relaxssl (OP)
Newbie
 Offline
Activity: 9
Merit: 3
|
site: blockchain.com screenshot of the transaction history: https://ibb.co/wM9kP1LI had activated Email and SMS as the authentication, it was still stoled, don't know how the hacker get my sms code. |
|
|
|
|
OmegaStarScream
Staff
Legendary
Offline
Activity: 3654
Merit: 6439
|
A hacker does not necessarily need that in order for him to access your wallet.
Your seedphrase or private keys (if it's an imported address) are all a hacker needs to access your funds. The 2FA code won't really help with that.
So the question is... where is your seed stored? is it online? did you share it with someone before? is it well hidden?
|
|
|
|
NotATether
Legendary
Offline
Activity: 1778
Merit: 7372
Top Crypto Casino
|
 |
June 08, 2024, 06:21:19 PM |
|
Were you SIM swapped by any chance? (You mentioned that but call your phone provider just to be sure). That's a very common way of taking over accounts.
|
|
|
|
Hazink
Full Member
 Online
Activity: 264
Merit: 134
OrangeFren.com
|
|
June 08, 2024, 06:23:04 PM |
|
A hacker does not necessarily need that in order for him to access your wallet.
If this is an imported wallet, then he might have accessed the private key of that address...
If it's completly generated by Blockchain, then he might have found your seed.
I think the OP exchange account was what got hacked, not the wallet, where the hacker needs to gain access to the private key or phrase of the wallet. I think all they use is a password and email to login, and the 2FA and SMS verification are just added security, which hackers might be able to bypass. The Op should try checking out his logging history; maybe this has been planned out for a long time, and just having access to the account email and other things might be a bit easier to bypass. |
████████████████████ OrangeFren.com ████████████████████instant KYC-free exchange comparison████████████████████ Clearnet and onion available #kycfree services (prepaid Visa & Mastercard) ████████████████████ |
|
|
|
Ultegra134
|
|
June 08, 2024, 06:23:15 PM |
|
I'm sorry for your loss, did you receive anything suspicious in an SMS or in your email prior to the transaction, such as unsuccessful logins or receiving verification codes to login? Have you downloaded any pirated software in the past, or where your passwords compromised at some point?
P.S Sim swapping has also growing increasingly common as NotATether already mentioned.
|
|
█▄ | R |
▀▀▀▀▀▀▀██████▄▄
████████████████
▀▀▀▀█████▀▀▀█████
████████▌███▐████
▄▄▄▄█████▄▄▄█████
████████████████
▄▄▄▄▄▄▄██████▀▀ | LLBIT | ▀█ |
THE #1 SOLANA CASINO | ████████████▄
▀▀██████▀▀███
██▄▄▀▀▄▄█████
█████████████
█████████████
███▀█████████
▀▄▄██████████
█████████████
█████████████
█████████████
█████████████
█████████████
████████████▀ | ████████████▄
▀▀▀▀▀▀▀██████
█████████████
▄████████████
██▄██████████
████▄████████
█████████████
█░▀▀█████████
▀▀███████████
█████▄███████
████▀▄▀██████
▄▄▄▄▄▄▄██████
████████████▀ | ........5,000+........
GAMES
......INSTANT......
WITHDRAWALS | ..........HUGE..........
REWARDS
............VIP............
PROGRAM | .
PLAY NOW |
|
|
|
OmegaStarScream
Staff
Legendary
Offline
Activity: 3654
Merit: 6439
|
A hacker does not necessarily need that in order for him to access your wallet.
If this is an imported wallet, then he might have accessed the private key of that address...
If it's completly generated by Blockchain, then he might have found your seed.
I think the op exchange account was what got hacked and not the wallet where the hacker needs to gain access to the private key or phrase of the wallet. I could be wrong, but the screenshot he's showing looks more like the "wallet" than the exchange which seems to have an overall different UI, theme as you can see here: [1] https://support.blockchain.com/hc/en-us/articles/4417087554068-How-to-withdraw-crypto[2] https://exchange.blockchain.com/trade |
|
|
|
relaxssl (OP)
Newbie
Offline
Activity: 9
Merit: 3
|
|
June 08, 2024, 06:31:12 PM |
|
A hacker does not necessarily need that in order for him to access your wallet.
Your seedphrase or private keys (if it's an imported address) are all a hacker needs to access your funds. The 2FA code won't really help with that.
So the question is... where is your seed stored? is it online? did you share it with someone before? is it well hidden?
BlockChain.com is a centralized exchange. I remember the website does not provide seedphrase export, only a recovery key for password reset. This happened in 2020 when BTC prices were very low. What has always puzzled me is how they managed to get my SMS code. |
|
|
|
|
BitMaxz
Legendary
Offline
Activity: 3430
Merit: 3168
Playbet.io - Crypto Casino and Sportsbook
|
|
June 08, 2024, 06:33:10 PM |
|
Why would you hold BTC on an online wallet like blockchain.com? Since it's online hackers have so many chances to try to hack your account and steal your funds.
I'm sorry for your loss since Bitcoin transactions are reversible you can't do anything.
I hope next time don't use online or web wallets like blockchain.com I heard many users hacked using web wallets like blockchain.com next time use a better wallet like Electrum or hardware wallet.
|
|
|
|
hosseinimr93
Legendary
Offline
Activity: 2576
Merit: 5677
|
|
June 08, 2024, 06:34:05 PM |
|
The address which received OP's fund has received 5.65 BTC in total and has been reported here too. I think the OP exchange account was what got hacked, not the wallet, where the hacker needs to gain access to the private key or phrase of the wallet.
No, OmegaStarScream was right. according to the screenshot shared by OP, the fund was sent out from blockchain.com wallet, not their exchange. BlockChain.com is a centralized exchange.
They have a web wallet too. I remember the website does not provide seedphrase export, only a recovery key for password reset.
The recovery key provided by blockchain.com wallet is your seed phrase. |
|
|
|
OmegaStarScream
Staff
Legendary
Offline
Activity: 3654
Merit: 6439
|
A hacker does not necessarily need that in order for him to access your wallet.
Your seedphrase or private keys (if it's an imported address) are all a hacker needs to access your funds. The 2FA code won't really help with that.
So the question is... where is your seed stored? is it online? did you share it with someone before? is it well hidden?
BlockChain.com is a centralized exchange. I remember the website does not provide seedphrase export, only a recovery key for password reset. This happened in 2020 when BTC prices were very low. What has always puzzled me is how they managed to get my SMS code. How old is your wallet exactly? Blockchain.com has been generating a seedphrase for their users for many years now. "The pit" (their exchange) launched back in Q3 2019 but the screenshot clearly shows that it's not the exchange and that you have "sent" and not "withdrawn" funds. As mentioned above, the "recovery key" should be your seed/recovery phrase. See here: https://support.blockchain.com/hc/en-us/articles/7830201135900-How-do-I-recover-my-account-if-I-lost-my-password |
|
|
|
dkbit98
Legendary
Offline
Activity: 2408
Merit: 7563
|
|
June 08, 2024, 06:52:13 PM |
|
I had activated Email and SMS as the authentication, it was still stoled, don't know how the hacker get my sms code.
There is a chance your seed words got exposed on your end, maybe hacker hacked your computer if you kept them in digital form, or you were a victim of phishing attack. I also don't recommend anyone to use web wallets like Blockchain.com or anything similar, especially not for storing large amount of coins. If you want better security you should use cold wallets, but seed words should always be kept offline on paper/metal. |
|
|
|
MinoRaiola
Legendary
Offline
Activity: 2296
Merit: 1789
|
|
June 08, 2024, 06:59:18 PM |
|
There used to be scam attempts with google Ads. So if you searched for your wallet at blockchain.com on google and clicked on the first result, you were redirected to a scam page. This page looked 1:1 exactly like the original and you entered your name and password there. Then the authentication was changed (however) and the bitcoins were stolen. I dont know how it works with SMS today, but maybe this will help. It is very annoying when a coin are stolen, but im sure karma will fix it and they will be punished for it. The last posts here have given good tips, i hope this will help you.
|
|
|
|
|
Davidvictorson
|
|
June 08, 2024, 07:02:48 PM |
|
The 2FA code won't really help with that.
Apparently the 2FA is useless. It looks like it provides security but it just provides pseudo security. It really adds no extra layer of security contrary to what they say it does. Well the OP still has to answer your question and to add to it did he visit the hackers paradise- Telegram and mistakenly revealed his seed phrase? |
|
|
|
Article4tip
Newbie
Offline
Activity: 21
Merit: 0
|
|
June 08, 2024, 07:12:58 PM |
|
This means that your seed phrase was stolen or you accidentally revealed it to someone. There are folks who sell their "old wallets" to bounty hunters and forget they did. Blockchain.com wallets seedphrase for ETH is same for BTC. Sure that's not what happened?
|
|
|
|
|
|
Orpichukwu
|
|
June 08, 2024, 07:36:08 PM |
|
This means that your seed phrase was stolen or you accidentally revealed it to someone. There are folks who sell their "old wallets" to bounty hunters and forget they did. Blockchain.com wallets seedphrase for ETH is same for BTC. Sure that's not what happened?
I think that this is this is a totally different case from what happened. Since the Op is making use of a web wallet, there is every possibility that the system that he is using might have been infected with him, even knowing that the hacker can gain all the information they need from the Op in order for them to move out of the wallet without the permission of the Op. And to op with the large amount of BTC that was moved out of the wallet, why did you entrust your holdings to an online wallet? If you still have other holdings on other online wallets, I will advise you, for the main time, if nothing has happened to them, to get them off there, move them to a well-secured open-source wallet, and make sure you protect your private key from the reach of others. |
| .
Duelbits | │ | | │ | ▄▄█▄▄░░▄▄█▄▄░░▄▄█▄▄
███░░░░███░░░░███
▀░░░▀░░▀░░░▀░░▀░░░▀
▄░░░░░░░░░░░░
▀██████████
░░░░░███░░░░▀
░░█░░░███▄█░░░█
░░██▌░░███░▀░░██▌
░█░██░░███░░░█░██
░█▀▀▀█▌░███░░█▀▀▀█▌
▄█▄░░░██▄███▄█▄░░▄██▄
▄███▄
░░░░▀██▄▀ | .
REGIONAL
SPONSOR | | ███▀██▀███▀█▀▀▀▀██▀▀▀██
██░▀░██░█░███░▀██░███▄█
█▄███▄██▄████▄████▄▄▄██
██▀ ▀███▀▀░▀██▀▀▀██████
███▄███░▄▀██████▀█▀█▀▀█
████▀▀██▄▀█████▄█▀███▄█
███▄▄▄████████▄█▄▀█████
███▀▀▀████████████▄▀███
███▄░▄█▀▀▀██████▀▀▀▄███
███████▄██▄▌████▀▀█████
▀██▄███▀██▄█▄▄▄██▄████▀
▀▀██████████▄▄███▀▀
▀▀▀▀█▀▀▀▀ | .
EUROPEAN
BETTING
PARTNER | |
|
|
|
OgNasty
Donator
Legendary
Offline
Activity: 4914
Merit: 4853
Leading Crypto Sports Betting & Casino Platform
|
|
June 08, 2024, 07:37:17 PM |
|
Were you SIM swapped by any chance? (You mentioned that but call your phone provider just to be sure). That's a very common way of taking over accounts.
I thought they had fixed this issue on newer phones that no longer have a physical sim card. Maybe not though. It makes me wonder if social engineering was involved. Maybe the OP got a call from a MITM and gave his phone companies verification code to them, allowing for control of the account to be taken over? Without more details it's hard to say what happened. I heard a song the other day by some new rapper named Mabu where he has a line talking about how he got rich from sim swapping someone. Pretty scary to think about. Glad I only have like $5 in crypto on my phone from some TRON someone sent me once and store nothing important on it. |
| ..Stake.com.. | | | ▄████████████████████████████████████▄
██ ▄▄▄▄▄▄▄▄▄▄ ▄▄▄▄▄▄▄▄▄▄ ██ ▄████▄
██ ▀▀▀▀▀▀▀▀▀▀ ██████████ ▀▀▀▀▀▀▀▀▀▀ ██ ██████
██ ██████████ ██ ██ ██████████ ██ ▀██▀
██ ██ ██ ██████ ██ ██ ██ ██ ██
██ ██████ ██ █████ ███ ██████ ██ ████▄ ██
██ █████ ███ ████ ████ █████ ███ ████████
██ ████ ████ ██████████ ████ ████ ████▀
██ ██████████ ▄▄▄▄▄▄▄▄▄▄ ██████████ ██
██ ▀▀▀▀▀▀▀▀▀▀ ██
▀█████████▀ ▄████████████▄ ▀█████████▀
▄▄▄▄▄▄▄▄▄▄▄▄███ ██ ██ ███▄▄▄▄▄▄▄▄▄▄▄▄
██████████████████████████████████████████ | | | | | | ▄▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▄
█ ▄▀▄ █▀▀█▀▄▄
█ █▀█ █ ▐ ▐▌
█ ▄██▄ █ ▌ █
█ ▄██████▄ █ ▌ ▐▌
█ ██████████ █ ▐ █
█ ▐██████████▌ █ ▐ ▐▌
█ ▀▀██████▀▀ █ ▌ █
█ ▄▄▄██▄▄▄ █ ▌▐▌
█ █▐ █
█ █▐▐▌
█ █▐█
▀▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▀█ | | | | | | ▄▄█████████▄▄
▄██▀▀▀▀█████▀▀▀▀██▄
▄█▀ ▐█▌ ▀█▄
██ ▐█▌ ██
████▄ ▄█████▄ ▄████
████████▄███████████▄████████
███▀ █████████████ ▀███
██ ███████████ ██
▀█▄ █████████ ▄█▀
▀█▄ ▄██▀▀▀▀▀▀▀██▄ ▄▄▄█▀
▀███████ ███████▀
▀█████▄ ▄█████▀
▀▀▀███▄▄▄███▀▀▀ | | | ..PLAY NOW.. |
|
|
|
Hazink
Full Member
Online
Activity: 264
Merit: 134
OrangeFren.com
|
|
June 08, 2024, 07:50:47 PM |
|
The transaction occurred 4 years ago at 2020-10-01 02:59. Why are you posting now?
The date just caught my eye now. From the screenshot and the price I see in that place, the screenshot was taken recently. Maybe the Op was one of those who bought bitcoin back then to hold for a long time, and he just happened to check the wallet recently and notice that his holdings have already been moved out. Such a pity after waiting for so long, and the profit that could have been made as a reward for his patient was all wiped out. |
████████████████████ OrangeFren.com ████████████████████instant KYC-free exchange comparison████████████████████ Clearnet and onion available #kycfree services (prepaid Visa & Mastercard) ████████████████████ |
|
|
Stalker22
Legendary
Offline
Activity: 1680
Merit: 1415
|
|
June 08, 2024, 08:28:21 PM |
|
The transaction occurred 4 years ago at 2020-10-01 02:59. Why are you posting now?
The date just caught my eye now. From the screenshot and the price I see in that place, the screenshot was taken recently. Maybe the Op was one of those who bought bitcoin back then to hold for a long time, and he just happened to check the wallet recently and notice that his holdings have already been moved out. Such a pity after waiting for so long, and the profit that could have been made as a reward for his patient was all wiped out. It is very unlikely that someone would buy such a significant amount of Bitcoin, leave it in a web wallet, and not check the balance for nearly four years. Besides, the OP already mentioned this happened in 2020 and that he has "always" been puzzled about how the coins were stolen.
BlockChain.com is a centralized exchange. I remember the website does not provide seedphrase export, only a recovery key for password reset. This happened in 2020 when BTC prices were very low. What has always puzzled me is how they managed to get my SMS code.
@OP, just to correct you here: BlockChain.com actually offers both services - a centralized exchange and a non-custodial online wallet. You can easily move your funds between them at any time. |
|
|
|
Saint-loup
Legendary
Offline
Activity: 2786
Merit: 2428
|
|
June 08, 2024, 08:43:44 PM |
|
site: blockchain.com screenshot of the transaction history:  I had activated Email and SMS as the authentication, it was still stoled, don't know how the hacker get my sms code. The transaction is dated from october 2020, it was almost 4 years ago bro. Why do you make a topic about it in June 2024, if you have not recent news about the attack? Unfortunately I don't think Blockchain.com and its exchange is very secure since I regularly encounter bugs when I use both of them. So I avoid to leave much money on them. SMS code is not very safe that's why using 2FA app is usually recommended instead. |
|
|
|
|
Doan9269
|
|
June 08, 2024, 09:05:12 PM |
|
I had activated Email and SMS as the authentication, it was still stoled, don't know how the hacker get my sms code.
This is not about the site used because it can occur the same way with any other platforms you may decided to use later after this if you're not getting to know the reason for this, we have to know much about privacy and this is very important when we are having in consideration about the security measures to our crypto portfolio, some don't know how they have left an opening for hackers to take advantage of and use to scam them, this couldn't have happened if there were no vulnerability somewhere else, take this as a lesson and avoid reoccurrence. |
|
|
|
|
