Bitcoin Forum
May 07, 2024, 07:16:10 PM *
News: Latest Bitcoin Core release: 27.0 [Torrent]
 
  Home Help Search Login Register More  
  Show Posts
Pages: [1]
1  Economy / Gambling discussion / PSA: Nitrogen Account w/ 2FA Compromised and Emptied on: March 09, 2017, 08:31:42 PM
Hi,

I am a reasonably well known member of the high stakes gambling community but have chosen to keep this post anonymous at this time. I have been playing on nitrogensports.eu (mostly poker, but also the occasional sports bet) for over 2 years and have generally been pleased with their site. I enabled 2FA on the account (via Google Authenticator) very early on and have not changed it in at least a year (most likely two). On nitrogen, they require an OTP for logging in as well as requesting withdrawals. My email address is not connected to my account at all and I use a unique username/password to access the site that is not shown to other players and not used on other sites.

I woke up one day last week to find that my balance was empty and 2 successful withdrawals had been made. I immediately contacted support via their on-site ticket system and began inspecting all of my other accounts to try to figure out what had happened. After several days of fruitless back and forth with support and a full investigation of my own devices and accounts, I still can’t seem to figure out what happened and how my account was compromised. I was hoping someone who perhaps knows a bit more about 2FA and Google Authenticator could point me in the right direction.

Here are the facts as I understand them:

1. My 2FA Device (iPhone) was always and still is in my possession
2. None of my gmail accounts were accessed from any devices or locations that are not mine
3. My icloud account was not accessed from any devices/locations that are not mine and has 2FA of its own
4. Nitrogen was not affected by the CloudFlare vulnerability
5. There is no evidence that either one of my home computers were compromised
6. My iPhone is not backed up anywhere locally
7. None of my other 2FA enabled accounts were touched in any way. No failed logins, nothing. This includes other bitcoin exchanges/wallets.

Nitrogen conducted some type of investigation relating to the matter but did not return any useful results. What am I missing? How did this person get access to all 3 credentials (username, pass, and 2FA secret)?
Pages: [1]
Powered by MySQL Powered by PHP Powered by SMF 1.1.19 | SMF © 2006-2009, Simple Machines Valid XHTML 1.0! Valid CSS!