Pages:
Author

Topic: Hacked for 165k STAKE.COM (Read 625 times)

member
Activity: 952
Merit: 27
March 08, 2023, 06:39:55 AM
#27
...the second level of weakness is they allow people to TIP their entire account balance to another user, the thief used this method because trying to withdraw would require email confirmation, they didn't have access to my email. Stake now requires email confirmation when u try to tip other users, this is the security that should have been in place all along. It was added approximately 1 day after I was hacked

You actually saved a lot of users and helped Stake.com fix the bug with confirmation when giving tips hackers cannot tip anymore without first clicking the confirmation on the email, I play on stake and I thank you for making Stake aware of this and fixing this, I hope Stake.com will reach out to you and Thank you for what could be another issue for other users.
legendary
Activity: 2730
Merit: 7065
March 06, 2023, 12:03:35 PM
#26
No they sent no alerts and require no secondary auth at the time to confirm that 2fa was removed.
If that's true, that's just an awful way to handle the security of customer funds. I use 2FA on many sites and not one of them can be deactivated without confirming the deactivation with a 2FA code entry. I will ask them publicly in the ANN thread why that is. Still, you are the one responsible for the security of your accounts. But it's not like Stake helped you in any way.

Tether was helpful but needs a police report, the company is the one that were robbed, it's their wallets and keys and so on, so I can't file a report on their behalf. They for some reason don't seem to think being hacked and robbed is a good enough reason to alert authorities.
Has Tether told you this, and has Stake confirmed they are not going to do anything about it and file a police report? Technically, they stole from the casino and from wallets that belong to Stake. But it's your money that was stolen.

Don't post multiple posts one after the other. Compile all the quotes in one post like I did now.
legendary
Activity: 2730
Merit: 7065
March 05, 2023, 05:40:39 AM
#25
When you want to deactivate 2FA on Stake, doesn't the platform ask for a code from your authenticator app to confirm that action? Was your phone also hacked and the scammers had access to all your codes?

A lot of things could have been done better here, both by you and Stake.

If you work with hundreds of thousands of dollars, you really should have basic understanding of how to stay safe on the internet and use common sense. You didn't do that.
There should be a limit on how much money you can tip to other Stake accounts. How is $50.000 a tip? And if there is no limit, a quick tip followed by an immediate withdrawal request should sound some alarms and make them investigate. They didn't do that.

Stake account changes such as new deposits, withdrawals, email changes, the deactivation of 2FA, etc., should come with email notifications. Didn't Stake send any such notifications to you or is that also something that can be deactivated in the settings? What's the status of your email address associated with your Stake account? Was it also hacked? Maybe notifications were sent but deleted by the hackers.

Did Tether ever reply to you about your inquiry to have the tokens frozen?   
hero member
Activity: 770
Merit: 828
Leading Crypto Sports Betting & Casino Platform
March 05, 2023, 03:38:02 AM
#24
For weeks LOL.

I messaged you on the on the 21st (when we briefly spoke) which is around the time when you went public and then 1 more message some days later . By the way, check the messages again. I never asked how to bet more, I asked how you can bet that much without getting limited, because I got limited just from being up 20k on a certain sport.

And today 3min after you post your nonsense here you replied to the unanswered message you mentioned with "thanks for the offer , Betfair has repeated KYC , blabla " . I wonder what happened in those 3min to send me a friendly PM after basically flaming me here, so strange behaviour.


Obviously you keep playing at stake if you love their action so much, so suck it up.

Good bye.

hero member
Activity: 770
Merit: 828
Leading Crypto Sports Betting & Casino Platform
March 04, 2023, 07:54:20 AM
#23

to keep such money with them? it is a gambling site, where should it be kept lol, literally the biggest gambling company in the world.

First of all stake is by far not the biggest gambling company in the world, not even close!

Saying it's not that good to keep a lot of money at a gambling site is the only real talk. Where you you keep it? Your private wallet! You can deposit within minutes if you need it.

The damage is done, stake won't do anything unfortunately, that's how they roll.
Obviously their security should have picked it up but acknowledging mistakes is also not a strong suit of stake.

It's absolutely the largest company for bet size and play. Not even close lol, well that's absurdly incorrect unfortunately. They allow by far the biggest wagering and by far the best processing times. Unfortunately they decided to ignore several players being phished for smaller amounts leading up to this and only acted when a big one lost money.

Saying stake doesn't have the largest market share of big sports bettors in the world is very incorrect, bet365 etc dont allow anywhere near the action stake does.

LOL, there is a difference between taking big bets and being the biggest gambling company. Gambling also includes more than just sports betting. Bet365 has millions and millions of players. Much more than stake.

Search google biggest gambling companies for 10 seconds and you will see.

Also "Saying stake doesn't have the largest market share of big sports bettors in the world is very incorrect" , who ever said that? LOL You are so mad for no reason.
But still it's wrong what you say, FIAT is way bigger still. Just think about what % of people actually have any idea about crypto.

Fiat gambling is still MUCH HIGER than crypto and this won't change for a while.

But whatever, that doesn't change your situation and dispute with stake.

Why do you even play there anyway? I mean the limits are good but the odds are actually really bad! At places like pinnacle or betfair they are 10% and more higher.
legendary
Activity: 3472
Merit: 3507
Crypto Swap Exchange
March 04, 2023, 06:23:50 AM
#22
It's really sad to read that from a former victim, because this kind of mindset is literally destroying the cryptoworld, and disgusting people from cryptos. A wide adoption will never happen if victims are always the ones blamed when they are scammed or robbed. Fortunately it doesn't work like that in the real world and you haven't replied to my question regarding a judgment confirming your statements in a similar case, so I guess it's just a personal opinion.

I'm really not interested in going into a deeper off-topic discussion here. and don't misinterpret my words or maybe you just didn't understand what I was talking about.

Quote
victims are always the ones blamed when they are scammed or robbed

So, therefore, the proposal to solve this problem is to blame a third party and demand that he bears the losses?!
the bottom line is that you cannot ask others to cover the damage caused by your recklessness.

Quote
I don't understand how you can say that "such security systems are poorly designed", it's "extremely irresponsible" to deposit funds there and claim that the casino has no responsibility if something wrong happens. It's a licensed casino then it has to take care of his customers and their funds, by meeting the standard security criteria at least. When you want to remove the 2fa security at Bitfinex for example you need to enter a 2fa code AND to follow a confirmation link sent by email (while they are offering a PGP encryption option for emails in addition) https://support.bitfinex.com/hc/en-us/articles/115002477333-How-to-change-a-2FA-device-at-Bitfinex
Here the 2fa security has been disabled by only clicking one link if I'm not mistaken.

2FA is not a completely safe solution, especially not Google 2fa or even SMS. for example https://www.allthingssecured.com/reviews/security/stop-using-google-authenticator/
btw. in case someone hacks your 2fa, will you ask Bitfinex to cover your loss and would you expect them to do that? (this is a rhetorical question)


I am leaving this discussion because it is becoming useless and does not help the OP with his problem.
legendary
Activity: 2604
Merit: 2353
March 03, 2023, 07:30:26 PM
#21
Why do you say they have no obligation toward him? You have seen a judgement from this jurisdiction or from their gambling authorities saying that in a similar case? AFAIK being reckless doesn't give the right to anyone to steal you.

the problem arose due to his (OP) mistake. No one (Stake in this case) can take care of the safe behaviour of all its users and bear their losses because they were careless. what would it look like, millions of users simply don't have to worry about security because someone else will cover it for them.
I am speaking to you as someone who was a victim of a hack myself with a somewhat greater loss than what is said here.

viewed from the casino's point of view, another doubt may arise here, whether the OP was really hacked and someone else withdrew his funds. it is also difficult to prove.

I'm not trying to defend the casino, but just a bit of reality. in the end, it doesn't have to be a casino, for example, would you ask Coinbase to participate in covering the loss because their user was hacked and his account was emptied?
It's really sad to read that from a former victim, because this kind of mindset is literally destroying the cryptoworld, and disgusting people from cryptos. A wide adoption will never happen if victims are always the ones blamed when they are scammed or robbed. Fortunately it doesn't work like that in the real world and you haven't replied to my question regarding a judgment confirming your statements in a similar case, so I guess it's just a personal opinion.

This casino doesn't ask to be a security expert or at least to be an educated crypto user to register. They are locking withdrawals of long-standing and honest customers without reasons as we can see here and on review platforms, but they let a brand new account withdrawing tens of thousands US dollars he just received from a simple tip? Seriously? Was the attacker connected from the usual location of the victim at least? Was he using his usual browser, OS and user-agent?
I'm sorry but I don't think alertoriole is the only one being reckless in this case, on many platforms it couldn't have happened and I'm not sure the basic AML policies allow to do that, honestly.

this is a completely different matter, and I completely agree that such security systems are poorly designed. it's amazing how hackers have no problem passing KYC validation, while for regular users it's sometimes a real nightmare.
Let me just mention, the mantra that everyone repeats for a reason, 'not your key, not your coins".

There's been loads of people show me this happened to them but for much less amounts also. So them changing security procedures after it happened to me for these amounts when it had already happened for less to other people is extremely annoying as well. People making comments like they have no responsibilty for their clients money or making sure people aren't stolen from is kind of amusing. They have to safe guard ppls money as much as they can and they haven't even bothered to update security that had been violated numerous times in months leading up this.

with the knowledge that they have many security failures months ago and so many accusations, in addition to all that, to continue to keep such a large amount with them is, in my opinion, extremely irresponsible.
I don't understand how you can say that "such security systems are poorly designed", it's "extremely irresponsible" to deposit funds there and claim that the casino has no responsibility if something wrong happens. It's a licensed casino then it has to take care of its customers and their funds, by meeting the standard security criteria at least. When you want to remove the 2fa security at Bitfinex for example you need to enter a 2fa code AND to follow a confirmation link sent by email (while they are offering a PGP encryption option for emails in addition) https://support.bitfinex.com/hc/en-us/articles/115002477333-How-to-change-a-2FA-device-at-Bitfinex
Here the 2fa security has been disabled by only clicking one link if I'm not mistaken.
hero member
Activity: 770
Merit: 828
Leading Crypto Sports Betting & Casino Platform
February 28, 2023, 04:29:37 AM
#20

to keep such money with them? it is a gambling site, where should it be kept lol, literally the biggest gambling company in the world.

First of all stake is by far not the biggest gambling company in the world, not even close!

Saying it's not that good to keep a lot of money at a gambling site is the only real talk. Where you you keep it? Your private wallet! You can deposit within minutes if you need it.

The damage is done, stake won't do anything unfortunately, that's how they roll.
Obviously their security should have picked it up but acknowledging mistakes is also not a strong suit of stake.
legendary
Activity: 3472
Merit: 3507
Crypto Swap Exchange
February 27, 2023, 07:35:07 AM
#19
Why do you say they have no obligation toward him? You have seen a judgement from this jurisdiction or from their gambling authorities saying that in a similar case? AFAIK being reckless doesn't give the right to anyone to steal you.

the problem arose due to his (OP) mistake. No one (Stake in this case) can take care of the safe behaviour of all its users and bear their losses because they were careless. what would it look like, millions of users simply don't have to worry about security because someone else will cover it for them.
I am speaking to you as someone who was a victim of a hack myself with a somewhat greater loss than what is said here.

viewed from the casino's point of view, another doubt may arise here, whether the OP was really hacked and someone else withdrew his funds. it is also difficult to prove.

I'm not trying to defend the casino, but just a bit of reality. in the end, it doesn't have to be a casino, for example, would you ask Coinbase to participate in covering the loss because their user was hacked and his account was emptied?

This casino doesn't ask to be a security expert or at least to be an educated crypto user to register. They are locking withdrawals of long-standing and honest customers without reasons as we can see here and on review platforms, but they let a brand new account withdrawing tens of thousands US dollars he just received from a simple tip? Seriously? Was the attacker connected from the usual location of the victim at least? Was he using his usual browser, OS and user-agent?
I'm sorry but I don't think alertoriole is the only one being reckless in this case, on many platforms it couldn't have happened and I'm not sure the basic AML policies allow to do that, honestly.

this is a completely different matter, and I completely agree that such security systems are poorly designed. it's amazing how hackers have no problem passing KYC validation, while for regular users it's sometimes a real nightmare.
Let me just mention, the mantra that everyone repeats for a reason, 'not your key, not your coins".

There's been loads of people show me this happened to them but for much less amounts also. So them changing security procedures after it happened to me for these amounts when it had already happened for less to other people is extremely annoying as well. People making comments like they have no responsibilty for their clients money or making sure people aren't stolen from is kind of amusing. They have to safe guard ppls money as much as they can and they haven't even bothered to update security that had been violated numerous times in months leading up this.

with the knowledge that they have many security failures months ago and so many accusations, in addition to all that, to continue to keep such a large amount with them is, in my opinion, extremely irresponsible.
legendary
Activity: 2604
Merit: 2353
February 26, 2023, 02:17:00 PM
#18
unfortunately, you can't be helped much. Apart from some comforting words and sympathy, you can't get anything more. everything is absolutely your fault, and stake.com has no obligation to you.
do not offer any monetary reward for help, because you risk losing money there as well.

I am truly sorry for your loss, it is huge. but you have to move on.
Why do you say they have no obligation toward him? You have seen a judgement from this jurisdiction or from their gambling authorities saying that in a similar case? AFAIK being reckless doesn't give the right to anyone to steal you. This casino doesn't ask to be a security expert or at least to be an educated crypto user to register. They are locking withdrawals of long-standing and honest customers without reasons as we can see here and on review platforms, but they let a brand new account withdrawing tens of thousands US dollars he just received from a simple tip? Seriously? Was the attacker connected from the usual location of the victim at least? Was he using his usual browser, OS and user-agent?
I'm sorry but I don't think alertoriole is the only one being reckless in this case, on many platforms it couldn't have happened and I'm not sure the basic AML policies allow to do that, honestly.
sr. member
Activity: 966
Merit: 306
February 22, 2023, 09:53:57 PM
#17
I support OP to do this since he is open to any suggestion for the recovery of his funds he even promised to do rewards on recovery since he posted this in a public forum, we'll see if they take action on your issue and we'll know if they consider issues related to the usage of Tether in the gambling casinos.
Their action will become a reference for a similar incident in the future.
I wish bests for OP and if he succeeds with his support ticket sent to Tether to seize that stolen fund or better get their help to recover it, it will be a very good reference and guide for other people in future.

I definitely don't want anybody to lose money by phishing sites but if they made mistakes and lost money, if there is guide to help them recover stolen fund, that is good.

I ask myself that what if Tether support to seize that wallet but reject to send that USDT amount to OP?

Are all evidences submitted initially by OP enough for fund seize and recover back to OP?
Will Tether seize the stolen fund first and ask more evidences from OP to send that fund back to OP?

Tether Froze $300K of Stablecoin Hacked After Victims Left Wallet Keys in Evernote
hero member
Activity: 2996
Merit: 598
Leading Crypto Sports Betting & Casino Platform
February 22, 2023, 09:46:03 PM
#16
Not sure what are the chances of Tether helping out OP since OP is using a gambling platform (which is pretty much a regulatory slippery slope), but I guess there's nothing to lose now. Might as well try.
OP has nothing to lose and a support ticket can be created in Security concern.

I support OP to do this since he is open to any suggestion for the recovery of his funds he even promised to do rewards on recovery since he posted this in a public forum, we'll see if they take action on your issue and we'll know if they consider issues related to the usage of Tether in the gambling casinos.
Their action will become a reference for a similar incident in the future.
full member
Activity: 2324
Merit: 175
February 22, 2023, 04:26:36 PM
#15
I created here because the members there told
Me to do so.

Since this one is already created you need to lock the other thread since members will give you the same response, you can also move that topic here but since you're going to have two topics in one section it's better to lock the other one and concentrate on this topic, before locking the thread there create a post that you create a thread in the scam section and post the URL of this topic on the thread that you will lock.
sr. member
Activity: 1914
Merit: 328
February 22, 2023, 03:18:40 PM
#14
Your loss is big and we are really sorry to hear about that, but as said by others, there's nothing the community can do for you in this case. You should contact their support, and if you did and they refused to help you out, I'm afraid you are out of options then.

Phishing attacks are becoming widely disturbing and successful for hackers to compromise accounts and steal funds from different platforms. Users need to be more vigilant and don't click any link that they don't trust and never ever enter any credentials before double checking the website link and the overall look and everything of the layout. No matter how hard they try, there will always be a sign that gives it all up.
sr. member
Activity: 728
Merit: 421
February 22, 2023, 10:11:31 AM
#13
Hey all-been hacked from stake yesterday and trying to somehow locate the coins or find out if i can have them frozen or whatever the case may be, I have posted in another section and without going through all the details I will attach the link. anyone with any experience please reach out and I would be happy to try and figure. something out together.
https://bitcointalksearch.org/topic/diamond-5-stake-account-was-hacked-5440588
again, any help would be insanely appreciated.
It is nice you have opened a ticket with tether to start up with your case. I think with the amount involved, they would give you attention so as to fast track the whereabouts of your funds to recovering them for you but you will have to be patient as the circumstances surrounding your account getting hacked is some how. Of lately, hacking has been a common thing and the hackers have been doing away with it and no one can trace their activities. Money lost accounts gone and hackers can no be apprehended and brought to book to face justice. This is Crypto for you.

Lastly, OP you have already created a topic for this related issue why not continue the conversation there than creating a new thread.
legendary
Activity: 2758
Merit: 1228
February 22, 2023, 07:36:34 AM
#12
Hey all-been hacked from stake yesterday and trying to somehow locate the coins or find out if i can have them frozen or whatever the case may be, I have posted in another section and without going through all the details I will attach the link. anyone with any experience please reach out and I would be happy to try and figure. something out together.

https://bitcointalksearch.org/topic/diamond-5-stake-account-was-hacked-5440588

again, any help would be insanely appreciated.

No people could help you if you are legitimately been hacked by some unknown hackers around and even stake supports cannot retrieve that if the hacker successfully withdrawn your money since there's no dispute on crypto.  Much better slowly learn to move on since unfortunate incident happened already and be careful next time since there are so many desperate criminals finding some ways to suck the money of innocent individual.
sr. member
Activity: 602
Merit: 442
I buy all valid country Gift cards swiftly.
February 22, 2023, 07:05:48 AM
#11
Hey all-been hacked from stake yesterday and trying to somehow locate the coins or find out if i can have them frozen or whatever the case may be, I have posted in another section and without going through all the details I will attach the link. anyone with any experience please reach out and I would be happy to try and figure. something out together.

https://bitcointalksearch.org/topic/diamond-5-stake-account-was-hacked-5440588

again, any help would be insanely appreciated.

I'm so sorry about this and I already made a comment on your previous topics (the link you posted on this thread) and I think it's time you accept the bitter truth that your money is already gone and there is absolutely nothing Yu can do about it and I think you should see this as a big lesson to you rather than wanting to get worked up by this.

These cases are becoming so common lately in the crypto industry and I think there is a need for sensitization and awareness creation. I hope tis serves as a lesson to you and also to everyone seeing this thread as those criminals and scammers are tirelessly working to defraud people of their hard earned money.
legendary
Activity: 2254
Merit: 1377
Fully Regulated Crypto Casino
February 22, 2023, 04:06:18 AM
#10
Cheers guys, it’s not Bitcoin it’s usdt which can be frozen. That’s the premise of my question. If not doable that’s fine.
Im seen some frozen usdt for that on some big hacked but never recall from a phishing site. Technically this your fault for not checking the correct site. So Tether might be use that as alibi to not help you but who knows whats the process for that on a single complain. Sorry for your loss dude. Maybe next time dont try to do transaction or anythint when you feel sleepy or not in your senses.
jr. member
Activity: 33
Merit: 3
February 22, 2023, 01:04:54 AM
#9
I'm sorry for your loss. But how can we prove that this is indeed what happened without any fabrication? Can stake.com contribute to this? I hope everything will get better, especially in the mind.
I'massume that a fund freeze applies to a company with legal status or license like exchange or kind services, because freezing funds is something that needs to be accountable for.
sr. member
Activity: 966
Merit: 306
February 22, 2023, 12:01:29 AM
#8
Not sure what are the chances of Tether helping out OP since OP is using a gambling platform (which is pretty much a regulatory slippery slope), but I guess there's nothing to lose now. Might as well try.
OP has nothing to lose and a support ticket can be created in Security concern.
Pages:
Jump to: