HITBTC - LOSS OF MONEY / SCAM / THIEVES

[danielcoupe]

I had many small crypto bought at HitBTC, and some bigger crypto also.
I had 2FA login security activated, so only I can access my account.
Suddenly, 16.09.2017 somebody logged into my account (email with login alert came after 1h from login?! - first bullshit)
Somebody using IP adress from Switzerland sold everything and changed it into BTC - 0.49 - and then he transfered it outside.
How is it possible to login to an account with 2FA, when only I have it on my Android ?
How is it possible to steal someone money with e-mail notifications ? (I had no gmail logging history of any unknown IP - only mine)
HITBTC is a SCAM, THIEVES and fucking losers, because this is what happend when they answered me:

"Eugene Moura (HitBTC)
Sep 20, 09:28 WEST
Dear Trader,
Thank you for reaching out!
Looks like someone has the access to your account, and we are terribly sorry to hear that.
This is the worst experience one could have, because it is not possible to return your money as now they’re part of the blockchain.
We have held the investigation with the recent hacking attacks. Judging by the facts that we found, we came to the conclusion that before the attack, all the victims were on a phishing site http://hiitbtc.com/.  Which was used to steal the email addresses and passwords in order to gain access to HITbtc accounts. The criminal activity of hiitbtc.com has already ben suppessed. Unfortunately, it is out of our hands to refund your money.
Please note that http://hitbtc.com is the only legitimate HitBTC domain.
Regards,
Eugene Moura
HitBTC Support team"


Can You imagine that I have never visited any site like HIITBTC in my whole internet browser history? I use Google Chrome.
Anyway, someone thinks that I did.


What are Your suggestions to help me ?

[1714131379]

1714131379

[1714131379]

1714131379

[220lptrader]

Daniel -

Same thing happened to me.  Funds liquidated into btc and withdrawn yesterday.  I got the same bs message from them today.  I know it's not true because I never experienced any type of a glitch logging in and have nothing in my history.  I've only had the account with them for three weeks. There's nothing in google that it ever even existed, and the security that my company uses on the laptop that I use won't even allow me to access that site.  It's very obvious Hitbtc is using this as an excuse to deny any liability of the matter.  If it is even true that there was a phishing site, then why haven't they notified their customers to make them aware and have them change their passwords? 

Everything about it is very fishy.  Please let me know if you hear anything more from them, or hear of any others that had the same thing happen to them.  I think they were hacked and this is there way of covering it up.  Blaming it on user error is much better for business than publicly admitting that someone either got into your system or breached you from the inside.  But I am absolutely certain in this case that it wasn't user error.

LP

[czyjj]

This situation is dangerous, and if you check every link is correct, then it could be an exchange problem

[pinkflower]

Sorry for what happened, but did you really have 2FA activated? It would be almost impossible for the hacker to log in your account and withdraw for BTC if you had it activated. Its very easy to create a new account in the forum and make up a bunch of posts.


 

[220lptrader]

pinkflower - I can't speak for Daniel, but I did not have 2FA activated and never said I did.  I did say that my entire account was liquidated and withdrawn and that is what happened.  I received a successful login from new ip address email from Hitbtc but that did nothing since my account was gone only minutes later.  But what difference does that make?  It's the form letter I got back 8 minutes after I sent in my ticket that has me angry.  Go up to Daniel's post and read it again.  That's exactly what I received with the same misspelling of the word "suppressed".   How would they know if I went to a site called hittbtc.com?  I have nothing in my history that shows that.  When I tried to visit that site after I got their email, the security features on the company laptop that I use wouldn't even let me access it.  Also, I don't enter the domain name myself, I google it first.  Googling hiitbtc.com doesn't give any results, it defaults to hitbtc.com.  Then when I did try to type the site directly into the search bar on my phone it goes directly to the verified hitbtc.com site, which tells me they have acquired the domain.  The last registration of this domain was 9/16.  If Hitbtc acquired this website on 9/16 they did so because they knew it had been a phishing site, but then they didn't inform customers through any type of communication?  And then we're hacked on 9/19?

I have no history of this site, and a company laptop that wouldn't let me access the site they claim I accessed.  They have made no communication of accounts being compromised by this site or communicated to customers to change their passwords even now despite their form email confirming that there have been multiple hacks and multiple accounts affected.  This is a scumbag website.  Sorry I had not activated my 2FA, but I had only had the account for 2 weeks and even basic security measures (an email confirming the access from a new ip address as an example, or an email confirming a withdrawal to a new address) could have prevented this from happening.  I have accounts with five different exchanges and based on the basic protections of all the other accounts I have this never could have occurred.  Then they send me a form letter and don't even investigate the matter as it's own incident?  This is a scumbag site, and the whole thing smells very fishy.  It smells of someone on the inside wiping out accounts that don't have 2FA activated and then making a bogus claim that the user caused it by accessing a phishing site.

Sorry that everyone has to have a first post sometime, but I think you're questioning the wrong party. 

[DominicanCrypto]

The webpage is down! what the hell is going on???

[Yuuto]

2FA does not always give you perfect security.

Do you live with someone that would have the chance to steal the money off your account without having to go through all the 2FA and password entering process? That could be a possibility that you should consider.

Though, since they sent the login notification an hour late this is pretty shady. I don't think you will be able to get your money back though as you can't prove them to be scammers.

[220lptrader]

Just re-did the math on the time differential from when I received the login notification email from hitbtc and when my funds were sold.  I thought it was just a few minutes before it happened and said that above.  I was wrong and Daniel was right.  I also didn't even get the email until almost a full hour after the liquidating sales.  That's ridiculous. Extremely convenient for the hacker though!

[carlfebz2]

I had many small crypto bought at HitBTC, and some bigger crypto also.
I had 2FA login security activated, so only I can access my account.
Suddenly, 16.09.2017 somebody logged into my account (email with login alert came after 1h from login?! - first bullshit)
Somebody using IP adress from Switzerland sold everything and changed it into BTC - 0.49 - and then he transfered it outside.
How is it possible to login to an account with 2FA, when only I have it on my Android ?
How is it possible to steal someone money with e-mail notifications ? (I had no gmail logging history of any unknown IP - only mine)
HITBTC is a SCAM, THIEVES and fucking losers, because this is what happend when they answered me:

"Eugene Moura (HitBTC)
Sep 20, 09:28 WEST
Dear Trader,
Thank you for reaching out!
Looks like someone has the access to your account, and we are terribly sorry to hear that.
This is the worst experience one could have, because it is not possible to return your money as now they’re part of the blockchain.
We have held the investigation with the recent hacking attacks. Judging by the facts that we found, we came to the conclusion that before the attack, all the victims were on a phishing site http://hiitbtc.com/.  Which was used to steal the email addresses and passwords in order to gain access to HITbtc accounts. The criminal activity of hiitbtc.com has already ben suppessed. Unfortunately, it is out of our hands to refund your money.
Please note that http://hitbtc.com is the only legitimate HitBTC domain.
Regards,
Eugene Moura
HitBTC Support team"


Can You imagine that I have never visited any site like HIITBTC in my whole internet browser history? I use Google Chrome.
Anyway, someone thinks that I did.


What are Your suggestions to help me ?

Its quiet odd that you got hacked even the 2fa have been enabled.I have read the same situation too on which he had activated on his 2fa too but still his account on an exchange have been still hacked.I don't know how those hackers could able to crack it out knowing that 2fa verifications is impossible to bypass if you don't really have the access on it.Even if you have been phished accessing with 2fa would be hard.

[erikalui]

It's not possible with 2FA your account gets hacked but it isn't Hitbtc's fault as there are daily many cases of accounts getting hacked on exchanges. Usually the IP address may be incorrect while logging in and same has happened with me when I log into my hitbtc account. They haven't been hacked and phishing sites exist for every exchange. Before logging in, always double check the URL. Sorry for your loss OP but it seems your android phone may have some malware which is why it happened else stealing coins with 2FA isn't so easy even if the hacker has the password. Their site was working slowly yesterday which could be due to this issue and thanks for notifying. Will not save funds on this exchange.

[giveen]

As you said you didn't have any 2FA enabled then nothing can be done about this even i lost my funds on paxful because i didn't have 2FA enabled you might have never visited the phishing and your details might have been stolen because of a hack. Hitbtc is exchange which means money is involved how can you not put security measures to it. As they said your money is gone just be sure to enable all security measures.

[220lptrader]

Actually giveen, your thoughts are pretty offbase despite your 700 posts.  So if someone doesn't have 2FA enabled on every account (bank, brokerage, cryptoexchange, HSA) that money is deposited into then it's their fault and okay that the holder of that money gets hacked and account information is stolen and used?  I can assure you from working for a financial institution that the vast majority of customers do not use 2FA and never have a problem, because most of those organizations take the responsibility of protecting customer information.  

Let's be absolutely clear here despite 2FA not being turned on.  I hardly used the account and only had it about 2.5 weeks.  I had not accessed it or tried to access in the 4 days between the registration of hiibtc.com and the date of the funds being taken from my account, and the laptop that I use has company software on it that will not allow me to access the website hiitbtc.com.  So tell me how I accessed the alleged phishing site?

Secondly, Hitbtc responded to my ticket in 8 minutes claiming that it was because I had visited hiitbtc.com.  Based on this, it's obvious they never even looked at the circumstances of what happened in my account.  More importantly, how would they know who accessed hiitbtc.com to tell me I accessed it?  I have asked for the window that hiitbtc.com was up and running and how they know that users tried to access it.  They cannot answer these questions.

Next, before we go down the path of any type of malware let's think about this.  I have 5 exchange accounts, 4 brokerage accounts, a retirement plan, an HSA, and two bank accounts.  So let's pretend I did have malware on my computer.  The hacker knew exactly which account to get into and that I didn't have 2FA?  Because I haven't had an attempted log in or suspicious activity on any other account.  They just got lucky that they honed in on just that one and that one only and it wasn't protected?  That's pretty ridiculous thinking.

Finally, how does Hitbtc.com handle basic security?  They can email you instantaneously for you to confirm your new account, but notifications for logins from a new ip get to you 1 hour after they occur?  That's ironically pretty convenient for the person hacking your account, no?  And no email confirmation for anything like confirming a withdrawal or a separate transactional password even though you already have an auto-confirmation email program set up for new account confirmations?  That's also very convenient for a hacker, no?  Pretty convenient also that many exchanges automatically enroll you in 2FA but they do not, no?

So why all the convenience?  Let's put it together.  If I didn't access the account in the time hiitbc.com was supposedly up and running, and I don't have malware on my computer, then the only people that would have the information to access my account and know that 2FA was not on would be the exchange.  So one of two things occurred.  1) the exchange was hacked and they should be notifying all customers but have not, or 2) they are the ones wiping out accounts that aren't using 2FA, seizing client funds, and using the excuse of a phishing site to do so.  Sound crazy?  How else would they have any idea who accessed hiitbtc.com to even try to make a claim that they know?   Why else would login notifications come an hour after they occur?  Why else do they not automatically enroll people in 2FA?  So sorry, I didn't use 2FA because I'm smart enough to know that there was no way anyone was going to be able to access my account unless they got the information through the exchange, in which case I do expect them to reimburse me and not try to make up impossible stories about a phishing site with no details to back up their pathetic story.

On a final note, the domain Hitbtc.com is registered to a corporation call eNom.  Ironically, you can Google eNom phishing and find a history of an operation called eNom coming up over 15 years in different parts of the world (as a marketing company, advertising company, etc.) and having customer information being hacked through a "phishing site".  

It's a pretty great scam, particularly when there's always people like you to defend them and absolve them of any liability.

HITBTC IS A SCAM.  STAY AWAY FROM IT.

 

  

[cryptotraderuk]

same has happen to me today we need team togz and take this exchange down there scamming   

[samysamy1]

Next, before we go down the path of any type of malware let's think about this.  I have 5 exchange accounts, 4 brokerage accounts, a retirement plan, an HSA, and two bank accounts.  So let's pretend I did have malware on my computer.  The hacker knew exactly which account to get into and that I didn't have 2FA?  Because I haven't had an attempted log in or suspicious activity on any other account.  They just got lucky that they honed in on just that one and that one only and it wasn't protected?  That's pretty ridiculous thinking.

Well maybe because crypto is the only one that is untracable or rather very difficult to trace.

Finally, how does Hitbtc.com handle basic security?  They can email you instantaneously for you to confirm your new account, but notifications for logins from a new ip get to you 1 hour after they occur?  That's ironically pretty convenient for the person hacking your account, no?  And no email confirmation for anything like confirming a withdrawal or a separate transactional password even though you already have an auto-confirmation email program set up for new account confirmations?  That's also very convenient for a hacker, no?  Pretty convenient also that many exchanges automatically enroll you in 2FA but they do not, no?

They do not automatically enroll you. How amny exchanges have you used? For the rest they should do better or lose clents

So sorry, I didn't use 2FA because I'm smart enough to know that there was no way anyone was going to be able to access my account....

Uh, not really that smart

On a final note, the domain Hitbtc.com is registered to a corporation call eNom.  Ironically, you can Google eNom phishing and find a history of an operation called eNom coming up over 15 years in different parts of the world (as a marketing company, advertising company, etc.) and having customer information being hacked through a "phishing site".  

That doesn't mean that Hitbtc works with eNom. That's silly. By the way they didn't say you accessed hiitbtc but that people miht have iven their details to them. So loggin in into your account doesn't have anything to do whether hiitbtc is still up or not. And if it was only up temporary that you might not be able to find it in Google, especially is they disallowed indexing of pages or if it was only 1 page it wouldn't have been indexed in Google anyway.

So no one can say who the real scammer is the exchange or a third party hacker. Anyway I'm staying away from Hitbtc because by the looks of it somethin isn't quite right with their security.




 

  

[TheKoziTwo]

I had my account on HitBTC "hacked" today. I received a password reset e-mail, which I deleted. Then a little later I got an e-mail about successful login by an attacker. I use unique passwords on all sites, and since password was reset anyway they didn't know it. However there has been no logins to my e-mail, so how did they get the reset link?

While I usually enable 2fa I did not have it enabled on HitBTC as I've never used them before (always considered it to be shady or scam). Yesterday I had to use them to dump my bgold. I withdrew my funds yesterday, but I suspect this may have been an inside job. The pieces just doesn't fit. Perhaps insider is looking for high value accounts to drain, but in my case he was a little too late.

IPs used by attacker:
64.237.40.140    Matawan, United States (used to reset link and login)
5.101.221.91 Nicosia, Cyprus (20 mins before attack a failed login)

[kroonike]

TheKoziTwo, exactly the same thing happened with me today (same IP address)! I exchanged BTG and withdrew my BTC two days ago, so no money was stolen... But it seems that HitBtc security systems have a major hole in them or someone within HitBtc is stealing customers money! 

[btc9785]

Does anyone get their money back eventually? My hitbtc account was hacked yesterday. And their support still hasn't replied.

[ber2018]

These guys are a pure scam. I sent to my account 1 Ethereum on the 28th of December. I have a confirmation they received it. My account it not credited and they are not responding to my emails or tickets for 18 days now. "Eugene Moura (HitBTC)" <support@hitbtc.zendesk.com> this guy responded that my issue got escalated to 2nd level support and nothing since then for 18 days I waiting for the 2nd level support to tell me what happened to my deposit.

[charlie96]

I have the same problem with HitBtc I deposited SUB and they still aren't in my account the deposit doesn't even show up as pending as if nothing has happened.

This is my TxHash: 0xc8c7e4b61a1b289f090369e8c6109af16065aa549d12cf2fff4644f70bde1c46
 This my Ticket ID #207678

Support is nowhere to be found. If I do not receive my funds or some kind of response from support I will have no choice, but to report them to the Hong Kong authorities. A class action law suit is brewing.
Remeber that even the MtGox scammers eventually got caught.

[pitiflin]

Possible circumstances :-
Someone got access to your 2FA account( Google authenticator /authy).
You didn't enable your 2FA.
You entered your data in a phising site.
Try contacting the support, they wil get back to you in 2 weeks probably, most of the support teams have such policies. Do no irritate to use foul language against them. Though it's not hitbtc 's fault. But yeah that should do.