Hackers trying to steal crypto by loggin in to exchanges and hacking my email

[SimonJones]

Someone has logged into my account by sending the account key code to another email 2 times yesterday. The first time i received this email:
___________________
On SeptembeTESTEST pm, the following alternate email address was added to your Yahoo account: **Username Protected**@gmail.com You can now use this alternate email address to safely recover your Yahoo account and verify your identity.
___________________
We sent an Account Key (code) to **Username Protected**@gmail.com which was used to sign in to your Yahoo account (********@yahoo.com). Date and Time: SeptembeTESTEST1 AM PDT Estimated Location: Colorado, United States (IP AddresTESTEST) Device: chrome, windows nt
___________________
And he signed in to my account.
I then changed my password and signed him out. I also removed permission for all apps from my account security page and only have my personal phone signed in to my account.
But a few hours later i got these 2 emails again.
___________________
On SeptembeTESTEST am, the following alternate email address was added to your Yahoo account: **Username Protected**@gmail.com
___________________
We sent an Account Key (code) to **Username Protected**@gmail.com which was used to sign in to your Yahoo account (********@yahoo.com). Date and Time: SeptembeTESTEST4 PM PDT Estimated Location: Canada (IP AddresTESTEST) Device: chrome, windows nt
___________________
 
I removed him again but i have nothing else to do as all app permissions were already removed earlier.
 
I have 2 step login activated with my mobile number but it seems that does not stop the login.
The password is unique and is only used in yahoo.
My other emails are safe so i know it's not my PC that has been compromised.

He tried to reset my password for other sites and was able to reset some passwords. Binance and BTC-e. But Binance i had google authenticator and BTC-e he was able to login but withdrawals from the site are paused at the moment.
 
EDIT : How is he able to add an alternate email account and send recovery code to log in from that email? It's not possible to add an alternate account without my password. And if he had my password, why add an alternate email.

The only thing i can think of is that some app is giving access to add an alternate email account.
 
Please advise.
 
Thanks.

[ghdeveloper]

Please try to change your email. Your email may have auto forward function like gmail.

[2pal34u]

Please try to change your email. Your email may have auto forward function like gmail.

Yes, change to gmail and enable 2FA

[SimonJones]

Please try to change your email. Your email may have auto forward function like gmail.

No I don't have auto forward.

Why would the hacker send an account key code to another email and add an alternate email to my email address? And how can he send the account key code to another email?

[SimonJones]

Repeat : How is he able to add an alternate email account and send recovery code to log in from that email? It's not possible to add an alternate account without my password. And if he had my password, why add an alternate email

[Turkiwi]

Always make sure that you provide your email only to trusted parties and always subscribe at trusted providers. Hackers can get access to your account in many ways, and the most likely one is through your email, so make sure your email provider is safe, as it is the first entry point for potential hackers

[SimonJones]

They got my email from BTC-e. The exchanged was compromised some years ago and they got hold of user emails.

It's interesting that I posted this in the yahoo help forums and my post got deleted. I suspect it's a Yahoo Mail bug because the hacker was able to add an alternate email to my account without requiring my password. It may be a bug with how the account security recovery code is sent when you are signed in to mobile devices that have not been updated for long.

[ttlowelc]

So i always enable 2-factor authentication on my account.

[Pumapipa]

They got my email from BTC-e. The exchanged was compromised some years ago and they got hold of user emails.

It's interesting that I posted this in the yahoo help forums and my post got deleted. I suspect it's a Yahoo Mail bug because the hacker was able to add an alternate email to my account without requiring my password. It may be a bug with how the account security recovery code is sent when you are signed in to mobile devices that have not been updated for long.

Oh gosh, this case is very alarming. I guess Yahoo! Should look into this very well, or they compromise the security of accounts they are handling. It's a bit alarming in a sense that hackers can do this without an actual password.
Do you think hackers can penetrate bitcoin accounts too and transfer hard earned bitcoins to another account? Curious on this though. Thanks for your reply.

[arthurart]

Hey SimonJones, did you figure this out? I'm having the exact same problem with my Yahoo account. It has me seriously spooked.

[HappyCaptain]

I will be following this thread because I know someone who had the same issue. I also recommend to use gmail for anything that involves bitcoin because it is more secured than yahoo.