Multiple Bittrex accounts hacked everyone enable 2fa

[leigh2k14]

Looks like i was mistaken... after a couple ticket responses and going back further in some cases... there have been login from IPs unknown.  Please focus on finding a common denominator to these attacks.


richie@bittrex

So my machine wasn't compromised.

UNKNOWN_IP_LOGOFF 134.3.254.67 Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/49.0.2623.110 Safari/537.36 2016-04-02 11:17:09.710

So how about reimbursing my coins?

1300 rads
800 exp
15000 aur
333,000 bcr

[1715434199]

1715434199

[1715434199]

1715434199

[1715434199]

1715434199

[1715434199]

1715434199

[1715434199]

1715434199

[1715434199]

1715434199

[richiela]

Looks like i was mistaken... after a couple ticket responses and going back further in some cases... there have been login from IPs unknown.  Please focus on finding a common denominator to these attacks.


richie@bittrex

So my machine wasn't compromised.

UNKNOWN_IP_LOGOFF 134.3.254.67 Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/49.0.2623.110 Safari/537.36 2016-04-02 11:17:09.710

So how about reimbursing my coins?

1300 rads
800 exp
15000 aur
333,000 bcr

That just means someone was able to get your l/p ... nothing has changed... not sure why you think it has.

[leigh2k14]

Looks like i was mistaken... after a couple ticket responses and going back further in some cases... there have been login from IPs unknown.  Please focus on finding a common denominator to these attacks.


richie@bittrex

So my machine wasn't compromised.

UNKNOWN_IP_LOGOFF 134.3.254.67 Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/49.0.2623.110 Safari/537.36 2016-04-02 11:17:09.710

So how about reimbursing my coins?

1300 rads
800 exp
15000 aur
333,000 bcr

That just means someone was able to get your l/p ... nothing has changed... not sure why you think it has.

So don't take any responsibility towards your users funds?

[richiela]

Looks like i was mistaken... after a couple ticket responses and going back further in some cases... there have been login from IPs unknown.  Please focus on finding a common denominator to these attacks.


richie@bittrex

So my machine wasn't compromised.

UNKNOWN_IP_LOGOFF 134.3.254.67 Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/49.0.2623.110 Safari/537.36 2016-04-02 11:17:09.710

So how about reimbursing my coins?

1300 rads
800 exp
15000 aur
333,000 bcr

That just means someone was able to get your l/p ... nothing has changed... not sure why you think it has.

So don't take any responsibility towards your users funds?

We absolutely do, but if you lost your login/password and don't have 2fa enabled, there is nothing we can do.  I'm trying to help you guys find a common denominator which is why I jumped on this thread.  If it is going to turn into something unproductive, i'm happy to disengage.

richie@bittrex

[leigh2k14]

Looks like i was mistaken... after a couple ticket responses and going back further in some cases... there have been login from IPs unknown.  Please focus on finding a common denominator to these attacks.


richie@bittrex

So my machine wasn't compromised.

UNKNOWN_IP_LOGOFF 134.3.254.67 Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/49.0.2623.110 Safari/537.36 2016-04-02 11:17:09.710

So how about reimbursing my coins?

1300 rads
800 exp
15000 aur
333,000 bcr

That just means someone was able to get your l/p ... nothing has changed... not sure why you think it has.

So don't take any responsibility towards your users funds?

We absolutely do, but if you lost your login/password and don't have 2fa enabled, there is nothing we can do.  I'm trying to help you guys find a common denominator which is why I jumped on this thread.  If it is going to turn into something unproductive, i'm happy to disengage.

richie@bittrex

Good swerve.

I don't think my machine was compromised, I didn't down load any dodgy software all my software comes from official repos or github.

The login log files shown it wasn't just my browser logged in yesterday.

I will admit that I did not have 2fa enabled, that was my only mistake. Why not make 2fa mandatory?

You can disengage, you and your exchange are losing creditability by the second.

[leigh2k14]

Here are my log files, obviously I had to obfuscate my IP because of the crazies in here:

LOGIN **.**.76.98 Mozilla/5.0 (X11; Ubuntu; Linux i686; rv:36.0) Gecko/20100101 Firefox/36.0 2016-04-03 02:43:00.480
DISABLE_2FA **.**.76.98 Mozilla/5.0 (Windows NT 6.1; rv:23.0) Gecko/20131011 Firefox/23.0 2016-04-02 14:18:16.347
DISABLE_2FA **.**.76.98 Mozilla/5.0 (Windows NT 6.1; rv:23.0) Gecko/20131011 Firefox/23.0 2016-04-02 14:16:15.100
ENABLE_2FA **.**.76.98 Mozilla/5.0 (Windows NT 6.1; rv:23.0) Gecko/20131011 Firefox/23.0 2016-04-02 14:01:28.287
PENDING_2FA **.**.76.98 Mozilla/5.0 (Windows NT 6.1; rv:23.0) Gecko/20131011 Firefox/23.0 2016-04-02 14:00:58.077
IMAGE_INITIATE_NETVERIFY **.**.76.98 Mozilla/5.0 (X11; Ubuntu; Linux i686; rv:36.0) Gecko/20100101 Firefox/36.0 2016-04-02 13:05:29.767
LOGIN **.**.76.98 Mozilla/5.0 (X11; Ubuntu; Linux i686; rv:36.0) Gecko/20100101 Firefox/36.0 2016-04-02 12:45:36.673
LOGOFF 194.103.142.82 Mozilla/5.0 (Windows NT 6.1) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/49.0.2623.110 Safari/537.36 2016-04-02 12:43:57.787
LOGOFF **.**.76.98 Mozilla/5.0 (X11; Ubuntu; Linux i686; rv:36.0) Gecko/20100101 Firefox/36.0 2016-04-02 12:39:41.187
LOGOFF 87.126.174.177 Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/49.0.2623.110 Safari/537.36 2016-04-02 12:36:58.877
LOGIN 109.176.195.67 Mozilla/5.0 (Windows NT 6.1; WOW64; rv:44.0) Gecko/20100101 Firefox/44.0 2016-04-02 12:31:41.697
LOGIN **.**.76.98 Mozilla/5.0 (X11; Ubuntu; Linux i686; rv:36.0) Gecko/20100101 Firefox/36.0 2016-04-02 12:31:30.597
LOGOFF **.**.76.98 Mozilla/5.0 (X11; Ubuntu; Linux i686; rv:36.0) Gecko/20100101 Firefox/36.0 2016-04-02 12:31:12.633
LOGIN 194.103.142.82 Mozilla/5.0 (Windows NT 6.1) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/49.0.2623.110 Safari/537.36 2016-04-02 12:13:55.107
LOGIN 87.126.174.177 Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/49.0.2623.110 Safari/537.36 2016-04-02 11:59:37.770
UNKNOWN_IP_LOGOFF 134.3.254.67 Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/49.0.2623.110 Safari/537.36 2016-04-02 11:17:09.710
LOGIN 109.91.101.14 Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/49.0.2623.110 Safari/537.36 2016-04-02 11:15:17.143
LOGIN **.**.76.98 Mozilla/5.0 (X11; Ubuntu; Linux i686; rv:36.0) Gecko/20100101 Firefox/36.0 2016-04-01 19:20:22.410
LOGIN **.**.76.98 Mozilla/5.0 (Windows NT 6.1; rv:23.0) Gecko/20131011 Firefox/23.0 2016-04-01 16:03:34.063
LOGIN 2.100.168.93 Mozilla/5.0 (Windows NT 6.1; rv:23.0) Gecko/20131011 Firefox/23.0 2016-04-01 05:15:42.980

I have two machines, one in my bedroom run linux mint:

Mozilla/5.0 (X11; Ubuntu; Linux i686; rv:36.0) Gecko/20100101 Firefox/36.0

The one in my living room also runs mint but I had to change the UI to get netflix to run:

Mozilla/5.0 (Windows NT 6.1; rv:23.0) Gecko/20131011 Firefox/23.0

[Spoetnik]

Ritchie i am trying to be nice but your being a fucking asshole man.
And i have seen you crying FUD on IRC too.. so i think you have a history on that already.

FUD = an attempt to smear a coin or service with untrue information.
That is what we generally think it means (although i disagree entirely and stand by the classic definition)
Which is = F. U. D.
What would those there words mean in the Context of Altcoins and their associated services
and would it be relevant ?
YES.
With the track record of supposedly Legit exchanges you bet your damn ass FUD is warranted.
And no sorry no there is no way in hell Bittrex deserves the benefit of the doubt.
No exchange or service in Crypto does.
And know what Bittrex-Ritchie?
These guys all agree with me but they just won't say it.

So you can drop this whole crying FUD routine buddy that shit is not going to fly
and if anything will make you look overly defensive.

Further more i would expect someone who runs an exchange to be a bit smarter.
The procedure of Science has not changed for 100's of years since Al Hazen literally wrote the book on it.
I know all about it and you DO NOT.
http://en.wikipedia.org/wiki/Al_Hazen
He is the FATHER of science and wrote the rule book on scientific examination..
Which is precisely what a smart person does when confronted with a mystery.

@Ritchie you have shown us you do not comprehend much here bud.
You do not collect proven FACTS to examine info to see if it's a fact 
That is bloody retarded beyond belief and i can't fucking believe you would even say that.

Ritchie you said that and it's fucking stupid.. so stupid i can't even be bothered to read the rest of it.
You lost you credibility with me now. You are coming across super dumb here.
And overly defensive which may or may not be a bad thing.

@spoetnik: it is complete fud and you know it.  scientific procedures requires actual proof.

Scientific procedures DO NOT require ACTUAL "proof"
Because the entire point of Scientific procedure.. IS TO FIND THE TRUTH !
There is no debate here.. i was right here all along and your railing on against me is a waste of time.

So let me recap yet again for the 3rd or 4th time.
- I am not saying Bittrex did anything ..just saying it -IS- possible they were hacked or an inside job etc.

Which is defiantly plausible enough to warrant investigation or the users consideration.
The only thing that would oppose that is you Ritchie demand we take your word for things.
And fair enough we will but your being an asshole about it.
WE ALL will take your words with a grain of salt.. do you know what that means? Get it?

I do NOT hope Bittrex is bad and i have had great luck with Bittrex so i am not trying to FUD them.
It's just that if we end-users do not look at all possible things we may miss something.
Did you forget how i was right about Gox before it closed?
And how i was right about Mintpal BTER and Cryptsy?
I have had a 100% success rate at calling it and the proof is my dated comments.

I am not giving a get-out-of-jail free card to Bittrex simply because i like the staff or it worked well or me.
Fanboyism or Cheerleading has not place in Science and that is all we have here to go on.

Cryptsy's JShock way back posted here a rant mouthing me off saying they had never been hacked
when they had been multiple times.. he lied & so did Vern and their staff that vanished.
History has shown us guys that strut around all legit & shit and they rip us off.. the list of them is endless.

It's irresponsible of you Ritchie to demand we trust you fully 100%
And it 's stupid if we do.

All i am saying is we should look at ALL possible explanations for the mystery hacks / thefts.
I made no judgements !

Lastly, if anyone got this far down? I can vouch for Chiznitz being Bittrex-Ryan.
And i will say again i have little bad to say about Bittrex but i am not trusting & nor should anyone be.
I am hoping Bittrex is 100% innocent in all this.
We have had way too many exchanges go down scammy.

@Ritchie think of it this way.. to me your are coming across not to smart here.
Are you the guy who checked your servers for Malware?
because you trying to come off making it look like your users are noobs and your the expert.
When in reality both are on equal footing and both are subject to the same security practices.
Why should we take your word for it you servers are malware free?
Think about it.. your basically calling your users computers noobs and blaming them for it.
So tell us what did you do specifically to rule out YOUR MACHINES were NOT infected?

[Spoetnik]

Looks like i was mistaken... after a couple ticket responses and going back further in some cases... there have been login from IPs unknown.  Please focus on finding a common denominator to these attacks.


richie@bittrex

So my machine wasn't compromised.

UNKNOWN_IP_LOGOFF 134.3.254.67 Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/49.0.2623.110 Safari/537.36 2016-04-02 11:17:09.710

So how about reimbursing my coins?

1300 rads
800 exp
15000 aur
333,000 bcr

That just means someone was able to get your l/p ... nothing has changed... not sure why you think it has.

So don't take any responsibility towards your users funds?

We absolutely do, but if you lost your login/password and don't have 2fa enabled, there is nothing we can do.  I'm trying to help you guys find a common denominator which is why I jumped on this thread.  If it is going to turn into something unproductive, i'm happy to disengage.

richie@bittrex

in Ritchie's defense with no 2FA enabled another possibility here is the user or some of them are lying.
How would Ritchie be able to tell the difference between a hacker using my PC and ME using it?
As much as i may speculate Bittrex is behind this i also can not rule out Fraud by users.
Which logically makes it hard for him to pay coins out..
If it was an end-user scam and he pays it would never stop & he would go broke.

[Spoetnik]

Mine and another member of this forum have been hacked today, I lost 8BTC worth of alts, i'm not sure how much CosaNostra lost.

https://bitcointalk.org/index.php?topic=1416068.msg14399775#msg14399775

And before you ask, no I did not have 2fa set up (lesson learned).

Have any others been hacked?

before this topic you said..

Some low life scumbag just emptied my bittrex account of 1300 rads, 800 exp and 15000 aur.

They dumped my coins, but there was no withdraws in my withdraw history, and no withdraw requests in my email?

I changed my password straight away.

I mailed support@bittrex.com, i'm waiting for a reply.

And for some reason they bought a load of EXCL and dumped EXCL: https://bittrex.com/Market/Index?MarketName=BTC-EXCL

Fucking gutted.

I have no idea how they got in. I'm going to format both my towers.

Anyone have richie from bittrex's user name so I can PM him?

So i am curious was your coins taken off the server lost?
This sounds like the Cryptsy points hack incident where Cryptsy claims no coins left the server.
See what i mean?

Did some hacker got into your account OP and then make trades but did not withdraw your coins?

[leigh2k14]

Looks like i was mistaken... after a couple ticket responses and going back further in some cases... there have been login from IPs unknown.  Please focus on finding a common denominator to these attacks.


richie@bittrex

So my machine wasn't compromised.

UNKNOWN_IP_LOGOFF 134.3.254.67 Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/49.0.2623.110 Safari/537.36 2016-04-02 11:17:09.710

So how about reimbursing my coins?

1300 rads
800 exp
15000 aur
333,000 bcr

That just means someone was able to get your l/p ... nothing has changed... not sure why you think it has.

So don't take any responsibility towards your users funds?

We absolutely do, but if you lost your login/password and don't have 2fa enabled, there is nothing we can do.  I'm trying to help you guys find a common denominator which is why I jumped on this thread.  If it is going to turn into something unproductive, i'm happy to disengage.

richie@bittrex

in Ritchie's defense with no 2FA enabled another possibility here is the user or some of them are lying.
How would Ritchie be able to tell the difference between a hacker using my PC and ME using it?
As much as i may speculate Bittrex is behind this i also can not rule out Fraud by users.
Which logically makes it hard for him to pay coins out..
If it was an end-user scam and he pays it would never stop & he would go broke.

I know your just exploring all the angles here, I ain't no scammer, far from it, i'm the victim.

I worked hard trading to get those coins, I put a lot of time and effort in, only to find disappear into the either.

[richiela]

Ritchie i am trying to be nice but your being a fucking asshole man.
And i have seen you crying FUD on IRC too.. so i think you have a history on that already.

FUD = an attempt to smear a coin or service with untrue information.
That is what we generally think it means (although i disagree entirely and stand by the classic definition)
Which is = F. U. D.
What would those there words mean in the Context of Altcoins and their associated services
and would it be relevant ?
YES.
With the track record of supposedly Legit exchanges you bet your damn ass FUD is warranted.
And no sorry no there is no way in hell Bittrex deserves the benefit of the doubt.
No exchange or service in Crypto does.
And know what Bittrex-Ritchie?
These guys all agree with me but they just won't say it.

So you can drop this whole crying FUD routine buddy that shit is not going to fly
and if anything will make you look overly defensive.

Further more i would expect someone who runs an exchange to be a bit smarter.
The procedure of Science has not changed for 100's of years since Al Hazen literally wrote the book on it.
I know all about it and you DO NOT.
http://en.wikipedia.org/wiki/Al_Hazen
He is the FATHER of science and wrote the rule book on scientific examination..
Which is precisely what a smart person does when confronted with a mystery.

@Ritchie you have shown us you do not comprehend much here bud.
You do not collect proven FACTS to examine info to see if it's a fact  
That is bloody retarded beyond belief and i can't fucking believe you would even say that.

Ritchie you said that and it's fucking stupid.. so stupid i can't even be bothered to read the rest of it.
You lost you credibility with me now. You are coming across super dumb here.
And overly defensive which may or may not be a bad thing.

@spoetnik: it is complete fud and you know it.  scientific procedures requires actual proof.

Scientific procedures DO NOT require ACTUAL "proof"
Because the entire point of Scientific procedure.. IS TO FIND THE TRUTH !
There is no debate here.. i was right here all along and your railing on against me is a waste of time.

So let me recap yet again for the 3rd or 4th time.
- I am not saying Bittrex did anything ..just saying it -IS- possible they were hacked or an inside job etc.

Which is defiantly plausible enough to warrant investigation or the users consideration.
The only thing that would oppose that is you Ritchie demand we take your word for things.
And fair enough we will but your being an asshole about it.
WE ALL will take your words with a grain of salt.. do you know what that means? Get it?

I do NOT hope Bittrex is bad and i have had great luck with Bittrex so i am not trying to FUD them.
It's just that if we end-users do not look at all possible things we may miss something.
Did you forget how i was right about Gox before it closed?
And how i was right about Mintpal BTER and Cryptsy?
I have had a 100% success rate at calling it and the proof is my dated comments.

I am not giving a get-out-of-jail free card to Bittrex simply because i like the staff or it worked well or me.
Fanboyism or Cheerleading has not place in Science and that is all we have here to go on.

Cryptsy's JShock way back posted here a rant mouthing me off saying they had never been hacked
when they had been multiple times.. he lied & so did Vern and their staff that vanished.
History has shown us guys that strut around all legit & shit and they rip us off.. the list of them is endless.

It's irresponsible of you Ritchie to demand we trust you fully 100%
And it 's stupid if we do.

All i am saying is we should look at ALL possible explanations for the mystery hacks / thefts.
I made no judgements !

Lastly, if anyone got this far down? I can vouch for Chiznitz being Bittrex-Ryan.
And i will say again i have little bad to say about Bittrex but i am not trusting & nor should anyone be.
I am hoping Bittrex is 100% innocent in all this.
We have had way too many exchanges go down scammy.

@Ritchie think of it this way.. to me your are coming across not to smart here.
Are you the guy who checked your servers for Malware?
because you trying to come off making it look like your users are noobs and your the expert.
When in reality both are on equal footing and both are subject to the same security practices.
Why should we take your word for it you servers are malware free?
Think about it.. your basically calling your users computers noobs and blaming them for it.
So tell us what did you do specifically to rule out YOUR MACHINES were NOT infected?

This is really the last time i'm going to respond on this topic.  I'm not trying to be an asshole, but I have a problem with unfounded accusations. If you want to have it out with me, feel free to join me in slack or irc.

1) FUD = Fear Uncertainty and Doubt.  If you are causing those things without proof, I do believe it is exactly what I called it.  As for track records, we are one of the only exchanges that has never been hacked or compromised.  Sure you can compare us to other exchanges and past performance is no guarantee of future yada yada yada... By that logic, every business will fail because others have.  So yes, i do take offense to it when people start claiming it without any data.  If any data exists, I'd be happy to look at it and investigate.

2) Your logic about malware is flawed.  Do you think if any of our servers were compromised in any way, all you would see is a couple of non-2fa'd account drained using a bad trading method?  It doesn't make sense.

3) Lastly, I am not calling our users noobs, but we collectively are the experts here when it comes to security and how exchanges work.  I'm not sure how anyone can claim something different when it comes to how an exchange works.  I also get paid to do security for a living - I assert, rightly or wrongly, I do know more about this topic than most people.  

When faced with a problem, the most obvious answer is usually the right one once you have ruled out the others.  Instead wasting our time with this entire line of discussion, I'd rather have users figure out what the common denominator is and narrow down what caused this.  There's an obvious pattern;  i'd like to find it.

-richie@bittrex

[richiela]

Mine and another member of this forum have been hacked today, I lost 8BTC worth of alts, i'm not sure how much CosaNostra lost.

https://bitcointalk.org/index.php?topic=1416068.msg14399775#msg14399775

And before you ask, no I did not have 2fa set up (lesson learned).

Have any others been hacked?

before this topic you said..

Some low life scumbag just emptied my bittrex account of 1300 rads, 800 exp and 15000 aur.

They dumped my coins, but there was no withdraws in my withdraw history, and no withdraw requests in my email?

I changed my password straight away.

I mailed support@bittrex.com, i'm waiting for a reply.

And for some reason they bought a load of EXCL and dumped EXCL: https://bittrex.com/Market/Index?MarketName=BTC-EXCL

Fucking gutted.

I have no idea how they got in. I'm going to format both my towers.

Anyone have richie from bittrex's user name so I can PM him?

So i am curious was your coins taken off the server lost?
This sounds like the Cryptsy points hack incident where Cryptsy claims no coins left the server.
See what i mean?

Did some hacker got into your account OP and then make trades but did not withdraw your coins?

If this wasn't clarified before, your assertion is correct here.  In all cases we've seen, the attacker traded down the balances and withdrew on the other side.  No withdraw's were done from the compromised accounts.  If that isn't accurate in any cases, please let me know.

thanks,
richie@bittrex

[Spoetnik]

The attacker traded down, and withdrew on the other side richie.


No withdraw was made from my end.

Forgive me but i don't think i heard anyone say that before.
Can you say that in a different way?

And Ritchie i hope you do not get pissed off & leave.
Understand i was trying to be objective and look at all angles and not attack your Exchange.
If it seemed that way i apologize to you and i don't have much more "FUD" to post here..
So you can likely carry on here with out me instead

I'd just like to see you all build a picture and include every bit of info possible.
Explore all leads no matter how unlikely etc.
And to me it's scientific and nothing personal against anyone.

Good luck guys and sorry to hear about your bad news

[richiela]

The attacker traded down, and withdrew on the other side richie.


No withdraw was made from my end.

Forgive me but i don't think i heard anyone say that before.
Can you say that in a different way?

And Ritchie i hope you do not get pissed off & leave.
Understand i was trying to be objective and look at all angles and not attack your Exchange.
If it seemed that way i apologize to you and i don't have much more "FUD" to post here..
So you can likely carry on here with out me instead

I'd just like to see you all build a picture and include every bit of info possible.
Explore all leads no matter how unlikely etc.
And to me it's scientific and nothing personal against anyone.

Good luck guys and sorry to hear about your bad news

I don't get pissed off But yes, I alluded to that fact earlier, but never called it out explicitly, my bad.  In all cases, the attacker did "bad trades" to move funds around and withdrew from the other side.

I'm happy to discuss any aspect of this that I am allowed to (without violating our privacy policies etc).  I'm also here to help chase down leads if there are any.  I'm a fan of putting as much data together as possible and building a picture. I just get frustrated and find it a waste of time when people start going down the "prove you're not hacked/bad" line of thinking because it's impossible to prove a negative.

Also realize, I'm spending time in here trying to be helpful.  If i planned on mt.cryptsypalrushin' anyone, I wouldn't bother engaging the community on this issue at all.  Something obviously is going around and I want to help put a stop to it.

Thanks,
Richie

[kiklo]

https://www.ic3.gov/complaint

File a Complaint

Prior to filing a complaint with the IC3, please read the following information regarding terms and conditions. Should you have additional questions prior to filing your complaint, view FAQ for more information on inquiries such as:

    What details will I be asked to include in my complaint?
    What happens after I file a complaint?
    How are complaints resolved?
    Should I retain evidence related to my complaint?

The information I've provided on this form is correct to the best of my knowledge. I understand that providing false information could make me subject to fine, imprisonment, or both. (Title 18, U.S. Code, Section 1001)

Complaints filed via this website are processed and may be referred to federal, state, local or international law enforcement or regulatory agencies for possible investigation. I understand any investigation opened on any complaint I file on this website is initiated at the discretion of the law enforcement and/or regulatory agency receiving the complaint information.

Filing a complaint with the IC3 in no way serves as notification to my credit card company that I am disputing unauthorized charges placed on my card or that my credit card number may have been compromised. I should contact my credit card company directly to notify them of my specific concerns.
Advisory:

You are about to file a complaint with the Internet Crime Complaint Center. The confidentiality of the information you provide may be affected by state law. As such, we cannot guarantee that your complaint will remain confidential. The complaint information you submit to this site is encrypted via secure socket layer (SSL) encryption. Please see the Privacy Policy for further information.

 

[prospecta]

Another user gets "hacked" through bad OPSEC and blames the exchange, seen this a thousand times before.

[sotisoti]

Sorry to hear that, I don't have coins anymore @ Bittrex, I'll consider using Google Authenticator asap.

[Varvarin]

Is everyone that was hacked using GMail by any chance?

Friend got hacked on Polo, very similar story and his Gmail pass was changed.

[CosaNostra]

The attacker traded down, and withdrew on the other side richie.


No withdraw was made from my end.

Forgive me but i don't think i heard anyone say that before.
Can you say that in a different way?

And Ritchie i hope you do not get pissed off & leave.
Understand i was trying to be objective and look at all angles and not attack your Exchange.
If it seemed that way i apologize to you and i don't have much more "FUD" to post here..
So you can likely carry on here with out me instead

I'd just like to see you all build a picture and include every bit of info possible.
Explore all leads no matter how unlikely etc.
And to me it's scientific and nothing personal against anyone.

Good luck guys and sorry to hear about your bad news

I don't get pissed off But yes, I alluded to that fact earlier, but never called it out explicitly, my bad.  In all cases, the attacker did "bad trades" to move funds around and withdrew from the other side.

I'm happy to discuss any aspect of this that I am allowed to (without violating our privacy policies etc).  I'm also here to help chase down leads if there are any.  I'm a fan of putting as much data together as possible and building a picture. I just get frustrated and find it a waste of time when people start going down the "prove you're not hacked/bad" line of thinking because it's impossible to prove a negative.

Also realize, I'm spending time in here trying to be helpful.  If i planned on mt.cryptsypalrushin' anyone, I wouldn't bother engaging the community on this issue at all.  Something obviously is going around and I want to help put a stop to it.

Thanks,
Richie

Hi Richie,

Since the only common denominator for us who had coins stolen is absence of 2fa, could you provide detailed info on the attacker?

Only you have a full picture of what happened or happens now.

How many accounts compromised out there? Is that multiple or a couple?
Do these accounts have anything in common except absence of 2fa?
Are all the accounts of the attacker are new or he used some old accounts?
Are all the IPs of the attacker are different each time?
What coins and exact BTC/alts addresses were used to withdraw the funds?

And the last question: Why in your opinion only Bittrex accounts were compromised?

Meanwhile, I would strongly advise to turn on immediate e-mail notifications for all users on each entrance to bittrex with the detailed information like time, IP address, browser info and such and perhaps even on each trade the users complete.
Needless to say this step would prevent further losses of your customers.

I would also appreciate, if Bittrex, as a responsible business, would compensate my losses at least partially.


Regards

[vlom]

The attacker traded down, and withdrew on the other side richie.


No withdraw was made from my end.

Forgive me but i don't think i heard anyone say that before.
Can you say that in a different way?

And Ritchie i hope you do not get pissed off & leave.
Understand i was trying to be objective and look at all angles and not attack your Exchange.
If it seemed that way i apologize to you and i don't have much more "FUD" to post here..
So you can likely carry on here with out me instead

I'd just like to see you all build a picture and include every bit of info possible.
Explore all leads no matter how unlikely etc.
And to me it's scientific and nothing personal against anyone.

Good luck guys and sorry to hear about your bad news

I don't get pissed off But yes, I alluded to that fact earlier, but never called it out explicitly, my bad.  In all cases, the attacker did "bad trades" to move funds around and withdrew from the other side.

I'm happy to discuss any aspect of this that I am allowed to (without violating our privacy policies etc).  I'm also here to help chase down leads if there are any.  I'm a fan of putting as much data together as possible and building a picture. I just get frustrated and find it a waste of time when people start going down the "prove you're not hacked/bad" line of thinking because it's impossible to prove a negative.

Also realize, I'm spending time in here trying to be helpful.  If i planned on mt.cryptsypalrushin' anyone, I wouldn't bother engaging the community on this issue at all.  Something obviously is going around and I want to help put a stop to it.

Thanks,
Richie

cool down. it is just Spoetnik.

unfortunately i could read his nonsense in the quotes. just put him on your ignorelist.