CEX - Hack in Progress!

[OleOle]

I'm probably not the only one who has a CEX account which is being attempted to be hacked right now

I've spoken with CEX Support who state that as I've 2-factor authorisation, I should be okay but as I didn't see any mention of this hack in progress here on the forum, I wanted to let people know.

Check your email, you may see multiple "Failed Authorisations" from CEX as the hacker repeatedly attempts to brute-force your password.

I was still able to log in with my correct credentials and through there, contacted support. They are aware of it.

Hopefully all your accounts are safe.

 








Please note: topic self-moderated to keep the CEX haters away.

[1715662018]

1715662018

[OleOle]

Attack seems to have stopped... at least, the "Failed Authorisation" emails have stopped.

[CurbsideProphet]

Attack seems to have stopped... at least, the "Failed Authorisation" emails have stopped.

Probably moved on to easier targets.  Good for you for using 2FA.

[huryde]

Yeah, they finally stopped trying on mine also. Went on for about an hour. I honestly don't have any balance there anyway. It was super annoying seeing over 700 attempts but rewarding at the same time knowing my pw was strong enough.

[franky1]

and how would they get your usernames to even try it...

think long and hard about the possibiities

[OleOle]

and how would they get your usernames to even try it...

think long and hard about the possibiities

It doesn't take a genius to get a username

[DeathProxy]

They should understand by now bruteforcing online is not the best to do it. If they got the database and bruteforcing offline now that could be another story.

[S4VV4S]

and how would they get your usernames to even try it...

think long and hard about the possibiities

It's in his sig 

[clownius]

Wow 700 attempts you think a professional site would have some anti-brtue force timeouts in place.  Heck most forums and torrent sites lock down attempts to bruteforce very quickly. 

Three times and either the account locks for x time or the IP does is fairly basic protection but it bloody works.

[huryde]

I sent support a message mid hack as the failed attempts were coming in. best they said to do was change my email and password. all attempts were different ip address so the probably had control of a botnet. That kind of makes sense but my password held up so maybe i shouldn't change it.

anyway there is no way to change my username, thats part one of what they need to hack in.

cex should be using a unique id instead of user names in their referral links imo.

[clownius]

Could be anon-proxies too.  I have about a thousand of them banned on one server i run for just this reason.  Constantly used for bruteforce attempts.

Thats where an account timeout helps. Continued failures and the account gets locked an hour.

A good bruteforce is going to require tens of thousands of attempts unless the user is very stupid (and used a password like passw0rd).  Its rare anyone has that many proxies to burn but even if they do lock the account for 10mins to an hour after every x failures and the chance of a bruteforce working are close to zero.

Edit:  I wont mention what i think of your suggestion of security by obscurity.  Its something but if you wish to pin your hopes on it god help you.

[S4VV4S]

I sent support a message mid hack as the failed attempts were coming in. best they said to do was change my email and password. all attempts were different ip address so the probably had control of a botnet. That kind of makes sense but my password held up so maybe i shouldn't change it.

anyway there is no way to change my username, thats part one of what they need to hack in.

cex should be using a unique id instead of user names in their referral links imo.

They were using Tor

[joesmoe2012]

password resets no longer allowed on cex either.

[OleOle]

Probably about time we changed the name from 'Bitcoin' to 'Hackcoin'.

Hardly a day goes by without some sort of hacking incident