Bitcoin Forum
November 09, 2024, 08:30:11 AM *
News: Latest Bitcoin Core release: 28.0 [Torrent]
 
   Home   Help Search Login Register More  
Pages: [1] 2 »  All
  Print  
Author Topic: KRAKEN HACKED (2 FA & good password), 20k euros lost  (Read 452 times)
cryptochat2017 (OP)
Newbie
*
Offline Offline

Activity: 13
Merit: 0


View Profile
July 31, 2019, 08:39:10 PM
Last edit: August 02, 2019, 10:52:27 AM by cryptochat2017
 #1

Hi all,

With GAuth 2FA, good password and the email only used for crypto, I've lost more than 20 thousands euro on Kraken some days ago when someone did some illegal trades on my account: on a certain day a series of buys and sells NOT DONE BY ME has caused me to lose more than 20k Euro.

Upon noticing this, I've changed the password of Kraken and email, disabled all API keys, and I contacted Kraken.

I am not happy with the way Kraken handles this issue:

-  Kraken requested me to do all kinds of security strenthening: malware scanning, password changing, uploading of my photo's holding some one-time-password, deleting all API keys once more, ...

- I have asked Kraken more than 3 times how I was hacked, and if they have done anything to avoid the attacker from withdrawing the profit this attacker has gained upon illegally trading on my account. Kraken has never answered. Instead they kept asking me to strengthen my account's security.

It has been 5 days now, and I am still banging my head against the wall, still unable to login to Kraken, and is still answering Kraken without any hope to understand why I was hacked.

Who has the same experience with Kraken ?
examplens
Legendary
*
Offline Offline

Activity: 3458
Merit: 3496


Crypto Swap Exchange


View Profile WWW
July 31, 2019, 10:19:04 PM
 #2

Do you use any third part service which uses your API from Kraken?
you probably need to look for the culprit from there. Using API from exchange on unreliable trading bot can result in trading on some overpriced shitcoin, all you said that happened looks like such a scenario to me.

█▀▀▀











█▄▄▄
▀▀▀▀▀▀▀▀▀▀▀
e
▄▄▄▄▄▄▄▄▄▄▄
█████████████
████████████▄███
██▐███████▄█████▀
█████████▄████▀
███▐████▄███▀
████▐██████▀
█████▀█████
███████████▄
████████████▄
██▄█████▀█████▄
▄█████████▀█████▀
███████████▀██▀
████▀█████████
▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀
c.h.
▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄
▀▀▀█











▄▄▄█
▄██████▄▄▄
█████████████▄▄
███████████████
███████████████
███████████████
███████████████
███░░█████████
███▌▐█████████
█████████████
███████████▀
██████████▀
████████▀
▀██▀▀
cryptochat2017 (OP)
Newbie
*
Offline Offline

Activity: 13
Merit: 0


View Profile
July 31, 2019, 11:18:28 PM
 #3

Do you use any third part service which uses your API from Kraken?
you probably need to look for the culprit from there. Using API from exchange on unreliable trading bot can result in trading on some overpriced shitcoin, all you said that happened looks like such a scenario to me.

Thanks, since months I don't use any trading bot at all. And all these stupid trades were done in 1 day, which reduced my fund to be 15% of before.
 
And until now I cannot login yet to Kraken to check.

And Kraken has not answered me what has happened
bitmover
Legendary
*
Offline Offline

Activity: 2478
Merit: 6316


bitcoindata.science


View Profile WWW
July 31, 2019, 11:32:28 PM
 #4

I used kraken a lot in 2017,, but never logged in again.
Never had any problems with them.

And all cryptocurrency exchanges have terrible customer support.. you are probably talking to a bot.

Your history is odd. Why didn't this guy withdrawal the funds instead of doing those crazy  trades?

Did you check where the illegal login came from? You can check tbhat in your account, or ask them for login history. Could it be a family member or something like that?
It's sad, but nobody should ever leave funds on exchanges, unless if you are actually trading a lot.

BitMaxz
Legendary
*
Offline Offline

Activity: 3430
Merit: 3165


Playbet.io - Crypto Casino and Sportsbook


View Profile WWW
August 01, 2019, 12:24:34 AM
 #5

Do you use any third part service which uses your API from Kraken?
you probably need to look for the culprit from there. Using API from exchange on unreliable trading bot can result in trading on some overpriced shitcoin, all you said that happened looks like such a scenario to me.

Thanks, since months I don't use any trading bot at all. And all these stupid trades were done in 1 day, which reduced my fund to be 15% of before.
 
And until now I cannot login yet to Kraken to check.

And Kraken has not answered me what has happened
If you didn't use the API to any 3rd party software it's impossible that someone can access your Kraken with 2fa and a good password. Unless if someone use your laptop where your 2fa software installed.

Did you login your Kraken account to other devices? Maybe you forgot to logout your Kraken account there and someone use the device and trades your balance accidentally?

Do some check first and maybe someone used your Kraken account maybe your child or your wife or a friend.

███████████████
█████████████████████
██████▄▄███████████████
██████▐████▄▄████████████
██████▐██▀▀▀██▄▄█████████
████████▌█████▀██▄▄██████
██████████████████▌█████
█████████████▀▄██▀▀██████
██████▐██▄▄█▌███████████
██████▐████▀█████████████
██████▀▀███████████████
█████████████████████
███████████████

.... ..Playbet.io..Casino & Sportsbook.....Grab up to  BTC + 800 Free Spins........
████████████████████████████████████████
██████████████████████████████████████████████
██████▄▄████████████████████████████████████████
██████▐████▄▄█████████████████████████████████████
██████▐██▀▀▀██▄▄██████████████████████████████████
████████▌█████▀██▄▄█████▄███▄███▄███▄█████████████
██████████████████▌████▀░░██▌██▄▄▄██████████████
█████████████▀▄██▀▀█████▄░░██▌██▄░░▄▄████▄███████
██████▐██▄▄█▌██████████▀███▀███▀███▀███▀█████████
██████▐████▀██████████████████████████████████████
██████▀▀████████████████████████████████████████
██████████████████████████████████████████████
████████████████████████████████████████
Kraken-Chase
Jr. Member
*
Offline Offline

Activity: 59
Merit: 2


View Profile WWW
August 01, 2019, 01:05:35 AM
Last edit: August 01, 2019, 01:24:19 AM by Kraken-Chase
 #6

cryptochat2017,

Chase from Kraken support here. I'm very sorry to hear that your account was compromised. Security is our top priority and this is the last thing we'd ever want to hear from any of our clients. When or if an account is compromised, a number of security measures are immediately asked - as it’s essential to ensure any potentially affected e-mail accounts and/or devices are safe and secure.

When available, could you please provide us with your ticket number? You currently aren't and haven't been speaking with a bot, as an account security specialist would have responded and assisted you with your individual case.
Serpens66
Legendary
*
Offline Offline

Activity: 2954
Merit: 1131



View Profile
August 01, 2019, 05:41:56 AM
 #7

Upon noticing this, I've changed the password of Kraken and email, deleted all API keys, and I contacted Kraken.
Thanks, since months I don't use any trading bot at all.
there you have it. Not the account was hacked (otherwise they would just withdraw everything), but they got your API Key.
So ask yourself who had access to those API Keys.

Mit Cointracking (10% Rabatt) behältst du die Übersicht über all deine Trades und Gewinne. Sogar ein Tool für die Steuer ist dabei Wink                          
Great Freeware Game: Clonk Rage
binance.com hat nun auch SEPA und EUR Paare! Mit dem RefLink bekommst du 5% Rabatt auf die Tradinggebühren!
joniboini
Legendary
*
Offline Offline

Activity: 2366
Merit: 1805



View Profile WWW
August 01, 2019, 06:24:56 AM
 #8

I still don't get why you can't access your Kraken account now. From my understanding, you changed the password, deleted all API keys, and so on. Did you forgot the password somehow or did your account suddenly got locked?

There is a high chance you were 'robbed' by using your API key, which could happen to any exchanges that support API if the user is not careful enough.

▄▄███████████████████▄▄
▄███████████████████████▄
████████▀░░░░░░░▀████████
███████░░░░░░░░░░░███████
███████░░░░░░░░░░░███████
██████▀░░░░░░░░░░░▀██████
██████▄░░░░░▄███▄░▄██████
██████████▀▀█████████████
████▀▄██▀░░░░▀▀▀░▀██▄▀███
███░░▀░░░░░░░░░░░░░▀░░███
████▄▄░░░░▄███▄░░░░▄▄████
▀███████████████████████▀
▀▀███████████████████▀▀
 
 CHIPS.GG 
▄▄███████▄▄
▄████▀▀▀▀▀▀▀████▄
███▀░▄░▀▀▀▀▀░▄░▀███
▄███
░▄▀░░░░░░░░░▀▄░███▄
▄███░▄░░░▄█████▄░░░▄░███▄
███░▄▀░░░███████░░░▀▄░███
███░█░░░▀▀▀▀▀░░░▀░░░█░███
███░▀▄░▄▀░▄██▄▄░▀▄░▄▀░██
▀███
░▀░▀▄██▀░▀██▄▀░▀░██▀
▀███
░▀▄░░░░░░░░░▄▀░██▀
▀███▄
░▀░▄▄▄▄▄░▀░▄███▀
▀█
███▄▄▄▄▄▄▄████▀
█████████████████████████
▄▄███████▄▄
███
████████████▄
▄█▀▀▀▄
█████████▄▀▀▀█▄
▄██████▀▄▄▄▄▄▀██████▄
▄█████████████▄████████▄
████████▄███████▄████████
█████▄█████████▄██████
██▄▄▀▀▀▀█████▀▀▀▀▄▄██
▀█████████▀▀███████████▀
▀███████████████████▀
██████████████████
▀████▄███▄▄
████▀
████████████████████████
3000+
UNIQUE
GAMES
|
12+
CURRENCIES
ACCEPTED
|
VIP
REWARD
PROGRAM
 
 
  Play Now  
LeGaulois
Copper Member
Legendary
*
Offline Offline

Activity: 2940
Merit: 4101


Top Crypto Casino


View Profile
August 01, 2019, 09:36:44 AM
 #9

I suspected the API too but he mentioned not using it for a while, so. (unless the keys were altered long ago and used only now? anyway, the person couldn't transfer out anything since you need email verification for any address you add)

...

Kraken support is handled by real people. In every communication, I've got a developed discussion and not a canned speech copy-pasted.
Most support tickets can be resolved the same day, but when it's about IT security it takes time to do a proper investigation to check if even it's an IT issue...

Maybe you forgot to logout your Kraken account there and someone use the device and trades your balance accidentally?

Users are automatically logged out after X minutes inactive.

█████████████████████████
████▐██▄█████████████████
████▐██████▄▄▄███████████
████▐████▄█████▄▄████████
████▐█████▀▀▀▀▀███▄██████
████▐███▀████████████████
████▐█████████▄█████▌████
████▐██▌█████▀██████▌████
████▐██████████▀████▌████
█████▀███▄█████▄███▀█████
███████▀█████████▀███████
██████████▀███▀██████████
█████████████████████████
.
BC.GAME
▄▄░░░▄▀▀▄████████
▄▄▄
██████████████
█████░░▄▄▄▄████████
▄▄▄▄▄▄▄▄▄██▄██████▄▄▄▄████
▄███▄█▄▄██████████▄████▄████
███████████████████████████▀███
▀████▄██▄██▄░░░░▄████████████
▀▀▀█████▄▄▄███████████▀██
███████████████████▀██
███████████████████▄██
▄███████████████████▄██
█████████████████████▀██
██████████████████████▄
.
..CASINO....SPORTS....RACING..
█░░░░░░█░░░░░░█
▀███▀░░▀███▀░░▀███▀
▀░▀░░░░▀░▀░░░░▀░▀
░░░░░░░░░░░░
▀██████████
░░░░░███░░░░
░░█░░░███▄█░░░
░░██▌░░███░▀░░██▌
░█░██░░███░░░█░██
░█▀▀▀█▌░███░░█▀▀▀█▌
▄█▄░░░██▄███▄█▄░░▄██▄
▄███▄
░░░░▀██▄▀


▄▄████▄▄
▄███▀▀███▄
██████████
▀███▄░▄██▀
▄▄████▄▄░▀█▀▄██▀▄▄████▄▄
▄███▀▀▀████▄▄██▀▄███▀▀███▄
███████▄▄▀▀████▄▄▀▀███████
▀███▄▄███▀░░░▀▀████▄▄▄███▀
▀▀████▀▀████████▀▀████▀▀
cryptochat2017 (OP)
Newbie
*
Offline Offline

Activity: 13
Merit: 0


View Profile
August 02, 2019, 10:54:15 AM
 #10

cryptochat2017,

Chase from Kraken support here. I'm very sorry to hear that your account was compromised. Security is our top priority and this is the last thing we'd ever want to hear from any of our clients. When or if an account is compromised, a number of security measures are immediately asked - as it’s essential to ensure any potentially affected e-mail accounts and/or devices are safe and secure.

When available, could you please provide us with your ticket number? You currently aren't and haven't been speaking with a bot, as an account security specialist would have responded and assisted you with your individual case.

Hi Kraken Chase, shall I post ticket number here ? Or private message ?
Kraken-Chase
Jr. Member
*
Offline Offline

Activity: 59
Merit: 2


View Profile WWW
August 02, 2019, 02:35:20 PM
 #11

Hi Kraken Chase, shall I post ticket number here ? Or private message ?

cryptochat2017,

Please feel free to PM me your ticket number.
cryptochat2017 (OP)
Newbie
*
Offline Offline

Activity: 13
Merit: 0


View Profile
August 05, 2019, 12:04:27 PM
 #12

Hi,
Would you help me differently from the bad service emails I have from Kraken ?
Kraken-Chase
Jr. Member
*
Offline Offline

Activity: 59
Merit: 2


View Profile WWW
August 05, 2019, 02:18:43 PM
 #13

Hi,
Would you help me differently from the bad service emails I have from Kraken ?

cryptochat2017,

Once you provide us your ticket number, we can help escalate your ticket if your case is still outstanding. Unfortunately it's difficult to predict what could have happened specifically to your account without any details of your account and/or activity - however the support team is here to help its users, and to ensure the correct security measures are in place ASAP to prevent any further damage and unfortunate situations like this from happening again. Once you're available, please provide us with your ticket number and we can further help and work with you in regards to your case.
cryptochat2017 (OP)
Newbie
*
Offline Offline

Activity: 13
Merit: 0


View Profile
August 06, 2019, 02:59:44 PM
 #14

So this is what I receive from Kraken,

I am an user to them, yet when I am hacked they don't help me to know how the hack was done. Terrible

"We have conducted an internal investigation and unfortunately we cannot assist you in recovering these funds as cryptocurrency transactions are designed to be irreversible. For Compliance reasons, any details related to our investigation can only be provided to verified law enforcement. This also includes the release of other sensitive information, such as IP addresses or cryptocurrency addresses.

We would advise you to file a police report and ask the law enforcement official responsible for this investigation to contact us by submitting our Compliance and Legal web form.

Unfortunately we will not be able to provide any further information about this case until we are contacted by a verified law enforcement official."
ene1980
Hero Member
*****
Offline Offline

Activity: 2002
Merit: 535


View Profile
August 06, 2019, 04:44:09 PM
 #15

So this is what I receive from Kraken,
I am an user to them, yet when I am hacked they don't help me to know how the hack was done. Terrible
I am surprised to see that an individual account is hacked even with 2 FA enabled and what is intriguing here in your case is that there is no other complaint about any other hacks, it is a really unfortunate situation and it looks like a targeted attack by someone you know, phishing and stealing your session cookie is the only way anyone could bypass the 2 FA restriction.
countryfree
Legendary
*
Offline Offline

Activity: 3066
Merit: 1047

Your country may be your worst enemy


View Profile
August 06, 2019, 09:08:47 PM
 #16

So this is what I receive from Kraken,

I am an user to them, yet when I am hacked they don't help me to know how the hack was done. Terrible

"We have conducted an internal investigation and unfortunately we cannot assist you in recovering these funds as cryptocurrency transactions are designed to be irreversible. For Compliance reasons, any details related to our investigation can only be provided to verified law enforcement. This also includes the release of other sensitive information, such as IP addresses or cryptocurrency addresses.

We would advise you to file a police report and ask the law enforcement official responsible for this investigation to contact us by submitting our Compliance and Legal web form.

Unfortunately we will not be able to provide any further information about this case until we are contacted by a verified law enforcement official."


I'm very surprised with this answer.
First, I think your title is a bit misleading. From what I understand, it is your computer who has been hacked, but I can't understand Kraken's answer. They should be able to give your complete logins and transactions history. No need to be an official. There's something really wrong here.

I used to be a citizen and a taxpayer. Those days are long gone.
cryptochat2017 (OP)
Newbie
*
Offline Offline

Activity: 13
Merit: 0


View Profile
August 07, 2019, 10:12:11 AM
 #17


I'm very surprised with this answer.
First, I think your title is a bit misleading. From what I understand, it is your computer who has been hacked, but I can't understand Kraken's answer. They should be able to give your complete logins and transactions history. No need to be an official. There's something really wrong here.


I don't know if my computer was hacked. But at least Kraken should help me to understand what has happened.
Another email from them:

As per our previous reply, unfortunately we will not be able to provide any further information about this case until we are contacted by a verified law enforcement official.

We would advise you to file a police report and ask the law enforcement official responsible for this investigation to contact us by submitting a Compliance and Legal web form - https://support.kraken.com/hc/en-us/requests/new?ticket_form_id=648008
cryptochat2017 (OP)
Newbie
*
Offline Offline

Activity: 13
Merit: 0


View Profile
August 15, 2019, 10:04:52 PM
 #18

Help me please, what can I do now ?
pugman
Legendary
*
Offline Offline

Activity: 2383
Merit: 1551


dogs are cute.


View Profile WWW
August 15, 2019, 11:57:37 PM
 #19

Help me please, what can I do now ?
Well from the looks of it, somehow someone got access to your account, stole your funds and vanished.

And kraken can't do anything about it, its crypto, its irreversible like they said. The best possible way to get your money back is to contact cyber crime and give your details that's your best shot. Ask kraken to provide the IP logs, check if your computer is compromised, take all necessary actions, change your email, password everything for all your accounts and use a totally different device if you can.

Serpens66
Legendary
*
Offline Offline

Activity: 2954
Merit: 1131



View Profile
August 25, 2019, 01:19:06 PM
 #20

Help me please, what can I do now ?
the case was already solved, just read my comment above.
The hakcers used your API key.  Ask kraken suport for every logs they have about those api keys and they will proof that these were used to steal your funds.
And no, you cant get back your funds.

Mit Cointracking (10% Rabatt) behältst du die Übersicht über all deine Trades und Gewinne. Sogar ein Tool für die Steuer ist dabei Wink                          
Great Freeware Game: Clonk Rage
binance.com hat nun auch SEPA und EUR Paare! Mit dem RefLink bekommst du 5% Rabatt auf die Tradinggebühren!
Pages: [1] 2 »  All
  Print  
 
Jump to:  

Powered by MySQL Powered by PHP Powered by SMF 1.1.19 | SMF © 2006-2009, Simple Machines Valid XHTML 1.0! Valid CSS!