Author

Topic: My BtC was stolen on Blockchain.com (Read 305 times)

hero member
Activity: 714
Merit: 1010
Crypto Swap Exchange
June 10, 2024, 03:19:35 PM
#29
OP has quite a lot of browser extensions installed and I can recognize only very few of them. Beware that browser extensions sometimes ask for a lot of permissions and thus can basically access everything that loads in your browser's pages.

Are you sure that every of your browser extensions is fully trustworthy (probably the minority, if any, is open-source and audited)?

This doesn't explain how your coins were stolen, but could be a clue how browser or login data got stolen, if you have some less reputable browser extension that may exfiltrate data silently.

OP, as far as I've read through this topic you haven't answered the question whether you've stored your wallet's recovery details in digital form on your computer. Maybe you took a picture of the details with your mobile phone which syncs pictures to some cloud service?

I wonder why the originating address of wallet is labeled "DeFi Wallet". OP, did you use this wallet for some airdrops or other non-Bitcoin stuff? Could it be that you granted some website overly generous permissions for your online wallet? (Not sure if this is possible with such a blockchain.com wallet as I don't use it.)
newbie
Activity: 9
Merit: 3
June 10, 2024, 05:44:53 AM
#28
Recently, a sudden incident on X showed that a user's funds on OKX were stolen despite having various verifications enabled. How did they manage to obtain the user's SMS verification code?
It is a horrible decision to store your funds in an exchange, i don't know exactly how this person lost their coins, but if an attacker compromises your device and your exchange account, they can steal your funds. Crazy thing is that is not the only way you can lose your coins if it is on an exchange, the exchange itself can be hacked, or they can confiscate your funds for any reason.

To be safe, store your coins in cold storage, either a hardware or airgapped wallet, and you can add an extra layer of security like extending your seed phrase with a passphrase or you just create a multisig wallet, if you know exactly what you are doing.
yes, you are right, Especially for Chinese users, cryptocurrency is already in a legal gray area and is not protected by law. Currently, playing with cryptocurrency could potentially lead to legal violations. If the exchange itself engages in theft, users really have no recourse, especially with such large amounts of money involved.
hero member
Activity: 2786
Merit: 902
yesssir! 🫡
June 09, 2024, 06:58:32 PM
#27
How did they manage to obtain the user's SMS verification code?

SMS is a pretty weak 2fa though compared to others like TOTP for instance.

That's because a telcom employee can port your phone number to the wrong person by falling into social engineering attacks or by being an accomplice with the perpetrators. We've had plenty of these cases you can search on the internet -- keywords: sim hijacking/sim swap attack
legendary
Activity: 994
Merit: 1089
Wheel of Whales 🐳
June 09, 2024, 05:11:24 PM
#26
Recently, a sudden incident on X showed that a user's funds on OKX were stolen despite having various verifications enabled. How did they manage to obtain the user's SMS verification code?
It is a horrible decision to store your funds in an exchange, i don't know exactly how this person lost their coins, but if an attacker compromises your device and your exchange account, they can steal your funds. Crazy thing is that is not the only way you can lose your coins if it is on an exchange, the exchange itself can be hacked, or they can confiscate your funds for any reason.

To be safe, store your coins in cold storage, either a hardware or airgapped wallet, and you can add an extra layer of security like extending your seed phrase with a passphrase or you just create a multisig wallet, if you know exactly what you are doing.
legendary
Activity: 2604
Merit: 2353
June 09, 2024, 12:16:18 PM
#25
yes, this happened in 2020. I just joined this forum and remembered this incident, so I decided to share it. Recently, a sudden incident on X showed that a user's funds on OKX were stolen despite having various verifications enabled. How did they manage to obtain the user's SMS verification code?

https://x.com/CryptoApprenti1/status/1799592388379484313
Well you're right, it’s a good approach and a nice state of mind after all. It's always a good thing to report hacks and sophisticated scams to the community because it helps people to protect themselves against that and to prevent much victims to get stolen. Unfortuantely victims are usually ashamed to signal them and to talk about them because they think they've done something wrong and they feel guilty while they are not the actual culprits. A new kind of secure authentication is currently spreading in the crypto and sensitive datas universe with embedded Passkeys, I hope it will help to resolve those security impairments.
newbie
Activity: 9
Merit: 3
June 09, 2024, 08:42:02 AM
#24
https://x.com/huangshiyuan17/status/1799773009068355971

This user was stolen 5M from his OKX exchange account.
newbie
Activity: 9
Merit: 3
June 09, 2024, 07:04:13 AM
#23
site: blockchain.com
screenshot of the transaction history:https://ibb.co/wM9kP1L

I had activated Email and SMS as the authentication, it was still stoled, don't know how the hacker get my sms code.
The transaction is dated from october 2020, it was almost 4 years ago bro. Why do you make a topic about it in June 2024, if you have not recent news about the attack? Unfortunately I don't think Blockchain.com and its exchange is very secure since I regularly encounter bugs when I use both of them. So I avoid to leave much money on them. SMS code is not very safe that's why using 2FA app is usually recommended instead.

yes, this happened in 2020. I just joined this forum and remembered this incident, so I decided to share it. Recently, a sudden incident on X showed that a user's funds on OKX were stolen despite having various verifications enabled. How did they manage to obtain the user's SMS verification code?

https://x.com/CryptoApprenti1/status/1799592388379484313
hero member
Activity: 2786
Merit: 902
yesssir! 🫡
June 08, 2024, 05:04:48 PM
#22
I'm not sure how long has this process existed when it comes to resetting 2fa but it appears to be pretty easy once the hacker has gotten ahold of your email account. It's pretty much just sending a request and approving from your email then it's completed instantly, see: https://support.blockchain.com/hc/en-us/articles/360000286426-How-do-I-disable-two-step-verification-2FA

I'm not saying this is what happened though, just stating another possibility. It would be pretty hard to guess what exactly went through with our limited information + multiple other possible attacks at hand as this wallet is considered as one of the poor setups to have.
hero member
Activity: 3024
Merit: 680
★Bitvest.io★ Play Plinko or Invest!
June 08, 2024, 04:23:49 PM
#21
Where were you OP all of this time, it has been moved on 2020 and you have just opened your this time?

I'm sorry with your loss, that's a lot of value right now but there's no way that you can recover it but to warn everybody here that never use that wallet anymore.

I've used it before but stopped eventually.

Maybe the OP got a call from a MITM and gave his phone companies verification code to them, allowing for control of the account to be taken over?
This is possible, I was thinking that he probably might have kept his recovery seed that the hacker has accessed but MITM is also likely, but dating that back 4 years ago, he won't probably remember what his activities were.
hero member
Activity: 812
Merit: 560
June 08, 2024, 04:05:12 PM
#20
I had activated Email and SMS as the authentication, it was still stoled, don't know how the hacker get my sms code.

This is not about the site used because it can occur the same way with any other platforms you may decided to use later after this if you're not getting to know the reason for this, we have to know much about privacy and this is very important when we are having in consideration about the security measures to our crypto portfolio, some don't know how they have left an opening for hackers to take advantage of and use to scam them, this couldn't have happened if there were no vulnerability somewhere else, take this as a lesson and avoid reoccurrence.
legendary
Activity: 2604
Merit: 2353
June 08, 2024, 03:43:44 PM
#19
site: blockchain.com
screenshot of the transaction history:

I had activated Email and SMS as the authentication, it was still stoled, don't know how the hacker get my sms code.
The transaction is dated from october 2020, it was almost 4 years ago bro. Why do you make a topic about it in June 2024, if you have not recent news about the attack? Unfortunately I don't think Blockchain.com and its exchange is very secure since I regularly encounter bugs when I use both of them. So I avoid to leave much money on them. SMS code is not very safe that's why using 2FA app is usually recommended instead.
legendary
Activity: 1526
Merit: 1359
June 08, 2024, 03:28:21 PM
#18
The transaction occurred 4 years ago at 2020-10-01 02:59. Why are you posting now?
The date just caught my eye now. From the screenshot and the price I see in that place, the screenshot was taken recently. Maybe the Op was one of those who bought bitcoin back then to hold for a long time, and he just happened to check the wallet recently and notice that his holdings have already been moved out.
 
Such a pity after waiting for so long, and the profit that could have been made as a reward for his patient was all wiped out.

It is very unlikely that someone would buy such a significant amount of Bitcoin, leave it in a web wallet, and not check the balance for nearly four years.  Besides, the OP already mentioned this happened in 2020 and that he has "always" been puzzled about how the coins were stolen.



BlockChain.com is a centralized exchange. I remember the website does not provide seedphrase export, only a recovery key for password reset. This happened in 2020 when BTC prices were very low. What has always puzzled me is how they managed to get my SMS code.

@OP,  just to correct you here: BlockChain.com actually offers both services - a centralized exchange and a non-custodial online wallet. You can easily move your funds between them at any time.
full member
Activity: 189
Merit: 120
June 08, 2024, 02:50:47 PM
#17
The transaction occurred 4 years ago at 2020-10-01 02:59. Why are you posting now?
The date just caught my eye now. From the screenshot and the price I see in that place, the screenshot was taken recently. Maybe the Op was one of those who bought bitcoin back then to hold for a long time, and he just happened to check the wallet recently and notice that his holdings have already been moved out.
 
Such a pity after waiting for so long, and the profit that could have been made as a reward for his patient was all wiped out.
donator
Activity: 4760
Merit: 4323
Leading Crypto Sports Betting & Casino Platform
June 08, 2024, 02:37:17 PM
#16
Were you SIM swapped by any chance? (You mentioned that but call your phone provider just to be sure). That's a very common way of taking over accounts.

I thought they had fixed this issue on newer phones that no longer have a physical sim card.  Maybe not though.  It makes me wonder if social engineering was involved.  Maybe the OP got a call from a MITM and gave his phone companies verification code to them, allowing for control of the account to be taken over?  Without more details it's hard to say what happened.  I heard a song the other day by some new rapper named Mabu where he has a line talking about how he got rich from sim swapping someone.  Pretty scary to think about.  Glad I only have like $5 in crypto on my phone from some TRON someone sent me once and store nothing important on it.
sr. member
Activity: 714
Merit: 409
June 08, 2024, 02:36:08 PM
#15
This means that your seed phrase was stolen or you accidentally revealed it to someone. There are folks who sell their "old wallets" to bounty hunters and forget they did. Blockchain.com wallets seedphrase for ETH is same for BTC. Sure that's not what happened?
I think that this is this is a totally different case from what happened. Since the Op is making use of a web wallet, there is every possibility that the system that he is using might have been infected with him, even knowing that the hacker can gain all the information they need from the Op in order for them to move out of the wallet without the permission of the Op. 
 
And to op with the large amount of BTC that was moved out of the wallet, why did you entrust your holdings to an online wallet? If you still have other holdings on other online wallets, I will advise you, for the main time, if nothing has happened to them, to get them off there, move them to a well-secured open-source wallet, and make sure you protect your private key from the reach of others.
newbie
Activity: 21
Merit: 0
June 08, 2024, 02:12:58 PM
#14
This means that your seed phrase was stolen or you accidentally revealed it to someone. There are folks who sell their "old wallets" to bounty hunters and forget they did. Blockchain.com wallets seedphrase for ETH is same for BTC. Sure that's not what happened?
hero member
Activity: 1190
Merit: 901
Livecasino.io
June 08, 2024, 02:02:48 PM
#13
The 2FA code won't really help with that.
Apparently the 2FA is useless. It looks like it provides security but it just provides pseudo security. It really adds no extra layer of security contrary to what they say it does. Well the OP still has to answer your question and to add to it did he visit the hackers paradise- Telegram and mistakenly revealed his seed phrase?
legendary
Activity: 2338
Merit: 1923
June 08, 2024, 01:59:18 PM
#12
There used to be scam attempts with google Ads. So if you searched for your wallet at blockchain.com on google and clicked on the first result, you were redirected to a scam page. This page looked 1:1 exactly like the original and you entered your name and password there. Then the authentication was changed (however) and the bitcoins were stolen. I dont know how it works with SMS today, but maybe this will help. It is very annoying when a coin are stolen, but im sure karma will fix it and they will be punished for it. The last posts here have given good tips, i hope this will help you.
legendary
Activity: 2212
Merit: 7064
June 08, 2024, 01:52:13 PM
#11
I had activated Email and SMS as the authentication, it was still stoled, don't know how the hacker get my sms code.
There is a chance your seed words got  exposed on your end, maybe hacker hacked your computer if you kept them in digital form, or you were a victim of phishing attack.
I also don't recommend anyone to use web wallets like Blockchain.com or anything similar, especially not for storing large amount of coins.
If you want better security you should use cold wallets, but seed words should always be kept offline on paper/metal.
staff
Activity: 3500
Merit: 6152
June 08, 2024, 01:45:49 PM
#10
A hacker does not necessarily need that in order for him to access your wallet.

Your seedphrase or private keys (if it's an imported address) are all a hacker needs to access your funds. The 2FA code won't really help with that.

So the question is... where is your seed stored? is it online? did you share it with someone before? is it well hidden?
BlockChain.com is a centralized exchange. I remember the website does not provide seedphrase export, only a recovery key for password reset. This happened in 2020 when BTC prices were very low. What has always puzzled me is how they managed to get my SMS code.

How old is your wallet exactly? Blockchain.com has been generating a seedphrase for their users for many years now.

"The pit" (their exchange) launched back in Q3 2019 but the screenshot clearly shows that it's not the exchange and that you have "sent" and not "withdrawn" funds.

As mentioned above, the "recovery key" should be your seed/recovery phrase. See here: https://support.blockchain.com/hc/en-us/articles/7830201135900-How-do-I-recover-my-account-if-I-lost-my-password
legendary
Activity: 2380
Merit: 5213
June 08, 2024, 01:34:05 PM
#9
The address which received OP's fund has received 5.65 BTC in total and has been reported here too.


I think the OP exchange account was what got hacked, not the wallet, where the hacker needs to gain access to the private key or phrase of the wallet.
No, OmegaStarScream was right.
according to the screenshot shared by OP, the fund was sent out from blockchain.com wallet, not their exchange.


BlockChain.com is a centralized exchange.
They have a web wallet too.


I remember the website does not provide seedphrase export, only a recovery key for password reset.
The recovery key provided by blockchain.com wallet is your seed phrase.
legendary
Activity: 3472
Merit: 3217
Happy New year 🤗
June 08, 2024, 01:33:10 PM
#8
Why would you hold BTC on an online wallet like blockchain.com? Since it's online hackers have so many chances to try to hack your account and steal your funds.

I'm sorry for your loss since Bitcoin transactions are reversible you can't do anything.

I hope next time don't use online or web wallets like blockchain.com I heard many users hacked using web wallets like blockchain.com next time use a better wallet like Electrum or hardware wallet.
newbie
Activity: 9
Merit: 3
June 08, 2024, 01:31:12 PM
#7
A hacker does not necessarily need that in order for him to access your wallet.

Your seedphrase or private keys (if it's an imported address) are all a hacker needs to access your funds. The 2FA code won't really help with that.

So the question is... where is your seed stored? is it online? did you share it with someone before? is it well hidden?
BlockChain.com is a centralized exchange. I remember the website does not provide seedphrase export, only a recovery key for password reset. This happened in 2020 when BTC prices were very low. What has always puzzled me is how they managed to get my SMS code.
staff
Activity: 3500
Merit: 6152
June 08, 2024, 01:27:37 PM
#6
A hacker does not necessarily need that in order for him to access your wallet.

If this is an imported wallet, then he might have accessed the private key of that address...

If it's completly generated by Blockchain, then he might have found your seed.
I think the op exchange account was what got hacked and not the wallet where the hacker needs to gain access to the private key or phrase of the wallet.

I could be wrong, but the screenshot he's showing looks more like the "wallet" than the exchange which seems to have an overall different UI, theme as you can see here:

[1] https://support.blockchain.com/hc/en-us/articles/4417087554068-How-to-withdraw-crypto
[2] https://exchange.blockchain.com/trade
hero member
Activity: 1778
Merit: 907
June 08, 2024, 01:23:15 PM
#5
I'm sorry for your loss, did you receive anything suspicious in an SMS or in your email prior to the transaction, such as unsuccessful logins or receiving verification codes to login? Have you downloaded any pirated software in the past, or where your passwords compromised at some point?


P.S Sim swapping has also growing increasingly common as NotATether already mentioned.
full member
Activity: 189
Merit: 120
June 08, 2024, 01:23:04 PM
#4
A hacker does not necessarily need that in order for him to access your wallet.

If this is an imported wallet, then he might have accessed the private key of that address...

If it's completly generated by Blockchain, then he might have found your seed.
I think the OP exchange account was what got hacked, not the wallet, where the hacker needs to gain access to the private key or phrase of the wallet. 
 
I think all they use is a password and email to login, and the 2FA and SMS verification are just added security, which hackers might be able to bypass. The Op should try checking out his logging history; maybe this has been planned out for a long time, and just having access to the account email and other things might be a bit easier to bypass.
legendary
Activity: 1568
Merit: 6660
bitcoincleanup.com / bitmixlist.org
June 08, 2024, 01:21:19 PM
#3
Were you SIM swapped by any chance? (You mentioned that but call your phone provider just to be sure). That's a very common way of taking over accounts.
staff
Activity: 3500
Merit: 6152
June 08, 2024, 01:20:24 PM
#2
A hacker does not necessarily need that in order for him to access your wallet.

Your seedphrase or private keys (if it's an imported address) are all a hacker needs to access your funds. The 2FA code won't really help with that.

So the question is... where is your seed stored? is it online? did you share it with someone before? is it well hidden?
newbie
Activity: 9
Merit: 3
June 08, 2024, 01:19:22 PM
#1
site: blockchain.com
screenshot of the transaction history:https://ibb.co/wM9kP1L

I had activated Email and SMS as the authentication, it was still stoled, don't know how the hacker get my sms code.
Jump to: