Author

Topic: Btc-e.com - vær forsiktig. (Read 1460 times)

hero member
Activity: 868
Merit: 1000
April 17, 2013, 07:47:03 PM
#6
https://btc-e.com/news/139
Quote
News / Protection against unauthorized withdrawal (UPDATED!!!)

00:00 17.04.13 from admin

Functional confirmation of the withdrawal through the mail. (http://pastebin.com/QHS2k8dc view all !!!
Russian version, use a translator)

To use a functional need to confirm email - https://btc-e.com/profile#edit/home
Activate protection - https://btc-e.com/profile#edit/security
After that, each withdrawal you will come to notice in the mail.
Today will be translated into English.

For complete safety, use different passwords on the stock exchange and mail, as well as recommend the use of e-mail gmail.com with two-factor authentication.


Med inntjeningen de har kunne de ihvertfall ha betalt en oversetter.
hero member
Activity: 868
Merit: 1000
April 16, 2013, 07:28:07 AM
#5
Interessant.
Jeg har også benyttet btc-e et par ganger, uten problem. Men du har noen gode tips: Bruk en egen browser, ikke ha andre innloggede vinduer i samme browser og aldri la store beløp sitte lenger enn strengt nødvendig på en slik "konto".


snakk heller ikke i trollboksen (brukernavn vises), skru den gjerne av og for all del ikke klikk ukjente linker derfra, til og med imgur-linker kan inneholde skadevare. Om det er noen sårbarhet ifht brukernavnet ditt, så kan det da utnyttes om det er en sql injection sårbarhet feks, men nå har de visst endret til e-post login.
hero member
Activity: 868
Merit: 1000
April 15, 2013, 11:47:28 AM
#4
Tror ikke det er en innsideoperasjon

håper heller ikke det, men greit å være varsom.
full member
Activity: 228
Merit: 100
April 15, 2013, 11:46:39 AM
#3
Interessant.
Jeg har også benyttet btc-e et par ganger, uten problem. Men du har noen gode tips: Bruk en egen browser, ikke ha andre innloggede vinduer i samme browser og aldri la store beløp sitte lenger enn strengt nødvendig på en slik "konto".
sr. member
Activity: 602
Merit: 251
April 15, 2013, 05:27:26 AM
#2
Har alltid likt btc-e, men de burde ansette en engelskspråklig person (til support og oversetting). Tror ikke det er en innsideoperasjon, for de har alt å tape på å miste tillit. De har hatt utrolig volum-økning over lang tid, og går garantert med store overskudd, tror ikke de vill satt det på spill. De vant mye tillit da kundene fikk tilbake pengene sist de ble hacket.
hero member
Activity: 868
Merit: 1000
April 15, 2013, 02:17:52 AM
#1
Jeg har ikke personlig hatt nevneverdige problemer med btc-e.com, men det er en del støy rundt dem, så ta dine forhåndsregler.

F.eks. her: https://bitcointalksearch.org/topic/official-my-btc-e-account-got-hacked-and-all-funds-stolen-thread-173354

Ikke klikk suspekte linker i trollboksen, og ikke ha oppe andre browservinduer mens du bruker siden, og sørg for å ha e-mail verifisering på withdrawals.

Noe av det mest skumle er at en del hevder at noen av forsvinningsnumrene er en inside job.

Supporten deres er meget dårlig.

Jeg spurte dem:

Quote
Are you going to support 2-factor authentication ?

De svarte


Quote
yes

Jeg spurte:

Quote
Thank you for the response, do you have any timeline as to when it will be deployed?

De svarte:

Quote
soon

og samme visa med mange andre, ikke morro med ettordssvar når du har alvorlige problemstillinger. Heldigvis ikke tapt noen gryn der.

Sitater fra lenken over:

Quote
I had a total of 200BTC stolen from my account last night! The same thing happened to me where I was locked out of my account and the email was changed so I could not reset my password.

Quote
Never, ever, under any circumstance, keep your cryptocurrency sitting in an exchange wallet. BTC-e is the same exchange that people have lost thousands of coins too, has been hacked, and the 'owner' was the central authority in the NVC scam. You shouldn't trust them. Only keep enough coins in any online wallet that you will be using or trading with that day.


Quote
you guys, antichat.ru hackers and fraudsters are constantly posting links in the trollbox to get you to click them. when you do your passwords all kept in browser are leaked, or worse you get 0day java exploit. if you didn't click anything in trollbox and you're not running a zombied botnet computer and you're still getting funds stolen, then yes, btc-e is insecure either it's API is cracked or owner possibly stealing (unlikely, why would they do this). if you clicked trollbox links you owned yourself there's nothing they can do. there's a guy in trollbox right now pasting in exploit links inside imgur pics

Quote
This was obviously a simple SQL injection attack. If it was XSS how would they change the email without a verification email being sent. According to btc-e changing the email has always required a verification email to the previous address first!

All the attacker has done is found an SQL injection exploit which they use like so "UPDATE users SET email='[email protected]' WHERE username='theuser'"

Then they simply reset the password on the account and log in wiping out funds.

Mer:

https://bitcointalk.org/index.php?topic=170592.60
https://bitcointalk.org/index.php?topic=173067.0;topicseen


har fått meg til å bli rimelig skeptisk til btc-e.com
Jump to: