A tough pill to swallow

in #security7 years ago

I always thought that my accounts would be safe...after all, I had used a mixture of numbers, alphabets and alpha-numerical letters in all my passwords. But yesterday quite the opposite of what I believed happened. Partly it was my fault...I should have set up a 2-factor authentication on the account. Sadly, I didn't...I was under the impression that it would be safe. The password isn't something that I use every where...to be honest, I have only used it for the exchanges where I trade so I didn't think of it much.

I mean I am used to logging into my accounts everyday to check up on the trades and other things. While working or doing other things I would always spend a couple of minutes to check the different markets and put up some more orders and that was my daily routine. Not once did the account get compromised but yesterday when I logged on, I saw some notifications of trades that I had never placed...coins that I have just been holding onto as an investment for when the time is right and all my other cryptocurrency orders being canceled and sold off for bitcoin.

The perpetrator wasn't able to hack the password to my email since there is none for it. Every single time I need to log into my account, I would have it send me a reset pin to my smartphone which I would then use to gain access to my email so I guess that kind of made it hard for the person to hack it. I am quite surprised they were even able to get my password for the exchange.

I ran a virus scanner on my laptop and it turns out that every thing is clean, I have never been to websites that I don't trust so the chances of my password being found out along with my email are slim. I understand my laptop is old but I try to take the security of it quite seriously. After all, I use it to trade cryptocurrency.

The hacker was able to get away with close to 2000 dollars...all the money that I had saved up and was slowly trading here and there to increase. The act happened while I was asleep because when I got online and checked the logs in the exchange, every thing happened just 12 hours before my log in time. Sadly this puts me in a tough spot...I was supposed to use that money to help me fix a few things in my life as well as to get my newborn her insurance. I don't mind having insurance for me but for her, I would do anything.

How did they manage to transfer the money without getting a withdrawal confirmation through email? Well, that is where things got interesting...cryptopia has a transfer from user to user function which I didn't know and which the perpetrator exploited for his or her benefit, walking away with close to 2 grand worth of bitcoin.

With a heavy heart and much anger...I logged a support ticket for the staff to investigate the security issue and I hope it gets resolved...even though deep down I know...once the funds have been transferred offsite...there won't be much I can do about it and write it off as gone for good.

Now I am back to where I started...nothing in my savings and my family to take care of. My advice folks...always set up a 2-factor authentication on every account that you have and make sure to never use the same email for exchanges that you use every where else.

Time for me to get back to working even harder than before because now I will have to take care of everything on my own without insurance sadly. :(

Sort:  

I am quite surprised they were even able to get my password for the exchange.

That's the real mystery in your story. One of the devices you use to login to Cryptopia is probably compromised... I would be very careful about using them until you figure out the hack...

I am not quite sure either how so I guess I will just have to stick to not using any exchanges and passwords on any of my devices for a while.

This post has been resteemed by @msp-lovebot courtesy of @sammosk from the Minnow Support Project ( @minnowsupport ). Join us in Discord.

Upvoting this comment will help support @minnowsupport.

This is unfortunate, always use as many layers of security as you can. I'm going to send you a small gift, please keep it safe.

57 seconds ago Transfer 2.000 SBD to kyrios sorry for your loss.

Thank you @sammosk, yes that was a tough pill to swallow, I am going to make sure all my accounts will have every layer of security possible. As your apprentice, I feel bad for learning so much and then just losing it all due to security issues :(.

We live and learn, I mentioned a thousand times to find a new home for your crypto that was not an exchange. :(

@reggaemuffin got you a $1.72 @minnowbooster upgoat, nice!
@reggaemuffin got you a $1.72 @minnowbooster upgoat, nice! (Image: pixabay.com)


Want a boost? Click here to read more!

Thanks bud.

This post received a 5% vote by @netuoso courtesy of @sammosk from the Minnow Support Project ( @minnowsupport ). Join us in Discord.

Be sure to go to https://steemit.com/~witnesses, scroll to the bottom of the page, and vote for @netuoso.

This post received a 5% vote by @minnowsupport courtesy of @sammosk from the Minnow Support Project ( @minnowsupport ). Join us in Discord.

Upvoting this comment will help support @minnowsupport.

This post received a 5% vote by @msp-shanehug courtesy of @sammosk from the Minnow Support Project ( @minnowsupport ). Join us in Discord.

Upvoting this comment will help support @minnowsupport.

This post has been resteemed by @nettybot courtesy of @sammosk from the Minnow Support Project ( @minnowsupport ). Join us in Discord.

Be sure to go to https://steemit.com/~witnesses, scroll to the bottom of the page, and vote for @netuoso.

This post has been resteemed by @minnowsupport courtesy of @sammosk from the Minnow Support Project ( @minnowsupport ). Join us in Discord.

Upvoting this comment will help support @minnowsupport.

thank you for sharing, i will keep up this always in my mind

Good mate. Even your steemit account you should have a 2fa security on it