dicenow
Hello! Today two accounts (my 13773 and my wife 14532) was hacked and all bitcoins was withdrawed to 1NHQEzpernPm4BKh1E3P1Sh4Bn4YA6bXy6
Passwords not changed, 2fa is on. How can this happens? Can you help me to understand what is going on?
Man in the middle attack.
Support tell me, that my accounts was accessed from unfamiliar IP, but how can it be with 2fa on I don't understand.
The only one my mistake, the passwords was same on both accounts. But accounts was on different PC's and with different providers. e-mails was different too.
In the case of a man-in-the-middle attack, the hacker steal your logged-session which is valid for an hour or more.
The only way to protect from this kind of attack is to enable an automatic-logout-on-IP-change but I almost never saw it.
Even if it exist, the hacker can spoof your IP so yeah you can't do much...
It is quite a high level hacking IMO unless you computer is full of trojans.
Don't spread bullshit. Accounts were accessed from some foreign IPs. Sessions are https - so encrypted. But even so, fund withdrawing should not be possible, without 2fa.
The site has, most probably some kind of sql-injection security flaw and the attacker managed to access the SQL database directly and made the redraw action without the user inteface.
The owner of the site should refund your coins - as the site is hacked.
It's not your fault at all.