Pages:
Author

Topic: Diamond 5 Stake, account was hacked - page 6. (Read 1327 times)

donator
Activity: 4760
Merit: 4323
Leading Crypto Sports Betting & Casino Platform
February 21, 2023, 09:48:24 AM
#22
It sounds like you made a bad mistake and paid the price, but it also sounds like Stake did their part to freeze the funds to keep the loss at a minimum as soon as it was possible for them to do so (once you alerted them).  This is a huge loss and a terrible situation, but I'm not sure Stake owes you anything.  If they did, I could only imagine how many inside jobs would suddenly happen with users wanting payouts.  Did you ever have the frozen funds returned?  While I think it's unlikely you'll be able to recover anything, if Stake saved a large amount of money from being stolen from you, you really owe them some gratitude in my opinion. 

As I've said a million times...  Stay off telegram.  It should be branded the chat network preferred by scammers.
legendary
Activity: 2506
Merit: 1113
There's no need to be upset
February 21, 2023, 09:40:25 AM
#21
Stake doesn’t have authenticator based 2FA?
Still with the phishing situation sometimes the hackers can bypass it

I wouldn’t hope for tether to freeze this amount in this cases

Best to check directly with Stake website as some pointed
sr. member
Activity: 1877
Merit: 389
February 21, 2023, 09:12:48 AM
#20
Saw you writing on chat as well, it's $150k and this should be emphasized and should have been emphasized from the beginning.
Definitely the best ones to help you here is Stake, not Tether - someone from Stake should have looked into this ASAP ... or would look into this ASAP, so maybe, with a fraction of a hope, you might get into something.

The only best ones to help you resolve this are Stake, no one else.
full member
Activity: 823
Merit: 100
BLOCKXS.COM
February 21, 2023, 08:59:51 AM
#19
Stake just enabled email code for tipping, I guess your thread has made some change already, which is good.
I am sorry for your loss. Make sure to change all passwords and change wallets, they maybe targeted something else too.
legendary
Activity: 2604
Merit: 1504
February 21, 2023, 07:47:52 AM
#18
Hey all, random one as i am not trying to make any big accusations against the company or cause any unwanted commotion(yet).

I am diamond 4(6 percent from diamond 5) member on stake and the account is 5 months old. So I am one of if not their biggest sports players on the site.

Recently I was trying to login to check the status of my bet and was logged out of my account. I didn't think much and wrote the chat, finally got back in and saw I had a zero balance and my live bet had been cashed out. The company wrote to me and queried a set of tips that were sent from my account totaling 165k. the balance would have been 205k if the hacker had not cashed my bet out.

Anyway long story short, I was either phished on telegram or in the stake chat on the site and the link i had opened disabled my 2fa, so the hackers waited and stole the money after I had grown a balance. My issues here are many but I obviously hold a lot of responsibility for clicking the link. If I had my account and email compromised and people accesed my account and stole the funds I wouldn't have much of a gripe but they didn't, they were only able to 'tip" another brand new account 55k and 110k in a matter of seconds, the thief managed to steal the 60k and get it off the site and the rest was blocked. Also, should be noted my 2fa was removed from the acct at 944am and the theft at 11am and still no triggering on the site to block six figure tips(which i've never done before) to a brand new acct that automatically withdrew them.

Anyway i am hoping they will do the right thing and at least split responsibility with me as I did make the mistake of clicking on the phishing link but to have no protocol to stop and internal funds transfer within the site and a withdrawl of those sizes an hour after 2fa was disabled is pretty sickening.

I have the hash for the withdrawl here https://etherscan.io/tx/0x1ae29bdb23b038de73b398947343013ba0df7d45ec322b87de53e0d798c7fa62  

The phishing site I ended up on is here https://stake.com-bonus.io/?action=login&modal=auth&error=fail  it's obviously pretty pathetic replica but it was 5am when i clicked and it did the trick.

If anyone would be willing to help out and see if any real info is connected anywhere I would be super grateful and happy to send a reasonable bounty out.

I'm sorry what happened to you, well, I see that your funds were transferred within an hour to this address https://etherscan.io/address/0x8c96bd52c7bcdb9e9cff233482ee802c72c3cd95 from where, in turn, they were moved to the next address where they are still located https://etherscan.io/address/0xdeb197c73270288adbd93ac537311b46cab96f71 maybe you should contact the police before it's too late, Theter can block the attacker's stolen USDT, unless of course there are grounds for this.
hero member
Activity: 2702
Merit: 672
I don't request loans~
February 21, 2023, 07:37:22 AM
#17
I am more wondering since usdt is extremely traceable and the funds were sent to an exchange if anyone can help in that matter or if anyone is capable of finding the ownership of the website that did the phishing. The money went to bitfinex which I know people will say they probably used fake kyc there to move the coins...I just doubt that, real hackers aren't sending money directly to exchanges, they are cashing them out, tumbling or swapping for different coins. The link was sent to me on telegram which directs it towards the same group of players who have been trying to extort for the previous month. If anyones able to help, genuinely, then please let me know. I'm not wanting to post thousands of pictures and arguements w the site and ownership as I don't think that will lead to any positive results. I don't expect to retrieve the stolen money but I do suspect there's a trail that could be uncovered.
I think exchanges accept reports if you were to show them the links and proof about the hacked account, the wallet involved, and where it's going right now? (I am not sure of this, but they do this kind of stuff in big hacking events so you might as well try ig) I don't think they're able to directly return it to you though. I suggest just compiling everything you have in one place so that whenever someone asks you can just link them to that pile and have them read it all instead of repeating yourself.

As for the doxxing though, I don't think stake is at fault here, they might've just pieced the details themselves when they got access to your data. There are a LOT of places out there that can link back to you if they're knowledgeable enough. I highly doubt stake would help with that tbf.
hero member
Activity: 770
Merit: 828
Leading Crypto Sports Betting & Casino Platform
February 21, 2023, 04:37:04 AM
#16
It is a little strange that they didn't make your account incignito.

A lot of members which you can see in the top 10 in the daily races are incognito, so that's a normal thing.

Your fault happened, we all make mistakes, but that security should really flag suspicious tip transactions to newbie accounts, I don't understand how this could happen. From time to time here we read of accounts that get blocked "for security reasons" in suspicion of multi accounting or whatever but real fraud in 6 digits doesn't get found out, that's alarming.

Well looking at stake history of things like that ( I am very active in stake's forum and read about strange cases a lot ) I think there is nothing that they will do to refund you. A little bit of a shame since you are almost diamond 5 and therefor have wagered almost 500 million $, what a crazy amount.

I am platinum 4 and also ran into problems in the past where I didn't get help, for some reason though I always stick with stake.

Edit: maybe you can make this case public at https://stakecommunity.com/ .

Spreading more awareness and put some small pressure on stake to maybe rethink about helping you.
sr. member
Activity: 1498
Merit: 271
DGbet.fun - Crypto Sportsbook
February 21, 2023, 04:13:14 AM
#15
The lost funds in your balance in the account of the gambling site you are playing on are also quite large, but you yourself said that you clicked on a link that caused your account to be hacked.

      But what happened to you is worrying, even though 2FA is enabled, it is still possible to disable it like what happened to you. Then I don't think that can do anything and you won't be able to catch up with what you lost because for sure it has been moved to different addresses.
sr. member
Activity: 728
Merit: 421
February 21, 2023, 04:07:47 AM
#14
Yeah so, a month or so ago I started getting messages from players on the site demanding money or they would dox me or they would do this and that, sending images of family members and so on. I wrote in and asked for help in making my account incognito or some kind of privacy and was denied.

What has happened is that my telegram where I get the notifications from stake was found out, someone sent me a link on telegram so it popped up on my computer looking just like stakes messages. I clicked it and the rest is history. As far as withdrawls and kyc no stake doesn't have any kyc on withdrawals up to 60k i believe for instant. In any event, clicking was idiotic but the 2fa being stripped and money not being withdrawn but tipped over to a new account is pretty shocking. They stopped 105k and are congratulating themselves for doing so but I lost 100k in the process of them cashing out a bet and stealing the funds.
Was hoping due to my level at the company they would reach some kind of agreement but it's simply 'we can't pay for stolen funds'
OP if i may ask you these question, does anyone know about your identity on stake casino? Does anyone knows you have such amount of money right there in your stake account? Try do a flash back to remember events and occurrences surrounding your account when you made the deposit into your stake account. When you contacted the customer care service of stake complaining about the threat you received in respect to your account and people sending you messages, did you send them the proof of the messages as evidence for them to see? If you did and they ignored you then they too have  questions to answer for not keeping a close monitor on your account and also for not keeping a close monitor in the account that sent you those messages if they are onboard the stake platform. You took a proactive measures early enough to lay a complaint to stake about your experience but they did ignored your complaint and here is the end result of the whole thing.
This is a serious case I will advise you to register your account as a copper member them post the evidence of the threat messages you have been receiving from the players onboard the stake casino also the messages you sent to stake for help and their response to you because if they had helped you earlier enough, this would have not occurred maybe minimal experience.
How can they explain this that a customer registered on their platform with huge amount of money attached to account sent a complaint to stake customer care service in respect to the threat of account doc received still yet they could not be proactive to the complaints.
I strongly advise you to start uploading the evidence here so members could see and follow up the situation.
legendary
Activity: 3318
Merit: 1247
Bitcoin Casino Est. 2013
February 21, 2023, 03:52:45 AM
#13
First I am extremely sorry for your loss,having build up an account to such level and seeing it ruined with a phishing email/link or any other social engineering attack just suck.I cannot stress enough how indispensable is user training and awareness when it comes to such attacks from the cybersecurity perspective.Unfortunately it is your own responsibility for such act that happened,we all would love to help and a good case is the Norwegian police being able to recover about 5 million of 30 million stolen coins in some attack,this proves that governments can if they make a good chain analysis be able to get to that hacker account,the only problem here is that your amount is much lower than 5 million dollars which would spark the interest of state forces to help you.

Sorry that you experienced this and hopefully it will be the last of such accidents for you.
legendary
Activity: 3542
Merit: 1965
Leading Crypto Sports Betting & Casino Platform
February 21, 2023, 12:58:01 AM
#12
I agree,

There should be more checks and balances on accounts with your VIP level, to make sure that things like this does not happen in the future. A red flag should be raised, when a certain amount of money are tipped or withdrawn from your account... and then extra measures should be in place to prevent it.

Example : You provide them with a code word... say "Freebies4Ever" .... and this code word is kept with support. If you give a large tip (x percentage of your balance) ..it will trigger the customer support to contact you to ask for the code word. If it cannot be provided, they block the account and they contact you.  Wink

I hope this helps you.... sorry for your loss.  Sad   (I am not at your level, but I will be pissed if it happened to me and there were no extra measures to protect me)  Roll Eyes
hero member
Activity: 1190
Merit: 599
February 21, 2023, 12:54:47 AM
#11
I am so sad heard with your account stake got hacked and loss much money, I think you can try to tracking with your fund withdrawing trough tips and ask the costumer service for banned or freeze the account receiving. Effective or not to know hacker but I don't sure with your fund will get back in your account stake wallet.

Have possibility with your account hacked trough fake link or your stake id and password have been know by some one else are close with you, but tracking trough tips withdrawing you can know who is the real hacker. I think highest Stake account level exactly with Diamond 5 better using 2fa and add another protect when login to account need email confirmation.
legendary
Activity: 2814
Merit: 1112
Leading Crypto Sports Betting & Casino Platform
February 20, 2023, 09:29:45 PM
#10
And again, I thought users on stake are not allowed to withdraw more than $10,000 without passing KYC verification, how was the new account able to withdraw that huge amount of money without passing KYC verification???
Maybe the brand new account that receives the first money through the tip feature is just a stopover because after that he easily sends it to another account that has passed KYC so he has successfully made a withdrawal so this is really a loss.
The lesson is not to click on random links, especially if it involves an account with large enough funds.
sr. member
Activity: 602
Merit: 442
I buy all valid country Gift cards swiftly.
February 20, 2023, 08:56:58 PM
#9
I suffered similar issues with an exchange and I got scammed by a peer to peer user who sent me a link and since I needed my money, I innocently clicked on the link and my 2 factor verification was compromised ad tye trade was approved and coin released just by me clicking on the link and I really felt so bad because the money was intended for treatment.
I'm so sorry you had to suffer such a loss and I also hope that this serves as a warning and also a wake up call to gamblers who underrate phishing links and I will never click on a link I don't know it's source.
hero member
Activity: 1106
Merit: 570
February 20, 2023, 08:07:20 PM
#8
I'm so sorry for your loss but most times we really have to be careful of the links we clivk ok and that's one of the major reasons I don't click on any random link because I don't want regrets later on because I'm very sure that these guys are tirelessly working on stealing hard earned money from people at all cost.
I really don't know if stake would have so much to do about this incidence but I hope they do since it's an internal transaction and since you said they blocked the other one then you should be hopeful they recover the funds but one thing I know with situation like this is that the link you clicked on has already disabled your two factor verification and anything can easily be done on your account since the security was bridged.
hero member
Activity: 980
Merit: 741
February 20, 2023, 04:56:06 PM
#7
In your case it seems like the hacker was able to trick you into clicking on a phishing link which disabled your 2FA and gave them access to your account The things that’s concerning is gambling sites should have protocols in place to prevent such large internal transfers to a brand new account especially after your 2FA had been disabled. It would be understandable to expect some level of accountability on their part in this situation. I hope that they will take your concerns seriously and work with you to find a solution. It's important for online casinos to prioritize the security of their customers and have measures in place to prevent incidents like this from happening in the future where such a suspicious activity happens and from a different IP address.
For that phishing website i have reported it to Hostinger team and hopefully they will close it ASAP
member
Activity: 840
Merit: 23
February 20, 2023, 04:50:15 PM
#6
So sorry for your lose, I also hope the right thing is fine because seriously, times are hard and we need the little we can get to survive through

But, if it's not possible, accept it as your lose and try to be more cautious and courageous.
legendary
Activity: 2422
Merit: 1083
Leading Crypto Sports Betting & Casino Platform
February 20, 2023, 04:45:06 PM
#5
This is really pathetic, and like you said, both you and stake are in the wrongs, someone of your caliber shouldn't be clicking links you are not sure of, not to talk of giving in your details carefreely, I just clicked the same link you clicked, and I noticed that there is a clear difference of the site from the original stake website.
First is that, the link are not the same - always check that
Secondly, it asked me to login, on the same computer I am currently logged in to the original stake website - this is an obvious red flag you should have page attention to, But you ignored and gave scammers the ability to access your original stake account, and i also know that once you login on stake, it stays logged in, and the only time they ask you for 2FA is when you want to withdraw -- i personally think you were just too careless.

Stake on the other hand should have an algorithm in place that would not allow a user to withdraw their funds if they turn off their 2FA until 24 hours elapses, this is how some other platforms i know does it, so this is clearly a big mistake on the part of stake.
And again, I thought users on stake are not allowed to withdraw more than $10,000 without passing KYC verification, how was the new account able to withdraw that huge amount of money without passing KYC verification???
hero member
Activity: 2800
Merit: 595
https://www.betcoin.ag
February 20, 2023, 04:30:38 PM
#4
You might wanna make the phishing to be not a hyperlink in this page so people will not click it as well. Being that, people who will click that link might also end up being a victim and you won't split responsibility.

They need the code from your email to be able to withdraw so obviously your account and your email were compromised. There is a chance that they might not split that responsibility for you. Such a large sum, sorry for your loss.
legendary
Activity: 3346
Merit: 3125
February 20, 2023, 04:23:13 PM
#3
bump. happy to pay a few grand to someone who can help.

First of all... sorry about your lost, it was a hug amount, and the VIP level on the account was huge too, that sucks.

Talking about the Phishing site, they are still alive as we can see in the next picture:


The attack is curious because first they ask for the 2FA and then for the user name and password, so, or it's automated to unlock the 2FA instantly or there is a crew watching like the hacked accounts.

If we take a look to the "WhoIs" there is not much information, all was redacted for privacy:

Code:
$ whois com-bonus.io
Domain Name: com-bonus.io
Registry Domain ID: 8b801b2798ba4550851bd6d5f15ba689-DONUTS
Registrar WHOIS Server: http://www.hostinger.com
Registrar URL: http://www.hostinger.com
Updated Date: 2022-12-22T13:20:30Z
Creation Date: 2022-08-03T16:59:35Z
Registry Expiry Date: 2023-08-03T16:59:35Z
Registrar: Hostinger, UAB
Registrar IANA ID: 1636
Registrar Abuse Contact Email: [email protected]
Registrar Abuse Contact Phone: +1.11
Domain Status: clientTransferProhibited https://icann.org/epp#clientTransferProhibited
Registry Registrant ID: REDACTED FOR PRIVACY
Registrant Name: REDACTED FOR PRIVACY
Registrant Organization: Privacy Protect, LLC (PrivacyProtect.org)
Registrant Street: REDACTED FOR PRIVACY
Registrant City: REDACTED FOR PRIVACY
Registrant State/Province: MA
Registrant Postal Code: REDACTED FOR PRIVACY
Registrant Country: US
Registrant Phone: REDACTED FOR PRIVACY
Registrant Phone Ext: REDACTED FOR PRIVACY
Registrant Fax: REDACTED FOR PRIVACY
Registrant Fax Ext: REDACTED FOR PRIVACY

I don't think there are any way to recover your money, but maybe you can contact support in the site and explain the problem, at least they should be able to block the scammer account or share their KYC with you.
Pages:
Jump to: