Bitcoin Forum
December 14, 2017, 05:22:54 AM *
News: Latest stable version of Bitcoin Core: 0.15.1  [Torrent].
 
   Home   Help Search Donate Login Register  
Pages: « 1 [2]  All
  Print  
Author Topic: Bittrex Account Hacked - 2FA was active  (Read 2234 times)
Hastura
Newbie
*
Offline Offline

Activity: 14


View Profile
August 07, 2017, 06:29:31 PM
 #21

If you haven't entered your details in one of the fake bittrex site than this issue sound quite serious one. I have also enabled 2fa few months ago on bittrex and trusting them with most of my cryptos so I am quite worried right now after reading your case. Do they really have fault in their 2fa? I don't think 2fa can fail at any point because they are tied with google authentication which is based on time and secret code provided by the site.  Roll Eyes

Hello amacar2

To be honest, i still don't know if i entered my details in one of the fake bittrex sites or if they did it in some other way.
In a strage way, i'm hopping that it was the thing with the fake bittrex address...so i could say: "S##t...my bad." And this would then also mean, that everything is ok with the 2FA.


Cus, just try to imagine what would happend if the really hacked the 2FA system Shocked
Advertised sites are not endorsed by the Bitcoin Forum. They may be unsafe, untrustworthy, or illegal in your jurisdiction. Advertise here.
1513228974
Hero Member
*
Offline Offline

Posts: 1513228974

View Profile Personal Message (Offline)

Ignore
1513228974
Reply with quote  #2

1513228974
Report to moderator
1513228974
Hero Member
*
Offline Offline

Posts: 1513228974

View Profile Personal Message (Offline)

Ignore
1513228974
Reply with quote  #2

1513228974
Report to moderator
1513228974
Hero Member
*
Offline Offline

Posts: 1513228974

View Profile Personal Message (Offline)

Ignore
1513228974
Reply with quote  #2

1513228974
Report to moderator
Hastura
Newbie
*
Offline Offline

Activity: 14


View Profile
August 07, 2017, 06:37:45 PM
 #22

There is something I don't get in the original post. For outgoing transfers, we get an email verification with a link to click to confirm the transaction. Without this process, it's not possible. So how would it be possible without getting access to your own email.
Bittrex usually answer to support ticket in 24 hours average but tracking the IP is worthless because only an idiot village  would use his original IP without masking it
You do? Mine does not function like this at Bittrex - it does for a few other exchanges but not for Bittrex.. I should probably cruise through my settings pages and see if I can enable that. If not it should really be mandatory on the site.. kind of like a 3FA if you will.

I've been pulling my longer term holdings off of all exchanges, I get realllyyy nervous when I see a balance in an exchange over a few thousand $$$.

Hella soothaa and hello LeGaulois

I was going to say basically the same thing soothaa wrote.

You only get an email verification with a link when you're NOT using 2FA.
When you activate 2FA for your Bittrex account, you only need to enter the 2FA verification code to authorize the transaction...and you don't get an extra mail with a verification link.

tachypknea
Newbie
*
Offline Offline

Activity: 7


View Profile
August 07, 2017, 08:05:58 PM
 #23


I think i got hacked the same way (The IP Address of the hacker was also from Russia), it is weird how Bittrex won't prompt an email confirmation to the user when the IP address is very off  (I also live very far away from Russia)

Hello tachypknea

I also don't understand that. I always  logged in from the same country, so it's strage that they/the security system did nothing when suddenly in ip from Russia logged in.
Did you already get an answer from the support?

Hello Hastura,

They ignored my question, they sent me an automated message of how to re-activate your account...... From the looks of it they haven't looked into the situation at all. I tried following up, but no reply in the last 30 hours.

Yeah, it's weird how they will freeze your account when a weird IP accesses your account (if it's dormant), but won't do the same when the account is active.. It's also weird how they won't allow users who enable 2FA to have email address confirmation as well. I know other websites that would prompt me to confirm with my email when a new IP or device is used for the account, it's not new technology or anything..

My biggest concern is that it's an issue on their end with the 2FA, in which I won't feel safe holding my money on the exchange anymore.

Thank you for your help everyone.
figmentofmyass
Hero Member
*****
Offline Offline

Activity: 546



View Profile
August 07, 2017, 08:47:55 PM
 #24

Check your history. Probably you didn't enter your username, password and 2fa code on Bittrex site but on a site with a very similar address.

How did you get to their site? Searching Google for their name or address? Writing the website address?

i really hope that this is the culprit. it sucks that the OP lost money, but if the exchange had its TOTP token database compromised, there will be big losses coming for other customers.

i haven't heard any other complaints like this yet today, so i'm guessing he just got fooled into clicking on a fake site / phishing link.

pinkflower
Sr. Member
****
Offline Offline

Activity: 420



View Profile
August 08, 2017, 05:33:23 AM
 #25

Please post all necessary screen shots and show everyone that you were really hacked and got your coins stolen. When a newbie account starts to claim that they were hacked, we should be skeptical. It could be he lost some BTC in trading some altcoin and is now starting to blame the exchange for his losses.



         ▄▄██████████▄▄
      ▄█████████████████                                ▄▄▄▄     ▄▄▄▄     ▄▄▄▄
    ▄███████▀▀   ▀▀██████                              ██████   ██████   ██████
   ▄██████▀        ██████                              ▀████▀   ▀████▀   ▀████▀
  ▐██████          ▀▀▀▀▀▀
  ██████
 ▐██████
 ██████      ███████████▌    ████████▄▄       ▄███▌     ▄██████████ ███████████▌
▐██████      ███████████    ▐███   ▀███▌     ▄████▌     ███▌           ▐███
██████▌          ██████▌    ███▌    ███▌    ███▀███     ███            ███▌
██████▌          ██████    ▐███▄▄▄▄███▀    ███  ███    ▐█████████      ███
███████         ███████    ████▀▀▀███▄    ███   ███▌   ███▀▀▀▀▀▀      ▐███
 ▀███████▄▄▄▄▄████████    ▐███     ███  ▄██████████▌  ▐███            ███▌
  ▀████████████████▀      ███▌    ▐███ ▄███     ▐███  ███▌           ▐███
     ▀▀███████▀▀▀         ▀▀▀     ▀▀▀▀ ▀▀▀       ▀▀▀  ▀▀▀            ▀▀▀▀

║▮
║▮
║▮

▮║
▮║
▮║



                 ▄████▄▄    ▄
██             ████████████▀
████▄         █████████████▀
▀████████▄▄   █████████████
▄▄█████████████████████████
██████████████████████████
  ▀██████████████████████
   █████████████████████
    ▀█████████████████▀
      ▄█████████████▀
▄▄███████████████▀
   ▀▀▀▀▀▀▀▀▀▀▀



       ▄▄▄▄▄▄
    ▄████████
    █████▀▀▀▀
   ▐████
   ▐████
████████████
████████████
   ▐████
   ▐████
   ▐████
   ▐████
   ▐████




                      ▄▄████
                ▄▄▄████████▌
          ▄▄▄███████▀▄█████
     ▄▄█████████▀▀ ▄██████▌
▄▄███████████▀  ▄█████████
 ▀▀▀█████▀    ▄██████████▌
       ██   █████████████
        █▄ █████████████▌
        ▐█▄███▀▀████████
         ███▀    ▀▀████▌
                    ▀▀█


                   ▄▄▄    ▄▄██▄▄
                   ██▀▀██████████
                  ██     ████████
                 ▐█▀      ▀████▀
   ▄▄▄▄    ▄▄██████████▄▄    ▄▄▄▄
 ▄████████████████████████████████▄
▐██████████████████████████████████▌
▐██████████   ▀██████▀   ███████████
 █████████▌    ██████    ██████████
  ▀██████████████████████████████▀
   ▀████████▀▀████████▀▀████████▀
     ▀███████▄        ▄████████▀
       ▀████████████████████▀
          ▀▀▀▀█████████▀▀▀▀
Hastura
Newbie
*
Offline Offline

Activity: 14


View Profile
August 08, 2017, 07:37:01 AM
 #26


I think i got hacked the same way (The IP Address of the hacker was also from Russia), it is weird how Bittrex won't prompt an email confirmation to the user when the IP address is very off  (I also live very far away from Russia)

Hello tachypknea

I also don't understand that. I always  logged in from the same country, so it's strage that they/the security system did nothing when suddenly in ip from Russia logged in.
Did you already get an answer from the support?

Hello Hastura,

They ignored my question, they sent me an automated message of how to re-activate your account...... From the looks of it they haven't looked into the situation at all. I tried following up, but no reply in the last 30 hours.

Yeah, it's weird how they will freeze your account when a weird IP accesses your account (if it's dormant), but won't do the same when the account is active.. It's also weird how they won't allow users who enable 2FA to have email address confirmation as well. I know other websites that would prompt me to confirm with my email when a new IP or device is used for the account, it's not new technology or anything..

My biggest concern is that it's an issue on their end with the 2FA, in which I won't feel safe holding my money on the exchange anymore.

Thank you for your help everyone.

Hello tachypknea

I think i got the exact same answer from the support and they set the ticket from "open" to "solved".
They say that i got on phishing site and that is how they got access to my account...well s##t!

And you know what? That's exactly what happend  Sad
Yesterday i checked all the site i visited that day...and it took me over 1h. And then i found it...
In my case i really landed on a fake site...it's sad but its my fault.

Well, thanks everyone for the help and have a nice day.
LeGaulois
Hero Member
*****
Offline Offline

Activity: 546


View Profile
August 08, 2017, 12:29:38 PM
 #27

There is something I don't get in the original post. For outgoing transfers, we get an email verification with a link to click to confirm the transaction. Without this process, it's not possible. So how would it be possible without getting access to your own email.
Bittrex usually answer to support ticket in 24 hours average but tracking the IP is worthless because only an idiot village  would use his original IP without masking it
You do? Mine does not function like this at Bittrex - it does for a few other exchanges but not for Bittrex.. I should probably cruise through my settings pages and see if I can enable that. If not it should really be mandatory on the site.. kind of like a 3FA if you will.

I've been pulling my longer term holdings off of all exchanges, I get realllyyy nervous when I see a balance in an exchange over a few thousand $$$.

Yes, it's how it works for me. For every transfer outside Bittrex I receive an email for verification purpose and I need to click the link inside to allow the transfer otherwise it is not possible. It is a setting set by default so you shall have it enabled as well.
Also, you can use the "IP address whitelisting" so you can only place orders or withdraw funds from the IP listed.
And the "Withdrawal address whitelisting"  so you can only withdraw a specified crypto to the specified addresses you set

Edit: after checking quickly I have not found where it is possible to disable the email verification process. :/

carlisle1
Hero Member
*****
Offline Offline

Activity: 616


★YoBit.Net★ 350+ Coins Exchange & Dice


View Profile
August 08, 2017, 12:37:18 PM
 #28

There is something I don't get in the original post. For outgoing transfers, we get an email verification with a link to click to confirm the transaction. Without this process, it's not possible. So how would it be possible without getting access to your own email.
Bittrex usually answer to support ticket in 24 hours average but tracking the IP is worthless because only an idiot village  would use his original IP without masking it
You do? Mine does not function like this at Bittrex - it does for a few other exchanges but not for Bittrex.. I should probably cruise through my settings pages and see if I can enable that. If not it should really be mandatory on the site.. kind of like a 3FA if you will.

I've been pulling my longer term holdings off of all exchanges, I get realllyyy nervous when I see a balance in an exchange over a few thousand $$$.

Yes, it's how it works for me. For every transfer outside Bittrex I receive an email for verification purpose and I need to click the link inside to allow the transfer otherwise it is not possible. It is a setting set by default so you shall have it enabled as well.
Also, you can use the "IP address whitelisting" so you can only place orders or withdraw funds from the IP listed.
And the "Withdrawal address whitelisting"  so you can only withdraw a specified crypto to the specified addresses you set

Edit: after checking quickly I have not found where it is possible to disable the email verification process. :/
after I read this post I quickly checked those setting and I wonder why I didn't pay attention on it, I think its still our obligation to secure
everything  and its weird how 2fa can be hacked if that's really happen to OP.

poordeveloper
Hero Member
*****
Offline Offline

Activity: 686


Bounty Manager


View Profile WWW
August 08, 2017, 01:34:15 PM
 #29

There is something I don't get in the original post. For outgoing transfers, we get an email verification with a link to click to confirm the transaction. Without this process, it's not possible. So how would it be possible without getting access to your own email.
Bittrex usually answer to support ticket in 24 hours average but tracking the IP is worthless because only an idiot village  would use his original IP without masking it
You do? Mine does not function like this at Bittrex - it does for a few other exchanges but not for Bittrex.. I should probably cruise through my settings pages and see if I can enable that. If not it should really be mandatory on the site.. kind of like a 3FA if you will.

I've been pulling my longer term holdings off of all exchanges, I get realllyyy nervous when I see a balance in an exchange over a few thousand $$$.

Yes, it's how it works for me. For every transfer outside Bittrex I receive an email for verification purpose and I need to click the link inside to allow the transfer otherwise it is not possible. It is a setting set by default so you shall have it enabled as well.
Also, you can use the "IP address whitelisting" so you can only place orders or withdraw funds from the IP listed.
And the "Withdrawal address whitelisting"  so you can only withdraw a specified crypto to the specified addresses you set

Edit: after checking quickly I have not found where it is possible to disable the email verification process. :/
IP address whitelisting it's only a viable option if you have a static IP. For most people, using this option will only lock yourself out of your account.





               ▄██▄
             ▄██████▄
           ▄██████████
         ▄████████████
       ▄██████████████
     ▄██████████▀█████
   ▄██████████▀  █████
 ▄██████████▀    █████████████▄
██████████▀      ███████████████▄
 ▀██████████████ █████████████████
   ▀████████████       ▄████████▀
     ▀██████████     ▄████████▀
          ██████   ▄████████▀
          ██████ ▄████████▀
          ██████ ███████▀
           ▀████ █████▀
             ▀██ ███▀
                 █▀
FORTY
SEVEN
   
  We are Connecting Financial World
Regulated Decentralized European Crypto Bank  >>>>>>>>>
 


██
██
██
██
██
██
██
██
██
██
██
██
██
██
██
██
██
██
██
██
██
 


██
██
██ ████
██ ████
██ ████ ███
██ ████ ███
██ ████ ███
██ ████ ███
██ ████ ███
██ ████ ███
██ ████ ███
██ ████ ███
██ ████ ███
██ ████ ███
██ ████ ███
██ ████ ███
██ ████ ███
██ ████
██ ████
██
██
 


██
 ██
████ ██
 ████ ██
███ ████ ██
███ ████ ██
███ ████ ██
███ ████ ██
███ ████ ██
███ ████ ██
███ ████ ██
███ ████ ██
███ ████ ██
███ ████ ██
███ ████ ██
███ ████ ██
███ ████ ██
 ████ ██
████ ██
 ██
██
POSITRON333
Newbie
*
Offline Offline

Activity: 14


View Profile
August 28, 2017, 06:22:55 PM
 #30

HI today when triying to log in bitrex I got a message that said is new ip address and I need check a email they sended  and log in to bitrex from a link in that email?Huh

I of course don't do that but now every time I try to log on bitrex after I enter my 2fa they tell me I need to check my email and log on from email they sended???  is that bitrex new security way  or is a hack try?

don't know how to put photos here.  so I can post a photo of the email contents I got  from "bitrex"


I checked the email direccion of the sender and is the same when i got login confirmation.

i will copy and paste part of the email i got  supposedly from bitrex:
(the xxxxxxx are mine for don't show what i think important info)


"
Bittrex IP Verification


Dear xxxx@xxxx,

This is to notify you that we have detected a login from an IP address or device that has not been used by this account before. In order to allow this device to access your account, you will need to login again from the same device using the link below.


CLICK HERE TO ENABLE THIS DEVICE and logon to your account.

Login Time: 08/28/2017 18:08 UTC
IP Address: xxxxxxx
User Agent: xxxxxxx

You can check your current IP address here: https://bittrex.com/home/whatismyip

Always use unique, strong passwords for your Bittrex account and never use the same password twice. Do not reuse your passwords on other accounts, such as your personal email account. The Bittrex staff will never ask you for your password.

Best regards,
Bittrex Team


If you did not initiate this login, there is a chance your account credentials have been stolen.

Please change your password and disable your account if you are worried the account has been compromised.
"



thanks for help.






updated:    now I can enter to bitrex using other browser,  but with microsofte edget don't let me in, only said I need to log in from a email they senede that validate new ip address,   but I am login from the same pc as always (but sometime my internet provider changes my ip)  but I think is same ip I am using lately
Chol_gol
Member
**
Offline Offline

Activity: 112


View Profile
December 02, 2017, 07:55:56 AM
 #31

I have launched a telegram group. I want all those whose account has been disabled to join to this group. and if we needed to file a lawsuit against them we can do it collectively for better results.
everybody is welcome
here is group:
https://t.me/joinchat/BjmOlA2Ir-_l5XhBATHoTg
Pages: « 1 [2]  All
  Print  
 
Jump to:  

Sponsored by , a Bitcoin-accepting VPN.
Powered by MySQL Powered by PHP Powered by SMF 1.1.19 | SMF © 2006-2009, Simple Machines Valid XHTML 1.0! Valid CSS!