* * * Bitstamp is a fraud company...beware!! * * *

[undeadbitcoiner]

2013-12-27 17:26:07 96.47.226.22 Logged in
2013-12-27 10:32:48 122.172.192.2 Logged in

If seed in server database got compromised, then every ones account in Bitstamp is also compromised, not only his account & so far no one complained except him.

That is what the proof of his account was either not secured (2FA Enabled but not was Activated) and his Email also was either in control of others or 2FA was not enabled.
We doing trade of just 100$ we use to activate 2FA and till now everything is well and every time we are been notified how could he invest 1500$ and just leave it its just like you have a Diamond Necklace you keep in your room, you are staying in your leaving room so windows of your room are open so anyone could hookup and take it out so latter in night you cant say that I was in my house but still my Necklace lost.
When you have 1500$ worth necklace in you room do you leave you window open? of course not. In such case you would be blamed not that thief.

[CYPER]

Until OP provides proof he had 2F auth enabled, it is to be assumed he hadn't.

[kmahesh]

undeadbitcoiner: Let me clarify..

1. I had 2FA enabled on my bitstamp account
2. I did not receive any trade confirmation email...the thief was an insider (bitstamp)...look at my original post, the thief logged in...placed a limit order AND THEN changed password

nefron: My guess is as good as yours...the thief perhaps knew there was money deposited in my account & quickly decamped with bitcoins.

Yes Microsoft does provide IP's and I have asked for details including mails received/ deleted.

2013-12-27 17:26:07 96.47.226.22 Logged in
2013-12-27 10:32:48 122.172.192.2 Logged in

If seed in server database got compromised, then every ones account in Bitstamp is also compromised, not only his account & so far no one complained except him.

That is what the proof of his account was either not secured (2FA Enabled but not was Activated) and his Email also was either in control of others or 2FA was not enabled.
We doing trade of just 100$ we use to activate 2FA and till now everything is well and every time we are been notified how could he invest 1500$ and just leave it its just like you have a Diamond Necklace you keep in your room, you are staying in your leaving room so windows of your room are open so anyone could hookup and take it out so latter in night you cant say that I was in my house but still my Necklace lost.
When you have 1500$ worth necklace in you room do you leave you window open? of course not. In such case you would be blamed not that thief.

[aakashkumar]

Hi Post Screen shot  or a video  . text is not enough .
 it looks Incense ,
Bitstamp 30 days Trade Volume is 868978 BTC  == about 643,043,720.00 $
they earning about 1,286,087.44 $ From Fees .  


may be a FUD virus .




 

[kmahesh]

aakashkumar:

https://i.imgur.com/pBtn0mi.jpg

As you can see from the link: My usual IP is 122.*.*.* On 27th Dec minutes after I got an email saying my deposit was confirmed i.e. at 17:26:07 (GMT) somebody logged in to my account, placed a limit buy order, then opened a withdrawal request AND THEN changed password! And then placed an order for 0.025 BTC with whatever little money was remaining and requested transfer again. I was unable to login to my account and requested a password reset on 30th Dec.

Hi Post Screen shot  or a video  . text is not enough .
 it looks Incense ,
Bitstamp 30 days Trade Volume is 868978 BTC  == about 643,043,720.00 $
they earning about 1,286,087.44 $ From Fees .  


may be a FUD virus .




 

[aakashkumar]

@kmahesh ,Don't blame Bitstamp.  so  some bloody hacker  did this to you .

you have one think to do . Format your PC .


Trace down the hacker ,  http://www.bleepingcomputer.com/tutorials/tracing-a-hacker/
 http://www.webtorials.com/content/2012/07/tracking-hackers-down---then-striking-back.html

[kmahesh]

aakashkumar: Do you by any chance work for bitstamp? How can a company as you claim earning over $1M be registered as a LLC (limited liability company) in UK? When I transferred funds to them, I deposited funds to a bank account in Slovenia although the "registered address" of bitstamp is in UK! They don't have a contact number (board line) and employees don't have employee ID's.

They are incorporated as an LLC in UK with a capital of 1000 pounds and do earn commission worth $1M upwards??

Feel free to verify facts:

http://www.companiesintheuk.co.uk/ltd/bitstamp

~MK

[aakashkumar]

@kmahesh ,Don't blame Bitstamp.  so  some bloody hacker  did this to you .

you have one think to do . Format your PC .


Trace down the hacker ,   http://www.bleepingcomputer.com/tutorials/tracing-a-hacker/
 http://www.webtorials.com/content/2012/07/tracking-hackers-down---then-striking-back.html

https://bitcointalk.org/index.php?action=profile;u=38966

[dishwara]

The ip addresses are of TOR exit nodes.
209.222.8.196
96.47.226.22
173.254.216.67

While this address is from Turkey, Istanbul.
176.240.210.83  (used to put buy order)
which may be used to track hacker if its not a proxy address.

[rohirrim]

mahesh did you scan your laptop as was earlier suggested by escrow.ms?

[americandesi]

If you had 2FA enabled, then i would say it is either

1) One of those bitcoin firefox addons that you installed are rogue and logging your key strokes.
2) You laptop is affected with bitcoin related malware (don't tell that you have symantec running. They are worthless. I left symantec antivirus longback).

[BunworthBanshee]

I find this weird and hard to believe. 

I have bought plenty of bitcoin with bitstamp and never a problem.

IMO they are one of the best.

will be watching this tread.

[satanic_saint]

OP :
You can see recent login activity of your outlook account on : https://account.live.com/Activity

To check for deleted email, outlook provides an option to recover deleted mails.
Go to your deleted mail folder and scroll down, you should see an option to recover mail.

If you have 2FA, it's very tough to hack your account. Did you set 2FA confirmation receive as email ? In that case, maybe your mail account was also compromised and so 2FA was useless.

As other have said, your system might be infected with BitCoin malware/trojan horse. That is the only way a hacker already had password to both of your accounts.

Also remember that if you have some branded antivirus doesn't mean you are fully secured. Nothing can completely protect your system.
Try scanning your system with MalwareBytes AntiMalware, HitManPro and Kaspersky. Check all the addons you have installed in your browser.

I don't think BitStamp will cheat you for $1500.

[laserwolf]

undeadbitcoiner: Let me clarify..

1. I had 2FA enabled on my bitstamp account
2. I did not receive any trade confirmation email...the thief was an insider (bitstamp)...look at my original post, the thief logged in...placed a limit order AND THEN changed password

nefron: My guess is as good as yours...the thief perhaps knew there was money deposited in my account & quickly decamped with bitcoins.

Yes Microsoft does provide IP's and I have asked for details including mails received/ deleted.

2013-12-27 17:26:07 96.47.226.22 Logged in
2013-12-27 10:32:48 122.172.192.2 Logged in

If seed in server database got compromised, then every ones account in Bitstamp is also compromised, not only his account & so far no one complained except him.

That is what the proof of his account was either not secured (2FA Enabled but not was Activated) and his Email also was either in control of others or 2FA was not enabled.
We doing trade of just 100$ we use to activate 2FA and till now everything is well and every time we are been notified how could he invest 1500$ and just leave it its just like you have a Diamond Necklace you keep in your room, you are staying in your leaving room so windows of your room are open so anyone could hookup and take it out so latter in night you cant say that I was in my house but still my Necklace lost.
When you have 1500$ worth necklace in you room do you leave you window open? of course not. In such case you would be blamed not that thief.

Bitstamp uses Google Authenticator for 2F via SMS. That means you need to register your cell phone. When you try to login, you will receive a 6 digit code on your phone. Without entering this code, you cannot login.

While I can understand you are upset, there is no point in blaming Bitstamp. It's clear your email was compromised, and you did not have 2F enabled.

Bitstamp has a very good reputation, and you sound more and more unreasonable when you blame Bitstamp.

[Amitabh S]

OP give details of your 2FA. Did you really have 2FA on??

[Steve_1982]

To be extra safe, only access financial data from a non Windows system. It's too easy for a Windows system to be infected with malware (includes keyloggers) and custom malware is almost untraceable, you can read about how pc's are affected on hackforums.net with RATs.

That's not to say that bitstamp (or a rogue employee) may not be at fault.

[undeadbitcoiner]

As we can clearly see there are Different IP in every Transaction, Every Login so its of some hacker who is using automated IP changer software so noone could track him. About Capital and gain may be you know about UK law untill CASH withwral Bitstamp is not required to pay there taxes for 1M$ which they earn in BTC
About Bitstamp could do it is completly wrong because they are reputed company in the Bitcoin Market.
Your 2FA not was completly Activated with your 6 digit or its the problem with somemalware which already affected before activating your 2FA.

[rohirrim]

okay I didn't know this till yesterday that there is an authenticator app for windows phone as well called "Authenticator" by Microsoft. So I am using 2 factor authentication now. I got used to it in a day. I use a clean laptop to access financial stuff. So probably it's not for me. But there's nothing like being too careful. So 2 factor authentication is a very good thing. What happened to mahesh should not happen to anyone else.

[Avinash RP]

Dear Mr. Mahesh,

Thank you for sharing this on forum and also we have a Bitcoin event in couple of weeks ahead, so can you please share this experience with the audience?

Please email @ avinashrp2@gmail.com to confirm.

Look forward to hear from you.

Thanks,
Avinash

Folks,

I just thought I'd share my experience so others don't make the same mistake.

I transferred $1500 from my HDFC bank to Bitstamp (www.bitstamp.net)

I received an email from them saying my funds were deposited. Within an hour of that, someone logged into my account, bought bitcoins, transferred them to their wallet AND THEN changed the password.

Clearly this wasn't an insider and NOT malware as I have no dodgy apps on my office laptop and also have Symantec Antivirus running.

See log (please read bottom-up):

2013-12-28 12:29:01 173.254.216.67 Logged in 
2013-12-27 17:34:47 209.222.8.196 Opened bitcoin withdrawal request for 0.025 BTC to 14hF8K4h7u4MAZsEJs5aRjXGVti6YBLTEn 
2013-12-27 17:33:55 209.222.8.196 Opened limit buy order (amount: 0.025 BTC, price: $718.00) 
2013-12-27 17:31:47 96.47.226.22 Changed user password 
2013-12-27 17:29:27 96.47.226.22 Opened bitcoin withdrawal request for 2 BTC to 14hF8K4h7u4MAZsEJs5aRjXGVti6YBLTEn 
2013-12-27 17:28:20 176.240.210.83 Opened limit buy order (amount: 2 BTC, price: $724.18) 
2013-12-27 17:26:07 96.47.226.22 Logged in
2013-12-27 10:32:48 122.172.192.2 Logged in 
2013-12-27 04:26:28 122.167.73.30 Logged in 
2013-12-26 12:16:25 122.178.240.51 Logged in 
2013-12-26 03:14:24 122.178.198.77 Logged in 

As you can see all 122.*.*.* are timestamps where I logged-in. Suddenly on 27th Dec, someone logs in from a diff IP, TRANSACTS in my account (buys/ transfers to wallet) AND THEN LATER changes password.

Here is where the fun begins. There is no support number provided on www.bitstamp.net So I logged a support ticket and then someone replies to my email with a phone number. I call that UK number & after a few attempts...somebody answers the phone & I speak to somebody called Marko Rogan who does not have an employee ID! Guess why?? They are are limited liability company (LLC) incorporated in UK with a capital of just 1000 pounds! The "director" is a 24 year old Slovenian who does not have a contact number that he can be reached on!

http://www.companiesintheuk.co.uk/ltd/bitstamp

Marko tells me that a password reset can be done & the temporary password will be mailed to the registered mail ID i.e. my email ID has been compromised. So I then raise a support request with Microsoft on www.outlook.com the mail ID that was "compromised" asking for details of all mails received/sent/deleted on 27th dec.

I have reported the crime to the UK police http://www.actionfraud.police.uk/ The crime reference number CRN is NFRC131200484131. I will also be reporting this to the cyber crime police in Bangalore.

Request you to please promote this post & ensure others don't fall prey. Also gather momentum to get the UK police to investigate this case and punish the guilty.

Please DO NOT send funds or transact on www.bitstamp.net

-Mahesh

[pro-trader]

Hello,
I hope Bitstamp.net is not a fraud and only ridiculous unprofessional and run by a bunch of pubescent teenagers!
I´m a Newbie but I thought I should share my recent experience with this “company”.

Before I start sharing my experience, some words about myself:
I make my living on investment and trading (mostly on Forex and stock market) since many years, and in general when I trade I do handle amounts with 5 digit sizes upwards. I bought my first Bitcoins (Ha –I was really lucky, yes in deed) a few years ago and am a fan of it since then – despite I never really traded them like I trade stocks or currencies.

OK – now, a few months ago, I opened up an account at Bitstamp as Mt.Gox is way too slow in handling cash payments and the German Bitcoin.de has much too little volume for my taste. I got a verified account  (whatever this means with Bitstamp), after providing them with a set of documents about myself.

After some time I gave it a test, sent some of my BTC to their account and sold it (amount approx 20.000 USD or so). Sent the cash I got to my bank account. Well – it worked!

So after some time I decided to buy a bit more Bitcoins – and sent 60.000 USD (from the same bank I had transferred the 20k USD before) to Bitstamp´s bank, in order to fund my account there.
And then – a hopefully just funky story started!

Bitstamp contacted me that they have a problem with my money, they had to freeze it because my amount is so big and they first must start their KYC (know your customer) procedure.
I fully understand AML and KYC procedures, its getting really a complicated thing and I have to deal with it all the time I open up a new account. But its never a real problem. I am fully aware of the requirements and capable to proof everything is legal etc.

Not so, however, with Bitstamp.

They insist to know all(!!) my bank accounts  - and believe me, as a professional trader I have quite a few. They want to see any(!!!) financial documentation etc etc. And keep in mind that I sent my 60.000 USD AFTER Bitstamp confirmed me, that my account is fully verified already.

I refused to send them all this far-going information, but sent them and explanation and 2 letters from that bank where I sent my money from (I work with that bank since 15 years which the bank confirmed as well, its one of the leading and most reputable banks in Europe). However this confirmation was from last year – and these teenager @ Bitstamp replied that they cannot un-freeze my money yet because they need a brand-new "Certificate of Good Standing" form myself (I´m a private person!), they need also this and that etc.

I recalled the payment (which costs me a few hundred USD in fees) – but the Slovenian bank refuses to send me back my money because Bitstamp has blocked it. My money is not visiable/credited to my account either.

So – be aware! Maybe, with some luck, Bitstamp is really not a fraud and just unprofessional, so I will see my money some day. But maybe not?
I´ll wait a few more days, then I´ll likley have to give it to my lawyer.