[BitFunder] Please be careful of their equity assets ,my bitfunder Assets are g

parseval

member

Activity: 97

Merit: 10

Quote from: Ukyo on June 22, 2013, 11:03:32 AM

Quote from: Deprived on June 21, 2013, 10:40:12 PM

It certainly seems there's been some accounts compromised there - there's been some dumps at silly prices on some shares (look at the pass-throughs to S.MPOE, S.DICE and S.BBET for examples). Looks like someones shares were transferred, sold then the cash will have been moved out.

Seems highly unlikely its the platform compromised - more likely just people who didn't use 2FA then got key-logged/installed some trojan. If it were the platform itself then you'd think they'd target accounts which held the real money - i.e. asset issuers.

Agreed. We have seen some user accounts logged in first time without password errors and then sell/transfer assets. As well as lots of single-email bad password attempts, most of which do not exist on our system.
I have also disabled transfers until I add a second component. I may reenable for 2fa only though.

It sounds like people have been reusing their passwords across multiple sites and one of them got compromised or phished.

2FA is great, and could have stopped this, but also don't forget your password managers to create unique passwords for every account.

http://lastpass.com

I highly recommend that one, there's a free version.

TaxReturn

member

Activity: 67

Merit: 10

Quote from: Lorren on June 21, 2013, 06:06:29 PM

Is there any way to enable 2FA without a Smartphone? I have an iPad (1st gen without a camera) and an iPod Touch (also without a camera), but it seems that the only way that I can use the Google Authenticator App is to use a smartphone which I don't have.

The Google Auth app for Apple devices says "Compatible with iPhone, iPod touch, and iPad. Requires iOS 3.1.3 or later" and you can manually enter the secret, without a camera.

link

Ukyo

sr. member

Activity: 448

Merit: 250

Quote from: Deprived on June 21, 2013, 10:40:12 PM

It certainly seems there's been some accounts compromised there - there's been some dumps at silly prices on some shares (look at the pass-throughs to S.MPOE, S.DICE and S.BBET for examples). Looks like someones shares were transferred, sold then the cash will have been moved out.

Seems highly unlikely its the platform compromised - more likely just people who didn't use 2FA then got key-logged/installed some trojan. If it were the platform itself then you'd think they'd target accounts which held the real money - i.e. asset issuers.

Agreed. We have seen some user accounts logged in first time without password errors and then sell/transfer assets. As well as lots of single-email bad password attempts, most of which do not exist on our system.
I have also disabled transfers until I add a second component. I may reenable for 2fa only though.

Deprived

hero member

Activity: 532

Merit: 500

Quote from: Lorren on June 21, 2013, 06:06:29 PM

Is there any way to enable 2FA without a Smartphone? I have an iPad (1st gen without a camera) and an iPod Touch (also without a camera), but it seems that the only way that I can use the Google Authenticator App is to use a smartphone which I don't have.

There's a way to use Google 2FA without a smart-phone - with a plug-in to Chrome for one example. I don't know the details as I use a smart-phone for mine (plus having it on the same PC as you type in the password is intrinsically less secure).

Deprived

hero member

Activity: 532

Merit: 500

It certainly seems there's been some accounts compromised there - there's been some dumps at silly prices on some shares (look at the pass-throughs to S.MPOE, S.DICE and S.BBET for examples). Looks like someones shares were transferred, sold then the cash will have been moved out.

Seems highly unlikely its the platform compromised - more likely just people who didn't use 2FA then got key-logged/installed some trojan. If it were the platform itself then you'd think they'd target accounts which held the real money - i.e. asset issuers.

joele

legendary

Activity: 1022

Merit: 1000

Quote from: Lorren on June 21, 2013, 06:06:29 PM

Is there any way to enable 2FA without a Smartphone? I have an iPad (1st gen without a camera) and an iPod Touch (also without a camera), but it seems that the only way that I can use the Google Authenticator App is to use a smartphone which I don't have.

Why not buy one specially Android phone, its cheaper, you can play candy crush as well Cheesy

Lorren

full member

Activity: 144

Merit: 100

Is there any way to enable 2FA without a Smartphone? I have an iPad (1st gen without a camera) and an iPod Touch (also without a camera), but it seems that the only way that I can use the Google Authenticator App is to use a smartphone which I don't have.

SOSLOVE868

sr. member

Activity: 378

Merit: 250

Quote from: Ukyo on June 20, 2013, 11:59:49 PM

Quote from: somestranger on June 20, 2013, 09:05:17 PM

Did you use 2FA?

In most cases, if your account transferred shares, then they are transferred.
If you have 2fa enabled, then things are looked at more closely.

I will be added 2fa support for transfers as well soon, however if someone can 2fa login to your account, then they can 2fa transfer shares from it.

If you have not yet gotten a reply, more than likely it is still under investigation, and you may get a positive result rather than a quick "Sorry, there is not much we can do." type response.

-Ukyo

Hello ,Ukyo, I put wrong password several times ,and the system lock me out....ask me to try again later? how long would this take normally?

Vbs

hero member

Activity: 504

Merit: 500

One more unfortunate example of the perils of not using 2FA... Sad

zhunifa

newbie

Activity: 23

Merit: 0

I contact customer service has more than one day , and so far no reply.

somestranger

hero member

Activity: 487

Merit: 500

Are You Shpongled?

Quote from: Eric Muyser on June 21, 2013, 12:58:18 AM

Yah that would be good Ukyo. Seriously, 2FA/email confirmations on transfers, transactions, withdrawals should be added. I like Bitstamp's system.

PS. read-only API keys please and thank you

Email confirmations would definitely be a good addition for people that can't use Google Authenticator, and read-only API keys are a no-brainer. Having 2FA for every account action like BTCT Co. does wouldn't have prevented this though since OP said he didn't have 2FA enabled. Someone must have keylogged his account information, or he is reusing passwords.

Eric Muyser

full member

Activity: 224

Merit: 100

You can't kill math.

Quote from: Ukyo on June 20, 2013, 11:59:49 PM

Quote from: somestranger on June 20, 2013, 09:05:17 PM

Did you use 2FA?

In most cases, if your account transferred shares, then they are transferred.
If you have 2fa enabled, then things are looked at more closely.

I will be added 2fa support for transfers as well soon, however if someone can 2fa login to your account, then they can 2fa transfer shares from it.

If you have not yet gotten a reply, more than likely it is still under investigation, and you may get a positive result rather than a quick "Sorry, there is not much we can do." type response.

-Ukyo

Yah that would be good Ukyo. Seriously, 2FA/email confirmations on transfers, transactions, withdrawals should be added. I like Bitstamp's system.

PS. read-only API keys please and thank you

Ukyo

sr. member

Activity: 448

Merit: 250

Quote from: somestranger on June 20, 2013, 09:05:17 PM

Did you use 2FA?

In most cases, if your account transferred shares, then they are transferred.
If you have 2fa enabled, then things are looked at more closely.

I will be added 2fa support for transfers as well soon, however if someone can 2fa login to your account, then they can 2fa transfer shares from it.

If you have not yet gotten a reply, more than likely it is still under investigation, and you may get a positive result rather than a quick "Sorry, there is not much we can do." type response.

-Ukyo

zhunifa

newbie

Activity: 23

Merit: 0

none.Two days ago there have been unable to access the site situation. I asked the companions , they are unable to login. Tell me the system should be maintained. Then I try to log in a few times, then that is my stock in being transferred

somestranger

hero member

Activity: 487

Merit: 500

Are You Shpongled?

Did you use 2FA?

zhunifa

newbie

Activity: 23

Merit: 0

HI,
My stock of assets on the account was somehow transferred to another user , I will give customer service made a request for assistance , have one day of no reply. Who is responsible for my loss ? ! Please be careful of their equity assets.
Please give me an explanation webmaster

Topic: [BitFunder] Please be careful of their equity assets ,my bitfunder Assets are g (Read 1377 times)