Coinpayments robbed | Bitcointalksearch.org

CoinPayments

newbie

Activity: 10

Merit: 0

Quote from: vite on May 28, 2018, 07:09:53 AM

You cannot directly blame coin payment for your loss without any proof. It is very easier for a hacker to access details from your computer with a hidden Remote administration tool. A java virus can remains undetectable for a couple of weeks stealing data from your computer checking your emails, etc just because you click a button on some unsafe site. Keeping your Antivirus updated will reduce the chances of attack on your devices.

Great wisdom kind sir

Ridwan Fauzi

full member

Activity: 1330

Merit: 147

Quote from: eduardo001 on May 15, 2018, 12:53:41 AM

Hacker logged in to my account even I have 2FA there. Also I never received withdraw confirmation to email for those withdrawals. I sent ticket, but no reply yet.

I just wondering, is 2FA work with well? 2FA will give a message to email or your phone, have you received it?

If there is no notice at all, either through your phone or via email, I am not sure that the 2FA you have is going well.

solarion

hero member

Activity: 966

Merit: 513

Quote from: btc_enigma on August 01, 2018, 03:12:16 AM

Never keep your funds in an online wallet. In crypto there is an unwritten - Any online wallet will eventually get hacked !

Use hardware wallets like ledger/trezor to store your wallet. Use direct to wallet services like blockonomics to accept crypto

Coinpayments are available on Android platform as well. If you access the web wallet you may be access you wallet with the incorrect web wallet link as well. This is the biggest trouble on accessing wallet for many people.

Kindly ignore the web wallet if you careless person. If not no problem still you can continue to use the web wallet buddy. Kindly have the private key secured wallet for your own safety.

btc_enigma

hero member

Activity: 688

Merit: 565

Never keep your funds in an online wallet. In crypto there is an unwritten - Any online wallet will eventually get hacked !

Use hardware wallets like ledger/trezor to store your wallet. Use direct to wallet services like blockonomics to accept crypto

klaaas

hero member

Activity: 1568

Merit: 544

I didnt noticed anything strange yet but would assume all wallets would be empty from all users if its a exit scam/hack.
Will keep a eye out on the matter.

Pan Troglodytes

member

Activity: 392

Merit: 39

Quote from: dollarneed on May 25, 2018, 07:20:52 PM

First of all I'm sorry for your lost.
Well this is strange, it's kinda impossible for the hackers to pass the 2fa unless they got your email or phone. I'm using coinpayment too but I only enabled the email verification and I'm using a dynamic IP so every time I login to the site I have to confirm that I'm the owner of the account, well pretty safe isn't it? This is why I'm scared, storing crypto on exchange.

Actually I have seen a lot of reports by other forum members (who used a phone as a 2FA device) that their accounts were hacked. Usually it goes like that: (1) the phone is hacked and then (2) the user user logs into the exchange effectively compromising both authenticating factors.

Because then the 2FA code is sent to the same device, you see, the hacker at that point has got your both authentiacation factors!

nniecan001

member

Activity: 322

Merit: 21

Quote from: vite on May 28, 2018, 07:09:53 AM

You cannot directly blame coin payment for your loss without any proof. It is very easier for a hacker to access details from your computer with a hidden Remote administration tool. A java virus can remains undetectable for a couple of weeks stealing data from your computer checking your emails, etc just because you click a button on some unsafe site. Keeping your Antivirus updated will reduce the chances of attack on your devices.

A big YES, its not always the online wallet nor exchanges website. Sometimes, it's the hidden hacking movement on your computer and emails. Unfortunately, you encounter those kind of problems so learn from it, avoid risky website and update your anti-virus always.

vite

legendary

Activity: 1018

Merit: 1000

You cannot directly blame coin payment for your loss without any proof. It is very easier for a hacker to access details from your computer with a hidden Remote administration tool. A java virus can remains undetectable for a couple of weeks stealing data from your computer checking your emails, etc just because you click a button on some unsafe site. Keeping your Antivirus updated will reduce the chances of attack on your devices.

dollarneed

hero member

Activity: 742

Merit: 500

First of all I'm sorry for your lost.
Well this is strange, it's kinda impossible for the hackers to pass the 2fa unless they got your email or phone. I'm using coinpayment too but I only enabled the email verification and I'm using a dynamic IP so every time I login to the site I have to confirm that I'm the owner of the account, well pretty safe isn't it? This is why I'm scared, storing crypto on exchange.

MrData

sr. member

Activity: 290

Merit: 250

CoinPayments

Quote from: Zicadis on May 23, 2018, 03:08:19 PM

Ip whitelisting sounds like an effective way to protect valuables but the problem comes when you using a dynamic ip and you need to confirm your activities every time you try to login to get access which grows to a pen in the butt

For IP Whitelisting I'm talking about API keys, generally you would be using these on a server and their IPs usually don't change.

Zicadis

legendary

Activity: 1386

Merit: 1027

Dump it!!!

Don't know how much you lost but these are issues Coinpayments needs to put some keen interest into as this will dent their reputation.

And according to the OPs narration of how he lost his coins it's no rocket science that this has inside job written all over it unless hackers have gotten more sophisticated to pull this one off and Afaik I believed they are the payment processors that were supposed to be challenging competitors like bitpay

Quote from: MrData on May 22, 2018, 07:17:26 PM

-snip-

TLDR: For best results enable Google Authenticator/TOTP, if using API keys only enable permissions you need and IP whitelist and set limits if possible, if running your own server/software make sure you know how to secure your system.

Ip whitelisting sounds like an effective way to protect valuables but the problem comes when you using a dynamic ip and you need to confirm your activities every time you try to login to get access which grows to a pen in the butt

Lucius

legendary

Activity: 3220

Merit: 5630

Blackjack.fun-Free Raffle-Join&Win $50🎲

Quote from: nniecan001 on May 23, 2018, 02:17:58 AM

When I visit your link about " Can Two-Factor Authentication be hacked? " , . It seems that 2FA is not easy to find a glitch or even the author tell that " it is worth using to greatly increase the security of the digital assets it protects.". That's why most of online wallet is recommended to use the 2FA security ( for example HITbtc and many more).

2FA is just additional security, but also every user need to protect his account with unique&strong password, but e-mail account should also have same kind of password (not identical of course). I think you should read better that article, 8 possible ways are mentioned for 2FA can be compromised. Users often do not take seriously security of their smartphones, and that's something all need to pay attention these days.

nniecan001

member

Activity: 322

Merit: 21

Quote from: Lucius on May 22, 2018, 08:29:20 AM

Quote from: eduardo001 on May 15, 2018, 12:53:41 AM

Hello.

I noticed that someone stole bitcoin and litecoin from my 2 coinpayments wallet. Luckily, I transferring money from there almost daily so, stolen amount is not so high but still it makes me angry.

Hacker logged in to my account even I have 2FA there. Also I never received withdraw confirmation to email for those withdrawals. I sent ticket, but no reply yet.

One friend of mine also have same issue.

After XRP last year, seems like they leaking again.

Anybody else have same issue? Should we stop trust them?

Kind Regards,
Edin

Maybe some can say that I am not objective on this issue as I promote CoinPayments, but if there is a serious security breach in their system then there would be a lot more such threads. However, if your coins are missing from your account you have the right to seek explanation from CP and get answer how did this happen. I hope you get the answer as soon as possible and that you will post that info here.

You also need to know that 2FA is not 100% safe, and that hackers have ways to use 2FA against users, see this example of 2FA Hacking Coinbase or Ways To Hack 2FA

Also consider is there any possibility that you use very weak password for CP account, or did you use same password on some other service/site maybe?

When I visit your link about " Can Two-Factor Authentication be hacked? " , . It seems that 2FA is not easy to find a glitch or even the author tell that " it is worth using to greatly increase the security of the digital assets it protects.". That's why most of online wallet is recommended to use the 2FA security ( for example HITbtc and many more).

MrData

sr. member

Activity: 290

Merit: 250

CoinPayments

Yep, the most common things we see are:

1) The user's email gets hacked, then the hacker just logs in if the password is the same or does a password reset since they have access to the email. If the user enables Google Authenticator/TOTP it would prevent this from working. A lot of the time they delete the emails afterwards to the user doesn't get tipped off too fast they were hacked.

2) Leaked API keys with 'auto_confirm' permission enabled. This usually comes from people's servers or software having vulnerabilities; a lot of the time especially on more questionable sites they are using pirated (aka "nulled") scripts with backdoors and such in them.

TLDR: For best results enable Google Authenticator/TOTP, if using API keys only enable permissions you need and IP whitelist and set limits if possible, if running your own server/software make sure you know how to secure your system.

Lucius

legendary

Activity: 3220

Merit: 5630

Blackjack.fun-Free Raffle-Join&Win $50🎲

Quote from: eduardo001 on May 15, 2018, 12:53:41 AM

Hello.

I noticed that someone stole bitcoin and litecoin from my 2 coinpayments wallet. Luckily, I transferring money from there almost daily so, stolen amount is not so high but still it makes me angry.

Hacker logged in to my account even I have 2FA there. Also I never received withdraw confirmation to email for those withdrawals. I sent ticket, but no reply yet.

One friend of mine also have same issue.

After XRP last year, seems like they leaking again.

Anybody else have same issue? Should we stop trust them?

Kind Regards,
Edin

Maybe some can say that I am not objective on this issue as I promote CoinPayments, but if there is a serious security breach in their system then there would be a lot more such threads. However, if your coins are missing from your account you have the right to seek explanation from CP and get answer how did this happen. I hope you get the answer as soon as possible and that you will post that info here.

You also need to know that 2FA is not 100% safe, and that hackers have ways to use 2FA against users, see this example of 2FA Hacking Coinbase or Ways To Hack 2FA

Also consider is there any possibility that you use very weak password for CP account, or did you use same password on some other service/site maybe?

MrData

sr. member

Activity: 290

Merit: 250

CoinPayments

Quote from: teddy5145 on May 19, 2018, 11:53:28 PM

It's a brand new account, I doubt its the real Coinpayments account, it is easy to impersonate someone over the internet Roll Eyes

It is a real account, yes.

teddy5145

hero member

Activity: 714

Merit: 528

Quote from: fiulpro on May 17, 2018, 12:26:47 PM

Hacking coinpayments Wallet is no easy job ..
I think this is something grave since coinpayments is more or less Preety secure ... But day to day we are hearing news like these and the biggest companies are getting robbed thus I think the hackers might have something new that we know nothing about.

If this is the case, there would be news all over the internet because a security vulnerability that lets a hacker bypass 2FA can be used not just on Coinpayments.
This is more like an inside job, I would suggest for OP to move his coins and to not use Coinpayments anymore.

I take it that OP are selling items and using CoinPayments as his Processors, correct?
It'd be better to start using Open Source Payment Gateway, setting it up for the first time takes time and effort, but it is highly customizable and secure as the codes are being maintained by the community

Quote from: wiser on May 19, 2018, 12:01:59 AM

The fact that CoinPayments responded on this thread is a really good sign. Do contact support and PM your support ticket, like they asked. I hope you get this resolved promptly. And then be sure to take all reasonable security precautions for your account.

It's a brand new account, I doubt its the real Coinpayments account, it is easy to impersonate someone over the internet Roll Eyes

MrData

sr. member

Activity: 290

Merit: 250

CoinPayments

Quote from: Sony.UK on May 19, 2018, 03:59:22 PM

I have seen some thread says that payments are repaid to the people who have lost the money with the coinpayments wallet mate. Still you does not get the payment back from the team.
As pugman said you need to open the thread on scam and acussation section to report they are not else you can pm to Lauda. She can bael to direct the right person on that coinpayments team.

You are thinking of the bug that let people overdraw XRP, those funds were fully repaid to the users since that was an issue on our end.

Sony.UK

full member

Activity: 532

Merit: 103

Quote from: pugman on May 18, 2018, 06:06:39 PM

Coin payments should be help responsible for this, if you have done everything right. Open a scam accusation, post up enough proof, otherwise it's just your word against theirs.
Do contact their support before accusing them of anything.

I have seen some thread says that payments are repaid to the people who have lost the money with the coinpayments wallet mate. Still you does not get the payment back from the team.
As pugman said you need to open the thread on scam and acussation section to report they are not else you can pm to Lauda. She can bael to direct the right person on that coinpayments team.

wiser

legendary

Activity: 1806

Merit: 1029

The fact that CoinPayments responded on this thread is a really good sign. Do contact support and PM your support ticket, like they asked. I hope you get this resolved promptly. And then be sure to take all reasonable security precautions for your account.

pugman

legendary

Activity: 2383

Merit: 1551

dogs are cute.

Coin payments should be help responsible for this, if you have done everything right. Open a scam accusation, post up enough proof, otherwise it's just your word against theirs.
Do contact their support before accusing them of anything.

bontkoli01

newbie

Activity: 238

Merit: 0

There are some group of hackers who always try to hack super secured crypto wallet. You should better check the history and use offline security key to assure more security. And it is better not to share any information regarding your account, not even with your bed partner.

Brianlee0112

newbie

Activity: 294

Merit: 0

These days, this hacking incidents have become so common. We have to be more careful in managing our accounts. We should try to give a more unique password. You could search the history in finding out where it was sent.

milewilda

legendary

Activity: 3094

Merit: 1127

Quote from: OmegaStarScream on May 15, 2018, 05:16:34 AM

A decent amount of scam accusations has been raised against them in the last few months so you should look into the possibility that this was an inside job because a hacker accessing your coinpayments account, your email and your phone for 2FA (assuming that It's on phone) doesn't seem like a likely scenario. Do you have a withdrawal history? try to track where the funds went to.

Thinking the same way where i dont see any reasons for funds to be transacted and been transferred into other wallet without having the trouble on accessing it specially 2fa had bet out.Where we can highly presume that this would be an inside job. Same as yours its already making a buzz on such issues related into this loss of funds.

Do you have a withdrawal history? try to track where the funds went to. -- Even if its shown its still pointless yet those funds wont never comeback.

CoinPayments

newbie

Activity: 10

Merit: 0

Quote from: eduardo001 on May 15, 2018, 12:53:41 AM

Hello.

I noticed that someone stole bitcoin and litecoin from my 2 coinpayments wallet. Luckily, I transferring money from there almost daily so, stolen amount is not so high but still it makes me angry.

Hacker logged in to my account even I have 2FA there. Also I never received withdraw confirmation to email for those withdrawals. I sent ticket, but no reply yet.

One friend of mine also have same issue.

After XRP last year, seems like they leaking again.

Anybody else have same issue? Should we stop trust them?

Kind Regards,
Edin

Hi eduardo001,

Thank you for bringing this to our attention. If you can PM the support ticket number you filed, we would be more than happy to help you on this matter as we cannot assist on a public forum.

Also, if your friend that had the same issue in the past knows his/her support ticket number, we can definetly look into this matter further as well.

If you or your friend do not rememeber your support ticket number, feel free to open a new one at https://www.coinpayments.net/supwiz, our customer support team would be more than happy to assist you in resolving this issue.

CryptoPartaker

newbie

Activity: 8

Merit: 0

It's really annoying to hear people jump straight to SCAM and THEFT accusations before exploring all the possibilities. A lot of crypto companies face this kind of reputation tarnishing from crypto noobs that don't understand that coins are lost if they send BTC to an ETH address or that they can't get a refund after sending a transaction.

As far as CoinPayments goes, they have been around since 2013 and have always been fully transparent about things. Some of you mentioned the Ripple incident. Yes, it was unfortunate but CoinPayments fully repaid ALL stolen Ripple. See their official CoinPayments Ripple Theft statement. This should be undeniable proof that CoinPayments takes these things seriously and takes responsibility for their mistakes.

Anyway, I've had a CoinPayments account for 2 years and never had a problem. Only had to contact support once and they fixed the issue within 24hrs. I suggest you wait for a reply from their support as I'm sure they can get to the bottom of your predicament.

realcrypto

member

Activity: 476

Merit: 12

This sounds scary. Just have it in mine that hackers have upgraded to the level of deactivated every thing that will make you to receive email concerning their activities. It may be an insider or external forces.

wiser

legendary

Activity: 1806

Merit: 1029

I would consider two things:

1. Are you up to speed on how to keep your wallet safe? You know about private keys and how to not share them, etc.? You know about using a unique, tough to crack password for each site you log into? If you're not up to speed, then please educate yourself. Here's a good place to start: https://dnotesedu.com/2018/04/risk-reduction-strategies-in-cryptocurrency-investing-part-5-security-precautions/

2. The site may be unreliable or untrustworthy. If you are taking reasonable security precautions and still losing money, then it may be a problem with the site, in which case you should promptly withdraw all your funds and take your business elsewhere.

fiulpro

hero member

Activity: 1862

Merit: 830

Hacking coinpayments Wallet is no easy job ..
I think this is something grave since coinpayments is more or less Preety secure ... But day to day we are hearing news like these and the biggest companies are getting robbed thus I think the hackers might have something new that we know nothing about. It's scary to think like that but I think you should try..to locate the wallet address and then check out and register a complain if possible.
My condolences
Take care dude..it's hard earned money ..

Ais08

hero member

Activity: 983

Merit: 502

Some people, especially beginners, especially those who often experience the incident, the lack of information that makes them believe to provide a key wallet address, or link link that can tap all the konci address of your wallet, so I suggest everyone needs additional security that is good for used, to keep your coin coins from being smashed from unscrupulous individuals, it may be better if everyone can use additional keys like 2FA that can keep your wallet safe from hackers ..

jamesmitchel018

newbie

Activity: 252

Merit: 0

stay awasy from scamer and be safe from the hackers, because of those if we loose our assect they people becomes very nagitive about cryptos which is very unwanted thing to face in the community.

endut15

full member

Activity: 546

Merit: 100

Quote from: eduardo001 on May 15, 2018, 12:53:41 AM

Hello.

I noticed that someone stole bitcoin and litecoin from my 2 coinpayments wallet. Luckily, I transferring money from there almost daily so, stolen amount is not so high but still it makes me angry.

Hacker logged in to my account even I have 2FA there. Also I never received withdraw confirmation to email for those withdrawals. I sent ticket, but no reply yet.

One friend of mine also have same issue.

After XRP last year, seems like they leaking again.

Anybody else have same issue? Should we stop trust them?

Kind Regards,
Edin

the problems we face are sometimes difficult, but we should not give up any of them, maybe it's just a trial, that anger is natural with all this, because the anger also will not solve a problem faced us.

freesia_pnp888

newbie

Activity: 112

Merit: 0

first time i heard this tbh :O you should always be extremely careful, mate!

Kprawn

legendary

Activity: 1904

Merit: 1073

What email service are you using? I have had a lot of people complaining that they were using Gmail and that they lost coins

that were linked to that address. {Where they used that account to signup for that service} These web based email services

are notoriously unreliable. I will not be surprised if this was a inside job, because they have built up quite a bad reputation

since they launched their service. Just report it and see if they respond to your ticket. Roll Eyes

daarul50

legendary

Activity: 1596

Merit: 1034

I suspect that this is an inside job because it is impossible for someone to access your wallet without having your 2FA. I've heard that their service is full of scams from many people. If you are curious, you better search for the transfer of funds by checking your withdrawal history.

farhiamunni

jr. member

Activity: 322

Merit: 1

It's rare news but it can be so we should aware of using bitcoin where to use how to use we should know the system so that we can do safe trading because hacking on bitcoin is so tough so they try different system to get coin so if we know the system and if we aware of this problem will be solve.

Pan Troglodytes

member

Activity: 392

Merit: 39

you know sometimes phone 2FA is only illusoric. If you run the same webpages on the phone and on the desktop your really have 1FA, not 2FA - the phone serves both as an access device and as a verification device, making it only 1FA, because the attacker needs to hack only one device: the phone.

I am afraid that might have been the scenario here too.

I would recommend using Trezor or other highly secure device as a 2FA device, not a phone, or at least a separate phone used ONLY for this purpose.

bobylee

newbie

Activity: 294

Merit: 0

To save bitcoin account, we need to careful about our account. We need to create a strong password so that we can save our bitcoin account. Hacking is common for all account but to hack bitcoin account is really tuff though tolerable measure of trick allegations has been brought against them up over the most recent couple of months so you should investigate the likelihood this was an inside activity in light of the fact that a programmer getting to your coin payments account, your email and your telephone for 2FA (expecting that It's on telephone) doesn't appear like a presumable situation. Do you have a withdrawal history? Try to track where the assets went.

mktpromp

newbie

Activity: 294

Merit: 0

Sometime hacker hacks your account bitcoin account that’s why you have to sincere about this. If hacker hack your account then you will face lots of problem.

XmayhemX

newbie

Activity: 15

Merit: 0

is coypayments an exchange?

Rhaizan

full member

Activity: 518

Merit: 100

Quote from: eduardo001 on May 15, 2018, 12:53:41 AM

Hello.

I noticed that someone stole bitcoin and litecoin from my 2 coinpayments wallet. Luckily, I transferring money from there almost daily so, stolen amount is not so high but still it makes me angry.

Hacker logged in to my account even I have 2FA there. Also I never received withdraw confirmation to email for those withdrawals. I sent ticket, but no reply yet.

One friend of mine also have same issue.

After XRP last year, seems like they leaking again.

Anybody else have same issue? Should we stop trust them?

Kind Regards,
Edin

It is difficult to provide trust and should not simply trust in the people and the things because anytime they can traitor you. The better you should do is change your address and the private key is keep it, and be careful.

kastara

full member

Activity: 560

Merit: 100

If in my opinion immediately do change your wallet address and keep all secret key or password related to enter into your personal wallet, because if you do not replace you will experience it continue to take care if according to me. So the right steps to not re-change the address of your personal wallet and do not also access web sites or web sites that are not sure because it also can potentially you lose your coin back.Thank you.

spiker777

sr. member

Activity: 992

Merit: 278

#SWGT CERTIK Audited

Seems very unlikely that both you and your friend would be robbed in the exact same way on the exact same platform.

Did he also have 2 factor auth on? And did you share a device at any time that was used to log into your accounts?

Check the IP login history on both accounts and see if the IP that hacked you is from the same region on both, could be that there is an exploit affecting certain categories of users.

jhon_21

newbie

Activity: 146

Merit: 0

That's why you need to have a secure password before opening an account. Besides, you can two factor authentication of your account so that if your account get hacked, you can easily recover it.

Paul karet

newbie

Activity: 77

Merit: 0

You need to be more careful about entering email addresses into different apps, sometimes hackers log in using them.
and you should further improve security in your wallet.

Phlaser

newbie

Activity: 257

Merit: 0

Coinpayment again? This was how ripple (xrp) suddenly disappeared in my account with them last year and they gave explanation that they had an issue and people withdrew far more than they hold. They apologise and later pay back in instalments though. If this happened to you then they seriously need to step up security on their platform.

Quote from: eduardo001 on May 15, 2018, 12:53:41 AM

Hello.

I noticed that someone stole bitcoin and litecoin from my 2 coinpayments wallet. Luckily, I transferring money from there almost daily so, stolen amount is not so high but still it makes me angry.

Hacker logged in to my account even I have 2FA there. Also I never received withdraw confirmation to email for those withdrawals. I sent ticket, but no reply yet.

One friend of mine also have same issue.

After XRP last year, seems like they leaking again.

Anybody else have same issue? Should we stop trust them?

Kind Regards,
Edin

mustamin88

newbie

Activity: 98

Merit: 0

we also need to be careful of the spread of links under the pretext of securing a wallet or a gift of coins or whatever, If Saving btc / ETH or altcoin Other In the wallet or online exchanger,
my advice do not directly click or respond to links that blm kt know.

cryptojackny

newbie

Activity: 127

Merit: 0

I didn’t face any such scam but heard a few more stories who experienced the same. You are lucky that the amount is not more it was very bad in some other cases. I think this things are done by someone who is of coinpayments and I will suggest you to see the history and find out where the money has gone. Take legal action if you feel necessary.

OmegaStarScream

staff

Activity: 3402

Merit: 6065

A decent amount of scam accusations has been raised against them in the last few months so you should look into the possibility that this was an inside job because a hacker accessing your coinpayments account, your email and your phone for 2FA (assuming that It's on phone) doesn't seem like a likely scenario. Do you have a withdrawal history? try to track where the funds went to.

eduardo001

newbie

Activity: 20

Merit: 0

Hello.

I noticed that someone stole bitcoin and litecoin from my 2 coinpayments wallet. Luckily, I transferring money from there almost daily so, stolen amount is not so high but still it makes me angry.

Hacker logged in to my account even I have 2FA there. Also I never received withdraw confirmation to email for those withdrawals. I sent ticket, but no reply yet.

One friend of mine also have same issue.

After XRP last year, seems like they leaking again.

Anybody else have same issue? Should we stop trust them?

Kind Regards,
Edin

Topic: Coinpayments robbed (Read 613 times)