Bitcoin Forum

I just got hacked. It's all gone.

I hear my gmail notification chime on my phone. I check my phone, I have an email that shows I just logged into btc-e... no I fucking didn't, Wasn't even near my computer.

I log into btc-e and check the trade history. It shows I just bought coin with all the money (I was full fiat) in the account and then immediately transfered it to this account.....

#324134123   /    -X.XXXXXXXX BTC    /    Withdrawal BTC to address 1BdcBn6Hri5va5RhX2bgqfaRK1TxaZ4ZYm
 @  01.02.14   /  04:26:54

It shows I bought on Feb 1st... it's still the 31st where I am.

I emailed BTC-e already... What else can I do?
 

that sucks. i am sorry to hear it. :'(

are you sure btc-e is being hacked? sounds like you got hacked.

You probably have a keylogger. Sucks to be you! Don't keep more on an exchange than you can afford to lose.

It sounds like your password got stolen, not neccesarily btce itself hacked.

This is one department I'll admit that hodlors have a clear advantage.

What is a keylogger?

Isn't stolen and hacked the same thing?

Why didn't you use 2FA (two-factor authentication)?

--

PS. It's quite concerning reading the number of people getting hacked on btc-e. Yes, this might be outside forces, but still the number seems higher than bitstamp users who are hacked.

I have 2FA via Google Authenticator on my phone turned on for everything; logging in, transfering money, changing details, etc.
And it needs to be confirmed via e-mail, and my e-mail has a separate 2FA (SMS), and a different password.

I am safe from being hacked, right?  :-\

Op sorry for your loss, but:

pro tip: some email services such as windows live mail have options for enabling two factor auth on your email account. its a little annoying to enter the code everytime you login to your email, but if you have alot at stake its worth it.

I suppose their related. What I'm trying to say is that the password was probably obtained via one of your own devices and not via a security breach of btce itself and their servers.

Logging in via a key-logger is one thing, but shouldn't it be impossible to withdraw without having access to your phone.

I did not get as deep as this and set my security up this way. Apparently I should have, maybe I wouldn't have been hacked.

I think so. I mean, without my phone they can't login, or enter code to withdraw, change pass, email etc.
But want to be sure.

Well, if you didn't have 2FA on, it's your own fault. Don't blame BTC-e, as your title suggests.

I've got a masters in Exercise and Sport Science but don't know shit about computers or the system which is ridiculous because I have a brother who writes code and serious shit I have no idea what he's talking about.

i did not even know that. THANK YOU. setting up now. :)

Oh boy..............................................

:(

You are just out of luck.. 2FA is quite easy to set up.

Perhaps try to track down the hacker.. there are other BTC-e hack victims who traced down the hacks to one main guy in Russia. Maybe you could work together and place a bounty on him on BTC Assassination Market.. :D

Uh, no.......................................

:(

Quote from: outofservice on Today at 20:10:55


Quote from: BitcoinAshley on Today at 20:08:53

You probably have a keylogger. Sucks to be you! Don't keep more on an exchange than you can afford to lose.


What is a keylogger?

Oh boy..............................................



Thanks, your replies have been so helpful.

While reading this thread I was going to post my comments.  But LostDutchman posted exactly what I was going to post!  Thank you LD for saving me the time!

Why thank you for your kind comment!

It just breaks my heart when internet noobs get it bad because the simply do not understand how to be secure on the net.

I wish I could fix things for them but after the fact, they are pretty much screwed!

Complicated passwords work well.

Lots of Upper/lower case switheces, punctuatin marks..............

Esamples:

An "I've got your ass!" password:

"password 90210".

BUSTED in about 10 seconds!

This will at least take some time and maybe get you alerted that someone is trying to hack you:

"90I&3Z*forL%Ah+?Rt2N1!*"

Just an example.

My $.02.

;)

It is a type of malware that logs every key you press on your keyboard and passes it back to a server. Once this sequence is captured it is easy to extract usernames, passwords etc. This is why it's imperative that you use two factor authentication if it is available. You should also be using a password manager such as KeePass so that you can use complex passwords that you never have to type out, just copy and paste them.

Can one assume that a keylogger can be capable to read the clipboard data?

http://en.wikipedia.org/wiki/Keystroke_logging

Read it and weep!

"Software keyloggers may be augmented with features that capture user information without relying on keyboard key presses as the sole input. Some of these features include:

    Clipboard logging. Anything that has been copied to the clipboard can be captured by the program."

;)

I would say yes, some malware probably reads the clipboard too. I don't know of enough about particular keyloggers that might do this but at least strong passwords add an extra level of protection from account cracking and enable you to use a different long and complex password on every site you use

Hmmm oh well. 2FA FTW!  :)

wassup Keewee! join the club! where do you stay in New Zealand?

I'm a jafa  :)   And you? I think we must be part of a very small group in little ol' NZ although there has been a bit more activity on BitNZ lately

 :-\

i hope you did not lose your shirt.

its really sad hearing stories like this, at cavirtex they check your browser ( you have to confirm via email if you try to access your account from another computer ) and also 2 factor auth.... i wish all exchanges had the same kind of security, with these security features i feel safer, but still....

let this thread be a lesson for you less paranoid folk and turn on 2 factor auth! setup a secure saving wallet (paper wallets) and a secure spending wallet.

in the beginning poeple were getting hacked left and right. wallet services would disappear with everyones coins... i'm glad those days are over but clearly much improvements can still be made. until then its up to the users to try and minimize risks by taking every security procation they can.

Damn man sorry for you  :-\

Time to get my coins on a paper wallet...

A key logger is a program that records your key strokes (password) and sends it to someone else.

Not necessarily unfortunately. You get still get "session hijacked" via cookies if you have your account open and open something dodgy in the same browser. Use different browsers for your trading sites vs "normal browsing"

I lost a few coins but they were just my "trading coins" (still it hurt and is a lesson learned), I kept my load on an encrypted external. I am thanking my brother for talking me into that because I used to have them all online.

I tried to set up the 2key on btc-e, they are set up on my other accounts, but the page to do so on btc-e is in russian. It also asks for a once time code. I have no idea what that code is. I've kept all emails from them and scowered them word by word looking to see if it had been sent and it had not. I emailed them about it and never heard back.
My cell is linked to all and the others you have to verify through the cell, just not btc-e because I didn't have that code to set it up.

The guy who hacked had to do work because my password was scrambled letters, numbers and symbols. Years ago I had simple passwords... until my bother showed me how easy he could crack mine. He's computers and math and I'm history and science. We all have our strengths and weaknesses. Mine just happens to be understanding detailed info about computers.

Funny thing is... I read 3 ppl ranting about getting hacked in the trollbox the last two days and as I read it I said to myself, man, that sucks, hope it doesn't happen to me.
It did and it seems to be happening to others as well. Those of you on btc-e, make sure your security is set.

Keyloggers are also capable of capturing your screen... don't know if they can do it undetected though. Keyloggers are the only thing i fear on the internet.  :(

Not sure how you can say "your security is set" on btc-e if you don't have 2fa enabled. Without 2fa your risk of being hacked goes up considerably.

http://en.wikipedia.org/wiki/Keystroke_logging

A program can record your keystrokes and send it to the person who designed it. If you have one of these,all your passwords may have been compromised. But,damn...

That's why 2fa is so important. It changes every time.

http://bit.ly/tadhtb

im noticing msot hacks are people without 2fa

You need to re-read that again. I didn't say, "my" security is set, I said, "Those of you on btc-e, make sure YOUR security is set".
btc-e is the only account I didn't have 2fa.
I don't get how all pages on btc-e are in English except for the 2fa page which is in Russian. My others sites/wallets have 2fa.

Just read all that on wiki and have a few questions...

I haven't opened any strange links or downloaded anything lately, is there any other way that program could have found it's way into my laptop?

I ran a complete spy-ware and mal-ware program, nothing showed up. Would that confirm a Keystroke program is Not on my system?  ....none of my other accounts have been hacked.

It can come embedded in a jpeg that shows in an e-mail. That's why e-mail providers usually automatically block images.

That would make sense, as I pointed out 2 posts ago :)

Email is an important attack vector, but images are mainly blocked when they are loaded from external URLs (not embedded in emails) so that users can choose to avoid automated tracking of whether/when they open messages.  Each email can be created with a unique image URL.  When that "image" is fetched, the server sending it can then be pretty confident someone opened the email.

Another reason is to reduce the amount of data downloaded for messages that may well be spam anyway.  (But whitelisted senders' mails are often treated differently, with all images fetched & displayed.)

The shocking jpeg buffer overflow vulnerability dates mainly to 2004 and has been addressed by updated software but that's not to say any software can be fully trusted.

It does make good sense to block unnecessary online content and to use different computers (virtual computers, at least) for financial tasks!