Chrome67 (OP)
Newbie
Offline
Activity: 35
Merit: 0
|
|
March 18, 2014, 04:57:06 PM Last edit: March 18, 2014, 07:44:20 PM by Chrome67 |
|
I'm generally not one to jump on the FUD bandwagon, but after looking into my account I can confirm that my ~250k Dogecoins on the site were systematically transferred to other wallets without my approval or initiation. This would constitute either a breach of security or a deliberate action by the admins. Regardless, the coins are stolen. The timestamp for the first deduction from my wallet was "2014-03-17 15:39:36", afterwards 5k transfers were made continuously emptying the account within an hour. Here's the proof right off dogechain.info https://i.imgur.com/vLJgJNO.pngFun stuff!
|
|
|
|
RodeoX
Legendary
Offline
Activity: 3066
Merit: 1147
The revolution will be monetized!
|
|
March 18, 2014, 05:20:24 PM |
|
Sorry to hear that man. Thieves suck.
|
|
|
|
poornamelessme
|
|
March 18, 2014, 05:26:54 PM |
|
Bleh. I just started with cryptos like 2 months ago, and am a small guppy-sized trader. Mostly doing giveaways, free cloudmining and such. Things like this make me feel like just forgetting cryptos.
I was planning on moving what I had in Coinex out the other day, but got busy ... then the next day Coinex vanished. I didn't have much there compared to what other people have, but still, it was a decent amount to me ... some bitcoin, around 40K noble, 12K doge and some other coins. It probably seems a paltry amount to most here, and looking at it from a monetary standpoint it wasn't much really ... but it mattered to me.
Oh well. I know everyone thinks govt. regulation and such are the main enemies of cryptos. It really isn't. It's all of these shady exchanges. Enough go down, and people will just walk away and lose all confidence in the coins.
|
|
|
|
davout
Legendary
Offline
Activity: 1372
Merit: 1008
1davout
|
|
March 18, 2014, 05:28:05 PM |
|
or a deliberate action by the admins. Regardless, the coins are stolen.
Such contradiction.
|
|
|
|
sumantso
Legendary
Offline
Activity: 1050
Merit: 1000
|
|
March 18, 2014, 05:28:26 PM |
|
Are you saying that the exchange which was repeatedly hacked earlier to the tune of 60-80 BTCs (which to its credit, was paid out by the owners) lost some of your money? Colour me surprised In anycase, there is also a chance that the account may have been compromised on your end.
|
|
|
|
tkbx
|
|
March 18, 2014, 05:31:08 PM |
|
Use #bitcoin-otc. I've gotten screwed:
- On exchanges: 2/2 times - By random people in the channel with positive feedback: 0/~15 times
|
|
|
|
braane
Newbie
Offline
Activity: 34
Merit: 0
|
|
March 18, 2014, 05:40:04 PM |
|
For me it's sad because I work a day job and I'm a college student, I try to invest just $30 or $40 per check into cryptos and when it gets stolen like this it's like 'why bother'? I only had about $50 worth of crypto on coinex, but literally hours before it went down 'for maintenance' I deposited .06BTC I had bought off of coinmx for cash. I know people lost a lot more on this, but it sucks. Usually I was making trades and withdrawing shortly after, in this case I never got the chance.
|
|
|
|
asprin
Newbie
Offline
Activity: 37
Merit: 0
|
|
March 18, 2014, 05:41:07 PM |
|
It's interesting that Coinex's switch pool is still giving out work and my miner is still hashing. I can also see that my bitcoins are still at my Coinex address. I have a ton of other coins just pooling up from the switch pool. I'm unable to check the availability of those coins though.
I opened an issue with Coinex earlier this year to complain about no option to turn the chat off. Rendering arbitrary input from unknown 3rd parties in your browser is very unsafe. Their response to me was to "click the header and it will hide." Of course that wouldn't solve the issue, so I just stopped hanging out on Coinex's site to minimize the attack surface. It sounds like this was the exact vulnerability used.
|
|
|
|
joschua011
Member
Offline
Activity: 86
Merit: 10
|
|
March 18, 2014, 05:44:13 PM |
|
For me it's sad because I work a day job and I'm a college student, I try to invest just $30 or $40 per check into cryptos and when it gets stolen like this it's like 'why bother'? I only had about $50 worth of crypto on coinex, but literally hours before it went down 'for maintenance' I deposited .06BTC I had bought off of coinmx for cash. I know people lost a lot more on this, but it sucks. Usually I was making trades and withdrawing shortly after, in this case I never got the chance.
If you keep all your coins at an exchange or any other online service you deserve to be hacked.
|
|
|
|
poornamelessme
|
|
March 18, 2014, 05:52:51 PM |
|
If you keep all your coins at an exchange or any other online service you deserve to be hacked.
If you keep all of your coins, or tons of bitcoin, on an exchange I agree. But otherwise I find comments like this silly. How are you supposed to trade, buy or sell coins without keeping some of them on an exchange? There isn't enough time to buy coins or sell them at good prices, if they are all stored in wallets. By the time it gets to the exchange, it's usually too late.
|
|
|
|
Evilish
|
|
March 18, 2014, 05:58:10 PM |
|
Glad I took out all of my coins a week ago except for ~3k Dogecoins and about 50 IFC.
|
|
|
|
braane
Newbie
Offline
Activity: 34
Merit: 0
|
|
March 18, 2014, 06:02:51 PM |
|
For me it's sad because I work a day job and I'm a college student, I try to invest just $30 or $40 per check into cryptos and when it gets stolen like this it's like 'why bother'? I only had about $50 worth of crypto on coinex, but literally hours before it went down 'for maintenance' I deposited .06BTC I had bought off of coinmx for cash. I know people lost a lot more on this, but it sucks. Usually I was making trades and withdrawing shortly after, in this case I never got the chance.
If you keep all your coins at an exchange or any other online service you deserve to be hacked. Clearly you didn't read my comment. I don't leave anything on exchanges, unless it's there to be traded. I don't think very many, if any, people leave their coins on an exchange to be held. Even if someone does, they don't deserve to be hacked. Paypal is a billion dollar company, do all of the people who leave money on Paypal deserve to be hacked? How much of the US dollar is now a 'digital dollar'? Does all of that deserve to be stolen too? How about E-Trade? I have lots of money there. Your comment is short sighted and naive.
|
|
|
|
PolarPoint
|
|
March 18, 2014, 06:09:46 PM |
|
Feeling bad for you. How was the hack done? Weak password on the exchange or weak password of email account?
|
|
|
|
Chrome67 (OP)
Newbie
Offline
Activity: 35
Merit: 0
|
|
March 18, 2014, 06:14:01 PM |
|
neither...
there was a vague twitter post when the site was put into maintenance mode. Stating:
"Security issue, investigating" - March 16th @ 1:57pm
The site's been down since right before that...
on March 17th "2014-03-17 15:39:36" (site down still) the outbound transfers happened. So, no access to the outside world unless hacked or stolen by admin.
|
|
|
|
bronco
Newbie
Offline
Activity: 57
Merit: 0
|
|
March 18, 2014, 06:31:13 PM |
|
couple days prior to hack i wasnt able to withdraw doge. goodbye 60k doge.
|
|
|
|
CFaulk
Newbie
Offline
Activity: 7
Merit: 0
|
|
March 18, 2014, 06:45:01 PM |
|
Perfect, I will remain hopeful until it confirmed or until the pools go down. where was that chat hosted from? I know it wasnt just on coinex
|
|
|
|
nommot
Newbie
Offline
Activity: 6
Merit: 0
|
|
March 18, 2014, 07:08:11 PM |
|
I'm generally not one to jump on the FUD bandwagon, but after looking into my account I can confirm that my ~250k Dogecoins on the site were systematically transferred to other wallets without my approval or initiation. This would constitute either a breach of security or a deliberate action by the admins. Regardless, the coins are stolen. The timestamp for the first deduction from my wallet was "2014-03-17 15:39:36", afterwards 5k transfers were made continuously emptying the account within an hour. Here's the proof right off dogechain.info https://i.imgur.com/vLJgJNO.pngFun stuff! How are you sure those coins were from your account? AFAIK, a lot of exchange sites use shared wallets to cut back on transaction fees. User's balances on exchange sites are not in individual wallets, but are values in the site's database. So unless the site's uses individual wallets for each user's balance, there is no way of finding withdrawals for a specific account on an exchange site from the blockchain.
|
|
|
|
SpottyAtBest
Newbie
Offline
Activity: 33
Merit: 0
|
|
March 18, 2014, 07:11:58 PM |
|
I am not saying that this is or is not true that they were hacked or funds are gone. However, it is pretty common for exchanges to move funds from your wallet deposit address to offline wallets. They do this on purpose to prevent losing coins if they get hacked. Cryptsy does it, Coinbase does it, BTER does it, they all do it.
Again, I am not saying that they for sure weren't hacked, just be aware that there is potentially still hope that all is not lost. I agree it doesn't look good since they have been down for 2+ days? But just because your coins were moved to other wallets doesn't necessarily tell the whole story.
Someone please correct me if you think I am wrong on this.
And also, I hope for your sake you turn out to be wrong. I wish you the best of luck recovering your coins...
|
|
|
|
gadado
|
|
March 18, 2014, 07:19:41 PM |
|
|
|
|
|
Bit_Happy
Legendary
Offline
Activity: 2114
Merit: 1040
A Great Time to Start Something!
|
|
March 18, 2014, 07:27:42 PM |
|
Please stop posting FUD about CoinEx, we will issue an announcement within next 24hrs about how we are going to handle the situation. Long story short: yes, our wallet server got hacked and all funds were withdrawn. Please read back to the beginning of this thread, we had such a problem before and *returned all the stolen funds from our own pockets*. Before this hack happened, we also had several attacks that lost funds and we silently covered those from our fees. For those who was stalking me at internets: thats true, i was trying to hide/delete my accounts. At the very first moment i saw zero balance at our bitcoin wallet i knew this was coming. And it scared the shit out of me. Hope you can understand that. About me selling bitcoins at localbitcoins.com: thats true too. I have 33mh/s scrypt gpu mining farm, I have >50% of coinex fees + I get % from cryptostocks share sells. Nothing criminal here again. So again, please calm down. We are not doing a runner. The only way i can see to restore this is to sell more shares at cryptostocks to cover the losses *and to hire a professional security audit team to prevent this from happening again*. Long story short, we're covering this from our own pockets again. Thanks - erundook So much Wow, so little time.
|
|
|
|
|