Topic: WARNING! 40 000 USD was stolen fom BTC-e.com account! - page 2. (Read 10771 times)

Disclaimer: I always use 2FA to secure the access to my accounts.

Having said that it is fucking ridiculous that the OP user is blamed by many in this thread for not having 2FA in his account. Because ... there is an absolutely doggy exchange nobody knows it operates where, perhaps it is in fucking Bulgaria or perhaps it is in Zimbabwe, we don't know where, it uses Czech banks and having registered the business in Cyprus by nobody knows who ... but regardless wherever and whoever they are the exchange is offering a service of performing financial transactions and the condition of the service was clearly not that the user must have 2FA. The terms of conditions isn't that must have 2FA otherwise the exchange unable to keep safe the coins - quite the opposite, any sane person quite rightly would assume and expect that the exchange (by definition) will keep the coins safe or if there is a claim that the coins were stolen then the exchange would do a full and thorough investigation instead of saying that fuck off because the user must have 2FA. Yes, the best practice is having 2FA settings, but since it was not the condition of the service the exchange must look into the case and take responsibilities for the loss of the funds. I am sure the exchanges experience with many false claims about stolen funds, but for that reason the dealing with complaints must be a standard procedure and the communication (IP Addresses, etc) and transaction logs must be available for users who initiate a complaint without police investigation.

The jurisdiction is Cyprus. I suggest the user contact the Cyprus police and bring the crooks of BTC-E to justice, it is time the owners pay for the doggy anonymous jamboree when they take the commission and profit from the transactions, but not willing to take responsibility of their poor system security and business practices.

Your only avenue of recourse seems to be reporting the matter to the police. No one else is going to be able to help you.

I'm glad that you have been swayed, as much as any security feature can be hacked they do actually exist for a reason and make a serious difference in protecting you.

Best of luck.

I'm allready swayed! But question is quite different! There is my fault that I have not payed attention   . But what I'm trying to say that there is there fault too and .
1) If ssl or tls is easy to be hacked  http://resources.infosecinstitute.com/end-ssl-poodle/
they should inform about that  in that case 2FA should be obligatory!
2) They should care about the clients like me (keeping that amount of money there) and investigate this case carefully because there is a big chance that is not me is hacked but them

You should also link to some resources that cover how 2FA can help to stop unauthorized access.

Given that the exchange just had 7000+ BTC stolen you're probably never going to get help (even with a warrant).

And there are the links to posts about the fact  SSL and TLS protocols has a big holes in architecture  which means that
it can easily be hacked!
In english
http://resources.inf...end-ssl-poodle/
In Russian
https://xakep.ru/2014/10/15/poodle
https://xakep.ru/2014/12/09/poodle-tls

I'm not a troll this are screenshots and hystory of the thief
My account screenshot http://takebin.com/u/0FC2B0F46c
Here are esxamples of  screenshots of the deals
http://takebin.com/u/b388b2046f
http://takebin.com/u/1F62B33F07
http://takebin.com/u/a672126fAa
http://takebin.com/u/263275A427
Here is the full story in RTF of how the money was stolen
http://takebin.com/u/5141367820

You are being unreasonable. No one would bother hacking a email than a 40,000 USD account. The possibility of malware infection on your computer is high considered that theres no 2FA configured on your account. If it is a inside job, there would most likely be no trade of IP logins.

I don't personally think its someone making this up; but everything on here (whether from ranked members or new accounts) should be taken with a grain of salt until proven otherwise.

We should still, as a community, read what this person has said to offer advice etc--in this instance the original poster honestly believes that 2FA is pointless and does not want to be swayed the other way. Good for them.

No no, he was wrong because he didn't set up the 2FA but he was also unfortunately unlucky. The first thing that I do when I register in a site it is to check if "they" are using the 2FA , and then set up it.

Don't know if it's a troll or not but somebody lost a lot of money on Feb 6th on LTC/CNH market that is for sure.

Also makes me wonder how many of these strange flash crash & price spike incidents that are blamed on "fat finger" traders and bots gone haywire are really hacked accounts having their funds stolen through transactions.

Put up the sign.... "Do not feed the troll"

It's just another newbie account, claiming ...."My coins were stolen" !!! .......Anyone can post @#$% like that.

I would take this seriously when it's coming from a ranked member with a good reputation.

If it's real, and from a ranked member trying to hide his/her real identity... then I apologize in advance and says one word.... 2FA 

so op has 40k on btc-e without 2 factor auth?  anyone else feel like leaving your money to be stolen.  maybe a few bucks without 2fa but 40k?  i think not.  seems if it was an inside job they wouldnt need the email confirmation.

i really doubt op had that much in there.  but who knows.  anyways these exchanges are not to be trusted.

+1, I always open my g-email with 2FA although I have 100 USD or 10k USD there, the simple computer security knowledge is necessary. Very sad about this guy, hackers are becoming richer, damn!

you din’t set two factors authentication That's the point, why didn't set it?

Did u usually chat in the trollbox? All guys talk there will get phishing emails, I guess you were fooled by the phishing emails.

Read the thread fully. This is why I find the initial post to be misleading--nothing was theoretically stolen, just someone accessed this person's account and made unauthorized trades.

This is what turns some of clients off from creating 2fa on btc-e (https://btc-e.com/profile#security/2fa)


Its not even translated to english, funny for a site with so much daily trading volume

2FA enabled or GTFO.   

But really, can someone explain how this happened? 

BTC-e requires clicking a email confirmation link for withdrawals (even without 2FA).  And didn't the OP say his email was not compromised?  Or was it... 

Who here even believes that he was hacked 40k??

I do not believe him and if i did, i would laugh anyway i use 2fa on holdings on $500 on an exchange anyone that loses that amount without securing it takes full responsibility for being one of the stupidest people i have met on this forum/real life.

How do you feel knowing you're funds would have been safe had you took 2 minutes to enable 2fa?

If those money never left exchange due to AML rules, then the loss is small, not stolen