Topic: HAVE YOU HAD COINS STOLEN ON CRYPTSY? - page 3. (Read 4752 times)

Can't you do 2fa via the web as well? Or is it limited to smartphones + yubikeys?

 In case you don't have a smartphone, 2FA can also be provided with Yubikey which is a usb key that issues one time password when you press it.  I don't know if crypsty offers that security option though, would be interested in hearing feedback form those who use that exchange.

Also to the OP, I get your frustration but I think you should move on ,threatening to sue for $30 is ridiculous, as is spending $3000 to drag their name through the mud..  Also typing in ALL CAPS A LOT LIKE THIS IS CONSIDERED SHOUTING so if you want to be taken seriously, you'll cut that out.  Finally while it would be nice for an exchange to have all the procedures in place to catch unauthorized account access in real time, the reality is that according to their terms of use or whatever the agreement is called, it's up to an account holder to ensure confidentiality of their login credentials.   Assuming you used Windows, I would suggest reinstalling your operating system to clear it of any suspected malware and use a safer browser like Chrome or Firefox, plus various security software , otherwise Linux, though the latter has a bit of a learning curve.

I agree +1

I wouldn't complain if any site holding coins insisted on 2fa. Much less coin stealing then. A better community all round.

I had 3.5 btc stolen from btc-e about month ago, still sad. You had to have 2 step authorization.

No but very slow and they have this terrible way of getting balances back, it's like everything is manual with them. Always seriously underpowered servers.

I've been using them for a very long time. You should check the integrity of your system. This is indeed your own fault. You cannot hold someone else responsible for you not taking measures to protect your credentials. my 2 cents

I worry about anyone still using IE but saying that  feels a bit "racist"

It seems to be a keylogger on OP's computer.

Wow - Is it worth getting this upset about?

+1

I dont use their service, but all I read from you is

- you use IE (bad idea)
- you swear at them (bad idea if you want something)
- YOU got your gmail account hacked (bad password? maleware? anyway its a problem on your end)

"#1 a lack of concern, #2 a lack of responsibility, #3 a lack of common sense!"

fits you like a glove.


I understand that you are angry but you can only blame yourself.

- GeoIP services are unreliable. Your "solution" would probably make it impossible for people who use tor to use crypsty.
- the length of your password is not the problem as google wasnt hacked (afaik) and they have meassures to make brute force impossible. Again most likely your PC is infected and the password was stolen that way or you had an password that was easy to guess.

however they wish, i will never in my life use crypsty again. f ur eula, f u. f u all! LOL  I UNDERSTAND ALL YOUR TELLING ME NO SHIT! HOWEVER ALL THAT SHIT WOULD BE COMPLETE UNNESSAASRY If crypsty helped keep shit secure. AND for all you cryptsy lovers. go google crypsty, show me one fucking link that has a good thing to say about that cursed wreck of a web site. you mother fuckers act like i pasted my password on the front of my house.
east shit and die

Personal Security is part of it, part of the EULA you agreed to when you signed up for the site. I'm sorry you don't want to/can't embrace 2 factor authentication.

However, I don't get hacked.

I'm also going to guess you used a password you made up. Have you ever considered looking into lastpass or another site to generate strong passwords. Banks do get robbed, thus why they are FDIC insurance. But I'll go back to point one, you agreed to keep your account secure sir when you signed up for the site. Then, I will also add, crypsy isn't handling MONEY. They are handling digital representations of something we have value for. What can you possibly sue them for?



This link may help too: Undertstanding BitCoin Contracts

2 STEP AUTH only works if you have constant access to a smart phone. #1 I dont have a SMART phone #2, I dont always have access to my cell phone, nor do i want to consult my phone everytime I log onto something. #3, crypsty has a EMAIL WITHDRAW CONFIRMATION SYSTEM. Why would they offer this if it offers ZERO security worthiness.

COME ON PEOPLE, I can keep my info safe as possibly but CRYPTSY has to offer help. I AM SO VERY TIRED OF EVERYONE TELLING ME IT WAS MY FAULT MY ACCOUNT GOT HACKED. I AM TIRED OF EVERYONE SAYING I SHOULD HAVE DONE THIS, I SHOULD HAVE DONE THAT. Why doesnt anyone consider that a site like crypsty can take steps to secure the account. 

I am not programmer, but even I know there is code that notices suspicious behavior and red flags an account. if cryptsy ASSIST in this security issue the we dont need 4 step authentication, if the site helps catch bad behavior then we don't need 40 character passwords with a note from my mom.


AM I responsible for my banks security? if someone robs the bank using my credentials, am I at fault? do I need to stand at the bank vault with a AR15? NO the banks security is the banks problem, this is why I put my money in a bank so they will take care of it. I assume the same with a online bank such as cryptsy. however i might as well gave it to my old lady..

Also can't forget about the 2 stage authentication.. but I'm going to guess care wasn't taken on establishing the account. I'm not going to read that complete wall of text.

Techincally, though we consider BTC to have value, technically it isn't real. Just as real as that +1 uber sword of doom in warcraft.

read the details. all a hacker needs is your email password. once they are  in your email all they have to do is RESET you password, via the 'forgot my password' link, then DUH, they now have a link in your email to set your crypsty account password to anything they wish - which is what they did to me. THEN 2 seconds after resetting my password they sold all coins. then transferred to a BTC address I have never used. I always use the same BTC address. they did all this while logged in from a IP address that is 8000 Miles from my location. This is why I am mad ! why would crypsty let your account be drained 2 seconds after someone reset the password. why dont they make a 10 minute time limit, or something to confirm your identity before letting someone that has reset a password drain an account. OBVIOUSLY I am either really fucking smart or really dumb, because the actions the hacker took seem like they would set off red flags, and anyone writing site code ought to know that a reset password+new btc address+new IP address+SELL ALL COINS=HACKER and should lock the account until identity can be confirmed.

How the hell does an hacker get your password on both Cryptsy and Gmail?

Either:
1) You use the same username and password on both services
2) You have malware in your computer

I don't see this getting anywhere tbh

This just happened to me on Cryptsy, and also my Gmail. Lost 2BTC. Wasn't even my money, money some friends gave me to trade. Totally fucked me at the worst possible time right before school started.

I have contacted support 4 times and they have told me pretty much it is my fault of "letting" someone hack my account, I have gotten no where with support so, guess what us good ol americans do?