Topic: Multiple Bittrex accounts hacked everyone enable 2fa - page 4. (Read 22334 times)

You are really just a confused soul that wants to argue, I am truly sorry that you are not a Brighter Soul, otherwise this might have been entertaining.

That Phone # is stored somewhere or the authentication software would be unable to send a text to it. 
Your What IFs on 2FA configuration, don't matter Bittrex directly stated download Google Authenticator on your mobile device.

And here you backtrack , 1st saying

You see why I have to ignore your thoughts,
1. Because you are usually wrong to start with.
2. 10 minutes later you agree with what I already said. 


And that has been the problem with this whole Forum, We as Forum Readers do not have any Proof of what any of these people have said.
It all has been nothing but posts, nothing verified by a 3rd party that any of us can trust.
That why the Legal Authority has to be called in , If Bittrex is lying , it will be discovered and they will be arrested for CyberCrimes, or if they were telling the truth then they will be proven innocent ,(which from a Public Relations Point of View their foolish to not have reported it unless they know they are guilty.)
That Final Outcome can't happen with just a bunch of Yahoos typing in a Forum, the Legal Authority has to be called in and they can best determine how to investigate.
Then we can all read on a News site after charges are filed what really happen and who is guilty and who is innocent. 

 

You're not understanding how google authenticator works on most of these sites, which is ok, because you probably haven't done web development or ever tried to implement a 2factor solution.  Most sites that are not associated with google use their open source version of the authenticator.  You can even run the application from a windows box with no phone number associated and no google accounts.  If you don't believe me go try and enable 2fa and do some packet sniffing while its happening, you won't see any network traffic, thus no way to get your phone #etc.

http://stackoverflow.com/questions/5087005/google-authenticator-available-as-a-public-service

Yah I read the thread they were given their logon history which shows some random ips logging into their account.  That should be enough to get an investigation started, they can contact the FBI like you said.

You have no proof they didn't steal anything else, do you know how many had funds somewhere else?  If any?  Hackers tend to move quick when they get a compromised machine and since all of these hacked people obviously are into crypto the hacker probably tricked them into clicking something crypto related, maybe they even knew these people traded at Bittrex from whatever forum they were posting in.

Didn't find it clearly but:

- Is (was) your email account hacked?
- Do (did) you store, in your email box, sensitive things like PW and "confirmation links"?
- Can you share your email provider?

So my frighten stalker returns,
It funny you claim to know their was no phone # attached to that specific 2fa.
Either Bittrex or Google has a Phone # stored for that 2fa account.

https://www.bittrex.com/Manage#section2Fa
You claim to know alot, but give no details where you receive that info or even provide a reference.
Mostly you just make up stories with the pretense of knowledge, when it is apparent you are lacking in that area.

Bittrex has not given all of the log info to the users, they cited privacy laws, can you not even read the previous posts before you contradict just to be contradictory.
That the real issue, Bittrex is hiding data, that legally they could only give to the Legal Authority.

Are you and the others really so stupid, that you believe a hacker had total access to their PCs.
But did not go after their Bank Accounts or Credit Cards and only focuses on 1 crypto exchange and ignore every other exchange.
Are you really that Stupid?
Just Asking cause you seem to be that stupid.  

FYI:
The committed crime crossed State Lines, and would be in the the FBI jurisdiction not local Police.
Whether the FBI does anything is up to them, funny that Bittrex is afraid to report it to them.
https://www.fbi.gov/about-us/investigate/what_we_investigate
https://www.fbi.gov/about-us/investigate/cyber/computer-intrusions

 

You are referring to 2-factor authentication for gmail and google accounts.  That is not the same as using the google 2fa open source code that does not link back to google at all.  The exchanges are using the later.

Oh anything can be traced if you have enough manpower.  Looks like Bittrex gave the users all the information about who logged into their accounts.  If those users want to find out who stole their stuff they should file police reports and get the process started.


The problem is this isn't women at the shelter because their husbands smacked them around.  It's because they were sleeping around with a trojan horse.  Their machines were hacked, not bittrex, the burden is on them, bittrex is just one piece of information that they can obtain, contacting the FBI would do nothing for these people as the FBI wouldn't even bother doing anything with this.

So I imagine you go to Women shelters and tell them it was their fault , that their husband smacked them around?


Fact ,
All Bittrex had to do, is contact the FBI, turn over the log information and then that is the end of any requirement they owe their users.
How much time, would that have taken, less time than what has been spent blaming the victims in this forum, No doubt.

 

Hey , that is what stalkers do , No shame there. 

https://www.google.com/landing/2step/#tab=how-it-works


See Phone, in the above quote.
Or if they used the security key instead , doubtful, but even so Google could cross reference it and give your some of the accounts the key is connected too,
such as Gmail, Google, GitHub, or Dropbox accounts, which would lead to more IPs , which one of them will lead back to the thief.

You are not one of those people that actually believe you can do anything on the internet and remain anonymous , are you?
FYI: Even Tor won't keep you safe , if the right people are looking for you.

Also what is this unknown IP crap, you guys keep passing out , network access and connection require an IP address,
even if they are behind a VPN, you get the VPN IP Address, from there you hit the VPN provider with a warrant and get their logs which lead you closer to the thief.
Even if they do it 20 times that next address is there to follow.

 

Imho, its the victim's fault for losing their funds, but this thread should not be turned into in "I know better" type of opinions.

I guess I'm following you around now.

You obviously don't understand how most of the exchanges 2FA works.  Polo and Bittrex both use google authenticator which has nothing to do with your phone # and doesn't talk back to anything, so what you are saying isn't even valid.

Reviewing this thread it looks like a very small amount of people clicked on something and gave an attacker their password.  This last guy even says someone turned on his 2fa, which is impossible without having access to his email account, which a few posts before he mentions an unknown IP logging in to his email.  Here you are the expert spewing foul, when its fairly obvious these users clicked something stupid or installed something stupid on their machines.  Lol less than 10 users out of thousands and thousands and you think its the exchanges fault.  You sure do beat up on all the exchanges out there.

What is your favorite exchange?  Seems you think they are all corrupt, maybe you should start a legit one.

If 2fa was used , what was the Phone # attached to it.
Cell Tower records should hold the GPS location at the time it received the text, to help pinpoint the thief's physical location.
(That why Law Enforcement has to be brought in, they can get a warrant for the cell tower records. )


 

From the looks of things, They are sorry for your Loss and that is about it. 
They refused to contact any legal authorities and are basically blaming the victims. (Bad Form on their part.)

 

Here is part of IP log:


UNKNOWN_IP_WITHDRAWAL_2FA_SUCCESS 77.57.136.72 Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/49.0.2623.110 Safari/537.36 2016-04-02 16:30:13.493
...
UNKNOWN_IP_WITHDRAWAL_2FA_SUCCESS 109.93.97.80 Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/49.0.2623.110 Safari/537.36 2016-04-01 15:41:12.950
WITHDRAWAL_2FA_SUCCESS 130.180.240.144 Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/49.0.2623.110 Safari/537.36 2016-04-01 15:11:21.250
...
ENABLE_2FA 194.204.45.101 Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/49.0.2623.110 Safari/537.36 2016-04-01 14:06:10.803
PENDING_2FA 130.180.240.144 Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/49.0.2623.110 Safari/537.36 2016-04-01 14:05:43.910
LOGIN 130.180.240.144 Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/49.0.2623.110 Safari/537.36 2016-04-01 14:02:26.340
LOGOFF 194.204.45.101 Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/49.0.2623.110 Safari/537.36 2016-04-01 13:58:49.360
LOGIN 194.204.45.101 Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/49.0.2623.110 Safari/537.36 2016-04-01 13:42:30.803
...
LOGOFF 74.135.30.68 Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/47.0.2526.106 Safari/537.36 2016-03-31 00:31:19.547
LOGIN 74.135.30.68 Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/47.0.2526.106 Safari/537.36 2016-03-31 00:27:37.903
...


So they hacked in on March 31st, started on April 1st at 13:40, took them about half an hour to enable 2fa, and rest is known story. Known and unknown random IPs. Finished on April 2nd at 16:30

So what is bittrex doing about this?

Yes, Bittrex, being an exchange, stores the funds in cold wallets.

The withdrawals are processed through their hotwallet.
Tracking your address won't work, as once you deposit your funds, they are transferred to the hot/cold wallets on the next sweep. 

No it does not. That's why I moved all my coins away from them!

It sucks for the people that were hacked but I'm 99.9% positive that your bittrex deposit addresses are just that.... for deposits, once there their internal ledger accounts for those coins and those coins may be given away when they fulfill other withdrawals etc.... I might be wrong but I don't think so. So no use being paranoid about tracking the funds in your deposit address apart from deposits. Their internal ledger is what matters.

It doesn't look good or them does it?

Looks like your account laundered my coins.

Bitrrex will not except any liability at all.

Looks like someone found out a serious flaw and took advantage.

We still don't know how this attack actually happened yet, we should be concerned as the flaw is likely open.

It sounds like bittrex are having some serious problems. I moved all my coins off bittrex today and moved them to poloniex.
I wont use bittrex anymore after reading this thread. They need to take responsibility. If it was just one user then that's one thing. But multiple users. Its obvious their email database was hacked. Thank god the email I use there was made special for bittrex. Otherwise id have to change all my other accounts and email addresses. What a mess!