Pages:
Author

Topic: How many hacked polo accounts does it take for them to make 2fa mandatory? - page 3. (Read 2465 times)

full member
Activity: 560
Merit: 111
Polo continually is getting hacked. User accounts without 2fa are the target. Value in said accounts is traded out to the attackers benefit.

Polo is complacent in this. They know and do nothing. They are enabling this to happen. Most likely they are insolvent and or are in on it. Very shaddy!

Its time for a class action lawsuit.


New support members from moderators have to many rights on getting information. It the problem.
sr. member
Activity: 273
Merit: 250
Reread the thread. I used a fresh boot from a livelinux cd. And used a fresh email account. If email account was hacked why not just withdraw, why trade the value out? No, it seems to me polo help desk or polo is ,has been, and still is hacked.

The exact same thing has happened to others.

Polo is complicit and negligent. They are complicit cause they made $ off the theft and then investigated themselves and found no wrong doing. And then low and behold it happened again to somone else.



Polo continually is getting hacked.

wrong!

it's people and their shitty computers getting hacked.

i bet you guys have wallets, login to exchanges and other valuable stuff on the same computer you use to watch porn, open any email attachments and visit other lame site that would refill your stupid windows os with malware and keyloggers

yes, start a class action and people will laugh at you  Roll Eyes


which linux distro and which version?
did you connect from your house network, from a cafe or from an open network?

explain better how you got your funds stolen, even if i really don't like poloniex i hardly believe it's their fault
newbie
Activity: 40
Merit: 0
Reread the thread. I used a fresh boot from a livelinux cd. And used a fresh email account. If email account was hacked why not just withdraw, why trade the value out? No, it seems to me polo help desk or polo is ,has been, and still is hacked.

The exact same thing has happened to others.

Polo is complicit and negligent. They are complicit cause they made $ off the theft and then investigated themselves and found no wrong doing. And then low and behold it happened again to somone else.



Polo continually is getting hacked.

wrong!

it's people and their shitty computers getting hacked.

i bet you guys have wallets, login to exchanges and other valuable stuff on the same computer you use to watch porn, open any email attachments and visit other lame site that would refill your stupid windows os with malware and keyloggers

yes, start a class action and people will laugh at you  Roll Eyes
sr. member
Activity: 273
Merit: 250
Polo continually is getting hacked.

wrong!

it's people and their shitty computers getting hacked.

i bet you guys have wallets, login to exchanges and other valuable stuff on the same computer you use to watch porn, open any email attachments and visit other lame site that would refill your stupid windows os with malware and keyloggers

yes, start a class action and people will laugh at you  Roll Eyes
legendary
Activity: 3668
Merit: 6382
Looking for campaign manager? Contact icopress!
Some people will never learn.

Oh, Ive learned that only 2fa is really secure, until it aint.

So why is it not mandatory, the whole point of this thread.

Of course id like my litecoin back. And I want the fees polo made off my theft back.

However, I am simply arguing for 2fa to be mandatory at polo. The fact that it isn't, when this is a repeat problem effecting several people should leave them open to a lawsuit.

If you lose your phone, the 2FA will make your life hard. If you only keep pennies on Poloniex, it's not worth it.
I did a factory reset for my phone and I kept my exchange accounts without 2FA for some 2-3 days with no 2FA (obviously they were empty too).
When the phone came to a good status, I've re-enabled 2FA everywhere.

Bottom line: there are moments when it's okay to have no 2FA. Making it mandatory would be stupid. It's the user's problem to deal correctly with this.
hero member
Activity: 487
Merit: 500
Oddly enough an E-mail confirmation is not necessary to process the withdrawal after the hack at poloniex.

Agree with the op, because poloniex is aware that multiple accounts without a 2fa are hacked they must take action (eg inform their customers, make 2fa mandatory and delay withdrawals). Because they don't, it makes them (partly) accountable for the current hacks.
sud
sr. member
Activity: 826
Merit: 301
Some people will never learn.

Oh, Ive learned that only 2fa is really secure, until it aint.

So why is it not mandatory, the whole point of this thread.

Of course id like my litecoin back. And I want the fees polo made off my theft back.

However, I am simply arguing for 2fa to be mandatory at polo. The fact that it isn't, when this is a repeat problem effecting several people should leave them open to a lawsuit.

It's not mandatory because some prefer convenience over security. Their choice.

If you want best protection of your account, go to settings page and enable all security options. I do it on every exchange right after sign up.
newbie
Activity: 40
Merit: 0
Some people will never learn.

Oh, Ive learned that only 2fa is really secure, until it aint.

So why is it not mandatory, the whole point of this thread.

Of course id like my litecoin back. And I want the fees polo made off my theft back.

However, I am simply arguing for 2fa to be mandatory at polo. The fact that it isn't, when this is a repeat problem effecting several people should leave them open to a lawsuit.
newbie
Activity: 40
Merit: 0
In case any of you were wondering. I boot from a live linux cd before any exchange activity or email and reboot inbetween steps.

And just randomly the account gets hit right after contacting customer support.

I still have the qora in my account, that is evidence of a crime. If they delete it they are destroying evidence.

Polo also made and kept the transaction fees from the theft.

Thats pretty fucked up to make money off of a theft.

I don't believe you. Why not just use 2FA instead of this nonsense then? Unless you use a unique, otherwise unused email, with a unique password, it's a useless excercise.

You have to have your email hacked to allow the hacker to recover your poloniex password and do the deed.

If my email was hacked then why not just withdraw the whole amount? They didn't withdraw anything. Just a transfer to btc then, to xmr, then to qora which they left me a bag full of, and they got the xmr and out the door with their account.

The email was new, the polo acc was new. The polo account was maybe two weeks old and began with an A.
I believe that they hacked polo, and got a list of non 2fa accounts and started alphabeticaly at the top.


Youre right, why not just use 2fa? That is what Im arguing. Why is it NOT mandatory? Polo is like swiss cheese. They know this yet wont dont change their policy.

Read my spoetnik quote in my last post.

Polo is not secure and is not trust worthy. And I believe have opened themselves up to a lawsuit.

Don't yall have consumer protection across the pond? I bet you do.
sud
sr. member
Activity: 826
Merit: 301
Some people will never learn.
legendary
Activity: 2002
Merit: 1051
ICO? Not even once.
In case any of you were wondering. I boot from a live linux cd before any exchange activity or email and reboot inbetween steps.

And just randomly the account gets hit right after contacting customer support.

I still have the qora in my account, that is evidence of a crime. If they delete it they are destroying evidence.

Polo also made and kept the transaction fees from the theft.

Thats pretty fucked up to make money off of a theft.

I don't believe you. Why not just use 2FA instead of this nonsense then? Unless you use a unique, otherwise unused email, with a unique password, it's a useless excercise.

You have to have your email hacked to allow the hacker to recover your poloniex password and do the deed.
newbie
Activity: 40
Merit: 0
In case any of you were wondering. I boot from a live linux cd before any exchange activity or email and reboot inbetween steps.

And just randomly the account gets hit right after contacting customer support.

I still have the qora in my account, that is evidence of a crime. If they delete it they are destroying evidence.

Polo also made and kept the transaction fees from the theft.

Thats pretty fucked up to make money off of a theft.
member
Activity: 151
Merit: 10
You guys are funny.

Polo clearly isnt safe for accounts without 2fa.

Polo knows its site continually gets hacked by this type of attack.

Polo is guilty by allowing this to continue. Easy lawsuit win.


Edit. Polo also made and kept money from the fraud, ie transaction fees. Sounds guilty by association to me.
What you don't seem to understand is that it isn't Poloniex that gets hacked, it is the computers and/or emails of the account holders that get compromised, allowing the hackers to get their Poloniex password and compromise their accounts.

You are the one enabling yourself to get hacked when you don't use 2fa, Poloniex isn't there to protect your computer/email from hackers.
hero member
Activity: 602
Merit: 500
Polo continually is getting hacked. User accounts without 2fa are the target. Value in said accounts is traded out to the attackers benefit.

Polo is complacent in this. They know and do nothing. They are enabling this to happen. Most likely they are insolvent and or are in on it. Very shaddy!

Its time for a class action lawsuit.



you have proof, if this month poloniex account get hack
i have several poloniex account, use 2fa and without 2fa, all my account is safe without problem
legendary
Activity: 2002
Merit: 1051
ICO? Not even once.
You guys are funny.

Polo clearly isnt safe for accounts without 2fa.

Polo knows its site continually gets hacked by this type of attack.

Polo is guilty by allowing this to continue. Easy lawsuit win.


Edit. Polo also made and kept money from the fraud, ie transaction fees. Sounds guilty by association to me.

If anything, your mindset is what I find funny. Your famous US arrogance that some people over the pond have is seeping right through.

If you have a properly safe password and don't have a keylogger or session stealer you're fine.

AFAIK polo still requires you to click on a confirmation through an email link in case of a withdrawal so in order for anyone to get their funds stolen they would have to have both their Polo and their email compromised.

Lawsuit...   Cheesy Cheesy Cheesy
member
Activity: 126
Merit: 10
Bitcoin amateur learning by doing
>5000 dollar should be mandatory 2FA, or 2 day delayed transfers.
sr. member
Activity: 476
Merit: 250
How many deaths in traffic does it take for you to fasten your seatbelt?


This is exactly what's happenning with polo's 2fa situation. The results never make people take an action about a problem. Never forget.
legendary
Activity: 1512
Merit: 1000
Polo and their complacency has exposed them to the possibility of a class action lawsuit.

Well, and what those claimants would ask for? Punishing Polo for their own ineptitude?
newbie
Activity: 40
Merit: 0
You guys are funny.

Polo clearly isnt safe for accounts without 2fa.

Polo knows its site continually gets hacked by this type of attack.

Polo is guilty by allowing this to continue. Easy lawsuit win.


Edit. Polo also made and kept money from the fraud, ie transaction fees. Sounds guilty by association to me.
Pages:
Jump to: