Bitcoin Forum
November 14, 2024, 11:39:10 AM *
News: Check out the artwork 1Dq created to commemorate this forum's 15th anniversary
 
   Home   Help Search Login Register More  
Pages: « 1 2 [3]  All
  Print  
Author Topic: Cashaa hacked. 336 BTC Stolen.  (Read 701 times)
gentlemand
Legendary
*
Offline Offline

Activity: 2590
Merit: 3015


Welt Am Draht


View Profile
July 12, 2020, 11:29:40 AM
 #41

To be honest, I've never heard of Cashaa crypto exchange. Why would a person use a barely known exchange when there are multiple reputable ones out there? If an exchange is popular, there is a higher chance it will have a way better level of security. Plus, if it's reputable, there's a good chance the losses will be compensated to users (which is what happened with Binance a year or two ago). And what sort of exchange stores money on Blockchain rather than in a cold wallet?

My number one source of learning about obscure exchanges is when they rape their customers. It's a dependable stream of information.

I'd never heard of them before either.

From the looks of their site - https://cashaa.com/business-account - https://cashaa.com/personal-account  - they are primarily about providing conventional banking with crypto integrated as a sideline. Many people, especially businesses, are desperate for banking so will go with anyone who offers it and makes crypto friendly noises.

Yudhisthir
Full Member
***
Offline Offline

Activity: 1060
Merit: 103


www.Artemis.co


View Profile
July 12, 2020, 11:35:31 AM
 #42

To be honest, I've never heard of Cashaa crypto exchange. Why would a person use a barely known exchange when there are multiple reputable ones out there? If an exchange is popular, there is a higher chance it will have a way better level of security. Plus, if it's reputable, there's a good chance the losses will be compensated to users (which is what happened with Binance a year or two ago). And what sort of exchange stores money on Blockchain rather than in a cold wallet?

My number one source of learning about obscure exchanges is when they rape their customers. It's a dependable stream of information.

I'd never heard of them before either.

From the looks of their site - https://cashaa.com/business-account - https://cashaa.com/personal-account  - they are primarily about providing conventional banking with crypto integrated as a sideline. Many people, especially businesses, are desperate for banking so will go with anyone who offers it and makes crypto friendly noises.



The exchange is from some Indians and the alleged hack is also from India. It could be an insider job. I don't mean that the exchange itself is involved but maybe someone that is working with or had worked in the past with the exchange that had some inside knowledge as how and where the funds are kept. Indian police have an experience of investigating hacks in the past, I hope they get to the hacker this time too.

gentlemand
Legendary
*
Offline Offline

Activity: 2590
Merit: 3015


Welt Am Draht


View Profile
July 12, 2020, 11:46:33 AM
 #43

The exchange is from some Indians and the alleged hack is also from India. It could be an insider job. I don't mean that the exchange itself is involved but maybe someone that is working with or had worked in the past with the exchange that had some inside knowledge as how and where the funds are kept. Indian police have an experience of investigating hacks in the past, I hope they get to the hacker this time too.

Hmm. What's with all the GBP and EUR talk? And the London address? There are some mentions of India in there but visiting it I wouldn't know it had much to do with there at all.

If the Indian police do a good job then more power to them. If it was the UK they'd be told to 'report it' and then it would likely be ignored.
Lucius
Legendary
*
Offline Offline

Activity: 3430
Merit: 6151


Crypto Swap Exchange🈺


View Profile WWW
July 12, 2020, 01:20:50 PM
 #44

This is just proof that even those who should set an example to others have no idea what they are doing, because this is nothing but an ordinary amateurism. Given that they present themselves as a serious company with offices from Singapore to the UK, this event actually presents them in the right light - not only do they use an online wallet for their business, but they are not able to adequately protect that same wallet.

Just look at all these awards and recognitions over the years, one wonders who is crazy here and who is normal Huh


Source : https://cashaa.com/business-account


█▀▀▀











█▄▄▄
▀▀▀▀▀▀▀▀▀▀▀
e
▄▄▄▄▄▄▄▄▄▄▄
█████████████
████████████▄███
██▐███████▄█████▀
█████████▄████▀
███▐████▄███▀
████▐██████▀
█████▀█████
███████████▄
████████████▄
██▄█████▀█████▄
▄█████████▀█████▀
███████████▀██▀
████▀█████████
▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀
c.h.
▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄
▀▀▀█











▄▄▄█
▄██████▄▄▄
█████████████▄▄
███████████████
███████████████
███████████████
███████████████
███░░█████████
███▌▐█████████
█████████████
███████████▀
██████████▀
████████▀
▀██▀▀
Krislaw
Sr. Member
****
Offline Offline

Activity: 1204
Merit: 388


View Profile WWW
July 12, 2020, 03:23:45 PM
 #45

Biggest joke. Example of funds are not #SAFU
If a company like that doesn't know the vulnerability of a web wallet, then they deserve getting low ratings. Haven't even heard of their name before but seeing this news won't even make me go close to them. This hack would affect them because they seem not to much userbase and it's going to affect them.
BlackHatCoiner
Legendary
*
Offline Offline

Activity: 1708
Merit: 8336


Fiatheist


View Profile WWW
July 12, 2020, 03:29:21 PM
 #46

How hard is to save your funds in an offline wallet? How??

Steps:

1) Install electrum on a cold machine.

That's all.

█▀▀▀











█▄▄▄
▀▀▀▀▀▀▀▀▀▀▀
e
▄▄▄▄▄▄▄▄▄▄▄
█████████████
████████████▄███
██▐███████▄█████▀
█████████▄████▀
███▐████▄███▀
████▐██████▀
█████▀█████
███████████▄
████████████▄
██▄█████▀█████▄
▄█████████▀█████▀
███████████▀██▀
████▀█████████
▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀
c.h.
▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄
▀▀▀█











▄▄▄█
▄██████▄▄▄
█████████████▄▄
███████████████
███████████████
███████████████
███████████████
███░░█████████
███▌▐█████████
█████████████
███████████▀
██████████▀
████████▀
▀██▀▀
Rotten Egg
Member
**
Offline Offline

Activity: 178
Merit: 22


View Profile
July 12, 2020, 07:12:53 PM
Merited by amishmanish (2)
 #47

Cashaa is not new to BitcoinTalk. Here is what I found about them...

Announcement: https://bitcointalk.org/index.php?topic=2272412.0

Bounty: https://bitcointalk.org/index.php?topic=2273856.0

Also, following details found about Cashaa founder Kumar Gaurav...

Personal Website: https://kumargaurav.com

Twitter Profile: https://twitter.com/kg_Cashaa

Cleaning BitcoinTalk India since 2014.
sukbir
Member
**
Offline Offline

Activity: 122
Merit: 13

🏆Bitcoin is king of Cryptocurrency World.


View Profile WWW
July 12, 2020, 08:44:28 PM
 #48

When I read about this news the first thing I thought about checking was:

Where will this exchange be located?

I went on the website and looked for their address and found this:

Cashaa is the trading name of Cashaa Technologies Limited, a UK registered company (No. 11644308) whose registered office is at Suite 207 Equitable House Business Centre, 10 Woolwich New Rd, London, England, SE18 6AB.

on google map i didn't see anything relevant about this address, but they reported this case to Cyber Crime department in Delhi

https://twitter.com/yourCashaa/status/1282010893115482112

why didn't they report to the UK police?


According to UK government site, they have registered their company in UK as well.

Source: https://beta.companieshouse.gov.uk/company/11644308/officers

⭐⭐★( ͡👁️ ͜ʖ ͡👁️)★🏆Bitcoin🏆 the World's First Decentralized Digital Currency.☆.•´¯`•.☆🌼🌼.•´¯`•.🌼🌼★( ͡👁️ ͜ʖ ͡👁️)★⭐⭐ ✿.。.:* ᗷITᑕOIᑎ *:.。.✿
gentlemand
Legendary
*
Offline Offline

Activity: 2590
Merit: 3015


Welt Am Draht


View Profile
July 12, 2020, 08:48:45 PM
 #49

According to UK government site, they have registered their company in UK as well. I think they report to uk police.

That's a bit of a shame. They don't have much notable track record when it comes to successfully nabbing cyber criminals or taking it particularly seriously.

In the UK you're supposed to report online crime here - https://www.actionfraud.police.uk  which repeatedly refers to 'reporting' crimes rather than solving them. Most of the time they say they've noted it and... that's it.

Maybe they work a little harder, or do any work, if it's a large amount like this.
rathaha10
Full Member
***
Offline Offline

Activity: 616
Merit: 108


io.ezystayz.com


View Profile
July 12, 2020, 10:15:36 PM
 #50

Putting 336 Bitcoin in a web wallet should be considered a crime by itself!

Well going through the original writeup, it doesn't seems the whole 336 bitcoin were stolen from him alone, he specifies that 336 bitcoins has been transferred to the hackers wallet so far meaning other peoples are affected also. I agree with you though, even a few amount of bitcoin that's worth something ought to be kept in a more secure hardware wallet rather than just some free online/web wallets

LFC_Bitcoin
Legendary
*
Offline Offline

Activity: 3724
Merit: 10458


#1 VIP Crypto Casino


View Profile
July 13, 2020, 10:16:05 AM
 #51

Putting 336 Bitcoin in a web wallet should be considered a crime by itself!

Probably an inside job if I had to guess, wouldn’t be hard for an employee to get the blockchain.com wallet details.

█████████████████████████
███████████▄█████████████
██████▀░▀█▀░▀█▀░▀████████
███████▄███▄███▄█████████
████▀██▀██▀░▀████▀░▀█████
███████████░███▀██▄██████
████▀██▀██░░░█░░░████████
███████████░███▄█▀░▀█████
████▀██▀██▄░▄███▄░░░▄████
███████▀███▀███▀██▄██████
██████▄░▄█▄░▄█▄░▄████████
███████████▀█████████████
█████████████████████████
 
.Bitcasino.io.
 
.BTC  ✦  Where winners play  BTC.
.
..
.
    ..





████
████
░░▄████▄████████████▄███▄▄
░███████▄██▄▄▄▄▄▄█████████▄
███████████████████████████
▀████████████████████████▀
░░▀▀████████████████████
██████████████████▄█████████
██
▐███████▀███████▀██▄██████
███████▄██▄█▀████▀████████
░░██████▀▀▀▄▄▄████▀▀████
██▐██████████▀███▀█████████████    ████
███
████████████
███████████████    ████
█████▀████████████████▀
███████▀▀▀█████████▀▀
..
....
 
 ..✦ Play now... 
.
..
thesmallgod
Full Member
***
Offline Offline

Activity: 1498
Merit: 129


View Profile
July 13, 2020, 10:49:32 AM
 #52

My question is, are they fully oriented on how to use Bitcoin or cryptocurrency?

That is a huge amount that something you trust web wallet and you know that you didn't own the private key of your wallet. Sounds strange for me, how this comes up like this.

I checked that transaction of scammed address, it seems like 336 bitcoin has been divided into small amounts within different addresses, the last 85 amount of Bitcoin landed on this transaction address. It seems like the hacker didn't cashout yet Bitcoin into fiat.
The problem with such exchange is that they don't wanna spend money on security. Any exchange platform should provide up to date security and also carry out security auditing at least ones in a month. If big exchange with robust securities are getting hacked, I don't know what the smaller one expect. If the bitcoin have been divided into small fractions. It is likely the hacker will get it mixed and it will remain untraceable after that
jerrison
Full Member
***
Offline Offline

Activity: 1442
Merit: 106



View Profile WWW
July 13, 2020, 04:37:13 PM
 #53

Quote
One of our wallets with http://Blockchain.info was compromised and funds were transferred to 14RYUUaMW1shoxCav4znEh64xnTtL3a2Ek #Cashaaexchangeissafe #Cashaafightsfraud @coincrunchin

Source: https://twitter.com/yourCashaa/status/1281995351864430593 ( http://archive.is/DTCh8 )

Quote
Cyber Crime department in Delhi is informed. Also, all the crypto exchanges have been notified about the hacker address (14RYUUaMW1shoxCav4znEh64xnTtL3a2Ek) to block the #Bitcoin transaction.



Source: https://twitter.com/yourCashaa/status/1282010893115482112 ( http://archive.is/x72ui )


The incessant cases of hacking has of recent been on the increase and it is expected that projects should have tight security measures put in place to safeguard their investors fund as it the main target where hackers are having eyes on. Again, I do not expect funds to be kept in an online wallet as it is always targerted by hackers, they should be kept offline to keep the funds #safu just as it was in the case binance.

Janation
Hero Member
*****
Offline Offline

Activity: 1722
Merit: 528


View Profile
July 15, 2020, 07:14:03 AM
 #54

With that huge amount of Bitcoins, they still can't afford a hardware wallet?

I'm wondering the same thing but here are the possible reasons I can think of: 1) They are new to this business (they are established on 2019) so their knowledge and management is not yet mature as the other big companies. However, this is not a valid excuse becuause you supposed to know the business, from the chances of best or worst case scenario, before entering. 2) They are complacent, thinking "What could possibly go wrong?".

Nevertheless, it's their own fault. They can't blame anyone even the hackers bacause being bad is in their nature already. How sad that the least thing they can do is to make their excahge bullet proof but they fail to do so Sad.

That is so true.

They should really blame theirselves. They should know better since they are an exchange and they are holding lots and lots of Bitcoins in their hands. I don't know why they stick to holding it in a hot wallet, maybe they have their purposes but still, they should start using cold storage.

This is a lesson of the past for a lot of exchanges but they did not learn from it.
stompix
Legendary
*
Offline Offline

Activity: 3080
Merit: 6631


Leading Crypto Sports Betting & Casino Platform


View Profile
July 15, 2020, 05:51:33 PM
 #55

According to UK government site, they have registered their company in UK as well.
Source: https://beta.companieshouse.gov.uk/company/11644308/officers

Hihihi, I bet it's a company registered through a middleman by some guys that never set foot in the UK.
Seen it a lot of times, way too many times. Exstock was also a registered company in the UK, when people strated complain they found weren't allowed to conduct any financial activities, and empty office, and nothing.

But, the irony...

Correspondence address
Suite 207, Equitable House Business Centre, 10 Woolwich New Rd, London, United Kingdom, SE18 6AB
Equitable...my a**.

The director is a 30yo Indian esiding in the UAE and the manager a german from Malta. Oh yeah, nothing shaddy!

From the looks of their site - https://cashaa.com/business-account - https://cashaa.com/personal-account  - they are primarily about providing conventional banking with crypto integrated as a sideline. Many people, especially businesses, are desperate for banking so will go with anyone who offers it and makes crypto friendly noises.

They provide "banking" and they store their coins in a web wallet.....

..Stake.com..   ▄████████████████████████████████████▄
   ██ ▄▄▄▄▄▄▄▄▄▄            ▄▄▄▄▄▄▄▄▄▄ ██  ▄████▄
   ██ ▀▀▀▀▀▀▀▀▀▀ ██████████ ▀▀▀▀▀▀▀▀▀▀ ██  ██████
   ██ ██████████ ██      ██ ██████████ ██   ▀██▀
   ██ ██      ██ ██████  ██ ██      ██ ██    ██
   ██ ██████  ██ █████  ███ ██████  ██ ████▄ ██
   ██ █████  ███ ████  ████ █████  ███ ████████
   ██ ████  ████ ██████████ ████  ████ ████▀
   ██ ██████████ ▄▄▄▄▄▄▄▄▄▄ ██████████ ██
   ██            ▀▀▀▀▀▀▀▀▀▀            ██ 
   ▀█████████▀ ▄████████████▄ ▀█████████▀
  ▄▄▄▄▄▄▄▄▄▄▄▄███  ██  ██  ███▄▄▄▄▄▄▄▄▄▄▄▄
 ██████████████████████████████████████████
▄▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▄
█  ▄▀▄             █▀▀█▀▄▄
█  █▀█             █  ▐  ▐▌
█       ▄██▄       █  ▌  █
█     ▄██████▄     █  ▌ ▐▌
█    ██████████    █ ▐  █
█   ▐██████████▌   █ ▐ ▐▌
█    ▀▀██████▀▀    █ ▌ █
█     ▄▄▄██▄▄▄     █ ▌▐▌
█                  █▐ █
█                  █▐▐▌
█                  █▐█
▀▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▀█
▄▄█████████▄▄
▄██▀▀▀▀█████▀▀▀▀██▄
▄█▀       ▐█▌       ▀█▄
██         ▐█▌         ██
████▄     ▄█████▄     ▄████
████████▄███████████▄████████
███▀    █████████████    ▀███
██       ███████████       ██
▀█▄       █████████       ▄█▀
▀█▄    ▄██▀▀▀▀▀▀▀██▄  ▄▄▄█▀
▀███████         ███████▀
▀█████▄       ▄█████▀
▀▀▀███▄▄▄███▀▀▀
..PLAY NOW..
BD Crypto
Full Member
***
Offline Offline

Activity: 658
Merit: 158

BTC Rocks


View Profile
July 15, 2020, 07:58:28 PM
 #56

Another sad news apeard here.Actually not only mine but also all user advice is that you should never store your funds in exchange site.Because any centralized exchange can be hacked or be scam.
So always we should be safe and store then in private wallet.
7788bitcoin
Legendary
*
Offline Offline

Activity: 2282
Merit: 1023


View Profile
July 21, 2020, 06:44:27 PM
 #57

Probably an inside job if I had to guess, wouldn’t be hard for an employee to get the blockchain.com wallet details.
Everything about the website is shady and the so called owner will be behind the heist, storing the coins in an online wallet and then the funds are moved simultaneously when he moved some small amounts and then he filed a police complaint in India just to show everyone that an investigation is taking place. The way in which a service is holding the funds is a joke and the threads regarding the service in this forum are deleted.
Falkyire
Newbie
*
Offline Offline

Activity: 31
Merit: 0


View Profile
July 23, 2020, 05:14:16 PM
 #58

incidents like these remind me of Mt. Gox esuque "oops i got hacked" if people find a legal way of getting qucik bucks and they just get proficient in using Empty fort strategy again and agian
Pages: « 1 2 [3]  All
  Print  
 
Jump to:  

Powered by MySQL Powered by PHP Powered by SMF 1.1.19 | SMF © 2006-2009, Simple Machines Valid XHTML 1.0! Valid CSS!