Coinbase Pro unauthorized transactions

figmentofmyass

legendary

Activity: 1652

Merit: 1483

Quote from: TheBeardedBaby on September 12, 2020, 03:14:14 PM

Interesting case for sure.
If someone breaks into your computer and your Coinbase Pro, the closest thing in my mind would be to withdraw the coins to another wallet and disappear . But in the OP's case, someone broke into only to place orders, this is more than weird and nobody will use so much resources to just fool around with your orders.
Looks like not everyone was reading the OP deeply enough.
I wish there's more investigation on that case.

it would help to know which orders were filled/which coin was bought. that would probably explain things.

the nature of this case reminds me of the high profile binance "hack" where phished logins/API keys were used to pump viacoin. the hackers used compromised accounts to buy up VIA, while they used dozens of other accounts to sell VIA at the top. then they tried to immediately withdraw the BTC. https://hackernoon.com/alleged-hack-of-binance-linked-to-viacoin-pump-bb9066bf96bf

Quote from: Potato Chips on September 12, 2020, 09:28:41 PM

It could be that it was an attempt to pump that certain coin/token. I'd be more certain if those cryptocoins have a relatively low liquidity.

exactly, that's why i'm curious which coin we're talking about. this could have been part of a larger operation. in the VIA case, it was a very low volume market.

Potato Chips

hero member

Activity: 2674

Merit: 865

yesssir! 🫡

Quote from: TheBeardedBaby on September 12, 2020, 03:14:14 PM

Interesting case for sure.
If someone breaks into your computer and your Coinbase Pro, the closest thing in my mind would be to withdraw the coins to another wallet and disappear . But in the OP's case, someone broke into only to place orders, this is more than weird and nobody will use so much resources to just fool around with your orders.

If there were a huge portion of buy order/s, It could be that it was an attempt to pump that certain coin/token. I'd be more certain if those cryptocoins have a relatively low liquidity.

TheBeardedBaby

legendary

Activity: 2184

Merit: 3134

₿uy / $ell

Interesting case for sure.
If someone breaks into your computer and your Coinbase Pro, the closest thing in my mind would be to withdraw the coins to another wallet and disappear . But in the OP's case, someone broke into only to place orders, this is more than weird and nobody will use so much resources to just fool around with your orders.
Looks like not everyone was reading the OP deeply enough.
I wish there's more investigation on that case.

Unsaint32

newbie

Activity: 29

Merit: 7

1. I had made API in Coinbase Pro before just to practice. Then I deleted it all right after that. Coinbase confirmed that I do not have any API active.

2. I have 2FA for Coinbase login, it is Google Authenticator.

3. I used Lastpass generated password for the Coinbase password. Needless to say, I do not use the same password anywhere else.

Thank you for all your help.

sunsilk

hero member

Activity: 2884

Merit: 620

Quote from: logfiles on September 05, 2020, 07:17:09 PM

The Malware could have specifically been decided to steal or mess with your crypto related accounts and not other accounts. There is a possibility that your login credentials leaked someone. Authorization emails can as well be deleted to avoid making you suspicious

Have you ever generated an API key from Coinbase Pro account?
Do your Coinbase pro and email accounts have 2-factor authentication?

This is what likely happened to your account. If you can remember the websites that you have used or registered with the same email/password as your coinbase pro, there could be a leak from that website.

But if those website/s you have registered with the same email are safe, it's your PC that's infected or compromised. Do you use the same passwords?

Danslip

hero member

Activity: 2058

Merit: 538

Leading Crypto Sports Betting & Casino Platform

Quote from: logfiles on September 05, 2020, 07:17:09 PM

Quote from: Unsaint32 on September 05, 2020, 05:03:43 PM

What I don't understand is this. If would someone go through all that work and not try to make any money? I have Paypal accounts with cash balance, multple bank accounts.

The Malware could have specifically been decided to steal or mess with your crypto related accounts and not other accounts. There is a possibility that your login credentials leaked someone. Authorization emails can as well be deleted to avoid making you suspicious

Have you ever generated an API key from Coinbase Pro account?
Do your Coinbase pro and email accounts have 2-factor authentication?

Answers to these questions will light the bulb, some API keys have access for withdrawal besides controlling trade orders. If the Coinbase can share the last login data, OP can find the source of the attack in the best case. In the worst case, the account or PC has been compromised but the interesting part if no access to other personal data.

logfiles

copper member

Activity: 1960

Merit: 1638

Top Crypto Casino

Quote from: Unsaint32 on September 05, 2020, 05:03:43 PM

What I don't understand is this. If would someone go through all that work and not try to make any money? I have Paypal accounts with cash balance, multple bank accounts.

The Malware could have specifically been decided to steal or mess with your crypto related accounts and not other accounts. There is a possibility that your login credentials leaked someone. Authorization emails can as well be deleted to avoid making you suspicious

Have you ever generated an API key from Coinbase Pro account?
Do your Coinbase pro and email accounts have 2-factor authentication?

Unsaint32

newbie

Activity: 29

Merit: 7

I live alone so nobody used my computer. So, somebody I know using my computer is not a possibility.

There was no coinbase login record other than the logins I initiated. Also, someone had to access my gmail in order to approve login every time. And there is no google account login history other than me logging in.

So, the only thing I can think of is malware. I had AVG free version that scanned computer but found no malware. So, someone must have been able to hijack my computer remotely through a sophisticated malware that was undetected.

What I don't understand is this. If would someone go through all that work and not try to make any money? I have Paypal accounts with cash balance, multple bank accounts.

Charles-Tim

legendary

Activity: 1512

Merit: 4795

You can move this topic to beginners and help.

So sorry for your loss. So far you saw the unauthorized transactions from your coinbase pro account, you should be more careful, it could be a malicious attack or it can be from someone you know. I will advice you to look for malware on your computer for removal or format your computer in a way all malware will be formatted along.

Next time, try use 2fa, it could have helped you. Or, is your coinbase exchange account 2fa enabled? Having the 2fa on another device other than your exchange account will help.

Also, passward your device, do not let anyone has access to it other than you. If it support biometry like fingerprint, you can also use it.

Quote from: Unsaint32 on August 26, 2020, 07:22:57 PM

They only show history of orders filled. I wish there was a way to prove that the orders were NOT placed by me.

Why the prove when the fund is gone already. There is nothing you can do than to forget about it.

Unsaint32

newbie

Activity: 29

Merit: 7

I found some unauthorized transactions in my Coinbase Pro account. I reported to Coinbase and went through the recover process. They said my computer was compromised, or someone else used my computer to place the orders. I went through due diligence to rule out all those.

Coinbase does not show any history of orders placed. They only show history of orders filled. I wish there was a way to prove that the orders were NOT placed by me.

Topic: Coinbase Pro unauthorized transactions (Read 160 times)