Bitcoin Forum

Economy => Service Discussion => Topic started by: yomofo on July 02, 2014, 07:40:13 AM



Title: PSA Coinbase wallets ARE GETTING HACKED even with 2FA!!! 2 victims and counting,
Post by: yomofo on July 02, 2014, 07:40:13 AM
http://nourishingliberty.com/disaster-triumph-stolen-bitcoins/[1]
Quote
In my case, I was watching it happen in real time and unable to do anything. I had 2 factor authentication enabled for my wallet. I got an email from the authy app stating that my account had been reset and to click the link to verify it and that if I had not done that to ignore the email. I had not done anything so I ignored the email.
And get away from Coinbase. Their response to this situation has been horrible. Through lack of availability when the incident started to the flaws in their system that allows what I am finding to be prevalent hacking, their response is awful. Coinbase is worse than useless. As I speak to others about my experience, I realize that this is a common perception within the community.
...

this is the second case of hacking that i am aware of.
http://www.reddit.com/r/Bitcoin/comments/27suip/coinbase_compromised/[2]
why hasn't coinbase support addressed this breach of security?

edit just found this : https://hackerone.com/reports/5786[3]

how unprofessional is coinbase to not address any of these issues publicly?


i personally have not been hacked but am doing a PSA to avoid any possibility of another neobee or goxxing.


Title: Re: PSA Coinbase wallets ARE GETTING HACKED even with 2FA!!! 2 victims and counting,
Post by: Newbie1022 on July 02, 2014, 08:10:01 AM
I am so sorry this happened to you. I am wondering, however, if it really went past 2FA or if you had not specified that you wanted 2FA for all transactions. Under the advanced tab the default is not to have 2FA for transactions under $100 per day. However, you can request it for each day. That may be one way. Otherwise, I'd imagine it was a phising attack of some sort.


Title: Re: PSA Coinbase wallets ARE GETTING HACKED even with 2FA!!! 2 victims and counting,
Post by: Ibian on July 02, 2014, 09:33:55 AM
What kind of 2FA do they use?


Title: Re: PSA Coinbase wallets ARE GETTING HACKED even with 2FA!!! 2 victims and counting,
Post by: sgbett on July 02, 2014, 10:06:46 AM
http://nourishingliberty.com/disaster-triumph-stolen-bitcoins/[1]
Quote
In my case, I was watching it happen in real time and unable to do anything. I had 2 factor authentication enabled for my wallet. I got an email from the authy app stating that my account had been reset and to click the link to verify it and that if I had not done that to ignore the email. I had not done anything so I ignored the email.
And get away from Coinbase. Their response to this situation has been horrible. Through lack of availability when the incident started to the flaws in their system that allows what I am finding to be prevalent hacking, their response is awful. Coinbase is worse than useless. As I speak to others about my experience, I realize that this is a common perception within the community.
...

this is the second case of hacking that i am aware of.
http://www.reddit.com/r/Bitcoin/comments/27suip/coinbase_compromised/[2]
why hasn't coinbase support addressed this breach of security?

edit just found this : https://hackerone.com/reports/5786[3]

how unprofessional is coinbase to not address any of these issues publicly?


i personally have not been hacked but am doing a PSA to avoid any possibility of another neobee or goxxing.

[1] Her email was hacked not coinbase.
[2] "The weakest link in any chain is the user and we have no way of verifying that you don't have a keylogger on your computer or connected your iPhone to an insecure or compromised wifi network.
Sorry, but there are too many holes to determine if this was a legitimate hack with the fault on Coinbase." - occams razor
[3] Coinbase response to the concerns bryan raised seemed adequate.

You too can find out information like this, and more through the power of reading!

I don't even use coinbase. I'm just a guy that writes software that hates users that blame software when they are the ones at fault.


Title: Re: PSA Coinbase wallets ARE GETTING HACKED even with 2FA!!! 2 victims and counting,
Post by: heartbit on July 02, 2014, 10:15:05 AM
I'm just a guy that writes software that hates users that blame software when they are the ones at fault.
Amen to that brother!
Posted from Bitcointa.lk - #cwbs5DrJTrdk4AXw


Title: Re: PSA Coinbase wallets ARE GETTING HACKED even with 2FA!!! 2 victims and counting,
Post by: BuildTheFuture on July 02, 2014, 01:59:44 PM
Coinbase just announced a new "Vault" feature today. So there.  :D


Title: Re: PSA Coinbase wallets ARE GETTING HACKED even with 2FA!!! 2 victims and counting,
Post by: BitcoinBobbeh on July 02, 2014, 03:27:30 PM
http://nourishingliberty.com/disaster-triumph-stolen-bitcoins/[1]
Quote
In my case, I was watching it happen in real time and unable to do anything. I had 2 factor authentication enabled for my wallet. I got an email from the authy app stating that my account had been reset and to click the link to verify it and that if I had not done that to ignore the email. I had not done anything so I ignored the email.
And get away from Coinbase. Their response to this situation has been horrible. Through lack of availability when the incident started to the flaws in their system that allows what I am finding to be prevalent hacking, their response is awful. Coinbase is worse than useless. As I speak to others about my experience, I realize that this is a common perception within the community.
...

this is the second case of hacking that i am aware of.
http://www.reddit.com/r/Bitcoin/comments/27suip/coinbase_compromised/[2]
why hasn't coinbase support addressed this breach of security?

edit just found this : https://hackerone.com/reports/5786[3]

how unprofessional is coinbase to not address any of these issues publicly?


i personally have not been hacked but am doing a PSA to avoid any possibility of another neobee or goxxing.

[1] Her email was hacked not coinbase.
[2] "The weakest link in any chain is the user and we have no way of verifying that you don't have a keylogger on your computer or connected your iPhone to an insecure or compromised wifi network.
Sorry, but there are too many holes to determine if this was a legitimate hack with the fault on Coinbase." - occams razor
[3] Coinbase response to the concerns bryan raised seemed adequate.

You too can find out information like this, and more through the power of reading!

I don't even use coinbase. I'm just a guy that writes software that hates users that blame software when they are the ones at fault.

This.

For a sensible person it's actually HARD to get hacked. I only ever log into Coinbase from one computer, and my username and password there are different from any other site where I have an account.

If I were hacked it would have to be my dog who did it.


Title: Re: PSA Coinbase wallets ARE GETTING HACKED even with 2FA!!! 2 victims and counting,
Post by: BitchicksHusband on July 02, 2014, 06:10:46 PM
And if Authy is telling you that somebody changed your Coinbase password and you didn't do it, you should be on the phone to Coinbase immediately (and online changing your password if you still can).  You don't ignore stuff like that.


Title: Re: PSA Coinbase wallets ARE GETTING HACKED even with 2FA!!! 2 victims and counting,
Post by: piramida on July 02, 2014, 06:18:42 PM
Also, as a rule of thumb: do not, I repeat, do not keep anything over 1btc on your mobile phone app. Just don't. If you need to spend thousands on the go, be good to your moneys, get an 11inch MBA dedicated to that purpose, and use phone for 2FA.