Pages:
Author

Topic: Poloniex account hacked and all monies traded away,TICKET NUMBER #271818 - page 5. (Read 6601 times)

newbie
Activity: 1
Merit: 0
one of the weirdest options: i did'nt have 2fa enabled, next day i tried to log in 2fa was enabled just out of the blue...so i could'nt get to my account.
contacted their support #210524 three weeks ago and several times after, up till now they've not responded. question is, why should a hacker enable 2fa.... Huh
makes me think it was not hacked...!
legendary
Activity: 1540
Merit: 1011
FUD Philanthropist™
Staff can steal it then play dumb.. Implying hackers.
Perfect crime.. It would impossible to catch the staff doing it because they all operate with 0 transparency.
Think about it people.. I am just pointing out common sense.
newbie
Activity: 40
Merit: 0
Same exact shit happened to me.

Polo is in on it, I guarantee it 100%

This happened at the end of may. They ultimately traded out my 600 litecoins to fucking qora, first to btc, then xmr.

Polo is like swiss cheese.

Actually Im very certain it was one of the help desk fucktards as I had contacted support a week prior. I had this particular account for maybe two weeks before it was hacked the exact same way as yours.

If polo is this insecure, why the hell haven't they fixed this problem. Make 2fa mandatory.

Polo is probably insolvent, and hence hacking users accounts using this method. Their response is always, its your fault not ours.


Fuck them

newbie
Activity: 3
Merit: 0
Just enabled 2FA  on polo Grin
I'm also registered on bittrex and few days ago got email that someone logged from diff IP, traced to Russia  Huh  Had nothing on bittrex  Cool
Changed passwords and now 2FA
hero member
Activity: 487
Merit: 500
I feel sorry for your loss.

Poloniex is aware of this problem because you are not the first one whose poloniex account is hacked and submitted a ticket for this.
In my opinion poloniex is also accountable and should (partly) compensate users who are hacked.

After the first ticket was raised, poloniex should have informed all their users to setup a 2fa authentication immediately.
They simply should not allow users not to use 2fa authentication, and make 2fa mandatory.
Also they should have prevent users to withdraw coins (or at least delay for a long time) if they logged in without a 2fa-authentication (with the knowledge that their users are hacked currently).

The shady thing with the hacked accounts at poloniex is that the withdrawal is processed without the confirmation by e-mail.

As a poloniex user you must be confident that your coins are safe, and currently this is one of the worst places to deposit your coins.



legendary
Activity: 1540
Merit: 1011
FUD Philanthropist™
This story has been posted before.. LOTS.

When do chucklefucks clue in that all this shit is scammy?

No idea why you all keep pretending trading profit coins on teh exchanger is a legit investment strategy.

I am not sorry for your loss.. Because I highly doubt you learned anything  Roll Eyes

PS:
I already knew your story.
All I did was guess then I read the comment before mine then edited my post.

In case you shit birds didn't figure it out yet?
That happens a lot.. Especially at POLONIEX & BITTREX.
Wonder why? LOL

I WISH IHAD MY OWN EXCHANGE  Grin
sr. member
Activity: 812
Merit: 256
I am sorry for your loss, I guess the only way is to create ticket from what the seniors mentioned in the previous reply and hope poloniex is able to help you recover the fund.

I came across a website which is trying to impose poloniex early this month. It has the same design and domain but it is not poloniex.com but something like poloniex.ru. It is on Google search page, did you accidentally login to the fake website and that is why the hacker managed to steal your password? Since I came across the website, I always login to poloniex through bookmark.

Try to include as many details as possible so that poloniex can try to help. Hope everything goes well for you.
newbie
Activity: 29
Merit: 0
what kind of person you are keeping your 18,000 $ without 2 step security ? even if i only had 10 bucks i will keep it secure, it your assets, no body can help for your own mistake... sorry to say it

I agree, I am the dumbest guy to do that, lesson learnt a very expensive one, but that is not the point of this post Sad
member
Activity: 260
Merit: 10
Thanks for your response BTCIV. But I am looking at options here BTCIV.

This is a clear case of theft and I have notified poloniex about it. 2FA is optional not mandatory by poloniex. I totally agree I should have had it on my account.

But nonetheless the money has been stolen from the exchange who were the custodian of my coins. Should they not do something about this? what are my options here to get this recovered. I have downloaded the list of trades the hacker did, i have have the market snapshot showing the irregular activity.

Please help me out here instead of just saying what has already happened Sad

Thanks

It depends on their terms of use. Have you read that? What does it say about insuring your deposited funds?
full member
Activity: 336
Merit: 101
C'mon guys,
2FA is not that complicated.

Use AUTHY, way better than google authenticator (cloud saves, easy migration on a 2ndary device)
full member
Activity: 252
Merit: 100
what kind of person you are keeping your 18,000 $ without 2 step security ? even if i only had 10 bucks i will keep it secure, it your assets, no body can help for your own mistake... sorry to say it
sr. member
Activity: 322
Merit: 250
legendary
Activity: 1652
Merit: 1088
CryptoTalk.Org - Get Paid for every Post!
Thanks for your response BTCIV. But I am looking at options here BTCIV.

This is a clear case of theft and I have notified poloniex about it. 2FA is optional not mandatory by poloniex. I totally agree I should have had it on my account.

But nonetheless the money has been stolen from the exchange who were the custodian of my coins. Should they not do something about this? what are my options here to get this recovered. I have downloaded the list of trades the hacker did, i have have the market snapshot showing the irregular activity.

Please help me out here instead of just saying what has already happened Sad

Thanks

You can ask them to investigate HOW the money was stolen. First, instead of sending an email, raise a ticket with support.

Once you have raised the ticket and have a ticket number, make an account on reddit, and then contact Mike-Poloniex (https://www.reddit.com/user/Mike-Poloniex/) via private mesage, quoting your ticket number and explaining what happened. They should be able to investigate and tell you the IP addresses of whoever stole your coins, and which countries they were in. After that, you need to contact the police to get them to track down the thieves.



Thanks for your response alyssa. I have already raised a ticked witht them and they have not yet gotten back to me. I have the ip address from where the hacker logged into my account. Ip address is 119.26.200.230, a quick search shows its from Kobe Japan, Jupiter Telecommunications Co.

Do you suggest I should speak to police in Japan? I am based in London,

thanks


Report it to your local police in London (I think they have a cybercrime unit and can achieve much more through their internal contacts than you attempting to solve things by yourself).
member
Activity: 79
Merit: 10
Yup basically accept it and move on, it's not anyone's fault but yours. Polo has no control over who has your pw, so it's not their problem. I wouldn't contact japanese police either, you can't expect them to do anything, especially just based off an ip which really just provides a general location. They'd probably just laugh you off.
newbie
Activity: 29
Merit: 0
if your account hacked then it is done, no one can help you about it or don't expecting polo to pay you back. simple as that.

Wooo, that's a bit harsh
legendary
Activity: 1764
Merit: 1000
if your account hacked then it is done, no one can help you about it or don't expecting polo to pay you back. simple as that.
newbie
Activity: 29
Merit: 0
Your money is lost, and it's a very expensive lesson for you, use secure computers, unique passwords and always enable two factor authentication.

Poloniex ain't gonna refund anything as you cannot show you're not the one defrauding them.

Police ain't gonna start an international investigation because so little money and also because you can be the one on both ends of that 'hack'.

Yes I know what you mean, but you can apply this argument to any crime, like lost/stolen item, the victim can always be the one defrauding the system/the insurers/the banks
member
Activity: 126
Merit: 10
a couple of lessons, ALWAYS use unique password or even special email accounts to make it even harder, just like linkedin hacks etc all ur previous passwords are already out in the open so stop (re)using old password, enable 2fa

mostlikely you wont get ur money back, sorry to hear about it hopefully in the next wave (whenever that is) you can make some nice profits and PLEASE..... TAKE OUT SOME PROFITS when u got some. because the most important rule is and will always be..... DONT PLAY WITH MONEY YOU CANT MISS!!!!
newbie
Activity: 29
Merit: 0
Someone got hold of my password and logged in from an IP address in Japan, I am based in London.
Here is how the money was stolen, He did not withdraw any. I had notional value of $17000 in different coins. He converted them to BCN, then he went on and started trading BCN on a very wide spread. He sat on the other side of the trade and kept buying and selling from my account, buying high and selling low, him collecting the spread in that time. He kept doing this until my $17000 was reduced to mere $400.

It was a hacker from Japan according to login email
Thats the thing which I don't get Undecided The thing is even if the hacker sells low and buy high from your account, there's no way he can ensure he is the want who will receive what you sell or what you buy. Did you set your settings such that you receive email notifications or require validation upon withdrawals?

I really have no clue what is going on, but there might be some reason behind such activity which is possible to find. I have some suspicions but I do not dare confirm for now.

He can make sure he is the one i trade with, as he chooses a very illiquid stock which has a very large spread, buying at 70 and selling at 40. He sits inside the spread at a low volume time and keeps trading very quickly and I keep paying him the spread of thirty until my funds get depleted. Does that make sense?

Yes I did have email setup, i got email at 2:50 am when i was asleep. The ip adress lookup shows an IP in Kobe Japan
newbie
Activity: 58
Merit: 0
Me. Mt. gox 2013. Didn't have 2FA enabled. Russian hacker got my PW from a Bitcoin forum dump and I had used the same email and PW for my Gox acct. Can't get any dumber than that.

$4000 in BTC at the time, lost.

I've never not used 2FA again. Most expensive but best lesson I've ever learned.
Pages:
Jump to: