Unknown Blockchain.com employee is stealing customers funds

[ico-services]

There has been several cases on Blockchain.com where 2FA email of the user has been mystically disabled, after which all the funds have been stolen.

All evidence lead to the fact that the person behind the theft is most likely Blockchain.com employee, and was done like this:

1. The employee looked up Wallet IDs and account emails in Blockchain.com system and requested 2FA change via the publicly available form.
2. He disabled email notifications about 2FA change (possibly only for the specific account).
3. Once the 2FA email was changed, he either used a brute-force attack to crack the password or more likely he already acquired it from numerous user-data leaks, which is how he was targeting the accounts in the first place.
4. After gaining access to the wallet, he withdrew all balance to his own wallet.

Read whole article here:

https://honestproscons.com/unknown-blockchaincom-employee-is-stealing-customers-funds

Similar cases on TrustPilot:

https://www.trustpilot.com/reviews/6000e632755dc107e87e4f07
https://www.trustpilot.com/reviews/5f5914d902e8570650b5a559
https://www.trustpilot.com/reviews/5f47f09202e85708c8da4f77
https://www.trustpilot.com/reviews/5fecaea5755dc107e0d2f768
https://www.trustpilot.com/reviews/5fb0444a5e693f0a84273f35
https://www.trustpilot.com/reviews/5f8d85b1798e6f04a417abeb
https://www.trustpilot.com/reviews/5f5ca49d02e8570a4870925e
https://www.trustpilot.com/reviews/5f259f7e1a5a6907a4787852
https://www.trustpilot.com/reviews/5ee888f77dd753070884b184
https://www.trustpilot.com/reviews/5eae1f9a086b6409544678e4
https://www.trustpilot.com/reviews/5f47f09202e85708c8da4f77

[Jawhead999]

Well I don't know if it's true or not, if it's a real hacker than 2FA is useless since the hacker can get your private keys which has access to your wallet and withdraw your funds.

But I wonder why there's no announcement from blockchain.com if the exchanges got hacked.

It's also possible the employee stole those funds since they has access to each customer account.

[ico-services]

This hack was not done with private keys, but by disabling 2FA.

[Rikafip]

This hack was not done with private keys, but by disabling 2FA.

So says author of that article, Filip Poutintstev. To quote the title "Unknown Blockchain.com employee is stealing customers funds" but he provides zero evidence of that, just assumptions and nothing else. I don't say that whats written in article is impossible to happen, but still it would be good to provide some evidence for those claims otherwise it;s nothing but a clickbait title. Same thing he did in the article  called Reasons to avoid Bitcointalk where he wrote bunch of nonsense and lies.

On the other hand, I am not big fan of blockchain.com wallet and I stopped using it some time ago after having a lot of issue with sending/receiving funds. Last time it happened I had to export private key and move my funds to another wallet.

[NeuroticFish]

All evidence lead to the fact that the person behind the theft is most likely Blockchain.com employee

Bitcoin can be stolen in many ways and I am almost sure that many of those people that have lost funds did so because they were clicked into phishing links and went to websites that look like blockchain.com

However, I don't know what do people expect from a website. The content of the page and possibly some other features too can be changed by anybody from the company and by anybody else powerful enough to trick your browser's DNS resolving (OK, lately with forced https this will no longer happen). This means that you are never to be sure what you run there.

If you look into their ToS, they're basically not liable for anything. And that's right, if one is lazy enough to use web services instead of a proper wallet then maybe he deserves his fate...

[ico-services]

This hack was not done with private keys, but by disabling 2FA.

So says author of that article, Filip Poutintstev. To quote the title "Unknown Blockchain.com employee is stealing customers funds" but he provides zero evidence of that, just assumptions and nothing else. I don't say that whats written in article is impossible to happen, but still it would be good to provide some evidence for those claims otherwise it;s nothing but a clickbait title. Same thing he did in the article  called Reasons to avoid Bitcointalk where he wrote bunch of nonsense and lies.

On the other hand, I am not big fan of blockchain.com wallet and I stopped using it some time ago after having a lot of issue with sending/receiving funds. Last time it happened I had to export private key and move my funds to another wallet.

It's called logical deduction.

The facts are that it's impossible for anyone to do this theft other than Blockchain.com employee, because no one else can disable notifications about 2FA change.

Since you brought up the other article, perhaps you can tell which points exactly are false?

[enhu]

This hack was not done with private keys, but by disabling 2FA.

So says author of that article, Filip Poutintstev. To quote the title "Unknown Blockchain.com employee is stealing customers funds" but he provides zero evidence of that, just assumptions and nothing else. I don't say that whats written in article is impossible to happen, but still it would be good to provide some evidence for those claims otherwise it;s nothing but a clickbait title. Same thing he did in the article  called Reasons to avoid Bitcointalk where he wrote bunch of nonsense and lies.

On the other hand, I am not big fan of blockchain.com wallet and I stopped using it some time ago after having a lot of issue with sending/receiving funds. Last time it happened I had to export private key and move my funds to another wallet.

It's called logical deduction.

The facts are that it's impossible for anyone to do this theft other than Blockchain.com employee, because no one else can disable notifications about 2FA change.
Since you brought up the other article, perhaps you can tell which points exactly are false?

It's still not 100%, a proof will erase doubts about this. Hacks are not unusual in crypto, you probably have seen it all.  If blockchain.com itself will be obligue to investigate, its where the proof must come from. I doubt they will present it here.

One thing that is very true though is that online wallets are always not safe. Whoever stole the coins, we don't have the chance of getting it back anymore. The only that we can do is become aware of the danger and not put our coins on online wallet like blockchain.com

[The Cryptovator]

It's true blockchain email verification was disabled a few days back and I had tried several times to log in to my blockchain account. Although my wallet is empty, just sometimes it was necessary to open it in order to help others by getting real time information from the wallet. The claim is quite serious and the writer should provide a reasonable explanation with proof. If you simply claim someone they are hacking your wallet, then it's not worthy enough. I haven't found such as case till now where peoples lost funds after disabling email verification. Password recovery is impossible on blockchain and files wouldn't retrieve without email access. So moving funds in this situation is quite complicated and there is a required second password to make transactions nowadays. So, I am quite suspicious about such as blam.

[stompix]

So says author of that article, Filip Poutintstev. <>
 Same thing he did in the article  called Reasons to avoid Bitcointalk where he wrote bunch of nonsense and lies.

This is just a coincidence, right?  
Oh, I just saw your other thread, so you don't think this a coincidence either? 

Originally published at:
https://honestproscons.com/where-to-write-about-cryptocurrencies

Since you brought up the other article, perhaps you can tell which points exactly are false?

Salty much Mr. Poutintstev? Troubles finding clients for ico ann bumping or what?
Funny how you dislike this forum so much but desperately try to milk clicks from it with articles like this one.

3. Once the 2FA email was changed, he either used a brute-force attack to crack the password or more likely he already acquired it from numerous user-data leaks, which is how he was targeting the accounts in the first place.

You do realize that this step is unnecessary if he would have an access level that allows him to disable 2FA and change the email address, right?
But just out of pure curiosity, how do you see this brute-force attack taking place and where?

It's also possible the employee stole those funds since they has access to each customer account.

No, they don't.

[ico-services]

3. Once the 2FA email was changed, he either used a brute-force attack to crack the password or more likely he already acquired it from numerous user-data leaks, which is how he was targeting the accounts in the first place.

You do realize that this step is unnecessary if he would have an access level that allows him to disable 2FA and change the email address, right?

How? He still needs password to access the wallet.

[nutildah]

From one of your Reddit links:

Oké I know what happend. So stupid!

Google --> Blockchain --> click wrong link --> http://blockcriean.info/ --> logged in on perfect looking site only with wrong address --> And bitcoin is gone to Sao Paulo! IP 181.41.217.100

It's likely representative of what happened to most people who had their funds stolen. In a lot of reviews you posted, others chime in that it is most likely they exposed their credentials to malware. I didn't see one of them claim what you claim happened to you.

I've been using them for 6 years and never had a problem.

[Rikafip]

The facts are that it's impossible for anyone to do this theft other than Blockchain.com employee, because no one else can disable notifications about 2FA change.

Some of those trustpilot reviews are almost year ago. We are supposed to believe that blockchain.com employee is stealing funds all this time but somehow they are not removing him and this goes on and on?

I don't say that hacks cant happen, but people tend to blame others for their mistakes, like downloading fake apps on Google Play.

Since you brought up the other article, perhaps you can tell which points exactly are false?

Others already replied to nonsense written there so there is no need for me to waste my time and repeat it all over again, mr @poutintsev.

[FatFork]

Since you brought up the other article, perhaps you can tell which points exactly are false?

OK, how about this?
In the introduction of that other article, the author states:

The forum is run by the so-called "The Bitcointalk Elite" who have a very negative attitude towards new members. Thus all new members lack many forum features that are available for more senior users.

I was a new member just over a year ago and have never felt any 'negative attitude' from senior members so I can't agree with that statement in any way. Can you show us proof of that claim? And what are the 'many features' that new members lack? They cannot post embedded images and wear a signature. You call that 'many features'?

I did not even want to read the rest of the article, since it is clear from the start that it is not factual, but rather the personal position of the author, which has no foundation in the truth.

[Rikafip]

I did not even want to read the rest of the article, since it is clear from the start that it is not factual, but rather the personal position of the author, which has no foundation in the truth.

Author of that article and the creator of this thread are most likely the same person. He got busted for dodgy behavior so of course he is salty now and ready to spread bs about bitcointalk.

At the same time, he obviously misses the forum so he decided to come back and maybe and give it another shot. It's love & hate relationship; he hates the forum but at the same he would like to profit from it.