Pages:
Author

Topic: Multiple Bittrex accounts hacked everyone enable 2fa - page 4. (Read 22359 times)

newbie
Activity: 16
Merit: 0
legendary
Activity: 1092
Merit: 1000
You're not understanding how google authenticator works on most of these sites, which is ok, because you probably haven't done web development or ever tried to implement a 2factor solution.  Most sites that are not associated with google use their open source version of the authenticator.  You can even run the application from a windows box with no phone number associated and no google accounts.  If you don't believe me go try and enable 2fa and do some packet sniffing while its happening, you won't see any network traffic, thus no way to get your phone #etc.

You are really just a confused soul that wants to argue, I am truly sorry that you are not a Brighter Soul, otherwise this might have been entertaining. Tongue

That Phone # is stored somewhere or the authentication software would be unable to send a text to it.  Tongue
Your What IFs on 2FA configuration, don't matter Bittrex directly stated download Google Authenticator on your mobile device.


And here you backtrack , 1st saying
Yah I read the thread they were given their logon history which shows some random ips logging into their account.  That should be enough to get an investigation started, they can contact the FBI like you said.

You see why I have to ignore your thoughts,
1. Because you are usually wrong to start with.
2. 10 minutes later you agree with what I already said.  Tongue


You have no proof they didn't steal anything else, do you know how many had funds somewhere else?  If any?  Hackers tend to move quick when they get a compromised machine and since all of these hacked people obviously are into crypto the hacker probably tricked them into clicking something crypto related, maybe they even knew these people traded at Bittrex from whatever forum they were posting in.

And that has been the problem with this whole Forum, We as Forum Readers do not have any Proof of what any of these people have said.
It all has been nothing but posts, nothing verified by a 3rd party that any of us can trust.
That why the Legal Authority has to be called in , If Bittrex is lying , it will be discovered and they will be arrested for CyberCrimes, or if they were telling the truth then they will be proven innocent ,(which from a Public Relations Point of View their foolish to not have reported it unless they know they are guilty.)
That Final Outcome can't happen with just a bunch of Yahoos typing in a Forum, the Legal Authority has to be called in and they can best determine how to investigate.
Then we can all read on a News site after charges are filed what really happen and who is guilty and who is innocent.  Wink


 Cool
newbie
Activity: 16
Merit: 0
You are referring to 2-factor authentication for gmail and google accounts.  That is not the same as using the google 2fa open source code that does not link back to google at all.  The exchanges are using the later.

Oh anything can be traced if you have enough manpower.  Looks like Bittrex gave the users all the information about who logged into their accounts.  If those users want to find out who stole their stuff they should file police reports and get the process started.

The problem is this isn't women at the shelter because their husbands smacked them around.  It's because they were sleeping around with a trojan horse.  Their machines were hacked, not bittrex, the burden is on them, bittrex is just one piece of information that they can obtain, contacting the FBI would do nothing for these people as the FBI wouldn't even bother doing anything with this.

So my frighten stalker returns,
It funny you claim to know their was no phone # attached to that specific 2fa.
Either Bittrex or Google has a Phone # stored for that 2fa account.

https://www.bittrex.com/Manage#section2Fa
Quote
Bittrex encourages the use of two-factor authentication
Two-factor authentication (2fa) greatly increases security by requiring both your password and another form of authentication. Bittrex implements 2fa utilizing Google Authenticator.
To enable this feature simply download Google Authenticator on your mobile device and scan the QRCode.

Once you have linked the Authenticator with Bittrex, enter the 6 digit code provided.

Please back up your secret key. Reseting your two - factor authentication requires opening a support ticket and may take up to 48 hours to address.
You claim to know alot, but give no details where you receive that info or even provide a reference.
Mostly you just make up stories with the pretense of knowledge, when it is apparent you are lacking in that area.

Bittrex has not given all of the log info to the users, they cited privacy laws, can you not even read the previous posts before you contradict just to be contradictory.
That the real issue, Bittrex is hiding data, that legally they could only give to the Legal Authority.

Are you and the others really so stupid, that you believe a hacker had total access to their PCs.
But did not go after their Bank Accounts or Credit Cards and only focuses on 1 crypto exchange and ignore every other exchange.
Are you really that Stupid?
Just Asking cause you seem to be that stupid.  Smiley

FYI:
The committed crime crossed State Lines, and would be in the the FBI jurisdiction not local Police.
Whether the FBI does anything is up to them, funny that Bittrex is afraid to report it to them.
https://www.fbi.gov/about-us/investigate/what_we_investigate
Quote
Spies. Terrorists. Hackers. Pedophiles. Mobsters. Gang leaders and serial killers. We investigate them all, and many more besides.
https://www.fbi.gov/about-us/investigate/cyber/computer-intrusions

 Cool


You're not understanding how google authenticator works on most of these sites, which is ok, because you probably haven't done web development or ever tried to implement a 2factor solution.  Most sites that are not associated with google use their open source version of the authenticator.  You can even run the application from a windows box with no phone number associated and no google accounts.  If you don't believe me go try and enable 2fa and do some packet sniffing while its happening, you won't see any network traffic, thus no way to get your phone #etc.

http://stackoverflow.com/questions/5087005/google-authenticator-available-as-a-public-service

Yah I read the thread they were given their logon history which shows some random ips logging into their account.  That should be enough to get an investigation started, they can contact the FBI like you said.

You have no proof they didn't steal anything else, do you know how many had funds somewhere else?  If any?  Hackers tend to move quick when they get a compromised machine and since all of these hacked people obviously are into crypto the hacker probably tricked them into clicking something crypto related, maybe they even knew these people traded at Bittrex from whatever forum they were posting in.
newbie
Activity: 50
Merit: 0
Didn't find it clearly but:

- Is (was) your email account hacked?
- Do (did) you store, in your email box, sensitive things like PW and "confirmation links"?
- Can you share your email provider?


legendary
Activity: 1092
Merit: 1000
You are referring to 2-factor authentication for gmail and google accounts.  That is not the same as using the google 2fa open source code that does not link back to google at all.  The exchanges are using the later.

Oh anything can be traced if you have enough manpower.  Looks like Bittrex gave the users all the information about who logged into their accounts.  If those users want to find out who stole their stuff they should file police reports and get the process started.

The problem is this isn't women at the shelter because their husbands smacked them around.  It's because they were sleeping around with a trojan horse.  Their machines were hacked, not bittrex, the burden is on them, bittrex is just one piece of information that they can obtain, contacting the FBI would do nothing for these people as the FBI wouldn't even bother doing anything with this.

So my frighten stalker returns,
It funny you claim to know their was no phone # attached to that specific 2fa.
Either Bittrex or Google has a Phone # stored for that 2fa account.

https://www.bittrex.com/Manage#section2Fa
Quote
Bittrex encourages the use of two-factor authentication
Two-factor authentication (2fa) greatly increases security by requiring both your password and another form of authentication. Bittrex implements 2fa utilizing Google Authenticator.
To enable this feature simply download Google Authenticator on your mobile device and scan the QRCode.

Once you have linked the Authenticator with Bittrex, enter the 6 digit code provided.

Please back up your secret key. Reseting your two - factor authentication requires opening a support ticket and may take up to 48 hours to address.
You claim to know alot, but give no details where you receive that info or even provide a reference.
Mostly you just make up stories with the pretense of knowledge, when it is apparent you are lacking in that area.

Bittrex has not given all of the log info to the users, they cited privacy laws, can you not even read the previous posts before you contradict just to be contradictory.
That the real issue, Bittrex is hiding data, that legally they could only give to the Legal Authority.

Are you and the others really so stupid, that you believe a hacker had total access to their PCs.
But did not go after their Bank Accounts or Credit Cards and only focuses on 1 crypto exchange and ignore every other exchange.
Are you really that Stupid?
Just Asking cause you seem to be that stupid.  Smiley

FYI:
The committed crime crossed State Lines, and would be in the the FBI jurisdiction not local Police.
Whether the FBI does anything is up to them, funny that Bittrex is afraid to report it to them.
https://www.fbi.gov/about-us/investigate/what_we_investigate
Quote
Spies. Terrorists. Hackers. Pedophiles. Mobsters. Gang leaders and serial killers. We investigate them all, and many more besides.
https://www.fbi.gov/about-us/investigate/cyber/computer-intrusions

 Cool
newbie
Activity: 16
Merit: 0
Imho, its the victim's fault for losing their funds, but this thread should not be turned into in "I know better" type of opinions.

So I imagine you go to Women shelters and tell them it was their fault , that their husband smacked them around?

Quote
William Ryan coined the phrase "blaming the victim" in his 1971 book Blaming the Victim. In the book, Ryan described victim blaming as an ideology used to justify racism and social injustice

Fact ,
All Bittrex had to do, is contact the FBI, turn over the log information and then that is the end of any requirement they owe their users.
How much time, would that have taken, less time than what has been spent blaming the victims in this forum, No doubt.

 Cool


You are referring to 2-factor authentication for gmail and google accounts.  That is not the same as using the google 2fa open source code that does not link back to google at all.  The exchanges are using the later.

Oh anything can be traced if you have enough manpower.  Looks like Bittrex gave the users all the information about who logged into their accounts.  If those users want to find out who stole their stuff they should file police reports and get the process started.


The problem is this isn't women at the shelter because their husbands smacked them around.  It's because they were sleeping around with a trojan horse.  Their machines were hacked, not bittrex, the burden is on them, bittrex is just one piece of information that they can obtain, contacting the FBI would do nothing for these people as the FBI wouldn't even bother doing anything with this.
legendary
Activity: 1092
Merit: 1000
Imho, its the victim's fault for losing their funds, but this thread should not be turned into in "I know better" type of opinions.

So I imagine you go to Women shelters and tell them it was their fault , that their husband smacked them around?

Quote
William Ryan coined the phrase "blaming the victim" in his 1971 book Blaming the Victim. In the book, Ryan described victim blaming as an ideology used to justify racism and social injustice

Fact ,
All Bittrex had to do, is contact the FBI, turn over the log information and then that is the end of any requirement they owe their users.
How much time, would that have taken, less time than what has been spent blaming the victims in this forum, No doubt.

 Cool
legendary
Activity: 1092
Merit: 1000
I guess I'm following you around now.

You obviously don't understand how most of the exchanges 2FA works.  Polo and Bittrex both use google authenticator which has nothing to do with your phone # and doesn't talk back to anything, so what you are saying isn't even valid.

Reviewing this thread it looks like a very small amount of people clicked on something and gave an attacker their password.  This last guy even says someone turned on his 2fa, which is impossible without having access to his email account, which a few posts before he mentions an unknown IP logging in to his email.  Here you are the expert spewing foul, when its fairly obvious these users clicked something stupid or installed something stupid on their machines.  Lol less than 10 users out of thousands and thousands and you think its the exchanges fault.  You sure do beat up on all the exchanges out there.

What is your favorite exchange?  Seems you think they are all corrupt, maybe you should start a legit one.

Hey , that is what stalkers do , No shame there.  Wink

https://www.google.com/landing/2step/#tab=how-it-works

Quote
    You'll enter your password
    Whenever you sign in to Google, you'll enter your password as usual.
    You'll be asked for something else
    Then, a code will be sent to your phone via text, voice call, or our mobile app. Or, if you have a Security Key, you can insert it into your computer’s USB port.

See Phone, in the above quote.
Or if they used the security key instead , doubtful, but even so Google could cross reference it and give your some of the accounts the key is connected too,
such as Gmail, Google, GitHub, or Dropbox accounts, which would lead to more IPs , which one of them will lead back to the thief.

You are not one of those people that actually believe you can do anything on the internet and remain anonymous , are you?
FYI: Even Tor won't keep you safe , if the right people are looking for you.

Also what is this unknown IP crap, you guys keep passing out , network access and connection require an IP address,
even if they are behind a VPN, you get the VPN IP Address, from there you hit the VPN provider with a warrant and get their logs which lead you closer to the thief.
Even if they do it 20 times that next address is there to follow.

 Cool
legendary
Activity: 1960
Merit: 1176
@FAILCommunity
Imho, its the victim's fault for losing their funds, but this thread should not be turned into in "I know better" type of opinions.
newbie
Activity: 16
Merit: 0
So they hacked in on March 31st, started on April 1st at 13:40, took them about half an hour to enable 2fa, and rest is known story. Known and unknown random IPs. Finished on April 2nd at 16:30

If 2fa was used , what was the Phone # attached to it.
Cell Tower records should hold the GPS location at the time it received the text, to help pinpoint the thief's physical location.
(That why Law Enforcement has to be brought in, they can get a warrant for the cell tower records. )


 Cool



I guess I'm following you around now.

You obviously don't understand how most of the exchanges 2FA works.  Polo and Bittrex both use google authenticator which has nothing to do with your phone # and doesn't talk back to anything, so what you are saying isn't even valid.

Reviewing this thread it looks like a very small amount of people clicked on something and gave an attacker their password.  This last guy even says someone turned on his 2fa, which is impossible without having access to his email account, which a few posts before he mentions an unknown IP logging in to his email.  Here you are the expert spewing foul, when its fairly obvious these users clicked something stupid or installed something stupid on their machines.  Lol less than 10 users out of thousands and thousands and you think its the exchanges fault.  You sure do beat up on all the exchanges out there.

What is your favorite exchange?  Seems you think they are all corrupt, maybe you should start a legit one.
legendary
Activity: 1092
Merit: 1000
So they hacked in on March 31st, started on April 1st at 13:40, took them about half an hour to enable 2fa, and rest is known story. Known and unknown random IPs. Finished on April 2nd at 16:30

If 2fa was used , what was the Phone # attached to it.
Cell Tower records should hold the GPS location at the time it received the text, to help pinpoint the thief's physical location.
(That why Law Enforcement has to be brought in, they can get a warrant for the cell tower records. )


 Cool

legendary
Activity: 1092
Merit: 1000
So what is bittrex doing about this?

From the looks of things, They are sorry for your Loss and that is about it.  Tongue
They refused to contact any legal authorities and are basically blaming the victims. (Bad Form on their part.)

 Cool
newbie
Activity: 8
Merit: 0
Here is part of IP log:


UNKNOWN_IP_WITHDRAWAL_2FA_SUCCESS 77.57.136.72 Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/49.0.2623.110 Safari/537.36 2016-04-02 16:30:13.493
...
UNKNOWN_IP_WITHDRAWAL_2FA_SUCCESS 109.93.97.80 Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/49.0.2623.110 Safari/537.36 2016-04-01 15:41:12.950
WITHDRAWAL_2FA_SUCCESS 130.180.240.144 Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/49.0.2623.110 Safari/537.36 2016-04-01 15:11:21.250
...
ENABLE_2FA 194.204.45.101 Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/49.0.2623.110 Safari/537.36 2016-04-01 14:06:10.803
PENDING_2FA 130.180.240.144 Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/49.0.2623.110 Safari/537.36 2016-04-01 14:05:43.910
LOGIN 130.180.240.144 Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/49.0.2623.110 Safari/537.36 2016-04-01 14:02:26.340
LOGOFF 194.204.45.101 Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/49.0.2623.110 Safari/537.36 2016-04-01 13:58:49.360
LOGIN 194.204.45.101 Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/49.0.2623.110 Safari/537.36 2016-04-01 13:42:30.803
...
LOGOFF 74.135.30.68 Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/47.0.2526.106 Safari/537.36 2016-03-31 00:31:19.547
LOGIN 74.135.30.68 Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/47.0.2526.106 Safari/537.36 2016-03-31 00:27:37.903
...


So they hacked in on March 31st, started on April 1st at 13:40, took them about half an hour to enable 2fa, and rest is known story. Known and unknown random IPs. Finished on April 2nd at 16:30
sr. member
Activity: 476
Merit: 500
Re-Evolution
So what is bittrex doing about this?
hero member
Activity: 1036
Merit: 501

It sucks for the people that were hacked but I'm 99.9% positive that your bittrex deposit addresses are just that.... for deposits, once there their internal ledger accounts for those coins and those coins may be given away when they fulfill other withdrawals etc.... I might be wrong but I don't think so. So no use being paranoid about tracking the funds in your deposit address apart from deposits. Their internal ledger is what matters.



Yes, Bittrex, being an exchange, stores the funds in cold wallets.

The withdrawals are processed through their hotwallet.
Tracking your address won't work, as once you deposit your funds, they are transferred to the hot/cold wallets on the next sweep.  Grin
sr. member
Activity: 476
Merit: 500
Re-Evolution
It sounds like bittrex are having some serious problems. I moved all my coins off bittrex today and moved them to poloniex.
I wont use bittrex anymore after reading this thread. They need to take responsibility. If it was just one user then that's one thing. But multiple users. Its obvious their email database was hacked. Thank god the email I use there was made special for bittrex. Otherwise id have to change all my other accounts and email addresses. What a mess!

It doesn't look good or them does it?

No it does not. That's why I moved all my coins away from them!
legendary
Activity: 1246
Merit: 1005

It sucks for the people that were hacked but I'm 99.9% positive that your bittrex deposit addresses are just that.... for deposits, once there their internal ledger accounts for those coins and those coins may be given away when they fulfill other withdrawals etc.... I might be wrong but I don't think so. So no use being paranoid about tracking the funds in your deposit address apart from deposits. Their internal ledger is what matters.

legendary
Activity: 1288
Merit: 1000
It sounds like bittrex are having some serious problems. I moved all my coins off bittrex today and moved them to poloniex.
I wont use bittrex anymore after reading this thread. They need to take responsibility. If it was just one user then that's one thing. But multiple users. Its obvious their email database was hacked. Thank god the email I use there was made special for bittrex. Otherwise id have to change all my other accounts and email addresses. What a mess!

It doesn't look good or them does it?
legendary
Activity: 1288
Merit: 1000
They reset 2fa, I managed to enter my account

HOLY SHIT!!!

All my funds (FTC and BTC) were used in about 715 transactions with various coins: apex, arb, uro, smbr, kore, tron, grs, lxc, excl, tri, ybc, xdq, root, ftc, lxc and xqn, in period April 1st-April 2nd.

Here is transaction history: https://drive.google.com/file/d/0BzKo9AFn9Gq-TThiQXdzSG5zZnM/view?usp=sharing

In the same period 30 BTC withdrawals occured, and total of about 50 BTC were withdrawn!!!!

I had about 4000 FTC and 0,1 BTC before all that.

How they made 50 BTC?!

Now I'm left with 600 FTC in stuck wallet, 0.49 YBC, 11.8 SHF and 113.6 APEX.

Looks like your account laundered my coins.

Bitrrex will not except any liability at all.

Looks like someone found out a serious flaw and took advantage.

We still don't know how this attack actually happened yet, we should be concerned as the flaw is likely open.
sr. member
Activity: 476
Merit: 500
Re-Evolution
It sounds like bittrex are having some serious problems. I moved all my coins off bittrex today and moved them to poloniex.
I wont use bittrex anymore after reading this thread. They need to take responsibility. If it was just one user then that's one thing. But multiple users. Its obvious their email database was hacked. Thank god the email I use there was made special for bittrex. Otherwise id have to change all my other accounts and email addresses. What a mess!
Pages:
Jump to: