zhunifa (OP)
Newbie
Offline
Activity: 23
Merit: 0
|
|
June 21, 2013, 01:53:01 AM |
|
HI, My stock of assets on the account was somehow transferred to another user , I will give customer service made a request for assistance , have one day of no reply. Who is responsible for my loss ? ! Please be careful of their equity assets. Please give me an explanation webmaster
|
|
|
|
|
zhunifa (OP)
Newbie
Offline
Activity: 23
Merit: 0
|
|
June 21, 2013, 02:19:53 AM |
|
none.Two days ago there have been unable to access the site situation. I asked the companions , they are unable to login. Tell me the system should be maintained. Then I try to log in a few times, then that is my stock in being transferred
|
|
|
|
Ukyo
|
|
June 21, 2013, 04:59:49 AM |
|
Did you use 2FA?
In most cases, if your account transferred shares, then they are transferred. If you have 2fa enabled, then things are looked at more closely. I will be added 2fa support for transfers as well soon, however if someone can 2fa login to your account, then they can 2fa transfer shares from it. If you have not yet gotten a reply, more than likely it is still under investigation, and you may get a positive result rather than a quick "Sorry, there is not much we can do." type response. -Ukyo
|
|
|
|
Eric Muyser
Full Member
Offline
Activity: 224
Merit: 100
You can't kill math.
|
|
June 21, 2013, 05:58:18 AM |
|
Did you use 2FA?
In most cases, if your account transferred shares, then they are transferred. If you have 2fa enabled, then things are looked at more closely. I will be added 2fa support for transfers as well soon, however if someone can 2fa login to your account, then they can 2fa transfer shares from it. If you have not yet gotten a reply, more than likely it is still under investigation, and you may get a positive result rather than a quick "Sorry, there is not much we can do." type response. -Ukyo Yah that would be good Ukyo. Seriously, 2FA/email confirmations on transfers, transactions, withdrawals should be added. I like Bitstamp's system. PS. read-only API keys please and thank you
|
@EricMuyser | EricMuyser.com | OTC - "Defeat is a state of mind; no one is ever defeated until defeat has been accepted as a reality" - Bruce Lee
|
|
|
somestranger
|
|
June 21, 2013, 06:12:15 AM |
|
Yah that would be good Ukyo. Seriously, 2FA/email confirmations on transfers, transactions, withdrawals should be added. I like Bitstamp's system. PS. read-only API keys please and thank you Email confirmations would definitely be a good addition for people that can't use Google Authenticator, and read-only API keys are a no-brainer. Having 2FA for every account action like BTCT Co. does wouldn't have prevented this though since OP said he didn't have 2FA enabled. Someone must have keylogged his account information, or he is reusing passwords.
|
|
|
|
zhunifa (OP)
Newbie
Offline
Activity: 23
Merit: 0
|
|
June 21, 2013, 08:53:34 AM |
|
I contact customer service has more than one day , and so far no reply.
|
|
|
|
Vbs
|
|
June 21, 2013, 08:59:08 AM |
|
One more unfortunate example of the perils of not using 2FA...
|
|
|
|
SOSLOVE868
|
|
June 21, 2013, 06:06:59 PM |
|
Did you use 2FA?
In most cases, if your account transferred shares, then they are transferred. If you have 2fa enabled, then things are looked at more closely. I will be added 2fa support for transfers as well soon, however if someone can 2fa login to your account, then they can 2fa transfer shares from it. If you have not yet gotten a reply, more than likely it is still under investigation, and you may get a positive result rather than a quick "Sorry, there is not much we can do." type response. -Ukyo Hello ,Ukyo, I put wrong password several times ,and the system lock me out....ask me to try again later? how long would this take normally?
|
|
|
|
Lorren
|
|
June 21, 2013, 11:06:29 PM |
|
Is there any way to enable 2FA without a Smartphone? I have an iPad (1st gen without a camera) and an iPod Touch (also without a camera), but it seems that the only way that I can use the Google Authenticator App is to use a smartphone which I don't have.
|
BitcoinLove Bitcoin products on Zazzle. BTC: 1BaRWVFD927cfDcCfxn9vhJn2L6ZKKNSP1
|
|
|
joele
Legendary
Offline
Activity: 1022
Merit: 1000
|
|
June 22, 2013, 03:36:37 AM |
|
Is there any way to enable 2FA without a Smartphone? I have an iPad (1st gen without a camera) and an iPod Touch (also without a camera), but it seems that the only way that I can use the Google Authenticator App is to use a smartphone which I don't have.
Why not buy one specially Android phone, its cheaper, you can play candy crush as well
|
|
|
|
Deprived
|
|
June 22, 2013, 03:40:12 AM |
|
It certainly seems there's been some accounts compromised there - there's been some dumps at silly prices on some shares (look at the pass-throughs to S.MPOE, S.DICE and S.BBET for examples). Looks like someones shares were transferred, sold then the cash will have been moved out.
Seems highly unlikely its the platform compromised - more likely just people who didn't use 2FA then got key-logged/installed some trojan. If it were the platform itself then you'd think they'd target accounts which held the real money - i.e. asset issuers.
|
|
|
|
Deprived
|
|
June 22, 2013, 03:41:38 AM |
|
Is there any way to enable 2FA without a Smartphone? I have an iPad (1st gen without a camera) and an iPod Touch (also without a camera), but it seems that the only way that I can use the Google Authenticator App is to use a smartphone which I don't have.
There's a way to use Google 2FA without a smart-phone - with a plug-in to Chrome for one example. I don't know the details as I use a smart-phone for mine (plus having it on the same PC as you type in the password is intrinsically less secure).
|
|
|
|
Ukyo
|
|
June 22, 2013, 04:03:32 PM |
|
It certainly seems there's been some accounts compromised there - there's been some dumps at silly prices on some shares (look at the pass-throughs to S.MPOE, S.DICE and S.BBET for examples). Looks like someones shares were transferred, sold then the cash will have been moved out.
Seems highly unlikely its the platform compromised - more likely just people who didn't use 2FA then got key-logged/installed some trojan. If it were the platform itself then you'd think they'd target accounts which held the real money - i.e. asset issuers.
Agreed. We have seen some user accounts logged in first time without password errors and then sell/transfer assets. As well as lots of single-email bad password attempts, most of which do not exist on our system. I have also disabled transfers until I add a second component. I may reenable for 2fa only though.
|
|
|
|
TaxReturn
Member
Offline
Activity: 67
Merit: 10
|
|
June 22, 2013, 04:39:55 PM |
|
Is there any way to enable 2FA without a Smartphone? I have an iPad (1st gen without a camera) and an iPod Touch (also without a camera), but it seems that the only way that I can use the Google Authenticator App is to use a smartphone which I don't have.
The Google Auth app for Apple devices says "Compatible with iPhone, iPod touch, and iPad. Requires iOS 3.1.3 or later" and you can manually enter the secret, without a camera. link
|
|
|
|
parseval
|
|
June 22, 2013, 04:47:28 PM |
|
It certainly seems there's been some accounts compromised there - there's been some dumps at silly prices on some shares (look at the pass-throughs to S.MPOE, S.DICE and S.BBET for examples). Looks like someones shares were transferred, sold then the cash will have been moved out.
Seems highly unlikely its the platform compromised - more likely just people who didn't use 2FA then got key-logged/installed some trojan. If it were the platform itself then you'd think they'd target accounts which held the real money - i.e. asset issuers.
Agreed. We have seen some user accounts logged in first time without password errors and then sell/transfer assets. As well as lots of single-email bad password attempts, most of which do not exist on our system. I have also disabled transfers until I add a second component. I may reenable for 2fa only though. It sounds like people have been reusing their passwords across multiple sites and one of them got compromised or phished. 2FA is great, and could have stopped this, but also don't forget your password managers to create unique passwords for every account. http://lastpass.comI highly recommend that one, there's a free version.
|
|
|
|
|