cryptochat2017 (OP)
Newbie
Offline
Activity: 13
Merit: 0
|
|
July 31, 2019, 08:39:10 PM Last edit: August 02, 2019, 10:52:27 AM by cryptochat2017 |
|
Hi all,
With GAuth 2FA, good password and the email only used for crypto, I've lost more than 20 thousands euro on Kraken some days ago when someone did some illegal trades on my account: on a certain day a series of buys and sells NOT DONE BY ME has caused me to lose more than 20k Euro.
Upon noticing this, I've changed the password of Kraken and email, disabled all API keys, and I contacted Kraken.
I am not happy with the way Kraken handles this issue:
- Kraken requested me to do all kinds of security strenthening: malware scanning, password changing, uploading of my photo's holding some one-time-password, deleting all API keys once more, ...
- I have asked Kraken more than 3 times how I was hacked, and if they have done anything to avoid the attacker from withdrawing the profit this attacker has gained upon illegally trading on my account. Kraken has never answered. Instead they kept asking me to strengthen my account's security.
It has been 5 days now, and I am still banging my head against the wall, still unable to login to Kraken, and is still answering Kraken without any hope to understand why I was hacked.
Who has the same experience with Kraken ?
|
|
|
|
examplens
Legendary
Offline
Activity: 3458
Merit: 3496
Crypto Swap Exchange
|
|
July 31, 2019, 10:19:04 PM |
|
Do you use any third part service which uses your API from Kraken? you probably need to look for the culprit from there. Using API from exchange on unreliable trading bot can result in trading on some overpriced shitcoin, all you said that happened looks like such a scenario to me.
|
|
|
|
cryptochat2017 (OP)
Newbie
Offline
Activity: 13
Merit: 0
|
|
July 31, 2019, 11:18:28 PM |
|
Do you use any third part service which uses your API from Kraken? you probably need to look for the culprit from there. Using API from exchange on unreliable trading bot can result in trading on some overpriced shitcoin, all you said that happened looks like such a scenario to me.
Thanks, since months I don't use any trading bot at all. And all these stupid trades were done in 1 day, which reduced my fund to be 15% of before. And until now I cannot login yet to Kraken to check. And Kraken has not answered me what has happened
|
|
|
|
bitmover
Legendary
Offline
Activity: 2478
Merit: 6316
bitcoindata.science
|
|
July 31, 2019, 11:32:28 PM |
|
I used kraken a lot in 2017,, but never logged in again. Never had any problems with them.
And all cryptocurrency exchanges have terrible customer support.. you are probably talking to a bot.
Your history is odd. Why didn't this guy withdrawal the funds instead of doing those crazy trades?
Did you check where the illegal login came from? You can check tbhat in your account, or ask them for login history. Could it be a family member or something like that? It's sad, but nobody should ever leave funds on exchanges, unless if you are actually trading a lot.
|
|
|
|
BitMaxz
Legendary
Offline
Activity: 3430
Merit: 3165
Playbet.io - Crypto Casino and Sportsbook
|
|
August 01, 2019, 12:24:34 AM |
|
Do you use any third part service which uses your API from Kraken? you probably need to look for the culprit from there. Using API from exchange on unreliable trading bot can result in trading on some overpriced shitcoin, all you said that happened looks like such a scenario to me.
Thanks, since months I don't use any trading bot at all. And all these stupid trades were done in 1 day, which reduced my fund to be 15% of before. And until now I cannot login yet to Kraken to check. And Kraken has not answered me what has happened If you didn't use the API to any 3rd party software it's impossible that someone can access your Kraken with 2fa and a good password. Unless if someone use your laptop where your 2fa software installed. Did you login your Kraken account to other devices? Maybe you forgot to logout your Kraken account there and someone use the device and trades your balance accidentally? Do some check first and maybe someone used your Kraken account maybe your child or your wife or a friend.
|
|
|
|
Kraken-Chase
Jr. Member
Offline
Activity: 59
Merit: 2
|
|
August 01, 2019, 01:05:35 AM Last edit: August 01, 2019, 01:24:19 AM by Kraken-Chase |
|
cryptochat2017,
Chase from Kraken support here. I'm very sorry to hear that your account was compromised. Security is our top priority and this is the last thing we'd ever want to hear from any of our clients. When or if an account is compromised, a number of security measures are immediately asked - as it’s essential to ensure any potentially affected e-mail accounts and/or devices are safe and secure.
When available, could you please provide us with your ticket number? You currently aren't and haven't been speaking with a bot, as an account security specialist would have responded and assisted you with your individual case.
|
|
|
|
Serpens66
Legendary
Offline
Activity: 2954
Merit: 1131
|
|
August 01, 2019, 05:41:56 AM |
|
Upon noticing this, I've changed the password of Kraken and email, deleted all API keys, and I contacted Kraken.
Thanks, since months I don't use any trading bot at all.
there you have it. Not the account was hacked (otherwise they would just withdraw everything), but they got your API Key. So ask yourself who had access to those API Keys.
|
Mit Cointracking (10% Rabatt) behältst du die Übersicht über all deine Trades und Gewinne. Sogar ein Tool für die Steuer ist dabei Great Freeware Game: Clonk Rage binance.com hat nun auch SEPA und EUR Paare! Mit dem RefLink bekommst du 5% Rabatt auf die Tradinggebühren!
|
|
|
joniboini
Legendary
Offline
Activity: 2366
Merit: 1805
|
|
August 01, 2019, 06:24:56 AM |
|
I still don't get why you can't access your Kraken account now. From my understanding, you changed the password, deleted all API keys, and so on. Did you forgot the password somehow or did your account suddenly got locked?
There is a high chance you were 'robbed' by using your API key, which could happen to any exchanges that support API if the user is not careful enough.
|
| CHIPS.GG | | | ▄▄███████▄▄ ▄████▀▀▀▀▀▀▀████▄ ▄███▀░▄░▀▀▀▀▀░▄░▀███▄ ▄███░▄▀░░░░░░░░░▀▄░███▄ ▄███░▄░░░▄█████▄░░░▄░███▄ ███░▄▀░░░███████░░░▀▄░███ ███░█░░░▀▀▀▀▀░░░▀░░░█░███ ███░▀▄░▄▀░▄██▄▄░▀▄░▄▀░███ ▀███░▀░▀▄██▀░▀██▄▀░▀░███▀ ▀███░▀▄░░░░░░░░░▄▀░███▀ ▀███▄░▀░▄▄▄▄▄░▀░▄███▀ ▀████▄▄▄▄▄▄▄████▀ █████████████████████████ | | ▄▄███████▄▄ ▄███████████████▄ ▄█▀▀▀▄█████████▄▀▀▀█▄ ▄██████▀▄█▄▄▄█▄▀██████▄ ▄████████▄█████▄████████▄ ████████▄███████▄████████ ███████▄█████████▄███████ ███▄▄▀▀█▀▀█████▀▀█▀▀▄▄███ ▀█████████▀▀██▀█████████▀ ▀█████████████████████▀ ▀███████████████████▀ ▀████▄▄███▄▄████▀ ████████████████████████ | | 3000+ UNIQUE GAMES | | | 12+ CURRENCIES ACCEPTED | | | VIP REWARD PROGRAM | | ◥ | Play Now |
|
|
|
LeGaulois
Copper Member
Legendary
Offline
Activity: 2940
Merit: 4101
Top Crypto Casino
|
|
August 01, 2019, 09:36:44 AM |
|
I suspected the API too but he mentioned not using it for a while, so. (unless the keys were altered long ago and used only now? anyway, the person couldn't transfer out anything since you need email verification for any address you add) ...
Kraken support is handled by real people. In every communication, I've got a developed discussion and not a canned speech copy-pasted. Most support tickets can be resolved the same day, but when it's about IT security it takes time to do a proper investigation to check if even it's an IT issue... Maybe you forgot to logout your Kraken account there and someone use the device and trades your balance accidentally?
Users are automatically logged out after X minutes inactive.
|
|
|
|
cryptochat2017 (OP)
Newbie
Offline
Activity: 13
Merit: 0
|
|
August 02, 2019, 10:54:15 AM |
|
cryptochat2017,
Chase from Kraken support here. I'm very sorry to hear that your account was compromised. Security is our top priority and this is the last thing we'd ever want to hear from any of our clients. When or if an account is compromised, a number of security measures are immediately asked - as it’s essential to ensure any potentially affected e-mail accounts and/or devices are safe and secure.
When available, could you please provide us with your ticket number? You currently aren't and haven't been speaking with a bot, as an account security specialist would have responded and assisted you with your individual case.
Hi Kraken Chase, shall I post ticket number here ? Or private message ?
|
|
|
|
Kraken-Chase
Jr. Member
Offline
Activity: 59
Merit: 2
|
|
August 02, 2019, 02:35:20 PM |
|
Hi Kraken Chase, shall I post ticket number here ? Or private message ?
cryptochat2017, Please feel free to PM me your ticket number.
|
|
|
|
cryptochat2017 (OP)
Newbie
Offline
Activity: 13
Merit: 0
|
|
August 05, 2019, 12:04:27 PM |
|
Hi, Would you help me differently from the bad service emails I have from Kraken ?
|
|
|
|
Kraken-Chase
Jr. Member
Offline
Activity: 59
Merit: 2
|
|
August 05, 2019, 02:18:43 PM |
|
Hi, Would you help me differently from the bad service emails I have from Kraken ?
cryptochat2017, Once you provide us your ticket number, we can help escalate your ticket if your case is still outstanding. Unfortunately it's difficult to predict what could have happened specifically to your account without any details of your account and/or activity - however the support team is here to help its users, and to ensure the correct security measures are in place ASAP to prevent any further damage and unfortunate situations like this from happening again. Once you're available, please provide us with your ticket number and we can further help and work with you in regards to your case.
|
|
|
|
cryptochat2017 (OP)
Newbie
Offline
Activity: 13
Merit: 0
|
|
August 06, 2019, 02:59:44 PM |
|
So this is what I receive from Kraken,
I am an user to them, yet when I am hacked they don't help me to know how the hack was done. Terrible
"We have conducted an internal investigation and unfortunately we cannot assist you in recovering these funds as cryptocurrency transactions are designed to be irreversible. For Compliance reasons, any details related to our investigation can only be provided to verified law enforcement. This also includes the release of other sensitive information, such as IP addresses or cryptocurrency addresses.
We would advise you to file a police report and ask the law enforcement official responsible for this investigation to contact us by submitting our Compliance and Legal web form.
Unfortunately we will not be able to provide any further information about this case until we are contacted by a verified law enforcement official."
|
|
|
|
ene1980
|
|
August 06, 2019, 04:44:09 PM |
|
So this is what I receive from Kraken, I am an user to them, yet when I am hacked they don't help me to know how the hack was done. Terrible
I am surprised to see that an individual account is hacked even with 2 FA enabled and what is intriguing here in your case is that there is no other complaint about any other hacks, it is a really unfortunate situation and it looks like a targeted attack by someone you know, phishing and stealing your session cookie is the only way anyone could bypass the 2 FA restriction.
|
|
|
|
countryfree
Legendary
Offline
Activity: 3066
Merit: 1047
Your country may be your worst enemy
|
|
August 06, 2019, 09:08:47 PM |
|
So this is what I receive from Kraken,
I am an user to them, yet when I am hacked they don't help me to know how the hack was done. Terrible
"We have conducted an internal investigation and unfortunately we cannot assist you in recovering these funds as cryptocurrency transactions are designed to be irreversible. For Compliance reasons, any details related to our investigation can only be provided to verified law enforcement. This also includes the release of other sensitive information, such as IP addresses or cryptocurrency addresses.
We would advise you to file a police report and ask the law enforcement official responsible for this investigation to contact us by submitting our Compliance and Legal web form.
Unfortunately we will not be able to provide any further information about this case until we are contacted by a verified law enforcement official."
I'm very surprised with this answer. First, I think your title is a bit misleading. From what I understand, it is your computer who has been hacked, but I can't understand Kraken's answer. They should be able to give your complete logins and transactions history. No need to be an official. There's something really wrong here.
|
I used to be a citizen and a taxpayer. Those days are long gone.
|
|
|
cryptochat2017 (OP)
Newbie
Offline
Activity: 13
Merit: 0
|
|
August 07, 2019, 10:12:11 AM |
|
I'm very surprised with this answer. First, I think your title is a bit misleading. From what I understand, it is your computer who has been hacked, but I can't understand Kraken's answer. They should be able to give your complete logins and transactions history. No need to be an official. There's something really wrong here.
I don't know if my computer was hacked. But at least Kraken should help me to understand what has happened. Another email from them: As per our previous reply, unfortunately we will not be able to provide any further information about this case until we are contacted by a verified law enforcement official.
We would advise you to file a police report and ask the law enforcement official responsible for this investigation to contact us by submitting a Compliance and Legal web form - https://support.kraken.com/hc/en-us/requests/new?ticket_form_id=648008
|
|
|
|
cryptochat2017 (OP)
Newbie
Offline
Activity: 13
Merit: 0
|
|
August 15, 2019, 10:04:52 PM |
|
Help me please, what can I do now ?
|
|
|
|
pugman
Legendary
Offline
Activity: 2383
Merit: 1551
dogs are cute.
|
|
August 15, 2019, 11:57:37 PM |
|
Help me please, what can I do now ?
Well from the looks of it, somehow someone got access to your account, stole your funds and vanished. And kraken can't do anything about it, its crypto, its irreversible like they said. The best possible way to get your money back is to contact cyber crime and give your details that's your best shot. Ask kraken to provide the IP logs, check if your computer is compromised, take all necessary actions, change your email, password everything for all your accounts and use a totally different device if you can.
|
|
|
|
Serpens66
Legendary
Offline
Activity: 2954
Merit: 1131
|
|
August 25, 2019, 01:19:06 PM |
|
Help me please, what can I do now ?
the case was already solved, just read my comment above. The hakcers used your API key. Ask kraken suport for every logs they have about those api keys and they will proof that these were used to steal your funds. And no, you cant get back your funds.
|
Mit Cointracking (10% Rabatt) behältst du die Übersicht über all deine Trades und Gewinne. Sogar ein Tool für die Steuer ist dabei Great Freeware Game: Clonk Rage binance.com hat nun auch SEPA und EUR Paare! Mit dem RefLink bekommst du 5% Rabatt auf die Tradinggebühren!
|
|
|
|