Both of my Poloniex and Bittrex Accounts Got Hacked!
First of all I'm completely stunned by this and I still don't understand how did this happen. I went to login to Bittrex after I wrote my blog today, I haven't been on Bittrex for 10 days and immediately I couldn't log in, wrong username or password message interrupted me.
I suspected bad play was at hand and I went to check my Poloniex account as well, same thing, wrong account name or password message happened.
Panic started to come in very soon after I opened a ticket on Bittrex. Maybe 3h later they confirmed I've been hacked and that my funds have been stolen!
I was always safe, this is something completely unexpected, I might be a target of a planned attack because both accounts were compromised. I had around 1600$ worth of crypto on Bittrex, 270$ on Poloniex. Everything is gone now.
This is crazy... I'm clueless on what to do next.. There are some very bad people out there, be safe always, I thought I was safe, but sometimes that is not enough.
These are the kind of things that make crypto lag behind, no regulation. Sorry about this.
Precisely, it is a wild wild west out there.
Same thing happened to me on open ledger few months ago, I opened a ticket too and did all they asked, luckily for me they initiated a reimbursement program and I got refunded after a couple of months. Calm down, it might take time but all hope is not lost.
Bittrex support specifically said that they can't return anything, the funds were stolen.
did u have 2FA set?
No, unfortunately. The hacker once he broke my passwords activated his own 2FA on my account. Now when I changed my passwords I still can't get inside my account because the hackers 2FA is still activated. What a mess.
Awe man....sorry this happened to you. That's one of the risks of a centralized exchange. Bummer....
Yeah it sucks. You never expect this to happen to you, but it does and you can't do shit about it. 2000$ gone just like that, and the scum behind the theft is walking free and with no care in the world..
It fucking sucks, man. I feel awful for you. The nasty thing about crypto is, there's not much you can do. No authorities to contact, etc.
Try to hang in there, man.
I feel absolutely powerless, this still hasn't even kicked in. That money would help me a lot in coming months and now it's gone.
Not good. Nothing seems safe, but desktop wallets seem a bit better
I don't even have a clue how did I get hacked, I never clicked on any phishing site, I use different password on every account. The bastards got to my mail somehow, I think that was the weakest link I had.
It is weird that both accounts got hacked, seems like personal attack. Mail could be the weak spot.
Desktop is also insecure. Best is hardware wallets for supported crypto. I would recommend Ledger (I have a referral if you are interested, on any of my crypto themed posts).
Sorry to hear man. Did you have 2factor authentication on?
No, and that was the reason why hacker could remove the funds with ease. I was careless not to use 2FA, a hard lesson to learn today.
Damn man. That sucks hard core. Best I can do is give you a 100% upvote. Just let everyone know about 2factor.
But it's also a double edge sword. Anyone who gets access to where your 2 factor is. Has access to everything but your password. But if you stay logged in, then your shit out of luck anyway.
I now guard my phone like a maniac.
Tnx, something small to ease the pain is always welcome. That internet security, specially in crypto must be taken extremely seriously. It is good that I didn't have more sitting around, that would be extremely devastating.
Really sorry to hear, but with 2FA disabled you're actually an easy target. Didn't even know that these exchanges would allow you to keep 2FA switched off...
Posted using Partiko Android
They do, it is easy to disable 2FA, I did it for the convenience and in the end payed the price for it.
Hi @moon32walker!
Your post was upvoted by @steem-ua, new Steem dApp, using UserAuthority for algorithmic post curation!
Your UA account score is currently 5.295 which ranks you at #716 across all Steem accounts.
Your rank has dropped 4 places in the last three days (old rank 712).
In our last Algorithmic Curation Round, consisting of 324 contributions, your post is ranked at #198.
Evaluation of your UA score:
Feel free to join our @steem-ua Discord server
Man this sucks. For all my exchange accounts I have 2FA enabled the moment I create the account. Also email (with 2FA on the email) approvals for all withdrawals. It's a pain in the arse sometimes, but it is best to be safe. Polo and Bittrex are centralised exchanges, maybe they can help? Although, I assume funds are long traded or transferred out.
I would definitely recommend a hardware wallet for any significant amount (exchange crypto are also not owned crypto). Again it is a pain in the bum, but you can be sure you own the crypto, cut down on multiple wallets and have a dedicated secure device. I would recommend Ledger, there are referral links on any of my crypto themed posts if you are interested.
Everything is stolen, not even one satoshi is left on my bittrex account. Also they did jack shit to stop this attack, and now they are huge pain in the ass for not letting me recover my account faster. I've been into crypto space for almost 3 years and this has never happened to me. The worst feeling one can get, and you can't do shit about it.
I understand your frustration, I know it isn't what you want to hear at the moment, but I'm sure the reason for slow account recovery is as a protection against social engineering attacks on the support system.
That said, most of the crypto Exchanges have pretty poor support, I had a bit of an annoying experience last year which made me move to a different fiat on ramp.
You didn't mention polo, did they freeze that account if there was anything left in there?
Polo support is even slower, they still haven't confirmed anything. But I have a strong feeling everything is gone from there too, probably 99% chance everything is gone. The main chunk of my crypto was stored on Bittrex unfortunately.
Ouch! Same thing happened to me with a site called coindirect but the problem was their 2FA wasn't working on their side and the hacker sent around the same amount of crypto too. I saw the hacker sent it to an account on bittrex and mailed them to block that wallet but they weren't much help so yeah I just gave up.
It really got me down too but i've since traded my way back and earned with steem so im back to where I was but that took me months. I feel your pain but yeah nothing you can do now but move on.
Maybe get a password randomiser application you can use too. If its two different sites clearly this hacker is checking what exchanges you use and trying to get in.
Yeah, it is bad atm, but life goes on, I will recover from this. He broke inside my email, that is how he managed to change passwords and enable his own 2FA, he left nothing and no trace of him anymore.