Bitcoin Forum
June 24, 2024, 08:16:41 AM *
News: Latest Bitcoin Core release: 27.0 [Torrent]
 
   Home   Help Search Login Register More  
Pages: « 1 [2] 3 »  All
  Print  
Author Topic: BTC-E account hacked!!!  (Read 3264 times)
lbr
Sr. Member
****
Offline Offline

Activity: 423
Merit: 254


View Profile
April 19, 2013, 06:35:19 PM
 #21

If you by any chance have enabled firewall logging in ur Windows u can check if these IPs are also logged there.

BTC: 18ozhbkfHneX8tnPgHJuTizyBmspM5Vgpa  LTC: LgVc7KdedPGZyDXHXEH9G7z6AoTmTvDdWb
cgminer 2.11.13 x64 portable for Mac OS X 10.6.8
6+ GPUs driver mod for Windows
Pingonious (OP)
Newbie
*
Offline Offline

Activity: 24
Merit: 0


View Profile
April 19, 2013, 06:40:50 PM
 #22

If you by any chance have enabled firewall logging in ur Windows u can check if these IPs are also logged there.

I will check. I do know that I have logging enabled on my router, will take a look as well. Thanks
holysmokes
Newbie
*
Offline Offline

Activity: 12
Merit: 0


View Profile
April 19, 2013, 07:16:43 PM
 #23

one way of making you a potential target is by using the chatbox. have you posted messages on the chatbox ? 
Pingonious (OP)
Newbie
*
Offline Offline

Activity: 24
Merit: 0


View Profile
April 19, 2013, 07:28:45 PM
 #24

one way of making you a potential target is by using the chatbox. have you posted messages on the chatbox ? 

I did not use the chatbox at all. I funded the account on the 4/16 and placed an order to buy. On 4/17 the account was hacked, order was canceled and my code was redeemed for all my funds.
holysmokes
Newbie
*
Offline Offline

Activity: 12
Merit: 0


View Profile
April 19, 2013, 08:11:34 PM
Last edit: April 20, 2013, 02:04:55 AM by holysmokes
 #25

it seems that those who haven't enabled the withdrawal email confirmation are the ones being targeted.
so far i haven't yet read about users, with the security feature enabled, claiming that there was an attempt by someone to withdraw money from their account. I really wonder why i haven't heard any. it's possible that they'll check the security setting first before attempting to withraw.

most of the accounts hacked were new.

no password was strong enough. inside job perhaps? or some unfixed vulnerability.

java was not installed in some of the affected users' computers.

it's not just windows machines that were affected.

withdrawals were initiated from different IP's around the world. TOR? web proxies? VPN?





easycoins
Newbie
*
Offline Offline

Activity: 26
Merit: 0


View Profile
April 19, 2013, 08:18:14 PM
 #26

Did BTC-E advise you they where going to do something about what happened? They should at least try to help you?
Pingonious (OP)
Newbie
*
Offline Offline

Activity: 24
Merit: 0


View Profile
April 19, 2013, 08:26:44 PM
 #27

Did BTC-E advise you they where going to do something about what happened? They should at least try to help you?


That's the funny thing. The first responded to my email say that there was a BTC-e Code. When I attempted to redeem the code, I got an error stating that it had already been redeemed. I let them know and then they sent me an email showing me the last IP's that accessed my account and that was the end of it in regards to any type of communication from their support.

Shouldn't they be able to see who it was that redeemed that code and possible reverse the transaction as it is a fraudulent one?

This is what is so frustrating to me, that I am up in there air as to what they are doing to remedy the situation. Don't know if they are going to do something about it or leave me holding the bag. Their silence is killing me.
Darkwin
Member
**
Offline Offline

Activity: 191
Merit: 10


View Profile
April 19, 2013, 09:16:47 PM
Last edit: July 10, 2018, 04:20:47 PM by Darkwin
 #28

Samething happened to me only that i got a notice from gmail saying someone from an Singapore IP got into my account
Pingonious (OP)
Newbie
*
Offline Offline

Activity: 24
Merit: 0


View Profile
April 19, 2013, 09:40:00 PM
 #29

That is what is eating at me, I have lost so many opportunities to purchase btc because of this. If they are swamped, working on it, whatever. At least keep the customer informed.
DAN444
Full Member
***
Offline Offline

Activity: 158
Merit: 100


View Profile
April 19, 2013, 10:07:02 PM
 #30

Hi
I wanted to deposit some funds on this site but dont they have additional  double protection
like google authenticator in addition to your password for example?
Pingonious (OP)
Newbie
*
Offline Offline

Activity: 24
Merit: 0


View Profile
April 19, 2013, 10:50:13 PM
 #31

I do not think so
Dorpsgek
Newbie
*
Offline Offline

Activity: 49
Merit: 0


View Profile
April 20, 2013, 12:04:02 AM
 #32

aaarrg that sucks man
DAN444
Full Member
***
Offline Offline

Activity: 158
Merit: 100


View Profile
April 20, 2013, 02:05:44 AM
 #33

I do not think so
Yes this is a flaw imo
Other serious sites (like MtGox)  have google authenticator mobile phone protection
joesmoe2012
Hero Member
*****
Offline Offline

Activity: 882
Merit: 501


Ching-Chang;Ding-Dong


View Profile WWW
April 20, 2013, 02:29:14 AM
 #34

With the e-mail to request withdrawa security feature, does that mean that you have to e-mail support and wait days everyteim you want to withdraw bitcoins?

Also i enabled it, then went back to disable it, but it doesn't show as being enabled?

Check out BitcoinATMTalk - https://bitcoinatmtalk.com
holysmokes
Newbie
*
Offline Offline

Activity: 12
Merit: 0


View Profile
April 20, 2013, 03:07:05 AM
 #35

With the e-mail to request withdrawa security feature, does that mean that you have to e-mail support and wait days everyteim you want to withdraw bitcoins?

Also i enabled it, then went back to disable it, but it doesn't show as being enabled?


i think you need to have your email address confirmed first. Btce should send an email to your registered address.
Pingonious (OP)
Newbie
*
Offline Offline

Activity: 24
Merit: 0


View Profile
April 20, 2013, 03:07:28 AM
 #36

With the e-mail to request withdrawa security feature, does that mean that you have to e-mail support and wait days everyteim you want to withdraw bitcoins?

Also i enabled it, then went back to disable it, but it doesn't show as being enabled?



I think it means that when you request a withdrawal it will send you an email and you must confirm it via email
Hei_
Newbie
*
Offline Offline

Activity: 42
Merit: 0



View Profile
April 22, 2013, 12:00:21 PM
 #37

Hi to all,

I am posting this hoping to see if anyone has had any luck getting anything resolved with these people. I opened an account on 4/16 and funded in via PM in the form on $1065 USD. I then placed a buy order for btc totaling $1050 and leaving $15 in cash. When I checked in the morning to see if my order got filled, I found my order cancelled and my account with a $0 balance. I informed support and they told me a redeem code was issued and the gave me the code. When I attempted to redeem, the code had already been used and not by me. Then gave me the last IP address that accessed my account and one was from the Netherlands and the other from Germany. When I then sent them an email asking how they were going to correct the issue I have not heard anything back since.

Has anyone had any luck?


Mods, I apologize if there is already a thread on the topic, feel free to do with the post as deemed necessary.




allways 2 factor
tahar
Newbie
*
Offline Offline

Activity: 28
Merit: 0



View Profile
April 22, 2013, 12:12:53 PM
 #38

Anyone know if an exploit can launch from clicking on the notifications or messages at the upper right box with your username? I clicked to open a notification (notif) from someone I did not recognize. The notification did not load even after several attempts so I didn't even have the opportunity to click on any links in the notification, if there were any. After I did that however, I could not navigate to other parts of the site like my finances and profile. It would say that I'm not logged in, but when I return to the homepage, it says that I'm logged in.

Certainly sets off a few warning flags. I'd not keep too much in your account. Although i'd be very surprised if the site enabled notifications allowed script executions but at the same time, it's not intangible.
ISAWHIM
Hero Member
*****
Offline Offline

Activity: 504
Merit: 500



View Profile
April 22, 2013, 12:14:48 PM
 #39

check your host file, dump your DNS cache (turn off that windows service if it exists)...

Do a full system scan, I suspect you may have a plugin on your browser or root, that is hijacking your page. Eg, you are actually on site A but site A shows site B in an overlay frame, and the "java" or "javascript" or whatever, is not functioning because of that.

They do that to capture your keyboard typing, as you "think" you are entering it into site A, but you are just seeing site A and site B is reading your keystrokes.

Thus, not letting you get inside the actual site.

If you are in REAL deep stuff... try the bleepingcomputer website. They will walk you through a good mbam scan. That finds most things that virus scanners just can't. If nothing still, use microsofts tool for scanning. (That is a "download every time you need to use it" tool.) I forget what it is called, but if something nested itself into a part of windows itself, where mbam can't go, or virus scanners can't go... that will usually get it.

If it happened that fast, I imagine you were infected WAAAY before you visited that site. They watched you create an account, and then waited for your deposit. Purposely canceled it, and got that ticket for the refund, and cashed it out.

Or it is the server itself that has been compromised, which would only affect 'new transactions", such as yours. They need to check the code, php, asp, javascript, etc, for injected code that keeps injecting itself into the server. Usually hidden in cron-jobs, or auto-backups, or auto-updates on the server itself.

In any event, it is THEM who has to do the legal footwork to get the money back for the thieves. It is you who has to do the legal footwork for you, to get it back from them. Hard part will be proof of "them" being the compromised source. (Unless you find others who are having this issue, and your saved scan logs show no related virus results on your PC.)

If they are wise, and I am sure they are... they will bite the loss, repaying you, then try to fight for the hunting of the thief. I am sure they have some form of "allowable losses" to accommodate for that. One would hope, or that is how you loose all your business.
Zeal0t
Member
**
Offline Offline

Activity: 78
Merit: 10


To the moon?


View Profile WWW
April 22, 2013, 12:22:18 PM
 #40

Ah man that's a lot of money not being where it belongs. I do hope you get this dilemma sorted.

I vow never to use this space for sleazy referrals, gambling, spam, or to beg for handouts.
Pages: « 1 [2] 3 »  All
  Print  
 
Jump to:  

Powered by MySQL Powered by PHP Powered by SMF 1.1.19 | SMF © 2006-2009, Simple Machines Valid XHTML 1.0! Valid CSS!