Author

Topic: [BitFunder] Please be careful of their equity assets ,my bitfunder Assets are g (Read 1379 times)

member
Activity: 97
Merit: 10
It certainly seems there's been some accounts compromised there - there's been some dumps at silly prices on some shares (look at the pass-throughs to S.MPOE, S.DICE and S.BBET for examples).  Looks like someones shares were transferred, sold then the cash will have been moved out.

Seems highly unlikely its the platform compromised - more likely just people who didn't use 2FA then got key-logged/installed some trojan.  If it were the platform itself then you'd think they'd target accounts which held the real money - i.e. asset issuers.

Agreed. We have seen some user accounts logged in first time without password errors and then sell/transfer assets. As well as lots of single-email bad password attempts, most of which do not exist on our system.
I have also disabled transfers until I add a second component. I may reenable for 2fa only though.


It sounds like people have been reusing their passwords across multiple sites and one of them got compromised or phished.

2FA is great, and could have stopped this, but also don't forget your password managers to create unique passwords for every account.

http://lastpass.com

I highly recommend that one, there's a free version. 
member
Activity: 67
Merit: 10
Is there any way to enable 2FA without a Smartphone?  I have an iPad (1st gen without a camera) and an iPod Touch (also without a camera), but it seems that the only way that I can use the Google Authenticator App is to use a smartphone which I don't have.

The Google Auth app for Apple devices says "Compatible with iPhone, iPod touch, and iPad. Requires iOS 3.1.3 or later" and you can manually enter the secret, without a camera.

link
sr. member
Activity: 448
Merit: 250
It certainly seems there's been some accounts compromised there - there's been some dumps at silly prices on some shares (look at the pass-throughs to S.MPOE, S.DICE and S.BBET for examples).  Looks like someones shares were transferred, sold then the cash will have been moved out.

Seems highly unlikely its the platform compromised - more likely just people who didn't use 2FA then got key-logged/installed some trojan.  If it were the platform itself then you'd think they'd target accounts which held the real money - i.e. asset issuers.

Agreed. We have seen some user accounts logged in first time without password errors and then sell/transfer assets. As well as lots of single-email bad password attempts, most of which do not exist on our system.
I have also disabled transfers until I add a second component. I may reenable for 2fa only though.
hero member
Activity: 532
Merit: 500
Is there any way to enable 2FA without a Smartphone?  I have an iPad (1st gen without a camera) and an iPod Touch (also without a camera), but it seems that the only way that I can use the Google Authenticator App is to use a smartphone which I don't have.

There's a way to use Google 2FA without a smart-phone - with a plug-in to Chrome for one example.  I don't know the details as I use a smart-phone for mine (plus having it on the same PC as you type in the password is intrinsically less secure).
hero member
Activity: 532
Merit: 500
It certainly seems there's been some accounts compromised there - there's been some dumps at silly prices on some shares (look at the pass-throughs to S.MPOE, S.DICE and S.BBET for examples).  Looks like someones shares were transferred, sold then the cash will have been moved out.

Seems highly unlikely its the platform compromised - more likely just people who didn't use 2FA then got key-logged/installed some trojan.  If it were the platform itself then you'd think they'd target accounts which held the real money - i.e. asset issuers.
legendary
Activity: 1022
Merit: 1000
Is there any way to enable 2FA without a Smartphone?  I have an iPad (1st gen without a camera) and an iPod Touch (also without a camera), but it seems that the only way that I can use the Google Authenticator App is to use a smartphone which I don't have.

Why not buy one specially Android phone, its cheaper, you can play candy crush as well Cheesy
full member
Activity: 144
Merit: 100
Is there any way to enable 2FA without a Smartphone?  I have an iPad (1st gen without a camera) and an iPod Touch (also without a camera), but it seems that the only way that I can use the Google Authenticator App is to use a smartphone which I don't have.
sr. member
Activity: 378
Merit: 250
Did you use 2FA?

In most cases, if your account transferred shares, then they are transferred.
If you have 2fa enabled, then things are looked at more closely.

I will be added 2fa support for transfers as well soon, however if someone can 2fa login to your account, then they can 2fa transfer shares from it.

If you have not yet gotten a reply, more than likely it is still under investigation, and you may get a positive result rather than a quick "Sorry, there is not much we can do." type response.

-Ukyo
Hello ,Ukyo, I put wrong password several times ,and the system lock me out....ask me to try again later? how long would this take normally?
Vbs
hero member
Activity: 504
Merit: 500
One more unfortunate example of the perils of not using 2FA...  Sad
newbie
Activity: 23
Merit: 0
I contact customer service has more than one day , and so far no reply.
hero member
Activity: 487
Merit: 500
Are You Shpongled?
Yah that would be good Ukyo. Seriously, 2FA/email confirmations on transfers, transactions, withdrawals should be added. I like Bitstamp's system.

PS. read-only API keys please and thank you Smiley

Email confirmations would definitely be a good addition for people that can't use Google Authenticator, and read-only API keys are a no-brainer. Having 2FA for every account action like BTCT Co. does wouldn't have prevented this though since OP said he didn't have 2FA enabled. Someone must have keylogged his account information, or he is reusing passwords.
full member
Activity: 224
Merit: 100
You can't kill math.
Did you use 2FA?

In most cases, if your account transferred shares, then they are transferred.
If you have 2fa enabled, then things are looked at more closely.

I will be added 2fa support for transfers as well soon, however if someone can 2fa login to your account, then they can 2fa transfer shares from it.

If you have not yet gotten a reply, more than likely it is still under investigation, and you may get a positive result rather than a quick "Sorry, there is not much we can do." type response.

-Ukyo

Yah that would be good Ukyo. Seriously, 2FA/email confirmations on transfers, transactions, withdrawals should be added. I like Bitstamp's system.

PS. read-only API keys please and thank you Smiley
sr. member
Activity: 448
Merit: 250
Did you use 2FA?

In most cases, if your account transferred shares, then they are transferred.
If you have 2fa enabled, then things are looked at more closely.

I will be added 2fa support for transfers as well soon, however if someone can 2fa login to your account, then they can 2fa transfer shares from it.

If you have not yet gotten a reply, more than likely it is still under investigation, and you may get a positive result rather than a quick "Sorry, there is not much we can do." type response.

-Ukyo
newbie
Activity: 23
Merit: 0
none.Two days ago there have been unable to access the site situation. I asked the companions , they are unable to login. Tell me the system should be maintained. Then I try to log in a few times, then that is my stock in being transferred
hero member
Activity: 487
Merit: 500
Are You Shpongled?
newbie
Activity: 23
Merit: 0
HI,
   My stock of assets on the account was somehow transferred to another user , I will give customer service made ​​a request for assistance , have one day of no reply. Who is responsible for my loss ? ! Please be careful of their equity assets.
Please give me an explanation webmaster
Jump to: