Pages:
Author

Topic: Cryptopia accounts being cracked (Read 232 times)

hero member
Activity: 1274
Merit: 521
7enius - Your Cryptocurrency Marketing Consultant
March 26, 2018, 11:15:24 PM
#22
I got an email like that a couple of times and stopped but about a week ago got the same email about failed login attempt, but I thought it was a mistake from the exchange for seeing a lot of complaints about that exchange lately.

I'm not too worried because I do not have any funds on the exchange and I use 2fa and I think it's fairly safe.
legendary
Activity: 3262
Merit: 1376
Slava Ukraini!
March 25, 2018, 05:51:10 PM
#21
I'm getting message about failed attempt to login to my Cryptopia account almost every day. Checked - these attempts made from Russian IP address.
But I don't care much about it. Can't remember when I used Cryptopia last time and I don't have funds there. But it's just another great reminder why 2FA is must to use thing on exchanges.
legendary
Activity: 1806
Merit: 1521
March 25, 2018, 05:03:29 PM
#20
What's their policy on multiple accounts if you haven't done KYC? They obviously had a database leak. I wonder what other data was taken. I wouldn't load funds on my old account knowing that. I'd prefer to just make a new account with a fresh email address.

You can use 2FA for peace of mind (in fact you should anyway), but getting your account locked over this is also a bitch.

It could be their database being leaked, most likely which is why everyone on cryptopia is getting login attempt logged. Or, it could be another exchange who had their database leaked and they're just cross-checking the same email addresses on cryptopia. Is a possibility but less likely.

I assumed the OP would not have reused an email address. That's a basic security precaution, a unique email address for each account. If it were a newbie posting I may have assumed otherwise.

But it sounds like the leak could be from another exchange too:

I'm not using the same email address and I'm very careful about using my email on sites so I'm honestly not sure how someone was able to get it unless It has been leaked from another exchange or something.

Why use cryptopia anyways instead of another exchange when it's got so many problems with it?

It's good for accumulating low-cap gems before they get listed on other exchanges.
legendary
Activity: 3570
Merit: 1548
Get loan in just five minutes goo.gl/8WMW6n
March 25, 2018, 11:07:11 AM
#19
Last weeks I also noticed several email with warning that someone fail to login to my account, I don't think that problem with cryptopia exchange, email datebase  can be leaked from anywhere(even bitcointalk few years ago) and until you turn on 2FA it remains safe.
legendary
Activity: 1246
Merit: 1049
March 25, 2018, 04:05:52 AM
#18
In other words, If I know your email address, I could just lock it? Shocked

Exactly. That's what I'm referring to when I asked that question. It might be abused by those person who have our emails.

Either that or they actually got my password and the failed login represent that they weren't able to go through the 2FA?

I guess no.
If that's the case (they have both your email and password), instead of receiving the failed login email you must have received the login confirmation with the 2fa code in it.
hero member
Activity: 1666
Merit: 753
March 25, 2018, 04:02:02 AM
#17
Does cryptopia lock accounts not on IP basis? (based on OP - look likes it's not)

Now after thinking about it, It sound stupid to lock accounts based on the account. In other words, If I know your email address, I could just lock it? Shocked Either that or they actually got my password and the failed login represent that they weren't able to go through the 2FA? I'm honestly not sure.

Exactly. If you are able to pull stuff like that just by knowing someone's email address, then it's not a good security measure to have. And if you have hackers on your tail trying to get into your account, if they wanted to, they could literally lock your account just by attempting to login with the  wrong password over and over again.

What's their policy on multiple accounts if you haven't done KYC? They obviously had a database leak. I wonder what other data was taken. I wouldn't load funds on my old account knowing that. I'd prefer to just make a new account with a fresh email address.

You can use 2FA for peace of mind (in fact you should anyway), but getting your account locked over this is also a bitch.

It could be their database being leaked, most likely which is why everyone on cryptopia is getting login attempt logged. Or, it could be another exchange who had their database leaked and they're just cross-checking the same email addresses on cryptopia. Is a possibility but less likely.

Their multi-account policy is as follows:

Quote
Multiple accounts for the purpose of defrauding, circumventing bans, soliciting or abusing Cryptopia Ltd. services will result in immediate termination of all related accounts, including seizure of all on-site digital property.

I don't think creating a new account for the purpose of trying to avoid a hacker qualifies as any of those things. However it's best to check up with support still, even though you may never get a response back. Why use cryptopia anyways instead of another exchange when it's got so many problems with it?
staff
Activity: 3500
Merit: 6152
March 25, 2018, 03:28:56 AM
#16
Does cryptopia lock accounts not on IP basis? (based on OP - look likes it's not)

Now after thinking about it, It sound stupid to lock accounts based on the account. In other words, If I know your email address, I could just lock it? Shocked Either that or they actually got my password and the failed login represent that they weren't able to go through the 2FA? I'm honestly not sure.
newbie
Activity: 14
Merit: 0
March 25, 2018, 03:12:29 AM
#15
Sometimes an exchange gets hacked then robs its customers to cover its loss. It keeps quiet about the hack, then starts delaying withdrawals and playing dirty tricks to rob its customers of coins. Getting your coins off cryptopia unless necessary for a trade is good advice.
Wow, that sounds really scar? Which exchanges have been known to do that? I haven't heard of such a thing... Usually they announce the hack then they limit withdrawals or something.

I'm pretty sure if they limited withdrawals before the hack, then people would just accuse the exchange of making up the hack..
legendary
Activity: 1806
Merit: 1521
March 25, 2018, 03:04:55 AM
#14
What's their policy on multiple accounts if you haven't done KYC? They obviously had a database leak. I wonder what other data was taken. I wouldn't load funds on my old account knowing that. I'd prefer to just make a new account with a fresh email address.

You can use 2FA for peace of mind (in fact you should anyway), but getting your account locked over this is also a bitch.
legendary
Activity: 1246
Merit: 1049
March 25, 2018, 02:12:33 AM
#13
I'm on the same ride.
For a while now I've been experiencing about two failed logins per day (sometimes there's gap), also from different IP addresses.

Code:
March 19 - 110.175.251.101
March 18 - 103.81.222.190
March 17 - 188.68.0.99

Well, I'm not worried at all since I have turned on my email address 2fa but I'm thinking about the locked in period.
Does cryptopia lock accounts not on IP basis? (based on OP - look likes it's not)
hero member
Activity: 1526
Merit: 596
March 25, 2018, 12:51:21 AM
#12
Hey @OmegaStarScream

I am glad to see I am not the only one. I got the same, maybe a week ago (just 1 attempt) Nothing to worry in my case. Are you using the same address on this exchange with your bitcointalk account (before the forum get compromised)? I believe some people with the database are simply trying to with the most popular exchanges in case someone used the same password

I'm not using the same email address and I'm very careful about using my email on sites so I'm honestly not sure how someone was able to get it unless It has been leaked from another exchange or something.

Most likely... It's probably a crypto related email leak that has gone undetected and the hacker is trying it out on crypto exchanges.. Otherwise people who do not have their email addresses public should not even be getting any login attempts other than themselves. Unless the hacker is able to brute force his way through email addresses which is unlikely.

Cryptopia is a broken exchange basically, so many complaints and unresponsive and irresponsible support. Also heaps of cases where people lost money because cryptopia had coins basically stolen and refused to compensate the user even partially, even though they were the ones listing them.

I would not use any exchanges to store my funds for this exact reason, especially Cryptopia. Honestly there are way too many warnings already based on past cases that should deter you from storing any funds on exchanges, it's common sense.
copper member
Activity: 2940
Merit: 4101
Top Crypto Casino
March 24, 2018, 01:35:40 PM
#11
I see. In my case, Cryptopia isn't the first exchange I got this. There are about 5 exchanges where the same thing happened multiple times. And the very first was Bittrex. Coincidence or not, during this period I remember to read here a lot of users with a similar problem about their account; and a short period after, It's when Bittrex forced people with verification ID and limits such as x BTC per day to transfer out, etc...
staff
Activity: 3500
Merit: 6152
March 24, 2018, 11:15:38 AM
#10
Hey @OmegaStarScream

I am glad to see I am not the only one. I got the same, maybe a week ago (just 1 attempt) Nothing to worry in my case. Are you using the same address on this exchange with your bitcointalk account (before the forum get compromised)? I believe some people with the database are simply trying to with the most popular exchanges in case someone used the same password

I'm not using the same email address and I'm very careful about using my email on sites so I'm honestly not sure how someone was able to get it unless It has been leaked from another exchange or something.
newbie
Activity: 12
Merit: 1
March 24, 2018, 10:02:19 AM
#9
Yeah even i received many login attempts from the past few days , my account even got locked but i really don't care cryptopia seems to me as one of the worst exchange with the worst design every possible and shit support

Hey @OmegaStarScream

I am glad to see I am not the only one. I got the same, maybe a week ago (just 1 attempt) Nothing to worry in my case. Are you using the same address on this exchange with your bitcointalk account (before the forum get compromised)? I believe some people with the database are simply trying to with the most popular exchanges in case someone used the same password

Yes this might be the reason but if you have 2FA i don't think you should worry or just change your password as you might have the same password on the exchange which you used for your bitcointalk account
copper member
Activity: 2940
Merit: 4101
Top Crypto Casino
March 24, 2018, 09:57:24 AM
#8
Hey @OmegaStarScream

I am glad to see I am not the only one. I got the same, maybe a week ago (just 1 attempt) Nothing to worry in my case. Are you using the same address on this exchange with your bitcointalk account (before the forum get compromised)? I believe some people with the database are simply trying to with the most popular exchanges in case someone used the same password
member
Activity: 164
Merit: 37
March 24, 2018, 01:41:41 AM
#7
I'm not really afraid about the security of my funds as I don't store anything on exchanges but It's worth mentioning that I received 3 Fail login attempts and then my account got locked.

Code:
15th March - 95.181.176.135
17th March - 73.196.57.191
19th March - 85.102.254.166

The IP addresses are not from the same country so It's most likely an attack with proxies on different accounts and not just mine. I thought I should let you guys know so in case you don't have 2FA enabled or strong password, do it.

It's definitely not an accident, definitely planned and the hacker's trying to login from different IPs so that he doesn't get traced down. Probably using a proxy to do so, but it's definitely malicious in intent.

I believe that I've heard users at cryptopia being hacked before, though I'm not sure if it's officially confirmed.

But as warningsigns said, nobody should store any amount of coins on exchanges. If you have to exchange crypto, then do the exchange and get your money out asap. You never know what goes on in an exchange, you might not even get notified of hackers trying to get into your account. It might not even be hackers, it could be the exchange itself that becomes insolvent which ends up with you losing money.

Sometimes an exchange gets hacked then robs its customers to cover its loss. It keeps quiet about the hack, then starts delaying withdrawals and playing dirty tricks to rob its customers of coins. Getting your coins off cryptopia unless necessary for a trade is good advice.
hero member
Activity: 1666
Merit: 753
March 24, 2018, 12:30:23 AM
#6
I'm not really afraid about the security of my funds as I don't store anything on exchanges but It's worth mentioning that I received 3 Fail login attempts and then my account got locked.

Code:
15th March - 95.181.176.135
17th March - 73.196.57.191
19th March - 85.102.254.166

The IP addresses are not from the same country so It's most likely an attack with proxies on different accounts and not just mine. I thought I should let you guys know so in case you don't have 2FA enabled or strong password, do it.

It's definitely not an accident, definitely planned and the hacker's trying to login from different IPs so that he doesn't get traced down. Probably using a proxy to do so, but it's definitely malicious in intent.

I believe that I've heard users at cryptopia being hacked before, though I'm not sure if it's officially confirmed.

But as warningsigns said, nobody should store any amount of coins on exchanges. If you have to exchange crypto, then do the exchange and get your money out asap. You never know what goes on in an exchange, you might not even get notified of hackers trying to get into your account. It might not even be hackers, it could be the exchange itself that becomes insolvent which ends up with you losing money.
hero member
Activity: 896
Merit: 1082
March 23, 2018, 10:25:15 PM
#5
That's scary. Don't store coins on any exchange. For the love of your coins, keep them in a wallet you and you alone totally and solely control. Thieves are everywhere, offline and online, and no exchange can and will guarantee to replace your coins if hackers successfully penetrate their systems.

How these criminals bypass super secure security systems is a puzzle. It's not like 2FA systems become vulnerable when they are overwhelmed by attacks. In fact, the more persistent the attacks, the more likely it is that the exchange will deny all access to accounts, their legitimate customers included.

Store yours coins safely. There is no totally impenetrable digital fortress out there. They are all vulnerable and risky.
member
Activity: 164
Merit: 37
March 23, 2018, 08:17:48 PM
#4
Yes, we already came to the conclusion
https://bitcointalksearch.org/topic/m.32933068
Cryptopia should make a notification, that they got cracked and that not only a few accounts are compromised.

I read posts complaining about failed login attempts using an email address only used for cryptopia. If they are true I can't think of any explanation apart from cryptopia got cracked.
hero member
Activity: 909
Merit: 508
March 23, 2018, 02:11:21 PM
#3
Yes, we already came to the conclusion
https://bitcointalksearch.org/topic/m.32933068
Cryptopia should make a notification, that they got cracked and that not only a few accounts are compromised.
Pages:
Jump to: