Bitcoin Forum

Got an authentication text from Coinbase out of the blue and thought it was suspicious so I logged on to my account and had a password reset request from China...

Guess I'm gonna have to move ALL of my coin to paper wallets. Seems like Coinbase is no longer safe even for the tiniest bit of coin I had on there.

*Edit*: This stupid fu*k has now hacked into my email. Anybody else out there with a little hacking no how, feel free to return the favor.
 IP = 27.20.238.204

Just out of curiousity, where you a Gox customer?

Good thing you used two-factor authentication!

Bitcoin-related sites, as a rule, should offer TFA.

Nah, don't really mess with the exchanges much. Even though I do have an account on Cryptsy.

Yea, I'm thinking it should be a requirement to start an account with all these sites. I know it's the early days and better security will be coming in the future but right now, it's the wild west out there. Can't take any chances. Especially when nobody is really offering insurance right now.

I mean, I'd argue that it is safe BECAUSE of the 2 factor auth. It did exactly what it was supposed to, no?

The two-factor did but as I said, it's still just an option on Coinbase. Luckily I had it turned on.

I'd expect more out of their site security though. My password was pretty difficult but that didn't seem to matter at all.

I don't get it, someone made a password recovery request pretending to be you, anyone can do this, with any website, anywhere. So Coinbase shouldn't offer password recovery? As long as they don't also control your email account whats the problem?

I would immediately change your email account's password, because the above scenario is absolutely correct, and for someone to have bothered to do this in the first place, they likely would've had reason to believe they were in control of your email.

So the 2F worked, how is it unsafe?

Sounds like everything is working as expected.

Statistically, your home PC is probably a greater risk than Coinbase.

Password reset request does not indicate any successful hack. How come do you think your account is definitely hacked.

Just because it is from China?  :P

It just means somebody who has your email address submitted it to coinbase.  If they compromised your email, then you would have a problem.

Is there proof of this?

I think that they were speaking generally...

However, Coinbase likely spends a great deal more money than many here do, for the sake of securing their computer systems. Although Coinbase may be targeted more than the average PC or whatever, they also are cognizant of that, and so they take steps to prevent having security threats, which is evidenced in part by the fact that they haven't suffered from any "hacks" to my knowledge.

I trust exchanges way more than I trust myself and my setup.

I can't vouch for any statistical analysis, but when I last looked at my router logs, I'd see an average of 5 probes (A single IP addresses looking for open ports) a day.  About 40% are Chinese, usually attached to a university, followed by probes from Russia, then other European and US addresses in number.   It's a little unnerving when you are aware that random people checking the lock on your door several times a day.

I wasn't pointing a finger at the OP for being insecure, I should have worded that better, sorry. Coinbase has to comply with AML laws of 50 states. I *know* that they have had to jump through a thousand hoops to do that. I work with network security, and PCI compliance (Payment Card Industry). My work is going through PCI tests now, and it is a huge headache.

Statistically, the chances are high that the OP is using Windows, which also 'by the numbers' has the highest chance of being broken into. Microsoft is dropping all updates for XP on April 8. I got an email today, estimating that 30% of people are still running XP. With no more security updates, XP will become a playground for black hats. Anyone that runs a local wallet on XP is foolish and at risk. Encrypt your wallet at the very least, please get rid of of XP at the best. Even if your wallet.dat is local, and encrypted, a keystroke logger gives  up all your passwords to everything that you log in to.

The OP may be a Mac guy, or a Linux guru, in which case that chances are very low that his PC got broken in to. Still, Coinbase has to live by much higher standards than any of us do. 2FA is a very good thing, everyone should use it when they can. Logs can be scary when you look at them, but all of that is firehose probing for common default vulnerabilities. Nobody has singled you out.

MtGox was in Japan, they had no such laws to comply with. I recommend Coinbase to my friends and family in the USA.

to the OP even account with 2fa isn't safe every time... rooting your phone you are letting some people free in plus there is such a big amount of malware in play store that sooner or later someone will get what they want...

https://www.youtube.com/watch?v=6oAQoDfeN08 (https://www.youtube.com/watch?v=6oAQoDfeN08)

Wait...  You didn't realize someone who could guess your e-mail address could send a password reset request?

Look, careful planning and use of multiple wallets to improve security, including paper wallets or other offline wallets is smart.

Right now,  I do believe your priority should be to make sure your EMAIL account has 2-factor authentication enabled, and that you are using a SECURE  e-mail provider,  not one like Apple, that might allow  someone else to reset your email account creds by making a phone call or otherwise social-engineering support.

I would suggest booting from a bootable Linux CD  (to sidestep, just in case of PC-based malware),  log into your CB and E-mail account, and carefully go over your security questions.

Make sure none of the security questions are guessable.
MAYBE change them all  (write down and vault the new answers), for good measure.

Post updated.

I can confirm this. The amount of malware in the play store is actually disturbing. Here at college they have some pretty strict network standards as far as malware goes and my phone got kicked off the wifi because an update to one of the apps had malware with it. Rooting your phone makes it that much easier.

move the coins and have a peacefull life  ;)

Amazed people are still just realizing this.

-B-

Do you re-use the password on other sites? If so, which? This answer might point to where this is coming from.

If you don't, it might suggest that you have some form of virus/keylogger/trojan on your machine.

Recommend LastPass for managing complex and unique passwords.

Ok, but this means someone hacking your Bitcoin account needs:

- Your email
- Your username on Coinbase
- Your phone number
- Access to your phone

That's a lot of stuff.  I'd say it's rather unlikely for all to be compromised by the same person without your PC being compromised.

Better not buy a iPhone 5S, they could cut your finger off to get into your system!

 ;D

i just set up my google 2 step factor....


glad i saw this threadBTCBTC

Yes. You have minor security with minor knowledge, they have a team working on keeping everything secure.

You should have a 2FA option on your email account as well.  If not, find one that offers it.

Chop Sticks.... Metal, bamboo or plastic?  ;)

Your email security should be the most important! you should have two-factor authentification on you email before anything else (of course I'm talking about your main email adress) gmail offers that and I'm sure other mail services do aswell