My Bitcoin Got Hacked From My Wallet

[Bitcoin Guy]

My Bitcoin got hacked from my blockchain.com wallet three years ago.  I cannot seem to be able to contact Blockchain.com.  I failed trying to contact them three years ago, but I tried it again today, and this time - still failed.

I’m still able to access the wallet and see that my email address and the phone number for the SMS 2-Step verification are still there.  I was also able to change the password. 

I went to their support.blockchain.com page and tried to post my question, but after I entered the email address and the password for the account, I got an “invalid authenticity token” message and was unable to proceed further.  Does anyone know how to get through them?  I need to get more information on how my bitcoin got hacked.  It was such a mystery on how my account got hacked.  Did the hacker got a hold of my 12-word phrase key and replicated on another device before the coins were sent out?  If so, how did they bypass the SMS verification?  Or did they simply hack into the wallet directly? 

Ever since that incident, I lost confidence in using their wallet.  And as of today, I still cannot get in touch with their support team. 

Could someone help?  Please also share your story if something similar happened to you if you like to share. 

As it happened three years ago, I am over it now, but I still like to know what had happened and how did they hack it.

 

[1714244776]

1714244776

[1714244776]

1714244776

[mk4]

Not sure how Blockchain.com wallet works today because I haven't used it since God knows when, but have you saved your wallet's backup phrase somewhere? Maybe through a .txt file or through an email or something? Because it's either that, whereas a hacker got a hold of your backup phrase through your device, or you probably got phished sometime in the past.

Regardless though, since your funds have already been stolen, the chances of you getting them back is pretty much zero.

[yhiaali3]

Unfortunately, Blockchain wallet is an insecure wallet, this is a web wallet and therefore you do not have the phrase "seed" or "private key" in the first place, you only have the username and password and this can be easily hacked especially if you do not activate two-factor authentication, it is also possible that your email has been hacked So that they can access your account.

[Bitcoin Guy]

I forgot to add this - when the login failed, I also clicked on the “reset my password” link.  I entered my email address and submitted it.  However, I never got the email.  I did this twice.  Does this mean that I am not even a registered user?  But I did register and got the wallet.  Is the Password which I can change in the wallet and the email address appears in the wallet the same login credentials to access the support.blockchain.com site?

[Wexnident]

Check any suspicious activities that your email went through. It should be possible to trace how the hacker was able to access the account through that since as you said, 2FA was still enabled. Also, the issue of "Invalid authenticity token" seems like it stems from your browser settings or something similar. Try looking it up, it may not be a site-specific error but instead, your browser refuses to or blocks you yourself from entering the forum. As for contacting them, well, you tried and that didn't work. I myself don't know how to tbh, other than through their email or whatever info they have publicly available.

[ranochigo]

Blockchain.com is ridiculously incompetent and I would steer far away from them.

As you've mentioned, you were hacked 3 years ago, why are you still trying to reach them? You probably won't gain a single clue by asking them anyways, they probably won't keep logs for so long. I doubt that they would compensate you for your loss or anything. Were you using Tor at the time of the hack? Is your computer infected with malware?

[Bitcoin Guy]

Not sure how Blockchain.com wallet works today because I haven't used it since God knows when, but have you saved your wallet's backup phrase somewhere? Maybe through a .txt file or through an email or something? Because it's either that, whereas a hacker got a hold of your backup phrase through your device, or you probably got phished sometime in the past.

Regardless though, since your funds have already been stolen, the chances of you getting them back is pretty much zero.

I will check if I sent out the phrase via email.  But don’t they need to also my phone as I have the two step verification set up?

Unfortunately, Blockchain wallet is an insecure wallet, this is a web wallet and therefore you do not have the phrase "seed" or "private key" in the first place, you only have the username and password and this can be easily hacked especially if you do not activate two-factor authentication, it is also possible that your email has been hacked So that they can access your account.

It is actually a wallet on my iphone. 

Check any suspicious activities that your email went through. It should be possible to trace how the hacker was able to access the account through that since as you said, 2FA was still enabled. Also, the issue of "Invalid authenticity token" seems like it stems from your browser settings or something similar. Try looking it up, it may not be a site-specific error but instead, your browser refuses to or blocks you yourself from entering the forum. As for contacting them, well, you tried and that didn't work. I myself don't know how to tbh, other than through their email or whatever info they have publicly available.

I did have some type of enable cookies note.  I think I clicked on enable, but maybe that is not the right way. 



Thank you all for your replies.

[Chikito]

Did the hacker got a hold of my 12-word phrase key and replicated on another device before the coins were sent out? 

the reality is yes.

If so, how did they bypass the SMS verification?

If you remember someone or your friend, the family brought your phone? they need a second to bypass it.

Please also share your story if something similar happened to you if you like to share. 

You will find a lot of trouble about blockchain.com > https://bitcointalk.org/index.php?board=222.0

Ever since that incident, I lost confidence in using their wallet.  And as of today, I still cannot get in touch with their support team. 

they can't resolve your issue of course.

but I still like to know what had happened and how did they hack it.

just look at history in account and explorer address. but, as the comment above it won't back your balance into your pocket.

I forgot to add this - when the login failed, I also clicked on the “reset my password” link.  I entered my email address and submitted it.  However, I never got the email.  I did this twice.  Does this mean that I am not even a registered user?

Look like you entered the phishing site. the hacker had your credential and had access to your seed.


the point is to use the wallet where only you can access it like bitcoin core, electrum, or buy a hardware wallet in the next time.

[YOSHIE]

I see the most problems in this forum regarding access to blockchain.com wallets.

I have never actually used blockchain.com wallets, however, at least some people have experienced the same problem with you.
Try to read the topic below, at least it can help you recover Bitcoin on blockchain.com wallets.

Topic: Recover blockchain.info wallet password - 0.5 BTC bounty

Topic: Help me to recover funds from 18 phrases

[mk4]

I will check if I sent out the phrase via email.  But don’t they need to also my phone as I have the two step verification set up?

If they actually got a hold of your private keys, then no, there would be no need for 2fa verification for them to access your money. 2FA would only apply to the login of your Blockchain.com account.

[Bitcoin Guy]

Again, thank you all for your suggestions.  I want to bring up the following facts:

- I was using iPad and iPhone.
- I have not encountered any hack issue from these devices for all these years except the incident three years ago.
- I just found that I did send the recovery phrase to the same email address I was using as a backup.  Not sure if my email account got hack though, as I am still able to access it.
- I have SMS 2-step Verification using my phone numbers.  
- The URL of the site I tried to enter the credentials and to reset password was support.blockchain.com, not a phishing site.
- I have not and will not use their wallet again.  

I don’t expect to get the coin back; I just need to get some answers to help me to avoid the some mistakes again or to patch potential data leak.  

[Bitcoin Guy]

I will check if I sent out the phrase via email.  But don’t they need to also my phone as I have the two step verification set up?

If they actually got a hold of your private keys, then no, there would be no need for 2fa verification for them to access your money. 2FA would only apply to the login of your Blockchain.com account.

I don’t even know my private key.  Where can I find it from the wallet app?  If they were able to recovery my wallet in their device, then they can just send the money out. 

[mk4]

I don’t even know my private key.  Where can I find it from the wallet app?  If they were able to recovery my wallet in their device, then they can just send the money out. 

I meant your recovery phrase, specifically. And since you actually sent your recovery phrase to yourself via an email(which is a HUGE no-no), I think there's a decent chance that that might actually be it:

- I just found that I did send the recovery phrase to the same email address I was using as a backup.  Not sure if my email account got hack though, as I am still able to access it.

[jrrsparkles]

Since you can't actually enter into your wallet then how did you figured out you got hacked, with the address on any explorer or you just assumed it as?

When blockchain.info converted to blockchain.com there were lot of bugs and previous users can't able to get the login email which was unanswered from the support and it let to funds to be lost forever.

[Maus0728]

- I just found that I did send the recovery phrase to the same email address I was using as a backup.  Not sure if my email account got hack though, as I am still able to access it.

If for instance that you entered your login credentials 3 years ago on a blockchain.com phishing site, I won't be surprised if these hackers did not change your existing email, password and what not. I bet that they even wait for your next deposit for them to steal your bitcoin for the second time.

- I have SMS 2-step Verification using my phone numbers.

As far as I know, a "Man-in-the-Middle Attack" is doable to bypass an account with an active 2 Factor Authentication especially if they are using a phishing site.

I don’t even know my private key.  Where can I find it from the wallet app?  If they were able to recovery my wallet in their device, then they can just send the money out. 

Once the attackers has the access to your account. They can easily get your seed phrase from Settings --> Security and once they have it, they can access your account to another wallet and then do the transfer without triggering a transfer history on your blokchain.com wallet.

These are just possible scenarios though.

Use a non-custodial bitcoin wallet instead and practice using backups to ensure that you won't be experiencing this again.

[Bitcoin Guy]

Since you can't actually enter into your wallet then how did you figured out you got hacked, with the address on any explorer or you just assumed it as?

When blockchain.info converted to blockchain.com there were lot of bugs and previous users can't able to get the login email which was unanswered from the support and it let to funds to be lost forever.

I am able to access my wallet; I am just not able to send them support ticket using my credentials. 

When did they change from .info to .com?  Now that you mentioned, I think when I registered the account, it was still .info, but now when I clicked the Support menu in the wallet app, it took me to .com.

[Bitcoin Guy]

I meant your recovery phrase, specifically. And since you actually sent your recovery phrase to yourself via an email(which is a HUGE no-no), I think there's a decent chance that that might actually be

Not sure if that was absolutely the case, but I should not do that again. 

Use a non-custodial bitcoin wallet instead and practice using backups to ensure that you won't be experiencing this again.

Didn’t Nano Ledger just get hacked as well?  Is it still safe to use?

[ranochigo]

When did they change from .info to .com?  Now that you mentioned, I think when I registered the account, it was still .info, but now when I clicked the Support menu in the wallet app, it took me to .com.

They use both.

Didn’t Nano Ledger just get hacked as well?  Is it still safe to use?

The device itself is safe to use. It's more of a leak than a hack. User's shipping information were leaked because of their point of sale interface which was breached. The device and it's private keys/seeds are still safe.

[Maus0728]

Didn’t Nano Ledger just get hacked as well?  Is it still safe to use?

The device itself is safe to use since the private key will never leave the device. The database leak on their end have nothing to do with the security of your funds in the Ledger. However, your privacy is at risk and you are prone to receive phishing links via email, random phone calls which might trigger losing your funds if you are not being careful. Or worst, the $5 Wrench Attack might happen.

[fenixosup]

SMS 2fa is the worst type of auth it can be easily bypassed. Online wallets are bad decision too. And looks like blockchain.com support are the worst thing in this bad story