This is how my 7 bitcoins at coinbase got hacked

[btcwish1]

Very sorry for your loss. Is there any update? Did you manage to speak to real coinbase support yet?

[1714677954]

1714677954

[1714677954]

1714677954

[1714677954]

1714677954

[1714677954]

1714677954

[1714677954]

1714677954

[soham]

I am sorry to hear about your loss OP! It was a big amount in my country's local currency. A lot of people can buy a small house with 7 bitcoins in my country. However, you shouldn't have use google any other search engine for coinbase phone number, because their website shows no phone number so I assume they don't have any telephone support system available for the customers. So probably you have been scammed by some hackers and not coinbase. Though it was the fault of coinbase that they don't resolve your log in issue for several weeks. This kind of incidents actually discourage me to use online wallet service. Please make a separate thread in "scam acquisitions" section with the phone number duly mentioned. It may save someone else from being scammed by the same hacker who is enjoying with un-rightfully possessed money.

[figmentofmyass]

Sorry for your loss OP.

I think he raised a very valid point, google phone number of Coinbase will come back a fake one. And the fake one will steal your coin.

if this was how OP got socially engineered, that's interesting. it's true that people (including myself) use the top search results to quickly confirm we are entering the correct, legitimate site. i assume the same goes for phone numbers. i google restaurants all the time and order takeout/delivery the same way. if the #2 result is a fake number, we should collectively report the number to google.

the unfortunate thing is that coinbase didn't even have phone support until very recently (the last month or two). so if this is how OP was compromised, this might have been avoided if not for the timing.

i think this guy got his host file hacked and he was trying to log in to a pishing coinbase website is the only thing that makes sense to me

it sounds like he was probably socially engineered into giving up his login/password to the hackers. since he had 2FA on the account, i believe this is the "secret seed" he was referring to. this is a term that coinbase actually uses to refer to the 2FA token used to generate TOTP codes: https://support.coinbase.com/customer/en/portal/articles/2820377-2-factor-authentication-2fa-faq

it sounds like the hackers (on the phone with the OP) got him to verify the hackers' device through email while they were on the phone. it's not 100% clear from the OP, but it seems like he probably handed them his login/password, verified their device for them, and gave them his 2FA token. that's everything they needed to compromise his account.

[nesh1]

I am very sorry to hear this but that is also why i would recommend a very good wallet like blockchain it is unhackable if you put all the security on even your phone this way a hacker needs to hack your account and phone to actually get to your bircoins.

[fxbit]

Hackers are now very knowledgeable and skilled nowadays. My myetherwaller was hacked also just weeks ago and the hacker took my altcoins. They took my ethereum, ebtc, ITT and BM chain. I lost 500$ in that day, thus I have to think of another way to lessen the risk of hacking. There are no longer safe haven for wallets this days and so we need to do some preemptive measures to avoid hacking.

if you forget what exactly https://www.myetherwallet.com/ address you probably been victim of phishing attack targeting myetherwallet.com
once you uploaded your key on to the phishing site your account can be taken over, you better just use etherscan to check for balance and all and use metamask to do transfer, if you need to use myetherwallet just use it to check balance and never upload anything or give your private key there, myetherwallet probably by now the most phished site on the internet right now, so many people lost money due to attack over there

[Gigafart]

I am very sorry to hear about your loss. I currently have all of my btc in a coinbase wallet. They announced that the fork would be automatic is the reason why. I will got back with trezor or ledger after fork because of this post.

[dansmith_99]

This is very eye opening. Most of my coins are in offline wallet but I have a small amount in coinbase. Im certainly going to move those out of coinbase after reading this.

[BillyBobZorton]

Sorry for your loss OP.

I think he raised a very valid point, google phone number of Coinbase will come back a fake one. And the fake one will steal your coin.

if this was how OP got socially engineered, that's interesting. it's true that people (including myself) use the top search results to quickly confirm we are entering the correct, legitimate site. i assume the same goes for phone numbers. i google restaurants all the time and order takeout/delivery the same way. if the #2 result is a fake number, we should collectively report the number to google.

the unfortunate thing is that coinbase didn't even have phone support until very recently (the last month or two). so if this is how OP was compromised, this might have been avoided if not for the timing.

i think this guy got his host file hacked and he was trying to log in to a pishing coinbase website is the only thing that makes sense to me

it sounds like he was probably socially engineered into giving up his login/password to the hackers. since he had 2FA on the account, i believe this is the "secret seed" he was referring to. this is a term that coinbase actually uses to refer to the 2FA token used to generate TOTP codes: https://support.coinbase.com/customer/en/portal/articles/2820377-2-factor-authentication-2fa-faq

it sounds like the hackers (on the phone with the OP) got him to verify the hackers' device through email while they were on the phone. it's not 100% clear from the OP, but it seems like he probably handed them his login/password, verified their device for them, and gave them his 2FA token. that's everything they needed to compromise his account.

Yeah this looks like a phishing attack. But where is the fake Coinbase site at? Or he never accessed a fake site and it was just him calling a phone number and telling them his password and user?

If there was a phone call then he could ask the police to look it up. Phone calls are not that easy to make anonymously, maybe there is a case here.

Also he must have gotten the fake phone umber from somewhere, so where is the website that listed the fake phone number?

These are the 2 things that could lead to an investigation. The BTC transaction is pretty useless, it's too anonymous to trace the money unless the thief are stupid enough to not mix the coins, then maybe you can trace the coins back to some exchange.

[JohnnyNnex]

Gosh, I', sorry for your loss! But Karma will return you everything it took
Still you need to contact the real Coinbase

[btcprospecter]

Nearly every day we hear more and more stories like this. I'm sorry for your loss op. We all need to be vigilant towards anything like this.

[andthereyou]

This is very eye opening. Most of my coins are in offline wallet but I have a small amount in coinbase. Im certainly going to move those out of coinbase after reading this.

Yeah you should move it or else say goodbye to your hard earned money. This is definitely an inside job in my own opinion. We should not do business with them anymore.

[mkc]

Sorry for your loss.
I am not a big fan of coinbase either. Their 2 FA was not working for me for a while when they did Authy.
I think they are somewhere responsible, because they are too weak, zero support.

[michellee]

this is why I don't use coinbase for a long time ago since I can not found their phone number in their website because one good company will use their real identity to make convince their customer. beside that, if something bad is happen, the customer can contact them with easy without having a problem. but unfortunately, many company and not just in bitcoin only, don't realize this and they don't care with their customer so when there is a problem, they seems take their hands off from the problem.

[TagaMungkahi]

Hackers are now very knowledgeable and skilled nowadays. My myetherwaller was hacked also just weeks ago and the hacker took my altcoins. They took my ethereum, ebtc, ITT and BM chain. I lost 500$ in that day, thus I have to think of another way to lessen the risk of hacking. There are no longer safe haven for wallets this days and so we need to do some preemptive measures to avoid hacking.

Hackers are originally skillful and smart dude.
They are always using social engineering techniques wxhixh far more effective than the technology hacking tools.
The safest thing to do is to secure your bitcoin on your own having your private key.

[KomrelliManikanta]

Its scary. Nowadays hackers are targetting exchanges to hack coins.It is getting worst nowadays.Hope exchanges will update their versions frequently so that it will be more secured.

[wellsontheja]

Hackers are niw very knowledgeable and skilled. My MEW was hacked too 3 weeks ago i lost almost all of my token. Since that i always use offline wallet it's more safety than online wallet i thought just don't share ur private key.

[GreenBits]

Sorry for your loss OP.

I think he raised a very valid point, google phone number of Coinbase will come back a fake one. And the fake one will steal your coin.

This.

Don't use Google!

The ads a the top tend to be phishing sites, and in the search results they tend to also list scam sites. You are safer bookmarking login urls, rather than googling and automatically clicking what is at the top (which is sometimes the site you want and sometimes a phoshing ad).

Coinbase is also at fault - they should have listed their phone number on their website, so OP didn't have to google.

But if they actually listed their number in a reasonable, easy to find place, people might actually call it, *gasp*

(Google is notorious for this btw themselves; try to actually reach a human at Google Adwords. There is a number, yes, but its bullshit. It takes you to what is essentially a machine reading off the same help article you just read before you picked up the phone

This was a social engineering attack, you got out clevered. I had to reread the OP a few times to understand what went down there, and a few of the comments. All the anitvirus, air gaps and armed guards can't stop shit like this. I think they were able to access your account because they had your credentials, as you thought it was a legit support rep you were talking too). Be smart; if you ever have suspect login issues, contact support via email immediately. Email is free, and they will lock your account or be liable themselves. Its a pain to unlock when you have to do this (you will have to submit veri info), but the alternative is sooo much worse

[Juggy777]

I am posting this in case other people may confront the same situation and could possible avoid it. Also check out what a role coinbase is playing here.

I have a bitcoin account on coinbase and was not able to login however I tried. I got my password correct, but coinbase did not allow login by saying that it was a new device. Coinbase just kept sending me an email for me to verify the new device through the link. Nothing just happens after that and it was a loop of communications leading to nowhere. I tried the verification process by pretending that I do not have the 2-factor verification and try to provide my driver license to verify my account. It accepted my information, but still no result after two week's waiting.

There was no phone number that I could see in this whole process. Today, I tried googling "coinbase phone number". It popped up with two numbers. The first one was authentic, but it will ask you if your account is compromised. If yes press 1. My account was ok at that time and I kept waiting. Then the voice said the volume is high and hanged me off not allowing me to continue to wait. After several times of calling the first number without success, I continued to try the second number (888-4551155) and it went through after several minute's wait.

So I called to solve the problem. The tricky part is that they were able to help me log in! I have NO IDEA how they are able to log in! We were back to the page where the coinbase said that I was a new device and need to verify through email. Then the hackers had some code that claimed to be the "coinbase secrete seed". I do not know why they have such code and why this code could help me log in. I have been so desperate in the recent months and was so happy that finally I got into the system and see my account. Then they took control of the account and sent my coins to their own address. The transaction could be seen here. https://live.blockcypher.com/btc/tx/f0ae7669a0115b53129657d4a2b0ca2f9c730b0835e4848e8cea7743ffb1f7e8/ The bitcoin address that they used was 19n12cDwyfmf6ZpjxGJVvRuZL9BEPdq6Xy

I know I am stupid to be scammed, but there is one question I have no answer: while I was not able to log into coinbase myself by trying all the options that is provided by coinbase, the hacker were able to log in by using some secrete seed. I do not know what that is, but he should have some partial security information about coinbase. I called coinbase about this, it seems they are redundant to take responsibility for the fact that they are allowing other people to help me login. The funny thing is that when I called them, they ask me to press button 1 if you think your account has been compromised. So this time of course I pushed 1 and finally get through after one hour wait on line. Now the true customer service picked up, and after checking my balance to be zero and just asked me: "do you want to close your account?". They do not really care to know what happened!

Hope they can investigate this, because the hackers will do it again. If they can log in coinbase for me, they can do it again and again. When you google "coinbase phone number", their number is still showing up.

Every time Bitcoin touches a new high the story of someone being scammed comes out, it's not really surprising, I had my account on coinbase.com to, but then before the fork I learned how many lost thier coins on exchanges and I decided to move out immediately, so I downloaded electrum and it's simply the best, they don't send mails, private key, plus seed you can't ask for more. I am sorry for your loss, but download electrum and this time be safe. And make sure you clean your computer or mobile from where you clicked that mail.

[warrior333]

The more of our lives digital technology the more we become vulnerable. I often hear that Android was hacked. Probably there are problems with the security devices which use the Android OS. I heard that during the war in Ukraine via Android Ukrainians figured their location, and Russians used these coordinates to fire. Why hackers can't get around so 2 factor authentication?

[P.Krymov]

Any popular means of storage are not safe, you need to understand this.