We can't know if the story is true, sure. But I have no reason not to believe him as long as I don't make any important decisions due to that fact.
If his computer is compromised, everything is lost, of course! But the reason I'm asking is, if he maybe changed his password just yesterday, this could indicate another attack vector (keylogger) than maybe a break-in to his email account or a breach in Havelock itself.
Physical theft is an option, yeah. So: How many people do know you're "into Bitcoin" or own AM shares? Do they even know what AM shares are? Did you tell people about it?
Topic: ASICMINER: Entering the Future of ASIC Mining by Inventing It - page 494. (Read 3917531 times)
February 14, 2014, 05:52:01 AM
February 14, 2014, 05:48:00 AM
sounds like havelock inside job, well, what's lost is lost, better buy new machine, ubuntu air gap it and relocate all your coin stashes to new wallets,
also if havelock is not helping, raise the issue over reddit, and let's up vote
also if havelock is not helping, raise the issue over reddit, and let's up vote
February 14, 2014, 05:41:39 AM
Damn ... shit. This is sick. Did you have 2FA backup somewhere in the same PC?
2FA key was written down on paper as "backup".
I am just wondering how could that happened? it seems impossible if you have 2FA
Maybe 2FA on rooted/jailbroken device ... and attacker infected both devices pc and smartphone/tablet via same router.
EDIT : I assume you're in Thailand ... 90% of smartphones there are rooted.
EDIT2 : Damn, from today I'll login to Havelock only from TailsOS ...
Probably jailbroken at MBK?
I have to chime in, I'm also really sorry to hear that. I can only try and fathom how that feels. This makes me truly sad and angry!
Just to address other questions/vulnerabilities: When was the last time you changed your password? Is it unique? Did you at some point land on a phishing site, i.e. a Havelock-copy (I guess you may not have noticed it)?
I'd like a comment from Havelock. I guess you guys have already contacted them? I'm, just pointing them to this problem, as well.
In many of the cases it's actually a person close to the victim, probably living in your own house or a friend or someone with actual physical access to your computer and phone. There were many such cases. Might even be your wife or lover.
Also there might be another possibility no one here discussed and that is the possibility of this guy lying to prop up another exchange. I'm not saying it's the case but it's possible.
February 14, 2014, 05:39:58 AM
When was the last time you changed your password? Is it unique?
You can have 200chars upper-lower-special char 0-day new password, if your computer is once rated and part of the botnet you are screwed, it keylogs everything right into the database based on keywords ... 2FA and secure OS is the only way.
February 14, 2014, 05:32:01 AM
Damn ... shit. This is sick. Did you have 2FA backup somewhere in the same PC?
2FA key was written down on paper as "backup".
I am just wondering how could that happened? it seems impossible if you have 2FA
Maybe 2FA on rooted/jailbroken device ... and attacker infected both devices pc and smartphone/tablet via same router.
EDIT : I assume you're in Thailand ... 90% of smartphones there are rooted.
EDIT2 : Damn, from today I'll login to Havelock only from TailsOS ...
Probably jailbroken at MBK?
I have to chime in, I'm also really sorry to hear that. I can only try and fathom how that feels. This makes me truly sad and angry!
Just to address other questions/vulnerabilities: When was the last time you changed your password? Is it unique? Did you at some point land on a phishing site, i.e. a Havelock-copy (I guess you may not have noticed it)?
I'd like a comment from Havelock. I guess you guys have already contacted them? I'm, just pointing them to this problem, as well.
February 14, 2014, 05:14:06 AM
Damn ... shit. This is sick. Did you have 2FA backup somewhere in the same PC?
2FA key was written down on paper as "backup".
I am just wondering how could that happened? it seems impossible if you have 2FA
Maybe 2FA on rooted/jailbroken device ... and attacker infected both devices pc and smartphone/tablet via same router.
EDIT : I assume you're in Thailand ... 90% of smartphones there are rooted.
EDIT2 : Damn, from today I'll login to Havelock only from TailsOS ... I feel sorry for your lose mate, its really devastating. I wish we could do something about it.
February 14, 2014, 04:45:20 AM
Damn ... shit. This is sick. Did you have 2FA backup somewhere in the same PC?
2FA key was written down on paper as "backup".
I am just wondering how could that happened? it seems impossible if you have 2FA
February 14, 2014, 04:32:42 AM
Why would a rogue havelock employee sell his shares instead of just the bitcoins from one of the guys with a buy order?
To make it look like a hack? I don't think they did, just pointing out the possibility. However...
2FA key was written down on paper as "backup".
...i guess we might have a scenario where the attacker got ahold of your 2FA key while you were writing it down / your macbook requested it from havelock, assuming it was on the same machine.
February 14, 2014, 04:21:59 AM
That's pretty scary. Not sure what other attack vectors there might be except for some Havelock employee gone rogue or a security breach at their servers. Maybe your email account is compromised and they used it for some social engineering shenanigans (which would also be hard with you noticing).
Why would a rogue havelock employee sell his shares instead of just the bitcoins from one of the guys with a buy order?
Anyways I would try to contact havelock and see if they can dig up any further info. If it is a security breach on their end then that would be very serious.
Not sure about how 2fa can be breached along with your password. My guess would be an infected pc (keylogger or something).
February 14, 2014, 04:19:21 AM
Damn ... shit. This is sick. Did you have 2FA backup somewhere in the same PC?
2FA key was written down on paper as "backup".
February 14, 2014, 04:16:21 AM
Damn ... shit. This is sick. Did you have 2FA backup somewhere in the same PC?
February 14, 2014, 04:15:50 AM
That's pretty scary. Not sure what other attack vectors there might be except for some Havelock employee gone rogue or a security breach at their servers. Maybe your email account is compromised and they used it for some social engineering shenanigans (which would also be hard with you noticing).
February 14, 2014, 04:04:03 AM
I've forgotten, but when you open an account for havelock, do you at any point enter in your country of origin?
I mean, if the answer is yes, it's insanely easy to just get a VPN connection to any country in the world to circumvent that aspect of security
I mean, if the answer is yes, it's insanely easy to just get a VPN connection to any country in the world to circumvent that aspect of security
Not quite sure what you mean, but yes, obviously VPN to any country in world is easy. Sounds like hacker had a Thai IP organized. Its getting my password (secure) + 2FA I can't get over.
Also, I never got a single "trading" email during the heist. But I guess that is easy enough if you have account access. You just turn it off during the heist. I had it turned on previously and it is turned on now. The thief nicely turned it back on for me now my account is empty
February 14, 2014, 04:00:16 AM
Just a warning - I've just had my havelock account hacked and all my AM1 shares stolen, and money withdrawn from account.
I had both 2FA enabled, and login from my own country, Thailand. The thief managed to bypass both of those somehow.
I'm devastated right now - I have asked havelock if they can do anything about it ....
That is why price has gone down at havelock - someone sold my 150 shares and then withdrawn the bitcoins.
All withdrawn to: 18jURpZJjcpdp8Utdf9tePVY4VGK84DmUy
I had both 2FA enabled, and login from my own country, Thailand. The thief managed to bypass both of those somehow.
I'm devastated right now - I have asked havelock if they can do anything about it ....
That is why price has gone down at havelock - someone sold my 150 shares and then withdrawn the bitcoins.
All withdrawn to: 18jURpZJjcpdp8Utdf9tePVY4VGK84DmUy
brutal. sorry to hear that.
Havelock offline now...
sheeeitttt. Really sorry to hear that... I don't want to add fuel to fire or anything but best shares are the direct shares...
Yep. I agree with you
just doesn't help with the pain at the moment ... February 14, 2014, 03:59:37 AM
Just a warning - I've just had my havelock account hacked and all my AM1 shares stolen, and money withdrawn from account.
I had both 2FA enabled, and login from my own country, Thailand. The thief managed to bypass both of those somehow.
I'm devastated right now - I have asked havelock if they can do anything about it ....
That is why price has gone down at havelock - someone sold my 150 shares and then withdrawn the bitcoins.
All withdrawn to: 18jURpZJjcpdp8Utdf9tePVY4VGK84DmUy
I had both 2FA enabled, and login from my own country, Thailand. The thief managed to bypass both of those somehow.
I'm devastated right now - I have asked havelock if they can do anything about it ....
That is why price has gone down at havelock - someone sold my 150 shares and then withdrawn the bitcoins.
All withdrawn to: 18jURpZJjcpdp8Utdf9tePVY4VGK84DmUy
Did you have an activated API key? Been on any shady crypto related sites while being logged in at Havelock? This sounds like a rather serious issue, not sure how likely it is that both your login device and 2FA device were compromised.
No API key. I've mentioned in other posts (probably in other threads), I don't log into any "random" URLs, ever. If I try a URL out, I use a different browser. But that's very rare as well.
February 14, 2014, 03:58:20 AM
nope - Mac - and no, I didn't install that "Stealth Bit" malware
That's the only computer you've used to logon to Havelock?
Yep. Just my Macbook
February 14, 2014, 03:50:35 AM
Just a warning - I've just had my havelock account hacked and all my AM1 shares stolen, and money withdrawn from account.
I had both 2FA enabled, and login from my own country, Thailand. The thief managed to bypass both of those somehow.
I'm devastated right now - I have asked havelock if they can do anything about it ....
That is why price has gone down at havelock - someone sold my 150 shares and then withdrawn the bitcoins.
All withdrawn to: 18jURpZJjcpdp8Utdf9tePVY4VGK84DmUy
I had both 2FA enabled, and login from my own country, Thailand. The thief managed to bypass both of those somehow.
I'm devastated right now - I have asked havelock if they can do anything about it ....
That is why price has gone down at havelock - someone sold my 150 shares and then withdrawn the bitcoins.
All withdrawn to: 18jURpZJjcpdp8Utdf9tePVY4VGK84DmUy
Did you have an activated API key? Been on any shady crypto related sites while being logged in at Havelock? This sounds like a rather serious issue, not sure how likely it is that both your login device and 2FA device were compromised.
February 14, 2014, 02:10:29 AM
Just a warning - I've just had my havelock account hacked and all my AM1 shares stolen, and money withdrawn from account.
I had both 2FA enabled, and login from my own country, Thailand. The thief managed to bypass both of those somehow.
I'm devastated right now - I have asked havelock if they can do anything about it ....
That is why price has gone down at havelock - someone sold my 150 shares and then withdrawn the bitcoins.
All withdrawn to: 18jURpZJjcpdp8Utdf9tePVY4VGK84DmUy
I had both 2FA enabled, and login from my own country, Thailand. The thief managed to bypass both of those somehow.
I'm devastated right now - I have asked havelock if they can do anything about it ....
That is why price has gone down at havelock - someone sold my 150 shares and then withdrawn the bitcoins.
All withdrawn to: 18jURpZJjcpdp8Utdf9tePVY4VGK84DmUy
brutal. sorry to hear that.
Havelock offline now...
sheeeitttt. Really sorry to hear that... I don't want to add fuel to fire or anything but best shares are the direct shares...
February 14, 2014, 01:46:54 AM
Just a warning - I've just had my havelock account hacked and all my AM1 shares stolen, and money withdrawn from account.
I had both 2FA enabled, and login from my own country, Thailand. The thief managed to bypass both of those somehow.
I'm devastated right now - I have asked havelock if they can do anything about it ....
That is why price has gone down at havelock - someone sold my 150 shares and then withdrawn the bitcoins.
All withdrawn to: 18jURpZJjcpdp8Utdf9tePVY4VGK84DmUy
I had both 2FA enabled, and login from my own country, Thailand. The thief managed to bypass both of those somehow.
I'm devastated right now - I have asked havelock if they can do anything about it ....
That is why price has gone down at havelock - someone sold my 150 shares and then withdrawn the bitcoins.
All withdrawn to: 18jURpZJjcpdp8Utdf9tePVY4VGK84DmUy
shit dude im sorry to hear, i would be fucking devastated. hope havelock can provide you with enough info to track the bastard down
February 14, 2014, 01:25:32 AM
I've forgotten, but when you open an account for havelock, do you at any point enter in your country of origin?
I mean, if the answer is yes, it's insanely easy to just get a VPN connection to any country in the world to circumvent that aspect of security
I mean, if the answer is yes, it's insanely easy to just get a VPN connection to any country in the world to circumvent that aspect of security
Jump to: