Brokerstar (OP)
Newbie
 Offline
Activity: 42
Merit: 0
|
 |
January 02, 2018, 04:14:50 PM |
|
I wonder if anyone can help me shed some light on a security breach I believe I've had and I wondered if this has happened to anyone else? Now as far as security goes I keep most of my crypto on a hardware wallet, and don't leave much on exchanges at all. had a small amou t of Bitcoin ($800ish) on my Bittrex account and on Boxing day I sent half of that to a different exchange to buy a currency that wasn't available on Bittrex. I logged into Bittrex the next day and the remainder of my Bitcoin had vanished. I checked the deposit history and sure enough the rest of my balance had been withdrawn. Now I have two factor authentication set up for all my logins and so I just can't figure out what's happened here?! This is the address that the money was sent to: 1BpAjpj1dbVv4Q56rVbjgDL7wLgUvEzkwo When I looked it up on the blockchain the money seems to of stayed in that address until the 1st Jan, where it was then sent to another address with over $200,000 worth of Bitcoin ( https://blockchain.info/address/1BpAjpj1dbVv4Q56rVbjgDL7wLgUvEzkwo) As I said I like to think I've covered my bases with regards to security, but this has really thrown me. Luckily it wasn't a huge amount of money, but I'm nervous about putting large amounts of Bitcoin back on to that exchange in the event that it could happen again? I've since changed all of my passwords, but still, I can't figure out how someone could of got in if you need 2FA??? Any help would be greatly appreciated. Kind regards Broker |
|
|
|
|
|
|
|
|
Advertised sites are not endorsed by the Bitcoin Forum. They may be unsafe, untrustworthy, or illegal in your jurisdiction.
|
|
|
|
|
|
ikilledcobain
|
|
January 02, 2018, 04:28:03 PM |
|
Did you get any sort of error with your phone? If someone is able to clone your SIM or temporarily switch your number to their own phone, they can intercept the 2FA. That's about all I can think of.
|
|
|
|
Brokerstar (OP)
Newbie
Offline
Activity: 42
Merit: 0
|
|
January 02, 2018, 04:37:29 PM |
|
Did you get any sort of error with your phone? If someone is able to clone your SIM or temporarily switch your number to their own phone, they can intercept the 2FA. That's about all I can think of.
No my phone seems fine. The only thing that I can think of possibly is that you're not automatically logged out when you close your laptop lid, and the money was removed on the same evening that I transferred out some funds. Unless my laptop is compromised and someone just re-opened the site after I'd closed my laptop? It just seems like far too much of a coincidence?! I'm not computer expert though, I just try and be as due diligent as I can be.  |
|
|
|
|
harizen
Legendary
Offline
Activity: 3122
Merit: 1398
For support ➡️ help.bc.game
|
|
January 02, 2018, 04:53:02 PM |
|
Did you get any sort of error with your phone? If someone is able to clone your SIM or temporarily switch your number to their own phone, they can intercept the 2FA. That's about all I can think of.
No my phone seems fine. The only thing that I can think of possibly is that you're not automatically logged out when you close your laptop lid, and the money was removed on the same evening that I transferred out some funds. Unless my laptop is compromised and someone just re-opened the site after I'd closed my laptop? It just seems like far too much of a coincidence?! I'm not computer expert though, I just try and be as due diligent as I can be. Bittrex withdrawals needs Email Confirmation before anyone can withdraw their funds. That email composed of amount, time of withdrawal and IP address of the one who initiate the withdrawal. So even someone logged your Bittrex account then no way they can withdraw your funds there unless you have the same password for email and Bittrex. Do you received any email about ? If no then no way that your balance will be vanished and we can't take away the chances that the exchange itself did some shitty activity. Mind telling the Bittrex support eventhough you can't get the answer you really need. At least they can show you the details. |
|
|
|
|
jems
|
|
January 02, 2018, 05:13:21 PM |
|
Very sorry this happened to you.
I heard a lot about the same story about Bitrex. I still use it to trade, and still safe. will not be afraid because trading vol is very big.
|
|
|
|
|
BrewMaster
Legendary
Offline
Activity: 2114
Merit: 1292
There is trouble abrewing
|
|
January 02, 2018, 05:13:45 PM |
|
bittrex has been acting pretty shady lately. they have even been leaking their users documentation they submit for their verification process to outside and possibly even selling it on black market.
i wouldn't be surprised that their platform either has bugs that hackers exploited or they may have even robbed you themselves.
if you check out the scam accusation board of the forum you can see lots of people who have been victims of using bittrex in the past couple of months.
|
There is a FOMO brewing...
|
|
|
Brokerstar (OP)
Newbie
Offline
Activity: 42
Merit: 0
|
|
January 02, 2018, 05:17:01 PM |
|
Did you get any sort of error with your phone? If someone is able to clone your SIM or temporarily switch your number to their own phone, they can intercept the 2FA. That's about all I can think of.
No my phone seems fine. The only thing that I can think of possibly is that you're not automatically logged out when you close your laptop lid, and the money was removed on the same evening that I transferred out some funds. Unless my laptop is compromised and someone just re-opened the site after I'd closed my laptop? It just seems like far too much of a coincidence?! I'm not computer expert though, I just try and be as due diligent as I can be. Bittrex withdrawals needs Email Confirmation before anyone can withdraw their funds. That email composed of amount, time of withdrawal and IP address of the one who initiate the withdrawal. So even someone logged your Bittrex account then no way they can withdraw your funds there unless you have the same password for email and Bittrex. Do you received any email about ? If no then no way that your balance will be vanished and we can't take away the chances that the exchange itself did some shitty activity. Mind telling the Bittrex support eventhough you can't get the answer you really need. At least they can show you the details. I've gone back through my emails and Bittrex emails me when I sign in with a new IP address, and in my emails that's the case. But I don't need to confirm my withdrawals by email, as I made a legitimate withdraw that day too, and never got an email notification of it. |
|
|
|
|
|
Virtual miner
|
|
January 02, 2018, 05:26:44 PM |
|
I wonder if anyone can help me shed some light on a security breach I believe I've had and I wondered if this has happened to anyone else? Now as far as security goes I keep most of my crypto on a hardware wallet, and don't leave much on exchanges at all. had a small amou t of Bitcoin ($800ish) on my Bittrex account and on Boxing day I sent half of that to a different exchange to buy a currency that wasn't available on Bittrex. I logged into Bittrex the next day and the remainder of my Bitcoin had vanished. I checked the deposit history and sure enough the rest of my balance had been withdrawn. Now I have two factor authentication set up for all my logins and so I just can't figure out what's happened here?! This is the address that the money was sent to: 1BpAjpj1dbVv4Q56rVbjgDL7wLgUvEzkwo When I looked it up on the blockchain the money seems to of stayed in that address until the 1st Jan, where it was then sent to another address with over $200,000 worth of Bitcoin ( https://blockchain.info/address/1BpAjpj1dbVv4Q56rVbjgDL7wLgUvEzkwo) As I said I like to think I've covered my bases with regards to security, but this has really thrown me. Luckily it wasn't a huge amount of money, but I'm nervous about putting large amounts of Bitcoin back on to that exchange in the event that it could happen again? I've since changed all of my passwords, but still, I can't figure out how someone could of got in if you need 2FA??? Any help would be greatly appreciated. Kind regards Broker Its impossible for some outside hacker to do it as bittrex has 2FA enabled and moreover it requires email confirmation at time of withdrawal so what I can say the best is bittrex is being shady. You must try puting a ticket in the support by asking them of the mail of the second withdrawal. But don't hope a lot i have never seen a support ticket being satisfied. |
|
|
|
|
|
TopT3ns
|
|
January 02, 2018, 05:34:24 PM |
|
Did you get any sort of error with your phone? If someone is able to clone your SIM or temporarily switch your number to their own phone, they can intercept the 2FA. That's about all I can think of.
No my phone seems fine. The only thing that I can think of possibly is that you're not automatically logged out when you close your laptop lid, and the money was removed on the same evening that I transferred out some funds. Unless my laptop is compromised and someone just re-opened the site after I'd closed my laptop? It just seems like far too much of a coincidence?! I'm not computer expert though, I just try and be as due diligent as I can be. Bittrex withdrawals needs Email Confirmation before anyone can withdraw their funds. That email composed of amount, time of withdrawal and IP address of the one who initiate the withdrawal. So even someone logged your Bittrex account then no way they can withdraw your funds there unless you have the same password for email and Bittrex. Do you received any email about ? If no then no way that your balance will be vanished and we can't take away the chances that the exchange itself did some shitty activity. Mind telling the Bittrex support eventhough you can't get the answer you really need. At least they can show you the details. I've gone back through my emails and Bittrex emails me when I sign in with a new IP address, and in my emails that's the case. But I don't need to confirm my withdrawals by email, as I made a legitimate withdraw that day too, and never got an email notification of it. as far as i know, if you turn on 2fa in bittrex they wouldn't ask for withrawal confirmation email. because after we put the code, it automatically approved. maybe this thing need to be fixed from bittrex. not like Poloniex, after we put code, they still send confirmation email to us |
|
|
|
|
IAmLucas
|
|
January 02, 2018, 05:35:34 PM |
|
The only thing I can think of is if your email account is compromised.
The hacker could have deleted the Bittrex confirmation emails, have you checked the trash? (Pretty sure there's a delete forever button).
This is far fetched... but what could have happened...
Your laptop is compromised (either you used a public wifi not your home one or there is some dodgy spyware on your machine.
The hacker then could clone your Bittrex cookies (if you didn't log out) Thus duping Bittrex to thinking you are already logged in on the new machine (no need for 2FA).
The hacker then deleted the confirmation emails from your email account using the same cookie method above.
All of the above would be a lot of effort for 800$ but its definitely possible.
If I were you, I would:
1) Completely reformat your laptop.
2) Then login to your 2FA auth accounts and change the password to random generated ones, use KeePass or something to generate and store these.
3) Disable 2FA on all of your accounts (why? Wait for the next part)
4) Then wipe your phone.
5) Re-Enable 2FA on your accounts with your newly built phone firmware.
If you follow the steps above you should be good. (Also if you used a public wifi... don't do it again).
~Lucas
|
|
|
|
|
harizen
Legendary
Offline
Activity: 3122
Merit: 1398
For support ➡️ help.bc.game
|
|
January 02, 2018, 05:51:52 PM |
|
Did you get any sort of error with your phone? If someone is able to clone your SIM or temporarily switch your number to their own phone, they can intercept the 2FA. That's about all I can think of.
No my phone seems fine. The only thing that I can think of possibly is that you're not automatically logged out when you close your laptop lid, and the money was removed on the same evening that I transferred out some funds. Unless my laptop is compromised and someone just re-opened the site after I'd closed my laptop? It just seems like far too much of a coincidence?! I'm not computer expert though, I just try and be as due diligent as I can be. Bittrex withdrawals needs Email Confirmation before anyone can withdraw their funds. That email composed of amount, time of withdrawal and IP address of the one who initiate the withdrawal. So even someone logged your Bittrex account then no way they can withdraw your funds there unless you have the same password for email and Bittrex. Do you received any email about ? If no then no way that your balance will be vanished and we can't take away the chances that the exchange itself did some shitty activity. Mind telling the Bittrex support eventhough you can't get the answer you really need. At least they can show you the details. I've gone back through my emails and Bittrex emails me when I sign in with a new IP address, and in my emails that's the case. But I don't need to confirm my withdrawals by email, as I made a legitimate withdraw that day too, and never got an email notification of it. as far as i know, if you turn on 2fa in bittrex they wouldn't ask for withrawal confirmation email. because after we put the code, it automatically approved. maybe this thing need to be fixed from bittrex. not like Poloniex, after we put code, they still send confirmation email to us Then how come the "hacker" got accessed to OP's 2FA. And if the withdrawal was initiated outside OP's IP, OP should also received a NEW IP Email right? So it's either: a) someone closed to you do the shitty thing maybe on same network b) Bittrex itself did the shitty thing although it's quiet difficult to proved it Weird. |
|
|
|
Brokerstar (OP)
Newbie
Offline
Activity: 42
Merit: 0
|
|
January 02, 2018, 09:34:24 PM |
|
Thanks for all the replies guys.
I really am stumped because my phone is also connected to my email so even if a hacker could get into my email account to delete any incoming messages, I would of got a ping to notify me that someone had logged in with a new IP.
I've gone through all of my emails, nothing, I just can't figure it out. I am going to try and contact Bittrex and see what they say. I was using someone else's internet as I was round a friends house on Boxing day and stayed the night, but even then I'm struggling to put the pieces together.
It's really just a very odd situation.
|
|
|
|
|
JureViewly
Newbie
Offline
Activity: 20
Merit: 0
|
|
January 02, 2018, 10:01:53 PM |
|
Thanks for all the replies guys.
I really am stumped because my phone is also connected to my email so even if a hacker could get into my email account to delete any incoming messages, I would of got a ping to notify me that someone had logged in with a new IP.
I've gone through all of my emails, nothing, I just can't figure it out. I am going to try and contact Bittrex and see what they say. I was using someone else's internet as I was round a friends house on Boxing day and stayed the night, but even then I'm struggling to put the pieces together.
It's really just a very odd situation.
I am sorry to hear this happened, the wallet that is the final recipient of the Bitcoins seems pretty shady from my point of view. Commenting so I can catch up later on, please update when you have a response from Bittrex. Good luck! |
|
|
|
|
Cryptohad
Newbie
Offline
Activity: 229
Merit: 0
|
|
January 02, 2018, 10:06:24 PM |
|
i think today bittrex and etherdelat is not safe, i have never heard cryptopia, binance, hitbtc hacked. maybe they are still safe.
|
|
|
|
|
|
olubams
|
|
January 02, 2018, 10:09:03 PM |
|
Thanks for all the replies guys.
I really am stumped because my phone is also connected to my email so even if a hacker could get into my email account to delete any incoming messages, I would of got a ping to notify me that someone had logged in with a new IP.
I've gone through all of my emails, nothing, I just can't figure it out. I am going to try and contact Bittrex and see what they say. I was using someone else's internet as I was round a friends house on Boxing day and stayed the night, but even then I'm struggling to put the pieces together.
It's really just a very odd situation.
Contacting them is still your best option at this time because a lot of suggestions I have read are kind of generic and more of guessing what could have happen because from the look of it, you have probably done everything humanly possible to keep your account safe from you end and if this is happening the only person that can provide explanation is the other party which in this case is Bittrex. Reach out and see what they are up to in explaining what really went down. |
|
|
|
|
niket11111
Newbie
Offline
Activity: 47
Merit: 0
|
|
February 18, 2018, 11:36:59 AM |
|
Yesterday I faced the suspicious logoin issue. My Gmail was hacked and the hackers changed my password using recover email which was vulnerable.
Then I changed my Gmail password and recovery email. Also i linked my phone to my mail.
Bittrex account password was changed but I managed to recover it. Earlier I was not having 2FA enabled but now it's under 2FA authentication.
My laptop was compromised so it happened... Funds are still safe but account is disabled for 48 hrs from bittrex.
Can a hacker duplicate my phone 2FA?
If I change my 2FA then will a hacker can again duplicate it?
Someone please share your views.
|
|
|
|
|
1Referee
Legendary
Offline
Activity: 2170
Merit: 1427
|
|
February 18, 2018, 01:48:11 PM |
|
Can a hacker duplicate my phone 2FA?
If I change my 2FA then will a hacker can again duplicate it?
Someone please share your views.
It depends. If your phone is connected to the same wifi network your PC or laptop is connected to, it won't cost much effort for an experienced hacker to gain access to your phone as well, and to tether the 2FA code to himself. In order to lower the chances of this to happen, best option is for you to use a phone connected to the mobile network purely for having it function as 2FA security measure (don't use it for other things). It's an extra layer of protection that not many people think about, but it's very important to do it like this. |
|
|
|
|
niket11111
Newbie
Offline
Activity: 47
Merit: 0
|
|
February 18, 2018, 02:09:16 PM |
|
Thanks for the reply mate  After this attack I did the following 1. Wiped out all data from my laptop with format option and installed a new Antivirus. 2. I changed my Gmail password twice and linked my phone for signing on any other device. Without permission Gmail from other devices cannot login. 3. Checked bittrex login history. Hacker tried twice from his IP. First time for resetting password and second time for login but failed to do so as 2FA was enabled. There is LOGIN written if he would have gained access. 4. I changed my Gmail recovery email. 5. I checked my Gmail security activity. I can see only my login attempts from my phone and another fresh desktop. 6. I can see only my devices attached to that security page of Gmail. That is my phone and fresh pic. Hacker accessed my Gmail 2 days back and after that no sign of access as per Gmail security events. 7. I logged in into bittrex and enabled my account and opened a ticket for that. My account is locked for 48 hours for security reason and will be enabled after 10 hours. Hope everything is fine now... Please enlighten me what to do now to be on the safer side. Regards |
|
|
|
|
|
