Topic: Bittrex Account Hacked - 2FA was active - page 2. (Read 3002 times)

Hey all.  Even with 2FA you need to be careful where you enter your credentials.  Typing bittrex into the URL bar on google will lead you to phishing sites as advertisements. Here is an example of two fake sites showing up on google advertisements.



These sites have you enter your username/password and 2FA code, the hacker then logs into your account.  One of these sites also makes you wait 2 minutes since there is a 2 minute withdrawal freeze after a login. The sites then tell you your login was incorrect even though the hackers have now logged in.  You then enter another 6 digit code as asked by the phishing site and they use this code to withdrawal your funds.

Please make sure to bookmark https://www.bittrex.com and never search for the site. 

Unfortunately, these advertisements cannot be prevented and take some time to take down with official requests.

Hello 2fresh

Sure, i'll keep you guys updated.
And i lost +/- 2.55 BTC

This seems very fishy... :s. Keep us updated of what's happening.
Did you "lose" a lot?

Hello poordeveloper

Thanks for the info with the similar address...i will check this when im back home from work.

And i got on their site by typing "bittrex" in the address bar of my browser and then i got to the loggin page...as usual since i got that address im my browser history.

That's what i don't get. The phone was all the time with me...no idea how thexy got the code...at least twice.
One for the login and then another to authorize the transaction.

Hello btcney

I'm not aware of any vulnerabilities...

And the thing with the foreign IP is very strange...they should have blockt this.

I mean, this person had time to login (2FA needed), exchange my OMG to BTC (no 2FA needed) and then started a transaction/withdrawal that go authorized (2FA needed).
I could understand somehow that the hacker got my 2FA code once (don't know how, but i think it possible)...but he got a valid code at least 2 times in a few minutes.

The 2FA is on my phone and i had it all the time with me.

Check your history. Probably you didn't enter your username, password and 2fa code on Bittrex site but on a site with a very similar address.

How did you get to their site? Searching Google for their name or address? Writing the website address?

if you got compromised trhu your computer it could be possibly, but at same time your mobile which linking with 2fa, they have accessing too, seems it weird.

This is weird... How the 'hacker' was able to gain access to your email PLUS your 2fa is pretty much baffling. Plus he was able to withdraw an amount from a foreign IP without letting off any alarms in the bittrex security system which is supposedly one of the most secure in the industry.

I've seen other complaints similar to this one and this definitely isn't an isolated case.

It could well be an insider job, however there is nothing that you can do to prove it. Bittrex will probably think that you are faking all this and trying to get extra money, so they probably won't give you the money even if you are obviously telling the truth because if they set a previous example then everyone will just fake theirs. It's quite easy, a VPN is all you need. I'm not saying that you faked it, though, just to be clear.

Are there any vulnerabilities that could have led to the demise of your account?

Hello 6Asmodeus6

Well, i also hope to get all or at least a part of it back.

And i think i could have a chance to get some help.
I mean, if a user on bittrex makes a crosschain (Crosschain - A deposit of one coin to a different coins address is considered a crosschain deposit) then the money is lost.
And this is a user error. But they still help him somehow to get it back: https://support.bittrex.com/hc/en-us/articles/115000961172-Bittrex-s-Crosschain-Recovery-Policy

In my case i did nothing wrong.
My money was on their server, in one of their walltes, protected by their security system and it still got stolen.
So i expect them to help me to get my money back.

We will see...

Bittrex has so many same topics in here and also in different forums.Most people says that they enabled 2FA so either there is problem in Bittrex 2FA or I don't know.I'm sorry to hear that you lost your money but they have a bad  support quality, it will take like 24-48 hours if you are lucky.Even if they answer you ı don't think there is nothing they can do if withdraw is finished.

Good luck , hope you get your things back somehow.

************************************************************************************
************************************************************************************
UPDATE
Please check this post....problem "solved"
https://bitcointalksearch.org/topic/m.20707281
************************************************************************************
************************************************************************************

Hello

Just saw that this guy (https://bitcointalksearch.org/topic/bittrex-account-hacked-2069938) has the same problem
I also got hacked yesterday. I made a ticket 18h ago but i still got no answer from Bittrex.

Here is what happen:

I was already logged in and i was on the wallete page.
I hit the "F5" button to refresh the page and it starts loading and loading and loading...
After 2-3mins it's still loading. So i closed the browser and tryed to login again...

I enter username and password, press enter and then i get the info "security check - checking your browser before accessing bittex - can take up to 5 minutes"
So i wait... Then i get to the next step. Enter the code for the 2FA. I enter the code and i have to wait again "securitx check - checking....ect"
I don't get access cus it takes to long. So i have to try 2-3 times...but no success.

I closed my browser, cleaned the cache, tryed agein...no success.
I closed my browser again, cleaned cache and coockies, tryed again...and yes...access...i'm back in.

So i open my wallet...and there is a "Pending Withdrawal"! - Status of the Withdrawal "Authorized"!
I was like: What the ####!!!!

I hit the cancel-button again and again but it was to late. Transfere had alredy started.
So i mad a printscreen, opend a ticket and send it to the bittrex support. After the transaction went through, i also had the txid. I made a new printscreen and send that also to bittrex support.
Then i checkt the logins on the bittrex page and i see an ip-adress the tha is not mine and made a printscreen.

Next step: ip address lookup....the ip address is from Russia (another printscreen)
And no, i don't live in Russia....

Well, as i said in the begining...i made a ticket 18h ago...and i still got no answer