Bitcoin Forum
June 15, 2024, 01:51:32 AM *
News: Voting for pizza day contest
 
   Home   Help Search Login Register More  
Pages: [1]
  Print  
Author Topic: Scammed By Kraken ? I am confused.  (Read 508 times)
monkeydong1 (OP)
Sr. Member
****
Offline Offline

Activity: 364
Merit: 250


View Profile
September 23, 2016, 12:34:32 PM
 #1

So, a friend of mine who got 2FA enabled on Kraken was not able to log on Kraken last days. He did not log into kraken for a few months.

To his surprise he was not able to log in.

So he sent a support case, and support told him that they don't have an account associated with his email.

After, he provided them with past mail conversations, which clearly show he has an account, they started to ask him 7 questions (the usual questions to help to prove ownership)

such as :

"1) Name, date of birth, and phone number on the account?

2) Address on the account? (only answer this question if you verified your account to tier 2 or higher)

3) Describe the government ID you used for tier 3 verification. Just state the country, type of ID, and expiration date - e.g. "German passport 23-08-2018." (only answer this question if you verified your account to tier 3 or higher)

4) The approximate date of your last successful login?

5) Your approximate account balances?

6) Describe the funding activity on the account - e.g. the last 3 deposits or withdrawals made, including dates, amounts and currencies. The more specific you can be, the better. Information about bank deposits or withdrawals is generally better than information about digital currency deposits or withdrawals. You can look up dates and amounts in your bank account or in your digital currency wallet.

7) Describe the trading activity on the account - e.g. the most recent trades you've made, the currencies you typically trade, currencies you don't trade, etc. The more specific you can be, the better.

We're sorry to ask for all this information, but it's a precaution to help protect against fraudulent access to your account. "

He then went on to share that, and about a day later he received this :

"I am sorry to inform you that an attacker managed to login to your account on 08-07-16 16:26, changed your email and executed a withdrawal of all your litecoins on 08-08-16 18:42. We are sorry for your loss.

Since he was able to change your email address, this means he also had access to the email address of your account. You should change your password immediately and also add Two-Factor Authentication, in example with Google Authenticator (if yahoo mail has this option).

Please get back to me after this is completed.

Best regards,"

And later Kraken said :

""He knew your master key and used it in order to bypass the 2FA for login."

Now, things does not add up right now.

My friend did not ever write down the master key aswell, and as far as I know, in order, to get the master key, you need to log on the account, the very same account that is 2FA protected itself.

So this answer is not good already.

Right now it looks like Kraken made errors while answering, and even if the attaquer managed to have access to the email of my friend, I have a hard time to understand how he got hold of the account.

Obviously the master key statement is even feeling like an insult unless I miss some elements, and this is why I am sharing that story right now.

On top of it, the person receive email notifications and is always checking his emails because of business, and guess what, he never noticed any mails from kraken, or any communication that would not be his one.

So if the attaquer got able to access his mail, he never changed the mail password, and there is no evidence of communication that happened.

It makes the whole thing fishy, if you get me, and I am trying to make sense out of it, before he unfortunately proceed with a police complaint about Kraken.

(I hope it's not confusing).

steven0021
Hero Member
*****
Offline Offline

Activity: 629
Merit: 501


Experientia docet


View Profile
September 23, 2016, 12:58:16 PM
 #2

If your friend's master key is password-type then it's also possible that the hacker got it through keylogger or bruteforce. Though I'm not sure if there's any bruteforce prevention for master keys, and am not gonna try finding out.

                                                                       
    ▄▄███████▄▄                           ▄      ▄
   ██████████████▄                       ███    ███
  ███▀ ▄▄▄▄▄▄▄ ▀████                     ███    ███
  █████████████▄ ▀███                    ███    ███   █▄ ▄▄
   ▀████▄  ▄▄███  ▀███                   ███    ███  ▄████
   ▄███████████   ▄███                  ███    ███  ▀▀███▀▀
   ███           ▄███         ▄▄▄▄      ███    ███     █    ▄▄  ▄▄▄▄
  ▄███     ▄▄▄▄█████        ▄█████▄    ▄██▀   ▄██▀    ███   █████████
  ███▄    ████████         ▄███▀▀███   ███    ███    ███▀   █████▀████
   ███     ▀▀█████▄      ▄█████▄ ███   ███    ███    ███    ████   ███
   ███         ▀███▄     ███▀███ ███  ███▀   ███▀    ███    ███▀   ███
   ███           ███▄    ███  ▀▀ ███  ███    ███    ███▀   ▄███    ███
   ▀██▄           ███    ███▄  ▄███   ███    ███    ███    ███    ███▀
    ███           ▀███▄   ████████    ███    ███    ███    ███    ███
    ▀██            ▀████   ▀████▀      ██     ██    ▀██    ▀█▀    ▀█▀


.
.
.
        ▄▄▀                ▀▄▄
     ▄ ▀▀                    ▀▀ ▄
   ▄ ▀▀▀                      ▀▀▀ ▄
  ▄▀▀▀                          ▀▀▀▄
 ▀█▄▄                            ▄▄█▀
▄█  ▄                            ▄  █▄
▀█ █▀                            ▀█ █▀
█▄  ▄                            ▄  ▄█
▀█ █                              █ █▀
█▄   █                          █   ▄█
 ██▄█▀                          ▀█▄██
  ▀▀  ▄█                      █▄  ▀▀
  ▀██▄ ▀  █▄              ▄█  ▀ ▄██▀
    ▀▀▀   ██  █▄      ▄█  ██   ▀▀▀
     ▀███▄▄▀  ███    ███  ▀▄▄███▀
        ▀▀▀▀▄▄▄▄▀    ▀▄▄▄▄▀▀▀▀
          ▀▀█████▀▀▀▀█████▀▀
.
.
Free Bitcoins
Chat Lottery & Games
Level Up System with Rewards
▄████████▄  ▄████████▄
██      ██  ██      ██
██      ██  ██      ██
██      ██  ██      ██
██      ██  ██      ██
 ████████    ████████
██      ██  ██      ██
██      ██  ██      ██
██      ██  ██      ██
██      ██  ██      ██
▀████████▀  ▀████████▀
.
monkeydong1 (OP)
Sr. Member
****
Offline Offline

Activity: 364
Merit: 250


View Profile
September 23, 2016, 01:57:46 PM
 #3

If your friend's master key is password-type then it's also possible that the hacker got it through keylogger or bruteforce. Though I'm not sure if there's any bruteforce prevention for master keys, and am not gonna try finding out.

But you can't brute force this, as you need to enter the right key, else your account get stuck for hours.
Something that way.

And in order to brute force you would need massive attempt of recovery tries. Wouldn't you ?


Also, the masterkey, is in the Kraken format. A strong key aswell, as he just set that up from kraken way, and never used it, or wrote down even.

lottery248
Legendary
*
Offline Offline

Activity: 1568
Merit: 1005


beware of your keys.


View Profile
September 23, 2016, 02:03:08 PM
 #4

i would believe that this should be in the sort of service discussion session, as you are talking about matter of scamming. Huh

out of ability to use the signature, i want a new ban strike policy that will fade the strike after 90~120 days of the ban and not to be traced back, like google | email me for anything urgent, message will possibly not be instantly responded
i am not really active for some reason
monkeydong1 (OP)
Sr. Member
****
Offline Offline

Activity: 364
Merit: 250


View Profile
September 23, 2016, 02:29:34 PM
 #5

i would believe that this should be in the sort of service discussion session, as you are talking about matter of scamming. Huh

Yea, I did not know where to post that.

If a mod feel like it should be moved out, it will happen soon enough.

lottery248
Legendary
*
Offline Offline

Activity: 1568
Merit: 1005


beware of your keys.


View Profile
September 24, 2016, 01:09:30 AM
 #6

i would believe that this should be in the sort of service discussion session, as you are talking about matter of scamming. Huh

Yea, I did not know where to post that.

If a mod feel like it should be moved out, it will happen soon enough.
move yourself, using the move topic feature, located around the bottom of the page, so moderators do not get annoyed too much.

out of ability to use the signature, i want a new ban strike policy that will fade the strike after 90~120 days of the ban and not to be traced back, like google | email me for anything urgent, message will possibly not be instantly responded
i am not really active for some reason
Wind_FURY
Legendary
*
Offline Offline

Activity: 2954
Merit: 1838



View Profile
September 24, 2016, 03:56:01 AM
 #7

This is the wrong section of the forum for this type of topic. The better place for this kind of thing is in the Service Discussion forum. There are people there who know and have tried Kraken before. If you are lucky a representative from Kraken could even post in the thread.

Maybe the screenshots of the emails with Kraken would come in handy here as proof. These are serious accusations and by making the situation public it is your responsibility to give proof what what you are saying actually happened.

██████████████████████
█████████████████████████
█████████████████████████
█████████████████████████
█████████████████████████
█████████████████████████
█████████████████████████
█████████████████████████
█████████████████████████
█████████████████████████
█████████████████████████
█████████████████████████
██████████████████████
.SHUFFLE.COM..███████████████████████
███████████████████████
███████████████████████
███████████████████████
███████████████████████
█████████████████████
████████████████████
██████████████████████
████████████████████
██████████████████████
███████████████████████
███████████████████████
███████████████████████
███████████████████████
███████████████████████
███████████████████████
██████████████████████
██████████████████████
██████████████████████
███████████████████████
███████████████████████
███████████████████████
███████████████████████
███████████████████████
███████████████████████
███████████████████████
.
...Next Generation Crypto Casino...
JammyJimmy69
Member
**
Offline Offline

Activity: 79
Merit: 10


View Profile
October 17, 2017, 04:08:25 PM
 #8

The question that stumps most of us when trying to get an account re-enabled on kraken is to tell them when you last successfully logged in. This is crazy as we were never told to keep a record of successful log in attempts, why should we if it was successful? Since some of us only log in occasionally (I do about once a month), it's impossible to provide the correct date.

Unfortunately, a friend provided the wrong date (he did say it was a guess) which meant that his account was closed rather than enabled. He lost about 2 BTC and 25 ETH so he's more than a little pissed off. He even correctly mentioned what funds he had and they still closed his account.

Date of last successful log in is the most important security question and you have to get the date correct! If you're a Kraken user, put a mark on your calender EVERY time you log in successfully starting TODAY!. I know, WTF! But it has to be done.

It seems like Kraken may be going the same way as Bittrex who are closing a lot of accounts for no real reason at all.

I'm currently moving ALL funds (even small amounts) from my exchanges now and keeping them on my hardware wallet until we get some sort of regulation in place. Problems like this will really start to drive down crypto prices soon.

Before you ask... yes, he did have 2FA enabled. He thinks that he made a simple error rather than his account being compromised.

Why can't they just issue hardware tokens like banks do or is it too simple?
Pages: [1]
  Print  
 
Jump to:  

Powered by MySQL Powered by PHP Powered by SMF 1.1.19 | SMF © 2006-2009, Simple Machines Valid XHTML 1.0! Valid CSS!