Bitcoin Forum
November 01, 2024, 09:47:01 AM *
News: Latest Bitcoin Core release: 28.0 [Torrent]
 
   Home   Help Search Login Register More  
Pages: [1]
  Print  
Author Topic: My Cryptsy Account just got Hacked/Compromised!!!!  (Read 1257 times)
mgoldfinger (OP)
Full Member
***
Offline Offline

Activity: 154
Merit: 100


View Profile
June 18, 2014, 01:06:17 AM
 #1

Guys,

Just got hacked on Cryptsy:

Currency   Send to Address   Amount   Conf   Request Date
BitCoin   1NJ7aaMewb1NsznELQWQEjpszFcsX2doRF   0.35685229 BTC   Yes   2014-06-17 19:58:08
Processed   TrxID: 4081353a4006652f5326e09cb5a195f90370f7d10e8cde09d0122d0843c1c2bb @ 2014-06-17 20:02:26

they got access to my gmail account, accepted the transfer and moved the mail to the trash.....

damn.




Raxe.io
Full Member
***
Offline Offline

Activity: 238
Merit: 100


View Profile WWW
June 18, 2014, 01:18:20 AM
 #2

Your password is compromised. Login from a secure computer or use a linux bootable USB to change the passwords. It is probably a keylogger or trojan. Then backup all important files (there is a chance these files are also infected). Make sure that you completely format the computer and install preferably a non Windows Operating System as they are highly susceptible to malicious code. Was the password complex?

Raxe.io / Example wallet: http://wallet.raxe.io
mgoldfinger (OP)
Full Member
***
Offline Offline

Activity: 154
Merit: 100


View Profile
June 18, 2014, 01:21:22 AM
 #3

Your password is compromised. Login from a secure computer or use a linux bootable USB to change the passwords. It is probably a keylogger or trojan. Then backup all important files (there is a chance these files are also infected). Make sure that you completely format the computer and install preferably a non Windows Operating System as they are highly susceptible to malicious code. Was the password complex?

Using a encrypted computer with Symantic active.

Changed all passwords

here is the IP address they used

    Tuesday, 17 June 2014 23:31:40 o'clock UTC
IP Address: 72.164.243.98 (72-164-243-98.dia.static.qwest.net)
Location: Estes Park, CO, USA
mgoldfinger (OP)
Full Member
***
Offline Offline

Activity: 154
Merit: 100


View Profile
June 18, 2014, 01:37:59 AM
Last edit: June 24, 2014, 03:31:55 PM by mgoldfinger
 #4

Great

the fuckers also got my Blcokchain account!
Raxe.io
Full Member
***
Offline Offline

Activity: 238
Merit: 100


View Profile WWW
June 18, 2014, 01:40:09 AM
 #5

Great

the fuckers also got my Blcokchain account!

fucking ASSHOLES should DIE!

Nazi scumbags

Change your passwords NOW. Turn off that computer and use another or a linux bootable.

Raxe.io / Example wallet: http://wallet.raxe.io
mgoldfinger (OP)
Full Member
***
Offline Offline

Activity: 154
Merit: 100


View Profile
June 18, 2014, 01:52:18 AM
 #6

On my phone now.....
Hollowman338
Legendary
*
Offline Offline

Activity: 1246
Merit: 1000



View Profile
June 18, 2014, 01:58:54 AM
 #7

2FA ftw
mgoldfinger (OP)
Full Member
***
Offline Offline

Activity: 154
Merit: 100


View Profile
June 18, 2014, 02:04:04 AM
 #8

Yeah....

Painfull exposure to the biggest reason btc can not become truly mainstream: accounts not linked to owners....
memecoin
Member
**
Offline Offline

Activity: 308
Merit: 10

★YoBit.Net★ 1400+ Coins Exchange


View Profile
June 18, 2014, 05:08:10 AM
 #9

Great

the fuckers also got my Blcokchain account!

fucking ASSHOLES should DIE!

Nazi scumbags

Were you using the same password for your Cryptsy, Gmail, and Blockchain accounts? Did you not have two factor authentification enabled on any three of the aforementioned accounts? If yes, you have no one to blame but yourself because this was bound to happen by not taking security seriously. If no, you should probably ditch the Symantec for a product that is capable of protecting you from a keylogger, or you should simply avoid malware sources altogether..

Edit:
Yeah....

Painfull exposure to the biggest reason btc can not become truly mainstream: accounts not linked to owners....
Wallets are a pretty mainstream concept at this point in human history, but if I remove your ID from your wallet, the wallet and its contents are no longer linked to an owner.

Am I spamming? Report me!
mymenace
Legendary
*
Offline Offline

Activity: 1596
Merit: 1061


Smile


View Profile
June 18, 2014, 05:12:34 AM
 #10

Yeah....

Painfull exposure to the biggest reason btc can not become truly mainstream: accounts not linked to owners....


What do you mean, my money is in a bank which is linked to me, my btc is in a wallet that is linked to me.

Any time I take money or btc out and give it to someone else to hold I am at risk of identity theft, fraud and scammers

what is the difference, am i missing something

Grin
sgk
Legendary
*
Offline Offline

Activity: 1470
Merit: 1002


!! HODL !!


View Profile
June 18, 2014, 05:44:00 AM
 #11

2FA is what I believe should be a standard process for all your IMP accounts.
In today's world where hackers can get access to your passwords using keyloggers, 2FA protects you.
Spoetnik
Legendary
*
Offline Offline

Activity: 1540
Merit: 1011


FUD Philanthropist™


View Profile
June 18, 2014, 07:04:25 AM
 #12

Great

the fuckers also got my Blcokchain account!

fucking ASSHOLES should DIE!

Nazi scumbags

Were you using the same password for your Cryptsy, Gmail, and Blockchain accounts? Did you not have two factor authentification enabled on any three of the aforementioned accounts? If yes, you have no one to blame but yourself because this was bound to happen by not taking security seriously. If no, you should probably ditch the Symantec for a product that is capable of protecting you from a keylogger, or you should simply avoid malware sources altogether..

Edit:
Yeah....

Painfull exposure to the biggest reason btc can not become truly mainstream: accounts not linked to owners....
Wallets are a pretty mainstream concept at this point in human history, but if I remove your ID from your wallet, the wallet and its contents are no longer linked to an owner.

i was wondering that too sounds like same password on multiple sites but he has avoided mentioning that so i suspect he did..

coindesk ran a story on this kinda stuff and what i though was funny is Google puts sponsored links first i guess (i don't see them i use scripts / hax / adblockers etc)
what was interesting though is Blockcahin was the example in the new story showing how the google result was a fake site that looked legit.

last year a guy on cryptsy chat got hit by going to google to go to cryptsy and he went to a fake site that stole his login cookie.. he got owned hard !

i have for about a year told people don't use google to find any crypto sites.. for starters
get smart..

there is gonna be a lot of people ripped off.. inevitable

FUD first & ask questions later™
mgoldfinger (OP)
Full Member
***
Offline Offline

Activity: 154
Merit: 100


View Profile
June 24, 2014, 03:16:34 PM
 #13

2FA is what I believe should be a standard process for all your IMP accounts.
In today's world where hackers can get access to your passwords using keyloggers, 2FA protects you.

Their is no formal registration that you are the owner of a Bitcoin wallet, therefor legally you can not prove / very difficult to prove that you own the bitcoins on the account.

For your bankaccount however, there is formal registration. Probably linked to your full Name, social security number and/or Passport; you can never question the ownership of the account. (e.g. if I ask a Bank to verify the owner of a Account, they can do that)
mgoldfinger (OP)
Full Member
***
Offline Offline

Activity: 154
Merit: 100


View Profile
June 24, 2014, 03:20:14 PM
 #14

Great

the fuckers also got my Blcokchain account!

fucking ASSHOLES should DIE!

Nazi scumbags

Were you using the same password for your Cryptsy, Gmail, and Blockchain accounts? Did you not have two factor authentification enabled on any three of the aforementioned accounts? If yes, you have no one to blame but yourself because this was bound to happen by not taking security seriously. If no, you should probably ditch the Symantec for a product that is capable of protecting you from a keylogger, or you should simply avoid malware sources altogether..

Edit:
Yeah....

Painfull exposure to the biggest reason btc can not become truly mainstream: accounts not linked to owners....
Wallets are a pretty mainstream concept at this point in human history, but if I remove your ID from your wallet, the wallet and its contents are no longer linked to an owner.

i was wondering that too sounds like same password on multiple sites but he has avoided mentioning that so i suspect he did..

coindesk ran a story on this kinda stuff and what i though was funny is Google puts sponsored links first i guess (i don't see them i use scripts / hax / adblockers etc)
what was interesting though is Blockcahin was the example in the new story showing how the google result was a fake site that looked legit.

last year a guy on cryptsy chat got hit by going to google to go to cryptsy and he went to a fake site that stole his login cookie.. he got owned hard !

i have for about a year told people don't use google to find any crypto sites.. for starters
get smart..

there is gonna be a lot of people ripped off.. inevitable

I was using very different passwords for both.

The google incident you described above is actually what happend to me, I think. What I find strange though is how they got my blockchain password, as I did not link this to my google e-mail account, nor do I ever e-mail passwords to my gmail account. FYI I also have other accounts outside of Cryptsy/Blockchain, that they did not hit.


mgoldfinger (OP)
Full Member
***
Offline Offline

Activity: 154
Merit: 100


View Profile
June 24, 2014, 03:21:09 PM
 #15

If u use trash like cryptsy AND arent able to secure ur account then u deserve to get hacked man

~CfA~

come-from-above, goes-down-the-drain

Thumbs up to you!
SirChiko
Legendary
*
Offline Offline

Activity: 966
Merit: 1000



View Profile
June 24, 2014, 03:24:47 PM
 #16

Next time i suggest you using NOD32 antivirus it really protects you even from keyloggers.

The only online casino on which i won something. I made 17mBTC from 1mBTC in like 15 minutes.  This is not paid AD!

▀Check it out yourself▀
mgoldfinger (OP)
Full Member
***
Offline Offline

Activity: 154
Merit: 100


View Profile
June 24, 2014, 03:29:58 PM
 #17

Next time i suggest you using NOD32 antivirus it really protects you even from keyloggers.

thanks for the tip.
mgoldfinger (OP)
Full Member
***
Offline Offline

Activity: 154
Merit: 100


View Profile
June 24, 2014, 03:37:41 PM
 #18

How do you guys feel if a Bank would offer BitCoin (custody) services?

They should be able to offer the same level if (IT) protection, as for their cash/checkings/savings accounts. They would also fall under a regulatory framework and will likly not accept any anonymous accounts.
SirChiko
Legendary
*
Offline Offline

Activity: 966
Merit: 1000



View Profile
June 24, 2014, 03:53:53 PM
 #19

Next time i suggest you using NOD32 antivirus it really protects you even from keyloggers.

thanks for the tip.
No problem, i use it and i had no problems so far *knock, knock, knock*

The only online casino on which i won something. I made 17mBTC from 1mBTC in like 15 minutes.  This is not paid AD!

▀Check it out yourself▀
Pages: [1]
  Print  
 
Jump to:  

Powered by MySQL Powered by PHP Powered by SMF 1.1.19 | SMF © 2006-2009, Simple Machines Valid XHTML 1.0! Valid CSS!