Pages:
Author

Topic: [ANN - NEW EXCHANGE] | www.CoinMarket.io | OFFICIAL THREAD - page 78. (Read 143473 times)

full member
Activity: 196
Merit: 100
I love the exchange, but I cannot receive confirmation emails because of the email provider I used. My BTC is now stuck there because of my stupidity. I hope we can sort this out.

Edit: I'm in the IRC waiting since I'm sure you're busy at the moment.
member
Activity: 102
Merit: 10


Here are the trades the hacker made in my account. He cleared out 90% of my coins in the space of a few minutes, these trades are very quick, looks automated to me. It is certainly not a pool password because I use a different password for pools and a unique password for each exchange.

Coinmarket.io, I have a friend who is a infosec specialist, can you contact me please with some info regarding site security so I can get him to audit it for me please? I REALLY don't think the vulnerability was my password here and that you may have a bigger problem.


I'm a sad trader today, all the coins I was holding nearly doubled and I am left with nothing Sad

Donations very welcome Cry
legendary
Activity: 2338
Merit: 1035
This deposit IS CREDITED and consists of 0.04 BTC instead of 0.4 BTC.

Check it out:
http://blockchain.info/tx/9b7cd688bd9f7629c8e362f43f150375c12611951882f315eb9adf72f346b5ba

No, I sent 0.4 btc here https://blockchain.info/sv/address/14GFe6rzhptfagiVW6t3G8VMUhPXq5vyL1

and I have received 0 so far

edit: I received now Cheesy Thanks!
newbie
Activity: 21
Merit: 0
My friends do not receive the confirmation mail 181KDC
[email protected]
L6ZuHHZhpZsap6ZEfcRt2xZzShQ3idaX5i
legendary
Activity: 2338
Merit: 1035
Quote
I have waited over 2 hours
transaction ID: 9b7cd688bd9f7629c8e362f43f150375c12611951882f315eb9adf72f346b5ba
username: lowkey
amount: 0.4 BTC

Are you looking into this deposit?
member
Activity: 98
Merit: 10
Hey, I signed up with you guys a while back and used a test e-mail on my account; it never actually asked me for e-mail confirmation, so when I went to actually do some trading, and withdraw coins, it sent the confirmation email to... you guessed it, the test account, which I don't have access to.

Is there any way I can get the withdrawl that I did reverted or get the confirmation e-mail sent to my actual e-mail address?

Give me your username, i'll confirm your withdrawal manually and you will crate an another account with the right details after that.
newbie
Activity: 3
Merit: 0
Hey, I signed up with you guys a while back and used a test e-mail on my account; it never actually asked me for e-mail confirmation, so when I went to actually do some trading, and withdraw coins, it sent the confirmation email to... you guessed it, the test account, which I don't have access to.

Is there any way I can get the withdrawl that I did reverted or get the confirmation e-mail sent to my actual e-mail address?
hero member
Activity: 644
Merit: 500
Two comments/suggestions from me.

1) A lot of times when I click "balance" followed by "buy ___" I get a "not enough funds" message. Removing the last decimal place allows me to place the order. Maybe put some kind of rounding down of that last decimal place so the balance always displayed is less than the true balance so this goes away.

2) I would consider a popup confirmation for placing orders. I could see erroneous orders being placed without it, though it hasn't happened to me yet thankfully.

Other than that, fantastic job so far. I really see amazing things for this exchange in the future. It feels like a mini BTC-e to me right now.

Also, as far as some hacking issues go, I would lock the account and send email notification for too many incorrect login attempts, and only allow it to be unlocked via some sort of PIN or email unlock.
member
Activity: 102
Merit: 10
It looks like I have either been hacked or the wrong account has been given to me.
Please contact me about this ASAP, thanks.
From looking at trade history it seems that someone has used my account to buy 50k doges at 900 satoshie each.
This wasn;t me, is there any way trade can be rolled back here? I have lost a lot of money here...

Unfortunately there is nothing we can do, your account (usename and password) are your responsibility.
We will attempt to reverse the trades with users that we are 100% sure are connected to that person.
Many people have got burnt by using the same user/password combination here and on some pools.
Pools get hacked, passwords leak. Semi-strong passwords get cracked by dictionary attacks.

There is no vulnerability server-side. Even it it were, we are not liable for any damages.

I used a strong, unique password with capital, lowercase and non-alphanumeric figures. I do not think it was brute forced of hacked from a pool.
I would seriously audit things server side if I were you.

Do you need any info from me regarding trade reversals?
member
Activity: 98
Merit: 10
It looks like I have either been hacked or the wrong account has been given to me.
Please contact me about this ASAP, thanks.
From looking at trade history it seems that someone has used my account to buy 50k doges at 900 satoshie each.
This wasn;t me, is there any way trade can be rolled back here? I have lost a lot of money here...

Unfortunately there is nothing we can do, your account (usename and password) are your responsibility.
We will attempt to reverse the trades with users that we are 100% sure are connected to that person.
Many people have got burnt by using the same user/password combination here and on some pools.
Pools get hacked, passwords leak. Semi-strong passwords get cracked by dictionary attacks.

There is no vulnerability server-side. Even it it were, we are not liable for any damages.

Our login/auth code is ready to be revealed to an expert at request, for auditing purposes. We assure you that it IS secure.
Auth handling is one of the easiest things for an application like this.
On login, query the database and store matching user data in a session. On every action requiring auth, check for session data.


Edit: pools get hacked very often, actually. The smartest of the hackers dont touch the pools coins, they go for exchange passwords first.
member
Activity: 102
Merit: 10
I am really gutted over this, I have lost all the coins I have spent month saving, mining and trading, this has crypto-bankrupt me. I had a strong password, I doubt I have been brute forced, there must be a vulnerability server side that allowed this attack.

Really want a response from site admin ASAP.

I can sent screen shots of the illegitimate trades.
legendary
Activity: 2338
Merit: 1035
Hello

I sent 0.4 BTC to this address https://blockchain.info/address/14GFe6rzhptfagiVW6t3G8VMUhPXq5vyL1 but it still hasn't arrived

It's on its way. Cant speed it up anymore.

I have waited over 2 hours
transaction ID: 9b7cd688bd9f7629c8e362f43f150375c12611951882f315eb9adf72f346b5ba
username: lowkey
amount: 0.4 BTC
newbie
Activity: 25
Merit: 0
Hi admin, I am having a serious problem with my account, please contact me. I logged in today and my balances are completely different from how they were last night, all my NOBL, Klondike, DGB and USDe are all gone and for some reason I have a load of doges I should not have.

It looks like I have either been hacked or the wrong account has been given to me.

Please contact me about this ASAP, thanks.


From looking at trade history it seems that someone has used my account to buy 50k doges at 900 satoshie each.

This wasn;t me, is there any way trade can be rolled back here? I have lost a lot of money here...

i got 3,8 k doge for 670. This market has a flaw it dosnt buy best it goes for the designated price. This way the hacker sold his doge for a nice price.
newbie
Activity: 56
Merit: 0
Please add MRC Microcoin. This is a great currency which is extremely fair and unique
legendary
Activity: 2100
Merit: 1167
MY RED TRUST LEFT BY SCUMBAGS - READ MY SIG
Can you add QuickQuickCoin please ? (QQC)

QQC the fastest coin ever.

+1
newbie
Activity: 21
Merit: 0
Coinmarket.io Hello friend to help me solve
member
Activity: 102
Merit: 10
Hi admin, I am having a serious problem with my account, please contact me. I logged in today and my balances are completely different from how they were last night, all my NOBL, Klondike, DGB and USDe are all gone and for some reason I have a load of doges I should not have.

It looks like I have either been hacked or the wrong account has been given to me.

Please contact me about this ASAP, thanks.


From looking at trade history it seems that someone has used my account to buy 50k doges at 900 satoshie each.

This wasn;t me, is there any way trade can be rolled back here? I have lost a lot of money here...
member
Activity: 98
Merit: 10
In wallet page it would be nice to see total amount of all coins in BTC, like cryptsy shows.
member
Activity: 98
Merit: 10
Hello

I sent 0.4 BTC to this address https://blockchain.info/address/14GFe6rzhptfagiVW6t3G8VMUhPXq5vyL1 but it still hasn't arrived

It's on its way. Cant speed it up anymore.
Pages:
Jump to: