Just had account hacked. Please help :S.

[enter`name`here]

Hello fellow bitcoiners I have recently had my account at an exchange compromised and am out to the tune of tens of thousands. Harsh day to be sure. I realize there is little hope of ever seeing that money again but I would like to investigate this as far as I can. I have the bitcoin address the funds have moved to as well as several IP addresses that were used to carry out the attack. If anyone thinks they can help please message me.

I have changed relevant account information and contacted the exchange. Any suggestions of next steps would be appreciated.

[1713271503]

1713271503

[mk4]

Unfortunately, there's little to nothing you can do. You can see where the funds end up, but you can't really know who the hacker is unless the hacker sends it to an exchange, and the exchange is willing to help you seize the funds, which might be very unlikely especially if it isn't a good number of bitcoins.

I think the only thing you can do right now is to learn from your mistakes, and make it completely sure that it won't happen again in the future. You shouldn't be leaving your funds on exchanges in the first place(unless you're actively trading). Hopefully you didn't lose a life-changing amount.

[enter`name`here]

This was essentially my alt coin portfolio. Was too lazy to make cold storage for all the separate coins. Paid for that laziness dearly. Value was in the 5 figure range. Not a life changing amount I would say, but given another bull run it could have been... I thought I was soo smart DCA'ing into everything as it crashed..... I am very patient and was well positioned for the next run I believe

[bL4nkcode]

Would you tell/share us more about what really happen?

What exchange you are using? What security measure you are using? such 2fa enabled, sms auth and etc. Do you get any login information on this hacker when he/she logged to your account?

So far and unfortunately, no one can help you here with this issue.

[sunsilk]

Sorry about that but everyone above is correct. No one can help you here but the exchange that you use. Contact them by any means and tell the story about the hacking incident. But if its your negligence, I doubt it that they will even compensate your loss.

But if they found the fault on their end, they might give you a refund. As you mentioned above several IP addresses, the close question your exchange might ask you is if you ever logged in into public wifi's or filled up some unusual form/sheets.

[spadormie]

I believe that you can't do anything with that problem. The best thing to do right now is to contact the exchange you traded. I think that you can recover your account using their support. But, not your funds especially when the hacker moved your funds into their wallet.

[bitbunnny]

I believe that you can't do anything with that problem. The best thing to do right now is to contact the exchange you traded. I think that you can recover your account using their support. But, not your funds especially when the hacker moved your funds into their wallet.

Well, I would say that here we are talking about split responsibility. The user is responsible for protection of the account by keeping safe your credentials and to protect your computer or mobile phone from malware. But exchanger is responsible for security of the whole platforme. Hacker will not return your money but if you can prove that hacker didn't get the access to your account because of your security mistakes then exchange should make the refund and recover account. You can try, it's just a little bit of extra effort.

[enter`name`here]

Did not have 2FA, Fucked up . Attacker gained access to email and reset my exchange password. Pretty sure that makes me screwed.

[Bitinity]

I believe that you can't do anything with that problem. The best thing to do right now is to contact the exchange you traded. I think that you can recover your account using their support. But, not your funds especially when the hacker moved your funds into their wallet.

Well, I would say that here we are talking about split responsibility. The user is responsible for protection of the account by keeping safe your credentials and to protect your computer or mobile phone from malware. But exchanger is responsible for security of the whole platforme. Hacker will not return your money but if you can prove that hacker didn't get the access to your account because of your security mistakes then exchange should make the refund and recover account. You can try, it's just a little bit of extra effort.

The chance to get a refund from an exchange account which is hacked is close to Zero imho. At least an exchange has their own terms about such issue, so it should be checked first about the term of the exchange.
To be honest, for me the story is not really clear on how the hack happened. I think OP should give us more details. In which exchange, how he noticed it, how about his account security (2fa or not) and other important things.

Did not have 2FA, Fucked up . Attacker gained access to email and reset my exchange password. Pretty sure that makes me screwed.

Sorry for your lost but it is a lesson learned although a bit expensive lesson. This is why there is always recommendation for crypto lovers/traders to not storing assets in exchanges. Even if you have to do it then you have to make sure the best security for your account.

[Kemarit]

Hello fellow bitcoiners I have recently had my account at an exchange compromised and am out to the tune of tens of thousands. Harsh day to be sure. I realize there is little hope of ever seeing that money again but I would like to investigate this as far as I can. I have the bitcoin address the funds have moved to as well as several IP addresses that were used to carry out the attack. If anyone thinks they can help please message me.

I'm sorry to hear about your loss. You see, addresses doesn't have a name attached to it so it's unlikely that you can recover your funds as transactions are irreversible. As others have pointed out, this is a hard and expensive lessons to learn.

I have changed relevant account information and contacted the exchange. Any suggestions of next steps would be appreciated.

Try to scan your machine of any malware, enable 2FA if possible in your accounts in the future. Don't put all your money in an exchange, just like what happen to you or in cases a exchange get's hack your funds will be all gone as well.

[ryap12]

I am sorry for your lost. Can you please share the name of the exchange where you got hacked? Because from what I know, most exchanges now requires 2FA before you can withdraw plus some codes sent to your email or phone number. If you just got hacked today, try to remember what you have done on your device, how you got compromised, perhaps installing a new software which you have not been evaluated?

You can also post the IP address here so some people can try helping you. Nobody wants to help if we have to approach you and ask you what really happened. Be informative on set so you get more attention from people willing to help.

[enter`name`here]

The exchange was Kraken, which is in the process of requiring 2fa but not there yet. I got pwned just in time. I noticed about an hour after the attack that my funds were gone. there were notification emails sent by the exchange but for some reason the push notifications for my email have not been working and I did not notice them... The attacker attempted to delete the emails from the exchange but they are in my 'deleted folder'

I am wary of posting details such as the bitcoin address and IP address in case I tip off the guy that I'm following this and what I know... What do you guys think in this case?

[mk4]

This was essentially my alt coin portfolio. Was too lazy to make cold storage for all the separate coins. Paid for that laziness dearly. Value was in the 5 figure range. Not a life changing amount I would say, but given another bull run it could have been... I thought I was soo smart DCA'ing into everything as it crashed..... I am very patient and was well positioned for the next run I believe

Did not have 2FA, Fucked up . Attacker gained access to email and reset my exchange password. Pretty sure that makes me screwed.

Lesson learned. Unfortunately, some people really need to learn the hard way, and today was your time to do so. Don't be so careless and lazy next time, especially when talking about significant amounts of money.

The exchange was Kraken, which is in the process of requiring 2fa but not there yet. I got pwned just in time. I noticed about an hour after the attack that my funds were gone. there were notification emails sent by the exchange but for some reason the push notifications for my email have not been working and I did not notice them... The attacker attempted to delete the emails from the exchange but they are in my 'deleted folder'

Regardless if an exchange has 2fa or not, leaving funds on an exchange is still a very irresponsible thing to do.

I am wary of posting details such as the bitcoin address and IP address in case I tip off the guy that I'm following this and what I know... What do you guys think in this case?

This won't do that much unfortunately. Hacker might have been using a proxy/vpn in the first place.

[enter`name`here]

Yes I have cold storage as well, thankfully. I WAS using these funds to trade with.

[enter`name`here]

Since it likely doesn't matter anyway here is the bitcoin address the funds were moved to.

32cDFtEeUsCX9eYPWh56PoX26L47ySz8SH

Looks like the funds are on the move. Along with what is likely other ill begotten gains.

The IP addresses that were used are:
100.43.112.216 - which appears to be in south korea
104.158.11.46 - which appears to be in ontario, canada.

If the attacker is reading this:

Well played sir. I respect your skills even if I despise your ethics. I hope the money you earn is worth the corruption of your character.

[mk4]

Yes I have cold storage as well, thankfully. I WAS using these funds to trade with.

Oh. So you have a cold storage wallet then.

So the funds you lost are only your trading funds? Hopefully not that much of a percentage over your total crypto holdings. I guess what you need to learn is how to secure your exchange accounts then.

1. Use a secure password. Preferably, 40 characters with symbols and everything (e.g. zbo^nxvVQNRVSRME4vB38mkaiG5GIYJt&z7mzUFn). To make your passwords easier to organize, use a password manager such as KeePass2[1].
2. 2 Factor Authentication. NOW.
3. As much as possible, have a separate email account for your exchanges.

[1] https://keepass.info/download.html

*snip*

You're going to waste your time tracking your funds mate. Forget it. I know it's hard, but the best thing you can really do is to move on and learn from it. Don't make this loss slow you down from accumulating.

[eternalgloom]

The absolute first thing you need to do is go file a police report.
The chance that you will see your coins back is low, but if they ever do manage to find a criminal network that's tied to the theft of your coins, you might be able to see some of them back.

I mean, part of Bitfinex stolen coins also were recovered.
https://cointelegraph.com/news/bitfinexs-stolen-funds-partially-recovered-and-returned-by-us-law-enforcement

[ballerin and giroud]

Can you say specifically the amount money that has been hacked? You will know it with through/track with IP address but you forget with some coin out there who has high privacy such as monero or bitcoin mixing that make you confused to track it. I haven't saw any person who has experienced conceded in his wallet and try to track the transaction till got his money back. Most of them just willing the money gine and fix any mistakes he made.

[carlfebz2]

Once hacked then this is the hardest part on how you would track or retrieve those funds back to you.We know that crypto transactions are irreversible and even
the exchange on where your account is compromised cant even help to get those coins back to you.This is why next time we do set 2fa or tight security on our exchange accounts specially
it do have ten of thousands of funds on it.

[hatshepsut93]

Hello fellow bitcoiners I have recently had my account at an exchange compromised and am out to the tune of tens of thousands. Harsh day to be sure. I realize there is little hope of ever seeing that money again but I would like to investigate this as far as I can. I have the bitcoin address the funds have moved to as well as several IP addresses that were used to carry out the attack. If anyone thinks they can help please message me.

I have changed relevant account information and contacted the exchange. Any suggestions of next steps would be appreciated.

You probably won't get your money back, though you still should try, but what you can do is make a detailed report about what lead to your misfortune so others can learn from your mistake. Do you have any idea how exactly hacker stole your funds? Was your password weak, did they reset the password by taking over your email, did you reuse your password on other sites, do you have any malware on your machine, did you click on a phishing version of the site?