kmahesh (OP)
Newbie
Offline
Activity: 11
Merit: 0
|
|
December 30, 2013, 03:06:40 PM |
|
Folks, I just thought I'd share my experience so others don't make the same mistake. I transferred $1500 from my HDFC bank to Bitstamp ( www.bitstamp.net) I received an email from them saying my funds were deposited. Within an hour of that, someone logged into my account, bought bitcoins, transferred them to their wallet A ND THEN changed the password. Clearly this wasn't an insider and NOT malware as I have no dodgy apps on my office laptop and also have Symantec Antivirus running. See log (please read bottom-up): 2013-12-28 12:29:01 173.254.216.67 Logged in 2013-12-27 17:34:47 209.222.8.196 Opened bitcoin withdrawal request for 0.025 BTC to 14hF8K4h7u4MAZsEJs5aRjXGVti6YBLTEn 2013-12-27 17:33:55 209.222.8.196 Opened limit buy order (amount: 0.025 BTC, price: $718.00) 2013-12-27 17:31:47 96.47.226.22 Changed user password 2013-12-27 17:29:27 96.47.226.22 Opened bitcoin withdrawal request for 2 BTC to 14hF8K4h7u4MAZsEJs5aRjXGVti6YBLTEn 2013-12-27 17:28:20 176.240.210.83 Opened limit buy order (amount: 2 BTC, price: $724.18) 2013-12-27 17:26:07 96.47.226.22 Logged in 2013-12-27 10:32:48 122.172.192.2 Logged in 2013-12-27 04:26:28 122.167.73.30 Logged in 2013-12-26 12:16:25 122.178.240.51 Logged in 2013-12-26 03:14:24 122.178.198.77 Logged in As you can see all 122.*.*.* are timestamps where I logged-in. Suddenly on 27th Dec, someone logs in from a diff IP, TRANSACTS in my account (buys/ transfers to wallet) AND THEN LATER changes password. Here is where the fun begins. There is no support number provided on www.bitstamp.net So I logged a support ticket and then someone replies to my email with a phone number. I call that UK number & after a few attempts...somebody answers the phone & I speak to somebody called Marko Rogan who does not have an employee ID! Guess why?? They are are limited liability company (LLC) incorporated in UK with a capital of just 1000 pounds! The "director" is a 24 year old Slovenian who does not have a contact number that he can be reached on! http://www.companiesintheuk.co.uk/ltd/bitstampMarko tells me that a password reset can be done & the temporary password will be mailed to the registered mail ID i.e. my email ID has been compromised. So I then raise a support request with Microsoft on www.outlook.com the mail ID that was "compromised" asking for details of all mails received/sent/deleted on 27th dec. I have reported the crime to the UK police http://www.actionfraud.police.uk/ The crime reference number CRN is NFRC131200484131. I will also be reporting this to the cyber crime police in Bangalore. Request you to please promote this post & ensure others don't fall prey. Also gather momentum to get the UK police to investigate this case and punish the guilty. Please DO NOT send funds or transact on www.bitstamp.net-Mahesh
|
|
|
|
|
|
|
|
|
The network tries to produce one block per 10 minutes. It does this by automatically adjusting how difficult it is to produce blocks.
|
|
|
Advertised sites are not endorsed by the Bitcoin Forum. They may be unsafe, untrustworthy, or illegal in your jurisdiction.
|
|
|
BTCIndia
|
|
December 30, 2013, 03:24:51 PM |
|
Welcome to quicksand called Bitcoin world!
|
He's Nick Sazbo from Washington. I've my answer. Or Hal? :O
|
|
|
americandesi
|
|
December 30, 2013, 04:09:10 PM |
|
Hello Mate,
I feel for you. Hacking user accounts are rampant in bitcoin exchanges. I don't think you had enabled 2-Factor authentication on your bitstamp account.
If you had, then this would not have been possible. Make sure you enable 2 factor auth on everything these days. And if you done so, then there could have been only 2 people who could have accessed your account. Either yourself or someone from bitstamp.
I use them on almost everything and if a website doesnot offer that kind of security, then i think twice before signing up.
Just my 2 satoshis. Thanks
|
|
|
|
thenoblebot
|
|
December 30, 2013, 05:44:30 PM |
|
Sorry to hear about the situation bro .......... will keep in mind about what you said. I was considering the same about transferring some funds.
Maybe this is the wrong time to ask you, but what did you tell the HDFC bank officials when sending the money ? I mean the purpose ... just curious if they didn't frown when you wrote the purpose of transmitting the money .. cause I was thinking the same with another bank.
Anyways what happened was bad ..... try forgetting about it and concentrate on trading ... maybe you will make up for the loss ... whats gone is gone , especially true in the crypto world.
Good luck and cheer up.
|
|
|
|
Amitabh S
Legendary
Offline
Activity: 1001
Merit: 1003
|
|
December 30, 2013, 07:34:13 PM |
|
Sorry for your loss.. But we'd like to know more about what happened to help others in future.
Was your bitstamp account compromised? or was your email account compromised.
Please share more details.
|
|
|
|
undeadbitcoiner
|
|
December 30, 2013, 08:34:50 PM |
|
Sorry to hear about your loss But Did you activate your 2 Factor? when you invest that money you must have activate your 2 Factor in Bitstam account and even in you Email.
I actually have some Damn Question How you Deposit money in your Bitstamp Account from India its hard to transmit money (As i know and as i heard some news) Quite Interesting point is for every small transaction bitstamp send SMS and even Email to verify transaction so how your account activated and how your transaction took place?
|
|
|
|
Benson Samuel
Legendary
Offline
Activity: 1890
Merit: 1000
Landscaping Bitcoin for India!
|
|
December 31, 2013, 04:17:13 AM |
|
Sorry to hear about your loss But Did you activate your 2 Factor? when you invest that money you must have activate your 2 Factor in Bitstam account and even in you Email.
I actually have some Damn Question How you Deposit money in your Bitstamp Account from India its hard to transmit money (As i know and as i heard some news) Quite Interesting point is for every small transaction bitstamp send SMS and even Email to verify transaction so how your account activated and how your transaction took place?
Someone on reddit had also confirmed making a deposit into Bitstamp from India.
|
|
|
|
kmahesh (OP)
Newbie
Offline
Activity: 11
Merit: 0
|
|
December 31, 2013, 07:22:47 AM |
|
Amitabh: My bitstamp account was compromised. With a few minutes of me receiving an email from them saying they had deposited the funds in my account, bitcoins were purchased & withdrawn. I did not receive any email in my account. Yes I had enabled 2 factor authentication!!
Bitstamp is blaming it on malware...I'm using my office laptop which has no dodgy software on it and has Symantec running.
Clearly...bitstamp is to blame for my loss.
|
|
|
|
undeadbitcoiner
|
|
December 31, 2013, 07:38:32 AM |
|
Sorry to hear about your loss But Did you activate your 2 Factor? when you invest that money you must have activate your 2 Factor in Bitstam account and even in you Email.
I actually have some Damn Question How you Deposit money in your Bitstamp Account from India its hard to transmit money (As i know and as i heard some news) Quite Interesting point is for every small transaction bitstamp send SMS and even Email to verify transaction so how your account activated and how your transaction took place?
Someone on reddit had also confirmed making a deposit into Bitstamp from India. May be bitstamp have different activating option for different country. Amitabh: My bitstamp account was compromised. With a few minutes of me receiving an email from them saying they had deposited the funds in my account, bitcoins were purchased & withdrawn. I did not receive any email in my account. Yes I had enabled 2 factor authentication!!
Bitstamp is blaming it on malware...I'm using my office laptop which has no dodgy software on it and has Symantec running.
Clearly...bitstamp is to blame for my loss.
2FA was activated but you didnt get any information? How is it possible? If you really activated your 2FA still your account was compromised then its a big issuee.
|
|
|
|
laserwolf
Newbie
Offline
Activity: 54
Merit: 0
|
|
December 31, 2013, 09:43:33 AM |
|
Amitabh: My bitstamp account was compromised. With a few minutes of me receiving an email from them saying they had deposited the funds in my account, bitcoins were purchased & withdrawn. I did not receive any email in my account. Yes I had enabled 2 factor authentication!!
Bitstamp is blaming it on malware...I'm using my office laptop which has no dodgy software on it and has Symantec running.
Clearly...bitstamp is to blame for my loss.
I don't think you had enabled 2-factor authentication. Did you register your phone, and do you get a 6-digit code on it that you need to enter when logging on?
|
|
|
|
escrow.ms
Legendary
Offline
Activity: 1274
Merit: 1004
|
|
December 31, 2013, 10:06:21 AM |
|
Bitstamp is blaming it on malware...I'm using my office laptop which has no dodgy software on it and has Symantec running.
Clearly...bitstamp is to blame for my loss.
Symantec is worst anti-virus dude and no anti-virus can keep your pc safe. Also are you sure that no one else except you accessed that laptop or your email id? Possibly someone that knows you personally did this. I will advice you to install malware bytes anti malware and scan your pc. If you have downloaded anything recently scan it on virustotal.com and btw do you have Java enabled in your pc?
|
|
|
|
ajax3592
Full Member
Offline
Activity: 210
Merit: 100
Crypto News & Tutorials - Coinramble.com
|
|
December 31, 2013, 10:18:48 AM |
|
That's the first time I've ever heard a bad experience with Bitstamp.
If I were to buy a Bitcoin now, they are the ones I'll wire the money onto as first priority.
Gotta be more careful maybe.
I think we should maintain a thread here for buying/selling bitcoin - the old fashioned way. Everyone put's their buy sell orders and OP updates it on the first post.
|
|
|
|
subvolatil
|
|
December 31, 2013, 12:08:39 PM |
|
That's the first time I've ever heard a bad experience with Bitstamp.
If I were to buy a Bitcoin now, they are the ones I'll wire the money onto as first priority.
Gotta be more careful maybe.
I think we should maintain a thread here for buying/selling bitcoin - the old fashioned way. Everyone put's their buy sell orders and OP updates it on the first post.
I had one running a few months back let me bring it back alive. Edit : use this https://bitcointalk.org/index.php?topic=194102.0
|
|
|
|
dishwara
Legendary
Offline
Activity: 1855
Merit: 1016
|
|
December 31, 2013, 12:52:18 PM |
|
With 2FA enabled its impossible to hack your account unless, some one also gains access to your mobile also. Its really confusing.
|
|
|
|
americandesi
|
|
December 31, 2013, 03:59:58 PM |
|
With 2FA enabled its impossible to hack your account unless, some one also gains access to your mobile also. Its really confusing.
It is not impossible. It is still possible. What if the 2FA Seed file itself is compromised on the server database. Then the attacker can generate the OTP code. (Remember the famous RSA Secure ID hack from 2011.?) Another possibility is, when you login with 2FA from your computer, then usually your browser cookie will be cached and if your computer has been infected with all the new bitcoin related malwares surfing up, then it is possible that the user's computer was a zombie in the hands of the hackers.
|
|
|
|
kmahesh (OP)
Newbie
Offline
Activity: 11
Merit: 0
|
|
January 01, 2014, 06:42:20 PM |
|
Just to be on the safer side I have raised a support request to Microsoft to provide me all IP addresses of successful logins from my email ID and all emails received/ sent/ deleted during the period 24 - 30 Dec '13.
I can confirm I haven't received an email for temporary password on bitstamp or the transaction verification email etc.
Something is very very strange.
|
|
|
|
escrow.ms
Legendary
Offline
Activity: 1274
Merit: 1004
|
|
January 01, 2014, 07:32:22 PM |
|
With 2FA enabled its impossible to hack your account unless, some one also gains access to your mobile also. Its really confusing.
What if 2FA was enabled on a infected pc that was recording all keystrokes or grabbing forms. XD As americandesi said 2FA is useless if seed is already compromised by some hacker.
|
|
|
|
kmahesh (OP)
Newbie
Offline
Activity: 11
Merit: 0
|
|
January 01, 2014, 07:48:03 PM |
|
I'm 100% sure my laptop is not infected. However there is just one possibility; I installed 2 bitcoin price tracker add-ons in Firefox...could this be logging key strokes? http://i44.tinypic.com/23kvgbc.jpg-Mahesh
|
|
|
|
dishwara
Legendary
Offline
Activity: 1855
Merit: 1016
|
|
January 01, 2014, 09:45:59 PM |
|
With 2FA enabled its impossible to hack your account unless, some one also gains access to your mobile also. Its really confusing.
What if 2FA was enabled on a infected pc that was recording all keystrokes or grabbing forms. XD As americandesi said 2FA is useless if seed is already compromised by some hacker. I think you cant use same 2FA generated code many time. Its not password, its OTP. I think it expires after 5-10 mints, not sure. Besides his logs says the log in happened in a 7 hours gap. 2013-12-27 17:26:07 96.47.226.22 Logged in 2013-12-27 10:32:48 122.172.192.2 Logged in
If seed in server database got compromised, then every ones account in Bitstamp is also compromised, not only his account & so far no one complained except him.
|
|
|
|
nefron
Newbie
Offline
Activity: 58
Merit: 0
|
|
January 02, 2014, 01:31:21 AM |
|
my guess is your email id has been compromised, as soon as you received the mail(to which he had access to) stating the funds are transferred, he logged in made a buy and ran away.
am not sure whether microsoft provides list ip addresses from which user login took place like in gmail, if there is such option check those logs too, you might find a clue.
|
|
|
|
|