts on Bittrex that wasn't touched and I also didn't have 2FA enabled. I have since enabled it, but may move my few coins off there anyway. Cryptsy is still too fresh in my mind.


Title: Re: Two Bittrex accounts hacked today.
Post by: CosaNostra on April 03, 2016, 01:24:55 PM
Here is the answer I've got Bittrex:

Quote
   

Ryan Hentz (Bittrex)

Apr 2, 19:08

Hi,

Our records show that all orders placed on your account were done so from your typical login ip. This means the attacker somehow has access to your machine. Have you installed any new software recently? This includes things like browser plugins.

The attacker also immediately withdrew the coins from his account via the api. There is no way to recover the funds.

Please make sure to enable 2fa to protect your account from being breached in this way.

Thank you,

Ryan


The whole day I'm trying to find any traces in my local machines. Nothing so far  :(
Any findings, leigh2k14?


Title: Re: Two Bittrex accounts hacked today.
Post by: BitcoinHodler on April 03, 2016, 01:35:36 PM
this really sucks, i have to remember change my password and enable my 2fa, good thing is that i currently don't have anything on bittrex


Title: Re: Two Bittrex accounts hacked today.
Post by: leigh2k14 on April 03, 2016, 02:18:38 PM
yesterday my bittrex account was also hacked
14 btc were withdrawn through transactions with YBC and XDQ ://


That sucks man, sorry for your loss.

That makes 3 accounts accessed so far, there is a pattern forming.

Have you been in touch with bittrex?

Hmm, I'm starting to think that bittrex has been compromised.

I'm going to ask for proof that my account was accessed through my machine. I suggest you do the same.

This could be a bigger problem, than we think.


Title: Re: Two Bittrex accounts hacked today.
Post by: leigh2k14 on April 03, 2016, 02:21:03 PM
Here is the answer I've got Bittrex:

Quote
   

Ryan Hentz (Bittrex)

Apr 2, 19:08

Hi,

Our records show that all orders placed on your account were done so from your typical login ip. This means the attacker somehow has access to your machine. Have you installed any new software recently? This includes things like browser plugins.

The attacker also immediately withdrew the coins from his account via the api. There is no way to recover the funds.

Please make sure to enable 2fa to protect your account from being breached in this way.

Thank you,

Ryan


The whole day I'm trying to find any traces in my local machines. Nothing so far  :(
Any findings, leigh2k14?

I haven't found a thing yet mate, ask bittrex for proof that your account was accessed from your machine

If they are lying to us then the problem is on their end.


Title: Re: Two Bittrex accounts hacked today.
Post by: leigh2k14 on April 03, 2016, 02:26:57 PM
I just mailed the following to Bittrex:


Hi,

Please could you provide me with the logs my account as I wish to check weather or not my account was accessed from my machine.

So far there has been three people that have lost all their funds, that doesn't sound like a local machine that’s been compromised.

Leigh.



Title: Re: Two Bittrex accounts hacked today.
Post by: leigh2k14 on April 03, 2016, 02:29:14 PM
The thing is, that I haven't installed any wallets in the last few weeks, i've been keeping my coins on the exchanges.

Now there's been three hacks, it's puts suspicion that problem is on bittrex's end.



Title: Re: Two Bittrex accounts hacked today.
Post by: defined on April 03, 2016, 02:34:13 PM
It doesn't matter about the withdrawal, they set a high price on a coin that they own and dump your coins, then buy the coins from them selves, so no withdrawal.
This makes sense. It also means my exchange accounts are less secure than I thought.

I even see how anyone can profit from this: set a very high sale order on rare alt coins, and wait for a hacker to buy them all.

I have never heard of a keylogger existing on Linux
Keyloggers exist even in hardware:
https://www.keelog.com/images/wifi_hardware_keylogger_01.jpg

I have 1/8th of a bitcoin at bittrex, and it already makes me nervous having so much at an exchange. People with 8 to 14 btc must be trading a lot, otherwise it is much safer to withdraw to your own wallet.


Title: Re: Two Bittrex accounts hacked today.
Post by: Aesthete on April 03, 2016, 02:39:24 PM
yesterday my bittrex account was also hacked
14 btc were withdrawn through transactions with YBC and XDQ ://


That sucks man, sorry for your loss.

That makes 3 accounts accessed so far, there is a pattern forming.

Have you been in touch with bittrex?

Hmm, I'm starting to think that bittrex has been compromised.

I'm going to ask for proof that my account was accessed through my machine. I suggest you do the same.

This could be a bigger problem, than we think.
yes, they wrote me same as others "Unfortunately, there is nothing we can do to recover your funds" and "The attacker sold the coins from the same IP you typically login"

I think affected a lot more, but not all have understood it and found this thread


Title: Re: Two Bittrex accounts hacked today.
Post by: leigh2k14 on April 03, 2016, 02:47:21 PM
yesterday my bittrex account was also hacked
14 btc were withdrawn through transactions with YBC and XDQ ://


That sucks man, sorry for your loss.

That makes 3 accounts accessed so far, there is a pattern forming.

Have you been in touch with bittrex?

Hmm, I'm starting to think that bittrex has been compromised.

I'm going to ask for proof that my account was accessed through my machine. I suggest you do the same.

This could be a bigger problem, than we think.
yes, they wrote me same as others "Unfortunately, there is nothing we can do to recover your funds" and "The attacker sold the coins from the same IP you typically login"

I think affected a lot more, but not all have understood it and found this thread

I think it's a lot more than just us three, that would put the blame on bittrex's side, ask them for your logs.

Did you have 2fa enabled?


Title: Re: Two Bittrex accounts hacked today.
Post by: CosaNostra on April 03, 2016, 02:59:16 PM
Here is the answer I've got Bittrex:

Quote
   

Ryan Hentz (Bittrex)

Apr 2, 19:08

Hi,

Our records show that all orders placed on your account were done so from your typical login ip. This means the attacker somehow has access to your machine. Have you installed any new software recently? This includes things like browser plugins.

The attacker also immediately withdrew the coins from his account via the api. There is no way to recover the funds.

Please make sure to enable 2fa to protect your account from being breached in this way.

Thank you,

Ryan


The whole day I'm trying to find any traces in my local machines. Nothing so far  :(
Any findings, leigh2k14?

I haven't found a thing yet mate, ask bittrex for proof that your account was accessed from your machine

If they are lying to us then the problem is on their end.

Sure, I've asked for the logs, because I see not any single evidence of intrusion locally.


Title: Re: Two Bittrex accounts hacked today.
Post by: leigh2k14 on April 03, 2016, 03:07:42 PM
Just got this reply from bittrex:


 Ryan Hentz (Bittrex)

Apr 3, 07:38

Hi,

It doesn't matter how many have lost their funds, if you all downloaded the same software it makes perfect senses.

I'll get this to someone who can send you the login history data.

Thank you,

Ryan




Title: Re: Two Bittrex accounts hacked today.
Post by: leigh2k14 on April 03, 2016, 03:09:57 PM
The thing is that I stupidly been keeping my coins on the exchange, I haven't downloaded a wallet for several weeks, even then because i'm a linux  user, I always compile from github source.


Title: Re: Two Bittrex accounts hacked today.
Post by: Aesthete on April 03, 2016, 03:10:48 PM
..
Did you have 2fa enabled?
no  :'(


Title: Re: Two Bittrex accounts hacked today.
Post by: Namrekka on April 03, 2016, 03:11:44 PM
Did you use a public wifi spot?
Is your wifi in your house protected?
How many persons do have access in your (home)network?


Title: Re: Two Bittrex accounts hacked today.
Post by: leigh2k14 on April 03, 2016, 03:17:25 PM
Did you use a public wifi spot?
Is your wifi in your house protected?
How many persons do have access in your (home)network?


I'm on my home network, cable only, wifi is disabled, I don't like to use it. Due to the security and health implications.

Only I have access to the network.


Title: Re: Two Bittrex accounts hacked today.
Post by: leigh2k14 on April 03, 2016, 03:18:28 PM
..
Did you have 2fa enabled?
no  :'(

I thought so.


Title: Re: Two Bittrex accounts hacked today.
Post by: Spoetnik on April 03, 2016, 03:27:03 PM
hmm interesting how this is turning out.
I have sort of known Ryan and chatted with him a bunch of times last few years.
And best i could tell he seemed like an honest guy.

I last talked to him i think on Cryptsy's Freenode IRC channel.
Where i do know Bittrex-Ritchie hangs out (and i believe is higher up than Ryan)

SO you *may get answers if you go on IRC and find Ritchie.

So i checked my account and it was fine and i have no 2fa either.
I also have maybe $20 worth of coins LOL

But this got me thinking if a hacker is trying multiple accounts
why has no one come forward saying they got alerts from failed login attempts ?
Like how would you know the account has 2fa or not unless you TRIED logging in?
Like i have used my email on places and i notice some attempts randomly to get into my Steam account (all failed)
Point being is i get a validation email + warning etc.

So if no one is getting any alerts then how the fuck does the hacker
know how to choose only accounts with no 2fa.. unless they work there LOL

I could work at an exchange then rip-off all kinds of guys and i would of course pick the guys with no 2fa
then i would tell them all well you got hacked noobs.. fix your Norton + updates yur Bitcointalk !


Title: Re: Two Bittrex accounts hacked today.
Post by: leigh2k14 on April 03, 2016, 03:33:02 PM
hmm interesting how this is turning out.
I have sort of known Ryan and chatted with him a bunch of times last few years.
And best i could tell he seemed like an honest guy.

I last talked to him i think on Cryptsy's Freenode IRC channel.
Where i do know Bittrex-Ritchie hangs out (and i believe is higher up than Ryan)

SO you *may get answers if you go on IRC and find Ritchie.

So i checked my account and it was fine and i have no 2fa either.
I also have maybe $20 worth of coins LOL

But this got me thinking if a hacker is trying multiple accounts
why has no one come forward saying they got alerts from failed login attempts ?
Like how would you know the account has 2fa or not unless you TRIED logging in?
Like i have used my email on places and i notice some attempts randomly to get into my Steam account (all failed)
Point being is i get a validation email + warning etc.

So if no one is getting any alerts then how the fuck does the hacker
know how to choose only accounts with no 2fa.. unless they work there LOL

I could work at an exchange then rip-off all kinds of guys and i would of course pick the guys with no 2fa
then i would tell them all well you got hacked noobs.. fix your Norton + updates yur Bitcointalk !

Interesting theories, i'm leaning towards, the bittrex servers being compromised, and the hacker is picking off all the accounts without 2fa with at least 1BTC in them. I think your $20 is safe lol.


On other exchanges, I get login successful or failed email notifications, not on bittrex though.

How does the attacker know if the account has 2fa? Unless they try logging on to them one by one.


Title: Re: Two Bittrex accounts hacked today.
Post by: alyssa85 on April 03, 2016, 03:46:12 PM
The thing is that I stupidly been keeping my coins on the exchange, I haven't downloaded a wallet for several weeks, even then because i'm a linux  user, I always compile from github source.

What was the last wallet you downloaded? Which coin, I mean. Same question to the others who were hacked.


Title: Re: Two Bittrex accounts hacked today.
Post by: leigh2k14 on April 03, 2016, 03:51:31 PM
The thing is that I stupidly been keeping my coins on the exchange, I haven't downloaded a wallet for several weeks, even then because i'm a linux  user, I always compile from github source.

What was the last wallet you downloaded? Which coin, I mean. Same question to the others who were hacked.

Last wallet I compiled on this machine was Britcoin, I know the devs on that one plus I got the source from github. That was about a month or more ago.


Title: Re: Two Bittrex accounts hacked today.
Post by: richiela on April 03, 2016, 04:21:07 PM
hmm interesting how this is turning out.
I have sort of known Ryan and chatted with him a bunch of times last few years.
And best i could tell he seemed like an honest guy.

I last talked to him i think on Cryptsy's Freenode IRC channel.
Where i do know Bittrex-Ritchie hangs out (and i believe is higher up than Ryan)

SO you *may get answers if you go on IRC and find Ritchie.

So i checked my account and it was fine and i have no 2fa either.
I also have maybe $20 worth of coins LOL

But this got me thinking if a hacker is trying multiple accounts
why has no one come forward saying they got alerts from failed login attempts ?
Like how would you know the account has 2fa or not unless you TRIED logging in?
Like i have used my email on places and i notice some attempts randomly to get into my Steam account (all failed)
Point being is i get a validation email + warning etc.

So if no one is getting any alerts then how the fuck does the hacker
know how to choose only accounts with no 2fa.. unless they work there LOL

I could work at an exchange then rip-off all kinds of guys and i would of course pick the guys with no 2fa
then i would tell them all well you got hacked noobs.. fix your Norton + updates yur Bitcointalk !

Interesting theories, i'm leaning towards, the bittrex servers being compromised, and the hacker is picking off all the accounts without 2fa with at least 1BTC in them. I think your $20 is safe lol.


On other exchanges, I get login successful or failed email notifications, not on bittrex though.

How does the attacker know if the account has 2fa? Unless they try logging on to them one by one.

Firstly, please stop trying to generate fud; its completely unproductive.  If our servers were compromised, there are way easier ways to get your money out.  It doesn't make any sense. What I can tell you is that there have been multiple accounts hacked with the same pattern, all within the last 48 hours.  I can also tell you that none of the affected accounts had logins from suspicious or unknown IPs which leads us to believe it is a rooted machine vs credential lost.  Lastly, this isn't specific to an OS based on the UA strings we've seen which points to some kind of browser plugin/toolbar.   Please crowdsource this to figure out commonalities and please turn on 2fa if you do not have it on.

Thanks
richie@bittrex


Title: Re: Two Bittrex accounts hacked today.
Post by: btcxyzzz on April 03, 2016, 04:25:15 PM
Using Windows crap OS?


Title: Re: Two Bittrex accounts hacked today.
Post by: leigh2k14 on April 03, 2016, 04:34:54 PM
hmm interesting how this is turning out.
I have sort of known Ryan and chatted with him a bunch of times last few years.
And best i could tell he seemed like an honest guy.

I last talked to him i think on Cryptsy's Freenode IRC channel.
Where i do know Bittrex-Ritchie hangs out (and i believe is higher up than Ryan)

SO you *may get answers if you go on IRC and find Ritchie.

So i checked my account and it was fine and i have no 2fa either.
I also have maybe $20 worth of coins LOL

But this got me thinking if a hacker is trying multiple accounts
why has no one come forward saying they got alerts from failed login attempts ?
Like how would you know the account has 2fa or not unless you TRIED logging in?
Like i have used my email on places and i notice some attempts randomly to get into my Steam account (all failed)
Point being is i get a validation email + warning etc.

So if no one is getting any alerts then how the fuck does the hacker
know how to choose only accounts with no 2fa.. unless they work there LOL

I could work at an exchange then rip-off all kinds of guys and i would of course pick the guys with no 2fa
then i would tell them all well you got hacked noobs.. fix your Norton + updates yur Bitcointalk !

Interesting theories, i'm leaning towards, the bittrex servers being compromised, and the hacker is picking off all the accounts without 2fa with at least 1BTC in them. I think your $20 is safe lol.


On other exchanges, I get login successful or failed email notifications, not on bittrex though.

How does the attacker know if the account has 2fa? Unless they try logging on to them one by one.

Firstly, please stop trying to generate fud; its completely unproductive.  If our servers were compromised, there are way easier ways to get your money out.  It doesn't make any sense. What I can tell you is that there have been multiple accounts hacked with the same pattern, all within the last 48 hours.  I can also tell you that none of the affected accounts had logins from suspicious or unknown IPs which leads us to believe it is a rooted machine vs credential lost.  Lastly, this isn't specific to an OS based on the UA strings we've seen which points to some kind of browser plugin/toolbar.   Please crowdsource this to figure out commonalities and please turn on 2fa if you do not have it on.

Thanks
richie@bittrex

Thanks for the reply richie.

Means this is a cross platform attack, and the attack was from user IP's (yet to be confirmed) some sort of browser plugin hack makes more sense.

Just checked my browser plugis in firefox, I didn't see anything that wasn't supposed to be there, that being said they could of modified an existing plugin.

please mail the effected users with their login logs so we can double check that it was an attack initiated from our local machines.

So how many accounts have been effected?

I suggest that all people effected reformat your OS, it can't be trusted anymore.



Title: Re: Two Bittrex accounts hacked today.
Post by: leigh2k14 on April 03, 2016, 04:47:14 PM
I just had a thought, if this attack was initiated from my machine, then why wasn't any other of my exchange accounts effected? Why just bittrex?


Title: Re: Two Bittrex accounts hacked today.
Post by: richiela on April 03, 2016, 05:10:51 PM
I just had a thought, if this attack was initiated from my machine, then why wasn't any other of my exchange accounts effected? Why just bittrex?


I can't say exactly how many accounts were affected, but it is an uptick from our normal volumes.  I have no clue why nothing else was affected, but I've sent your logs to you via the ticket.  If you want to ask any other questions, feel free to find us in our slack - slack.bittrex.com.

thanks,
richie@bittrex


Title: Re: Two Bittrex accounts hacked today.
Post by: leigh2k14 on April 03, 2016, 05:31:46 PM
I just had a thought, if this attack was initiated from my machine, then why wasn't any other of my exchange accounts effected? Why just bittrex?


I can't say exactly how many accounts were affected, but it is an uptick from our normal volumes.  I have no clue why nothing else was affected, but I've sent your logs to you via the ticket.  If you want to ask any other questions, feel free to find us in our slack - slack.bittrex.com.

thanks,
richie@bittrex

Please keep us updated if you find out any more info.

Errrr, I feel violated :P


Title: Re: Two Bittrex accounts hacked today.
Post by: Rune on April 03, 2016, 05:42:37 PM
don't use the same password at multiple exchanges or with pools.
prob best to use something like last pass

and always use 2fa


Title: Re: Two Bittrex accounts hacked today.
Post by: CosaNostra on April 03, 2016, 05:59:56 PM
hmm interesting how this is turning out.
I have sort of known Ryan and chatted with him a bunch of times last few years.
And best i could tell he seemed like an honest guy.

I last talked to him i think on Cryptsy's Freenode IRC channel.
Where i do know Bittrex-Ritchie hangs out (and i believe is higher up than Ryan)

SO you *may get answers if you go on IRC and find Ritchie.

So i checked my account and it was fine and i have no 2fa either.
I also have maybe $20 worth of coins LOL

But this got me thinking if a hacker is trying multiple accounts
why has no one come forward saying they got alerts from failed login attempts ?
Like how would you know the account has 2fa or not unless you TRIED logging in?
Like i have used my email on places and i notice some attempts randomly to get into my Steam account (all failed)
Point being is i get a validation email + warning etc.

So if no one is getting any alerts then how the fuck does the hacker
know how to choose only accounts with no 2fa.. unless they work there LOL

I could work at an exchange then rip-off all kinds of guys and i would of course pick the guys with no 2fa
then i would tell them all well you got hacked noobs.. fix your Norton + updates yur Bitcointalk !

Interesting theories, i'm leaning towards, the bittrex servers being compromised, and the hacker is picking off all the accounts without 2fa with at least 1BTC in them. I think your $20 is safe lol.


On other exchanges, I get login successful or failed email notifications, not on bittrex though.

How does the attacker know if the account has 2fa? Unless they try logging on to them one by one.

Firstly, please stop trying to generate fud; its completely unproductive.  If our servers were compromised, there are way easier ways to get your money out.  It doesn't make any sense. What I can tell you is that there have been multiple accounts hacked with the same pattern, all within the last 48 hours.  I can also tell you that none of the affected accounts had logins from suspicious or unknown IPs which leads us to believe it is a rooted machine vs credential lost.  Lastly, this isn't specific to an OS based on the UA strings we've seen which points to some kind of browser plugin/toolbar.   Please crowdsource this to figure out commonalities and please turn on 2fa if you do not have it on.

Thanks
richie@bittrex

UNKNOWN_IP_LOGOFF 109.93.135.147 Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/49.0.2623.110 Safari/537.36 2016-04-01 15:06:14.713
LOGIN 194.204.45.101 Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/49.0.2623.110 Safari/537.36 2016-04-01 14:01:36.360




Title: Re: Two Bittrex accounts hacked today.
Post by: leigh2k14 on April 03, 2016, 06:05:36 PM
hmm interesting how this is turning out.
I have sort of known Ryan and chatted with him a bunch of times last few years.
And best i could tell he seemed like an honest guy.

I last talked to him i think on Cryptsy's Freenode IRC channel.
Where i do know Bittrex-Ritchie hangs out (and i believe is higher up than Ryan)

SO you *may get answers if you go on IRC and find Ritchie.

So i checked my account and it was fine and i have no 2fa either.
I also have maybe $20 worth of coins LOL

But this got me thinking if a hacker is trying multiple accounts
why has no one come forward saying they got alerts from failed login attempts ?
Like how would you know the account has 2fa or not unless you TRIED logging in?
Like i have used my email on places and i notice some attempts randomly to get into my Steam account (all failed)
Point being is i get a validation email + warning etc.

So if no one is getting any alerts then how the fuck does the hacker
know how to choose only accounts with no 2fa.. unless they work there LOL

I could work at an exchange then rip-off all kinds of guys and i would of course pick the guys with no 2fa
then i would tell them all well you got hacked noobs.. fix your Norton + updates yur Bitcointalk !

Interesting theories, i'm leaning towards, the bittrex servers being compromised, and the hacker is picking off all the accounts without 2fa with at least 1BTC in them. I think your $20 is safe lol.


On other exchanges, I get login successful or failed email notifications, not on bittrex though.

How does the attacker know if the account has 2fa? Unless they try logging on to them one by one.

Firstly, please stop trying to generate fud; its completely unproductive.  If our servers were compromised, there are way easier ways to get your money out.  It doesn't make any sense. What I can tell you is that there have been multiple accounts hacked with the same pattern, all within the last 48 hours.  I can also tell you that none of the affected accounts had logins from suspicious or unknown IPs which leads us to believe it is a rooted machine vs credential lost.  Lastly, this isn't specific to an OS based on the UA strings we've seen which points to some kind of browser plugin/toolbar.   Please crowdsource this to figure out commonalities and please turn on 2fa if you do not have it on.

Thanks
richie@bittrex

UNKNOWN_IP_LOGOFF 109.93.135.147 Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/49.0.2623.110 Safari/537.36 2016-04-01 15:06:14.713
LOGIN 194.204.45.101 Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/49.0.2623.110 Safari/537.36 2016-04-01 14:01:36.360




I just noticed something similar on my logs:

LOGIN 87.126.174.177 Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/49.0.2623.110 Safari/537.36 2016-04-02 11:59:37.770

That's not my browser, this is me:

LOGIN **.**.76.98 Mozilla/5.0 (X11; Ubuntu; Linux i686; rv:36.0) Gecko/20100101 Firefox/36.0 2016-04-02 12:45:36.673


Title: Re: Two Bittrex accounts hacked today.
Post by: CosaNostra on April 03, 2016, 06:10:35 PM
I just had a thought, if this attack was initiated from my machine, then why wasn't any other of my exchange accounts effected? Why just bittrex?

Good question, indeed!
Now when I have changed all passwords, turned on 2FA all over even for my microwave, bought big pack of condoms and such, may I also ask the same: why only bittrex?


Title: Re: Two Bittrex accounts hacked today.
Post by: leigh2k14 on April 03, 2016, 06:13:38 PM
I just had a thought, if this attack was initiated from my machine, then why wasn't any other of my exchange accounts effected? Why just bittrex?

Good question, indeed!
Now when I have changed all passwords, turned on 2FA all over even for my microwave, bought big pack of condoms and such, may I also ask the same: why only bittrex?

You might wanna double bag those condoms, just to be sure.


Title: Re: Two Bittrex accounts hacked today.
Post by: illodin on April 03, 2016, 06:26:15 PM
Firstly, please stop trying to generate fud; its completely unproductive.  If our servers were compromised, there are way easier ways to get your money out.  It doesn't make any sense.

Sure, but they are also ways which make it apparent the site has been compromised. If an employee does it the way described above, and cleans a few accounts every now and then and everyone blames the users getting hacked client side, he can keep low profile and keep earning a little extra on the side.

Or, a conspiracy theorist might think it's the Google's way to push people to link their identities to exchange accounts via the 2fa service.


What I can tell you is that there have been multiple accounts hacked with the same pattern, all within the last 48 hours.  I can also tell you that none of the affected accounts had logins from suspicious or unknown IPs which leads us to believe it is a rooted machine vs credential lost.

Are these unknown IPs or IPs these users usually log in from?

UNKNOWN_IP_LOGOFF 109.93.135.147 Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/49.0.2623.110 Safari/537.36 2016-04-01 15:06:14.713
LOGIN 194.204.45.101 Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/49.0.2623.110 Safari/537.36 2016-04-01 14:01:36.360

I just noticed something similar on my logs:

LOGIN 87.126.174.177 Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/49.0.2623.110 Safari/537.36 2016-04-02 11:59:37.770

That's not my browser, this is me:

LOGIN **.**.76.98 Mozilla/5.0 (X11; Ubuntu; Linux i686; rv:36.0) Gecko/20100101 Firefox/36.0 2016-04-02 12:45:36.673


Title: Re: Two Bittrex accounts hacked today.
Post by: eaLiTy on April 03, 2016, 06:34:04 PM
leigh2k14,

Did you use the same email and password for any mining pool or other sites?

No, I haven't mined for quite some time.

It's unique to bittrex.

so are you telling that your computer was hacked and that is how you lost your BTC's right . if you are having an unique password for bittrex then it is the only possible way.


Title: Re: Two Bittrex accounts hacked today.
Post by: leigh2k14 on April 03, 2016, 06:40:36 PM
leigh2k14,

Did you use the same email and password for any mining pool or other sites?

No, I haven't mined for quite some time.

It's unique to bittrex.

so are you telling that your computer was hacked and that is how you lost your BTC's right . if you are having an unique password for bittrex then it is the only possible way.

We are still trying to establish weather it was our machines that were hacked or bittrex, having a password unique to bittrex doesn't make it un hackable.


Title: Re: Two Bittrex accounts hacked today.
Post by: CosaNostra on April 03, 2016, 07:06:30 PM
leigh2k14,

Did you use the same email and password for any mining pool or other sites?

No, I haven't mined for quite some time.

It's unique to bittrex.

so are you telling that your computer was hacked and that is how you lost your BTC's right . if you are having an unique password for bittrex then it is the only possible way.

We are still trying to establish weather it was our machines that were hacked or bittrex, having a password unique to bittrex doesn't make it un hackable.

I guess it's time to change the subject to "ALERT! Multiple Bittrex accounts hacked, TURN ON 2FA!!!"


Title: Re: Two Bittrex accounts hacked today.
Post by: Hi7 on April 03, 2016, 07:08:19 PM
Don't have 2fa enabled yet, should probably do that anytime soon haha.


Title: Re: Two Bittrex accounts hacked today.
Post by: Waldozaur12 on April 03, 2016, 07:17:23 PM
I lost 0.58 BTC on Bittrex 1 year ago . 2FA it was disabled. I have no problems when I Turn on 2fa.


Title: Re: Two Bittrex accounts hacked today.
Post by: CosaNostra on April 03, 2016, 07:18:11 PM
Don't have 2fa enabled yet, should probably do that anytime soon haha.

It's not haha, it's fucking serious...


Title: Re: Two Bittrex accounts hacked today.
Post by: Master_dandosha on April 03, 2016, 07:18:42 PM
Don't have 2fa enabled yet, should probably do that anytime soon haha.
IF you read the first post you will notice this
Lesson learned
no place for haha here


Title: Re: Two Bittrex accounts hacked today.
Post by: Master_dandosha on April 03, 2016, 07:23:23 PM
Don't have 2fa enabled yet, should probably do that anytime soon haha.

It's not haha, it's fucking serious...
never mind and forget about him . there are some nooob doing this every time..it is very series here for many of us because i am using bittrex for my daily trading since 2014


Title: Re: Two Bittrex accounts hacked today.
Post by: shinep on April 03, 2016, 08:07:48 PM
Does anyone know if it easy to disable 2FA in case you lose your phone?


Title: Re: Two Bittrex accounts hacked today.
Post by: Spoetnik on April 03, 2016, 08:29:05 PM
This is a weird mystery and where is the report(s) of failed login attempts.
AKA:email notifications on 2Fa users.. get it?

Apparently i am FUD'ing..
I like to call it Scientific procedure.

Being an inside job at Bittrex has not been ruled out.
Nor has Bittrex itself being hacked.
Sorry Bittrex guys but that is the truth.. your "word" is just not going to cut it.

I wish i had local access to all machines to check them out for you all.

I'd like to see the OP maybe build a profile of sorts.
Start by listing any downloaded/Compiled crypto programs such as Miners or Wallets.
And maybe list your Browser + OS too.. and if 2FA was on. (plus IP's of course)

What is it here now 3 guys that have come forward?

From the sounds of it i think the blame is either on Bittrex or the local users.
And more & more i am thinking it was a staff member behind it.
Maybe skimming account funds for ages with "you got hacked" stories.
But who ever is doing it, started doing it too much lately.

Bittrex you don't get the benefit of the doubt.. nobody in Crypto does.
That is what i call common-sense.


Title: Re: Two Bittrex accounts hacked today.
Post by: leigh2k14 on April 03, 2016, 08:29:36 PM
Does anyone know if it easy to disable 2FA in case you lose your phone?

You need to write the private key on some paper and store it in a safe place, doesn't matter if you lose your phone then.


Title: Re: Two Bittrex accounts hacked today.
Post by: chiznitz on April 03, 2016, 08:30:07 PM
Does anyone know if it easy to disable 2FA in case you lose your phone?

I do pretty much all of the 2FA resets.

There are 2 options here.  When you enable 2fa we display the Secret Key. If you write that key down and keep it in a safe place you can use it to enable 2fa from a different device or a new phone when you get it.

The second option will require you to provide us with some information about your account.

Please provide us with the following information.  Note that the higher the account value, the more details we will require.
1) Recent ip addresses you have logged into site with (You can find this by visiting, https://goo.gl/X3dxsh )
2) Recent transaction ids for any withdrawals and deposits you have made to Bittrex
3) Recent balances in your account

For Accounts valued at over $1000 USD we will require additional information for proof of identity.

1) 2 forms of government identification and a selfie of you holding one of those identifications where we can match your face. Please make sure the text on your ID is readable in all photos.




Lastly, for those of you turning on 2fa, please make sure you do so from a computer that may not be compromised.  If the attacker has access to your computer they may be able to see the secret key when you turn on 2fa and add it to their own device.   So again, please make sure you are turning on 2fa from a freshly installed OS or a machine that was not possibly part of your accounts compromise.

Thanks,

Ryan @ Bittrex


Title: Re: Two Bittrex accounts hacked today.
Post by: leigh2k14 on April 03, 2016, 08:36:12 PM
This is a weird mystery and where is the report(s) of failed login attempts.
AKA:email notifications on 2Fa users.. get it?

Apparently i am FUD'ing..
I like to call it Scientific procedure.

Being an inside job at Bittrex has not been ruled out.
Nor has Bittrex itself being hacked.
Sorry Bittrex guys but that is the truth.. your "word" is just not going to cut it.

I wish i had local access to all machines to check them out for you all.

I'd like to see the OP maybe build a profile of sorts.
Start by listing any downloaded/Compiled crypto programs such as Miners or Wallets.
And maybe list your Browser + OS too.. and if 2FA was on. (plus IP's of course)

What is it here now 3 guys that have come forward?

From the sounds of it i think the blame is either on Bittrex or the local users.
And more & more i am thinking it was a staff member behind it.
Maybe skimming account funds for ages with "you got hacked" stories.
But who ever is doing it, started doing it too much lately.

Bittrex you don't get the benefit of the doubt.. nobody in Crypto does.
That is what i call common-sense.

I hope that your theory is not true, bittrex has been a pretty solid exchange, but if it is true then it would be the end for them.

Even if it was true, how would we prove it?


Title: Re: Two Bittrex accounts hacked today.
Post by: richiela on April 03, 2016, 08:44:02 PM

Firstly, please stop trying to generate fud; its completely unproductive.  If our servers were compromised, there are way easier ways to get your money out.  It doesn't make any sense. What I can tell you is that there have been multiple accounts hacked with the same pattern, all within the last 48 hours.  I can also tell you that none of the affected accounts had logins from suspicious or unknown IPs which leads us to believe it is a rooted machine vs credential lost.  Lastly, this isn't specific to an OS based on the UA strings we've seen which points to some kind of browser plugin/toolbar.   Please crowdsource this to figure out commonalities and please turn on 2fa if you do not have it on.

Thanks
richie@bittrex

Looks like i was mistaken... after a couple ticket responses and going back further in some cases... there have been login from IPs unknown.  Please focus on finding a common denominator to these attacks.

@spoetnik: it is complete fud and you know it.  scientific procedures requires actual proof.  I can tell you that we have not been hacked because the ramifications would be way worse and more evident.  It is also not possible for it to be an insider because there are only 4 (3 founders + chiznitz) of us that work here. All of us have much easier ways to steal money if we wanted to.  If you have actual proof, please provide it;  if not, lets focus on a common denominator.  I'd like an answer to this as much as everyone else.

richie@bittrex


Title: Re: Two Bittrex accounts hacked today.
Post by: leigh2k14 on April 03, 2016, 08:53:26 PM


Looks like i was mistaken... after a couple ticket responses and going back further in some cases... there have been login from IPs unknown.  Please focus on finding a common denominator to these attacks.


richie@bittrex

So my machine wasn't compromised.

UNKNOWN_IP_LOGOFF 134.3.254.67 Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/49.0.2623.110 Safari/537.36 2016-04-02 11:17:09.710

So how about reimbursing my coins?

1300 rads
800 exp
15000 aur
333,000 bcr


Title: Re: Two Bittrex accounts hacked today.
Post by: richiela on April 03, 2016, 09:16:13 PM


Looks like i was mistaken... after a couple ticket responses and going back further in some cases... there have been login from IPs unknown.  Please focus on finding a common denominator to these attacks.


richie@bittrex

So my machine wasn't compromised.

UNKNOWN_IP_LOGOFF 134.3.254.67 Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/49.0.2623.110 Safari/537.36 2016-04-02 11:17:09.710

So how about reimbursing my coins?

1300 rads
800 exp
15000 aur
333,000 bcr

That just means someone was able to get your l/p ... nothing has changed... not sure why you think it has.


Title: Re: Two Bittrex accounts hacked today.
Post by: leigh2k14 on April 03, 2016, 09:30:27 PM


Looks like i was mistaken... after a couple ticket responses and going back further in some cases... there have been login from IPs unknown.  Please focus on finding a common denominator to these attacks.


richie@bittrex

So my machine wasn't compromised.

UNKNOWN_IP_LOGOFF 134.3.254.67 Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/49.0.2623.110 Safari/537.36 2016-04-02 11:17:09.710

So how about reimbursing my coins?

1300 rads
800 exp
15000 aur
333,000 bcr

That just means someone was able to get your l/p ... nothing has changed... not sure why you think it has.

So don't take any responsibility towards your users funds?


Title: Re: Two Bittrex accounts hacked today.
Post by: richiela on April 03, 2016, 09:34:08 PM


Looks like i was mistaken... after a couple ticket responses and going back further in some cases... there have been login from IPs unknown.  Please focus on finding a common denominator to these attacks.


richie@bittrex

So my machine wasn't compromised.

UNKNOWN_IP_LOGOFF 134.3.254.67 Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/49.0.2623.110 Safari/537.36 2016-04-02 11:17:09.710

So how about reimbursing my coins?

1300 rads
800 exp
15000 aur
333,000 bcr

That just means someone was able to get your l/p ... nothing has changed... not sure why you think it has.

So don't take any responsibility towards your users funds?

We absolutely do, but if you lost your login/password and don't have 2fa enabled, there is nothing we can do.  I'm trying to help you guys find a common denominator which is why I jumped on this thread.  If it is going to turn into something unproductive, i'm happy to disengage.

richie@bittrex


Title: Re: Two Bittrex accounts hacked today.
Post by: leigh2k14 on April 03, 2016, 09:41:27 PM


Looks like i was mistaken... after a couple ticket responses and going back further in some cases... there have been login from IPs unknown.  Please focus on finding a common denominator to these attacks.


richie@bittrex

So my machine wasn't compromised.

UNKNOWN_IP_LOGOFF 134.3.254.67 Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/49.0.2623.110 Safari/537.36 2016-04-02 11:17:09.710

So how about reimbursing my coins?

1300 rads
800 exp
15000 aur
333,000 bcr

That just means someone was able to get your l/p ... nothing has changed... not sure why you think it has.

So don't take any responsibility towards your users funds?

We absolutely do, but if you lost your login/password and don't have 2fa enabled, there is nothing we can do.  I'm trying to help you guys find a common denominator which is why I jumped on this thread.  If it is going to turn into something unproductive, i'm happy to disengage.

richie@bittrex

Good swerve.

I don't think my machine was compromised, I didn't down load any dodgy software all my software comes from official repos or github.

The login log files shown it wasn't just my browser logged in yesterday.

I will admit that I did not have 2fa enabled, that was my only mistake. Why not make 2fa mandatory?

You can disengage, you and your exchange are losing creditability by the second.


Title: Re: Multiple Bittrex accounts hacked everyone enable 2fa
Post by: leigh2k14 on April 03, 2016, 10:12:13 PM
Here are my log files, obviously I had to obfuscate my IP because of the crazies in here:

LOGIN **.**.76.98 Mozilla/5.0 (X11; Ubuntu; Linux i686; rv:36.0) Gecko/20100101 Firefox/36.0 2016-04-03 02:43:00.480
DISABLE_2FA **.**.76.98 Mozilla/5.0 (Windows NT 6.1; rv:23.0) Gecko/20131011 Firefox/23.0 2016-04-02 14:18:16.347
DISABLE_2FA **.**.76.98 Mozilla/5.0 (Windows NT 6.1; rv:23.0) Gecko/20131011 Firefox/23.0 2016-04-02 14:16:15.100
ENABLE_2FA **.**.76.98 Mozilla/5.0 (Windows NT 6.1; rv:23.0) Gecko/20131011 Firefox/23.0 2016-04-02 14:01:28.287
PENDING_2FA **.**.76.98 Mozilla/5.0 (Windows NT 6.1; rv:23.0) Gecko/20131011 Firefox/23.0 2016-04-02 14:00:58.077
IMAGE_INITIATE_NETVERIFY **.**.76.98 Mozilla/5.0 (X11; Ubuntu; Linux i686; rv:36.0) Gecko/20100101 Firefox/36.0 2016-04-02 13:05:29.767
LOGIN **.**.76.98 Mozilla/5.0 (X11; Ubuntu; Linux i686; rv:36.0) Gecko/20100101 Firefox/36.0 2016-04-02 12:45:36.673
LOGOFF 194.103.142.82 Mozilla/5.0 (Windows NT 6.1) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/49.0.2623.110 Safari/537.36 2016-04-02 12:43:57.787
LOGOFF **.**.76.98 Mozilla/5.0 (X11; Ubuntu; Linux i686; rv:36.0) Gecko/20100101 Firefox/36.0 2016-04-02 12:39:41.187
LOGOFF 87.126.174.177 Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/49.0.2623.110 Safari/537.36 2016-04-02 12:36:58.877
LOGIN 109.176.195.67 Mozilla/5.0 (Windows NT 6.1; WOW64; rv:44.0) Gecko/20100101 Firefox/44.0 2016-04-02 12:31:41.697
LOGIN **.**.76.98 Mozilla/5.0 (X11; Ubuntu; Linux i686; rv:36.0) Gecko/20100101 Firefox/36.0 2016-04-02 12:31:30.597
LOGOFF **.**.76.98 Mozilla/5.0 (X11; Ubuntu; Linux i686; rv:36.0) Gecko/20100101 Firefox/36.0 2016-04-02 12:31:12.633
LOGIN 194.103.142.82 Mozilla/5.0 (Windows NT 6.1) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/49.0.2623.110 Safari/537.36 2016-04-02 12:13:55.107
LOGIN 87.126.174.177 Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/49.0.2623.110 Safari/537.36 2016-04-02 11:59:37.770
UNKNOWN_IP_LOGOFF 134.3.254.67 Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/49.0.2623.110 Safari/537.36 2016-04-02 11:17:09.710
LOGIN 109.91.101.14 Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/49.0.2623.110 Safari/537.36 2016-04-02 11:15:17.143
LOGIN **.**.76.98 Mozilla/5.0 (X11; Ubuntu; Linux i686; rv:36.0) Gecko/20100101 Firefox/36.0 2016-04-01 19:20:22.410
LOGIN **.**.76.98 Mozilla/5.0 (Windows NT 6.1; rv:23.0) Gecko/20131011 Firefox/23.0 2016-04-01 16:03:34.063
LOGIN 2.100.168.93 Mozilla/5.0 (Windows NT 6.1; rv:23.0) Gecko/20131011 Firefox/23.0 2016-04-01 05:15:42.980

I have two machines, one in my bedroom run linux mint:

Mozilla/5.0 (X11; Ubuntu; Linux i686; rv:36.0) Gecko/20100101 Firefox/36.0

The one in my living room also runs mint but I had to change the UI to get netflix to run:

Mozilla/5.0 (Windows NT 6.1; rv:23.0) Gecko/20131011 Firefox/23.0


Title: Re: Multiple Bittrex accounts hacked everyone enable 2fa
Post by: Spoetnik on April 03, 2016, 10:36:45 PM
Ritchie i am trying to be nice but your being a fucking asshole man.
And i have seen you crying FUD on IRC too.. so i think you have a history on that already.

FUD = an attempt to smear a coin or service with untrue information.
That is what we generally think it means (although i disagree entirely and stand by the classic definition)
Which is = F. U. D.
What would those there words mean in the Context of Altcoins and their associated services
and would it be relevant ?
YES.
With the track record of supposedly Legit exchanges you bet your damn ass FUD is warranted.
And no sorry no there is no way in hell Bittrex deserves the benefit of the doubt.
No exchange or service in Crypto does.
And know what Bittrex-Ritchie?
These guys all agree with me but they just won't say it.

So you can drop this whole crying FUD routine buddy that shit is not going to fly
and if anything will make you look overly defensive.

Further more i would expect someone who runs an exchange to be a bit smarter.
The procedure of Science has not changed for 100's of years since Al Hazen literally wrote the book on it.
I know all about it and you DO NOT.
http://en.wikipedia.org/wiki/Al_Hazen
He is the FATHER of science and wrote the rule book on scientific examination..
Which is precisely what a smart person does when confronted with a mystery.

@Ritchie you have shown us you do not comprehend much here bud.
You do not collect proven FACTS to examine info to see if it's a fact  ;D
That is bloody retarded beyond belief and i can't fucking believe you would even say that.

Ritchie you said that and it's fucking stupid.. so stupid i can't even be bothered to read the rest of it.
You lost you credibility with me now. You are coming across super dumb here.
And overly defensive which may or may not be a bad thing.

Quote
@spoetnik: it is complete fud and you know it.  scientific procedures requires actual proof.

Scientific procedures DO NOT require ACTUAL "proof"
Because the entire point of Scientific procedure.. IS TO FIND THE TRUTH !
There is no debate here.. i was right here all along and your railing on against me is a waste of time.

So let me recap yet again for the 3rd or 4th time.
- I am not saying Bittrex did anything ..just saying it -IS- possible they were hacked or an inside job etc.

Which is defiantly plausible enough to warrant investigation or the users consideration.
The only thing that would oppose that is you Ritchie demand we take your word for things.
And fair enough we will but your being an asshole about it.
WE ALL will take your words with a grain of salt.. do you know what that means? Get it?

I do NOT hope Bittrex is bad and i have had great luck with Bittrex so i am not trying to FUD them.
It's just that if we end-users do not look at all possible things we may miss something.
Did you forget how i was right about Gox before it closed?
And how i was right about Mintpal BTER and Cryptsy?
I have had a 100% success rate at calling it and the proof is my dated comments.

I am not giving a get-out-of-jail free card to Bittrex simply because i like the staff or it worked well or me.
Fanboyism or Cheerleading has not place in Science and that is all we have here to go on.

Cryptsy's JShock way back posted here a rant mouthing me off saying they had never been hacked
when they had been multiple times.. he lied & so did Vern and their staff that vanished.
History has shown us guys that strut around all legit & shit and they rip us off.. the list of them is endless.

It's irresponsible of you Ritchie to demand we trust you fully 100%
And it 's stupid if we do.

All i am saying is we should look at ALL possible explanations for the mystery hacks / thefts.
I made no judgements !

Lastly, if anyone got this far down? I can vouch for Chiznitz being Bittrex-Ryan.
And i will say again i have little bad to say about Bittrex but i am not trusting & nor should anyone be.
I am hoping Bittrex is 100% innocent in all this.
We have had way too many exchanges go down scammy.

@Ritchie think of it this way.. to me your are coming across not to smart here.
Are you the guy who checked your servers for Malware?
because you trying to come off making it look like your users are noobs and your the expert.
When in reality both are on equal footing and both are subject to the same security practices.
Why should we take your word for it you servers are malware free?
Think about it.. your basically calling your users computers noobs and blaming them for it.
So tell us what did you do specifically to rule out YOUR MACHINES were NOT infected?


Title: Re: Two Bittrex accounts hacked today.
Post by: Spoetnik on April 03, 2016, 10:42:32 PM


Looks like i was mistaken... after a couple ticket responses and going back further in some cases... there have been login from IPs unknown.  Please focus on finding a common denominator to these attacks.


richie@bittrex

So my machine wasn't compromised.

UNKNOWN_IP_LOGOFF 134.3.254.67 Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/49.0.2623.110 Safari/537.36 2016-04-02 11:17:09.710

So how about reimbursing my coins?

1300 rads
800 exp
15000 aur
333,000 bcr

That just means someone was able to get your l/p ... nothing has changed... not sure why you think it has.

So don't take any responsibility towards your users funds?

We absolutely do, but if you lost your login/password and don't have 2fa enabled, there is nothing we can do.  I'm trying to help you guys find a common denominator which is why I jumped on this thread.  If it is going to turn into something unproductive, i'm happy to disengage.

richie@bittrex

in Ritchie's defense with no 2FA enabled another possibility here is the user or some of them are lying.
How would Ritchie be able to tell the difference between a hacker using my PC and ME using it?
As much as i may speculate Bittrex is behind this i also can not rule out Fraud by users.
Which logically makes it hard for him to pay coins out..
If it was an end-user scam and he pays it would never stop & he would go broke.


Title: Re: Multiple Bittrex accounts hacked everyone enable 2fa
Post by: Spoetnik on April 03, 2016, 10:52:32 PM
Mine and another member of this forum have been hacked today, I lost 8BTC worth of alts, i'm not sure how much CosaNostra lost.

https://bitcointalk.org/index.php?topic=1416068.msg14399775#msg14399775

And before you ask, no I did not have 2fa set up (lesson learned).

Have any others been hacked?

before this topic you said..

Quote
Some low life scumbag just emptied my bittrex account of 1300 rads, 800 exp and 15000 aur.

They dumped my coins, but there was no withdraws in my withdraw history, and no withdraw requests in my email?

I changed my password straight away.

I mailed support@bittrex.com, i'm waiting for a reply.

And for some reason they bought a load of EXCL and dumped EXCL: https://bittrex.com/Market/Index?MarketName=BTC-EXCL

Fucking gutted.

I have no idea how they got in. I'm going to format both my towers.

Anyone have richie from bittrex's user name so I can PM him?

So i am curious was your coins taken off the server lost?
This sounds like the Cryptsy points hack incident where Cryptsy claims no coins left the server.
See what i mean?

Did some hacker got into your account OP and then make trades but did not withdraw your coins?


Title: Re: Two Bittrex accounts hacked today.
Post by: leigh2k14 on April 03, 2016, 10:59:23 PM


Looks like i was mistaken... after a couple ticket responses and going back further in some cases... there have been login from IPs unknown.  Please focus on finding a common denominator to these attacks.


richie@bittrex

So my machine wasn't compromised.

UNKNOWN_IP_LOGOFF 134.3.254.67 Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/49.0.2623.110 Safari/537.36 2016-04-02 11:17:09.710

So how about reimbursing my coins?

1300 rads
800 exp
15000 aur
333,000 bcr

That just means someone was able to get your l/p ... nothing has changed... not sure why you think it has.

So don't take any responsibility towards your users funds?

We absolutely do, but if you lost your login/password and don't have 2fa enabled, there is nothing we can do.  I'm trying to help you guys find a common denominator which is why I jumped on this thread.  If it is going to turn into something unproductive, i'm happy to disengage.

richie@bittrex

in Ritchie's defense with no 2FA enabled another possibility here is the user or some of them are lying.
How would Ritchie be able to tell the difference between a hacker using my PC and ME using it?
As much as i may speculate Bittrex is behind this i also can not rule out Fraud by users.
Which logically makes it hard for him to pay coins out..
If it was an end-user scam and he pays it would never stop & he would go broke.

I know your just exploring all the angles here, I ain't no scammer, far from it, i'm the victim.

I worked hard trading to get those coins, I put a lot of time and effort in, only to find disappear into the either.



Title: Re: Multiple Bittrex accounts hacked everyone enable 2fa
Post by: richiela on April 03, 2016, 11:00:32 PM
Ritchie i am trying to be nice but your being a fucking asshole man.
And i have seen you crying FUD on IRC too.. so i think you have a history on that already.

FUD = an attempt to smear a coin or service with untrue information.
That is what we generally think it means (although i disagree entirely and stand by the classic definition)
Which is = F. U. D.
What would those there words mean in the Context of Altcoins and their associated services
and would it be relevant ?
YES.
With the track record of supposedly Legit exchanges you bet your damn ass FUD is warranted.
And no sorry no there is no way in hell Bittrex deserves the benefit of the doubt.
No exchange or service in Crypto does.
And know what Bittrex-Ritchie?
These guys all agree with me but they just won't say it.

So you can drop this whole crying FUD routine buddy that shit is not going to fly
and if anything will make you look overly defensive.

Further more i would expect someone who runs an exchange to be a bit smarter.
The procedure of Science has not changed for 100's of years since Al Hazen literally wrote the book on it.
I know all about it and you DO NOT.
http://en.wikipedia.org/wiki/Al_Hazen
He is the FATHER of science and wrote the rule book on scientific examination..
Which is precisely what a smart person does when confronted with a mystery.

@Ritchie you have shown us you do not comprehend much here bud.
You do not collect proven FACTS to examine info to see if it's a fact  ;D
That is bloody retarded beyond belief and i can't fucking believe you would even say that.

Ritchie you said that and it's fucking stupid.. so stupid i can't even be bothered to read the rest of it.
You lost you credibility with me now. You are coming across super dumb here.
And overly defensive which may or may not be a bad thing.

Quote
@spoetnik: it is complete fud and you know it.  scientific procedures requires actual proof.

Scientific procedures DO NOT require ACTUAL "proof"
Because the entire point of Scientific procedure.. IS TO FIND THE TRUTH !
There is no debate here.. i was right here all along and your railing on against me is a waste of time.

So let me recap yet again for the 3rd or 4th time.
- I am not saying Bittrex did anything ..just saying it -IS- possible they were hacked or an inside job etc.

Which is defiantly plausible enough to warrant investigation or the users consideration.
The only thing that would oppose that is you Ritchie demand we take your word for things.
And fair enough we will but your being an asshole about it.
WE ALL will take your words with a grain of salt.. do you know what that means? Get it?

I do NOT hope Bittrex is bad and i have had great luck with Bittrex so i am not trying to FUD them.
It's just that if we end-users do not look at all possible things we may miss something.
Did you forget how i was right about Gox before it closed?
And how i was right about Mintpal BTER and Cryptsy?
I have had a 100% success rate at calling it and the proof is my dated comments.

I am not giving a get-out-of-jail free card to Bittrex simply because i like the staff or it worked well or me.
Fanboyism or Cheerleading has not place in Science and that is all we have here to go on.

Cryptsy's JShock way back posted here a rant mouthing me off saying they had never been hacked
when they had been multiple times.. he lied & so did Vern and their staff that vanished.
History has shown us guys that strut around all legit & shit and they rip us off.. the list of them is endless.

It's irresponsible of you Ritchie to demand we trust you fully 100%
And it 's stupid if we do.

All i am saying is we should look at ALL possible explanations for the mystery hacks / thefts.
I made no judgements !

Lastly, if anyone got this far down? I can vouch for Chiznitz being Bittrex-Ryan.
And i will say again i have little bad to say about Bittrex but i am not trusting & nor should anyone be.
I am hoping Bittrex is 100% innocent in all this.
We have had way too many exchanges go down scammy.

@Ritchie think of it this way.. to me your are coming across not to smart here.
Are you the guy who checked your servers for Malware?
because you trying to come off making it look like your users are noobs and your the expert.
When in reality both are on equal footing and both are subject to the same security practices.
Why should we take your word for it you servers are malware free?
Think about it.. your basically calling your users computers noobs and blaming them for it.
So tell us what did you do specifically to rule out YOUR MACHINES were NOT infected?

This is really the last time i'm going to respond on this topic.  I'm not trying to be an asshole, but I have a problem with unfounded accusations. If you want to have it out with me, feel free to join me in slack or irc.

1) FUD = Fear Uncertainty and Doubt.  If you are causing those things without proof, I do believe it is exactly what I called it.  As for track records, we are one of the only exchanges that has never been hacked or compromised.  Sure you can compare us to other exchanges and past performance is no guarantee of future yada yada yada... By that logic, every business will fail because others have.  So yes, i do take offense to it when people start claiming it without any data.  If any data exists, I'd be happy to look at it and investigate.

2) Your logic about malware is flawed.  Do you think if any of our servers were compromised in any way, all you would see is a couple of non-2fa'd account drained using a bad trading method?  It doesn't make sense.

3) Lastly, I am not calling our users noobs, but we collectively are the experts here when it comes to security and how exchanges work.  I'm not sure how anyone can claim something different when it comes to how an exchange works.  I also get paid to do security for a living - I assert, rightly or wrongly, I do know more about this topic than most people.  

When faced with a problem, the most obvious answer is usually the right one once you have ruled out the others.  Instead wasting our time with this entire line of discussion, I'd rather have users figure out what the common denominator is and narrow down what caused this.  There's an obvious pattern;  i'd like to find it.

-richie@bittrex


Title: Re: Multiple Bittrex accounts hacked everyone enable 2fa
Post by: richiela on April 03, 2016, 11:03:00 PM
Mine and another member of this forum have been hacked today, I lost 8BTC worth of alts, i'm not sure how much CosaNostra lost.

https://bitcointalk.org/index.php?topic=1416068.msg14399775#msg14399775

And before you ask, no I did not have 2fa set up (lesson learned).

Have any others been hacked?

before this topic you said..

Quote
Some low life scumbag just emptied my bittrex account of 1300 rads, 800 exp and 15000 aur.

They dumped my coins, but there was no withdraws in my withdraw history, and no withdraw requests in my email?

I changed my password straight away.

I mailed support@bittrex.com, i'm waiting for a reply.

And for some reason they bought a load of EXCL and dumped EXCL: https://bittrex.com/Market/Index?MarketName=BTC-EXCL

Fucking gutted.

I have no idea how they got in. I'm going to format both my towers.

Anyone have richie from bittrex's user name so I can PM him?

So i am curious was your coins taken off the server lost?
This sounds like the Cryptsy points hack incident where Cryptsy claims no coins left the server.
See what i mean?

Did some hacker got into your account OP and then make trades but did not withdraw your coins?

If this wasn't clarified before, your assertion is correct here.  In all cases we've seen, the attacker traded down the balances and withdrew on the other side.  No withdraw's were done from the compromised accounts.  If that isn't accurate in any cases, please let me know.

thanks,
richie@bittrex


Title: Re: Multiple Bittrex accounts hacked everyone enable 2fa
Post by: Spoetnik on April 04, 2016, 12:01:47 AM
The attacker traded down, and withdrew on the other side richie.


No withdraw was made from my end.

Forgive me but i don't think i heard anyone say that before.
Can you say that in a different way?

And Ritchie i hope you do not get pissed off & leave.
Understand i was trying to be objective and look at all angles and not attack your Exchange.
If it seemed that way i apologize to you and i don't have much more "FUD" to post here..
So you can likely carry on here with out me instead ;)

I'd just like to see you all build a picture and include every bit of info possible.
Explore all leads no matter how unlikely etc.
And to me it's scientific and nothing personal against anyone.

Good luck guys and sorry to hear about your bad news :(


Title: Re: Multiple Bittrex accounts hacked everyone enable 2fa
Post by: richiela on April 04, 2016, 12:13:16 AM
The attacker traded down, and withdrew on the other side richie.


No withdraw was made from my end.

Forgive me but i don't think i heard anyone say that before.
Can you say that in a different way?

And Ritchie i hope you do not get pissed off & leave.
Understand i was trying to be objective and look at all angles and not attack your Exchange.
If it seemed that way i apologize to you and i don't have much more "FUD" to post here..
So you can likely carry on here with out me instead ;)

I'd just like to see you all build a picture and include every bit of info possible.
Explore all leads no matter how unlikely etc.
And to me it's scientific and nothing personal against anyone.

Good luck guys and sorry to hear about your bad news :(

I don't get pissed off ;) But yes, I alluded to that fact earlier, but never called it out explicitly, my bad.  In all cases, the attacker did "bad trades" to move funds around and withdrew from the other side.

I'm happy to discuss any aspect of this that I am allowed to (without violating our privacy policies etc).  I'm also here to help chase down leads if there are any.  I'm a fan of putting as much data together as possible and building a picture. I just get frustrated and find it a waste of time when people start going down the "prove you're not hacked/bad" line of thinking because it's impossible to prove a negative.

Also realize, I'm spending time in here trying to be helpful.  If i planned on mt.cryptsypalrushin' anyone, I wouldn't bother engaging the community on this issue at all.  Something obviously is going around and I want to help put a stop to it.

Thanks,
Richie


Title: Re: Multiple Bittrex accounts hacked everyone enable 2fa
Post by: kiklo on April 04, 2016, 12:47:22 AM
https://www.ic3.gov/complaint

Quote
File a Complaint

Prior to filing a complaint with the IC3, please read the following information regarding terms and conditions. Should you have additional questions prior to filing your complaint, view FAQ for more information on inquiries such as:

    What details will I be asked to include in my complaint?
    What happens after I file a complaint?
    How are complaints resolved?
    Should I retain evidence related to my complaint?

The information I've provided on this form is correct to the best of my knowledge. I understand that providing false information could make me subject to fine, imprisonment, or both. (Title 18, U.S. Code, Section 1001)

Complaints filed via this website are processed and may be referred to federal, state, local or international law enforcement or regulatory agencies for possible investigation. I understand any investigation opened on any complaint I file on this website is initiated at the discretion of the law enforcement and/or regulatory agency receiving the complaint information.

Filing a complaint with the IC3 in no way serves as notification to my credit card company that I am disputing unauthorized charges placed on my card or that my credit card number may have been compromised. I should contact my credit card company directly to notify them of my specific concerns.
Advisory:

You are about to file a complaint with the Internet Crime Complaint Center. The confidentiality of the information you provide may be affected by state law. As such, we cannot guarantee that your complaint will remain confidential. The complaint information you submit to this site is encrypted via secure socket layer (SSL) encryption. Please see the Privacy Policy for further information.

 8)


Title: Re: Multiple Bittrex accounts hacked everyone enable 2fa
Post by: prospecta on April 04, 2016, 04:36:58 AM
Another user gets "hacked" through bad OPSEC and blames the exchange, seen this a thousand times before.


Title: Re: Multiple Bittrex accounts hacked everyone enable 2fa
Post by: sotisoti on April 04, 2016, 05:17:26 AM
Sorry to hear that, I don't have coins anymore @ Bittrex, I'll consider using Google Authenticator asap.


Title: Re: Multiple Bittrex accounts hacked everyone enable 2fa
Post by: Varvarin on April 04, 2016, 06:45:08 AM
Is everyone that was hacked using GMail by any chance?

Friend got hacked on Polo, very similar story and his Gmail pass was changed.


Title: Re: Multiple Bittrex accounts hacked everyone enable 2fa
Post by: CosaNostra on April 04, 2016, 06:45:29 AM
The attacker traded down, and withdrew on the other side richie.


No withdraw was made from my end.

Forgive me but i don't think i heard anyone say that before.
Can you say that in a different way?

And Ritchie i hope you do not get pissed off & leave.
Understand i was trying to be objective and look at all angles and not attack your Exchange.
If it seemed that way i apologize to you and i don't have much more "FUD" to post here..
So you can likely carry on here with out me instead ;)

I'd just like to see you all build a picture and include every bit of info possible.
Explore all leads no matter how unlikely etc.
And to me it's scientific and nothing personal against anyone.

Good luck guys and sorry to hear about your bad news :(

I don't get pissed off ;) But yes, I alluded to that fact earlier, but never called it out explicitly, my bad.  In all cases, the attacker did "bad trades" to move funds around and withdrew from the other side.

I'm happy to discuss any aspect of this that I am allowed to (without violating our privacy policies etc).  I'm also here to help chase down leads if there are any.  I'm a fan of putting as much data together as possible and building a picture. I just get frustrated and find it a waste of time when people start going down the "prove you're not hacked/bad" line of thinking because it's impossible to prove a negative.

Also realize, I'm spending time in here trying to be helpful.  If i planned on mt.cryptsypalrushin' anyone, I wouldn't bother engaging the community on this issue at all.  Something obviously is going around and I want to help put a stop to it.

Thanks,
Richie

Hi Richie,

Since the only common denominator for us who had coins stolen is absence of 2fa, could you provide detailed info on the attacker?

Only you have a full picture of what happened or happens now.

How many accounts compromised out there? Is that multiple or a couple?
Do these accounts have anything in common except absence of 2fa?
Are all the accounts of the attacker are new or he used some old accounts?
Are all the IPs of the attacker are different each time?
What coins and exact BTC/alts addresses were used to withdraw the funds?

And the last question: Why in your opinion only Bittrex accounts were compromised?

Meanwhile, I would strongly advise to turn on immediate e-mail notifications for all users on each entrance to bittrex with the detailed information like time, IP address, browser info and such and perhaps even on each trade the users complete.
Needless to say this step would prevent further losses of your customers.

I would also appreciate, if Bittrex, as a responsible business, would compensate my losses at least partially.


Regards





Title: Re: Multiple Bittrex accounts hacked everyone enable 2fa
Post by: vlom on April 04, 2016, 07:17:52 AM
The attacker traded down, and withdrew on the other side richie.


No withdraw was made from my end.

Forgive me but i don't think i heard anyone say that before.
Can you say that in a different way?

And Ritchie i hope you do not get pissed off & leave.
Understand i was trying to be objective and look at all angles and not attack your Exchange.
If it seemed that way i apologize to you and i don't have much more "FUD" to post here..
So you can likely carry on here with out me instead ;)

I'd just like to see you all build a picture and include every bit of info possible.
Explore all leads no matter how unlikely etc.
And to me it's scientific and nothing personal against anyone.

Good luck guys and sorry to hear about your bad news :(

I don't get pissed off ;) But yes, I alluded to that fact earlier, but never called it out explicitly, my bad.  In all cases, the attacker did "bad trades" to move funds around and withdrew from the other side.

I'm happy to discuss any aspect of this that I am allowed to (without violating our privacy policies etc).  I'm also here to help chase down leads if there are any.  I'm a fan of putting as much data together as possible and building a picture. I just get frustrated and find it a waste of time when people start going down the "prove you're not hacked/bad" line of thinking because it's impossible to prove a negative.

Also realize, I'm spending time in here trying to be helpful.  If i planned on mt.cryptsypalrushin' anyone, I wouldn't bother engaging the community on this issue at all.  Something obviously is going around and I want to help put a stop to it.

Thanks,
Richie

cool down. it is just Spoetnik.

unfortunately i could read his nonsense in the quotes. just put him on your ignorelist.


Title: Re: Multiple Bittrex accounts hacked everyone enable 2fa
Post by: cdub on April 04, 2016, 07:22:48 AM
Is everyone that was hacked using GMail by any chance?

Friend got hacked on Polo, very similar story and his Gmail pass was changed.

Gmail is yet another place where 2FA is available, and should be used.
I am sorry for the losses, but I do hope the situation will drive some folks to embrace 2FA, everywhere it's available, even if it's a little inconvenient.


Title: Re: Multiple Bittrex accounts hacked everyone enable 2fa
Post by: prospecta on April 04, 2016, 07:31:49 AM
I would also appreciate, if Bittrex, as a responsible business, would compensate my losses at least partially.

LOL wtf...I have bad OPSEC give me my money back...


Title: Re: Multiple Bittrex accounts hacked everyone enable 2fa
Post by: CosaNostra on April 04, 2016, 08:07:51 AM
I would also appreciate, if Bittrex, as a responsible business, would compensate my losses at least partially.

LOL wtf...I have bad OPSEC give me my money back...

Have I asked for your opinion?

I wish you each time you get into any kind of trouble in your life to have an asshole, who will appear before you and tell you "it's your fucking fault".

Now you can go and fuck yourself >:(
 


Title: Re: Multiple Bittrex accounts hacked everyone enable 2fa
Post by: spartak_t on April 04, 2016, 08:12:36 AM
I don't think this is an inside job. From what I've understood, so far 3 people confirmed they were "hacked" and 23,5 BTC were lost. That's a lot (at least from my perspective), but it would be stupid for Bittrex to risk their reputation for such amount. Imho, Richie is right (I'm not kissing your ass!) to act somehow diplomatic and not to reveal some things (such as how many accounts were compromised). Bittrex also didn't announce it on Twitter, which is again the right way, because otherwise it may cause unnecessary panic.

Guys (those who lost your coins),

I can only imagine how you feel about this and I'm really, really sorry for your loss, but it seems like nothing can be done here. :(


Title: Re: Multiple Bittrex accounts hacked everyone enable 2fa
Post by: CosaNostra on April 04, 2016, 08:32:29 AM
I don't think this is an inside job. From what I've understood, so far 3 people confirmed they were "hacked" and 23,5 BTC were lost. That's a lot (at least from my perspective), but it would be stupid for Bittrex to risk their reputation for such amount. Imho, Richie is right (I'm not kissing your ass!) to act somehow diplomatic and not to reveal some things (such as how many accounts were compromised). Bittrex also didn't announce it on Twitter, which is again the right way, because otherwise it may cause unnecessary panic.

Guys (those who lost your coins),

I can only imagine how you feel about this and I'm really, really sorry for your loss, but it seems like nothing can be done here. :(

Perhaps you are right that nothing can be done here, but at least we can try to identify and find that scum.

Once again I propose to turn on immediate e-mail notifications for all users on each entrance to bittrex with the detailed information like time, IP address, browser info and such and perhaps even on each trade the users complete (since attacker can use compromised API keys as well). Now, even after 2FA set, I don't receive any alerts on failed attempts  :(

IMO, if this would be done before, people wouldn't incur all these losses...


Title: Re: Multiple Bittrex accounts hacked everyone enable 2fa
Post by: spartak_t on April 04, 2016, 08:39:51 AM
Perhaps you are right that nothing can be done here, but at least we can try to identify and find that scum.

I'm sure that Bittrex guys already tried (and probably continue) to figure this out, but with no luck. 


Title: Re: Multiple Bittrex accounts hacked everyone enable 2fa
Post by: hughbt on April 04, 2016, 08:57:46 AM
You can keep guessing what happened or do what Richie said and start trying to figure it out. People who were hacked should prepare a report with the details about their os, installed software (especially wallets), e-mail provider etc. This is the only way to find a common denominator.


Title: Re: Multiple Bittrex accounts hacked everyone enable 2fa
Post by: kiklo on April 04, 2016, 09:21:31 AM
You can keep guessing what happened or do what Richie said and start trying to figure it out. People who were hacked should prepare a report with the details about their os, installed software (especially wallets), e-mail provider etc. This is the only way to find a common denominator.

So far the only common denominator has been Bittrex.

It seems like a 3rd Party should be called in to investigate everyone's claims.

As far as the local PCs, you guys should make an sector by sector Image backup of the whole drives, to preserve what is called the Chain of Evidence.
In case this goes to court, you can contact a lawyer to verify that.

Bittrex should give as detailed an account of what they believed occurred with a Timeline of the occurrences.

For example :
If their logs show the trading went on, when the user knows his PC was Off, we know the Local PCs were probably not compromised.
But Bittrex should have detailed Logs of the IP Addresses and Times, plus what coin addresses were used.

Also Direct Question for Bittrex, this was a cyber theft , what law enforcement agency will you be reporting this too, as the victim's should receive this contact info so they can talk with the investigator.

 8)


Title: Re: Multiple Bittrex accounts hacked everyone enable 2fa
Post by: CosaNostra on April 04, 2016, 10:02:26 AM
You can keep guessing what happened or do what Richie said and start trying to figure it out. People who were hacked should prepare a report with the details about their os, installed software (especially wallets), e-mail provider etc. This is the only way to find a common denominator.

we know the Local PCs were probably not compromised.


I'm 100% sure that local pcs (at least my own) were not compromised.
Now, when I set 2FA on all the exchanges I trade and changed the passwords all over, made a thorough examination of all pcs, updated antiviruses and firewalls, and bought me another big pack of condoms I can say that if my local pcs would be compromised the attacker would steal much more money from me easily :-X


Title: Re: Multiple Bittrex accounts hacked everyone enable 2fa
Post by: spartak_t on April 04, 2016, 12:59:14 PM
So far the only common denominator has been Bittrex.

It seems like a 3rd Party should be called in to investigate everyone's claims.

Why? As far as I know, nothing is pointing that the fault is on Bittrex. I believe that they continue to investigate the issue and will share the results with the people, which accounts were compromised.


Title: Re: Multiple Bittrex accounts hacked everyone enable 2fa
Post by: leigh2k14 on April 04, 2016, 06:29:48 PM
How's the investigation going richie?


Title: Re: Multiple Bittrex accounts hacked everyone enable 2fa
Post by: leigh2k14 on April 04, 2016, 06:30:37 PM
I would also appreciate, if Bittrex, as a responsible business, would compensate my losses at least partially.

LOL wtf...I have bad OPSEC give me my money back...

You sir are first class asshole, 100% cock sucker.


Title: Re: Multiple Bittrex accounts hacked everyone enable 2fa
Post by: spartak_t on April 04, 2016, 06:43:06 PM
I would also appreciate, if Bittrex, as a responsible business, would compensate my losses at least partially.

LOL wtf...I have bad OPSEC give me my money back...

You sir are first class asshole, 100% cock sucker.

It's a woman... ::)


Title: Re: Multiple Bittrex accounts hacked everyone enable 2fa
Post by: kiklo on April 04, 2016, 07:25:41 PM
So far the only common denominator has been Bittrex.

It seems like a 3rd Party should be called in to investigate everyone's claims.

Why? As far as I know, nothing is pointing that the fault is on Bittrex. I believe that they continue to investigate the issue and will share the results with the people, which accounts were compromised.

How many banks or stock exchanges would you do business with , that lost your money and did not report it to law enforcement.
Because at the end of the day , the actual crime occurred on their virtual premises.

Plus Not Reporting it and not doing anything about it , would make them look Guilty, not a good look from a PR standpoint.
Sorry we are looking into it , will not suffice as a answer, a 3rd party needs to be brought in to investigate.


 8)


Title: Re: Multiple Bittrex accounts hacked everyone enable 2fa
Post by: CAMOPEJB on April 04, 2016, 07:41:53 PM
All you need is 2FA and you will be safe guys what's do hard about this.


Title: Re: Multiple Bittrex accounts hacked everyone enable 2fa
Post by: spartak_t on April 04, 2016, 07:50:16 PM
How many banks or stock exchanges would you do business with , that lost your money and did not report it to law enforcement.
Because at the end of the day , the actual crime occurred on their virtual premises.


To me it's like losing your wallet and somehow find out that the money in it were used in one particular store. Then fill a lawsuit against that store, because they took the money.


Title: Re: Multiple Bittrex accounts hacked everyone enable 2fa
Post by: kiklo on April 04, 2016, 10:25:40 PM
All you need is 2FA and you will be safe guys what's do hard about this.

Sorry without Knowing exactly what happened , it is unknown if 2FA would make a difference in their cases.

Example : How many people did 2FA protect at Cryptsy,
Answer: No One.

 8)

FYI:
2FA is just another layer in stopping someone from logging in,
If an Exchange security is Breached, the exchange operators have direct access to your coins, and your login security does not matter at all.


Title: Re: Multiple Bittrex accounts hacked everyone enable 2fa
Post by: kiklo on April 04, 2016, 10:27:32 PM
How many banks or stock exchanges would you do business with , that lost your money and did not report it to law enforcement.
Because at the end of the day , the actual crime occurred on their virtual premises.


To me it's like losing your wallet and somehow find out that the money in it were used in one particular store. Then fill a lawsuit against that store, because they took the money.

Sorry your analogy is wrong,

it is more like you handed your wallet to your friend and when they handed it back, some of the cash was missing from it.
The Log information Bittrex has may be able to help determine the thief, refusing to hand that information over to Law Enforcement , means they did it or are an accomplice.
And just to be clear, I am not saying that, what I am saying is a 3rd party has to check out everyone's story to find the truth and the culprits.
But whoever refuses to call in that 3rd party (Law Enforcement) is hiding something.

 8)


Title: Re: Multiple Bittrex accounts hacked everyone enable 2fa
Post by: CAMOPEJB on April 05, 2016, 12:35:59 AM
I made a small rhyme.

2fa all the way, 2fa all day. if you stray from 2fa its sure to be a very bad day!

:)


Title: Re: Multiple Bittrex accounts hacked everyone enable 2fa
Post by: kiklo on April 05, 2016, 04:42:15 AM
I made a small rhyme.

2fa all the way, 2fa all day. if you stray from 2fa its sure to be a very bad day!

:)

LOL,

Once there was a rhyme,
that 2fa could stop crime,

It was a story with no truth,
conceived by a man locked in a booth.  :D

 8)


Title: Re: Multiple Bittrex accounts hacked everyone enable 2fa
Post by: mamamae on April 05, 2016, 06:37:03 AM
that's the sad reality indeed but now safex.io (http://safex.io) or https://bitsquare.io/ (https://bitsquare.io/) project will help , to decentralize exchanges no more third party risk at least if anything runs as it should.

All you need is 2FA and you will be safe guys what's do hard about this.

Sorry without Knowing exactly what happened , it is unknown if 2FA would make a difference in their cases.

Example : How many people did 2FA protect at Cryptsy,
Answer: No One.

 8)

FYI:
2FA is just another layer in stopping someone from logging in,
If an Exchange security is Breached, the exchange operators have direct access to your coins, and your login security does not matter at all.


Title: Re: Multiple Bittrex accounts hacked everyone enable 2fa
Post by: jrpatking on April 05, 2016, 07:20:38 AM
Linux mint ISO was replaced by a hacked intruded operating system a while ago. Check to ensure you're using hacker's Mint version. They may read your computer and try to hack it.


Title: Re: Multiple Bittrex accounts hacked everyone enable 2fa
Post by: CosaNostra on April 05, 2016, 05:11:22 PM
Here is a sample e-mail I'm getting from Yobit:

"Yobit Mailer

Dear User!
Your account was logged in.

Login: User
IP: XXX.XX.XX.XX
Date: 05.04.2016 11:08

Sincerely yours,
Team of Yobit.Net"







Title: Re: Multiple Bittrex accounts hacked everyone enable 2fa
Post by: leigh2k14 on April 05, 2016, 05:50:42 PM
What worries me that the bittrex people still have no clue as to what happened, the flaw or hack is most likely still open for abuse.

If anything does go wrong with your account, YOU ARE ON YOUR OWN!

Bittrex in no way will except any liability at all.


Title: Re: Multiple Bittrex accounts hacked everyone enable 2fa
Post by: CosaNostra on April 05, 2016, 07:10:14 PM
What worries me that the bittrex people still have no clue as to what happened, the flaw or hack is most likely still open for abuse.

If anything does go wrong with your account, YOU ARE ON YOUR OWN!

Bittrex in no way will except any liability at all.


https://bitcointalk.org/index.php?topic=463202.msg14402160#msg14402160

Seems my account has been hacked.
Unique password, only existing in my head.

Coins seem to be dumped and then the hacker bought YBC and dumped them to himself for a low price because he couldn't withdraw...

AMP and RBR both gone...

Fuck...

It cant be that good password if he guessed it or he had a keylogger on your computer. You should use 2FA to protect you from this.

Haven't typed the password in over a year, was cached in browser.
Scanned my PC with every available tool (+ is protected by ESET) but no keylogger found

Password was unique for Bittrex and 14 characters long (random generated).

But 2FA was not setup...

my account is the same... password 12 characters with big small letters and numbers...
2FA not setted too :(

is there some way to get contact with some bittrex support ? i like to see login history.



Title: Re: Multiple Bittrex accounts hacked everyone enable 2fa
Post by: leigh2k14 on April 05, 2016, 07:45:22 PM
More accounts hacked, this should concern the whole crypto community.

As one of the largest exchanges has had a massive security breach.

We need to get the word out to as many crypto traders as possible.

Richie has no clue, or is covering up, this is really sad indeed.

I hope there's not more people that have had their hard earned funds stolen from them.

I asked richie in the destiny slack channel if he had any news on who hacked our accounts, and he told me I should report it to proper authorities.

Truely sad as he won't admit that the attackers found a way into his system, and won't admit any liability at all, it's quite clear that this was not a local machine hack, but a bittrex hack.




 


Title: Re: Multiple Bittrex accounts hacked everyone enable 2fa
Post by: richiela on April 05, 2016, 10:47:04 PM
More accounts hacked, this should concern the whole crypto community.

As one of the largest exchanges has had a massive security breach.

We need to get the word out to as many crypto traders as possible.

Richie has no clue, or is covering up, this is really sad indeed.

I hope there's not more people that have had their hard earned funds stolen from them.

I asked richie in the destiny slack channel if he had any news on who hacked our accounts, and he told me I should report it to proper authorities.

Truely sad as he won't admit that the attackers found a way into his system, and won't admit any liability at all, it's quite clear that this was not a local machine hack, but a bittrex hack.


We know exactly what happened - you lost your credentials.

I told you to report it to the authorities because I can't release information about other accounts to you because of our privacy policy.  Attackers compromised your account which nothing to do with our system.  Please get your fact straight because i'm sure that it makes more sense that bittrex got hacked and it only affected a handful of accounts instead of you being compromised.

richie



Title: Re: Multiple Bittrex accounts hacked everyone enable 2fa
Post by: kiklo on April 06, 2016, 04:07:43 AM
More accounts hacked, this should concern the whole crypto community.

As one of the largest exchanges has had a massive security breach.

We need to get the word out to as many crypto traders as possible.

Richie has no clue, or is covering up, this is really sad indeed.

I hope there's not more people that have had their hard earned funds stolen from them.

I asked richie in the destiny slack channel if he had any news on who hacked our accounts, and he told me I should report it to proper authorities.

Truely sad as he won't admit that the attackers found a way into his system, and won't admit any liability at all, it's quite clear that this was not a local machine hack, but a bittrex hack.


We know exactly what happened - you lost your credentials.

I told you to report it to the authorities because I can't release information about other accounts to you because of our privacy policy.  Attackers compromised your account which nothing to do with our system.  Please get your fact straight because i'm sure that it makes more sense that bittrex got hacked and it only affected a handful of accounts instead of you being compromised.

richie


@richie,
The reason you should report it , is that
1. It is more than one person.
2. Only your Exchange seemed to be Targeted.
3. The Users have no evidence exactly who stole the funds, in fact if they do contact the Authorities, they can just as easily list you as the thief since they do not know for 100% what happened.
4. You will have to speak with the authorities any way, when they request the log information
5. You just made yourself look guilty , by trying to play quiet.

But since you said no you would not ,
Ok all of you that funds are missing

Contact https://www.ic3.gov/complaint  , and report Bittrex for your funds being lost.
Or
All contact a Lawyer Jointly and file a Civil Suit against the exchange.
Bittrex LLC is a limited liability corporation formed and operated out of Las Vegas, Nevada.
Bittrex LLC
6077 S. Ft. Apache Rd
Suite 100
Las Vegas, NV 89148

Good Luck to Both of You.

 8)


Title: Re: Multiple Bittrex accounts hacked everyone enable 2fa
Post by: richiela on April 06, 2016, 04:30:25 AM
More accounts hacked, this should concern the whole crypto community.

As one of the largest exchanges has had a massive security breach.

We need to get the word out to as many crypto traders as possible.

Richie has no clue, or is covering up, this is really sad indeed.

I hope there's not more people that have had their hard earned funds stolen from them.

I asked richie in the destiny slack channel if he had any news on who hacked our accounts, and he told me I should report it to proper authorities.

Truely sad as he won't admit that the attackers found a way into his system, and won't admit any liability at all, it's quite clear that this was not a local machine hack, but a bittrex hack.


We know exactly what happened - you lost your credentials.

I told you to report it to the authorities because I can't release information about other accounts to you because of our privacy policy.  Attackers compromised your account which nothing to do with our system.  Please get your fact straight because i'm sure that it makes more sense that bittrex got hacked and it only affected a handful of accounts instead of you being compromised.

richie


@richie,
The reason you should report it , is that
1. It is more than one person.
2. Only your Exchange seemed to be Targeted.
3. The Users have no evidence exactly who stole the funds, in fact if they do contact the Authorities, they can just as easily list you as the thief since they do not know for 100% what happened.
4. You will have to speak with the authorities any way, when they request the log information
5. You just made yourself look guilty , by trying to play quiet.

But since you said no you would not ,
Ok all of you that funds are missing

Contact https://www.ic3.gov/complaint  , and report Bittrex for your funds being lost.
Or
All contact a Lawyer Jointly and file a Civil Suit against the exchange.
Bittrex LLC is a limited liability corporation formed and operated out of Las Vegas, Nevada.
Bittrex LLC
6077 S. Ft. Apache Rd
Suite 100
Las Vegas, NV 89148

Good Luck to Both of You.

 8)

I have hardly played quiet... i've been in here every day trying to help figure out how < 10 accounts got compromised;  but at this point, it is not productive nor a good use of my time.  Feel free to have the authorities contact us.

thanks,
richie


Title: Re: Multiple Bittrex accounts hacked everyone enable 2fa
Post by: CosaNostra on April 06, 2016, 08:05:36 AM
I have hardly played quiet... i've been in here every day trying to help figure out how < 10 accounts got compromised;  but at this point, it is not productive nor a good use of my time.  Feel free to have the authorities contact us.
thanks,
richie

Could you please tell me how exactly you did this, except sending everyone logs with the same info?

Allright, you say that you guys are experts in security.

First you say that all IPs were known and usual for the users, while even in the logs it shows as Unknown IP.
So, after TWO DAYS you said that you were mistaken and IPs were unknown.

First you say that there were multiple accounts hacked, and then you say it was a couple, now you say you don't care, because less than 10 accounts got compromised. You would feel better, if we would be talking about 1000+ accounts?

I guess I shoud repeat my questions here:

How many accounts compromised out there? Is that multiple or a couple?
Do these accounts have anything in common except absence of 2fa?
Are all the accounts of the attacker are new or he used some old accounts?
Are all the IPs of the attacker are different each time?
What coins and exact BTC/alts addresses were used to withdraw the funds?
Why in your opinion only Bittrex accounts were compromised?

Now, the most important question:
Why you haven't enforced 2fa, haven't published any alerts, or introduced email notifications on each login/trade?

When people say you played quiet, they mean that you did nothing to prevent more people from loosing their money.
No announcements, no alerts, no e-mail notifications... Nothing!

Have you put your exchange into maintenance mode or paused the trades? No!
Why? Because I guess you care more about your profits, not people!

You were silently watching people being robbed all these days :o

That's all I wanted to say about it.


Quote
   
Ryan Hentz (Bittrex)

Apr 2, 19:08

Hi,
Our records show that all orders placed on your account were done so from your typical login ip. This means the attacker somehow has access to your machine. Have you installed any new software recently? This includes things like browser plugins.
The attacker also immediately withdrew the coins from his account via the api. There is no way to recover the funds.
Please make sure to enable 2fa to protect your account from being breached in this way.
Thank you,
Ryan


Firstly, please stop trying to generate fud; its completely unproductive.  If our servers were compromised, there are way easier ways to get your money out.  It doesn't make any sense. What I can tell you is that there have been multiple accounts hacked with the same pattern, all within the last 48 hours.  I can also tell you that none of the affected accounts had logins from suspicious or unknown IPs which leads us to believe it is a rooted machine vs credential lost.  Lastly, this isn't specific to an OS based on the UA strings we've seen which points to some kind of browser plugin/toolbar.   Please crowdsource this to figure out commonalities and please turn on 2fa if you do not have it on.
Thanks
richie@bittrex

Looks like i was mistaken... after a couple ticket responses and going back further in some cases... there have been login from IPs unknown. Please focus on finding a common denominator to these attacks.
richie@bittrex

2) Your logic about malware is flawed.  Do you think if any of our servers were compromised in any way, all you would see is a couple of non-2fa'd account drained using a bad trading method?  It doesn't make sense.

3) Lastly, I am not calling our users noobs, but we collectively are the experts here when it comes to security and how exchanges work.  I'm not sure how anyone can claim something different when it comes to how an exchange works.  I also get paid to do security for a living - I assert, rightly or wrongly, I do know more about this topic than most people. 

When faced with a problem, the most obvious answer is usually the right one once you have ruled out the others.  Instead wasting our time with this entire line of discussion, I'd rather have users figure out what the common denominator is and narrow down what caused this.  There's an obvious pattern;  i'd like to find it.

-richie@bittrex


Title: Re: Multiple Bittrex accounts hacked everyone enable 2fa
Post by: Aesthete on April 07, 2016, 08:51:03 AM
Richie, I would have asked to give the information about how the stolen funds had been withdrawn, on what e-mail, on what bitcoin addresses and generally as much information about this account


Title: Re: Multiple Bittrex accounts hacked everyone enable 2fa
Post by: Keketarac on April 08, 2016, 11:47:18 AM
I have similar problem with bittrex account hacking.

2fa was disabled.

I haven't logged couple days and when I tried to login today, I was asked to enter 2fa code, which, obviosly, I don't have.

Looking at transactions from my FTC wallet in explorer, I noticed payout of ~350 FTC on 07/04/2016 and two times ~150 FTC day or two before, which I havent initiated nor approved. That is all available funds over funds that were reserved in trading order.

Now I can't login to my account nor withdraw ~4000 FTC and 0,1 BTC I have.

Also, FTC wallet on bittrex is in maintenance mode now, and BTC market also is blocked, no trading since 07/04/2016.

Something big is happening.


Title: Re: Multiple Bittrex accounts hacked everyone enable 2fa
Post by: CosaNostra on April 08, 2016, 11:58:01 AM
I have similar problem with bittrex account hacking.

2fa was disabled.

I haven't logged couple days and when I tried to login today, I was asked to enter 2fa code, which, obviosly, I don't have.

Looking at transactions from my FTC wallet in explorer, I noticed payout of ~350 FTC on 07/04/2016 and two times ~150 FTC day or two before, which I havent initiated nor approved.

Now I can't login to my account nor withdraw ~4000 FTC and 0,1 BTC I have.

Also, FTC wallet on bittrex is in maintenance mode now, and BTC market also is blocked.

Something big is happening.

Have you submitted a ticket?


Title: Re: Multiple Bittrex accounts hacked everyone enable 2fa
Post by: Keketarac on April 08, 2016, 12:02:25 PM
Yes, I have, but no reply yet.


Title: Re: Multiple Bittrex accounts hacked everyone enable 2fa
Post by: CosaNostra on April 08, 2016, 12:53:51 PM
Yes, I have, but no reply yet.

So, he managed to withdraw funds w/o confirmation message?  ??? :o


Title: Re: Multiple Bittrex accounts hacked everyone enable 2fa
Post by: Keketarac on April 08, 2016, 01:35:37 PM
I haven't found any confirmation message in my inbox, but, strange, in history of mail client (yahoo) saw one unusual login at 01/04/2016 from strange IP adress, at the time I was at work. Also, no emails about failed login attempts due to loss of 2fa code.

All withdrawals from bittrex were in unusual time of day, when I sleep (12PM-6AM) or work (7AM-2PM), all times listed are UTC, my time is 2 hours more:

1. 96d4871660...   1140320   2016-03-23 07:47:59   (337)   3168.073   FTC   
2. 49070b78b9...   1145748   2016-03-27 06:11:01   (727.256)   2891.217   FTC 
3. 2aa6fa781d...   1148866   2016-03-29 12:18:35   (150.3)   2890.917   FTC 
4. 47ce3e6709...   1152859   2016-04-01 09:32:21   (150.4)   3040.817   FTC
5. fd92b04175...   1161352   2016-04-07 13:28:55   (351.608)   3139.509   FTC

If 2fa is enabled, does every withdrawal need email confirmation? I'd like to see login info from bittrex staff.


Title: Re: Multiple Bittrex accounts hacked everyone enable 2fa
Post by: Keketarac on April 08, 2016, 02:39:13 PM
They reset 2fa, I managed to enter my account

HOLY SHIT!!!

All my funds (FTC and BTC) were used in about 715 transactions with various coins: apex, arb, uro, smbr, kore, tron, grs, lxc, excl, tri, ybc, xdq, root, ftc, lxc and xqn, in period April 1st-April 2nd.

Here is transaction history: https://drive.google.com/file/d/0BzKo9AFn9Gq-TThiQXdzSG5zZnM/view?usp=sharing

In the same period 30 BTC withdrawals occured, and total of about 50 BTC were withdrawn!!!!

I had about 4000 FTC and 0,1 BTC before all that.

How they made 50 BTC?!

Now I'm left with 600 FTC in stuck wallet, 0.49 YBC, 11.8 SHF and 113.6 APEX.


Title: Re: Multiple Bittrex accounts hacked everyone enable 2fa
Post by: Aesthete on April 08, 2016, 02:50:03 PM
..HOLY SHIT!!!..

I imagine what you're feeling now, man
I hope this isn't all your life savings, as it was for me


Title: Re: Multiple Bittrex accounts hacked everyone enable 2fa
Post by: Keketarac on April 08, 2016, 02:53:13 PM
No, no no!

That was not my money.

I had ~4000 FTC and 0.1 BTC there.

Somehow with those transactions they made 50 BTC and took them away.

They enabled 2fa so they can withdraw without mail confirmation, and I can't login to stop them.

Bittrex security=0


Title: Re: Multiple Bittrex accounts hacked everyone enable 2fa
Post by: chiznitz on April 08, 2016, 04:27:15 PM
No, no no!

That was not my money.

I had ~4000 FTC and 0.1 BTC there.

Somehow with those transactions they made 50 BTC and took them away.

They enabled 2fa so they can withdraw without mail confirmation, and I can't login to stop them.

Bittrex security=0

It is clear that your email and or entire computer is compromised.  You mentioned that you noticed a strange IP login to your email account.  The only way they can turn on 2FA is if you verify it through email, which they did.  This has nothing to do with Bittrex security.

Ryan @ Bittrex


Title: Re: Multiple Bittrex accounts hacked everyone enable 2fa
Post by: chilly2k on April 08, 2016, 04:32:42 PM
No, no no!

That was not my money.

I had ~4000 FTC and 0.1 BTC there.

Somehow with those transactions they made 50 BTC and took them away.

They enabled 2fa so they can withdraw without mail confirmation, and I can't login to stop them.

Bittrex security=0

   Sounds more like money laundering, then them trying to steal your coins.  It would be interesting to see what account was at the other end of most of those trades. 


Title: Re: Multiple Bittrex accounts hacked everyone enable 2fa
Post by: Keketarac on April 08, 2016, 05:48:41 PM
Bittrex is monitoring this thread, they say my computer is compromised, and that is not so. My bittrex account and mail were compromised, but still I haven't recieved IP adresses used for login on April 1st and 2nd.

They are refusing to take any responsibility in terms of bad security and refunding mere 0.2 BTC, although they should have forced use od 2fa, not leaving it as a option. Furthermore, talking about security, they unlocked my account's 2fa after just one email, so even if I had used 2fa, if my mail was hacked, bittrex account could have been not only hacked but unlocked by staff.

Also, they haven't announced how many accounts were hacked.

Looking at many coin price charts, there is evident and huge price drop on April 1st, so it must be huge amount of coins, which can't come from a handfull of accounts. This must be something going on on a big scale.

They are making fools of themselves for cheap. Classic assholes.

I don't care about 0,2 BTC and bloody bittrex, but it's thing of principles.



Title: Re: Multiple Bittrex accounts hacked everyone enable 2fa
Post by: Keketarac on April 08, 2016, 06:02:13 PM
   Sounds more like money laundering, then them trying to steal your coins.  It would be interesting to see what account was at the other end of most of those trades. 

BTC from my account were withdrawn to these adresses:

April 2nd    1HUznZ7QibU6TgjPzEU5aioBDPBST9sojc
April 1st    1AhoUxM2MyNrBzRb6Y51WZHS1y9rzYtgro


Title: Re: Multiple Bittrex accounts hacked everyone enable 2fa
Post by: orryde on April 08, 2016, 06:06:16 PM
It sounds like bittrex are having some serious problems. I moved all my coins off bittrex today and moved them to poloniex.
I wont use bittrex anymore after reading this thread. They need to take responsibility. If it was just one user then that's one thing. But multiple users. Its obvious their email database was hacked. Thank god the email I use there was made special for bittrex. Otherwise id have to change all my other accounts and email addresses. What a mess!


Title: Re: Multiple Bittrex accounts hacked everyone enable 2fa
Post by: leigh2k14 on April 08, 2016, 11:39:57 PM
They reset 2fa, I managed to enter my account

HOLY SHIT!!!

All my funds (FTC and BTC) were used in about 715 transactions with various coins: apex, arb, uro, smbr, kore, tron, grs, lxc, excl, tri, ybc, xdq, root, ftc, lxc and xqn, in period April 1st-April 2nd.

Here is transaction history: https://drive.google.com/file/d/0BzKo9AFn9Gq-TThiQXdzSG5zZnM/view?usp=sharing

In the same period 30 BTC withdrawals occured, and total of about 50 BTC were withdrawn!!!!

I had about 4000 FTC and 0,1 BTC before all that.

How they made 50 BTC?!

Now I'm left with 600 FTC in stuck wallet, 0.49 YBC, 11.8 SHF and 113.6 APEX.

Looks like your account laundered my coins.

Bitrrex will not except any liability at all.

Looks like someone found out a serious flaw and took advantage.

We still don't know how this attack actually happened yet, we should be concerned as the flaw is likely open.


Title: Re: Multiple Bittrex accounts hacked everyone enable 2fa
Post by: leigh2k14 on April 08, 2016, 11:58:15 PM
It sounds like bittrex are having some serious problems. I moved all my coins off bittrex today and moved them to poloniex.
I wont use bittrex anymore after reading this thread. They need to take responsibility. If it was just one user then that's one thing. But multiple users. Its obvious their email database was hacked. Thank god the email I use there was made special for bittrex. Otherwise id have to change all my other accounts and email addresses. What a mess!

It doesn't look good or them does it?


Title: Re: Multiple Bittrex accounts hacked everyone enable 2fa
Post by: proletariat on April 09, 2016, 12:07:43 AM

It sucks for the people that were hacked but I'm 99.9% positive that your bittrex deposit addresses are just that.... for deposits, once there their internal ledger accounts for those coins and those coins may be given away when they fulfill other withdrawals etc.... I might be wrong but I don't think so. So no use being paranoid about tracking the funds in your deposit address apart from deposits. Their internal ledger is what matters.



Title: Re: Multiple Bittrex accounts hacked everyone enable 2fa
Post by: orryde on April 09, 2016, 12:10:01 AM
It sounds like bittrex are having some serious problems. I moved all my coins off bittrex today and moved them to poloniex.
I wont use bittrex anymore after reading this thread. They need to take responsibility. If it was just one user then that's one thing. But multiple users. Its obvious their email database was hacked. Thank god the email I use there was made special for bittrex. Otherwise id have to change all my other accounts and email addresses. What a mess!

It doesn't look good or them does it?

No it does not. That's why I moved all my coins away from them!


Title: Re: Multiple Bittrex accounts hacked everyone enable 2fa
Post by: cryptoheadd on April 09, 2016, 10:57:16 AM

It sucks for the people that were hacked but I'm 99.9% positive that your bittrex deposit addresses are just that.... for deposits, once there their internal ledger accounts for those coins and those coins may be given away when they fulfill other withdrawals etc.... I might be wrong but I don't think so. So no use being paranoid about tracking the funds in your deposit address apart from deposits. Their internal ledger is what matters.



Yes, Bittrex, being an exchange, stores the funds in cold wallets.

The withdrawals are processed through their hotwallet.
Tracking your address won't work, as once you deposit your funds, they are transferred to the hot/cold wallets on the next sweep.  ;D


Title: Re: Multiple Bittrex accounts hacked everyone enable 2fa
Post by: orryde on April 09, 2016, 07:11:05 PM
So what is bittrex doing about this?


Title: Re: Multiple Bittrex accounts hacked everyone enable 2fa
Post by: Keketarac on April 09, 2016, 07:47:19 PM
Here is part of IP log:


UNKNOWN_IP_WITHDRAWAL_2FA_SUCCESS 77.57.136.72 Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/49.0.2623.110 Safari/537.36 2016-04-02 16:30:13.493
...
UNKNOWN_IP_WITHDRAWAL_2FA_SUCCESS 109.93.97.80 Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/49.0.2623.110 Safari/537.36 2016-04-01 15:41:12.950
WITHDRAWAL_2FA_SUCCESS 130.180.240.144 Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/49.0.2623.110 Safari/537.36 2016-04-01 15:11:21.250
...
ENABLE_2FA 194.204.45.101 Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/49.0.2623.110 Safari/537.36 2016-04-01 14:06:10.803
PENDING_2FA 130.180.240.144 Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/49.0.2623.110 Safari/537.36 2016-04-01 14:05:43.910
LOGIN 130.180.240.144 Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/49.0.2623.110 Safari/537.36 2016-04-01 14:02:26.340
LOGOFF 194.204.45.101 Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/49.0.2623.110 Safari/537.36 2016-04-01 13:58:49.360
LOGIN 194.204.45.101 Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/49.0.2623.110 Safari/537.36 2016-04-01 13:42:30.803
...
LOGOFF 74.135.30.68 Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/47.0.2526.106 Safari/537.36 2016-03-31 00:31:19.547
LOGIN 74.135.30.68 Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/47.0.2526.106 Safari/537.36 2016-03-31 00:27:37.903
...


So they hacked in on March 31st, started on April 1st at 13:40, took them about half an hour to enable 2fa, and rest is known story. Known and unknown random IPs. Finished on April 2nd at 16:30


Title: Re: Multiple Bittrex accounts hacked everyone enable 2fa
Post by: kiklo on April 10, 2016, 09:49:31 PM
So what is bittrex doing about this?

From the looks of things, They are sorry for your Loss and that is about it.  :P
They refused to contact any legal authorities and are basically blaming the victims. (Bad Form on their part.)

 8)


Title: Re: Multiple Bittrex accounts hacked everyone enable 2fa
Post by: kiklo on April 10, 2016, 09:54:13 PM
So they hacked in on March 31st, started on April 1st at 13:40, took them about half an hour to enable 2fa, and rest is known story. Known and unknown random IPs. Finished on April 2nd at 16:30

If 2fa was used , what was the Phone # attached to it.
Cell Tower records should hold the GPS location at the time it received the text, to help pinpoint the thief's physical location.
(That why Law Enforcement has to be brought in, they can get a warrant for the cell tower records. )


 8)



Title: Re: Multiple Bittrex accounts hacked everyone enable 2fa
Post by: cryptojacko on April 10, 2016, 10:36:32 PM
So they hacked in on March 31st, started on April 1st at 13:40, took them about half an hour to enable 2fa, and rest is known story. Known and unknown random IPs. Finished on April 2nd at 16:30

If 2fa was used , what was the Phone # attached to it.
Cell Tower records should hold the GPS location at the time it received the text, to help pinpoint the thief's physical location.
(That why Law Enforcement has to be brought in, they can get a warrant for the cell tower records. )


 8)



I guess I'm following you around now.

You obviously don't understand how most of the exchanges 2FA works.  Polo and Bittrex both use google authenticator which has nothing to do with your phone # and doesn't talk back to anything, so what you are saying isn't even valid.

Reviewing this thread it looks like a very small amount of people clicked on something and gave an attacker their password.  This last guy even says someone turned on his 2fa, which is impossible without having access to his email account, which a few posts before he mentions an unknown IP logging in to his email.  Here you are the expert spewing foul, when its fairly obvious these users clicked something stupid or installed something stupid on their machines.  Lol less than 10 users out of thousands and thousands and you think its the exchanges fault.  You sure do beat up on all the exchanges out there.

What is your favorite exchange?  Seems you think they are all corrupt, maybe you should start a legit one.


Title: Re: Multiple Bittrex accounts hacked everyone enable 2fa
Post by: spartak_t on April 10, 2016, 11:02:02 PM
Imho, its the victim's fault for losing their funds, but this thread should not be turned into in "I know better" type of opinions.


Title: Re: Multiple Bittrex accounts hacked everyone enable 2fa
Post by: kiklo on April 11, 2016, 01:28:04 AM
I guess I'm following you around now.

You obviously don't understand how most of the exchanges 2FA works.  Polo and Bittrex both use google authenticator which has nothing to do with your phone # and doesn't talk back to anything, so what you are saying isn't even valid.

Reviewing this thread it looks like a very small amount of people clicked on something and gave an attacker their password.  This last guy even says someone turned on his 2fa, which is impossible without having access to his email account, which a few posts before he mentions an unknown IP logging in to his email.  Here you are the expert spewing foul, when its fairly obvious these users clicked something stupid or installed something stupid on their machines.  Lol less than 10 users out of thousands and thousands and you think its the exchanges fault.  You sure do beat up on all the exchanges out there.

What is your favorite exchange?  Seems you think they are all corrupt, maybe you should start a legit one.

Hey , that is what stalkers do , No shame there.  ;)

https://www.google.com/landing/2step/#tab=how-it-works

Quote
    You'll enter your password
    Whenever you sign in to Google, you'll enter your password as usual.
    You'll be asked for something else
    Then, a code will be sent to your phone via text, voice call, or our mobile app. Or, if you have a Security Key, you can insert it into your computer’s USB port.

See Phone, in the above quote.
Or if they used the security key instead , doubtful, but even so Google could cross reference it and give your some of the accounts the key is connected too,
such as Gmail, Google, GitHub, or Dropbox accounts, which would lead to more IPs , which one of them will lead back to the thief.

You are not one of those people that actually believe you can do anything on the internet and remain anonymous , are you?
FYI: Even Tor won't keep you safe , if the right people are looking for you.

Also what is this unknown IP crap, you guys keep passing out , network access and connection require an IP address,
even if they are behind a VPN, you get the VPN IP Address, from there you hit the VPN provider with a warrant and get their logs which lead you closer to the thief.
Even if they do it 20 times that next address is there to follow.

 8)


Title: Re: Multiple Bittrex accounts hacked everyone enable 2fa
Post by: kiklo on April 11, 2016, 01:35:36 AM
Imho, its the victim's fault for losing their funds, but this thread should not be turned into in "I know better" type of opinions.

So I imagine you go to Women shelters and tell them it was their fault , that their husband smacked them around?

Quote
William Ryan coined the phrase "blaming the victim" in his 1971 book Blaming the Victim. In the book, Ryan described victim blaming as an ideology used to justify racism and social injustice

Fact ,
All Bittrex had to do, is contact the FBI, turn over the log information and then that is the end of any requirement they owe their users.
How much time, would that have taken, less time than what has been spent blaming the victims in this forum, No doubt.

 8)


Title: Re: Multiple Bittrex accounts hacked everyone enable 2fa
Post by: cryptojacko on April 11, 2016, 02:39:17 AM
Imho, its the victim's fault for losing their funds, but this thread should not be turned into in "I know better" type of opinions.

So I imagine you go to Women shelters and tell them it was their fault , that their husband smacked them around?

Quote
William Ryan coined the phrase "blaming the victim" in his 1971 book Blaming the Victim. In the book, Ryan described victim blaming as an ideology used to justify racism and social injustice

Fact ,
All Bittrex had to do, is contact the FBI, turn over the log information and then that is the end of any requirement they owe their users.
How much time, would that have taken, less time than what has been spent blaming the victims in this forum, No doubt.

 8)


You are referring to 2-factor authentication for gmail and google accounts.  That is not the same as using the google 2fa open source code that does not link back to google at all.  The exchanges are using the later.

Oh anything can be traced if you have enough manpower.  Looks like Bittrex gave the users all the information about who logged into their accounts.  If those users want to find out who stole their stuff they should file police reports and get the process started.


The problem is this isn't women at the shelter because their husbands smacked them around.  It's because they were sleeping around with a trojan horse.  Their machines were hacked, not bittrex, the burden is on them, bittrex is just one piece of information that they can obtain, contacting the FBI would do nothing for these people as the FBI wouldn't even bother doing anything with this.


Title: Re: Multiple Bittrex accounts hacked everyone enable 2fa
Post by: kiklo on April 11, 2016, 03:52:18 AM
You are referring to 2-factor authentication for gmail and google accounts.  That is not the same as using the google 2fa open source code that does not link back to google at all.  The exchanges are using the later.

Oh anything can be traced if you have enough manpower.  Looks like Bittrex gave the users all the information about who logged into their accounts.  If those users want to find out who stole their stuff they should file police reports and get the process started.

The problem is this isn't women at the shelter because their husbands smacked them around.  It's because they were sleeping around with a trojan horse.  Their machines were hacked, not bittrex, the burden is on them, bittrex is just one piece of information that they can obtain, contacting the FBI would do nothing for these people as the FBI wouldn't even bother doing anything with this.

So my frighten stalker returns,
It funny you claim to know their was no phone # attached to that specific 2fa.
Either Bittrex or Google has a Phone # stored for that 2fa account.

https://www.bittrex.com/Manage#section2Fa
Quote
Bittrex encourages the use of two-factor authentication
Two-factor authentication (2fa) greatly increases security by requiring both your password and another form of authentication. Bittrex implements 2fa utilizing Google Authenticator.
To enable this feature simply download Google Authenticator on your mobile device and scan the QRCode.

Once you have linked the Authenticator with Bittrex, enter the 6 digit code provided.

Please back up your secret key. Reseting your two - factor authentication requires opening a support ticket and may take up to 48 hours to address.
You claim to know alot, but give no details where you receive that info or even provide a reference.
Mostly you just make up stories with the pretense of knowledge, when it is apparent you are lacking in that area.

Bittrex has not given all of the log info to the users, they cited privacy laws, can you not even read the previous posts before you contradict just to be contradictory.
That the real issue, Bittrex is hiding data, that legally they could only give to the Legal Authority.

Are you and the others really so stupid, that you believe a hacker had total access to their PCs.
But did not go after their Bank Accounts or Credit Cards and only focuses on 1 crypto exchange and ignore every other exchange.
Are you really that Stupid?
Just Asking cause you seem to be that stupid.  :)

FYI:
The committed crime crossed State Lines, and would be in the the FBI jurisdiction not local Police.
Whether the FBI does anything is up to them, funny that Bittrex is afraid to report it to them.
https://www.fbi.gov/about-us/investigate/what_we_investigate
Quote
Spies. Terrorists. Hackers. Pedophiles. Mobsters. Gang leaders and serial killers. We investigate them all, and many more besides.
https://www.fbi.gov/about-us/investigate/cyber/computer-intrusions

 8)


Title: Re: Multiple Bittrex accounts hacked everyone enable 2fa
Post by: Namrekka on April 11, 2016, 11:06:30 AM
Didn't find it clearly but:

- Is (was) your email account hacked?
- Do (did) you store, in your email box, sensitive things like PW and "confirmation links"?
- Can you share your email provider?




Title: Re: Multiple Bittrex accounts hacked everyone enable 2fa
Post by: cryptojacko on April 11, 2016, 07:10:59 PM
You are referring to 2-factor authentication for gmail and google accounts.  That is not the same as using the google 2fa open source code that does not link back to google at all.  The exchanges are using the later.

Oh anything can be traced if you have enough manpower.  Looks like Bittrex gave the users all the information about who logged into their accounts.  If those users want to find out who stole their stuff they should file police reports and get the process started.

The problem is this isn't women at the shelter because their husbands smacked them around.  It's because they were sleeping around with a trojan horse.  Their machines were hacked, not bittrex, the burden is on them, bittrex is just one piece of information that they can obtain, contacting the FBI would do nothing for these people as the FBI wouldn't even bother doing anything with this.

So my frighten stalker returns,
It funny you claim to know their was no phone # attached to that specific 2fa.
Either Bittrex or Google has a Phone # stored for that 2fa account.

https://www.bittrex.com/Manage#section2Fa
Quote
Bittrex encourages the use of two-factor authentication
Two-factor authentication (2fa) greatly increases security by requiring both your password and another form of authentication. Bittrex implements 2fa utilizing Google Authenticator.
To enable this feature simply download Google Authenticator on your mobile device and scan the QRCode.

Once you have linked the Authenticator with Bittrex, enter the 6 digit code provided.

Please back up your secret key. Reseting your two - factor authentication requires opening a support ticket and may take up to 48 hours to address.
You claim to know alot, but give no details where you receive that info or even provide a reference.
Mostly you just make up stories with the pretense of knowledge, when it is apparent you are lacking in that area.

Bittrex has not given all of the log info to the users, they cited privacy laws, can you not even read the previous posts before you contradict just to be contradictory.
That the real issue, Bittrex is hiding data, that legally they could only give to the Legal Authority.

Are you and the others really so stupid, that you believe a hacker had total access to their PCs.
But did not go after their Bank Accounts or Credit Cards and only focuses on 1 crypto exchange and ignore every other exchange.
Are you really that Stupid?
Just Asking cause you seem to be that stupid.  :)

FYI:
The committed crime crossed State Lines, and would be in the the FBI jurisdiction not local Police.
Whether the FBI does anything is up to them, funny that Bittrex is afraid to report it to them.
https://www.fbi.gov/about-us/investigate/what_we_investigate
Quote
Spies. Terrorists. Hackers. Pedophiles. Mobsters. Gang leaders and serial killers. We investigate them all, and many more besides.
https://www.fbi.gov/about-us/investigate/cyber/computer-intrusions

 8)


You're not understanding how google authenticator works on most of these sites, which is ok, because you probably haven't done web development or ever tried to implement a 2factor solution.  Most sites that are not associated with google use their open source version of the authenticator.  You can even run the application from a windows box with no phone number associated and no google accounts.  If you don't believe me go try and enable 2fa and do some packet sniffing while its happening, you won't see any network traffic, thus no way to get your phone #etc.

http://stackoverflow.com/questions/5087005/google-authenticator-available-as-a-public-service

Yah I read the thread they were given their logon history which shows some random ips logging into their account.  That should be enough to get an investigation started, they can contact the FBI like you said.

You have no proof they didn't steal anything else, do you know how many had funds somewhere else?  If any?  Hackers tend to move quick when they get a compromised machine and since all of these hacked people obviously are into crypto the hacker probably tricked them into clicking something crypto related, maybe they even knew these people traded at Bittrex from whatever forum they were posting in.


Title: Re: Multiple Bittrex accounts hacked everyone enable 2fa
Post by: kiklo on April 11, 2016, 09:39:23 PM
You're not understanding how google authenticator works on most of these sites, which is ok, because you probably haven't done web development or ever tried to implement a 2factor solution.  Most sites that are not associated with google use their open source version of the authenticator.  You can even run the application from a windows box with no phone number associated and no google accounts.  If you don't believe me go try and enable 2fa and do some packet sniffing while its happening, you won't see any network traffic, thus no way to get your phone #etc.

You are really just a confused soul that wants to argue, I am truly sorry that you are not a Brighter Soul, otherwise this might have been entertaining. :P

That Phone # is stored somewhere or the authentication software would be unable to send a text to it.  :P
Your What IFs on 2FA configuration, don't matter Bittrex directly stated download Google Authenticator on your mobile device.


And here you backtrack , 1st saying
Quote
contacting the FBI would do nothing for these people as the FBI wouldn't even bother doing anything with this.
and now you say

Yah I read the thread they were given their logon history which shows some random ips logging into their account.  That should be enough to get an investigation started, they can contact the FBI like you said.

You see why I have to ignore your thoughts,
1. Because you are usually wrong to start with.
2. 10 minutes later you agree with what I already said.  :P


You have no proof they didn't steal anything else, do you know how many had funds somewhere else?  If any?  Hackers tend to move quick when they get a compromised machine and since all of these hacked people obviously are into crypto the hacker probably tricked them into clicking something crypto related, maybe they even knew these people traded at Bittrex from whatever forum they were posting in.

And that has been the problem with this whole Forum, We as Forum Readers do not have any Proof of what any of these people have said.
It all has been nothing but posts, nothing verified by a 3rd party that any of us can trust.
That why the Legal Authority has to be called in , If Bittrex is lying , it will be discovered and they will be arrested for CyberCrimes, or if they were telling the truth then they will be proven innocent ,(which from a Public Relations Point of View their foolish to not have reported it unless they know they are guilty.)
That Final Outcome can't happen with just a bunch of Yahoos typing in a Forum, the Legal Authority has to be called in and they can best determine how to investigate.
Then we can all read on a News site after charges are filed what really happen and who is guilty and who is innocent.  ;)


 8)


Title: Re: Multiple Bittrex accounts hacked everyone enable 2fa
Post by: cryptojacko on April 11, 2016, 09:46:43 PM
You're not understanding how google authenticator works on most of these sites, which is ok, because you probably haven't done web development or ever tried to implement a 2factor solution.  Most sites that are not associated with google use their open source version of the authenticator.  You can even run the application from a windows box with no phone number associated and no google accounts.  If you don't believe me go try and enable 2fa and do some packet sniffing while its happening, you won't see any network traffic, thus no way to get your phone #etc.

You are really just a confused soul that wants to argue, I am truly sorry that you are not a Brighter Soul, otherwise this might have been entertaining. :P

That Phone # is stored somewhere or the authentication software would be unable to send a text to it.  :P
Your What IFs on 2FA configuration, don't matter Bittrex directly stated download Google Authenticator on your mobile device.


And here you backtrack , 1st saying
Quote
contacting the FBI would do nothing for these people as the FBI wouldn't even bother doing anything with this.
and now you say

Yah I read the thread they were given their logon history which shows some random ips logging into their account.  That should be enough to get an investigation started, they can contact the FBI like you said.

You see why I have to ignore your thoughts,
1. Because you are usually wrong to start with.
2. 10 minutes later you agree with what I already said.  :P


You have no proof they didn't steal anything else, do you know how many had funds somewhere else?  If any?  Hackers tend to move quick when they get a compromised machine and since all of these hacked people obviously are into crypto the hacker probably tricked them into clicking something crypto related, maybe they even knew these people traded at Bittrex from whatever forum they were posting in.

And that has been the problem with this whole Forum, We as Forum Readers do not have any Proof of what any of these people have said.
It all has been nothing but posts, nothing verified by a 3rd party that any of us can trust.
That why the Legal Authority has to be called in , If Bittrex is lying , it will be discovered and they will be arrested for CyberCrimes, or if they were telling the truth then they will be proven innocent ,(which from a Public Relations Point of View their foolish to not have reported it unless they know they are guilty.)
That Final Outcome can't happen with just a bunch of Yahoos typing in a Forum, the Legal Authority has to be called in and they can best determine how to investigate.
Then we can all read on a News site after charges are filed what really happen and who is guilty and who is innocent.  ;)


 8)


Dude, seriously bittrex and poloniex don't send anything to your damn phone.  It is not SMS 2factor, they don't send you a text.  Did you even read the link I posted?  I guess at this point you are trolling because nobody is that stupid.  I'm moving on and will avoid posts with you on them in the future.  Not worth my time, I have money to lose in alt coins, ta ta.


Title: Re: Multiple Bittrex accounts hacked everyone enable 2fa
Post by: kiklo on April 12, 2016, 12:32:34 AM
Dude, seriously bittrex and poloniex don't send anything to your damn phone.  It is not SMS 2factor, they don't send you a text.  Did you even read the link I posted?  I guess at this point you are trolling because nobody is that stupid.  I'm moving on and will avoid posts with you on them in the future.  Not worth my time, I have money to lose in alt coins, ta ta.

Reading Comprehension is really not your strong suit.
Bittrex directly stated download Google Authenticator on your mobile device.

Good Bye,   :-*
Mr. Frighten Stalker

 8)


Title: Re: Multiple Bittrex accounts hacked everyone enable 2fa
Post by: chilly2k on April 12, 2016, 01:20:17 AM
Dude, seriously bittrex and poloniex don't send anything to your damn phone.  It is not SMS 2factor, they don't send you a text.  Did you even read the link I posted?  I guess at this point you are trolling because nobody is that stupid.  I'm moving on and will avoid posts with you on them in the future.  Not worth my time, I have money to lose in alt coins, ta ta.

Reading Comprehension is really not your strong suit.
Bittrex directly stated download Google Authenticator on your mobile device.

Good Bye,   :-*
Mr. Frighten Stalker

 8)

   I use Google authenticator, on my tablet, for Bittrex.  My tablet doesn't have phone capabilities. 


Title: Re: Multiple Bittrex accounts hacked everyone enable 2fa
Post by: kiklo on April 12, 2016, 04:53:38 AM
  I use Google authenticator, on my tablet, for Bittrex.  My tablet doesn't have phone capabilities.  

If you did it this way the original Phone # is stored with the account.

Quote
Use Google Authenticator on Multiple Devices

The Authenticator app is available for Android, iPhone, Windows Phone and BlackBerry mobile phones. If you however carry two or more of these devices, like an iPad and an Android mobile phone, you can configure the app such that same code is generated on all your devices. This is handy because you can then pick the one-time code either from your phone or the tablet for logging in.

If you did it any other way then your Google Account is stored with a link to the 2FA account.
Which means Google can list every IP, including hot spots your tablet accessed, and maybe even the GPS coordinates in the tablet depending on the brand.
Also any Devices that have used that Google account can be cross referenced , Office/Home PC Internet IPs, & any Mobile Phones #.
(More Tracking that anything 1984 ever dreamed up.)

Any of which can be traced back to you if you used 2FA.

So the only real question , is when are you guys that claimed to be robbed going to report this to the FBI, so we can get this show on the road.

 8)


Title: Re: Multiple Bittrex accounts hacked everyone enable 2fa
Post by: chilly2k on April 12, 2016, 12:07:13 PM
  I use Google authenticator, on my tablet, for Bittrex.  My tablet doesn't have phone capabilities.  

If you did it this way the original Phone # is stored with the account.


What original phone number?  This is a tablet that only has wifi.   Maybe the IP address is stored, but there is no phone number to store. 


So the only real question , is when are you guys that claimed to be robbed going to report this to the FBI, so we can get this show on the road.

 8)


    I agree with you here.  The victims must report the crime. 


Title: Re: Multiple Bittrex accounts hacked everyone enable 2fa
Post by: Namrekka on April 12, 2016, 03:00:21 PM
I don't get the discussion about 2fa and Google. You also can use "WinAuth" and has nothing to do with Google. You can use it on a normal PC and not a phone. Also OP and the other victims mentioned that they didn't use 2fa. The intruder only used 2fa to get the API keys for his bot. The IP numbers are in the logfiles. But IP numbers doesn't say a thing, more....doesn't say anything.
 
The question stays how on earth did the intruder get the login info.


Title: Re: Multiple Bittrex accounts hacked everyone enable 2fa
Post by: kiklo on April 12, 2016, 05:48:32 PM

What original phone number?  This is a tablet that only has wifi.   Maybe the IP address is stored, but there is no phone number to store.  


So the only real question , is when are you guys that claimed to be robbed going to report this to the FBI, so we can get this show on the road.

 8)


    I agree with you here.  The victims must report the crime.  


The Tablet's only link is the Google account to the 2fa, so any other device that also has accessed the same google account, such as any mobile phone # that checked a gmail registered to that google account can be cross referenced.
Example: If you ever checked your Gmail or access your Google account from a PC or cellphone that information was stored and can be cross referenced.
Google can tell exactly which device you are using each time.
 
But all our speculation here does nothing to actually catch the criminal.
The victims must report the crime.

 8)


Title: Re: Multiple Bittrex accounts hacked everyone enable 2fa
Post by: kiklo on April 12, 2016, 05:52:35 PM
I don't get the discussion about 2fa and Google. You also can use "WinAuth" and has nothing to do with Google. You can use it on a normal PC and not a phone. Also OP and the other victims mentioned that they didn't use 2fa. The intruder only used 2fa to get the API keys for his bot. The IP numbers are in the logfiles. But IP numbers doesn't say a thing, more....doesn't say anything.
 
The question stays how on earth did the intruder get the login info.

Because this guy claimed his account was hacked and 2FA enabled to withdraw the stolen funds.
https://bitcointalk.org/index.php?topic=1423584.msg14482234#msg14482234
But to be honest , we have no 3rd party verification that anything that anyone has posted is true.

The victims must report the crime so it can be investigated.

 8)



Title: Re: Multiple Bittrex accounts hacked everyone enable 2fa
Post by: lcharles123 on May 01, 2016, 11:05:02 PM
I was hacked too, 1.5 BTC is gone
I didn't use 2FA, my PC and phone are not compromissed
The password has Upper, lower case letters and numbers, I don't use the email to send messages or subscribe lists.
Here's a log, but this means nothing.

Login Time: 04/29/2016 12:26
IP Address:
79.150.204.10
User Agent: Mozilla/5.0 (Windows NT 6.1; rv:46.0) Gecko/20100101 Firefox/46.0
IP Address:
87.120.46.145
User Agent: Mozilla/5.0 (Windows NT 6.1) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/50.0.2661.94 Safari/537.36
IP Address:
94.227.131.175
User Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; rv:45.0) Gecko/20100101 Firefox/45.0


I think bittrex should implement log in limitation by IP, so we can configure the account to accept only one or an IP range




Title: Re: Multiple Bittrex accounts hacked everyone enable 2fa
Post by: enta2k on June 29, 2016, 09:11:41 PM
Fuck, I got hacked too, how is it possible, that so much Bittrex accounts get hacked.

My password stoped working, so I reset it and 10min. ago I saw everything is gone.
No 2fa because iīm retarded.

My E-Mail Accounts got hacked too, changed all the passwords, the amound of hacking attacks and
spam mails is getting ridiculous, donīt know what to do about that.


Title: Re: Multiple Bittrex accounts hacked everyone enable 2fa
Post by: yudy on July 01, 2016, 08:55:51 PM
your account is hack, your balance can refund is management bittrex or not,
your ready send ticket support or not,if ready ticket support what is answer response your ticket ?, balance refund or not


Title: Re: Multiple Bittrex accounts hacked everyone enable 2fa
Post by: alyssa85 on July 02, 2016, 03:15:14 PM
Fuck, I got hacked too, how is it possible, that so much Bittrex accounts get hacked.

My password stoped working, so I reset it and 10min. ago I saw everything is gone.
No 2fa because iīm retarded.

My E-Mail Accounts got hacked too, changed all the passwords, the amound of hacking attacks and
spam mails is getting ridiculous, donīt know what to do about that.

Well if your email accounts got hacked too, it is because you were using similar passwords across the board, and they got hold of one (either from your mtgox account or your mintpal account) and used it as a base to figure out how to access your stuff.

Make sure you use completely different passwords for every single account you have.


Title: Re: Multiple Bittrex accounts hacked everyone enable 2fa
Post by: chefbauer on November 22, 2016, 04:31:50 PM
Its not save with Bittrex, my account was hacked too.
Password: uniqe to Bittrex!
No 2-factor auth.

No other compromised account, no hacked e-mail as i know.
Using linux on all systems.

Lost about 7 BTC in AMP and XMR.
Bittrex: no help.

Insider Job?

What i have learned (very old advice): leave no money on exchanges!


For your information:

Code:
Login Time: 10/21/2016 06:50
IP Address: 2a03:b0c0:0003:00d0:0000:0000:1c0e:d001
User Agent: Mozilla/5.0 (Microsoft Windows NT 6.2.9200.0); rv:22.0) Gecko/20130405 Firefox/22.0

then they did this transactions:
Code:
Closed Date	Opened Date	Market	Type	Bid/Ask	Units Filled 	Units Total 	Actual Rate 	Cost / Proceeds
10/21/2016 02:28:32 PM 10/21/2016 02:28:25 PM BTC-SLING Limit Sell 0.00003600 317.04699022 317.04699022 0.00003599 0.01138516
10/21/2016 02:28:15 PM 10/21/2016 02:28:15 PM BTC-SLING Limit Buy 0.00006900 317.04699022 317.04699022 0.00006899 -0.02193093
10/21/2016 02:27:57 PM 10/21/2016 02:27:48 PM BTC-SLING Limit Sell 0.00003600 610.71547174 610.71547174 0.00003599 0.02193079
10/21/2016 02:27:32 PM 10/21/2016 02:27:32 PM BTC-SLING Limit Buy 0.00006900 610.71547174 610.71547174 0.00006899 -0.04224470
10/21/2016 02:26:56 PM 10/21/2016 02:26:48 PM BTC-SLING Limit Sell 0.00003400 1245.59679507 1245.59679507 0.00003399 0.04224442
10/21/2016 02:26:38 PM 10/21/2016 02:26:38 PM BTC-SLING Limit Buy 0.00007100 1245.59679507 1245.59679507 0.00007099 -0.08865846
10/21/2016 02:26:03 PM 10/21/2016 02:25:53 PM BTC-SLING Limit Sell 0.00003333 2666.66581622 2666.66581622 0.00003332 0.08865778
10/21/2016 02:25:43 PM 10/21/2016 02:25:43 PM BTC-SLING Limit Buy 0.00007400 2666.66581622 2666.66581622 0.00007399 -0.19782660
10/21/2016 02:25:20 PM 10/21/2016 02:25:12 PM BTC-SLING Limit Sell 0.00003200 6197.52763099 6197.52763099 0.00003199 0.19782508
10/21/2016 02:24:59 PM 10/21/2016 02:24:58 PM BTC-SLING Limit Buy 0.00007100 6197.52763099 6197.52763099 0.00007099 -0.44112452
10/21/2016 02:24:37 PM 10/21/2016 02:24:25 PM BTC-SLING Limit Sell 0.00003200 13819.57341100 13819.57341100 0.00003199 0.44112078
10/21/2016 02:24:14 PM 10/21/2016 02:24:13 PM BTC-SLING Limit Buy 0.00007500 13819.57341100 13819.57341100 0.00007499 -1.03905917
10/21/2016 02:23:54 PM 10/21/2016 02:23:44 PM BTC-SLING Limit Sell 0.00003050 17253.62103694 17253.62103694 0.00003049 0.52491986
10/21/2016 02:23:21 PM 10/21/2016 02:23:21 PM BTC-SLING Limit Buy 0.00007500 17253.62103694 17253.62103694 0.00007499 -1.29725662
10/21/2016 02:22:53 PM 10/21/2016 02:22:44 PM BTC-SLING Limit Sell 0.00003056 17253.62103694 17253.62103694 0.00003055 0.52595248
10/21/2016 02:22:27 PM 10/21/2016 02:22:27 PM BTC-SLING Limit Buy 0.00007500 17253.62103694 17253.62103694 0.00007499 -1.29714334
10/21/2016 02:22:07 PM 10/21/2016 02:22:01 PM BTC-SLING Limit Sell 0.00003012 17153.62103694 17153.62103694 0.00003011 0.51537540
10/21/2016 02:21:43 PM 10/21/2016 02:21:43 PM BTC-SLING Limit Buy 0.00007500 17153.62103694 17153.62103694 0.00007499 -1.28973785
10/21/2016 02:21:30 PM 10/21/2016 02:21:24 PM BTC-SLING Limit Sell 0.00003011 17102.42451400 17102.42451400 0.00003010 0.51366662
10/21/2016 02:21:11 PM 10/21/2016 02:21:11 PM BTC-SLING Limit Buy 0.00007500 17102.42451400 17102.42451400 0.00007496 -1.28526196
10/21/2016 02:20:32 PM 10/21/2016 02:19:38 PM BTC-SLING Limit Sell 0.00003050 10614.87137900 10614.87137900 0.00003049 0.32294420
10/21/2016 02:19:49 PM 10/21/2016 02:19:48 PM BTC-AMP Limit Sell 0.00025800 7208.75669560 7208.75669560 0.00025909 1.86309939
10/21/2016 02:19:24 PM 10/21/2016 02:19:24 PM BTC-SLING Limit Buy 0.00007500 10614.87137900 10614.87137900 0.00007494 -0.79747907
10/21/2016 02:18:50 PM 10/21/2016 02:18:43 PM BTC-SLING Limit Sell 0.00003050 10899.80840078 10899.80840078 0.00003049 0.33161305
10/21/2016 02:18:34 PM 10/21/2016 02:18:34 PM BTC-SLING Limit Buy 0.00007500 10899.80840078 10899.80840078 0.00007499 -0.81952932
10/21/2016 02:18:12 PM 10/21/2016 02:18:07 PM BTC-SLING Limit Sell 0.00003050 10870.23084700 10870.23084700 0.00003049 0.33071319
10/21/2016 02:17:56 PM 10/21/2016 02:17:56 PM BTC-SLING Limit Buy 0.00007500 10870.23084700 10870.23084700 0.00007498 -0.81712997
10/21/2016 02:17:23 PM 10/21/2016 02:17:15 PM BTC-SLING Limit Sell 0.00003050 10766.45894396 10766.45894396 0.00003049 0.32755605
10/21/2016 02:16:50 PM 10/21/2016 02:16:50 PM BTC-SLING Limit Buy 0.00007450 10766.45894396 10766.45894396 0.00007396 -0.79835343
10/21/2016 02:16:29 PM 10/21/2016 02:16:23 PM BTC-SLING Limit Sell 0.00003050 10067.47784451 10067.47784451 0.00003049 0.30629043
10/21/2016 02:16:11 PM 10/21/2016 02:16:11 PM BTC-SLING Limit Buy 0.00006541 5007.88935140 5007.88935140 0.00006540 -0.32838409
10/21/2016 02:16:00 PM 10/21/2016 02:16:00 PM BTC-SLING Limit Buy 0.00006535 5059.58849311 5059.58849311 0.00006534 -0.33146361
10/21/2016 02:15:05 PM 10/21/2016 02:14:56 PM BTC-SLING Limit Sell 0.00003000 5145.22682156 5145.22682156 0.00002999 0.15397091
10/21/2016 02:14:46 PM 10/21/2016 02:14:46 PM BTC-SLING Limit Buy 0.00006526 5145.22682156 5145.22682156 0.00006519 -0.33630585
10/21/2016 02:14:20 PM 10/21/2016 02:14:14 PM BTC-SLING Limit Sell 0.00003000 5144.91112403 5144.91112403 0.00002999 0.15396147
10/21/2016 02:13:57 PM 10/21/2016 02:13:39 PM BTC-SLING Limit Buy 0.00006400 4351.91052082 4500.00000000 0.00006395 -0.27901762
10/21/2016 02:13:21 PM 10/21/2016 02:13:21 PM BTC-SLING Limit Buy 0.00006540 793.00060321 793.00060321 0.00005994 -0.04765391
10/21/2016 02:12:41 PM 10/21/2016 02:12:35 PM BTC-SLING Limit Sell 0.00003000 4297.17680816 4297.17680816 0.00002999 0.12859302
10/21/2016 02:12:21 PM 10/21/2016 02:12:21 PM BTC-SLING Limit Buy 0.00006526 1022.23344507 1022.23344507 0.00005999 -0.06148439
10/21/2016 02:11:37 PM 10/21/2016 02:11:36 PM BTC-SLING Limit Buy 0.00006526 3274.94336309 3274.94336309 0.00004500 -0.14774848
10/21/2016 02:11:20 PM 10/21/2016 02:11:19 PM BTC-XMR Limit Sell 0.01019861 484.15670224 484.15670224 0.01030000 4.97434709




Title: Re: Multiple Bittrex accounts hacked everyone enable 2fa
Post by: chilly2k on November 22, 2016, 05:16:03 PM
Its not save with Bittrex, my account was hacked too.
Password: uniqe to Bittrex!
No 2-factor auth.

No other compromised account, no hacked e-mail as i know.
Using linux on all systems.

Lost about 7 BTC in AMP and XMR.
Bittrex: no help.

Insider Job?

What i have learned (very old advice): leave no money on exchanges!


For your information:

Code:
Login Time: 10/21/2016 06:50
IP Address: 2a03:b0c0:0003:00d0:0000:0000:1c0e:d001
User Agent: Mozilla/5.0 (Microsoft Windows NT 6.2.9200.0); rv:22.0) Gecko/20130405 Firefox/22.0

then they did this transactions:
Code:
Closed Date	Opened Date	Market	Type	Bid/Ask	Units Filled 	Units Total 	Actual Rate 	Cost / Proceeds
10/21/2016 02:28:32 PM 10/21/2016 02:28:25 PM BTC-SLING Limit Sell 0.00003600 317.04699022 317.04699022 0.00003599 0.01138516
10/21/2016 02:28:15 PM 10/21/2016 02:28:15 PM BTC-SLING Limit Buy 0.00006900 317.04699022 317.04699022 0.00006899 -0.02193093
10/21/2016 02:27:57 PM 10/21/2016 02:27:48 PM BTC-SLING Limit Sell 0.00003600 610.71547174 610.71547174 0.00003599 0.02193079
10/21/2016 02:27:32 PM 10/21/2016 02:27:32 PM BTC-SLING Limit Buy 0.00006900 610.71547174 610.71547174 0.00006899 -0.04224470
10/21/2016 02:26:56 PM 10/21/2016 02:26:48 PM BTC-SLING Limit Sell 0.00003400 1245.59679507 1245.59679507 0.00003399 0.04224442
10/21/2016 02:26:38 PM 10/21/2016 02:26:38 PM BTC-SLING Limit Buy 0.00007100 1245.59679507 1245.59679507 0.00007099 -0.08865846
10/21/2016 02:26:03 PM 10/21/2016 02:25:53 PM BTC-SLING Limit Sell 0.00003333 2666.66581622 2666.66581622 0.00003332 0.08865778
10/21/2016 02:25:43 PM 10/21/2016 02:25:43 PM BTC-SLING Limit Buy 0.00007400 2666.66581622 2666.66581622 0.00007399 -0.19782660
10/21/2016 02:25:20 PM 10/21/2016 02:25:12 PM BTC-SLING Limit Sell 0.00003200 6197.52763099 6197.52763099 0.00003199 0.19782508
10/21/2016 02:24:59 PM 10/21/2016 02:24:58 PM BTC-SLING Limit Buy 0.00007100 6197.52763099 6197.52763099 0.00007099 -0.44112452
10/21/2016 02:24:37 PM 10/21/2016 02:24:25 PM BTC-SLING Limit Sell 0.00003200 13819.57341100 13819.57341100 0.00003199 0.44112078
10/21/2016 02:24:14 PM 10/21/2016 02:24:13 PM BTC-SLING Limit Buy 0.00007500 13819.57341100 13819.57341100 0.00007499 -1.03905917
10/21/2016 02:23:54 PM 10/21/2016 02:23:44 PM BTC-SLING Limit Sell 0.00003050 17253.62103694 17253.62103694 0.00003049 0.52491986
10/21/2016 02:23:21 PM 10/21/2016 02:23:21 PM BTC-SLING Limit Buy 0.00007500 17253.62103694 17253.62103694 0.00007499 -1.29725662
10/21/2016 02:22:53 PM 10/21/2016 02:22:44 PM BTC-SLING Limit Sell 0.00003056 17253.62103694 17253.62103694 0.00003055 0.52595248
10/21/2016 02:22:27 PM 10/21/2016 02:22:27 PM BTC-SLING Limit Buy 0.00007500 17253.62103694 17253.62103694 0.00007499 -1.29714334
10/21/2016 02:22:07 PM 10/21/2016 02:22:01 PM BTC-SLING Limit Sell 0.00003012 17153.62103694 17153.62103694 0.00003011 0.51537540
10/21/2016 02:21:43 PM 10/21/2016 02:21:43 PM BTC-SLING Limit Buy 0.00007500 17153.62103694 17153.62103694 0.00007499 -1.28973785
10/21/2016 02:21:30 PM 10/21/2016 02:21:24 PM BTC-SLING Limit Sell 0.00003011 17102.42451400 17102.42451400 0.00003010 0.51366662
10/21/2016 02:21:11 PM 10/21/2016 02:21:11 PM BTC-SLING Limit Buy 0.00007500 17102.42451400 17102.42451400 0.00007496 -1.28526196
10/21/2016 02:20:32 PM 10/21/2016 02:19:38 PM BTC-SLING Limit Sell 0.00003050 10614.87137900 10614.87137900 0.00003049 0.32294420
10/21/2016 02:19:49 PM 10/21/2016 02:19:48 PM BTC-AMP Limit Sell 0.00025800 7208.75669560 7208.75669560 0.00025909 1.86309939
10/21/2016 02:19:24 PM 10/21/2016 02:19:24 PM BTC-SLING Limit Buy 0.00007500 10614.87137900 10614.87137900 0.00007494 -0.79747907
10/21/2016 02:18:50 PM 10/21/2016 02:18:43 PM BTC-SLING Limit Sell 0.00003050 10899.80840078 10899.80840078 0.00003049 0.33161305
10/21/2016 02:18:34 PM 10/21/2016 02:18:34 PM BTC-SLING Limit Buy 0.00007500 10899.80840078 10899.80840078 0.00007499 -0.81952932
10/21/2016 02:18:12 PM 10/21/2016 02:18:07 PM BTC-SLING Limit Sell 0.00003050 10870.23084700 10870.23084700 0.00003049 0.33071319
10/21/2016 02:17:56 PM 10/21/2016 02:17:56 PM BTC-SLING Limit Buy 0.00007500 10870.23084700 10870.23084700 0.00007498 -0.81712997
10/21/2016 02:17:23 PM 10/21/2016 02:17:15 PM BTC-SLING Limit Sell 0.00003050 10766.45894396 10766.45894396 0.00003049 0.32755605
10/21/2016 02:16:50 PM 10/21/2016 02:16:50 PM BTC-SLING Limit Buy 0.00007450 10766.45894396 10766.45894396 0.00007396 -0.79835343
10/21/2016 02:16:29 PM 10/21/2016 02:16:23 PM BTC-SLING Limit Sell 0.00003050 10067.47784451 10067.47784451 0.00003049 0.30629043
10/21/2016 02:16:11 PM 10/21/2016 02:16:11 PM BTC-SLING Limit Buy 0.00006541 5007.88935140 5007.88935140 0.00006540 -0.32838409
10/21/2016 02:16:00 PM 10/21/2016 02:16:00 PM BTC-SLING Limit Buy 0.00006535 5059.58849311 5059.58849311 0.00006534 -0.33146361
10/21/2016 02:15:05 PM 10/21/2016 02:14:56 PM BTC-SLING Limit Sell 0.00003000 5145.22682156 5145.22682156 0.00002999 0.15397091
10/21/2016 02:14:46 PM 10/21/2016 02:14:46 PM BTC-SLING Limit Buy 0.00006526 5145.22682156 5145.22682156 0.00006519 -0.33630585
10/21/2016 02:14:20 PM 10/21/2016 02:14:14 PM BTC-SLING Limit Sell 0.00003000 5144.91112403 5144.91112403 0.00002999 0.15396147
10/21/2016 02:13:57 PM 10/21/2016 02:13:39 PM BTC-SLING Limit Buy 0.00006400 4351.91052082 4500.00000000 0.00006395 -0.27901762
10/21/2016 02:13:21 PM 10/21/2016 02:13:21 PM BTC-SLING Limit Buy 0.00006540 793.00060321 793.00060321 0.00005994 -0.04765391
10/21/2016 02:12:41 PM 10/21/2016 02:12:35 PM BTC-SLING Limit Sell 0.00003000 4297.17680816 4297.17680816 0.00002999 0.12859302
10/21/2016 02:12:21 PM 10/21/2016 02:12:21 PM BTC-SLING Limit Buy 0.00006526 1022.23344507 1022.23344507 0.00005999 -0.06148439
10/21/2016 02:11:37 PM 10/21/2016 02:11:36 PM BTC-SLING Limit Buy 0.00006526 3274.94336309 3274.94336309 0.00004500 -0.14774848
10/21/2016 02:11:20 PM 10/21/2016 02:11:19 PM BTC-XMR Limit Sell 0.01019861 484.15670224 484.15670224 0.01030000 4.97434709




    Bittrex should be checking what account was at the other end of those sling transactions.  It looks like that is how they moved your BTC. 


Title: Re: Multiple Bittrex accounts hacked everyone enable 2fa
Post by: CAMOPEJB on December 03, 2016, 07:49:46 PM
I dont understand why people dont use 2fa. It takes only a few minutes to set up and it can save you from total losses. Fucking incredible


Title: Re: Multiple Bittrex accounts hacked everyone enable 2fa
Post by: Zadicar on December 04, 2016, 02:57:22 PM
I dont understand why people dont use 2fa. It takes only a few minutes to set up and it can save you from total losses. Fucking incredible
In fact they are always saying lesson learned if they already experienced huge losses because of their negligence.Setting 2fa isnt really a hard thing to do which is always been putted by most trading platforms and wallets. Some people will put up 2fa because they are afraid to lose up money and while others dont mind because they know that someone cant get their password but we all know that in online world less security is vulnerable always on hacks.


Title: Re: Multiple Bittrex accounts hacked everyone enable 2fa
Post by: Rodeo02 on December 08, 2016, 12:32:42 AM
Mine and another member of this forum have been hacked today, I lost 8BTC worth of alts, i'm not sure how much CosaNostra lost.

https://bitcointalk.org/index.php?topic=1416068.msg14399775#msg14399775

And before you ask, no I did not have 2fa set up (lesson learned).

Have any others been hacked?
Thanks for reminders mate I already have an account there but not just big amount on my account , but still want to make sure money would be safe so I open my 2fa now.


Title: Re: Multiple Bittrex accounts hacked everyone enable 2fa
Post by: Dahhi on December 08, 2016, 11:22:15 AM
I don't understand how a bittrex account got hacked while the email box was not touched because before you can withdraw funds, you have to approve the withdrawal from a link sent into your mail box. So how did the hacker withdraw without getting approval via that link? ???


Title: Re: Multiple Bittrex accounts hacked everyone enable 2fa
Post by: gloana on December 08, 2016, 11:26:23 AM
I don't understand how a bittrex account got hacked while the email box was not touched because before you can withdraw funds, you have to approve the withdrawal from a link sent into your mail box. So how did the hacker withdraw without getting approval via that link? ???

That's a good question. Also interested in this.


Title: Re: Multiple Bittrex accounts hacked everyone enable 2fa
Post by: chilly2k on December 08, 2016, 12:26:36 PM
I don't understand how a bittrex account got hacked while the email box was not touched because before you can withdraw funds, you have to approve the withdrawal from a link sent into your mail box. So how did the hacker withdraw without getting approval via that link? ???

That's a good question. Also interested in this.

    It looks like they traded the coins (rather badly) with another account.  That other account could then withdraw.  So in the below case.  He had XMR and AMP, but ended up with sling. 

Its not save with Bittrex, my account was hacked too.
Password: uniqe to Bittrex!
No 2-factor auth.

No other compromised account, no hacked e-mail as i know.
Using linux on all systems.

Lost about 7 BTC in AMP and XMR.
Bittrex: no help.

Insider Job?

What i have learned (very old advice): leave no money on exchanges!


For your information:

Code:
Login Time: 10/21/2016 06:50
IP Address: 2a03:b0c0:0003:00d0:0000:0000:1c0e:d001
User Agent: Mozilla/5.0 (Microsoft Windows NT 6.2.9200.0); rv:22.0) Gecko/20130405 Firefox/22.0

then they did this transactions:
Code:
Closed Date	Opened Date	Market	Type	Bid/Ask	Units Filled 	Units Total 	Actual Rate 	Cost / Proceeds
10/21/2016 02:28:32 PM 10/21/2016 02:28:25 PM BTC-SLING Limit Sell 0.00003600 317.04699022 317.04699022 0.00003599 0.01138516
10/21/2016 02:28:15 PM 10/21/2016 02:28:15 PM BTC-SLING Limit Buy 0.00006900 317.04699022 317.04699022 0.00006899 -0.02193093
10/21/2016 02:27:57 PM 10/21/2016 02:27:48 PM BTC-SLING Limit Sell 0.00003600 610.71547174 610.71547174 0.00003599 0.02193079
10/21/2016 02:27:32 PM 10/21/2016 02:27:32 PM BTC-SLING Limit Buy 0.00006900 610.71547174 610.71547174 0.00006899 -0.04224470
10/21/2016 02:26:56 PM 10/21/2016 02:26:48 PM BTC-SLING Limit Sell 0.00003400 1245.59679507 1245.59679507 0.00003399 0.04224442
10/21/2016 02:26:38 PM 10/21/2016 02:26:38 PM BTC-SLING Limit Buy 0.00007100 1245.59679507 1245.59679507 0.00007099 -0.08865846
10/21/2016 02:26:03 PM 10/21/2016 02:25:53 PM BTC-SLING Limit Sell 0.00003333 2666.66581622 2666.66581622 0.00003332 0.08865778
10/21/2016 02:25:43 PM 10/21/2016 02:25:43 PM BTC-SLING Limit Buy 0.00007400 2666.66581622 2666.66581622 0.00007399 -0.19782660
10/21/2016 02:25:20 PM 10/21/2016 02:25:12 PM BTC-SLING Limit Sell 0.00003200 6197.52763099 6197.52763099 0.00003199 0.19782508
10/21/2016 02:24:59 PM 10/21/2016 02:24:58 PM BTC-SLING Limit Buy 0.00007100 6197.52763099 6197.52763099 0.00007099 -0.44112452
10/21/2016 02:24:37 PM 10/21/2016 02:24:25 PM BTC-SLING Limit Sell 0.00003200 13819.57341100 13819.57341100 0.00003199 0.44112078
10/21/2016 02:24:14 PM 10/21/2016 02:24:13 PM BTC-SLING Limit Buy 0.00007500 13819.57341100 13819.57341100 0.00007499 -1.03905917
10/21/2016 02:23:54 PM 10/21/2016 02:23:44 PM BTC-SLING Limit Sell 0.00003050 17253.62103694 17253.62103694 0.00003049 0.52491986
10/21/2016 02:23:21 PM 10/21/2016 02:23:21 PM BTC-SLING Limit Buy 0.00007500 17253.62103694 17253.62103694 0.00007499 -1.29725662
10/21/2016 02:22:53 PM 10/21/2016 02:22:44 PM BTC-SLING Limit Sell 0.00003056 17253.62103694 17253.62103694 0.00003055 0.52595248
10/21/2016 02:22:27 PM 10/21/2016 02:22:27 PM BTC-SLING Limit Buy 0.00007500 17253.62103694 17253.62103694 0.00007499 -1.29714334
10/21/2016 02:22:07 PM 10/21/2016 02:22:01 PM BTC-SLING Limit Sell 0.00003012 17153.62103694 17153.62103694 0.00003011 0.51537540
10/21/2016 02:21:43 PM 10/21/2016 02:21:43 PM BTC-SLING Limit Buy 0.00007500 17153.62103694 17153.62103694 0.00007499 -1.28973785
10/21/2016 02:21:30 PM 10/21/2016 02:21:24 PM BTC-SLING Limit Sell 0.00003011 17102.42451400 17102.42451400 0.00003010 0.51366662
10/21/2016 02:21:11 PM 10/21/2016 02:21:11 PM BTC-SLING Limit Buy 0.00007500 17102.42451400 17102.42451400 0.00007496 -1.28526196
10/21/2016 02:20:32 PM 10/21/2016 02:19:38 PM BTC-SLING Limit Sell 0.00003050 10614.87137900 10614.87137900 0.00003049 0.32294420
10/21/2016 02:19:49 PM 10/21/2016 02:19:48 PM BTC-AMP Limit Sell 0.00025800 7208.75669560 7208.75669560 0.00025909 1.86309939
10/21/2016 02:19:24 PM 10/21/2016 02:19:24 PM BTC-SLING Limit Buy 0.00007500 10614.87137900 10614.87137900 0.00007494 -0.79747907
10/21/2016 02:18:50 PM 10/21/2016 02:18:43 PM BTC-SLING Limit Sell 0.00003050 10899.80840078 10899.80840078 0.00003049 0.33161305
10/21/2016 02:18:34 PM 10/21/2016 02:18:34 PM BTC-SLING Limit Buy 0.00007500 10899.80840078 10899.80840078 0.00007499 -0.81952932
10/21/2016 02:18:12 PM 10/21/2016 02:18:07 PM BTC-SLING Limit Sell 0.00003050 10870.23084700 10870.23084700 0.00003049 0.33071319
10/21/2016 02:17:56 PM 10/21/2016 02:17:56 PM BTC-SLING Limit Buy 0.00007500 10870.23084700 10870.23084700 0.00007498 -0.81712997
10/21/2016 02:17:23 PM 10/21/2016 02:17:15 PM BTC-SLING Limit Sell 0.00003050 10766.45894396 10766.45894396 0.00003049 0.32755605
10/21/2016 02:16:50 PM 10/21/2016 02:16:50 PM BTC-SLING Limit Buy 0.00007450 10766.45894396 10766.45894396 0.00007396 -0.79835343
10/21/2016 02:16:29 PM 10/21/2016 02:16:23 PM BTC-SLING Limit Sell 0.00003050 10067.47784451 10067.47784451 0.00003049 0.30629043
10/21/2016 02:16:11 PM 10/21/2016 02:16:11 PM BTC-SLING Limit Buy 0.00006541 5007.88935140 5007.88935140 0.00006540 -0.32838409
10/21/2016 02:16:00 PM 10/21/2016 02:16:00 PM BTC-SLING Limit Buy 0.00006535 5059.58849311 5059.58849311 0.00006534 -0.33146361
10/21/2016 02:15:05 PM 10/21/2016 02:14:56 PM BTC-SLING Limit Sell 0.00003000 5145.22682156 5145.22682156 0.00002999 0.15397091
10/21/2016 02:14:46 PM 10/21/2016 02:14:46 PM BTC-SLING Limit Buy 0.00006526 5145.22682156 5145.22682156 0.00006519 -0.33630585
10/21/2016 02:14:20 PM 10/21/2016 02:14:14 PM BTC-SLING Limit Sell 0.00003000 5144.91112403 5144.91112403 0.00002999 0.15396147
10/21/2016 02:13:57 PM 10/21/2016 02:13:39 PM BTC-SLING Limit Buy 0.00006400 4351.91052082 4500.00000000 0.00006395 -0.27901762
10/21/2016 02:13:21 PM 10/21/2016 02:13:21 PM BTC-SLING Limit Buy 0.00006540 793.00060321 793.00060321 0.00005994 -0.04765391
10/21/2016 02:12:41 PM 10/21/2016 02:12:35 PM BTC-SLING Limit Sell 0.00003000 4297.17680816 4297.17680816 0.00002999 0.12859302
10/21/2016 02:12:21 PM 10/21/2016 02:12:21 PM BTC-SLING Limit Buy 0.00006526 1022.23344507 1022.23344507 0.00005999 -0.06148439
10/21/2016 02:11:37 PM 10/21/2016 02:11:36 PM BTC-SLING Limit Buy 0.00006526 3274.94336309 3274.94336309 0.00004500 -0.14774848
10/21/2016 02:11:20 PM 10/21/2016 02:11:19 PM BTC-XMR Limit Sell 0.01019861 484.15670224 484.15670224 0.01030000 4.97434709





Title: Re: Multiple Bittrex accounts hacked everyone enable 2fa
Post by: gloana on December 08, 2016, 12:32:31 PM
Thanks for explaining this.


Title: Re: Multiple Bittrex accounts hacked everyone enable 2fa
Post by: Strongkored on December 15, 2016, 03:56:41 AM
Setup my Bittrex account with 2fa now, i just think email verification for withdrawal is secure but double safety for my account is the best way, i hope all member should understand about security, always make different password with another account/make uniqe, setup account email with phone number verification, use 2fa for all exchange account


Title: Re: Multiple Bittrex accounts hacked everyone enable 2fa
Post by: Aesthete on January 13, 2017, 08:23:59 AM
I have this version - I had an account on Crypsty with the same login and password. May be this database accounts from Crypsty came to bad guys?

request to the victims - you were on Crypsty with the same password?


Title: Re: Multiple Bittrex accounts hacked everyone enable 2fa
Post by: legendbtc on January 15, 2017, 06:17:53 AM
Mine and another member of this forum have been hacked today, I lost 8BTC worth of alts, i'm not sure how much CosaNostra lost.

https://bitcointalk.org/index.php?topic=1416068.msg14399775#msg14399775

And before you ask, no I did not have 2fa set up (lesson learned).

Have any others been hacked?

Many people will start activating 2fa to their account after seeing your post, really very bad for those stupid who hacked. Many hardworking people used their mind to make some profits in trading, but these stupid people simply hacking account it is really unfair. Better send a support ticket to them atleast you will get back your account.


Title: Re: Multiple Bittrex accounts hacked everyone enable 2fa
Post by: DesertDuke on March 20, 2017, 02:09:18 PM
I just saw this thread. I lost BTC on Bittrex too when I inadvertently clicked on a site that looked like Bittrex after I had googled 'Bittrex'.

Basically I was phished, the login page looked exactly like the Bittrex login page and when I entered my PW and 2FA I noticed that the miscreant then also had access to my Bittrex account and had placed all of my altcoins on AutoSell, it was frightening watching all of my coins get sold by someone else in real time !.

I was lucky however, I just managed to insert my own BTC address from another exchange and transferred the resulting BTC to it before the miscreant could transfer them out, with less than a second to spare. I lost some BTC from the autoselling which sold my coins at a knock down price.

Of course, in hindsight I could have just blocked the account by clicking on the auto email sent when I logged in but I panicked and wasn't conscious of that option at that time.

That was a frightening experience and now I ALWAYS check that the exchange website is the correct one. I ALWAYS use the virtual keyboard in the OS, ALWAYS use 2FA and different PW's for all accounts, ALWAYS use a completely separate email for exchanges than for day to day correspondence.  Good luck out there, it's a dangerous world ! DD


Title: Re: Multiple Bittrex accounts hacked everyone enable 2fa
Post by: ccs5t on May 04, 2017, 03:19:34 PM
Just had my account hacked too. No idea how it happened . The hacker logged in an hour after I did and tried to trade my account down


Title: Re: Multiple Bittrex accounts hacked everyone enable 2fa
Post by: khufuking on May 05, 2017, 07:41:37 AM
Just had my account hacked too. No idea how it happened . The hacker logged in an hour after I did and tried to trade my account down
Did you got hacked just now ? this is an old thread but from what you posting it is appear you got hacked now ! did you have your 2fa on ? please explain more i have an account there .


Title: Re: Two Bittrex accounts hacked today.
Post by: Dogeboi3210 on May 05, 2017, 10:19:44 AM
leigh2k14,

Did you use the same email and password for any mining pool or other sites?

No, I haven't mined for quite some time.

It's unique to bittrex.
Yeah, passwords leaks are everywhere on the internet now. If you don't have 2FA to secure your coins, you deserve to get hacked.


Title: Re: Multiple Bittrex accounts hacked everyone enable 2fa
Post by: dissident on May 07, 2017, 01:54:50 PM
I just saw this thread. I lost BTC on Bittrex too when I inadvertently clicked on a site that looked like Bittrex after I had googled 'Bittrex'.

Basically I was phished, the login page looked exactly like the Bittrex login page and when I entered my PW and 2FA I noticed that the miscreant then also had access to my Bittrex account and had placed all of my altcoins on AutoSell, it was frightening watching all of my coins get sold by someone else in real time !.

I was lucky however, I just managed to insert my own BTC address from another exchange and transferred the resulting BTC to it before the miscreant could transfer them out, with less than a second to spare. I lost some BTC from the autoselling which sold my coins at a knock down price.

Of course, in hindsight I could have just blocked the account by clicking on the auto email sent when I logged in but I panicked and wasn't conscious of that option at that time.

That was a frightening experience and now I ALWAYS check that the exchange website is the correct one. I ALWAYS use the virtual keyboard in the OS, ALWAYS use 2FA and different PW's for all accounts, ALWAYS use a completely separate email for exchanges than for day to day correspondence.  Good luck out there, it's a dangerous world ! DD

I bought a 2D barcode scanner on ebay. You can get them used for 20-50 bucks.  I created a 32 character password that is random gibberish, put it on a QR code, laminated it, and that's my lastpass password.   All of my website passwords are random gibberish created from GRC's random generator and I don't know any of my passwords (except forums, they are set up on a way where I can type them in). The ones for these exchanges are probably 15-20 characters long. An example password would be "S,!60$9RF.UN`_=0P  Lastpass fills them in so any fake websites the lastpass won't detect the site as valid.

2 factor is enabled on everything. The backup QR codes are stored in my safe deposit box. My lastpass recovery email address is a dedicated gmail account with it's own 32 character password, also protected by 2 factor authentication. I don't store that password on lastpass.   Basically everything is as secure as I would make it. To steal my shit they'd need my 2 factor authentication device, an old droid phone, my qr codes, stored in my wallet, along with my lastpass login email address, and they'd have to get all this and use it before I had a change to go and change the passwords.   I already have backup replacement passwords ready hidden in an undisclosed location of my house. Everything's as secure as I can make it. :)


Title: Re: Multiple Bittrex accounts hacked everyone enable 2fa
Post by: majsta on May 10, 2017, 03:53:40 PM
Last night lot of strange things happened. In total about 168K of FTC, 17.5K VTC and bunch of other alts were stolen(destroyed) on bittrex from me. In total 11BTC worth.
All of this happened just after I applied for enhanced account verification, well maybe day after, and that is strangest thing.
Yes I didn't have 2FA, my bad but still I don't get what happened.
He didn't do any single withdraw, instead he was dumping my coins and buying them again at higher price. He was doing that for one hour, imagine that! before that he was logged in for 3 hours into my account doing nothing.
This could indicate buy - sell rotation and that in fact he was sending my coins over his bittrex account without withdrawing them then from there to send them over his account.
Final "sales" happened on ETH and REP.
Question is also this, how is possible that two persons can be logged in the same time to bittrex. Because I m always logged in, I didn't shut down my computer since last year, so keylogger or something is not an option. How is possible that someone could hack password who was unique and used only for bittrex. There is also captcha verification and he could pass it only if he had exact password, so brute force word list or something is also out of the question.
It started from:
Quote
Login Time: 05/09/2017 21:33
IP Address: 213.230.77.40
User Agent: okhttp/3.4.0
then:
Quote
Login Time: 05/09/2017 23:12
IP Address: 204.236.213.246
User Agent: Mozilla/5.0 (Windows NT 6.3; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/58.0.3029.110 Safari/537.36
Tracking down Ip address is just waste of time nowdays...
 
In total 80 buy/sale requests over various coins.
Here is how it started:
https://s6.postimg.org/p7bogwy4d/image.jpg (https://postimg.org/image/p7bogwy4d/)

https://s6.postimg.org/lc8aeceyl/image.jpg (https://postimg.org/image/lc8aeceyl/)

Then there is how ended:
https://s6.postimg.org/z8giq8b7h/image.jpg (https://postimg.org/image/z8giq8b7h/)

https://s6.postimg.org/5f9ihmmkd/image.jpg (https://postimg.org/image/5f9ihmmkd/)

Again what was the point of this if this wasn't something I said earlier to transfer coins to his own bittrex account. This was purely to destroy them all. Any thoughts on this matter?


Title: Re: Multiple Bittrex accounts hacked everyone enable 2fa
Post by: not.you on May 11, 2017, 01:25:35 AM
Last night lot of strange things happened. In total about 168K of FTC, 17.5K VTC and bunch of other alts were stolen(destroyed) on bittrex from me. In total 11BTC worth.
All of this happened just after I applied for enhanced account verification, well maybe day after, and that is strangest thing.
Yes I didn't have 2FA, my bad but still I don't get what happened.
He didn't do any single withdraw, instead he was dumping my coins and buying them again at higher price. He was doing that for one hour, imagine that! before that he was logged in for 3 hours into my account doing nothing.
This could indicate buy - sell rotation and that in fact he was sending my coins over his bittrex account without withdrawing them then from there to send them over his account.
Final "sales" happened on ETH and REP.
Question is also this, how is possible that two persons can be logged in the same time to bittrex. Because I m always logged in, I didn't shut down my computer since last year, so keylogger or something is not an option. How is possible that someone could hack password who was unique and used only for bittrex. There is also captcha verification and he could pass it only if he had exact password, so brute force word list or something is also out of the question.
It started from:
Quote
Login Time: 05/09/2017 21:33
IP Address: 213.230.77.40
User Agent: okhttp/3.4.0
then:
Quote
Login Time: 05/09/2017 23:12
IP Address: 204.236.213.246
User Agent: Mozilla/5.0 (Windows NT 6.3; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/58.0.3029.110 Safari/537.36
Tracking down Ip address is just waste of time nowdays...
 
In total 80 buy/sale requests over various coins.
Here is how it started:
https://s6.postimg.org/p7bogwy4d/image.jpg (https://postimg.org/image/p7bogwy4d/)

https://s6.postimg.org/lc8aeceyl/image.jpg (https://postimg.org/image/lc8aeceyl/)

Then there is how ended:
https://s6.postimg.org/z8giq8b7h/image.jpg (https://postimg.org/image/z8giq8b7h/)

https://s6.postimg.org/5f9ihmmkd/image.jpg (https://postimg.org/image/5f9ihmmkd/)

Again what was the point of this if this wasn't something I said earlier to transfer coins to his own bittrex account. This was purely to destroy them all. Any thoughts on this matter?


The way I understand it is that they have orders in (on their own accounts) on some obscure coins that are far outside of the normal trading range.  If the market depth on those coins is low, then they can use another account to buy through the depth and hit their own posted trades.  So for example they have shitcoins listed at 1 BTC per shitcoin.  Shitcoin only sells for .0000001 BTC but the entire market depth of real sell orders is less than one BTC total.  So they use the stolen account to buy up all the shitcoins including the ones they have listed for 1 BTC from their own account.  Then when they switch back to their own account they have a profit from selling shitcoins for 1 BTC each.  Basically any coin that has low market depth can be used this way.

Bittrex is one of those exchanges that lets you be logged in on more than one computer at a time.  I sometimes have my work computer logged in even though my home computer is already logged in.  As opposed to poloniex which logs out any currently logged in session when a new one is logged in.


Title: Re: Multiple Bittrex accounts hacked everyone enable 2fa
Post by: marketone on May 11, 2017, 02:33:43 AM
Setup my Bittrex account with 2fa now, i just think email verification for withdrawal is secure but double safety for my account is the best way, i hope all member should understand about security, always make different password with another account/make uniqe, setup account email with phone number verification, use 2fa for all exchange account

Now a days every exchange is facing same situation, so we have to care about your accounts by setting them with 2fa. We don't know exactly when fraud people will hack exchanges. So we have to be very careful and by setting 2fa.


Title: Re: Multiple Bittrex accounts hacked everyone enable 2fa
Post by: WarrEagle on May 15, 2017, 11:00:25 PM
I've never been hacked, but always take the necessary precautions. 2FA is a no brainer, along with strong password security, also run MalwareBytes, they have the strongest detection engine and will usually catch the zero day stuff based on heuristics.


Title: Re: Multiple Bittrex accounts hacked everyone enable 2fa
Post by: betlord90 on May 16, 2017, 01:18:55 PM
Setup my Bittrex account with 2fa now, i just think email verification for withdrawal is secure but double safety for my account is the best way, i hope all member should understand about security, always make different password with another account/make uniqe, setup account email with phone number verification, use 2fa for all exchange account

Now a days every exchange is facing same situation, so we have to care about your accounts by setting them with 2fa. We don't know exactly when fraud people will hack exchanges. So we have to be very careful and by setting 2fa.

People thought that they are invincible from those attack and they doesn't want to take the hassle setting up the 2fa feature in their account but if they where been hit and compromised then im pretty sure that they will add that feauture immediately. Same on what happens to me i never setted up my 2fa until i've been hacked by unknown guy who spread some bounties and asking our email to received his freakin freebies and the result of that he breached unto my bittrex account and learned so many things after that hack.


Title: Re: Multiple Bittrex accounts hacked everyone enable 2fa
Post by: bosamfo on June 20, 2017, 08:19:06 PM
So i was not crazy after all. The same thing happened to me yesterday (19th June, 2017) night too (close to midnight) although i have 2FA enabled with a verified account. Yes i have 2FA enabled even as i write, unbelievable but it happened. I posted in a group to warn members of my plight so they atleast move their hard earned money to their offline wallets and they laughed at me, and blamed for my loss 🙁

I did some search and realized i was not the only one on that day. Check this out: http://highoncoins.com/cryptocurrency-trading-tips/do-not-use-two-factor-authenticatoin-with-bittrex/#comment-12347 (http://highoncoins.com/cryptocurrency-trading-tips/do-not-use-two-factor-authenticatoin-with-bittrex/#comment-12347)

I hope in the future Bittrex enables the possibilities of withdrawal confirmation emails even with 2FA, so at least one would stand a chance against the hacker if once email account is not already compromised. Such is the case in Perfect Money and Coinpayments

So my advice is to please keep your hard earned coins/btc offline esp those you are holding for long term and not trading with.

Thank you

NB:
please do not belittle my comments, call me names, call me a liar or worse and think or say to yourself "this will never happen to me". Ask me last week and i would have sung the same song. This hacking business is real and it could happen to you. 


Title: Re: Multiple Bittrex accounts hacked everyone enable 2fa
Post by: M4nUnit on June 21, 2017, 12:04:41 AM
Hi all!

I got hacked on 19th June too, around 1am. The hacker sold around 0.7btc of Altcoins to buy Bitcoin. 2FA was not enabled, I did it right now.
I don't understand something, I cannot see it in the login history.


The orders were sent around 1am, but nobody logged in during this 19th of June. How is this possible?


Any chance to recover these altcoins with Bitrex?


Title: Re: Multiple Bittrex accounts hacked everyone enable 2fa
Post by: enta2k on July 27, 2017, 02:44:06 PM
I guess you mail got compromised too.
Sry Iīm a bit late :D

You canīt be paranoid enough with altcoins, enable every security feature you can.


Title: Re: Multiple Bittrex accounts hacked everyone enable 2fa
Post by: Nicol3 on July 27, 2017, 03:26:52 PM
I think it's the safest thing to do in you enable 2fa on your bittrex account especially now there are a lot who have been hacked. So to be safe and won't regret afterwards then better place a 2fa asap.


Title: Re: Multiple Bittrex accounts hacked everyone enable 2fa
Post by: dashingriddler on July 27, 2017, 03:49:39 PM
I just saw this thread. I lost BTC on Bittrex too when I inadvertently clicked on a site that looked like Bittrex after I had googled 'Bittrex'.

Basically I was phished, the login page looked exactly like the Bittrex login page and when I entered my PW and 2FA I noticed that the miscreant then also had access to my Bittrex account and had placed all of my altcoins on AutoSell, it was frightening watching all of my coins get sold by someone else in real time !.

I was lucky however, I just managed to insert my own BTC address from another exchange and transferred the resulting BTC to it before the miscreant could transfer them out, with less than a second to spare. I lost some BTC from the autoselling which sold my coins at a knock down price.

Of course, in hindsight I could have just blocked the account by clicking on the auto email sent when I logged in but I panicked and wasn't conscious of that option at that time.

That was a frightening experience and now I ALWAYS check that the exchange website is the correct one. I ALWAYS use the virtual keyboard in the OS, ALWAYS use 2FA and different PW's for all accounts, ALWAYS use a completely separate email for exchanges than for day to day correspondence.  Good luck out there, it's a dangerous world ! DD
There is a fake bittrex website now when you google it? :-[

This was the same thing with all those myetherwallets being hacked.
They went to the site after they google gave them the site with the 'net' at the end instead of the real site which is 'com'.  :-\


Title: Re: Multiple Bittrex accounts hacked everyone enable 2fa
Post by: nydiacaskey01 on July 27, 2017, 03:56:11 PM
Aside from 2FA, I access websites that I frequently visit using my bookmarks, that way I don't have to Google for the site, I don't even click links from Facebook or emails that I receive specially if the given link has been shortened. I also dont access Bittrex or Poloniex using someone elses laptop, computer or smart phone, not even in a public internet cafe.


Title: Re: Multiple Bittrex accounts hacked everyone enable 2fa
Post by: Blake_Last on July 28, 2017, 01:40:28 AM
I received a message from Bittrex that my account has abnormal activity generated from an unknown IP address. I had it protected with 2FA so I don't know how it was possible. The fact that I'm only using one IP address made it a bit strange. Does anyone here also receive the same message or notification from Bittrex? I've sent all my balance to different wallets and disabled my account for the meantime, but I still plan to create another account with them in case this security issue is solved.


Title: Re: Multiple Bittrex accounts hacked everyone enable 2fa
Post by: FireBurn on July 28, 2017, 02:49:20 PM
I am using bittrex and have turned on 2FA! Hope you draw experience for account management


Title: Re: Multiple Bittrex accounts hacked everyone enable 2fa
Post by: enta2k on July 28, 2017, 04:07:51 PM
If you have weird activity warning, I would change my mail password, bittrex password (afterwards) and run a few anti virus/fishing programs.

Might seem a bit extreme, but I had a case where my mail got hacked and with that they were able to get all my other informations.
Now im super paranoid :D

I scan my pc once a week and look for everything suspicious.


Title: Re: Multiple Bittrex accounts hacked everyone enable 2fa
Post by: tanghere02 on July 28, 2017, 06:04:13 PM
Seriously is this happening? I am beginning to get paranoid also about those hacking news, a lot have been hacked either Bittrex or the Poloniex site and I am beginning to get scared of this hacking.


Title: Re: Multiple Bittrex accounts hacked everyone enable 2fa
Post by: chiznitz on July 28, 2017, 10:00:00 PM
Seriously is this happening? I am beginning to get paranoid also about those hacking news, a lot have been hacked either Bittrex or the Poloniex site and I am beginning to get scared of this hacking.

There are numerous phishing sites that currently show up as advertisements if you use a google search to find our site.

The recommended solution is to make sure you always type https://www.bittrex.com into your browser so that you can be certain you are on our site.  You can also check the certificate to make sure it's issued to us.

Please make sure you also have two-factor enabled on your account.  These phishing sites are advanced and get the user to enter their 2FA code twice so that it can be used for login and withdrawals.

Visiting https://www.bittrex.com directly is the best route always to get to our site.

Thanks

Ryan @ Bittrex



Title: Re: Multiple Bittrex accounts hacked everyone enable 2fa
Post by: enta2k on July 30, 2017, 05:15:51 PM
Seriously is this happening? I am beginning to get paranoid also about those hacking news, a lot have been hacked either Bittrex or the Poloniex site and I am beginning to get scared of this hacking.

Cryptos are still a little dangerous to play with and even more If you put a lot of money in it.
Thatīs why you should never have a big amount of valuable coins on a exchange.

Best way to save your coins are hardware and paper wallets.


Title: Re: Multiple Bittrex accounts hacked everyone enable 2fa
Post by: marketone on July 31, 2017, 12:06:07 PM
Seriously is this happening? I am beginning to get paranoid also about those hacking news, a lot have been hacked either Bittrex or the Poloniex site and I am beginning to get scared of this hacking.

Cryptos are still a little dangerous to play with and even more If you put a lot of money in it.
Thatīs why you should never have a big amount of valuable coins on a exchange.

Best way to save your coins are hardware and paper wallets.

Yes, we have to secure ourselves from the thieves because there are many people who will keep on sending emails to steal our coins or money. But we have to be very careful while clicking those links. We have to check twice before clicking those links.


Title: Re: Multiple Bittrex accounts hacked everyone enable 2fa
Post by: Raminder1983 on August 14, 2017, 10:13:24 PM
Mine and another member of this forum have been hacked today, I lost 8BTC worth of alts, i'm not sure how much CosaNostra lost.

https://bitcointalk.org/index.php?topic=1416068.msg14399775#msg14399775

And before you ask, no I did not have 2fa set up (lesson learned).

Have any others been hacked?


I have been hacked today with 3 btc. Some strange buying and selling has happened has happened. In todays value i have lost 10000 usd. To be honest, i cant sleep now. That is all the money I had.

This happened on bittrex and the worst part is as per bittrex my account was logged in today with just my mobile and nothing else. I use andriod. I get an email notification everytime i login to my bittrex account. I logged in today just once. Immediately after that my account started unsual buying and selling. No withdrawal happened.  I realized this late in the night when all money was lost. Wondering how bittex system allows such hacking. Please suggest what I can do.

P.S i did not f2a. The first thing i will do is f2a all my accounts.


Title: Re: Multiple Bittrex accounts hacked everyone enable 2fa
Post by: elektibi75 on August 15, 2017, 04:53:05 PM
Mine and another member of this forum have been hacked today, I lost 8BTC worth of alts, i'm not sure how much CosaNostra lost.

https://bitcointalk.org/index.php?topic=1416068.msg14399775#msg14399775

And before you ask, no I did not have 2fa set up (lesson learned).

Have any others been hacked?


I have been hacked today with 3 btc. Some strange buying and selling has happened has happened. In todays value i have lost 10000 usd. To be honest, i cant sleep now. That is all the money I had.

This happened on bittrex and the worst part is as per bittrex my account was logged in today with just my mobile and nothing else. I use andriod. I get an email notification everytime i login to my bittrex account. I logged in today just once. Immediately after that my account started unsual buying and selling. No withdrawal happened.  I realized this late in the night when all money was lost. Wondering how bittex system allows such hacking. Please suggest what I can do.

P.S i did not f2a. The first thing i will do is f2a all my accounts.

So, basically they hacked your account via your phone? Did you use your home wifi or you were somewhere in public place? I never use mobile for trading...


Title: Re: Multiple Bittrex accounts hacked everyone enable 2fa
Post by: Hijet on August 17, 2017, 02:46:34 AM
So, basically they hacked your account via your phone? Did you use your home wifi or you were somewhere in public place? I never use mobile for trading...

No, it was a brute force attack. The same thing happens to me and to a lot of people without 2fa.
The same strange trading activity sell\buy many times to the bottom of my balance.


Title: Re: Multiple Bittrex accounts hacked everyone enable 2fa
Post by: lhohen on August 17, 2017, 05:31:53 PM
Yes I was hacked and lost everything what can I do to get it back or am I shit out of luck I thought that was a secure site?
 


Title: Re: Multiple Bittrex accounts hacked everyone enable 2fa
Post by: PieEatingGoat on August 26, 2017, 09:08:58 AM
Regarding 2fa, what happens if you loose your phone? Is it tied to the google account you use for your phone or the actual phone itself?

Also, is there such a thing as a browser add on that monitors for urls containing 'bittrex', and automatically redirects to the real bittrex? If not, could you do this in the windows host file?


Title: Re: Multiple Bittrex accounts hacked everyone enable 2fa
Post by: maeusi on August 26, 2017, 10:00:23 PM
That is really terrible. But if many users were hacked, then maybe bittrex was hacked and there would be a chance to get charged back by Bittrex, as they already did.


Title: Re: Multiple Bittrex accounts hacked everyone enable 2fa
Post by: 3months18w on August 27, 2017, 04:25:53 AM
Mine and another member of this forum have been hacked today, I lost 8BTC worth of alts, i'm not sure how much CosaNostra lost.

https://bitcointalk.org/index.php?topic=1416068.msg14399775#msg14399775

And before you ask, no I did not have 2fa set up (lesson learned).

Have any others been hacked?
Sorry to hear that, I will use 2FA to protect my balance. Thank you.


Title: Re: Multiple Bittrex accounts hacked everyone enable 2fa
Post by: sammrheza on August 28, 2017, 10:53:46 PM
so if we enabled 2Fa it is make our account secure ? , ahh this is horrible ..


Title: Re: Multiple Bittrex accounts hacked everyone enable 2fa
Post by: claustro101 on August 30, 2017, 11:04:06 AM
My account in Bittrex was hacked and I did not have 2fa activated, 2 BTC stolen. So I warned all my friends to activate it 2fa. I doubted their usefulness, they stole everything in 3 seconds.

A month later it is confirmed what I say. To my friend they have hacked the account having activated the 2fa.

The 2FA is not worth anything at all. The thefts in Bitrrex are consented by the company. The thefts are produced by Bitrtrex employees and former employees.

In Spain a group is being created to denounce this company.


Title: Re: Multiple Bittrex accounts hacked everyone enable 2fa
Post by: bbsaver on August 31, 2017, 05:15:41 PM
jaust happened to me too. lost 7 btc and i am not long here. all savings from past years. watch out! dont use google, nor bookmarks, always type all letters on your own
https://www.reddit.com/r/Bitcoin/comments/6wlbp5/bittrex_phishing_alert/?st=j70l8ubx&sh=cc67fcf2


Title: Re: Multiple Bittrex accounts hacked everyone enable 2fa
Post by: Thiagosanto on August 31, 2017, 08:53:01 PM
Im sorry for your losses!

I have activated 2fa since the beginning but I have an important question:

Since one month I had the coming "problem ca. 5 times:

After typing my code there came sometime an error note like: code is wrong, please check your timezone (time is correct and Im typing the code correctly and fast). The first times I was scared to type a second code after this error note, because i knew about this phishing things..

Does someone know something about this problem??


Title: Re: Multiple Bittrex accounts hacked everyone enable 2fa
Post by: ssonny0 on August 31, 2017, 08:56:49 PM
dont use google, nor bookmarks, always type all letters on your own

Why no bookmarks? Sounds a lot safer to me than googling for bittrex every time?


Title: Re: Multiple Bittrex accounts hacked everyone enable 2fa
Post by: adpinbr on September 01, 2017, 04:01:37 AM
Might i need to turned and use 2fa now because of what i see that many bittrex accouns have been hacked now. But i think are account can't hack if we even not login into a wrong bittrex.com website just be alert whether were domain we our


Title: Re: Multiple Bittrex accounts hacked everyone enable 2fa
Post by: torry28 on September 01, 2017, 04:16:50 AM
dont use google, nor bookmarks, always type all letters on your own

Why no bookmarks? Sounds a lot safer to me than googling for bittrex every time?
Bookmarks is the safest solution to prevent you login in phising site. First you need to type and make sure if the domain is the real bittrex, and bookmark it.

Might i need to turned and use 2fa now because of what i see that many bittrex accouns have been hacked now. But i think are account can't hack if we even not login into a wrong bittrex.com website just be alert whether were domain we our
It could be by bruteforce