You are viewing a single comment's thread from:

RE: $20,000 (7BTC) Stolen from Bittrex (captured live on video) Huge lesson learned

in #bitcoin7 years ago (edited)

how did they do this when u had 2FA enabled?

Sort:  

Thats what i cant understand..and whats even stranger is how 2 of the amounts they withdraw were exactly the same 2.1990000 ...you can see here http://prntscr.com/fn3ugf it almost seemed like it was a bot doing it.

It probably was a bot. You have heard of ransomware - they operate by encrypting your profile and then demanding you pay bitcoins to clear it - these are malware infections, and you probably just suffered such a robbery... Bank robbers don't need guns anymore...

I run windows, but I am something of an IT expert, and I just basically don't run anything or visit sites that would have malware payloads. This is the real reason why you should be running adblockers, because, unfortunately, and a big fuck you to the advertising user-as-product business model who claim that there isn't a way to monetise digital content and services without advertising cough cough... Most such malwares arrive either in some crappy pirate software, or, more commonly now, injected into your web browser. It doesn't even have to escape the browser box to pull this off, though it has to hijack the pipe that connects each web page to the controlling application.

After such a horrible loss, I would suggest that you up your security and segregate either a computer, or an operating system, that is not used for general tasks or whatnot, just for money, and lock it down tight, strong password, and don't install anything more than the browser and cryptocoin wallets you need.

I am in the hole at the moment with poloniex to the tune of 1233 steem... I am kicking myself for using poloniex again, it's almost never been smooth or pleasant working with that site, and if I had just waited another 5 minutes for blocktrades.us to come back online, (and it did, directly afterwards), a little tiny bit more patience, I would not be in this situation...

I still want to go visit poloniex's offices and personally slap everyone who works there, and for good measure, I want the CEO's luxury car for my trouble.

Fucking criminals >_<

Excellent instruction, thanks! But:

After such a horrible loss, I would suggest that you up your security and segregate either a computer, or an operating system, that is not used for general tasks or whatnot, just for money, and lock it down tight, strong password, and don't install anything more than the browser and cryptocoin wallets you need.

But what if bittrex himself is infected??

And I think this 7BTC was stolen by bittrex, Not by malware bot.

The thing is, you need to have a lot more than adblockers, antiviruses and so on in order to beat the hackers... First of all common sense, which is hard to achieve. Secondly you need to know the way things can go wrong / malware can reach your computer or how phishing is able to mislead you. This knowledge is even harder to achieve... Funny things is, I'm an IT expert as well and Data Security specialist and even I have been hacked by a phishing website, which was a perfect https enabled secure certificate fake Ether Delta copy. So yes even the best most secure guys out there can be hacked in a matter of seconds when they make one tiny mistake.
I can guide you in a good direction by advising you to block http websites, check certificates, block plugins or other web services from running outside their virtual sandbox, disable flash player (for sure), keep your browser up to date... As you can see these ar all things you can change by simply setting up your browser correclty :)

mostly agree

What does Bittrex say? To get 2FA verified they would need to be on your phone

I havent heard back from them yet. I was using my Ipad mini.

Edit now i hear from hilarski that this video is actually fake.

Well he jumped the gun on that..he should have got his facts straight before he went around telling people that false information. He said that because apparently he checked with Bittrex and they didnt know anything at the time. But i had already sent the first email and they requested more info, i just hadnt had the time to actually submit the ticket at that stage because i was homeschooling my son. But if you check my latest post you can clearly see Bittrex has given me the info and it looks like it may have been my fault they were able to get my API keys.

can't you see your APIs in the previous video?

Yes but i was positive i deleted those ones before i uploaded that video to youtube. I had many sets in there because i thought you needed a different set for different applications. So the only thing i can think of is i somehow got the ones i used in the Coingy video mixed up with other ones and deleted the wrong ones. That is the only thing i can think of.

Take one second to actually think about this man's struggle, and take your own subjective apathy out of this. You may not understand the gravity of this theft, but Shayne is a friend of mine and lying, let alone lying about something like isn't even in his plane of thought. You are offending me and others who know this is truth, imagine losing half of the savings you've built up just to have it stolen. In a time where this guy can use some sympathy, you and some others only accost him. Maybe you just want upvotes and attention, but saying an innocent man is a liar (and in essence a thief) falls more on you than it does on him.

Thieves and charlatans can do far more than $20,000 damage to this platform.
Any time there's money involved, there are going to be liars.
If your friend is on the level, then ignore it or by all means defend the accusations with facts; but if we don't call attention to potential fraud when we see it, we'll be overrun in a heartbeat.
I realise it's a bitter pill, at a terrible time, but it's not personal.
My sympathies to your friend.

@cryptoiskey do you ever access Bittrex on your phone???? which 2FA do you have? Googles or SMS??? I'm studying this trying to figure out how they did it... You are right to assume its a Bot

No i only ever use my ipad mini Picture 2.jpg what makes me think it was a bot is the transactions being the same

@cryptoiskey..Before I get to excited.... 1. That notification at the beginning of your video... Is that the first notification you received about someone else logging into your account? If not could you give me the info on that notification? Or is that your notification of you logging in? I looked up the Ip and found a location in Cali but that might be you (see you from Cali) If its the 1st notification you got about the hack... then you have a trojan on a system and they have a backdoor on one of your computers in your house... i traced the IP shown in the video... thats why i ask

no that was me showing i logged in....the 4 withdraws had alredy been made before i logged in, so maybe Bittrex can track them somehow

damn it... :/ never got a notification for that login? the hackers login? hmm that makes it even weirder

perhaps the hacker deleted the email notification

Possibly it was email - so email was hacked.

@cryptoisky - thats what im thinking... with Google Authority.. Im thinking if someone got my google account they could get the same 2FA codes that I get if they downloaded the program... (I'm gonna do a test of it)

@cryptoisky Yes In Google Account Settings you can simply change you phone 2 factor Authentication to new phone..If you are not using same 2 factor authentication is not using to open Gmail Account (At least through SMS)

That is why I use different email service because 2FA is on Google authenticator.

kingscrown, I am counting on you to get to the bottom of this! You are one of the most esteemed members here.

apparently 2FA is not enough

I've seen it before, if they crack into your gmail account and know your online with bittrex its an open door for them. That's in spite your 2FA was sent to your gmail account as normally happens.

I'm not saying this is what happened but the API doesn't need Two Step verification once it is enabled. It also appears that Withdrawal Whitelist wasn't used and could have been an option to use during the video. I'm sorry to hear of the loss. Please reach out to me as I'm happy to help assist with your cyber security.