OmegaStarScream (OP)
Staff
Legendary
 Offline
Activity: 3458
Merit: 6090
|
 |
March 23, 2018, 02:02:45 PM |
|
I'm not really afraid about the security of my funds as I don't store anything on exchanges but It's worth mentioning that I received 3 Fail login attempts and then my account got locked. 15th March - 95.181.176.135
17th March - 73.196.57.191
19th March - 85.102.254.166
The IP addresses are not from the same country so It's most likely an attack with proxies on different accounts and not just mine. I thought I should let you guys know so in case you don't have 2FA enabled or strong password, do it. |
|
|
|
|
|
|
|
|
|
Advertised sites are not endorsed by the Bitcoin Forum. They may be unsafe, untrustworthy, or illegal in your jurisdiction.
|
|
|
|
|
|
|
tora
Member
Offline
Activity: 532
Merit: 13
|
|
March 23, 2018, 05:09:56 PM |
|
I am a member but have never used it. Over last few days I have had over twenty emails stating failed log in attempt or account locked. I do not open the link in email,in most cases do not open email, as I believe this is phishing attempt.
|
|
|
|
|
|
|
vanobe
Member
Offline
Activity: 164
Merit: 37
|
|
March 24, 2018, 01:17:48 AM |
|
I read posts complaining about failed login attempts using an email address only used for cryptopia. If they are true I can't think of any explanation apart from cryptopia got cracked. |
|
|
|
|
|
warningsigns
|
|
March 24, 2018, 03:25:15 AM |
|
That's scary. Don't store coins on any exchange. For the love of your coins, keep them in a wallet you and you alone totally and solely control. Thieves are everywhere, offline and online, and no exchange can and will guarantee to replace your coins if hackers successfully penetrate their systems.
How these criminals bypass super secure security systems is a puzzle. It's not like 2FA systems become vulnerable when they are overwhelmed by attacks. In fact, the more persistent the attacks, the more likely it is that the exchange will deny all access to accounts, their legitimate customers included.
Store yours coins safely. There is no totally impenetrable digital fortress out there. They are all vulnerable and risky.
|
|
|
|
|
magneto
|
|
March 24, 2018, 05:30:23 AM |
|
I'm not really afraid about the security of my funds as I don't store anything on exchanges but It's worth mentioning that I received 3 Fail login attempts and then my account got locked. 15th March - 95.181.176.135
17th March - 73.196.57.191
19th March - 85.102.254.166
The IP addresses are not from the same country so It's most likely an attack with proxies on different accounts and not just mine. I thought I should let you guys know so in case you don't have 2FA enabled or strong password, do it. It's definitely not an accident, definitely planned and the hacker's trying to login from different IPs so that he doesn't get traced down. Probably using a proxy to do so, but it's definitely malicious in intent. I believe that I've heard users at cryptopia being hacked before, though I'm not sure if it's officially confirmed. But as warningsigns said, nobody should store any amount of coins on exchanges. If you have to exchange crypto, then do the exchange and get your money out asap. You never know what goes on in an exchange, you might not even get notified of hackers trying to get into your account. It might not even be hackers, it could be the exchange itself that becomes insolvent which ends up with you losing money. |
|
|
|
|
vanobe
Member
Offline
Activity: 164
Merit: 37
|
|
March 24, 2018, 06:41:41 AM |
|
I'm not really afraid about the security of my funds as I don't store anything on exchanges but It's worth mentioning that I received 3 Fail login attempts and then my account got locked. 15th March - 95.181.176.135
17th March - 73.196.57.191
19th March - 85.102.254.166
The IP addresses are not from the same country so It's most likely an attack with proxies on different accounts and not just mine. I thought I should let you guys know so in case you don't have 2FA enabled or strong password, do it. It's definitely not an accident, definitely planned and the hacker's trying to login from different IPs so that he doesn't get traced down. Probably using a proxy to do so, but it's definitely malicious in intent. I believe that I've heard users at cryptopia being hacked before, though I'm not sure if it's officially confirmed. But as warningsigns said, nobody should store any amount of coins on exchanges. If you have to exchange crypto, then do the exchange and get your money out asap. You never know what goes on in an exchange, you might not even get notified of hackers trying to get into your account. It might not even be hackers, it could be the exchange itself that becomes insolvent which ends up with you losing money. Sometimes an exchange gets hacked then robs its customers to cover its loss. It keeps quiet about the hack, then starts delaying withdrawals and playing dirty tricks to rob its customers of coins. Getting your coins off cryptopia unless necessary for a trade is good advice. |
|
|
|
|
LeGaulois
Copper Member
Legendary
Offline
Activity: 2870
Merit: 4088
Top Crypto Casino
|
|
March 24, 2018, 02:57:24 PM |
|
Hey @OmegaStarScream
I am glad to see I am not the only one. I got the same, maybe a week ago (just 1 attempt) Nothing to worry in my case. Are you using the same address on this exchange with your bitcointalk account (before the forum get compromised)? I believe some people with the database are simply trying to with the most popular exchanges in case someone used the same password
|
|
|
|
bitgiveen
Newbie
Offline
Activity: 12
Merit: 1
|
|
March 24, 2018, 03:02:19 PM |
|
Yeah even i received many login attempts from the past few days , my account even got locked but i really don't care cryptopia seems to me as one of the worst exchange with the worst design every possible and shit support Hey @OmegaStarScream
I am glad to see I am not the only one. I got the same, maybe a week ago (just 1 attempt) Nothing to worry in my case. Are you using the same address on this exchange with your bitcointalk account (before the forum get compromised)? I believe some people with the database are simply trying to with the most popular exchanges in case someone used the same password
Yes this might be the reason but if you have 2FA i don't think you should worry or just change your password as you might have the same password on the exchange which you used for your bitcointalk account |
|
|
|
|
OmegaStarScream (OP)
Staff
Legendary
Offline
Activity: 3458
Merit: 6090
|
|
March 24, 2018, 04:15:38 PM |
|
Hey @OmegaStarScream
I am glad to see I am not the only one. I got the same, maybe a week ago (just 1 attempt) Nothing to worry in my case. Are you using the same address on this exchange with your bitcointalk account (before the forum get compromised)? I believe some people with the database are simply trying to with the most popular exchanges in case someone used the same password
I'm not using the same email address and I'm very careful about using my email on sites so I'm honestly not sure how someone was able to get it unless It has been leaked from another exchange or something. |
|
|
|
LeGaulois
Copper Member
Legendary
Offline
Activity: 2870
Merit: 4088
Top Crypto Casino
|
|
March 24, 2018, 06:35:40 PM |
|
I see. In my case, Cryptopia isn't the first exchange I got this. There are about 5 exchanges where the same thing happened multiple times. And the very first was Bittrex. Coincidence or not, during this period I remember to read here a lot of users with a similar problem about their account; and a short period after, It's when Bittrex forced people with verification ID and limits such as x BTC per day to transfer out, etc...
|
|
|
|
|
timerland
|
|
March 25, 2018, 05:51:21 AM |
|
Hey @OmegaStarScream
I am glad to see I am not the only one. I got the same, maybe a week ago (just 1 attempt) Nothing to worry in my case. Are you using the same address on this exchange with your bitcointalk account (before the forum get compromised)? I believe some people with the database are simply trying to with the most popular exchanges in case someone used the same password
I'm not using the same email address and I'm very careful about using my email on sites so I'm honestly not sure how someone was able to get it unless It has been leaked from another exchange or something. Most likely... It's probably a crypto related email leak that has gone undetected and the hacker is trying it out on crypto exchanges.. Otherwise people who do not have their email addresses public should not even be getting any login attempts other than themselves. Unless the hacker is able to brute force his way through email addresses which is unlikely. Cryptopia is a broken exchange basically, so many complaints and unresponsive and irresponsible support. Also heaps of cases where people lost money because cryptopia had coins basically stolen and refused to compensate the user even partially, even though they were the ones listing them. I would not use any exchanges to store my funds for this exact reason, especially Cryptopia. Honestly there are way too many warnings already based on past cases that should deter you from storing any funds on exchanges, it's common sense. |
|
|
|
npredtorch
Legendary
Offline
Activity: 1246
Merit: 1049
|
|
March 25, 2018, 07:12:33 AM |
|
I'm on the same ride. For a while now I've been experiencing about two failed logins per day (sometimes there's gap), also from different IP addresses. March 19 - 110.175.251.101
March 18 - 103.81.222.190
March 17 - 188.68.0.99 Well, I'm not worried at all since I have turned on my email address 2fa but I'm thinking about the locked in period. Does cryptopia lock accounts not on IP basis? (based on OP - look likes it's not) |
|
|
|
|
exstasie
Legendary
Offline
Activity: 1806
Merit: 1521
|
|
March 25, 2018, 08:04:55 AM |
|
What's their policy on multiple accounts if you haven't done KYC? They obviously had a database leak. I wonder what other data was taken. I wouldn't load funds on my old account knowing that. I'd prefer to just make a new account with a fresh email address.
You can use 2FA for peace of mind (in fact you should anyway), but getting your account locked over this is also a bitch.
|
|
|
|
123frogs456
Newbie
Offline
Activity: 14
Merit: 0
|
|
March 25, 2018, 08:12:29 AM |
|
Sometimes an exchange gets hacked then robs its customers to cover its loss. It keeps quiet about the hack, then starts delaying withdrawals and playing dirty tricks to rob its customers of coins. Getting your coins off cryptopia unless necessary for a trade is good advice.
Wow, that sounds really scar? Which exchanges have been known to do that? I haven't heard of such a thing... Usually they announce the hack then they limit withdrawals or something. I'm pretty sure if they limited withdrawals before the hack, then people would just accuse the exchange of making up the hack.. |
|
|
|
|
OmegaStarScream (OP)
Staff
Legendary
Offline
Activity: 3458
Merit: 6090
|
|
March 25, 2018, 08:28:56 AM |
|
Does cryptopia lock accounts not on IP basis? (based on OP - look likes it's not)
Now after thinking about it, It sound stupid to lock accounts based on the account. In other words, If I know your email address, I could just lock it?  Either that or they actually got my password and the failed login represent that they weren't able to go through the 2FA? I'm honestly not sure. |
|
|
|
|
magneto
|
|
March 25, 2018, 09:02:02 AM |
|
Does cryptopia lock accounts not on IP basis? (based on OP - look likes it's not)
Now after thinking about it, It sound stupid to lock accounts based on the account. In other words, If I know your email address, I could just lock it? Either that or they actually got my password and the failed login represent that they weren't able to go through the 2FA? I'm honestly not sure. Exactly. If you are able to pull stuff like that just by knowing someone's email address, then it's not a good security measure to have. And if you have hackers on your tail trying to get into your account, if they wanted to, they could literally lock your account just by attempting to login with the wrong password over and over again. What's their policy on multiple accounts if you haven't done KYC? They obviously had a database leak. I wonder what other data was taken. I wouldn't load funds on my old account knowing that. I'd prefer to just make a new account with a fresh email address.
You can use 2FA for peace of mind (in fact you should anyway), but getting your account locked over this is also a bitch.
It could be their database being leaked, most likely which is why everyone on cryptopia is getting login attempt logged. Or, it could be another exchange who had their database leaked and they're just cross-checking the same email addresses on cryptopia. Is a possibility but less likely. Their multi-account policy is as follows: Multiple accounts for the purpose of defrauding, circumventing bans, soliciting or abusing Cryptopia Ltd. services will result in immediate termination of all related accounts, including seizure of all on-site digital property. I don't think creating a new account for the purpose of trying to avoid a hacker qualifies as any of those things. However it's best to check up with support still, even though you may never get a response back. Why use cryptopia anyways instead of another exchange when it's got so many problems with it? |
|
|
|
|
npredtorch
Legendary
Offline
Activity: 1246
Merit: 1049
|
|
March 25, 2018, 09:05:52 AM |
|
In other words, If I know your email address, I could just lock it? Exactly. That's what I'm referring to when I asked that question. It might be abused by those person who have our emails. Either that or they actually got my password and the failed login represent that they weren't able to go through the 2FA?
I guess no. If that's the case (they have both your email and password), instead of receiving the failed login email you must have received the login confirmation with the 2fa code in it. |
|
|
|
|
zazarb
Legendary
Offline
Activity: 3360
Merit: 1548
Get loan in just five minutes goo.gl/8WMW6n
|
|
March 25, 2018, 04:07:11 PM |
|
Last weeks I also noticed several email with warning that someone fail to login to my account, I don't think that problem with cryptopia exchange, email datebase can be leaked from anywhere(even bitcointalk few years ago) and until you turn on 2FA it remains safe.
|
|
|
|
exstasie
Legendary
Offline
Activity: 1806
Merit: 1521
|
|
March 25, 2018, 10:03:29 PM |
|
What's their policy on multiple accounts if you haven't done KYC? They obviously had a database leak. I wonder what other data was taken. I wouldn't load funds on my old account knowing that. I'd prefer to just make a new account with a fresh email address.
You can use 2FA for peace of mind (in fact you should anyway), but getting your account locked over this is also a bitch.
It could be their database being leaked, most likely which is why everyone on cryptopia is getting login attempt logged. Or, it could be another exchange who had their database leaked and they're just cross-checking the same email addresses on cryptopia. Is a possibility but less likely. I assumed the OP would not have reused an email address. That's a basic security precaution, a unique email address for each account. If it were a newbie posting I may have assumed otherwise. But it sounds like the leak could be from another exchange too: I'm not using the same email address and I'm very careful about using my email on sites so I'm honestly not sure how someone was able to get it unless It has been leaked from another exchange or something.
Why use cryptopia anyways instead of another exchange when it's got so many problems with it?
It's good for accumulating low-cap gems before they get listed on other exchanges. |
|
|
|
|
