contacted their support #210524 three weeks ago and several times after, up till now they've not responded. question is, why should a hacker enable 2fa....
makes me think it was not hacked...!
Topic: Poloniex account hacked and all monies traded away,TICKET NUMBER #271818 - page 5. (Read 6601 times)
June 28, 2017, 07:55:21 AM
one of the weirdest options: i did'nt have 2fa enabled, next day i tried to log in 2fa was enabled just out of the blue...so i could'nt get to my account.
contacted their support #210524 three weeks ago and several times after, up till now they've not responded. question is, why should a hacker enable 2fa....
makes me think it was not hacked...!
contacted their support #210524 three weeks ago and several times after, up till now they've not responded. question is, why should a hacker enable 2fa....
makes me think it was not hacked...!
June 27, 2017, 08:23:21 PM
Staff can steal it then play dumb.. Implying hackers.
Perfect crime.. It would impossible to catch the staff doing it because they all operate with 0 transparency.
Think about it people.. I am just pointing out common sense.
Perfect crime.. It would impossible to catch the staff doing it because they all operate with 0 transparency.
Think about it people.. I am just pointing out common sense.
June 27, 2017, 02:09:25 PM
Same exact shit happened to me.
Polo is in on it, I guarantee it 100%
This happened at the end of may. They ultimately traded out my 600 litecoins to fucking qora, first to btc, then xmr.
Polo is like swiss cheese.
Actually Im very certain it was one of the help desk fucktards as I had contacted support a week prior. I had this particular account for maybe two weeks before it was hacked the exact same way as yours.
If polo is this insecure, why the hell haven't they fixed this problem. Make 2fa mandatory.
Polo is probably insolvent, and hence hacking users accounts using this method. Their response is always, its your fault not ours.
Fuck them
Polo is in on it, I guarantee it 100%
This happened at the end of may. They ultimately traded out my 600 litecoins to fucking qora, first to btc, then xmr.
Polo is like swiss cheese.
Actually Im very certain it was one of the help desk fucktards as I had contacted support a week prior. I had this particular account for maybe two weeks before it was hacked the exact same way as yours.
If polo is this insecure, why the hell haven't they fixed this problem. Make 2fa mandatory.
Polo is probably insolvent, and hence hacking users accounts using this method. Their response is always, its your fault not ours.
Fuck them
June 27, 2017, 01:52:29 PM
Just enabled 2FA on polo 
I'm also registered on bittrex and few days ago got email that someone logged from diff IP, traced to Russia Had nothing on bittrex 
Changed passwords and now 2FA
I'm also registered on bittrex and few days ago got email that someone logged from diff IP, traced to Russia
Had nothing on bittrex Changed passwords and now 2FA
June 27, 2017, 01:06:55 PM
I feel sorry for your loss.
Poloniex is aware of this problem because you are not the first one whose poloniex account is hacked and submitted a ticket for this.
In my opinion poloniex is also accountable and should (partly) compensate users who are hacked.
After the first ticket was raised, poloniex should have informed all their users to setup a 2fa authentication immediately.
They simply should not allow users not to use 2fa authentication, and make 2fa mandatory.
Also they should have prevent users to withdraw coins (or at least delay for a long time) if they logged in without a 2fa-authentication (with the knowledge that their users are hacked currently).
The shady thing with the hacked accounts at poloniex is that the withdrawal is processed without the confirmation by e-mail.
As a poloniex user you must be confident that your coins are safe, and currently this is one of the worst places to deposit your coins.
Poloniex is aware of this problem because you are not the first one whose poloniex account is hacked and submitted a ticket for this.
In my opinion poloniex is also accountable and should (partly) compensate users who are hacked.
After the first ticket was raised, poloniex should have informed all their users to setup a 2fa authentication immediately.
They simply should not allow users not to use 2fa authentication, and make 2fa mandatory.
Also they should have prevent users to withdraw coins (or at least delay for a long time) if they logged in without a 2fa-authentication (with the knowledge that their users are hacked currently).
The shady thing with the hacked accounts at poloniex is that the withdrawal is processed without the confirmation by e-mail.
As a poloniex user you must be confident that your coins are safe, and currently this is one of the worst places to deposit your coins.
June 27, 2017, 11:43:53 AM
This story has been posted before.. LOTS.
When do chucklefucks clue in that all this shit is scammy?
No idea why you all keep pretending trading profit coins on teh exchanger is a legit investment strategy.
I am not sorry for your loss.. Because I highly doubt you learned anything
PS:
I already knew your story.
All I did was guess then I read the comment before mine then edited my post.
In case you shit birds didn't figure it out yet?
That happens a lot.. Especially at POLONIEX & BITTREX.
Wonder why? LOL
I WISH IHAD MY OWN EXCHANGE
When do chucklefucks clue in that all this shit is scammy?
No idea why you all keep pretending trading profit coins on teh exchanger is a legit investment strategy.
I am not sorry for your loss.. Because I highly doubt you learned anything
PS:
I already knew your story.
All I did was guess then I read the comment before mine then edited my post.
In case you shit birds didn't figure it out yet?
That happens a lot.. Especially at POLONIEX & BITTREX.
Wonder why? LOL
I WISH IHAD MY OWN EXCHANGE
June 27, 2017, 11:36:27 AM
I am sorry for your loss, I guess the only way is to create ticket from what the seniors mentioned in the previous reply and hope poloniex is able to help you recover the fund.
I came across a website which is trying to impose poloniex early this month. It has the same design and domain but it is not poloniex.com but something like poloniex.ru. It is on Google search page, did you accidentally login to the fake website and that is why the hacker managed to steal your password? Since I came across the website, I always login to poloniex through bookmark.
Try to include as many details as possible so that poloniex can try to help. Hope everything goes well for you.
I came across a website which is trying to impose poloniex early this month. It has the same design and domain but it is not poloniex.com but something like poloniex.ru. It is on Google search page, did you accidentally login to the fake website and that is why the hacker managed to steal your password? Since I came across the website, I always login to poloniex through bookmark.
Try to include as many details as possible so that poloniex can try to help. Hope everything goes well for you.
June 27, 2017, 11:20:32 AM
what kind of person you are keeping your 18,000 $ without 2 step security ? even if i only had 10 bucks i will keep it secure, it your assets, no body can help for your own mistake... sorry to say it
I agree, I am the dumbest guy to do that, lesson learnt a very expensive one, but that is not the point of this post
June 27, 2017, 11:19:22 AM
Thanks for your response BTCIV. But I am looking at options here BTCIV.
This is a clear case of theft and I have notified poloniex about it. 2FA is optional not mandatory by poloniex. I totally agree I should have had it on my account.
But nonetheless the money has been stolen from the exchange who were the custodian of my coins. Should they not do something about this? what are my options here to get this recovered. I have downloaded the list of trades the hacker did, i have have the market snapshot showing the irregular activity.
Please help me out here instead of just saying what has already happened
Thanks
This is a clear case of theft and I have notified poloniex about it. 2FA is optional not mandatory by poloniex. I totally agree I should have had it on my account.
But nonetheless the money has been stolen from the exchange who were the custodian of my coins. Should they not do something about this? what are my options here to get this recovered. I have downloaded the list of trades the hacker did, i have have the market snapshot showing the irregular activity.
Please help me out here instead of just saying what has already happened
Thanks
It depends on their terms of use. Have you read that? What does it say about insuring your deposited funds?
June 27, 2017, 11:08:11 AM
C'mon guys,
2FA is not that complicated.
Use AUTHY, way better than google authenticator (cloud saves, easy migration on a 2ndary device)
2FA is not that complicated.
Use AUTHY, way better than google authenticator (cloud saves, easy migration on a 2ndary device)
June 27, 2017, 11:04:20 AM
what kind of person you are keeping your 18,000 $ without 2 step security ? even if i only had 10 bucks i will keep it secure, it your assets, no body can help for your own mistake... sorry to say it
June 27, 2017, 09:39:19 AM
June 27, 2017, 09:36:47 AM
Thanks for your response BTCIV. But I am looking at options here BTCIV.
This is a clear case of theft and I have notified poloniex about it. 2FA is optional not mandatory by poloniex. I totally agree I should have had it on my account.
But nonetheless the money has been stolen from the exchange who were the custodian of my coins. Should they not do something about this? what are my options here to get this recovered. I have downloaded the list of trades the hacker did, i have have the market snapshot showing the irregular activity.
Please help me out here instead of just saying what has already happened
Thanks
This is a clear case of theft and I have notified poloniex about it. 2FA is optional not mandatory by poloniex. I totally agree I should have had it on my account.
But nonetheless the money has been stolen from the exchange who were the custodian of my coins. Should they not do something about this? what are my options here to get this recovered. I have downloaded the list of trades the hacker did, i have have the market snapshot showing the irregular activity.
Please help me out here instead of just saying what has already happened
Thanks
You can ask them to investigate HOW the money was stolen. First, instead of sending an email, raise a ticket with support.
Once you have raised the ticket and have a ticket number, make an account on reddit, and then contact Mike-Poloniex (https://www.reddit.com/user/Mike-Poloniex/) via private mesage, quoting your ticket number and explaining what happened. They should be able to investigate and tell you the IP addresses of whoever stole your coins, and which countries they were in. After that, you need to contact the police to get them to track down the thieves.
Thanks for your response alyssa. I have already raised a ticked witht them and they have not yet gotten back to me. I have the ip address from where the hacker logged into my account. Ip address is 119.26.200.230, a quick search shows its from Kobe Japan, Jupiter Telecommunications Co.
Do you suggest I should speak to police in Japan? I am based in London,
thanks
Report it to your local police in London (I think they have a cybercrime unit and can achieve much more through their internal contacts than you attempting to solve things by yourself).
June 27, 2017, 09:33:29 AM
Yup basically accept it and move on, it's not anyone's fault but yours. Polo has no control over who has your pw, so it's not their problem. I wouldn't contact japanese police either, you can't expect them to do anything, especially just based off an ip which really just provides a general location. They'd probably just laugh you off.
June 27, 2017, 09:30:09 AM
if your account hacked then it is done, no one can help you about it or don't expecting polo to pay you back. simple as that.
Wooo, that's a bit harsh
June 27, 2017, 09:24:12 AM
if your account hacked then it is done, no one can help you about it or don't expecting polo to pay you back. simple as that.
June 27, 2017, 09:22:05 AM
Your money is lost, and it's a very expensive lesson for you, use secure computers, unique passwords and always enable two factor authentication.
Poloniex ain't gonna refund anything as you cannot show you're not the one defrauding them.
Police ain't gonna start an international investigation because so little money and also because you can be the one on both ends of that 'hack'.
Poloniex ain't gonna refund anything as you cannot show you're not the one defrauding them.
Police ain't gonna start an international investigation because so little money and also because you can be the one on both ends of that 'hack'.
Yes I know what you mean, but you can apply this argument to any crime, like lost/stolen item, the victim can always be the one defrauding the system/the insurers/the banks
June 27, 2017, 08:57:52 AM
a couple of lessons, ALWAYS use unique password or even special email accounts to make it even harder, just like linkedin hacks etc all ur previous passwords are already out in the open so stop (re)using old password, enable 2fa
mostlikely you wont get ur money back, sorry to hear about it hopefully in the next wave (whenever that is) you can make some nice profits and PLEASE..... TAKE OUT SOME PROFITS when u got some. because the most important rule is and will always be..... DONT PLAY WITH MONEY YOU CANT MISS!!!!
mostlikely you wont get ur money back, sorry to hear about it hopefully in the next wave (whenever that is) you can make some nice profits and PLEASE..... TAKE OUT SOME PROFITS when u got some. because the most important rule is and will always be..... DONT PLAY WITH MONEY YOU CANT MISS!!!!
June 27, 2017, 08:53:17 AM
Someone got hold of my password and logged in from an IP address in Japan, I am based in London.
Here is how the money was stolen, He did not withdraw any. I had notional value of $17000 in different coins. He converted them to BCN, then he went on and started trading BCN on a very wide spread. He sat on the other side of the trade and kept buying and selling from my account, buying high and selling low, him collecting the spread in that time. He kept doing this until my $17000 was reduced to mere $400.
It was a hacker from Japan according to login email
Thats the thing which I don't get Here is how the money was stolen, He did not withdraw any. I had notional value of $17000 in different coins. He converted them to BCN, then he went on and started trading BCN on a very wide spread. He sat on the other side of the trade and kept buying and selling from my account, buying high and selling low, him collecting the spread in that time. He kept doing this until my $17000 was reduced to mere $400.
It was a hacker from Japan according to login email
The thing is even if the hacker sells low and buy high from your account, there's no way he can ensure he is the want who will receive what you sell or what you buy. Did you set your settings such that you receive email notifications or require validation upon withdrawals?I really have no clue what is going on, but there might be some reason behind such activity which is possible to find. I have some suspicions but I do not dare confirm for now.
He can make sure he is the one i trade with, as he chooses a very illiquid stock which has a very large spread, buying at 70 and selling at 40. He sits inside the spread at a low volume time and keeps trading very quickly and I keep paying him the spread of thirty until my funds get depleted. Does that make sense?
Yes I did have email setup, i got email at 2:50 am when i was asleep. The ip adress lookup shows an IP in Kobe Japan
June 27, 2017, 08:49:47 AM
Me. Mt. gox 2013. Didn't have 2FA enabled. Russian hacker got my PW from a Bitcoin forum dump and I had used the same email and PW for my Gox acct. Can't get any dumber than that.
$4000 in BTC at the time, lost.
I've never not used 2FA again. Most expensive but best lesson I've ever learned.
$4000 in BTC at the time, lost.
I've never not used 2FA again. Most expensive but best lesson I've ever learned.
Jump to: