Coinpayments robbed

[fiulpro]

Hacking coinpayments Wallet is no easy job ..
I think this is something grave since coinpayments is more or less Preety secure ... But day to day we are hearing news like these and the biggest companies are getting robbed thus I think the hackers might have something new that we know nothing about. It's scary to think like that but I think you should try..to locate the wallet address and then check out and register a complain if possible.
My condolences
Take care dude..it's hard earned money ..

[1713938083]

1713938083

[1713938083]

1713938083

[wiser]

I would consider two things:

1. Are you up to speed on how to keep your wallet safe? You know about private keys and how to not share them, etc.? You know about using a unique, tough to crack password for each site you log into? If you're not up to speed, then please educate yourself. Here's a good place to start: https://dnotesedu.com/2018/04/risk-reduction-strategies-in-cryptocurrency-investing-part-5-security-precautions/

2. The site may be unreliable or untrustworthy. If you are taking reasonable security precautions and still losing money, then it may be a problem with the site, in which case you should promptly withdraw all your funds and take your business elsewhere.

[realcrypto]

This sounds scary. Just have it in mine that hackers have upgraded to the level of deactivated every thing that will make you to receive email concerning their activities. It may be an insider or external forces.

[CryptoPartaker]

It's really annoying to hear people jump straight to SCAM and THEFT accusations before exploring all the possibilities. A lot of crypto companies face this kind of reputation tarnishing from crypto noobs that don't understand that coins are lost if they send BTC to an ETH address or that they can't get a refund after sending a transaction.

As far as CoinPayments goes, they have been around since 2013 and have always been fully transparent about things. Some of you mentioned the Ripple incident. Yes, it was unfortunate but CoinPayments fully repaid ALL stolen Ripple. See their official CoinPayments Ripple Theft statement. This should be undeniable proof that CoinPayments takes these things seriously and takes responsibility for their mistakes.

Anyway, I've had a CoinPayments account for 2 years and never had a problem. Only had to contact support once and they fixed the issue within 24hrs. I suggest you wait for a reply from their support as I'm sure they can get to the bottom of your predicament.

[CoinPayments]

Hello.

I noticed that someone stole bitcoin and litecoin from my 2 coinpayments wallet. Luckily, I transferring money from there almost daily so, stolen amount is not so high but still it makes me angry.

Hacker logged in to my account even I have 2FA there. Also I never received withdraw confirmation to email for those withdrawals. I sent ticket, but no reply yet.

One friend of mine also have same issue.

After XRP last year, seems like they leaking again.

Anybody else have same issue? Should we stop trust them?

Kind Regards,
Edin

Hi eduardo001,

Thank you for bringing this to our attention. If you can PM the support ticket number you filed, we would be more than happy to help you on this matter as we cannot assist on a public forum.

Also, if your friend that had the same issue in the past knows his/her support ticket number, we can definetly look into this matter further as well.

If you or your friend do not rememeber your support ticket number, feel free to open a new one at https://www.coinpayments.net/supwiz, our customer support team would be more than happy to assist you in resolving this issue.

[milewilda]

A decent amount of scam accusations has been raised against them in the last few months so you should look into the possibility that this was an inside job because a hacker accessing your coinpayments account, your email and your phone for 2FA (assuming that It's on phone) doesn't seem like a likely scenario. Do you have a withdrawal history? try to track where the funds went to.

Thinking the same way where i dont see any reasons for funds to be transacted and been transferred into other wallet without having the trouble on accessing it specially 2fa had bet out.Where we can highly presume that this would be an inside job. Same as yours its already making a buzz on such issues related into this loss of funds.

Do you have a withdrawal history? try to track where the funds went to.  -- Even if its shown its still pointless yet those funds wont never comeback.

[Brianlee0112]

These days, this hacking incidents have become so common. We have to be more careful in managing our accounts. We should try to give a more unique password. You could search the history in finding out where it was sent.

[bontkoli01]

There are some group of hackers who always try to hack super secured crypto wallet. You should better check the history and use offline security key to assure more security. And it is better not to share any information regarding your account, not even with your bed partner.

[pugman]

Coin payments should be help responsible for this, if you have done everything right. Open a scam accusation, post up enough proof, otherwise it's just your word against theirs.
Do contact their support before accusing them of anything.

[wiser]

The fact that CoinPayments responded on this thread is a really good sign. Do contact support and PM your support ticket, like they asked. I hope you get this resolved promptly. And then be sure to take all reasonable security precautions for your account.

[Sony.UK]

Coin payments should be help responsible for this, if you have done everything right. Open a scam accusation, post up enough proof, otherwise it's just your word against theirs.
Do contact their support before accusing them of anything.

I have seen some thread says that payments are repaid to the people who have lost the money with the coinpayments wallet mate. Still you does not get the payment back from the team.
As pugman said you need to open the thread on scam and acussation section to report they are not else you can pm to Lauda. She can bael to direct the right person on that coinpayments team.

[MrData]

I have seen some thread says that payments are repaid to the people who have lost the money with the coinpayments wallet mate. Still you does not get the payment back from the team.
As pugman said you need to open the thread on scam and acussation section to report they are not else you can pm to Lauda. She can bael to direct the right person on that coinpayments team.

You are thinking of the bug that let people overdraw XRP, those funds were fully repaid to the users since that was an issue on our end.

[teddy5145]

Hacking coinpayments Wallet is no easy job ..
I think this is something grave since coinpayments is more or less Preety secure ... But day to day we are hearing news like these and the biggest companies are getting robbed thus I think the hackers might have something new that we know nothing about.

If this is the case, there would be news all over the internet because a security vulnerability that lets a hacker bypass 2FA can be used not just on Coinpayments.
This is more like an inside job, I would suggest for OP to move his coins and to not use Coinpayments anymore.

I take it that OP are selling items and using CoinPayments as his Processors, correct?
It'd be better to start using Open Source Payment Gateway, setting it up for the first time takes time and effort, but it is highly customizable and secure as the codes are being maintained by the community

The fact that CoinPayments responded on this thread is a really good sign. Do contact support and PM your support ticket, like they asked. I hope you get this resolved promptly. And then be sure to take all reasonable security precautions for your account.

It's a brand new account, I doubt its the real Coinpayments account, it is easy to impersonate someone over the internet

[MrData]

It's a brand new account, I doubt its the real Coinpayments account, it is easy to impersonate someone over the internet

It is a real account, yes.

[Lucius]

Hello.

I noticed that someone stole bitcoin and litecoin from my 2 coinpayments wallet. Luckily, I transferring money from there almost daily so, stolen amount is not so high but still it makes me angry.

Hacker logged in to my account even I have 2FA there. Also I never received withdraw confirmation to email for those withdrawals. I sent ticket, but no reply yet.

One friend of mine also have same issue.

After XRP last year, seems like they leaking again.

Anybody else have same issue? Should we stop trust them?

Kind Regards,
Edin

Maybe some can say that I am not objective on this issue as I promote CoinPayments, but if there is a serious security breach in their system then there would be a lot more such threads. However, if your coins are missing from your account you have the right to seek explanation from CP and get answer how did this happen. I hope you get the answer as soon as possible and that you will post that info here.

You also need to know that 2FA is not 100% safe, and that hackers have ways to use 2FA against users, see this example of 2FA Hacking Coinbase or Ways To Hack 2FA

Also consider is there any possibility that you use very weak password for CP account, or did you use same password on some other service/site maybe?

[MrData]

Yep, the most common things we see are:

1) The user's email gets hacked, then the hacker just logs in if the password is the same or does a password reset since they have access to the email. If the user enables Google Authenticator/TOTP it would prevent this from working. A lot of the time they delete the emails afterwards to the user doesn't get tipped off too fast they were hacked.

2) Leaked API keys with 'auto_confirm' permission enabled. This usually comes from people's servers or software having vulnerabilities; a lot of the time especially on more questionable sites they are using pirated (aka "nulled") scripts with backdoors and such in them.

TLDR: For best results enable Google Authenticator/TOTP, if using API keys only enable permissions you need and IP whitelist and set limits if possible, if running your own server/software make sure you know how to secure your system.

[nniecan001]

Hello.

I noticed that someone stole bitcoin and litecoin from my 2 coinpayments wallet. Luckily, I transferring money from there almost daily so, stolen amount is not so high but still it makes me angry.

Hacker logged in to my account even I have 2FA there. Also I never received withdraw confirmation to email for those withdrawals. I sent ticket, but no reply yet.

One friend of mine also have same issue.

After XRP last year, seems like they leaking again.

Anybody else have same issue? Should we stop trust them?

Kind Regards,
Edin

Maybe some can say that I am not objective on this issue as I promote CoinPayments, but if there is a serious security breach in their system then there would be a lot more such threads. However, if your coins are missing from your account you have the right to seek explanation from CP and get answer how did this happen. I hope you get the answer as soon as possible and that you will post that info here.

You also need to know that 2FA is not 100% safe, and that hackers have ways to use 2FA against users, see this example of 2FA Hacking Coinbase or Ways To Hack 2FA

Also consider is there any possibility that you use very weak password for CP account, or did you use same password on some other service/site maybe?

When I visit your link about " Can Two-Factor Authentication be hacked? " , . It seems that 2FA is not easy to find a glitch or even the author tell that " it is worth using to greatly increase the security of the digital assets it protects.". That's why most of online wallet is recommended to use the 2FA security ( for example HITbtc and many more).

[Lucius]

When I visit your link about " Can Two-Factor Authentication be hacked? " , . It seems that 2FA is not easy to find a glitch or even the author tell that " it is worth using to greatly increase the security of the digital assets it protects.". That's why most of online wallet is recommended to use the 2FA security ( for example HITbtc and many more).

2FA is just additional security, but also every user need to protect his account with unique&strong password, but e-mail account should also have same kind of password (not identical of course). I think you should read better that article, 8 possible ways are mentioned for 2FA can be compromised. Users often do not take seriously security of their smartphones, and that's something all need to pay attention these days.

[Zicadis]

Don't know how much you lost but these are issues Coinpayments needs to put some keen interest into as this will dent their reputation.

And according to the OPs narration of how he lost his coins it's no rocket science that this has inside job written all over it unless hackers have gotten more sophisticated to pull this one off and Afaik I believed they are the payment processors that were supposed to be challenging competitors like bitpay

-snip-

TLDR: For best results enable Google Authenticator/TOTP, if using API keys only enable permissions you need and IP whitelist and set limits if possible, if running your own server/software make sure you know how to secure your system.

Ip whitelisting sounds like an effective way to protect valuables but the problem comes when you using a dynamic ip and you need to confirm your activities every time you try to login to get access which grows to a pen in the butt

[MrData]

Ip whitelisting sounds like an effective way to protect valuables but the problem comes when you using a dynamic ip and you need to confirm your activities every time you try to login to get access which grows to a pen in the butt

For IP Whitelisting I'm talking about API keys, generally you would be using these on a server and their IPs usually don't change.