botany
Legendary
 Offline
Activity: 1582
Merit: 1064
|
 |
May 06, 2018, 01:51:57 PM |
|
Not that isolated as you think, i did find another guy, whose account was hacked 25 days before mine. The chances to be my own mistake are quite low, a check with 4 antiviruses reviled nothing. Chrome history looks OK, my extensions have been verified, my Gmail has no trace of an external device.
My first ticked i opened with their support was me, explaining the problem, and asking them for t a list with recent login ips and informations. Guess what?! They ignored it !
This might seem like a very silly question, but how secure/robust was your password. Did you have a unique password or did you reuse your password on other websites? Given that you did not use 2FA, your password would have been your only defence. |
|
|
|
|
|
|
|
|
|
|
|
|
|
"Your bitcoin is secured in a way that is physically impossible for others to access, no matter for what reason, no matter how good the excuse, no matter a majority of miners, no matter what." -- Greg Maxwell
|
|
|
Advertised sites are not endorsed by the Bitcoin Forum. They may be unsafe, untrustworthy, or illegal in your jurisdiction.
|
|
|
|
|
|
|
milewilda
Legendary
Offline
Activity: 3108
Merit: 1127
|
|
May 06, 2018, 02:07:03 PM |
|
So, The exchange platform is Bitlish.com.
Exchange is registered on
Reg no. 9564930
161-165 Farringdon Road, London, United Kingdom, EC1R 3AL.
Context:
On april 30, between 2-3 AM my account was hacked, my 4000HBZ were sold for a crappy price in ETH, then converted to BTC and sent out to an external wallet.
In the morning i found the language switched to RU and all funds gone.
I submitted some tickets to their atifraud sistem,and after allot of waiting, they asked me for some photos with my ID, selfie, and a proof of address . (Is this legal? Do i have to send them?)
What would you recommend for me to do, so i get my assets back?
I know it's a long shot, for an exchange to refund it's users after a hack occurred, But i'm willing to do anything, even if i lose more money with lawyers and stuff like that, than what i already lost.
I also know i din't lose allot of money, my 4k HBZ were about 40-60$. But i bought those in ICO stage with 0.15$ per coin, so seeing the price drop, and after that losing my coins after i invested time into a project pissed me off.
I think it would be pointless because no exchange would really make a refund when someones account was hacked since its a traders or users diligence on the security of its account.Once tokens are sold and converted to BTC and sent to 3rd party wallet then exchange cant do nothing if they would decide to make refund then thats too generous for them but mostly they wouldnt do such thing. |
|
|
|
fishmon (OP)
Newbie
Offline
Activity: 16
Merit: 0
|
|
May 13, 2018, 10:19:12 AM |
|
I have found no news that this exchange is hacked, so this would mean that this is isolated case.Probably you are victim of phisning or some sort of malware/RAT on your device who came into possession of your login details and stole your funds.
After you submit ticket to their support they just want to be sure that you are the real owner of that account,so this is something you should do in my opinion.They will maybe conduct some kind of investigation to find out who is hacker.
In my opinion there are three possible causes which caused the loss of your funds :
- You are victim of phishing/malware.
- There is a security flaw in exchange system.
- This was inside job.
If it's the first case then it is not realistic to expect a refund,obviously it is the user's failure.In case the loss of funds came due second or third option,you can hope for refund-but in that case you will have to prove that this is exactly what it is happened.
Definitely, you don't have any right to claim any recover or even damages as the hacked was made possible to your own mistakes. Seeing that you are the only one affected proves that the hack only has targeted you and not the whole exchange itself. 60$ is a lot of money but I wouldn't go through legal proceeding as it won't be worth it as it is only a few bucks to consider it in that procedure. As for you providing your proof of identity to them all I can say is legal and other exchanges are doing it as well, some exchanges even limit your account if yours is not verified. Sending your proper documents would help them identify you as the right owner of the account. Not that isolated as you think, i did find another guy, whose account was hacked 25 days before mine. The chances to be my own mistake are quite low, a check with 4 antiviruses reviled nothing. Chrome history looks OK, my extensions have been verified, my Gmail has no trace of an external device. My first ticked i opened with their support was me, explaining the problem, and asking them for t a list with recent login ips and informations. Guess what?! They ignored it ! Are you in talks with the other victim? and can you find any kind of relation to your current situation? Because if not your current situation could still be counted as an isolated incident. Plus minor evens like a few members that got hack cannot prove that the exchange's system has a threat in their security. Try asking for a follow up on your request maybe they will give you the information this time. And does your account not 2fa enabled? These guys are smth else. The ways these antifraud system works is just to demoralize you, and keep asking you for unrelated documents, and shit like that just so it makes you give up . I've been asked for ID, Selfie with ID, Proof of adress, Proof of bank statement . After some days with no reply, i get a call with a hidden caller ID while i was at work(obviously i could not answer) from them. I ask them thrw a mail some updates and they told me anti-fraud called me a few days before , and i should have answered. BULLSHIIIT Isolated case or not, it was not my fault . |
|
|
|
|
fishmon (OP)
Newbie
Offline
Activity: 16
Merit: 0
|
|
May 13, 2018, 10:27:17 AM |
|
Not that isolated as you think, i did find another guy, whose account was hacked 25 days before mine. The chances to be my own mistake are quite low, a check with 4 antiviruses reviled nothing. Chrome history looks OK, my extensions have been verified, my Gmail has no trace of an external device.
My first ticked i opened with their support was me, explaining the problem, and asking them for t a list with recent login ips and informations. Guess what?! They ignored it !
This might seem like a very silly question, but how secure/robust was your password. Did you have a unique password or did you reuse your password on other websites? Given that you did not use 2FA, your password would have been your only defence. Well, It's a 12 Alpha-numeric characters passw . I don't use the same passw on multiple exchanges, for obvious reasons . I try to keep my ass away from exchanges like HitBTC, and I've always tried to secure my passwords and accounts .I just don't like 2FA , as I find it time consuming, and I don't always have my smartphone around to get a text or to use my gAuth . Do i really need to be punished for not liking 2FA ? Trying to brute-force a 12 characters passw will sure take decades |
|
|
|
|
fishmon (OP)
Newbie
Offline
Activity: 16
Merit: 0
|
|
May 13, 2018, 10:34:48 AM |
|
So, The exchange platform is Bitlish.com.
Exchange is registered on
Reg no. 9564930
161-165 Farringdon Road, London, United Kingdom, EC1R 3AL.
Context:
On april 30, between 2-3 AM my account was hacked, my 4000HBZ were sold for a crappy price in ETH, then converted to BTC and sent out to an external wallet.
In the morning i found the language switched to RU and all funds gone.
I submitted some tickets to their atifraud sistem,and after allot of waiting, they asked me for some photos with my ID, selfie, and a proof of address . (Is this legal? Do i have to send them?)
What would you recommend for me to do, so i get my assets back?
I know it's a long shot, for an exchange to refund it's users after a hack occurred, But i'm willing to do anything, even if i lose more money with lawyers and stuff like that, than what i already lost.
I also know i din't lose allot of money, my 4k HBZ were about 40-60$. But i bought those in ICO stage with 0.15$ per coin, so seeing the price drop, and after that losing my coins after i invested time into a project pissed me off.
I think it would be pointless because no exchange would really make a refund when someones account was hacked since its a traders or users diligence on the security of its account.Once tokens are sold and converted to BTC and sent to 3rd party wallet then exchange cant do nothing if they would decide to make refund then thats too generous for them but mostly they wouldnt do such thing. Everybody saying this, that It's the users fault .If it was indeed my fault, i would sure take the blame, and stop crying over 100$ i lost( about 600$ bought in ICO stage). But i kept thinking, and analyzed my system, my pc security, i even analyzed the damn ip's connected to my wi-fi network and really found nothing. Something is bugging me actually. Why didn't they gave me the last ip's log's , when i told them about my situation? (Found my account with language changed in the morning, to RU) . P.S. CO and other project members are from Russia . |
|
|
|
|
|
palle11
|
|
May 16, 2018, 10:25:05 PM |
|
Sorry, with your last response, I think your account was either hacked or you enter an unsecured site/phishing site. This is really unfortunate, I condole with you. We need care while visiting sites.
|
|
|
|
|
|
