Topic: I lost all my crypto in Stake.com - page 2. (Read 364 times)

Wow that’s crazy - that’s not a good practice, since they know that their service involves people’s funds they should make it more secure by alerting users when anyone makes an attempt to change their password - from what you guys said now, if I’m able to get the previous password of a stake account I’ll be able to change their password, and do whatever I wish to do with that account without the owner getting any security email from them,right?


Address blacklisting won’t do any good though, because it takes less than a minute to setup a new account and have your new address to do whatever you won’t to do.

I just changed my Stake's account password to test this and you are right! They didn't request an email verification to approve the changes or even send a notification email.
This is definitely something Stake should fix ASAP, for obvious security reasons. Sending a notification email is mandatory especially for those who didn't activate 2FA.

I'm sure Stake would've blacklisted the hacker's address if one of the victims had reported it.

As I explained above, I did not receive any email's notification about 2FA or change the password. I can put the screenshots of the chat support but it is in portuguese, so, I don't know if will help a lot.

I know it's "part" my fault since I didn't put the 2FA, but I just want to know if it's possible to hacker my account and block the notifications to go to my email.

1. I think it's important you share other details in your report screenshots of your chat with support, email notifications when you changed the 2-factor authentication etc. if you want your claim to look authentic.
2. If the money has already been moved out of your account, there is nothing much they can do to help you, since it was due to your negligence when it came to the security of your funds. This should not even be a scam accusation against Stake.

On August 12, 2024, my password was changed on Stake.com (the weird thing was that I did not receive any email notifying me about this), and as a result, I lost access to my account on Stake.com.

In addition to changing the password, a 2FA was also set up, making it nearly impossible for me to reset my password. After sending numerous documents and proving that I was the legitimate account owner, I was able to "remove" the 2FA and reset my password to regain access to my account (on August 14, 2024).

It was then that I discovered that on the same day, August 12, 2024, someone had accessed my account and transferred all my cryptocurrencies (2k in USDT, 0.26 ETH and 0.045 BTC) to an unknown account. When I traced the transactions, I saw that this same account has received multiple transfers from Stake's wallet over the past year (which makes me wonder, if this is a hacker and he is stealing crypto from Stake's clients,  why didn't Stake even blocked this address and continues to make transfers to this same wallet).

I contacted Stake's chat support, and they simply said they could not do anything about it.

How did someone manage to change my password and add a 2FA without having access to my e-mail? (I'm pretty sure they didn't have access to my gmail) and why I did  not receive any email notifying me of these changes to my stake account?

I started to think that it must have been an employee of Stake.com who could have access to my account and perfom the changes without sending any alert to my e-mail.

As they will not resolve the issue, I ask that new users be cautious with Stake.com.

And I did not have 2FA at the moment this all happen, so it's part of my own fault.