How many hacked polo accounts does it take for them to make 2fa mandatory?

Katashi

sr. member

Activity: 672

Merit: 250

CryptoTalk.Org - Get Paid for every Post!

Quote from: Peanutbutterpolka on June 27, 2017, 02:48:59 PM

Polo continually is getting hacked. User accounts without 2fa are the target. Value in said accounts is traded out to the attackers benefit.

Polo is complacent in this. They know and do nothing. They are enabling this to happen. Most likely they are insolvent and or are in on it. Very shaddy!

Its time for a class action lawsuit.

This is serious threat i think they must do something about this asap

Pente

hero member

Activity: 528

Merit: 527

Coinbase just disabled 2FA SMS due to lack of security in phones.

They are allowing you to use 2FA Apps though if you have the money to get an Android, iPhone, or Windows phone.

Personally, I think people should just strong passwords.

Peanutbutterpolka

newbie

Activity: 40

Merit: 0

Wow, you are a dick. I get your point about a strong pw, but you are still a dick.

To the other person who insisted that I didn't change my password, this was a new account, it got hacked within a few weeks of opening it.

Btw folks the hacker Still has access to polo accounts and is still draining them.

Quote from: Pente on July 02, 2017, 03:37:45 AM

2FA is actually less secure than a strong password. Phone accounts can be easily hacked via various methods. In fact, I am suspecting that OP is really a hacker that is trying to make Polo accounts less secure by getting them to require 2FA.

Accounts with 2FA allow a password reset using your phone, that is how Coinbase accounts get hacked all the time. If you don't use 2FA on your Coinbase account, you can't be hacked with a strong password.

2FA = hacker's wet dream

2FA is like requiring home owners to put multiple locks on their guns so that they can't quickly arm themselves if they get robbed.

I just used my Keepass to generate this 24 digit password: Ã:äPrQÕ¾+N=í©Sÿ3Æ½§«7Ùà2

I checked the generator and there are a potential of over a hundred different characters, so 100^24 = over 10^48 possible combinations.

There is no way OP can hack 10^48 possible combinations, so he wants to degrade security by using the 2FA back door method.

This is how you know OP is a hacker.

Peanutbutterpolka

newbie

Activity: 40

Merit: 0

Bigzilla

member

Activity: 110

Merit: 10

Quote from: Pente on July 02, 2017, 03:37:45 AM

2FA is actually less secure than a strong password. Phone accounts can be easily hacked via various methods. In fact, I am suspecting that OP is really a hacker that is trying to make Polo accounts less secure by getting them to require 2FA.

Accounts with 2FA allow a password reset using your phone, that is how Coinbase accounts get hacked all the time. If you don't use 2FA on your Coinbase account, you can't be hacked with a strong password.

2FA = hacker's wet dream

2FA is like requiring home owners to put multiple locks on their guns so that they can't quickly arm themselves if they get robbed.

I just used my Keepass to generate this 24 digit password: Ã:äPrQÕ¾+N=í©Sÿ3Æ½§«7Ùà2

I checked the generator and there are a potential of over a hundred different characters, so 100^24 = over 10^48 possible combinations.

There is no way OP can hack 10^48 possible combinations, so he wants to degrade security by using the 2FA back door method.

This is how you know OP is a hacker.

Not really. Better have a strong password and 2FA but via App and not SMS.

sud

sr. member

Activity: 826

Merit: 301

Quote from: Pente on July 02, 2017, 02:40:02 PM

Quote from: swissgang on July 02, 2017, 04:41:51 AM

Over the last 3 month there are many newbie users who don't even know the dangers about 2fa, there may be more hacked accounts.

FTFY - 2FA is very hackable and a security weakness

Maybe, but it's another layer of security. The more the better.

Pente

hero member

Activity: 528

Merit: 527

Quote from: swissgang on July 02, 2017, 04:41:51 AM

Over the last 3 month there are many newbie users who don't even know the dangers about 2fa, there may be more hacked accounts.

FTFY - 2FA is very hackable and a security weakness

swissgang

full member

Activity: 462

Merit: 100

Over the last 3 month there are many newbie users who don't even about 2fa, there may be more hacked accounts.

Salicorne

newbie

Activity: 17

Merit: 1

Bittrex forced it, and I am not sure if there is a lesser percentage of hacked accounts.

Pente

hero member

Activity: 528

Merit: 527

2FA is actually less secure than a strong password. Phone accounts can be easily hacked via various methods. In fact, I am suspecting that OP is really a hacker that is trying to make Polo accounts less secure by getting them to require 2FA.

Accounts with 2FA allow a password reset using your phone, that is how Coinbase accounts get hacked all the time. If you don't use 2FA on your Coinbase account, you can't be hacked with a strong password.

2FA = hacker's wet dream

2FA is like requiring home owners to put multiple locks on their guns so that they can't quickly arm themselves if they get robbed.

I just used my Keepass to generate this 24 digit password: Ã:äPrQÕ¾+N=í©Sÿ3Æ½§«7Ùà2

I checked the generator and there are a potential of over a hundred different characters, so 100^24 = over 10^48 possible combinations.

There is no way OP can hack 10^48 possible combinations, so he wants to degrade security by using the 2FA back door method.

This is how you know OP is a hacker.

Spoetnik

legendary

Activity: 1540

Merit: 1011

FUD Philanthropist™

Interesting replies..
Would be good if we had a wiki on known problems or policies.

For example.. Shouldn't they all lock you out after putting in the wrong password too many times?
Like which do that?
I'm not too sure..

I often avoid 2fa because it's a pain in the ass.
But i would be more inclined if I had money on a service.. Pool.. Online wallet.. Exchange etc.
Right now I might have a $100 on an exchange.. So I am not worried about it.
If I was risto with 2 million in xmr on Polo fuck yeah I would have 2 factor auth enabled.
But..
I just don't think it should be mandatory like this topic is about.

I am convinced exchanges can and do simply take our money though.
It's too easy for them and don't forget...
It's not illegal.
They can do what ever they want.. This stuff is not regulated.
For example if Polo says they are retiring and taking all our money then oh well..
They can.
It's there right to do it.
And we can bitch and moan about it but that is the price we pay for screaming the free market mantra for 8 years.

silvermetal

hero member

Activity: 487

Merit: 500

Quote from: Hueristic on July 01, 2017, 06:32:00 PM

Lets not forget they also give you an email notice if your account is accessed from a new IP as well as a confirmation email for withdrawals.

Let's not forget that the withdrawal is processed without clicking on the e-mail link after a hack.
Checking recent activity of the e-mail account confirms the hacker had no access to the e-mail.

That the withdrawal is processed without the e-mail confirmation after a hack is a known flaw by poloniex.

And what can you do with the notification? It just shows you unauthorised access to your account but it doesn't prevent anything. The hack has already occured.

Hueristic

legendary

Activity: 3836

Merit: 4969

Doomed to see the future and unable to prevent it

Lets not forget they also give you an email notice if your account is accessed from a new IP as well as a confirmation email for withdrawals.

Spoetnik

legendary

Activity: 1540

Merit: 1011

FUD Philanthropist™

You guys are missing the point..
Why should no 2fa be a problem if using a secure setup?
Think about it.

How would a hacker know your correct account name / email login
And on top of that manage to brute force guess a 24 char random password using a pro password creator?

It just wouldn't happen.. You would have better odds buying a lottery ticket..
Or guessing the private key to a BTC account with money on it.

You guys get it yet?
I don't think so by the replies..

And I also am not sure if Poloniex or Bittrex have a guard in place.
Do they lock out people who put in the wrong password too much?
If they don't do that it's Hella scammy!

And yeah of course some users are going to be easy pickin's.
Some have simple little passwords.. Reused etc.
And yeah you can get *some logins from other sources like say a pool..
But it comes down to probability and the stats / odds.

If no one has local access to my machine and I have not been hacked / infected...
And... I have a long unique random password..
The fucking exchange is to blame.. NOT HACKERS!

MRlong

sr. member

Activity: 518

Merit: 250

Quote from: Peanutbutterpolka on June 27, 2017, 02:48:59 PM

Polo continually is getting hacked. User accounts without 2fa are the target. Value in said accounts is traded out to the attackers benefit.

Polo is complacent in this. They know and do nothing. They are enabling this to happen. Most likely they are insolvent and or are in on it. Very shaddy!

Its time for a class action lawsuit.

Just by user not keep their account safe and not use 2FA when use exchange site, do that look like as they not seriously when keep their money. When use exchange site or other gate can send money, admin always recommend user use 2FA for safe and security when have hacker try hack your account.

xbiv2

full member

Activity: 560

Merit: 111

Quote from: xbiv2 on June 29, 2017, 07:21:20 AM

New support staff from moderators have to many rights on getting information. It the problem.

Hueristic

legendary

Activity: 3836

Merit: 4969

Doomed to see the future and unable to prevent it

Quote from: Peanutbutterpolka on July 01, 2017, 12:21:21 AM

At the end of may there was a polo ddos attack, the official story was too many new users. That is the time my account was hacked.

I really feel that the attacker got a list of non 2fa accounts and just started going alphabetical. This other user had the exact same thing happen, A full fucking month later. Coincidence that both accounts started with an A?

Doubt it.

Polo was and is still compromised.

Quote from: Peanutbutterpolka on June 30, 2017, 12:33:20 PM

My working theory is that the attackers hacked polo, got a list of non 2fa, then went manually through them alphabetical.

The hacker has been able to do this for atleast a month and a half.

The hacker drained my account nearly exactly like yours by setting counter trades.

Yes polo should be able to track this, have they made any effort to call in authorities? I doubt it.

Hence, I believe they should be opened to a lawsuit.

Quote from: arsat14 on June 29, 2017, 03:37:16 AM

Quote from: Peanutbutterpolka on June 28, 2017, 03:08:07 PM

In my case ,at the end of May, I booted fresh from a livelinux CD and used a new email address. The only thing I did different was I had to contact their help desk.
So I'm not sure how my account was compromised then.

Also my compromised account started with an A, so I assume hacker got access to polo database an went alphabetical.

Op did you previously contact the polo help desk for anything.
Also what letter did your account begin with?

My Account started with A as well (we may be on to something here)!! but not, I did not contact their help desk at all before that,
Did you see any unauthorized activity on your account?

Only a complete retard could be effected by that old hack that polo already made whole and patched. If you haven't changed your password in the years since they warned you to then I hope you lose your assets and that's not called a being hacked, that's called being stupid.

Spoetnik

legendary

Activity: 1540

Merit: 1011

FUD Philanthropist™

Wow you are all ultra fucking stupid.

Guess what?

Accounts with 2fa can still get hacked..
But it's rare because it puts the blame on guess whom?

If I had an exchange I could simply go through the accounts and take money from any with no 2fa..
Then simply imply it must have been "hackers"
And since there is no transparency or accountability it would 100% impossible to prove it wasn't.

So let's break it down stupid people..

If you had a 24 char random pass how does a guy guess it with only a few tries while not getting Blocked by the service?
Ever put in the password wrong some place before 3 times?

If they are allowing random people to brute force accounts then uhhh LOL

Further more I use a Password manager that creates deliberately hard passwords.
24 carefully designed chars that it says would take millions of years to crack.
And since I never reuse passwords I would blame 1 source if I got hacked.
Guess who?

Now on the other hand there is idiots out there that use basic simple passwords and also reuse them.
This would be target no. 1
Who could see password lengths of all users?

Mythical magic "hackers".. Or?

TastyChillySauce00

legendary

Activity: 3010

Merit: 1028

Leading Crypto Sports Betting & Casino Platform

Quote from: Peanutbutterpolka on July 01, 2017, 12:21:21 AM

At the end of may there was a polo ddos attack, the official story was too many new users. That is the time my account was hacked.

I really feel that the attacker got a list of non 2fa accounts and just started going alphabetical. This other user had the exact same thing happen, A full fucking month later. Coincidence that both accounts started with an A?

Doubt it.

Polo was and is still compromised.

Quote from: Peanutbutterpolka on June 30, 2017, 12:33:20 PM

My working theory is that the attackers hacked polo, got a list of non 2fa, then went manually through them alphabetical.

The hacker has been able to do this for atleast a month and a half.

The hacker drained my account nearly exactly like yours by setting counter trades.

Yes polo should be able to track this, have they made any effort to call in authorities? I doubt it.

Hence, I believe they should be opened to a lawsuit.

Quote from: arsat14 on June 29, 2017, 03:37:16 AM

Quote from: Peanutbutterpolka on June 28, 2017, 03:08:07 PM

In my case ,at the end of May, I booted fresh from a livelinux CD and used a new email address. The only thing I did different was I had to contact their help desk.
So I'm not sure how my account was compromised then.

Also my compromised account started with an A, so I assume hacker got access to polo database an went alphabetical.

Op did you previously contact the polo help desk for anything.
Also what letter did your account begin with?

My Account started with A as well (we may be on to something here)!! but not, I did not contact their help desk at all before that,
Did you see any unauthorized activity on your account?

Pretty sure that the hackers got the lists of both accounts with 2fa or non 2fa but just can't access the 2fa enabled accounts so the hackers just went through the unenabled ones.
Big chances the hackers themselves have the access to the database because phishing account especially an exchanger ones is kinda difficult.

Pente

hero member

Activity: 528

Merit: 527

Quote from: Peanutbutterpolka on June 27, 2017, 02:48:59 PM

Polo continually is getting hacked. User accounts without 2fa are the target. Value in said accounts is traded out to the attackers benefit.

Polo is complacent in this. They know and do nothing. They are enabling this to happen. Most likely they are insolvent and or are in on it. Very shaddy!

Its time for a class action lawsuit.

I found your polo password: https://www.youtube.com/watch?v=QcyeYFXdHNQ#t=1m17

Zadicar

legendary

Activity: 1386

Merit: 1020

DGbet.fun - Crypto Sportsbook

Quote from: Peanutbutterpolka on June 27, 2017, 03:05:43 PM

Quote from: Kazkar on June 27, 2017, 03:00:37 PM

Quote from: McWorse on June 27, 2017, 02:53:39 PM

How many deaths in traffic does it take for you to fasten your seatbelt?

I completely agree.
This is the choice of everyone. And to force, does not make sense.

Says the hacker.. Roll Eyes

Seriously, no 2fa, you might as well give the hacker your monies up front. Polo knows accounts keep getting hacked. They do nothing. Their complacency has opened them up to a lawsuit

They wont do nothing even if they did make some investigations i will see that this thing would be a hard thing for them. This is the sole purpose of 2fa and as a user of the site and as a sensible person we would really use up this thing to secure our accounts and the funds inside it because if you dont set this up you are really making a hole into your account that can someone could able to bypass and stole funds inside of it. We should really be responsible and this is the main concern here.

Peanutbutterpolka

newbie

Activity: 40

Merit: 0

At the end of may there was a polo ddos attack, the official story was too many new users. That is the time my account was hacked.

I really feel that the attacker got a list of non 2fa accounts and just started going alphabetical. This other user had the exact same thing happen, A full fucking month later. Coincidence that both accounts started with an A?

Doubt it.

Polo was and is still compromised.

Quote from: Peanutbutterpolka on June 30, 2017, 12:33:20 PM

My working theory is that the attackers hacked polo, got a list of non 2fa, then went manually through them alphabetical.

The hacker has been able to do this for atleast a month and a half.

The hacker drained my account nearly exactly like yours by setting counter trades.

Yes polo should be able to track this, have they made any effort to call in authorities? I doubt it.

Hence, I believe they should be opened to a lawsuit.

Quote from: arsat14 on June 29, 2017, 03:37:16 AM

Quote from: Peanutbutterpolka on June 28, 2017, 03:08:07 PM

In my case ,at the end of May, I booted fresh from a livelinux CD and used a new email address. The only thing I did different was I had to contact their help desk.
So I'm not sure how my account was compromised then.

Also my compromised account started with an A, so I assume hacker got access to polo database an went alphabetical.

Op did you previously contact the polo help desk for anything.
Also what letter did your account begin with?

My Account started with A as well (we may be on to something here)!! but not, I did not contact their help desk at all before that,
Did you see any unauthorized activity on your account?

Spoetnik

legendary

Activity: 1540

Merit: 1011

FUD Philanthropist™

Quote from: btcmaker21 on June 30, 2017, 09:24:16 AM

everyone should do his best to protect your money soo i think it should be up to you if u use 2FA the exchange cant nothing really do about unsecure computers .... the "unsecure" thing is the user of the Computer Tongue

Like what when I ran around warning people about GOX or Crypts or RawX or?

OR how I did on the previous page?

You see investards..
You are well aware of the risks but proceed anyway.
You know better but shove your face in the ROI's beehive regardless.

If all the exchanges run the same way and all pretty much have the same complaints what'd you do?

Spoiler..

You leave dumb fucks. Cheesy

.. Then you all chant well huh how am I supposed to make Bitcoin profits then?

The answer?
You Don't.

So who is guessing 24 char long random passwords?
Where are they getting the account names from?
Who could do it and get away with it over & over?

Easy questions guys Roll Eyes

ethereumhunter

hero member

Activity: 2912

Merit: 541

Leading Crypto Sports Betting & Casino Platform

i think not just in polo that we should do the best for our self because when we decide to make an account into every site, we need to make sure that our account is safe from the attacker. so if we are made an account in polo, then we need to activate 2fa before something bad is happen and we are only regret it because of that.

btcmaker21

member

Activity: 71

Merit: 10

everyone should do his best to protect your money soo i think it should be up to you if u use 2FA the exchange cant nothing really do about unsecure computers .... the "unsecure" thing is the user of the Computer Tongue

Hueristic

legendary

Activity: 3836

Merit: 4969

Doomed to see the future and unable to prevent it

Quote from: Mallyx on June 30, 2017, 08:25:37 AM

No 2fa is like hiding your life savings under your bed.
It's safe, until a thief come.

Mallyx

hero member

Activity: 1138

Merit: 574

No 2fa is like hiding your life savings under your bed.
It's safe, until a thief come.

Hueristic

legendary

Activity: 3836

Merit: 4969

Doomed to see the future and unable to prevent it

Quote from: silvermetal on June 30, 2017, 12:04:07 AM

Quote from: Hueristic on June 29, 2017, 07:07:55 PM

YUP, real idiot here been around here for years and never been hacked. Yup real dumbass. If your a retard your gonna lose your money know matter what. I'd explain that in more detail but I doubt you could grasp it.

If your vocabulary reflects who you are in reality; aggressive and suspicious then I understand that in this crypto world you have never lost a penny. I am happy for you, and hope you can say that after a few years as well.

But not everybody is like you, there are also a lot naive and faithful people who should be protected by making 2fa mandatory and by proper education/information.

Currently in this wild west of crypto it is steal or get robbed.

I don't want a nanny state everywhere I go that is all. I believe in Darwinism and don't think everyone should be forced to do things they don't feel they need to save a few morons (not saying every hacked is a moron just making a general statement). We are Adults that can make our own decisions. Whats right for a few is not always right for all. There is headgear in all Our futures if the insurance companies have their way. How do you like having traffic stopped both ways for a school bus and a16 year old kid jumps out and gets in there car and drives away? I say if they are that dumb by that age they should not breed.

JasonXIII

member

Activity: 106

Merit: 12

Quote from: bathrobehero on June 28, 2017, 04:19:46 AM

Quote from: Peanutbutterpolka on June 27, 2017, 11:48:30 PM

In case any of you were wondering. I boot from a live linux cd before any exchange activity or email and reboot inbetween steps.

And just randomly the account gets hit right after contacting customer support.

I still have the qora in my account, that is evidence of a crime. If they delete it they are destroying evidence.

Polo also made and kept the transaction fees from the theft.

Thats pretty fucked up to make money off of a theft.

I don't believe you. Why not just use 2FA instead of this nonsense then? Unless you use a unique, otherwise unused email, with a unique password, it's a useless excercise.

You have to have your email hacked to allow the hacker to recover your poloniex password and do the deed.

So with a safe mail, everything is ok?
Which provider is the most safe? gmail, hotmail, yahoo, gmx? What do you advise please?

Matthias K.

newbie

Activity: 33

Merit: 0

Exchanges can recommend 2FA.
Making it mandatory is plain stupid; also asking for that.

SomethingMAD

member

Activity: 94

Merit: 10

Bittrex has been a target since a long time ago, and many people have been hacked. And now Poloniex, the largest and most trusted Exchanger. Poloniex often encourages users to change their passwords regularly to avoid hacked accounts. The use of Authy / 2fa is highly recommended before more people lose money there.

Pente

hero member

Activity: 528

Merit: 527

How are the accounts getting hacked? Don't they use a hash of the password. I would think that as long as you use a strong password you would be okay. My Keepass generates a 24 random ASCII digit password. That should be more than sufficient.

2FA is a pain because you can't access your account when you travel overseas. I have to use a separate phone for each country due to phone incompatibilities, but I have never seen a 2FA account that allows for that.

silvermetal

hero member

Activity: 487

Merit: 500

Quote from: Hueristic on June 29, 2017, 07:07:55 PM

YUP, real idiot here been around here for years and never been hacked. Yup real dumbass. If your a retard your gonna lose your money know matter what. I'd explain that in more detail but I doubt you could grasp it.

If your vocabulary reflects who you are in reality; aggressive and suspicious then I understand that in this crypto world you have never lost a penny. I am happy for you, and hope you can say that after a few years as well.

But not everybody is like you, there are also a lot naive and faithful people who should be protected by making 2fa mandatory and by proper education/information.

Currently in this wild west of crypto it is steal or get robbed.

Hueristic

legendary

Activity: 3836

Merit: 4969

Doomed to see the future and unable to prevent it

Quote from: silvermetal on June 29, 2017, 12:40:18 PM

Quote from: Hueristic on June 29, 2017, 11:55:46 AM

So you want to blame the exchange for not forcing you to use the extra security they provide and your answer to that is to force everyone else to have to use it. Fucking ridiculous, your out of your fucking mind. Go back to banks and fuck off.

Well maybe they should leave the option open for idiots like you to switch off the 2fa with the following disclaimer: At your own risk! It is a matter of time that your account will be hacked and your coins stolen.

Not everybody knows that nowadays you don't have to provide your mobile number or other private information to enable 2fa. That is why a lot of people have not enabled it. It is the task of a decent and reliable exchange to educate and inform their customers!

YUP, real idiot here been around here for years and never been hacked. Yup real dumbass. If your a retard your gonna lose your money know matter what. I'd explain that in more detail but I doubt you could grasp it.

Spoetnik

legendary

Activity: 1540

Merit: 1011

FUD Philanthropist™

How about stop using crooked exchanges ?

What you think someone is guessing all those stolen passwords ?
Jeez you brats are naive and gullible Cheesy

Didn't learn from GOX, Cryptsy, Mintpal, MCXNow ?

TrueAnon

legendary

Activity: 1120

Merit: 1000

Quote from: Peanutbutterpolka on June 27, 2017, 02:48:59 PM

Polo continually is getting hacked. User accounts without 2fa are the target. Value in said accounts is traded out to the attackers benefit.

Polo is complacent in this. They know and do nothing. They are enabling this to happen. Most likely they are insolvent and or are in on it. Very shaddy!

Its time for a class action lawsuit.

More ppl need get on 1ex.trade!!!
Big vol this summer coming.

silvermetal

hero member

Activity: 487

Merit: 500

Quote from: Hueristic on June 29, 2017, 11:55:46 AM

So you want to blame the exchange for not forcing you to use the extra security they provide and your answer to that is to force everyone else to have to use it. Fucking ridiculous, your out of your fucking mind. Go back to banks and fuck off.

Well maybe they should leave the option open for idiots like you to switch off the 2fa with the following disclaimer: At your own risk! It is a matter of time that your account will be hacked and your coins stolen.

Not everybody knows that nowadays you don't have to provide your mobile number or other private information to enable 2fa. That is why a lot of people have not enabled it. It is the task of a decent and reliable exchange to educate and inform their customers!

mmhaimhai

sr. member

Activity: 532

Merit: 257

A BLOCKCHAIN SOLUTION TO DISRUPT TRADE FINANCE

I dont understand why some people dont use the 2fa when its just few clicks away in exchange of haigh security of their account. Personally, i activate 2fa on all necessary accounts i have.

Hueristic

legendary

Activity: 3836

Merit: 4969

Doomed to see the future and unable to prevent it

Quote from: Peanutbutterpolka on June 28, 2017, 08:48:54 AM

Quote from: sud on June 28, 2017, 07:48:27 AM

Some people will never learn.

Oh, Ive learned that only 2fa is really secure, until it aint.

So why is it not mandatory, the whole point of this thread.

Of course id like my litecoin back. And I want the fees polo made off my theft back.

However, I am simply arguing for 2fa to be mandatory at polo. The fact that it isn't, when this is a repeat problem effecting several people should leave them open to a lawsuit.

So you want to blame the exchange for not forcing you to use the extra security they provide and your answer to that is to force everyone else to have to use it. Fucking ridiculous, your out of your fucking mind. Go back to banks and fuck off.

Quote from: btc_zero_sum on June 28, 2017, 11:02:42 AM

Quote from: Peanutbutterpolka on June 27, 2017, 02:48:59 PM

Polo continually is getting hacked.

wrong!

it's people and their shitty computers getting hacked.

i bet you guys have wallets, login to exchanges and other valuable stuff on the same computer you use to watch porn, open any email attachments and visit other lame site that would refill your stupid windows os with malware and keyloggers

yes, start a class action and people will laugh at you Roll Eyes

QFT

NUFCrichard

legendary

Activity: 1218

Merit: 1003

Do you have any information about how many people have been hacked, and whether or not there has been a password leak?
The fault could lie with you, we don't know that. I don't know why you don't just activate 2FA, even if it is a just in case.

I hope your password is crazy strong too. I don't keep much money at Poloniex or any other exchange, but I always use 2FA.

xbiv2

full member

Activity: 560

Merit: 111

Quote from: Peanutbutterpolka on June 27, 2017, 02:48:59 PM

Polo continually is getting hacked. User accounts without 2fa are the target. Value in said accounts is traded out to the attackers benefit.

Polo is complacent in this. They know and do nothing. They are enabling this to happen. Most likely they are insolvent and or are in on it. Very shaddy!

Its time for a class action lawsuit.

New support members from moderators have to many rights on getting information. It the problem.

btc_zero_sum

sr. member

Activity: 273

Merit: 250

Quote from: Peanutbutterpolka on June 28, 2017, 11:38:10 AM

Reread the thread. I used a fresh boot from a livelinux cd. And used a fresh email account. If email account was hacked why not just withdraw, why trade the value out? No, it seems to me polo help desk or polo is ,has been, and still is hacked.

The exact same thing has happened to others.

Polo is complicit and negligent. They are complicit cause they made $ off the theft and then investigated themselves and found no wrong doing. And then low and behold it happened again to somone else.

Quote from: btc_zero_sum on June 28, 2017, 11:02:42 AM

Quote from: Peanutbutterpolka on June 27, 2017, 02:48:59 PM

Polo continually is getting hacked.

wrong!

it's people and their shitty computers getting hacked.

i bet you guys have wallets, login to exchanges and other valuable stuff on the same computer you use to watch porn, open any email attachments and visit other lame site that would refill your stupid windows os with malware and keyloggers

yes, start a class action and people will laugh at you Roll Eyes

which linux distro and which version?
did you connect from your house network, from a cafe or from an open network?

explain better how you got your funds stolen, even if i really don't like poloniex i hardly believe it's their fault

Peanutbutterpolka

newbie

Activity: 40

Merit: 0

Reread the thread. I used a fresh boot from a livelinux cd. And used a fresh email account. If email account was hacked why not just withdraw, why trade the value out? No, it seems to me polo help desk or polo is ,has been, and still is hacked.

The exact same thing has happened to others.

Polo is complicit and negligent. They are complicit cause they made $ off the theft and then investigated themselves and found no wrong doing. And then low and behold it happened again to somone else.

Quote from: btc_zero_sum on June 28, 2017, 11:02:42 AM

Quote from: Peanutbutterpolka on June 27, 2017, 02:48:59 PM

Polo continually is getting hacked.

wrong!

it's people and their shitty computers getting hacked.

i bet you guys have wallets, login to exchanges and other valuable stuff on the same computer you use to watch porn, open any email attachments and visit other lame site that would refill your stupid windows os with malware and keyloggers

yes, start a class action and people will laugh at you Roll Eyes

btc_zero_sum

sr. member

Activity: 273

Merit: 250

Quote from: Peanutbutterpolka on June 27, 2017, 02:48:59 PM

Polo continually is getting hacked.

wrong!

it's people and their shitty computers getting hacked.

i bet you guys have wallets, login to exchanges and other valuable stuff on the same computer you use to watch porn, open any email attachments and visit other lame site that would refill your stupid windows os with malware and keyloggers

yes, start a class action and people will laugh at you Roll Eyes

NeuroticFish

legendary

Activity: 3668

Merit: 6382

Looking for campaign manager? Contact icopress!

Quote from: Peanutbutterpolka on June 28, 2017, 08:48:54 AM

Quote from: sud on June 28, 2017, 07:48:27 AM

Some people will never learn.

Oh, Ive learned that only 2fa is really secure, until it aint.

So why is it not mandatory, the whole point of this thread.

Of course id like my litecoin back. And I want the fees polo made off my theft back.

However, I am simply arguing for 2fa to be mandatory at polo. The fact that it isn't, when this is a repeat problem effecting several people should leave them open to a lawsuit.

If you lose your phone, the 2FA will make your life hard. If you only keep pennies on Poloniex, it's not worth it.
I did a factory reset for my phone and I kept my exchange accounts without 2FA for some 2-3 days with no 2FA (obviously they were empty too).
When the phone came to a good status, I've re-enabled 2FA everywhere.

Bottom line: there are moments when it's okay to have no 2FA. Making it mandatory would be stupid. It's the user's problem to deal correctly with this.

silvermetal

hero member

Activity: 487

Merit: 500

Oddly enough an E-mail confirmation is not necessary to process the withdrawal after the hack at poloniex.

Agree with the op, because poloniex is aware that multiple accounts without a 2fa are hacked they must take action (eg inform their customers, make 2fa mandatory and delay withdrawals). Because they don't, it makes them (partly) accountable for the current hacks.

sud

sr. member

Activity: 826

Merit: 301

Quote from: Peanutbutterpolka on June 28, 2017, 08:48:54 AM

Quote from: sud on June 28, 2017, 07:48:27 AM

Some people will never learn.

Oh, Ive learned that only 2fa is really secure, until it aint.

So why is it not mandatory, the whole point of this thread.

Of course id like my litecoin back. And I want the fees polo made off my theft back.

However, I am simply arguing for 2fa to be mandatory at polo. The fact that it isn't, when this is a repeat problem effecting several people should leave them open to a lawsuit.

It's not mandatory because some prefer convenience over security. Their choice.

If you want best protection of your account, go to settings page and enable all security options. I do it on every exchange right after sign up.

Peanutbutterpolka

newbie

Activity: 40

Merit: 0

Quote from: sud on June 28, 2017, 07:48:27 AM

Some people will never learn.

Oh, Ive learned that only 2fa is really secure, until it aint.

So why is it not mandatory, the whole point of this thread.

Of course id like my litecoin back. And I want the fees polo made off my theft back.

However, I am simply arguing for 2fa to be mandatory at polo. The fact that it isn't, when this is a repeat problem effecting several people should leave them open to a lawsuit.

Peanutbutterpolka

newbie

Activity: 40

Merit: 0

Quote from: bathrobehero on June 28, 2017, 04:19:46 AM

Quote from: Peanutbutterpolka on June 27, 2017, 11:48:30 PM

In case any of you were wondering. I boot from a live linux cd before any exchange activity or email and reboot inbetween steps.

And just randomly the account gets hit right after contacting customer support.

I still have the qora in my account, that is evidence of a crime. If they delete it they are destroying evidence.

Polo also made and kept the transaction fees from the theft.

Thats pretty fucked up to make money off of a theft.

I don't believe you. Why not just use 2FA instead of this nonsense then? Unless you use a unique, otherwise unused email, with a unique password, it's a useless excercise.

You have to have your email hacked to allow the hacker to recover your poloniex password and do the deed.

If my email was hacked then why not just withdraw the whole amount? They didn't withdraw anything. Just a transfer to btc then, to xmr, then to qora which they left me a bag full of, and they got the xmr and out the door with their account.

The email was new, the polo acc was new. The polo account was maybe two weeks old and began with an A.
I believe that they hacked polo, and got a list of non 2fa accounts and started alphabeticaly at the top.

Youre right, why not just use 2fa? That is what Im arguing. Why is it NOT mandatory? Polo is like swiss cheese. They know this yet wont dont change their policy.

Read my spoetnik quote in my last post.

Polo is not secure and is not trust worthy. And I believe have opened themselves up to a lawsuit.

Don't yall have consumer protection across the pond? I bet you do.

sud

sr. member

Activity: 826

Merit: 301

Some people will never learn.

bathrobehero

legendary

Activity: 2002

Merit: 1051

ICO? Not even once.

Quote from: Peanutbutterpolka on June 27, 2017, 11:48:30 PM

In case any of you were wondering. I boot from a live linux cd before any exchange activity or email and reboot inbetween steps.

And just randomly the account gets hit right after contacting customer support.

I still have the qora in my account, that is evidence of a crime. If they delete it they are destroying evidence.

Polo also made and kept the transaction fees from the theft.

Thats pretty fucked up to make money off of a theft.

I don't believe you. Why not just use 2FA instead of this nonsense then? Unless you use a unique, otherwise unused email, with a unique password, it's a useless excercise.

You have to have your email hacked to allow the hacker to recover your poloniex password and do the deed.

Peanutbutterpolka

newbie

Activity: 40

Merit: 0

In case any of you were wondering. I boot from a live linux cd before any exchange activity or email and reboot inbetween steps.

And just randomly the account gets hit right after contacting customer support.

I still have the qora in my account, that is evidence of a crime. If they delete it they are destroying evidence.

Polo also made and kept the transaction fees from the theft.

Thats pretty fucked up to make money off of a theft.

Peanutbutterpolka

newbie

Activity: 40

Merit: 0

pumpmydump

member

Activity: 151

Merit: 10

Quote from: Peanutbutterpolka on June 27, 2017, 03:31:48 PM

You guys are funny.

Polo clearly isnt safe for accounts without 2fa.

Polo knows its site continually gets hacked by this type of attack.

Polo is guilty by allowing this to continue. Easy lawsuit win.

Edit. Polo also made and kept money from the fraud, ie transaction fees. Sounds guilty by association to me.

What you don't seem to understand is that it isn't Poloniex that gets hacked, it is the computers and/or emails of the account holders that get compromised, allowing the hackers to get their Poloniex password and compromise their accounts.

You are the one enabling yourself to get hacked when you don't use 2fa, Poloniex isn't there to protect your computer/email from hackers.

SimpeleSimpele

hero member

Activity: 602

Merit: 500

Quote from: Peanutbutterpolka on June 27, 2017, 02:48:59 PM

Polo continually is getting hacked. User accounts without 2fa are the target. Value in said accounts is traded out to the attackers benefit.

Polo is complacent in this. They know and do nothing. They are enabling this to happen. Most likely they are insolvent and or are in on it. Very shaddy!

Its time for a class action lawsuit.

you have proof, if this month poloniex account get hack
i have several poloniex account, use 2fa and without 2fa, all my account is safe without problem

bathrobehero

legendary

Activity: 2002

Merit: 1051

ICO? Not even once.

Quote from: Peanutbutterpolka on June 27, 2017, 03:31:48 PM

You guys are funny.

Polo clearly isnt safe for accounts without 2fa.

Polo knows its site continually gets hacked by this type of attack.

Polo is guilty by allowing this to continue. Easy lawsuit win.

Edit. Polo also made and kept money from the fraud, ie transaction fees. Sounds guilty by association to me.

If anything, your mindset is what I find funny. Your famous US arrogance that some people over the pond have is seeping right through.

If you have a properly safe password and don't have a keylogger or session stealer you're fine.

AFAIK polo still requires you to click on a confirmation through an email link in case of a withdrawal so in order for anyone to get their funds stolen they would have to have both their Polo and their email compromised.

Lawsuit...

clardalan

member

Activity: 126

Merit: 10

Bitcoin amateur learning by doing

>5000 dollar should be mandatory 2FA, or 2 day delayed transfers.

Haladay

sr. member

Activity: 476

Merit: 250

Quote from: McWorse on June 27, 2017, 02:53:39 PM

How many deaths in traffic does it take for you to fasten your seatbelt?

This is exactly what's happenning with polo's 2fa situation. The results never make people take an action about a problem. Never forget.

Snail2

legendary

Activity: 1512

Merit: 1000

Quote from: Peanutbutterpolka on June 27, 2017, 03:01:25 PM

Polo and their complacency has exposed them to the possibility of a class action lawsuit.

Well, and what those claimants would ask for? Punishing Polo for their own ineptitude?

Peanutbutterpolka

newbie

Activity: 40

Merit: 0

You guys are funny.

Polo clearly isnt safe for accounts without 2fa.

Polo knows its site continually gets hacked by this type of attack.

Polo is guilty by allowing this to continue. Easy lawsuit win.

Edit. Polo also made and kept money from the fraud, ie transaction fees. Sounds guilty by association to me.

stupid_seb

full member

Activity: 336

Merit: 101

Quote from: bathrobehero on June 27, 2017, 03:14:00 PM

Please....

Lawsuit because of stupid people?

People who gamble with ICOs are asking to get ripped off,
people who download all kinds of crap wallets/miners are asking to get hacked and
people who refuse to use 2FA are asking to get hacked - simple as that.

You can learn from other people's mistakes or you can learn the hard way. I learnt the hard way but I didn't blame the exchange, I blamed myself.

Like many other, Poloniex provides a simple service, it's like a tool. Educate people how to use said tools instead of blaming the tool itself.

Do you really think that people who are not using 2FA are making the necessary steps not to be hacked otherwise? Be it password security, antivirus, etc. They are all likely oblivious to all of this and you should educate them instead of blaming exchanges or other services.

You're speaking the truth @bathrobehero.
2FA is not complicated, and people should be educated. These tool are as powerful and as dangerous as the use you make of it.

McWorse

sr. member

Activity: 618

Merit: 292

You have a big, big amount of gold on your table.
When you go on vacation, do you leave your door open, or do you close it... ?

Feel free to leave your door wide open.
And after returning home and recognizing, that your gold is away:
Feel free to proclaim, that door manufacturers have to write on every door:
You better close it, when you leave!

I am sad about every lost because of hacking.
But:
Everyone has the chance of 2FA at Polo.

But in life, everyone is free in his decisions.
And some decisions are sometimes wrong.

Learn to walk alone!

bathrobehero

legendary

Activity: 2002

Merit: 1051

ICO? Not even once.

Quote from: Peanutbutterpolka on June 27, 2017, 02:48:59 PM

Polo continually is getting hacked. User accounts without 2fa are the target. Value in said accounts is traded out to the attackers benefit.

Polo is complacent in this. They know and do nothing. They are enabling this to happen. Most likely they are insolvent and or are in on it. Very shaddy!

Its time for a class action lawsuit.

Please....

Lawsuit because of stupid people?

People who gamble with ICOs are asking to get ripped off,
people who download all kinds of crap wallets/miners are asking to get hacked and
people who refuse to use 2FA are asking to get hacked - simple as that.

You can learn from other people's mistakes or you can learn the hard way. I learnt the hard way but I didn't blame the exchange, I blamed myself.

Like many other, Poloniex provides a simple service, it's like a tool. Educate people how to use said tools instead of blaming the tool itself.

Do you really think that people who are not using 2FA are making the necessary steps not to be hacked otherwise? Be it password security, antivirus, etc. They are all likely oblivious to all of this and you should educate them instead of blaming exchanges or other services.

Peanutbutterpolka

newbie

Activity: 40

Merit: 0

Quote from: Kazkar on June 27, 2017, 03:00:37 PM

Quote from: McWorse on June 27, 2017, 02:53:39 PM

How many deaths in traffic does it take for you to fasten your seatbelt?

I completely agree.
This is the choice of everyone. And to force, does not make sense.

Says the hacker.. Roll Eyes

Seriously, no 2fa, you might as well give the hacker your monies up front. Polo knows accounts keep getting hacked. They do nothing. Their complacency has opened them up to a lawsuit

Peanutbutterpolka

newbie

Activity: 40

Merit: 0

Quote from: McWorse on June 27, 2017, 02:53:39 PM

How many deaths in traffic does it take for you to fasten your seatbelt?

How many licks does it take to get to the center of a lollipop?

Ok lets stay on topic.

Polo and their complacency has exposed them to the possibility of a class action lawsuit.

Kazkar

sr. member

Activity: 784

Merit: 250

Quote from: McWorse on June 27, 2017, 02:53:39 PM

How many deaths in traffic does it take for you to fasten your seatbelt?

I completely agree.
This is the choice of everyone. And to force, does not make sense.

McWorse

sr. member

Activity: 618

Merit: 292

How many deaths in traffic does it take for you to fasten your seatbelt?

Peanutbutterpolka

newbie

Activity: 40

Merit: 0

Polo continually is getting hacked. User accounts without 2fa are the target. Value in said accounts is traded out to the attackers benefit.

Polo is complacent in this. They know and do nothing. They are enabling this to happen. Most likely they are insolvent and or are in on it. Very shaddy!

Its time for a class action lawsuit.

Topic: How many hacked polo accounts does it take for them to make 2fa mandatory? (Read 2465 times)