BITTREX ACCOUNT GOT HACKED NOTHING CAN BE DONE NOW

[alexis12111]

BITTREX ACCOUNT GOT HACKED NEED HELP

So Guys recently ,I posted a thread in which i said my account got hacked and all the bitcoins were transferred by hacker to Different Address . So i already created a ticket there and they have finally replied me today
and i am posting here what they have said in their statements

Dianna (Bittrex Support)

Apr 15, 15:20 PDT

Hi,

Thank you for your inquiry.

Actions performed in the reported unauthorized access to your account required access to your email. Please make sure to secure your email account.

Please know that we take each of these reports seriously, and that we have investigated potential causes of your loss of funds. Based on information you provided and other information that we have gathered, it is clear that your login credentials (username/password combination) were lost outside of the Bittrex environment. In other words, someone stole your credentials and logged in masquerading as you. It is most likely that you (a) visited a phishing site that is designed to look and behave like Bittrex’s site (see the example below), (b) that someone has compromised your email and/or wireless mobile device account, or (c) that you used the same username/password combination for another site or service that was compromised. In each of these scenarios, the people who logged into your Bittrex account and moved your funds had already obtained your valid login credentials before they visited the Bittrex site. This is one of the hardest forms of account compromise to combat because there is no way for Bittrex to identify unauthorized parties when they are using your valid credentials.

We have observed that sometimes this type of compromise happens when a user accidentally downloads a malicious application to their phone or mobile device. As mentioned above, we have also observed several examples of phishing sites appearing on Google and other search results for “Bittrex.” Here is an example that shows the fake Bittrex sites along with the real sites.



When users click on links to these sites, they are tricked into providing their login credentials, which the phishing site owners immediately use to log into Bittrex and to conduct trades or withdrawals that move funds out of your account. These are sophisticated attacks that are very difficult, if not impossible, to reliably detect or stop in real-time. The only reliable way to prevent this from happening is to vigilantly secure your login credentials and to change them often.

While we are sorry that your funds were lost, it is ultimately your responsibility to maintain the security of your login credentials. There really is no way to recover your funds at this time. If you have not already done so, we strongly encourage you to do the following:

Always browse directly to https://www.bittrex.com instead of searching for it.
Review your recent browsing history to identify whether you unintentionally visited and surrendered your credentials to any phishing site.
Scan your computer and mobile devices for malicious software.
Change all of your passwords, and take steps to secure your other online accounts.
Change your Bittrex password to a unique and complex password that is not used anywhere else.
Check with your wireless provider to make sure that you have set your wireless account to require a unique PIN in order to make modifications to authorized users of your service.
Enable two-factor authentication on your Bittrex account, and if it was already enabled, disable and re-enable it.
Report the event to your local law enforcement and encourage them to contact us if they need additional information about the incident.

If you have disabled your account, please reply here once you have changed your password and secured your account with two-factor authentication.

If you would like to view your account logon history to conduct research about what happened at the time of compromise, you can view it by clicking “Settings->Summary.” Below you will find a copy of the relevant logs.

Activity   Ip   UserAgent   TimeStamp
ENABLE_2FA   37.221.112.106   Mozilla/5.0 (X11; Linux x86_64; rv:56.0) Gecko/20100101 Firefox/56.0   2019-03-17 20:19:22Z
PENDING_2FA   37.221.112.106   Mozilla/5.0 (X11; Linux x86_64; rv:56.0) Gecko/20100101 Firefox/56.0   2019-03-17 20:19:04Z
VERIFY_WITHDRAWAL_SUCCESS   37.221.112.106   Mozilla/5.0 (X11; Linux x86_64; rv:56.0) Gecko/20100101 Firefox/56.0   2019-03-17 20:18:28Z
WITHDRAWAL_EMAIL_SENT   37.221.112.106   Mozilla/5.0 (X11; Linux x86_64; rv:56.0) Gecko/20100101 Firefox/56.0   2019-03-17 20:18:19Z
LOGIN   37.221.112.109   Mozilla/5.0 (X11; Linux x86_64; rv:56.0) Gecko/20100101 Firefox/56.0   2019-03-17 20:17:31Z
VERIFY_NEW_IP   37.221.112.109   Mozilla/5.0 (X11; Linux x86_64; rv:56.0) Gecko/20100101 Firefox/56.0   2019-03-17 20:17:16Z
VERIFY_NEW_IP   37.221.112.106   Mozilla/5.0 (X11; Linux x86_64; rv:56.0) Gecko/20100101 Firefox/56.0   2019-03-17 20:17:15Z
UNKNOWN_IP_LOGIN   37.221.112.109   Mozilla/5.0 (X11; Linux x86_64; rv:56.0) Gecko/20100101 Firefox/56.0   2019-03-17 20:17:04Z
LOGIN   37.221.112.106   Mozilla/5.0 (X11; Linux x86_64; rv:56.0) Gecko/20100101 Firefox/56.0   2019-03-17 20:16:55Z
VERIFY_NEW_IP   37.221.112.106   Mozilla/5.0 (X11; Linux x86_64; rv:56.0) Gecko/20100101 Firefox/56.0   2019-03-17 20:16:46Z
VERIFY_NEW_IP   37.221.112.110   Mozilla/5.0 (X11; Linux x86_64; rv:56.0) Gecko/20100101 Firefox/56.0   2019-03-17 20:16:45Z
UNKNOWN_IP_LOGIN   37.221.112.106   Mozilla/5.0 (X11; Linux x86_64; rv:56.0) Gecko/20100101 Firefox/56.0   2019-03-17 20:16:32Z

Again, we are very sorry that this happened to your account. If you have any further questions, please do not hesitate to contact us again.

Best Regards,

Dianna @ Bittrex


So , They have washed their Hands on the situation and declined to help me what's Left is Regret
I dont know how the hacker got access to my account though i always try to be secure but now who knows whats wrong that time

Requested
If anyone Interested in least helping me please Donate a small amount of bitcoin to me that would not loss you but could be a life saver for me

Thank you For Reading

DONATION - 1B7vmxMoUk4qAQZKn17NMnFEoNY18n7KQs

[BayAreaCoins]

[gabmen]

Sadly, things like this happen. You just don't have to be careful with your exchange account but all other linked accounts as well like your email. Unfortunately if that's how bittrex replied then there may not be much hope to retrieve your coins. I don't also have that much to spare for donations so sorry and goodluck.

[Ailmand]

Have you ever thought of possible ways how your credentials might have been stolen? That is why we mudt alwayd be cautious of what we do. Before I do not care about the links I click, or information I fill-out, I sometimes even use the same credentials when creating an account anywhere. That is why I learned how to be cautious to protect my self from such attacks. Just learn your lesson and move on.

[alisafidel58]

So , They have washed their Hands on the situation and declined to help me what's Left is Regret
I dont know how the hacker got access to my account though i always try to be secure but now who knows whats wrong that time

The support said might be true that your account was compromised from other site or you did use the same username and password to other sites as well. I think they are not washing their hands over your account. Think back carefully on the sites that you use which has the same username and password or your email might be compromised too.

Requested
If anyone Interested in least helping me please Donate a small amount of bitcoin to me that would not loss you but could be a life saver for me

Thank you For Reading

DONATION - 1B7vmxMoUk4qAQZKn17NMnFEoNY18n7KQs

Sorry but I think no one will donate to you here, it is your fault that your account was hacked for being sloppy.

[alexis12111]

Sadly, things like this happen. You just don't have to be careful with your exchange account but all other linked accounts as well like your email. Unfortunately if that's how bittrex replied then there may not be much hope to retrieve your coins. I don't also have that much to spare for donations so sorry and goodluck.

yeah i should have been more careful  there thanks

[traderethereum]

Make this as the important lesson for you, and now, the best thing that you can do is securing your account and activate 2FA to protect your account. Don't click any suspicious links from the internet or if you want to know about that links, you can use another browser and activate the VPN. Sorry to hear that, I hope that you will not get this bad experience.

[vv181]

~
If anyone Interested in least helping me please Donate a small amount of bitcoin to me that would not loss you but could be a life saver for me

Thank you For Reading

DONATION - 1B7vmxMoUk4qAQZKn17NMnFEoNY18n7KQs

You shouldn't be asked a donation to recover the losses amount instead you should take an experienced on it since its priceless. Somehow you kind of deserved it, not to mention bad UI/UX the cryptocurrencies itself, but you should take an extra effort to educate basic security and how to safely secure cryptocurrencies.

[jhenfelipe]

When did the hack happened? The relevant logs provided by the support were from the same Date/IP/browser.

Also, just because they can't give you back your funds, doesn't mean that they declined to help you. If they did, they wouldn't have explained all that and just ignore your email. The thing is they really can't do anything about it, transactions are irreversible, remember? Consider doing their suggestions too.

[mrdeposit]

IMO having the second type of backup for such cases will be nice in order to stop these activities by different hacker groups. Did their support team ask about the 2FA or which application do you constantly use(Google Authenticator or Authy)?

[crairezx20]

Did you try to check your email if you receive something like there is new IP accessing your Gmail account?
Because to my email, every time I log in with different IP Gmail notify me with new IP so if you receive it with different ip which is not nearly difference in your IP they have access to your Gmail or email account.

Always use 2fa to all exchanges to make sure your account is safe. Never experience the same as this before and until now except for scam cloud mining sites and investment sites before.

What I noticed from the IP logs it looks like there is no other IP login to your account almost all IP is from your ISP generated. Maybe someone remotely uses your PC or laptop without you knowing.

[Nadziratel]

It is so sad but I think you catched by a phishing mail. And it is sad but it is so hard to get back your account or assets. I hope you will find a way but it won't be easy.

[fast2fix]

well keeping account safe is bit tedious but worth it, one should always enable all the security features offered by bittrex or any other site. sorry for your loss, nothing can be done once transaction is on the blockchain. i hope it's wasn't much and wish you could make it back.

[illusioNiZt]

I could guess what their reply would be after I read 'BTC were transferred from your acc' in the 2nd line, I hope you cover loses back-up soon and reset your account passwords turn on security settings, just to be safe and secure your account be careful next time mate.

[izanagi narukami]

Welcome to the digital era where everything need to be more careful because hacker getting smarter from time to time.

Personally I active email notification and 2FA so I can strengthen my security against hacker's attempt.
Maybe it's not heppen now but 5 or 10 years later !

[Viscore]

That's why it's necessary to be careful with our only account.
All my accounts are secured by 2FA so it will not be access by anyone although my password will be hack.
If an account is hack, it's hard to recover it especially the funds, so we should just learn from our mistake and move on.

[D3m1r4wanti]

You have become a victim, you can consult with Bittrex, with this incident. because there is nothing we can do to help you with this incident, learn from your experience while maintaining the security of your account as best you can with a dual security application support.

[klaaas]

Sorry to read about your losses. 2fa should have saved you here but reading the logs from the bottom up it was enabled after it was redrawn.

[alexis12111]

Did you try to check your email if you receive something like there is new IP accessing your Gmail account?
Because to my email, every time I log in with different IP Gmail notify me with new IP so if you receive it with different ip which is not nearly difference in your IP they have access to your Gmail or email account.

Always use 2fa to all exchanges to make sure your account is safe. Never experience the same as this before and until now except for scam cloud mining sites and investment sites before.

What I noticed from the IP logs it looks like there is no other IP login to your account almost all IP is from your ISP generated. Maybe someone remotely uses your PC or laptop without you knowing.

yes i checked everything in email to make sure that someone logged into it but didn't find any such information regarding some one using my email i searched emails regarding that but no help no emails are there
also no bro someone is not using it i tell you why because in the bittrex statements my logins are flagged as using windows and ip were different but the day my coins were transferred the ip was different and its clearly showing that the session was logged in through linux os

[alexis12111]

Sorry to read about your losses. 2fa should have saved you here but reading the logs from the bottom up it was enabled after it was redrawn.

Yes Mate the hacker activated it using his authenticator which kept me from logging in into my account after he hacked it and because of it i have waited 3-4 days for bittrex to remove the 2fa and saw all my funds are gone
that was a shock bro