Pages:
Author

Topic: blockchain.com hacked. I need a bit of light shared please (Read 289 times)

legendary
Activity: 3234
Merit: 5637
Blackjack.fun-Free Raffle-Join&Win $50🎲
I didn't have an imported address. It seems like someone found an exploit and after 4 transfers it stopped working. So either blockchain.com has a big security flaw or someone there is in on it.

If you visited the link from my previous post you could see that something really strange was happening on that service in the past, it is possible that it is still happening today, and that someone from your previous transaction combined with a vulnerability that still exists managed to come in possession of your coins - but that transaction that returns part of the coin to you suggests to me that it is a script that did not do the job as its owner intended. I don't know if you've already tried to find some answers on Reddit, maybe you'll catch the attention of some people who will know something more.

If nothing else this is an expensive life lesson to you that you don’t need to trust anyone to be your crypto bank - all that BTC should have been in a much safer place, I hope you’ve put the rest in a safe place.
newbie
Activity: 14
Merit: 4
Yes it doesn't matter now. What intrigues me is why they made 4 transfers in 5 minutes on April 18th and then another one on April 21th (which was sent back to me the same minute) and why they didn't transfer it all. They had like 3 weeks to do it. Something is not right.

Really weird situation, definitely not a classic hack in which nothing is left on the account. Is it at all possible that the stolen assets and those that were not stolen were separated - that is, have you ever entered private keys from other crypto wallets into blockchain.com? I'm asking you this because if someone comes into possession of your seed, they can very easily steal everything from you in less than a minute - but not the funds at the import addresses.

If I had to go into some theories, it's like someone who wanted to take a certain amount of money from you for some reason, because if it's not what I wrote above - I don't see why anyone would leave 19 BTC intact Huh

What I do know is that there have been some very mysterious cases of missing funds from this service, and one such mystery is described at the following link.

Thoughts on this private key stealing mystery

I didn't have an imported address. It seems like someone found an exploit and after 4 transfers it stopped working. So either blockchain.com has a big security flaw or someone there is in on it.
legendary
Activity: 3234
Merit: 5637
Blackjack.fun-Free Raffle-Join&Win $50🎲
Yes it doesn't matter now. What intrigues me is why they made 4 transfers in 5 minutes on April 18th and then another one on April 21th (which was sent back to me the same minute) and why they didn't transfer it all. They had like 3 weeks to do it. Something is not right.

Really weird situation, definitely not a classic hack in which nothing is left on the account. Is it at all possible that the stolen assets and those that were not stolen were separated - that is, have you ever entered private keys from other crypto wallets into blockchain.com? I'm asking you this because if someone comes into possession of your seed, they can very easily steal everything from you in less than a minute - but not the funds at the import addresses.

If I had to go into some theories, it's like someone who wanted to take a certain amount of money from you for some reason, because if it's not what I wrote above - I don't see why anyone would leave 19 BTC intact Huh

What I do know is that there have been some very mysterious cases of missing funds from this service, and one such mystery is described at the following link.

Thoughts on this private key stealing mystery
newbie
Activity: 14
Merit: 4
Thanks. Done that, no reply yet. I know that the funds are gone for good but I want to know how it happened. I still believe something is very fishy since they didn't take the full amount (even though they had 3 weeks to do it since my last login) and 1.32 BTc were sent back to my wallet. Even though I do not keep my passphrase on digital support nor I visit any other websites or install software on that PC, there is a possibility that my computer was infected but then this is not my only wallet, I have others which I accessed from the same computer, browser and those are fine. So something doesn't add up
Did you get any response? If no then you have to wait for a few days more. Blockchain claimed their codes are open-source. So most probably a developer could read what Blockchain could access on your wallet and how. If Bitcoin isn't illegal in your country then you may file a police case in the appropriate department or you may file a case in the UK against them. The amount is very big and deserves an explanation of what does happened really and how the fund was moved. So please don't give up. It would happen due to a bug as well, but I don't believe it was a bug. Although you won't get back the funds, you would get the correct reason behind the hacking attack. Just continue writing all of their social media.

Yes I did get a response (see below). Convenient won't you say?

"""""Hello,

Thanks for following up.

We do not keep IP records, the only IP address kept is the IP of the last user that logged in. But as soon as a new login occurs a new IP address overwrites the old one.

Unfortunately, since you logged in to view the compromised wallet that means your IP address overwrote the last login.""""
legendary
Activity: 2422
Merit: 2228
Signature space for rent
Thanks. Done that, no reply yet. I know that the funds are gone for good but I want to know how it happened. I still believe something is very fishy since they didn't take the full amount (even though they had 3 weeks to do it since my last login) and 1.32 BTc were sent back to my wallet. Even though I do not keep my passphrase on digital support nor I visit any other websites or install software on that PC, there is a possibility that my computer was infected but then this is not my only wallet, I have others which I accessed from the same computer, browser and those are fine. So something doesn't add up
Did you get any response? If no then you have to wait for a few days more. Blockchain claimed their codes are open-source. So most probably a developer could read what Blockchain could access on your wallet and how. If Bitcoin isn't illegal in your country then you may file a police case in the appropriate department or you may file a case in the UK against them. The amount is very big and deserves an explanation of what does happened really and how the fund was moved. So please don't give up. It would happen due to a bug as well, but I don't believe it was a bug. Although you won't get back the funds, you would get the correct reason behind the hacking attack. Just continue writing all of their social media.
newbie
Activity: 14
Merit: 4
@OP you lost 19 BTC which is worth $1.75 M at the current rate. So the amount is very big and deserves some violence at least it deserves proper investigation from the end of blockchain higher authority. @OP you should write to blockchain CEO & co-founder Peter Smith directly. Contact via Twitter with him and blockchain wallet. Provide this thread as a reference thread. You have the right to know the story behind that hack. Only login history wouldn't help you because hackers easily can skip it via Tor or they have more advanced tools. The case deserves a proper investigation. Don't give up although there is no hope to get the back hacked amount. Discover the story behind the hack.

Thanks. Done that, no reply yet. I know that the funds are gone for good but I want to know how it happened. I still believe something is very fishy since they didn't take the full amount (even though they had 3 weeks to do it since my last login) and 1.32 BTc were sent back to my wallet. Even though I do not keep my passphrase on digital support nor I visit any other websites or install software on that PC, there is a possibility that my computer was infected but then this is not my only wallet, I have others which I accessed from the same computer, browser and those are fine. So something doesn't add up
legendary
Activity: 2422
Merit: 2228
Signature space for rent
@OP you lost 19 BTC which is worth $1.75 M at the current rate. So the amount is very big and deserves some violence at least it deserves proper investigation from the end of blockchain higher authority. @OP you should write to blockchain CEO & co-founder Peter Smith directly. Contact via Twitter with him and blockchain wallet. Provide this thread as a reference thread. You have the right to know the story behind that hack. Only login history wouldn't help you because hackers easily can skip it via Tor or they have more advanced tools. The case deserves a proper investigation. Don't give up although there is no hope to get the back hacked amount. Discover the story behind the hack.
newbie
Activity: 14
Merit: 4
Yes it doesn't matter now. What intrigues me is why they made 4 transfers in 5 minutes on April 18th and then another one on April 21th (which was sent back to me the same minute) and why they didn't transfer it all. They had like 3 weeks to do it. Something is not right.
sr. member
Activity: 789
Merit: 273
Leaving such huge amount on hot wallet is not a good idea, hardware wallet should be used for huge amount like that, I will even advice anyone having more than $500 worth of bitcoin to use hardware wallet, or if the person know how to handle other offline wallet, they can be recommended also.

Hot wallets are not secure like offline wallets, but web wallet like blockchain.com are most vulnerable type of hot wallet because it is a web wallet, web wallets are not even recommended at all. There are many complains of coin lost on blockchain.com wallet, you need to transfer you fund immediately.



Blockchain should post notifications how risky it is to use a web wallet and that they should have precautions when using it, just like that do on MyEtherewallet, what you've lost is a big amount of Bitcoin, it just shows you are uneducated on the proper ways of storing a big amount of Bitcoin, have you not read those web wallets are the riskiest way to store your coins, there are other better options like Electrum and Exodus.
I've been using Blockchain web wallet before, and I haven't hacked before. I make sure that the website I visit is legit, and I don't use a weak password. I used a unique password for a specific website only, but I don't suggest storing a large amount in a hot wallet/web wallet as it's super risky. It's better to use an offline wallet or better use a hardware wallet for your own safety.
member
Activity: 952
Merit: 27
Leaving such huge amount on hot wallet is not a good idea, hardware wallet should be used for huge amount like that, I will even advice anyone having more than $500 worth of bitcoin to use hardware wallet, or if the person know how to handle other offline wallet, they can be recommended also.

Hot wallets are not secure like offline wallets, but web wallet like blockchain.com are most vulnerable type of hot wallet because it is a web wallet, web wallets are not even recommended at all. There are many complains of coin lost on blockchain.com wallet, you need to transfer you fund immediately.



Blockchain should post notifications how risky it is to use a web wallet and that they should have precautions when using it, just like that do on MyEtherewallet, what you've lost is a big amount of Bitcoin, it just shows you are uneducated on the proper ways of storing a big amount of Bitcoin, have you not read those web wallets are the riskiest way to store your coins, there are other better options like Electrum and Exodus.
newbie
Activity: 14
Merit: 4
Does anyone know how to find the login history on blockchain? I cannot find this and the people from support are not responding.

I vaguely remember users sharing that info here after asking the support... Nevertheless, they do collect such info and you have the right to ask them for a copy

Information we collect about you: With regard to each of your visits to our website or our app we automatically collect the following information:

Login Information: We log technical information about your use of the Services, including the type of browser and version you use, the wallet identifier, the last access time of your wallet, the Internet Protocol (IP) address used to create the wallet and the most recent IP address used to access the wallet.
8. Your Rights
The rights that are available to you in relation to the Personal Data we hold about you are outlined below.

Information Access
If you ask us, we will confirm whether we are processing your Personal Data and, if so, what information we process and, if requested, provide you with a copy of that information within 30 days from the date of your request.

Gonna say this just in case but there is no way to know who exactly is at fault without a through investigation which blockchain.com should participate, we can only narrow down the possibilities... If there is one thing for certain, it is that this is one of the countless episodes on "why people are not recommending blockchain.com wallet"

Sidenote: to keep things more organized and less cluttered, it's better to insert multiple quotes in a single post rather than posting for each of 'em.


Thank you for this. And sorry for the multiple posts, my first time here.
hero member
Activity: 2786
Merit: 902
yesssir! 🫡
Does anyone know how to find the login history on blockchain? I cannot find this and the people from support are not responding.

I vaguely remember users sharing that info here after asking the support... Nevertheless, they do collect such info and you have the right to ask them for a copy

Information we collect about you: With regard to each of your visits to our website or our app we automatically collect the following information:

Login Information: We log technical information about your use of the Services, including the type of browser and version you use, the wallet identifier, the last access time of your wallet, the Internet Protocol (IP) address used to create the wallet and the most recent IP address used to access the wallet.
8. Your Rights
The rights that are available to you in relation to the Personal Data we hold about you are outlined below.

Information Access
If you ask us, we will confirm whether we are processing your Personal Data and, if so, what information we process and, if requested, provide you with a copy of that information within 30 days from the date of your request.

Gonna say this just in case but there is no way to know who exactly is at fault without a through investigation which blockchain.com should participate, we can only narrow down the possibilities... If there is one thing for certain, it is that this is one of the countless episodes on "why people are not recommending blockchain.com wallet"

Sidenote: to keep things more organized and less cluttered, it's better to insert multiple quotes in a single post rather than posting for each of 'em.
newbie
Activity: 14
Merit: 4
Yes I moved the funds. I know that the funds cannot be recovered but I cannot get my head around how this happened and why would someone leave 12.5 btc on the wallet. Also I never received a confirmation email and my emails are forwarded to another email address with a different password! Everything is weird about this. I cannot but think blockchain.com has something to do with this.

Why not try to contact blockchain about this and maybe this is just a bug on their side.

Try to contact them with their Twitter or Facebook account

- https://twitter.com/blockchain
- https://www.facebook.com/blockchain/

Or try to submit a request here for help
- https://support.blockchain.com/hc/en-us/requests/new

Let's hope that it's just a bug but if not there is no way to recover those hacked BTC.

Does anyone know how to find the login history on blockchain? I cannot find this and the people from support are not responding.

No, they don't have a login history but you should receive an email or notification every time you log in or if blockchain detect suspicious IPs.


I have the notifications sent to 2 different emails with different passwords. the only notifications I have is the one from today when I saw the transfers and the one from my last login on April 13th....so there's that....
newbie
Activity: 14
Merit: 4
I heard of hacker's guilt but never seen a rl example. Sorry for your losses!

Thinking about this and it doesn't sound like a script. If it were it would have cleaned you out! The transaction where he gave you back the amount sounds like a mistake while copy/pasting. My bet is on the email... spyware, malware type.
I assume that the amount were mixed a few rounds after. At least this is my impression after glancing and the btc trail.

Did you recently notice this or on the same day?

Transfers were made on April 18th and April 21th. I noticed it today when I logged in.
copper member
Activity: 786
Merit: 710
Defend Bitcoin and its PoW: bitcoincleanup.com
I heard of hacker's guilt but never seen a rl example. Sorry for your losses!

Thinking about this and it doesn't sound like a script. If it were it would have cleaned you out! The transaction where he gave you back the amount sounds like a mistake while copy/pasting. My bet is on the email... spyware, malware type.
I assume that the amount were mixed a few rounds after. At least this is my impression after glancing and the btc trail.

Did you recently notice this or on the same day?
legendary
Activity: 3472
Merit: 3217
Playbet.io - Crypto Casino and Sportsbook
Yes I moved the funds. I know that the funds cannot be recovered but I cannot get my head around how this happened and why would someone leave 12.5 btc on the wallet. Also I never received a confirmation email and my emails are forwarded to another email address with a different password! Everything is weird about this. I cannot but think blockchain.com has something to do with this.

Why not try to contact blockchain about this and maybe this is just a bug on their side.

Try to contact them with their Twitter or Facebook account

- https://twitter.com/blockchain
- https://www.facebook.com/blockchain/

Or try to submit a request here for help
- https://support.blockchain.com/hc/en-us/requests/new

Let's hope that it's just a bug but if not there is no way to recover those hacked BTC.

Does anyone know how to find the login history on blockchain? I cannot find this and the people from support are not responding.

No, they don't have a login history but you should receive an email or notification every time you log in or if blockchain detect suspicious IPs.
legendary
Activity: 2422
Merit: 2228
Signature space for rent
Yes I moved the funds. I know that the funds cannot be recovered but I cannot get my head around how this happened and why would someone leave 12.5 btc on the wallet. Also I never received a confirmation email and my emails are forwarded to another email address with a different password! Everything is weird about this. I cannot but think blockchain.com has something to do with this.
Do you know even blockchain staff would change your email where you have been receiving 2FA code for login? I just managed to find the story I had read before. So please read this article My Experience With Blockchain.com: Lost Funds, Bad Support, Low Reviews . I am not only blaming to blockchain staff. But since you strongly believe there aren't your mistakes, so I am assuming the blockchain staff is involved with that. Just curious how nowadays hackers become too kind?
newbie
Activity: 14
Merit: 4
Does anyone know how to find the login history on blockchain? I cannot find this and the people from support are not responding.
copper member
Activity: 2142
Merit: 1305
Limited in number. Limitless in potential.
I already transferred the 12.5 that's why it shows 0 now
Yeah, that's explains, thanks.

Seems like we had witness a hacker with sympathy which I think this is not a outsider person who stole your funds there. It seems like it was done on your computer something like a person who has an access to that computer besides you that needs only a part of that amount not as a whole.

Blockchain support/people might be one of the sus as well.
newbie
Activity: 14
Merit: 4
[...] so I am left with 12.5 BTC. This makes me believe there is some kind of script, software and not a person getting into my account.
But on your screenshot it shows $0.00 total balance. If its really still there I suggest you to transfer it asap, don't use the email you used on your blockchain.com account if ever, change both passwords on your email and blockchain.com account as well.

I already transferred the 12.5 that's why it shows 0 now
Pages:
Jump to: