Bitcoin Forum
November 15, 2024, 06:31:03 PM *
News: Latest Bitcoin Core release: 28.0 [Torrent]
 
   Home   Help Search Login Register More  
Pages: [1]
  Print  
Author Topic: Bitstamp security hull breach?  (Read 1516 times)
Demarsac (OP)
Sr. Member
****
Offline Offline

Activity: 504
Merit: 272



View Profile
November 09, 2013, 06:57:34 AM
 #1

Hello All,

I have been trading bitcoins for a year now and although i always thought Bitstamp is reliable i am having doubts since what happened a week ago.

I am going to tell you a small story that explains what happened and i would like people to comment and check their views in what they think happened and also if someone has any ideas on how to tackle this it will be more than welcomed.
I will give a bounty of 3 BTC if anyones help proves to be important to solve this case....

So here is my story...


Last Friday I had around 6.000 $ in cash into my Bitstamp account after several bitcoin buy/sell and deposits of cash from my Bank etc. and so I decided to withdraw this amount. I did the process normally. This goes through an email verification sent to my email and I click on a link giving them the verification needed.

After several hours (after midnight of Friday 1st November, Saturday early morning the 2nd November) I changed my mind regarding the withdrawal of the funds and decided to cancel this and play a bit more with buying and selling bitcoins. Just before I go to sleep at around 2.00am I decided to sell all my bitcoins eventually and ask for a withdrawal of funds (again around 5.800 $).

So I did the same process again and pressed the withdrawal button. Then the funds disappeared from my account (as they should) and I felt that all is ok.

Next morning I remembered that I never received the normal email confirmation and so I never reconfirmed this withdrawal. Then I started emailing the support ofBitstamp.net and trying to see if it did go through. The support said that no 2ndwithdrawal was ever requested (the first withdrawal was the one I cancelled initially) and so the problems started.



After checking thoroughly the logs and history of my transactions what it shows is that I have withdrawn all bitcoins and have send them to another bitcoin address. . WHICH I NEVER DID.
 In fact it shows that I have withdrawn in 5 separate bitcoin withdrwal requests. The weirdest thing is that the way the logs show that I have withdrawn the bitcoins is the exact way I sold the bitcoins to bitstamp order book. But instead of showing sell in the log it shows withdrawal.

Of course I did not withdraw any bitcoins anywhere and that's why i am here now...

 

Recap

·         I make 1st withdraw of cash 5.960 $ the morning of Friday the 1st November. I receive the email confirmation and I reconfirm

·         I cancel the withdrawal and decide to play a bit more by buying and selling bitcoins

·         I decide to cash out everything by selling my 29.25 bitcoins. This happens in selling intervals of 10 btc, 8 btc, 5 btc, 5 btc and last 1,25 btc for a total of 29,25 bitcoins

·         I take all the cash and ask for a withdrawal in my bank account but never get that confirmation email I always get.

·         Funds do not appear anymore in my account and I decide to start speaking with the support. I get late answers from them and nothing specific. The only thing they say is the obvious (whatever is in the log) but not true of course.


Possible things that happened (my opinion)

 1. Someone managed to hack my email account plus my Bitstamp account and enter while i was already inside. Managed to take the bitcoins in the same sequence that i sold them?? and withdrew in his bitcoin address. At the same time i continued to show that i DID SELL the bitcoins and used the amount to make a Fund Withdraw. Highly unlikely
2. Bitstamp has taken these bitcoins from me
3. There is a SERIOUS security problem with Bitstamp that they know it but try to through some smoke...

Fact remains that i AM MISSING either 29,25 BITCOINS OR 5.800 $ (This was with 200 $ per bitcoin pricing- I know now its much more)

So what do you guys think?
Pente
Hero Member
*****
Offline Offline

Activity: 528
Merit: 527



View Profile WWW
November 09, 2013, 07:34:46 AM
 #2

Once upon a time, when I was young, I use to be a programmer. My instincts say that this is a programming glitch at Bitstamp caused by the withdrawal, cancellation, then final withdrawal.
Demarsac (OP)
Sr. Member
****
Offline Offline

Activity: 504
Merit: 272



View Profile
November 09, 2013, 07:56:13 AM
 #3

Thank you Pente
But a programming glitch that left me with 29 bitcoins less.....
Where would these bitcoins be?
naur
Newbie
*
Offline Offline

Activity: 35
Merit: 0


View Profile
November 09, 2013, 08:37:01 AM
 #4

contact with support team of Bitstamp and check the security of your computer.

They can check the log information of withdrawal in their system and find the email address of withdrawal confirmation when you 2nd withdraw.
Demarsac (OP)
Sr. Member
****
Offline Offline

Activity: 504
Merit: 272



View Profile
November 09, 2013, 08:48:43 AM
 #5

Already done that
They said that their system sends the email automatically and that I have made the confirmation required or else the bitcoin withdrawals wouldn't have gotten through

But the fact remains that I never received anything and they haven't send any proof to me that they truly emailed me
X68N
Hero Member
*****
Offline Offline

Activity: 672
Merit: 500


View Profile
November 09, 2013, 09:33:30 PM
 #6

Sen you must request the email adress from the support, and the time when it was confirmed.

Seems like a hack of your email or bitstamp account.
You can also request IP logs. And the original email the system sends out to confirm.

i will consider to buy a smartphone only for the 2.factor Athentication.

YOBIT IS SCAM , YOBIT IS SCAM , YOBIT IS SCAM meine Steuerdatei:
https://bitcointalk.org/index.php?topic=612741.msg19244732#msg19244732
stancarrott
Newbie
*
Offline Offline

Activity: 29
Merit: 0


View Profile
November 09, 2013, 11:38:46 PM
 #7

There's a phishing scam currently targeting Bitstamp users - I was nearly taken in today.
Perhaps this was how your Bitstamp account and email were compromised...

See my post here https://bitcointalk.org/index.php?topic=329219.msg3531877#msg3531877
Demarsac (OP)
Sr. Member
****
Offline Offline

Activity: 504
Merit: 272



View Profile
November 10, 2013, 09:14:08 AM
 #8

Sen you must request the email adress from the support, and the time when it was confirmed.

Seems like a hack of your email or bitstamp account.
You can also request IP logs. And the original email the system sends out to confirm.

i will consider to buy a smartphone only for the 2.factor Athentication.

The support said that I confirmed the transactions normally ( which of course I never did)
I can ask for the emails but I think it is easy to forge this and present it like they send it. Unless I go there with a warrant.

I have all the ip logs already and it is not my IP that did all the bitcoin withdrawals.
What do I do with the ip? It's under a proxy so do I go to the ip provider with a warrant or what?

Demarsac (OP)
Sr. Member
****
Offline Offline

Activity: 504
Merit: 272



View Profile
November 10, 2013, 09:27:22 AM
 #9

There's a phishing scam currently targeting Bitstamp users - I was nearly taken in today.
Perhaps this was how your Bitstamp account and email were compromised...

See my post here https://bitcointalk.org/index.php?topic=329219.msg3531877#msg3531877

Thanks Stancarrot

Unless this happened a while back and they were waiting for the right time to hit I don't remember this happening to me.

Isn't it very weird the timing they did all this though?

They did this the exact time I was selling my bitcoins and instead they withdrew them to alternate addresses and they also deleted my email confirmations without me noticing....
Sound like a program problem to me
Or a very bad dream I am about to wake up and have all my money back
stancarrott
Newbie
*
Offline Offline

Activity: 29
Merit: 0


View Profile
November 10, 2013, 03:47:49 PM
 #10

They did this the exact time I was selling my bitcoins and instead they withdrew them to alternate addresses and they also deleted my email confirmations without me noticing....

A few things you might consider then....

If your email was compromised, rather than monitoring your account 24/7, the clever thing for them to do would be set up a filter to auto delete/redirect incoming mails from Bitstamp (since you have to contact Bitstamp support to actually change your contact details - I don't know what security checks they do though). Check to see if there is a new filter in your email account (they could easily have deleted it after but worth checking). Did they empty your email trash bin?

Also, did you have 2 factor authentication enabled (i.e. via a code on your phone) on your Bitstamp account? If you did (but it sounds like you didn't), then that narrows it down a bit since having your username/password shouldn't be enough for hackers to scam you.

Did you change your password after first logging in to Bitstamp? Under the scam I outlined in my post, if you changed your password and didn't login through the fake portal again (Bitistamp.net), they would (I think) no longer have access.

These things might help you figure out whether the problem is internal or external to Bitstamp i.e. hackers or Bitstamp themselves. I have never withdrawn funds from Bitstamp so I don't know the details of the process, nor am I an IT/Bitcoin expert so I can't advise there. However, if your BTCs are now at another BTC address, you can follow your coins in the blockchain or obtain the address from Bitstamp, then you may consider contacting a Bitcoin forensic expert company such as mentioned in this article http://www.bitcoinbulletin.com/2013/08/14/btc-security-evolves-now-you-can-recover-stolen-bitcoin/ (UK based - I have no experience with them, I just stumbled across the article).

Regardless - sorry for your loss. It does sound like a bad dream.
Pages: [1]
  Print  
 
Jump to:  

Powered by MySQL Powered by PHP Powered by SMF 1.1.19 | SMF © 2006-2009, Simple Machines Valid XHTML 1.0! Valid CSS!