Did you use 2fa on your gmail account?
I think you should try to open a judicial lawsuit against kraken.
Bring all material you have.
Sadly, your personal email was compromised so , partially, you have some fault.
But this is too much money and kraken has some security problems
Topic: ALL tokens stolen ON KRAKEN (Read 212 times)
hello
I know what happened and this is a flaw at Kraken: I explain to you with the evidence.
My Gmail account was hacked, the thief could not access the administration of my kraken account the first time on January 15 and January 16. In reality, he never had the 2FA code. The flaw that exists in the kraken system allowed him to return on the 19th and access the administration without a code this time. Indeed when we do not have the administration code on kraken your system allows you to return 3 days after with all open is accessible.
The only protection that remains in this case is the notification on the Gmail account and like most of the time where there is error of code 2FA, there is a high probability of hacking of account and associated mail account therefore the notification is in this case worthless for protection is pragmatically zero. For better security in such cases The account will have to be blocked and deactivated and its reactivation will only be done with the verification of the identity of the user: it is logical.
Consequently, I believe that my account was stolen only because of this security problem and this flaw which I advise besides to correct quickly. It was the platform which enabled the thief to finalize his act by introducing withdrawal addresses and to proceed to withdrawal without my knowledge and without my authorization. It was Kraken who authorized the flight.
On my screenshots:
1- The logs make it easy to identify the connection of January 15 with an error of the 2FA master key and another test on January 16 with an error of 2FA and 3 days after January 19 no need for 2FA Kraken opened the doors.
2- I have had the experience for the past 3 days by putting in a false key master, therefore an error and this evening I was able to log in without a key master.
So theft could never have happened without this help from Kraken !!!!
logs and Kraken's Flaw:
https://private.joomeo.com/users/atmicroservices/albums/NWtZVkc3YjjFQjiJ6eZdHA/files/NWtZVkc3Yjg2bLiFUIymp4sVpBTKAjIs
Mr Arhab
I know what happened and this is a flaw at Kraken: I explain to you with the evidence.
My Gmail account was hacked, the thief could not access the administration of my kraken account the first time on January 15 and January 16. In reality, he never had the 2FA code. The flaw that exists in the kraken system allowed him to return on the 19th and access the administration without a code this time. Indeed when we do not have the administration code on kraken your system allows you to return 3 days after with all open is accessible.
The only protection that remains in this case is the notification on the Gmail account and like most of the time where there is error of code 2FA, there is a high probability of hacking of account and associated mail account therefore the notification is in this case worthless for protection is pragmatically zero. For better security in such cases The account will have to be blocked and deactivated and its reactivation will only be done with the verification of the identity of the user: it is logical.
Consequently, I believe that my account was stolen only because of this security problem and this flaw which I advise besides to correct quickly. It was the platform which enabled the thief to finalize his act by introducing withdrawal addresses and to proceed to withdrawal without my knowledge and without my authorization. It was Kraken who authorized the flight.
On my screenshots:
1- The logs make it easy to identify the connection of January 15 with an error of the 2FA master key and another test on January 16 with an error of 2FA and 3 days after January 19 no need for 2FA Kraken opened the doors.
2- I have had the experience for the past 3 days by putting in a false key master, therefore an error and this evening I was able to log in without a key master.
So theft could never have happened without this help from Kraken !!!!
logs and Kraken's Flaw:
https://private.joomeo.com/users/atmicroservices/albums/NWtZVkc3YjjFQjiJ6eZdHA/files/NWtZVkc3Yjg2bLiFUIymp4sVpBTKAjIs
Mr Arhab
This is t making sense unless you're suggesting that kraken has a huge security vulnerability on their end.
well, gentlemand is right---kraken is the only exchange where there is instance after instance of 2fa-protected accounts getting hacked. this goes back at least 3-4 years. it's always invariably kraken.
at this point, one has to wonder about hacked password/2fa token databases or insider theft. insider theft is almost the more believable scenario at this point, since this shit has been going on for so many years. when i wear my tin foil hat tight enough, it feels like an insider is draining accounts slowly and methodically enough to get away with it.
I've seen this a few times now. It is always, always Kraken where it happens. The person who reports it always seems to be fully 2FA'd too. I dunno if it means Kraken customers are all a bit dim and leave themselves wide open or whether Kraken has some sort of problem.
Yes, might be a sim card swap.
Just like the past incident that stole known investors fund --> https://markets.businessinsider.com/currencies/news/bitcoin-investor-loses-24-million-of-crypto-sim-swap-hackers-2019-11-1028677818
Why you transferred all of your funds there at the same time? are you about to sell it all?
Just like the past incident that stole known investors fund --> https://markets.businessinsider.com/currencies/news/bitcoin-investor-loses-24-million-of-crypto-sim-swap-hackers-2019-11-1028677818
Why you transferred all of your funds there at the same time? are you about to sell it all?
Check your sim card in your phone, has it been swapped?
There is a type of hack known as a sim swap hack, whereby a bad actor will swap out your sim for an identical one with a spoofed phone number, then keep your sim to reset your accounts.
Alternatively, it's sometimes possible to convince your network provider to change your number and then the attacker can then claim that number to do the same.
TL;DR, check your phone, it may have been breached.
There is a type of hack known as a sim swap hack, whereby a bad actor will swap out your sim for an identical one with a spoofed phone number, then keep your sim to reset your accounts.
Alternatively, it's sometimes possible to convince your network provider to change your number and then the attacker can then claim that number to do the same.
TL;DR, check your phone, it may have been breached.
I don't understand what happened: 2fa gmail on a first phone and 2fa kraken; master key and fund key on a second phone.
the two different passwords. They were able to log into my account on the 15th and the 16th but blocked by master key: wrong, they came back on the 19th and the ca went on: no notification on my gmail account, therefore hacked. So even if my gmai was hacked it does not explain the rest: I only connect from my office and no public wifi and I have kaspesky total security and with negative Trojan scan. I also have the logs of annex and withdrawal addresses. they used VPNs: KRAKEN does not and does absolutely nothing; they can move to help me block the tokens or suggest other solutions.
Here are the collection addresses:
BTC
https://www.blockchain.com/bch/tx/5ec53c3dfc7b775ddfd8993d3e0ea4fecf2a446e331e526ccfd8ae078682734e
ETH
https://www.blockchain.com/fr/eth/address/0x18a78288566b289ec0905bb9de46f15751a92554
BTC
https://www.blockchain.com/fr/btc/address/15KB1f9Vi5hYSkjXA298bCtaZFYFpaD9NL
the two different passwords. They were able to log into my account on the 15th and the 16th but blocked by master key: wrong, they came back on the 19th and the ca went on: no notification on my gmail account, therefore hacked. So even if my gmai was hacked it does not explain the rest: I only connect from my office and no public wifi and I have kaspesky total security and with negative Trojan scan. I also have the logs of annex and withdrawal addresses. they used VPNs: KRAKEN does not and does absolutely nothing; they can move to help me block the tokens or suggest other solutions.
Here are the collection addresses:
BTC
https://www.blockchain.com/bch/tx/5ec53c3dfc7b775ddfd8993d3e0ea4fecf2a446e331e526ccfd8ae078682734e
ETH
https://www.blockchain.com/fr/eth/address/0x18a78288566b289ec0905bb9de46f15751a92554
BTC
https://www.blockchain.com/fr/btc/address/15KB1f9Vi5hYSkjXA298bCtaZFYFpaD9NL
with 2FA double factor authentication enabled
Did you use an authenticator software for 2FA? Did you backup somewhere the data of this software, or the 2FA seeds?
(I am asking because I've read on another thread that somebody was keeping his wallet seed on Evernote and also lost everything.)
Hello: I ask for your help
I am a victim of theft on Kraken
I have been on Kraken for 4 years and I have just had my entire portfolio stung; all my crypto were on my nanoladger, I transferred it to my kraken account with all the requested protections:
Google mail with 2FA double factor authentication enabled
-Kraken account with 2FA double factor authentication enabled
Kraken Administration with 2FA double factor authentication enabled
-Trade kraken with double factor authentication 2FA activated
Kraken withdrawal with 2FA double factor authentication enabled
with all these protections on January 19 my account was hacked and emptied 4 BTC; 30 BCH; 100ETH ruin.
Kraken does not move an inch and wallows in silence, offering just a password change and more security; everything he offers to do was already in place before the flight.
I ask advise and alert of the danger of this platform and security vulnerabilities at home.
I'm trying to find out if other people are victims and in the same case because Kraken does not want to communicate. I wish to file a complaint against Kraken for theft and negligence because to date no information on the cracking of the 2FA protection has been reported so if the theft could have been carried out if one of the two or internally or a security breach at Kraken.
Thank you in advance for your help
My best regards
Mr ARHAB
I am a victim of theft on Kraken
I have been on Kraken for 4 years and I have just had my entire portfolio stung; all my crypto were on my nanoladger, I transferred it to my kraken account with all the requested protections:
Google mail with 2FA double factor authentication enabled
-Kraken account with 2FA double factor authentication enabled
Kraken Administration with 2FA double factor authentication enabled
-Trade kraken with double factor authentication 2FA activated
Kraken withdrawal with 2FA double factor authentication enabled
with all these protections on January 19 my account was hacked and emptied 4 BTC; 30 BCH; 100ETH ruin.
Kraken does not move an inch and wallows in silence, offering just a password change and more security; everything he offers to do was already in place before the flight.
I ask advise and alert of the danger of this platform and security vulnerabilities at home.
I'm trying to find out if other people are victims and in the same case because Kraken does not want to communicate. I wish to file a complaint against Kraken for theft and negligence because to date no information on the cracking of the 2FA protection has been reported so if the theft could have been carried out if one of the two or internally or a security breach at Kraken.
Thank you in advance for your help
My best regards
Mr ARHAB
Jump to: