Pages:
Author

Topic: KRAKEN Exchange Foul Play! (Read 307 times)

legendary
Activity: 994
Merit: 1089
November 02, 2024, 06:18:25 PM
#34
When I log into kraken, I add username and passwoird, all good.. then 2FA screen. I open Google Authenticator and nothing, just an illustration of a cat playing with a wool ball... i.e no codes...?
During the initial 2fa set up, after snanning the qr code provided by Kraken using your authenticator, you'll have to get the generated code from your authenticator and input it in Kraken and click 'confirm', only then is the process complete. Can you confirm that this is what you did, though i doubt it, i feel you made a mistake somewhere.
legendary
Activity: 2604
Merit: 2353
November 02, 2024, 05:29:31 PM
#33
Hi exactly, why is it not giving me a code.
When I log into kraken, I add username and passwoird, all good.. then 2FA screen. I open Google Authenticator and nothing, just an illustration of a cat playing with a wool ball... i.e no codes...?
TOTP apps like Google Authenticator or Aegis  are not linked in any way to the platforms. TOTP codes are generated autonomously from a key manually entered or through a QR code, and timestamps. So it means the clock of your smartphone has to be synchronized. I don't know what you call an illustration of a cat playing with a wool ball precisely but it could mean your 2FA TOTP key has been deleted from your app for some reason.
https://datatracker.ietf.org/doc/html/rfc6238
hero member
Activity: 2786
Merit: 902
yesssir! 🫡
November 02, 2024, 04:37:18 PM
#32
I open Google Authenticator and nothing, just an illustration of a cat playing with a wool ball... i.e no codes...?

Do you remember seeing the codes just after setting up your 2fa? or there was nothing at that time as well? because if it's the latter, it appears, it wasn't registered at all.

When i call their 'customer care' number, I get a text right away saysing 'we can see you are calling about a security issue, we can't help you on the phone'... the other day I was on hold for 35 minutes and gave up! I am getting my funds out of there as soon as i get in!

This would mean they can only help you through your support ticket. You could also escalate your case in their social channels. TBH, there's a good chance this could take days so brace yourself.

Next time, switch to aegis app, check if codes are properly registered and always make backups.
jr. member
Activity: 58
Merit: 1
November 02, 2024, 03:04:50 PM
#31
I am getting my funds out of there as soon as i get in!
That is a recommended thing to do, your funds should not be stored in a centralized exchange or custodial service, but in your self custodial wallet, so you should move it there when you get the opportunity.

As for the issue with 2fa, i don't fully understand you, if you have already set up 2fa and linked your authenticator with your exchange, then you simply have to get the six digit code from your authenticator and input it when you want to log in to Kraken.

Hi exactly, why is it not giving me a code.
When I log into kraken, I add username and passwoird, all good.. then 2FA screen. I open Google Authenticator and nothing, just an illustration of a cat playing with a wool ball... i.e no codes...?
legendary
Activity: 994
Merit: 1089
November 02, 2024, 01:28:46 PM
#30
I am getting my funds out of there as soon as i get in!
That is a recommended thing to do, your funds should not be stored in a centralized exchange or custodial service, but in your self custodial wallet, so you should move it there when you get the opportunity.

As for the issue with 2fa, i don't fully understand you, if you have already set up 2fa and linked your authenticator with your exchange, then you simply have to get the six digit code from your authenticator and input it when you want to log in to Kraken.
jr. member
Activity: 58
Merit: 1
November 02, 2024, 04:55:07 AM
#29
Thanks. I will keep trying with kraken..
When i call their 'customer care' number, I get a text right away saysing 'we can see you are calling about a security issue, we can't help you on the phone'... the other day I was on hold for 35 minutes and gave up! I am getting my funds out of there as soon as i get in!
hero member
Activity: 2786
Merit: 902
yesssir! 🫡
November 01, 2024, 06:08:04 PM
#28
I don't remember being given this option. The workthrough kraken gave me was a bit confusing.
I need to get back into my account. Kraken not even replying to me now.

That's quite odd from kraken. Asking users to back it up should be a standard in case something like this happen.

But if you're not able to recover your 2fa on your end, you're stuck with kraken -- exchanges can reset 2fa in your account. I'm not sure what's the process for kraken but typically, I tend to see kyc as a part of it. As long as it's not sensitive information, you can tell us what is confusing for you.
hero member
Activity: 3024
Merit: 745
🌀 Cosmic Casino
November 01, 2024, 05:40:16 PM
#27
What a sick exchange, I'm glad that I am not using it, getting a help from them seems to be a pain and telling that it's a security issue on your case and not able to help them is crazy.

I need to get back into my account. Kraken not even replying to me now.
If the support can't even help you out and not replying to you. I guess you need to make more noise through making threads from different crypto platforms and forums so that you'll be heard by them. Like with their sub-reddit and other crypto forums/platform as suggested by potato chips. I've seen people that have been ignored and tried to make a noise through these threads and became noticed afterwards.

jr. member
Activity: 58
Merit: 1
November 01, 2024, 05:19:16 PM
#26
I set up 2FA, now I can't log in, I am checking the google authenticator app but no codes are appearing. This is truly a balls operation.

Youu were probably told during the setup to backup your secret key-- a string of alphanumeric chracters. Did you do it? if so, you can use it to generate codes. Just key-in the secret key instead of scanning a QR code.

But I would recommend a different TOTP app than Google Authenticator. Basically more secure and has better backup mechanism, see: https://getaegis.app/

I don't remember being given this option. The workthrough kraken gave me was a bit confusing.
I need to get back into my account. Kraken not even replying to me now.
hero member
Activity: 2786
Merit: 902
yesssir! 🫡
November 01, 2024, 04:31:59 PM
#25
I set up 2FA, now I can't log in, I am checking the google authenticator app but no codes are appearing. This is truly a balls operation.

Youu were probably told during the setup to backup your secret key-- a string of alphanumeric chracters. Did you do it? if so, you can use it to generate codes. Just key-in the secret key instead of scanning a QR code.

But I would recommend a different TOTP app than Google Authenticator. Basically more secure and has better backup mechanism, see: https://getaegis.app/
legendary
Activity: 994
Merit: 1089
November 01, 2024, 03:40:17 PM
#24

As it happens I am back in kraken now, and my funds are still there.
If i understood you correctly, you are back in control of your Kraken account and your funds was untouched. That is a mystery, if you were truly hacked, the attacker would surely have moved all the money you have in your account.
I set up 2FA, now I can't log in, I am checking the google authenticator app but no codes are appearing. This is truly a balls operation.
Did you set everything correctly, because if you did, you should not have any problems such as this one.
jr. member
Activity: 58
Merit: 1
November 01, 2024, 03:25:59 PM
#23
May I ask you what 2FA method you were using? You were using pass keys or TOTP codes from an app?
At the time I don't think I was using 2FA.
As it happens I am back in kraken now, and my funds are still there.
I set up 2FA, now I can't log in, I am checking the google authenticator app but no codes are appearing. This is truly a balls operation.
legendary
Activity: 2604
Merit: 2353
October 31, 2024, 05:36:52 PM
#22
May I ask you what 2FA method you were using? You were using passkeys or TOTP codes from an app? Because it's not the same thing and passkeys can give some bugs, I have experimented it several times actually. In addition they can be deleted quite easily afaik and if you change your browser you won't find them anymore if you've registered them into the password manager of your bowser instead of saving them into your computer operating system for example.
legendary
Activity: 1722
Merit: 5937
October 30, 2024, 12:24:48 PM
#21
I only use google then search for the exchnage.
That's the worst possible way to access something as sensitive as the exchange, where you probably have some money.

Some years ago I did the same mistake, using google search to access my blockchain wallet, which resulted with me entering my info in fake blockchain wallet and losing all the bitcoin I had. So, be smart and bookmark the pages you use often.
legendary
Activity: 994
Merit: 1089
October 30, 2024, 04:56:47 AM
#20
I only use google then search for the exchnage.
Since you just google search the exchange, how sure are you that you are in the correct website, many phishing or clone sites can show up when you make such searches on google. However, since you believe you are on the correct website, your only help can come from their support team, you can make some 'noise' about it on their social media handles, but you also have to be patient.
legendary
Activity: 2576
Merit: 1860
October 29, 2024, 09:46:43 PM
#19
I haven't gone through something like this, not with Kraken or any other exchange, but based on what I've read about supports of centralized exchanges, 4 days is too soon for them to make a clear response. But have they at least acknowledged your ticket?

In the first place, your account is your responsibility. If it's Kraken's security that's compromised, it's on them. But it seems this is a problem of an individual account. You may or may not admit it, but you've failed somewhere.

Contact them via all their official channels. Be very careful. And, if I may add, be patient and polite. Surely, it isn't them who changed your password. So they're probably as clueless as you are as to what really happened. But somebody unwelcome have gotten access to your account.
hero member
Activity: 2786
Merit: 902
yesssir! 🫡
October 29, 2024, 06:37:01 PM
#18
I ahve ran malware and clean my mac and nothing popping up.
Plus macs are harder to plant torjans aint they.

But we can't expect AVs to detect every kind of malware, sadly. Windows are typically targeted more but macs have their fair share as well. I also worry about you using google to search for the exchange as this is highly not advisable as bitbllo mentioned.

In any case, about reaching out to support. Kraken is pretty active in their support subreddit. Try to start a thread, see: https://www.reddit.com/r/KrakenSupport/

Be careful of impostors though, as they are pretty rampant.
1. Always triple check if you're talking to a mod-- list in the sidebar as well.
2. Reddit mods will never DM you first.
3. Reddit mods will only ask for your ticket ID or account ID to escalate your case.
jr. member
Activity: 58
Merit: 1
October 29, 2024, 05:21:23 PM
#17
I ahve ran malware and clean my mac and nothing popping up.
Plus macs are harder to plant torjans aint they.
legendary
Activity: 3276
Merit: 3537
Nec Recisa Recedit
October 29, 2024, 05:08:56 PM
#16
Well the last phrase is a big red flag. We know very well that there are many fake websites as first result in Google.
"I only use google then search for the exchnage." It should be a "no-no solution".
It's not uncommon to interact with these scam sites.

I use the main kraken site.
No emails now with my trail.
I never click these emails.
I only use google then search for the exchnage.

Are you using 2FA? Because in that case (you are not using) probably you can have some trojan/malware on your device.
Or you are using some "corrupted" version of chrome /whatever (I don't think issue with connection ...)
Or someone has taken your kraken password in some way.
 
These are the "main issues". I mean, there are also other ways to get scammed in a CEX and so on, but more sophisticated/complex...
jr. member
Activity: 58
Merit: 1
October 29, 2024, 04:57:44 PM
#15
I use the main kraken site.
No emails now with my trail.
I never click these emails.
I only use google then search for the exchnage.
Pages:
Jump to: