Pages:
Author

Topic: Good thing for two-factor authentication. Coinbase account definitely hacked. (Read 2924 times)

hero member
Activity: 588
Merit: 501
Your email security should be the most important! you should have two-factor authentification on you email before anything else (of course I'm talking about your main email adress) gmail offers that and I'm sure other mail services do aswell
sr. member
Activity: 1097
Merit: 310
Seabet.io | Crypto-Casino
And in future. Watch out for Chinese people or anybody holding chop sticks. Job done

Chop Sticks.... Metal, bamboo or plastic?  Wink

hero member
Activity: 672
Merit: 500
Got an authentication text from Coinbase out of the blue and thought it was suspicious so I logged on to my account and had a password reset request from China...

Guess I'm gonna have to move ALL of my coin to paper wallets. Seems like Coinbase is no longer safe even for the tiniest bit of coin I had on there.

*Edit*: This stupid fu*k has now hacked into my email. Anybody else out there with a little hacking no how, feel free to return the favor.
 IP = 27.20.238.204

You should have a 2FA option on your email account as well.  If not, find one that offers it.
legendary
Activity: 2674
Merit: 2965
Terminated.
Statistically, your home PC is probably a greater risk than Coinbase.

Is there proof of this?
Yes. You have minor security with minor knowledge, they have a team working on keeping everything secure.
hero member
Activity: 868
Merit: 1000
i just set up my google 2 step factor....


glad i saw this threadBTCBTC
legendary
Activity: 2044
Merit: 1055
Better not buy a iPhone 5S, they could cut your finger off to get into your system!

 Grin
full member
Activity: 139
Merit: 100
Owner@ CryptoFundingTracker.com
to the OP even account with 2fa isn't safe every time... rooting your phone you are letting some people free in plus there is such a big amount of malware in play store that sooner or later someone will get what they want...


I can confirm this. The amount of malware in the play store is actually disturbing. Here at college they have some pretty strict network standards as far as malware goes and my phone got kicked off the wifi because an update to one of the apps had malware with it. Rooting your phone makes it that much easier.

Ok, but this means someone hacking your Bitcoin account needs:

- Your email
- Your username on Coinbase
- Your phone number
- Access to your phone

That's a lot of stuff.  I'd say it's rather unlikely for all to be compromised by the same person without your PC being compromised.
full member
Activity: 224
Merit: 100
Professional anarchist
Got an authentication text from Coinbase out of the blue and thought it was suspicious so I logged on to my account and had a password reset request from China...

Guess I'm gonna have to move ALL of my coin to paper wallets. Seems like Coinbase is no longer safe even for the tiniest bit of coin I had on there.

*Edit*: This stupid fu*k has now hacked into my email. Anybody else out there with a little hacking no how, feel free to return the favor.
 IP = 27.20.238.204

Do you re-use the password on other sites? If so, which? This answer might point to where this is coming from.

If you don't, it might suggest that you have some form of virus/keylogger/trojan on your machine.

Recommend LastPass for managing complex and unique passwords.
hero member
Activity: 924
Merit: 1001

Guess I'm gonna have to move ALL of my coin to paper wallets.


Amazed people are still just realizing this.

-B-
legendary
Activity: 1148
Merit: 1014
In Satoshi I Trust
move the coins and have a peacefull life  Wink
sr. member
Activity: 342
Merit: 250
to the OP even account with 2fa isn't safe every time... rooting your phone you are letting some people free in plus there is such a big amount of malware in play store that sooner or later someone will get what they want...


I can confirm this. The amount of malware in the play store is actually disturbing. Here at college they have some pretty strict network standards as far as malware goes and my phone got kicked off the wifi because an update to one of the apps had malware with it. Rooting your phone makes it that much easier.
newbie
Activity: 29
Merit: 0
member
Activity: 93
Merit: 10
Guess I'm gonna have to move ALL of my coin to paper wallets. Seems like Coinbase is no longer safe even for the tiniest bit of coin I had on there.

Wait...  You didn't realize someone who could guess your e-mail address could send a password reset request?

Look, careful planning and use of multiple wallets to improve security, including paper wallets or other offline wallets is smart.

Right now,  I do believe your priority should be to make sure your EMAIL account has 2-factor authentication enabled, and that you are using a SECURE  e-mail provider,  not one like Apple, that might allow  someone else to reset your email account creds by making a phone call or otherwise social-engineering support.

I would suggest booting from a bootable Linux CD  (to sidestep, just in case of PC-based malware),  log into your CB and E-mail account, and carefully go over your security questions.

Make sure none of the security questions are guessable.
MAYBE change them all  (write down and vault the new answers), for good measure.
newbie
Activity: 56
Merit: 0
to the OP even account with 2fa isn't safe every time... rooting your phone you are letting some people free in plus there is such a big amount of malware in play store that sooner or later someone will get what they want...

https://www.youtube.com/watch?v=6oAQoDfeN08

hero member
Activity: 605
Merit: 634
I wasn't pointing a finger at the OP for being insecure, I should have worded that better, sorry. Coinbase has to comply with AML laws of 50 states. I *know* that they have had to jump through a thousand hoops to do that. I work with network security, and PCI compliance (Payment Card Industry). My work is going through PCI tests now, and it is a huge headache.

Statistically, the chances are high that the OP is using Windows, which also 'by the numbers' has the highest chance of being broken into. Microsoft is dropping all updates for XP on April 8. I got an email today, estimating that 30% of people are still running XP. With no more security updates, XP will become a playground for black hats. Anyone that runs a local wallet on XP is foolish and at risk. Encrypt your wallet at the very least, please get rid of of XP at the best. Even if your wallet.dat is local, and encrypted, a keystroke logger gives  up all your passwords to everything that you log in to.

The OP may be a Mac guy, or a Linux guru, in which case that chances are very low that his PC got broken in to. Still, Coinbase has to live by much higher standards than any of us do. 2FA is a very good thing, everyone should use it when they can. Logs can be scary when you look at them, but all of that is firehose probing for common default vulnerabilities. Nobody has singled you out.

MtGox was in Japan, they had no such laws to comply with. I recommend Coinbase to my friends and family in the USA.
member
Activity: 112
Merit: 10
Statistically, your home PC is probably a greater risk than Coinbase.

Is there proof of this?

I can't vouch for any statistical analysis, but when I last looked at my router logs, I'd see an average of 5 probes (A single IP addresses looking for open ports) a day.  About 40% are Chinese, usually attached to a university, followed by probes from Russia, then other European and US addresses in number.   It's a little unnerving when you are aware that random people checking the lock on your door several times a day.
full member
Activity: 167
Merit: 100
Statistically, your home PC is probably a greater risk than Coinbase.

I trust exchanges way more than I trust myself and my setup.
hero member
Activity: 546
Merit: 500
Statistically, your home PC is probably a greater risk than Coinbase.

Is there proof of this?

I think that they were speaking generally...

However, Coinbase likely spends a great deal more money than many here do, for the sake of securing their computer systems. Although Coinbase may be targeted more than the average PC or whatever, they also are cognizant of that, and so they take steps to prevent having security threats, which is evidenced in part by the fact that they haven't suffered from any "hacks" to my knowledge.
newbie
Activity: 42
Merit: 0
Statistically, your home PC is probably a greater risk than Coinbase.

Is there proof of this?
member
Activity: 112
Merit: 10
Got an authentication text from Coinbase out of the blue and thought it was suspicious so I logged on to my account and had a password reset request from China...

It just means somebody who has your email address submitted it to coinbase.  If they compromised your email, then you would have a problem.

Pages:
Jump to: