Bitcoin Forum

My coinbase got hacked today. I got a message on my phone saying that my password had changed. I attempted to follow instructions to stop it, but by the time I had, it was too late and the theif emptied out my hot wallet. The only saving grace was that coinbase has vaults which give 48 hour delay. I wish that I would have transferred more coins to the vault as they were protected. Coinbase has some serious vulnerabilities, but whoever the thief was was able to login from my IP and was able to login to my email despite the fact that I had just changed my password. Be careful out there. Cold wallet your coins.

It's never a good idea to store coins on exchange. However I doubt Coinbase has serious vulnerabilities. What happened is that you most likely got infected with a RAT. Its not a problem for the hacker to log in with your IP and your email really. Ways to prevent this is usage of 2FA

I do use 2FA. I need google authenticator every login. I wish it would have been SMS. I'm not sure how this happened. I just wish I would have kept more of them in a vault, or sold my hot wallet contents earlier.

I'm pretty sure you're alot more likely to be easier to be hacked if you're using SMS authentication rather than Google's 2FA.

There's like a 90% chance that the problem is on your side and not Coinbase's. If Coinbase actually got hacked then the news should be spreading fast like wildfire. Any chance that you're using the same password in multiple websites? Also, definitely do a malware scan on your computer asap.

So I guess what happened is you have 2FA activated but you ticked that box that asked you to never ask you again in 30 days for the same computer. Did you use a public computer? I don't tick that box that disables 2FA in 30 days. It beats the purpose of having 2FA security and again it's not a good idea to store your coins in an online wallet.

I don't think it is possible to bypass 2FA or crack it. You should keep all the funds in vault and if keeping on exchange secure it by 2FA on login and withdrawal.

SMS 2FA is more vulnerable to spoofing than Google Authenticator.
But despite of any vulnerabilities.. you should never store coins longer than necessary on an exchange.
You should definetly run a full malware scan.
Do you have any clue how this happened? Did you already scan your pc for malware?
Did you logon from mobile phones? Or via hotspot? Did you always check you are on the official site? Also checked TLS encryption (https)?
If you have different passwords for coinbase and your email account and you never reused a password twice the chances that
you are infected with a trojan is very very high. In this case clean your PC, get a fresh OS and only then start storing
bitcoins (or login credentials to exchanges) on your pc again.

This is sad. I don't think coinbase is vulnerable though. Just a note, never keep your coins in an exchange site for too long. Secure your wallet address in a place where it cannot be easily stolen. I do 2fa for my accounts in exchange sites too and i never have problems with it. That's the best way to feel secure about my investments.

Everybody I know is saying not to store coins in Exchanges. But when you are into day trading, how do you manage that. Having coins in the exchange is pretty much easy to buy/sell in sudden market movements

That's why it is always said not to store your bitcoins in exchange ever.We are already familiar wit Mt.Gox collapse.But even now,some newbies don't know about the seriousness of storing bitcoins in exchanges.

Always store in desktop wallets like Electrum which are safe and secure.

Oh well, hackers strikes again and I'm sorry for you lost. I think they found vulnerabilities in you. Vault is a good practice as well as Google Authenticator. We preached not to put a lot of bitcoin in a exchange because of the chances of a hack, so I also hope that what they took from you is just a small amount of bitcoins, used only for your day trading. I familiar with RAT virus or malware though, will try to research later so that I can prevent myself for being hack as well.

It is not really recommended to keep your coins to an exchange because it's prone to hacking activities andany frauds, so, if you want to keep your coins store it on hardware wallets or if you don't have that one maybe you can use cold wallets for long term or hot wallets if you used your coins everyday. Online web wallets are not good wallets to keep your coins because it isn't a private one though, so better move to keep it on a cold, hardware and paper wallets for better security.

You most likely have a rat (remote administrator tool) on your computer allowing that very hacker to see everything you do and type,  and also to remote control your computer as well as using his computer to browse from your ip address.  My guess is that he grabbed your login for your email and used a reverse proxy to login and change your info and take your btc.  I would recommend checking your computer for malware and also checking your startup entries. If that doesn't get rid of the hacker,  then you probably should just reset and keep only what you need.

To OP and hodlers;

Get an USB
Install persistent ubuntu with Electrum
When you want to send some coins, reboot computer and plug USB and switch to Ubuntu
Don't connect the internet when USB is plugged
Broadcast the transaction
Reboot
Switch to Windows
Verify the transaction

I believe this would be the most secure way.

I'm sure this advice given thousand times but; If you can afford Bitcoin, you can afford a damn Trezor or Ledger Nano. Better safe than sorry.

That's why I'm not going to store most of my bitcoin on an exchange because there's no perfect exchange. I just can't understand on how did the hacker was able to log in with your IP, are you exposing your details online or you are sharing someone with your internet? Did you reached out the coinbase support and asked to help you with your problem? You should ask them to help you since it's also a fault to their system until finding out that it's your fault.

Quiet odd that you didnt activate that sms verification. Ive been using coinbase and this security features ive been using which it do send codes into my mobile phone number  and then an email verification before you would able to log in completely.I suspect theres a RAT on your pc which the hacker did able to know all the credentials needed for accessing your account.

Every day a new case of lost / stolen BTC from online,but also from desktop wallets tells us that people just do not stick to the most basic things when using computers and the internet.It does not matter do you keep BTC on online or desktop wallet if you let something bad to infects your PC,such is this RAT(remote access trojan).I agree that if you have a significant amount of coins hardware/paper wallet is something that simply must be used.

I think your 2fa was compromised some how.
Or if you have not enebled 2fa it was your fault.
Though i feel for your loss and pain .
In September i also lost 3000usd from poloniex even i have 2fa enabled there.

I just know about the coinbase has 2fa verification and why you are no using it. The possible thing about you were getting phishing. If the hacker be able to login into your email and that will be the end of the story.
Or another speculation about your computer got infected by ransom ware. Remember to not to publicly your email address that has used to store all of your data.

Basically,the hacking was possible by using a RAT !
Your security is already compromised !!

You need a fresh laptop or even maybe you can get a brand new laptop !!
Sorry bro.

Maybe your computer is filled with virus or many during transaction there might be open tab or links in your browser in which you accidentally  click into either way what's  done is done lesson learned you should never store your coins in coin bank during transactions.

That's the reason why exchange offers several combination of security for any transaction, to suppress any unauthorized transaction.

Beside password, we have to enable Two Factor Authentication, we can also set IP white listing, or Withdrawal white listing.

Remember when setting your password it should be a strong password, which a combination of Big and Small Letter, Numbers, special Characters and at least 25 to 30 characters long.

https://www.lifewire.com/strong-password-examples-2483118 (https://www.lifewire.com/strong-password-examples-2483118)  

and don't forget to tighten security of workstation.

OS updates, Anti-malware, browser protection.

how can , I still ask if you go to a fake site, I have an account in coinbase too,
I think coinbase is safe enough, it will be lesson for me to be more careful again .. :)

my advice is dont tell anyone your password and email about bitcoin, second safe your password only on you mind or you can write it in paper with some code encryption, second check twice about the url that you visit is the link is valid or its a fake one

Sorry to hear that mate. Hope it wasn't much but yes it was totally wrong to leave coins on an exchange.
Why would you do that ? Even if they weren't stolen, what if the exchange just goes down ? Or turns out to be scammy suddenly ?

Definitely not a good idea ! Your coins would be gone the same way they were. I've been saying this almost every single week. DON'T leave coins except in your own wallet and in an address that you have the private keys to saved somewhere safe.


You changed your password recently and he could get it that easy ? Well, this suggests one thing only ! The thief hacked into your computer and must've installed some sort of key logger. Hacking stuff are crazy, he might have just used your computer (remote control) and send the coins (I guess you probably have your login info saved in the browser ? ) or even worse you got tricked into entering your login info into a fake phishing site that was sent to your email and you thought it's from them.

Plus don't they have 2fa ? If it exists and you didn't set it up, that's definitely a huge mistake.
Well, we learn from our mistakes but I guess this was a costly one.

Thanks for your experience but now a days we cant even trust ether wallet for holding tokens lots of hacks happening. But i dint heard about bitcoin wallet hacks. in my country its difficult to find hardware or cold wallet .

It feels sad and scary to know about that what happened but thank you for sharing this because this will be a warning for us to be more secure in our wallet. I learned a lesson from this.

I have some bitcoins in an exchange, now Im planning it to withdraw. I used electrum once so maybe I should use a desktop wallet now.
Anyway, Sorry to hear about what happened to OP. Next time just add more securities to all your wallets.

 what is your opinion of mycellium wallet. is it safe?

OP, sorry for your losses. You really have to stop using exchanges.



Getting a hardware wallet will be safer. Since you are storing BTC which is valuable, get a hardware wallet under $100 to safeguard your BTC and Altcoins. Treat it as an insurance or something. Hardware wallet is definitely worth the money.

To answer some questions: This does appear to have been caused by malware. Which I've cleaned up

The vulnerability is that anyone could mask your IP and do a forgotten password exploit. This guy was able to loginto my email and clicked the link from there. Apparently there is no 2 step authentication when logging in after a new password is created. He was able to drain my hot wallet despite me replying to the text and via email that I did not change my password.

I did not keep myself off 2fa authentication for 30 days.

I have not heard too much from coinbase and I am worried that this vulnerability. I figure that this is a loss.

I am however keeping on the sunny side as I have still not lost any money in bicoin despite the theft.

Be careful out there.  

I find it hard to understand why coinbase would have it so if you reset your password there is no 2FA?  Most other exchanges block you from doing stuff after a password reset not lessen your security and give you more freedom. Never used coinbase so dont know.

Sorry to hear it. You taught me a valuable lesson. I assumed that exchanges as Coinbase are quite safe.

Its so sad. That's the reason why i suggest people to use hardware wallet instead online wallets. Now days its easy to hack everything. Hackers are now more cleaver than before. Anyways people learn from his mistake you should not store your bitcoin in exchange. Again i suggest you to use hardware wallet like Ledger Nano S

it's safer to keep coins in the cold wallet or hardware wallet

I never keep coins for a long time in the account on the exchange. I go translate the coins just before exchange to Fiat. After the exchange, I immediately transfer money to a Bank card. If transaction cost would be below these problems could have been avoided. The time of the transaction must also be reduced to a minimum.

I agree with you but I'm still curious that there are a lot of topic like "which wallet should I use?", "How to keep my Bitcoin safe?", "Which is the best wallet?".....so many topics like that in here but I think people just want to ask but they don't really care about other opinion and experience :)). They received a lot of good advices that they only should use Off wallet and Coldstorage wallet but they still use web wallet or exchanges.

This is sad i am also using coinbase and have the sms authentication it asks for sms before withdraw. After your incident i may think of transferring my coins to some other wallet.

Not sure how it can be possible. Even sh*t exchanges like nova will send an email to your account asking you to confirm the withdrawal. Why is this not done on coinbase?

Okay this is some serious issue, and i am really sorry for your trouble. But even when you lose, you still can share this wonderful knowledge to all of us.
So, i learn some things.
1. Exchange is some website or smartphone app wallet
2. Hard wallet is like a usb device that store all your coin in it and it is safer because it has some extra protection.
3. Do not store bitcoin long enough in an exchange app

So for me, who does not have hard wallet, i guess it is better if every time i get bitcoin i will directly trade it to fiat currency? Or do you guys have any idea and experience on how to keep bitcoin safely without hard wallet? Please do tell us, share some knowledge.

Kraken sends an email but its not a click to confirm withdraw one etc.  It just tells you withdraw is happening and to stop into you have o take action. What they do though is not allow any withdraw address to be added unless confirmed via email.  The OP is saying his email got hacked though so would not have saved him.

Sorry to hear about this, no matter how it happened, it hurts.
As said even with RAT your 2FA should have stopped the login.
Trading requires some coins to be on an exchange but you should only keep what you're actively trading.
If someone is concerned about the technical of using ubuntu etc then just get a trezor.
It's a great level of security that's easy to use

There are plenty of ways to secure wallets and keys. It's jist that you're too confident on storing your coins in exchange. After buying or selling, you better pull or widthraw everything.

I feel so sad. Its your shocking story. I know how you struggle hard to earn these bitcoin and at the end someone stole it. I think you learn something from it. You should not use the online wallet. Try to use hardware wallet instead of Software Wallets. Hardware wallets are bit expensive to maybe you should try Software you can download it from internet.

That does not need dude. If you keep on checking your wallet and having the e-mail security with the two factor authentication means you can use the exchange or online wallet. Nothing will cause a problem to you.
Maximum you can have desktop wallet which is easy accessible and can use it any time and keep your private key and wallet seed from others.

I second this idea. Sounds like a RAT attack to me. There's no way some random person can quickly know an IP and mask theirs as the slave IP. Chances are that the person sent you some adware or you stumbled on a bad file that gave path to someone's RAT. Be very careful with what you download on the internet nowadays. People will come at a few coins with whatever they have. Bitcoin offers no security to you even if you do get scammed or robbed.

if you not want to hold your coins maybe it is better to do that, i always sell my coins and left around 0.05-0.1 in my local exchanger wallet.the reason is same with everyone maybe. i afraid if get hacked

Sorry to hear bad news like this. I don't understand why you didn't enable 2-factor authentication? You should enable on any website that supports it for example (Amazon, NiceHash, LocalBitcoins, Gmail and all exchanges that support 2FA) Ebay don't have 2FA but if they do I will enable too.

Next time you will know, it's not safe to keep BTC or ETH or any other crypto on exchange, one day even most trusted exchange can be in troubles (like BTC-e)

We all make mistakes, and it doesn't matter if you the newbie or experienced user. I was in hurry and transferred eth to another exchange into other Token address, theoretically, I lost my Etereum but I contacted this exchange and after mentioning I will leave negative feedback on forum and Trust Review website I had another reply from Tech support that they will check for me and get them back, exchange fixed this for me, even they state Tokes send to wrong address are lost.

Are you able to file something with coinbase to let them know that you were hacked?

Is there any chance that you weren't really hacked but instead what happened was that someone you know or has access to your computer might have done this?

Does anyone else know your password to your PC and or phone??? Do you share a computer?

Your lose gives lesson to everyone specially to those who are new in this. Everyone learns from mistakes. There are lot of theft and hacker around the globe and it is hard to find which security is good to use so they cannot enter in such way. It is better to not leave the money in any transaction site specially if it is big amount because it is hot in the eye on the theft.  

Most likely is that coinbase is not at fault here their security seems good so the only way for hackers to breach your account and access your email is some kind a remote access tool that infected your computer and got all your credentials then spoof your IP that's why he was able to hack the 2FA.

It's never a good idea to keep your money in exchanges especially when they are being hacked all the time. I thought you would have had more stringent security measures in place to prevent these kind of this like a 2FA security which makes it a bit harder for hackers to gain access into your account.

Besides 2fa, lot's of exchanges disable withdrawal for 24 hours after changing credentials.

This is quite sad,scammers and hackers on the move daily,reason whu caution has to be the watch word, I do not respond to message that has to do with change of password
Coinbae need to strengthen there site against intruderd

Having coins on exchanges is like putting your money in a not-so-hard glass case--it barely has protection and can be destroyed anytime. I myself have learned this lesson the hard way and from then on, I don't care how paranoid people might think I am because in reality you'll wont think hacking is possible until it happens to you.

really much hassle but really really safe way.
i thought that 2FA is more than enough, but i can't think of where did the OP miss

If you have a lot of coins in coinbase that amounted to hundreds or thousands of dollars, I would suggest you buy TREZOR or Ledger Nano and transfer a big part your coins there.

I am sorry for your loss and also thanks for your information i am quit new to crypto currency trading i started trading some altcoins in different exchanges and keep them in exchanges by believing exchanges are safe now i am not keeping any of my holding in exchanges.

Yes quite astonished to see that people dont use 2FA. I have kept my exchange accounts safe with 2FA but I am not quite sure how is the new number patched every minute. I mean is there a unique number for my mobile's IMEI number or for my gmail account because if its for gmail account then its not much safe. Moreover I have always been against keeping your coins on exchange it isnt much surprising if coinbase themselves might have hacked your account.

I think coinbase is safe and that you are infected. Could it be that you were downloading things from the internet ? Always use more than 3 virus scanners for more safety.

Don't click on links that somebody just gave you. You need to check the url search it on google for example.

If your BTC wallet was hacked, its not the fault of coinbase because they have all bases covered from 2fa to suggesting a strong password. You also need to do your part by changing your password from time to time and not using a password that is very common like your date of birth and don't click any links sent you via private message or not ever.

That's why I installed 2FA for all my email, because I save private information in it
The only concern for now is MEW which is currently only secured by Pv Key without additional protection, hope they will add 2FA soon

Sorry about your loss. I concur with you,it is best to store your coins in a cold wallet.

Coinbase is a joke but they're not at fault here. No 2FA means you leave yourself vulnerable.

Its bad idea to use exchange instead your wallet, you must store your balance in a secure wallet that you can have the control.

Some exchanges like Bittrex, you need to confirm if you have access to another IP, it is more secure, even if you compromised your password and did not have 2FA active, the thief would't access your account.

Anyway 2FA should be mandatory if you cares about your security.

I am user of coinbase wallet about 2 years ago.Till now not faced such kind of situation.I am using mobile number verification and email verification for preventing hack.Its a good way to kept safe my wallet from hack.

Well i guess you were opening different sites. Mostly hackers encryps hacking codes in pop-ups and then gather your account informations. Be safe next time ! Been there done that !

I think someone knows with you. how could she get on your phone. I think it's planned, maybe your tokens are so many, so you are a target for those who want to plan on stealing your wallet.

I don't know how to safely day trade - you have to trust the exchange in the end - and this is why even if I can see a price change that I know is the opportunity to buy or sell, I simply keep a low profile, hold to my bitcoins and wait through the price change. This is not the most rewarding strategy, but much much safer. I had my money in a cold wallet and now I am testing a hardware wallet, both are secure I think.

Oh, it occured to me the moment I posted the last reply - there is this functionality in some of the hardware wallets, they provide 2FA using built in private keys. The device is separated from the computer and the phone, so probably it is unhackable (?). You could read about it and maybe use it in the future. That will not bring your funds back, but maybe it will secure your future funds. I have never used it so you must do your own research.

We must learn this as a lesson from another user do not store your hard earned bitcoins on an online exchange wallet for a long time use a desktop wallet instead phising site is everywhere hacking is everywhere so we must always aware of official websites of this exchanges check first if https encryption is present in the beginning of every web address always bookmarked it on your favorite browser beware of look a like sites your system might be compromised.   

An online wallet is never safe, the better thing is to use an offline wallet, stored in a computer used only for that
And an exchange wallet is worse than all, because they can disappear with your money

Yes we should not store our bitcoins in the online wallet because there are many scammers and hackers now that are wanted to steal bitcoin for their own wants without knowing the other emotion if they steal it. Online wallet can now be hacked by a different way but the most popular now is using the phishing sites that can get our all login information in the site.

This is the reality why the bitcoin is being use and the why the bitcoin is helping all the people as you are aware of the bitcoin wallets that the bitcoin has the a lot of the wallet and the payment through the bitcoin wallet is now the way of the profit and the income indeed I am aware of it that as much the bitcoin getting wide the bitcoin is getting expensive so according to me the bitcoin is really good to invest on time.

Use the precautionary measure to save your capital from the dark web monsters and I also apply a lot for security protocols to save my personal information from the hackers and as there are a lot of people around me who are complaining same thing this is not the fault of bitcoin this is totally fault for the user that he must have to secure his asset and as you have so precious coin then apply security to save it man.