Almost lost all of my coins in an exchange last week

[Bitcoin Guy]

Ironic as it may sound, I think I'd be choosing Binance. But your situation and mine are different. You are restricted to use Binance; I am not. I am choosing Binance primarily because of their Secure Asset Fund for Users (SAFU). It is a kind of an insurance fund for their users. I guess on your part, Kraken might be a trustworthy option.

However, I'd like to emphasize that there is absolutely ZERO reason for hodling funds in an exchange wallet.

Binance is not bad if you have access to it.  It is a risky business on what's all going on nowadays.  For US customers, it is a loose situation. I hope everyone of them will be able to get their coins out safely.

[examplens]

which exchange is at stake here?
Did you check your spam box on email service? I regularly receive updates from some exchanges about delisting coins. Some of them end up in the spam/trash folder.
Also once have a similar situation where is my country is disallowed from Kucoin, but they disable all trading function, only withdraw has been possible at the moment. when the interference is removed and my country was re-approved to full access on that platform, everything returned to normal very quickly.
I want to say, that in normal and professional exchanges, everything working fine.

[Bitcoin Guy]

which exchange is at stake here?

It got mentioned upstairs post.

Did you check your spam box on email service? I regularly receive updates from some exchanges about delisting coins. Some of them end up in the spam/trash folder.
Also once have a similar situation where is my country is disallowed from Kucoin, but they disable all trading function, only withdraw has been possible at the moment. when the interference is removed and my country was re-approved to full access on that platform, everything returned to normal very quickly.
I want to say, that in normal and professional exchanges, everything working fine.

I can receive their email telling me that they cannot support me fine without any issue.

It probably will take at least 10 years, if not ever, for the exchange to allow US customers again. 

[Noctis Connor]

Now that I got most of the assets out from there I am more comfortable to talk about it and to share my story.  Would this be an inside job given that they knew the US customers are vulnerable and helpless (since they cannot use their customer services anymore)?  Else, how can the hacker by passing the email code verification and the Google Authentication process?  This is still very unsettling to me.  

Glad that you've got all the coins you have because if you haven't noticed that one maybe you're poor now, kidding aside, haven't you read a policy before using exchange and still you haven't full control in your asset since your just using an exchange site and for the "email" maybe they got your email because of your using it to register into some other website which if that website got hacked they can get some information that can be use to hacked your email address gladly that you've manage to recover everything, Also not just by passing everything can be done nothing is impossible nowadays or maybe you downloaded some keylogger in your computer,

[Bitcoin Guy]

Now that I got most of the assets out from there I am more comfortable to talk about it and to share my story.  Would this be an inside job given that they knew the US customers are vulnerable and helpless (since they cannot use their customer services anymore)?  Else, how can the hacker by passing the email code verification and the Google Authentication process?  This is still very unsettling to me.  

Glad that you've got all the coins you have because if you haven't noticed that one maybe you're poor now, kidding aside, haven't you read a policy before using exchange and still you haven't full control in your asset since your just using an exchange site and for the "email" maybe they got your email because of your using it to register into some other website which if that website got hacked they can get some information that can be use to hacked your email address gladly that you've manage to recover everything, Also not just by passing everything can be done nothing is impossible nowadays or maybe you downloaded some keylogger in your computer,

I use iPad mostly. 

Now that you mentioned it, we all should use a dedicated email address for this kind of stuff.  This way, no other website can stole your information. 

[Amejoaquim]

I had a bad story too.

Back on 2017 i've made a very stupid mistake.

When i try to deposit my ethereum on binance, i send it into wrong address.

I think i'm gonna lose all of my ethereum, but luckyly Binance want to send my ETH back and Binance Customer Service is so damn good.

[Text]

You know what is surprising here is why he even received codes in the email when 2FA is enabled in his account.  Why, can you choose where you want to receive the codes such as email even if 2FA is turned on?  The hacker who knew his login details tried to reset his password.  When you opened your email did it not mark as read?  This means that he will not be able to access even your email to get the codes.  Good thing that even that is already 2FA and the secondary layers of protection work.  Didn't you notice anything unusual about your account activity such as trade history?  So the hacker has not been successful in having full control or access to your account.

If some of your remaining coins are not supported by a hard wallet just use their official wallet because you are almost certain that you will hold your private keys or mnemonic phrases.  Or you can also use some trusted and recognized non-custodial wallets.

[Bitcoin Guy]

I had a bad story too.

Back on 2017 i've made a very stupid mistake.

When i try to deposit my ethereum on binance, i send it into wrong address.

I think i'm gonna lose all of my ethereum, but luckyly Binance want to send my ETH back and Binance Customer Service is so damn good.

It was actually a good story. 

[Bitcoin Guy]

You know what is surprising here is why he even received codes in the email when 2FA is enabled in his account.  Why, can you choose where you want to receive the codes such as email even if 2FA is turned on?  The hacker who knew his login details tried to reset his password.  When you opened your email did it not mark as read?  This means that he will not be able to access even your email to get the codes.  Good thing that even that is already 2FA and the secondary layers of protection work.  Didn't you notice anything unusual about your account activity such as trade history?  So the hacker has not been successful in having full control or access to your account.

If some of your remaining coins are not supported by a hard wallet just use their official wallet because you are almost certain that you will hold your private keys or mnemonic phrases.  Or you can also use some trusted and recognized non-custodial wallets.

They have a 24-hour no withdrawal function after a password is changed, else, the fund would already be gone.  I reset my password using the forgot password option.  In doing so, they sent me security code to my email and I also needed to use Google Authentication in combination to the security code to reset my password.  That means the hacker need to use the same too.  The Google Authenticator was installed on my old iPhone which usually is turned off.  There is always a risk that the phone stops working because it is semi broken as the old battery expanded and forced the touch screen surface to bulged.  But it is usable.  I cannot reinstall it on my new phone since I didn't keep the recovery key. 

Good point on the "read" email comment.  No, these emails were not read when I saw them and received them.

 

[Sithara007]

Very difficult to say whether this was an inside job or not. These sort of attacks happen all the time. However you did the mistake by keeping your coins in the exchange wallet. Unless you are a day trader, I don't see any point in keeping your crypto assets in an exchange wallet. I am telling this out of my own personal experience, as I have lost my coins multiple times in various exchanges.

However a few things sound really fishy. OP is saying that the exchange didn't contacted him to move the coins as restrictions are in place for US costumers. The exchange probably sent an email, but it may have landed in the "spam" folder. The fact that the hacker was able to reset the password (is it even possible without Google Authentication?) could mean that either the phone number or the email address was compromised. In that case, it will not surprise me if the hacker deleted some of the emails from the exchange, even before the OP could notice them.

[Bitcoin Guy]

Very difficult to say whether this was an inside job or not. These sort of attacks happen all the time. However you did the mistake by keeping your coins in the exchange wallet. Unless you are a day trader, I don't see any point in keeping your crypto assets in an exchange wallet. I am telling this out of my own personal experience, as I have lost my coins multiple times in various exchanges.

However a few things sound really fishy. OP is saying that the exchange didn't contacted him to move the coins as restrictions are in place for US costumers. The exchange probably sent an email, but it may have landed in the "spam" folder. The fact that the hacker was able to reset the password (is it even possible without Google Authentication?) could mean that either the phone number or the email address was compromised. In that case, it will not surprise me if the hacker deleted some of the emails from the exchange, even before the OP could notice them.

No emails from them that are in the spam box.  I have no problem receiving their support email before they stopped responding. 

Don’t know how they can hack a phone which has the Google Authenticator that is not even turned on.

[Blockchain_cl]

I had a similar experience with an Exchange. After the Bullrun of 2017 and 2018 i had some of coins parked in Polo... I didnt log in in a while and after a few month i came back, just to see they had delisted a coin.
Well first of all, sure my part was the negligence to hold them on an Exchange after all. A total no go.
But the reason i was really annoyed was, that the exchange didn´t send any E-mail or information out to its customers.
That was a scatchy move.
I since then abandoned the exchange. I use coldstorage and just move coins for trades to an exchange i "trust".
Its time for some good DEX.

Greetings

[Bitcoin Guy]

I had a similar experience with an Exchange. After the Bullrun of 2017 and 2018 i had some of coins parked in Polo... I didnt log in in a while and after a few month i came back, just to see they had delisted a coin.
Well first of all, sure my part was the negligence to hold them on an Exchange after all. A total no go.
But the reason i was really annoyed was, that the exchange didn´t send any E-mail or information out to its customers.
That was a scatchy move.
I since then abandoned the exchange. I use coldstorage and just move coins for trades to an exchange i "trust".
Its time for some good DEX.

Greetings

I hope you did not lose much on that one.  I heard that Coinbase is being regulated by the government closely, but because of that, they are probably more responsible for their customers' coins.  The biggest con is that customers will lose their anonymity.

[Bitcoin Guy]

You're really lucky that didn't happen. Be careful.

I had a similar experience with an Exchange. After the Bullrun of 2017 and 2018 i had some of coins parked in Polo... I didnt log in in a while and after a few month i came back,

We all better check our accounts frequently or take the advises from most people - store our coins in hard/cold wallet. 

[Travel Standard]

One of the lucky man. Hacker find your account but failed to steal your money. Some Hackers are very smart and they use linux system for hacking accounts. For this they use malicious or spam files and we click on it cause viral of our information to hacker.
Exchangea are not safe place for token store. Use wallet instead of it.

[hulla]

Every cryptocurrency user needs to be more careful this day because attackers will always come with a different kind of strategy and it better to avoid human error.
The OP issue seems to be an insider man job(someone who know the auth backup code), human error from the OP end whereby the google auth backup is exposed or a problem from Google auth app because some crypto users have also experience the same attack which is the reason why people are advised to use Aegis.

Having said that, I will advise the OP to follow the instruction of not using his exchange email account for any other thing online, save auth backup code offline, set IP restriction and withdraw password etc.

[Lauren Smith]

Why were you leaving it in an exchange? When you spend crypto how do you spend it if it is in the exchange. You should know and many people have just posted about it, that is to never keep coins on the exchange.
I really hope you put a link to this post somewhere where many will see it because this is very important. I am glad you got your crypto back shame your heart must be racing. Now you know never to do it again and I hope others will learn from this.

[doctor877]

this is very awful , and its good you were able to remove your coins. this attacks could be from some phishing links you might have clicked. an insider wont even need to enter your email to login, however we need to be careful of such exchanges so you need to let us know or hint us.

[Bitcoin Guy]

this is very awful , and its good you were able to remove your coins. this attacks could be from some phishing links you might have clicked. an insider wont even need to enter your email to login, however we need to be careful of such exchanges so you need to let us know or hint us.

I do not click on email links.  I always go to the site directly to check if the email message is legit.

I use iPad and iPhone.  They should be safer than Android phones. 

I will repeat what I had mentioned before:
In order to change password, they need 1. a security code sent to my email address and 2. code from Google Authenticator.  The Google Authenticator associated to my account is in an old iPhone which was turned off at the time during the hack.  And I did not even keep its recovery code.

The last email (which I initiated) from them asked me to withdrawal my coins to avoid potential losses.  They told me I cannot trade or exchange, only withdrawal.  I replied to them, but they stopped responding since.  As of today, I still don't know what they meant by "potential losses" and how.



   

[Twinkledoe]

this is very awful , and its good you were able to remove your coins. this attacks could be from some phishing links you might have clicked. an insider wont even need to enter your email to login, however we need to be careful of such exchanges so you need to let us know or hint us.

I do not click on email links.  I always go to the site directly to check if the email message is legit.

I use iPad and iPhone.  They should be safer than Android phones. 

I will repeat what I had mentioned before:
In order to change password, they need 1. a security code sent to my email address and 2. code from Google Authenticator.  The Google Authenticator associated to my account is in an old iPhone which was turned off at the time during the hack.  And I did not even keep its recovery code.

The last email (which I initiated) from them asked me to withdrawal my coins to avoid potential losses.  They told me I cannot trade or exchange, only withdrawal.  I replied to them, but they stopped responding since.  As of today, I still don't know what they meant by "potential losses" and how.

 

It is really better to store your coins in your own wallet. Even if the exchange is a trusted one or top exchange, you have no assurance about the security of your coins. Let us say you are very careful in terms of security of your account, still when your coins are out there, is vulnerable to potential attacks.