Lads, just logged into my bittrex account and found all my money funnelled out. Daily reminder to always activate 2fa on trading websites. Lost over 2btc worth of coins.
you would have gotten my sympathy if you didn't beg at the end
glad you got hacked
get fucked
Jack Baker
lol shit
setting my 2fa now, what the fuck was your password?
Jeremiah Harris
It was pretty obscure, plenty of capitals and numbers. No idea how they logged in. They managed to log in at 1am when I was asleep so couldn't really disable account until I was rinsed
Jeremiah Sullivan
maybe it was your mom has she bought any new lambos lately?
Jaxon Howard
...
Nicholas Taylor
i lost 5btc in 2013 from my btc-e account from a computer virus that stole my passwords
hurts brah but you just gotta move on
Ian Hill
Sounds like bullshit and phishing for free money to me.
With logins and withdrawals, Bittrex shouldve notified you through automated email.
In fact some people swear to keep 2fa turned off because once turned on, Bittrex will stop notifying you of any activity on your account, and hackers can do as they please without you knowing should they get access to your Authenticator.
Kevin Stewart
I've heard so many stories like this about bittex. I'm glad I stopped using them.
Jaxon Kelly
if you feel bad for OP and want to help him donate here 1JofHvmAGXjoPiMjVwob4xUrNJRFDfGuQ1 i am an organisation who collects coins and helps people in need like OP
Alexander Reed
Bittrex is fine.
Poloniex is by far way more risky.
Zachary Watson
You need email verification for withdrawal, you are either lying or you've downloaded a keylogger or something
Lincoln Robinson
>he used an exchange without 2fa
John Richardson
this
people lose money on bittrex by being retards like op (sorry op if true btw, no offense) I wouldn't trust poloniex with $1
Joshua Robinson
you join any fishy pump and dump groups lately user?
Nathan Rogers
Nah, someone from ireland managed to get my password. See ip in pic related
Anthony Nelson
This. Bittrex requires email verification for withdrawal.
Aiden Scott
Look at The cunt funneled money from my ark coin to eth then rinsed that through lunyr coin. No withdrawal needed
Aiden Taylor
>In fact some people swear to keep 2fa turned off because once turned on, Bittrex will stop notifying you of any activity on your account That's bullshit. I have 2FA and still get my notifications.
Angel Cooper
Someone logged into my facebook connected to my hotmail yesterday. The account has 0 friends and the name isn't even legible. Hacker was from russia and somehow successfully changed my password but within the security setting of my email he never connected so I'm confused as to how he could have done it. Got a blockchain.info phishing email yesterday too on the same email address.
Robert Gonzalez
Sounds like a meme to me, you sure ur not just a trash investor
Caleb Jackson
Nope, nothing. Emailed bittrex but he's probably withdrawn everything by now
Matthew Martin
First, try contacting Bittrex and explain the situation, I think they might track him down
Second, did you use the same email and password on some pajeet exchange? Any crypto-related website? Shitcoin wallet?
Kevin Young
You can see the time where he dumped all my coins.
Nicholas Russell
IP is provided by Amazon?
Weird. They must be using one of Amazon's servers?
Jason Adams
Yeah, that's the way hackers work. Fill support ticket. Bittrex should definitely have logs about buying/selling history from these coins.
Gabriel Moore
I really liked bittrex but their buy orders weren't working and I lost a lot of money because of it. When I clicked on them all the values said zero. I tried different browsers, computers, and eventually networks and they all did it so it wasn't on my end. I even asked people on here and they said it was doing it for them too. I emailed them and they responded three days later and said we'll look into it and never responded again. 10 days later it was still fucked up so I pulled all my money off their and sent them some angry drunken emails. It's probably fixed now but it really pissed me off when shit was crashing and I couldn't sell my coins. It cost me a lot of money and I don't think I will use them again because of it.
Landon Cooper
>managing coins with your regular computer/phone/email/passwords/etc.
Oliver Barnes
you can try and find out who owns that amazon vps, don't sure how but it could be worth a shot
Joseph White
They had to get your password somehow.
They most likely phised you in a email or text to login at a certain website that looked similar to bittrex or something.
Are they installed a keylogger/malware on your computer.
Aiden Taylor
Sent a ticket, no reply yet
Nolan Allen
OP, >did you use the same email and password on some pajeet exchange? Any crypto-related website? Shitcoin wallet?
Brody Nguyen
>tfw youre at work and cant check your bittrex account
i never use the same passwords for anything...but now I'm scared
Parker Butler
That's sad my man. I've heard about other people having their bittrex accounts hacked too. There is additional security apart from 2FA to enable, if you own static IP address. IP Whitelist, with this and 2FA you're pretty much 100% secure unless exchange itself gets hacked. Also enable 2FA on your e-mail address too. It doesn't matter how complicated your password is, hackers don't guess passwords they just retrieve it from data. Good luck too you. Even, if ticket won't help it should put some light on bittrex accounts being easy to hack...
Carson Sanders
Nope, only use poloniex and bittrex.
Landon Hall
yeah if you use the same password & email/username on all the crypto exchanges that's an easy way for an admin to gain access to your accounts at other sites
Owen Ward
wew this made me transfer all of my 2fa to a dedicated phone which will remain offline
Jayden Stewart
Maybe you installed some shitcoin wallet on your PC (which could be bundled with a keylogger)?
Because there must be a way they learned your email and password. And most likely you compromised it yourself.
Thomas Jackson
Attention
You may have seen threads on Veeky Forums stating simply "Do not come to coinbase in the next few days"
These threads created on Veeky Forums over and over once or twice a day for maybe a week or two. The OP would never post again in his own thread afterwards. Yesterday this happened:
I suggest you guys move any holdings over to blockchain.info, the most secure and trusted wallet in the Bitcoin community. Set up your security tight.
Cameron Gray
Security is Crypto's kryptonite; just thinking about wallets and bullshit gives me headache. Then there is all the hacker bullshit.
Colton Rogers
Only electrum, doge and ARK. No other wallets installed
Austin Taylor
Yeah, anything I had left on poloniex i've transferred out and holding offline for a few years now. No point risking it anymore.
Kevin Powell
>leaving your shit on a non-fiat exchange >not with withdrawing immediately after buying
My balance on bittrex is almost always zero or whatever miniscule amount of sats too small to withdraw, when i log out.
Charles Green
i need muh stop orders though
Benjamin Lopez
This, also "hacked"
Wyatt Rodriguez
I had overnight buy orders to fill, normally I do the same but got over confident this time
Christian Parker
You should recall what you did on your PC, what sites you visited, what newsletters you're subscribed to and figure out how exactly your account was compromised. It's obviously not magic and not a random hack, just think of what could lead to your account getting stolen.
Brody Ortiz
kek
Aaron White
Dude, same exact thing happened to me last week. Had 1.5 BTC on bittrex due to pending trade, but at 1am, someone logged into my account and made a series of shit trades of ETH/LUN pissing away all of my money in 3 minutes... Different IP address, but also traced back to Ireland. I emailed bittrex, but they said they couldn't do anything since I didn't have 2fa activated. It hurts man. I just enabled 2fa and am slowly trying to claw my way back, already back up nearly .5 BTC... Just keep fighting
Gabriel Brooks
Damn, that's really strange, and must not be a coincidence
Your account data must have leaked from the same source
James Cooper
Yes because we all have the ability to just download terabytes worth of blockchain data for every single coin onto our computers and eat into our ISP bandwidth.
Sure, I get what I can off the exchange, and the majority are off, but its just not feasible for every single one of them.
Sucks but what can you do?
Caleb Moore
Fucking hell, exact same time too. Did you change pass+activate 2fa since then and has your account been safe? I'm hesitating putting my offline coins back up
Adam Stewart
That's some nasty shit.
Easton Anderson
It's frightening the number of hack stories from Bittrex users. Poloniex has shit support and locks stuff for weeks sometimes, but people don't get outright hacked. Whereas Bittrex hacks are seemingly everywhere. Also strange OP got his bittrex account hacked but not the poloniex one.
Andrew Miller
>being so dumb you keep coins on exchange >being so fucking dumb you keep coins on exchange without 2-step verification what did you expect? you fucking lazy piece of shits, I bet you don't lock your house because its too much efforts. Oh wait, you sure as hell don't own a house you fucking kids
Jace Gonzalez
Change pw and enabled 2fa. Been a week and so far been safe, but only have approx .25 BTC worth of coins on there now... They probably only hit accounts with over 1 BTC to make it wrth their time. Keeping everything else more secure. Is there some way they can have a bot monitoring log-ins to find accounts without 2fa to exploit?
Cameron Williams
So, where do you think you got compromised?
Hudson Allen
>Is there some way they can have a bot monitoring log-ins to find accounts without 2fa to exploit? Bittrex uses an encrypted SSL connection, so the only way it could happen is if they have spyware on your computer or you typed your password on some phishing site that looked exactly like Bittrex.com and redirected you to the real site right after you logged in. The latter is very probable, I believe.
Owen Bennett
No recent emails so phishing is out of the question imo, honestly I have no idea how they got in.
The only other way is that I signed up for some mining pools in 2013 so they may have kept an email list
Caleb Ross
U need to ad #%!^#%@& keys to ur password otherwise they can ne bruteforce with enough time n power
Asher Sullivan
Phishing not only happens through email. One of the ways is if you randomly browsed crypto-related websites, one of the tabs displayed "Bittrex.com" which you could negligently take for the real one.
The mining pools are also a possiblity. Some of them could simply get hacked, and the hacker who got the email database knew that it's full of Bittrex users
Robert Peterson
did you fall for the faucets meme?
Xavier Fisher
>he doesn't use 2fa
lmao it's the only way to not get fucked in the ass.
Isaac Smith
>OP hacked This Bittrex hacking shit was posted a week ago, so it's true... I am out, got enough dough, FUCK IT !
Connor Miller
If Bittrex was hacked, we would see news about it all over. I still think it's either phishing, or compromised passwords on some mining pool or shit
Brody Collins
This fucking happened to my cousin. ENABLE 2FA, same shit coin buying and selling.
bittrex may have been hacked
Adrian Morris
OR, there may simply be a widespread Bittrex phishing clone that opens in pop-ups and redirects, particularly on crypto-related websites.
Jason Carter
this thread finally forced my lazy ass to change my password to a "real" password and to enable 2FA.
thanks guys!
Hudson Morris
>"hacking" what a bunch of gullible little weaklings, you are guys not ready for this world
Jeremiah Wilson
Update
Apparently Bittrex phishing sites do exist. And not only that: just two years ago one of them managed to get approved by Google Adwords, which means it was displayed on top among the search results! See this thread from 2015: bitcointalk.org/index.php?topic=1040901.0
Whenever you browse crypto-related websites, some sites may open a pop-up window or simply redirect themselves to a bogus "Bittrex.com" page, and then boom, if you're not careful enough, you're hacked.
In short, I think it's the most likely way of how OP and other unfortunate folks got compromised
Cooper Nelson
>The cunt funneled money from my ark coin to eth then rinsed that through lunyr coin. No withdrawal needed
WTF does it even mean? What do you mean "no withdrawal needed"? How? How the fuck do you withdraw coins without withdrawing?
Oliver Reyes
this happens when NEETs that have more than enough but refuse to pay deezer, legit office, legit windows, and steam. you deserve to get hack for using pirate shit or botnet loonix
Sebastian Miller
Bittrex is a shit exchange, this was likely the case where they did a customer "hack" weekly lottery to pay for their strippers. This time the lottery fell on you. It happens often. Cryptocucks are easiest to scam. Remember the old meme
Don't ivnest more than yu can julse :0 )
John Ward
Technically, until it's proven that the leakage is on Bittrex's part, it's not their fault. The thing is, Bittrex phishing sites are not uncommon and many people could have fallen for them.
Owen Lewis
It was either a phishing site you dun goofed on, or you got a keylogger on your computer.
Lincoln Garcia
Bittrex boss's wife: "Honeeey, I want a new fur coat"
sure thing babe, hold on
>"well...let's see who the lucky sheeple its this time hehehe"
>*rolling*
>"Nice, user seems to ahve lots of coins *devilish*"
>"We are sorry to inform you your account seems to be compromised"
Literally this
Tyler Cox
What's frightening is retards thinking their $1000+ are safe behind a simple fucking password on a fucking exchange
These faggots don't even have 2fa enabled. Plus, I'm sure they have spyware on their computer due to downloading anime and trap porn
Ayden Richardson
They transfer all your alts into eth first. See Instead of withdrawing they buy high sell low until theres nothing left on your account.
Easton Foster
>Instead of withdrawing they buy high sell low until theres nothing left on your account.
What is the fucking point of this lol?
So there is nothing left and? How does the hacker gain?
Parker Cook
I think they set high sell orders on another account, and then buy from the stolen account. And typically using low-volume coins.
Adam Sanchez
You join some trading bot which require API info aren't you, you fucking retard?
Andrew Scott
This is so fuckd up. I'm tired of hearing about loser hackers stealing peoples coins. Fiat is so much safer.
Tyler Davis
it means some exchange databases had leak, or they got a vulnerability. the info didn't got from the outside but from the exchange itself.
they only needed the data the exchange can't ask, the mail password.
so basically they had an entire protocol to what to do with "hotmail, gmail, icloud, aol" and act fast the other part they were ready with scrippt.
>but user if they had access to account why they didn't stole everything avoiding the email part?
when sql was vulnerable hackers didn't stole right away millions, they bleed the users in a long time with small amount. here the scenario has change, the money cant get back but it can be traced. the exchange would have crash ala mtgox.
so my wild guess is that people inside, just said "hey 0.03% hacking attacks are normal levels right?" "we can sell some info to a specialized forum and no one will never know".
>100 BTC worth list, sold at 30 BTC
Companies are good, people working inside can be shit. This will explain why they havent leak the main account ones. only randomly small ones.
Charles Hall
Uh, I did this to use tabtrader am I fucked
Landon Barnes
>it means some exchange databases had leak, or they got a vulnerability. the info didn't got from the outside but from the exchange itself. Not necessarily, in fact. There are phishing sites out there that look exactly like Bittrex.com, and they can show up when you browse crypto-related websites.
Samuel Clark
its doesn't explain the email part. if they were form phishing sites why did they had to cover the moves from email to reset?
the idea of phishing is to get the exchange pass and user and dump everything fast
this case SOMEHOW they had the USER and EMAIL relation. To me they had the exchange pass too, just that they didn't want to be so obvs, masking the mail hack to avoid their job getting entire responsibility.
>middle man between browser >keylog >phising they dont need email pass but OP attacker did
many cases using the same modus operandi, so it wasn't taken from social engineering. but a from a databse.
>hey boss our system is perfect >clients got their email hacked so they reseted their password here >not our fault at all.! this shit is normal its under healthy levels.
Jack Cook
In OP's case there's no email involved. They were not withdrawn, they were simply sold and purchased from another account.
Easton Anderson
Sorry to hear user. Just enables 2fa on all my shit : /
Tyler Bennett
I.e. coins
Anthony Cruz
is authy the same as 2fa?
Andrew Thompson
still if someone under a different IP than yours logs into your account it should of sent off a warning or some other verification prompt
Thomas Perez
OP said it happened at night so we was sleeping
Samuel Roberts
Why are you even trading crypto if you don't understand basic tech and security ideas like 2fa? Do you think the blockchain is an actual chain that someone writes transactions on in permenant marker? I sure know I'd like to get a linked list of heavy metal rings and give you a good kek or two.
Dylan Ramirez
Do you get confirmation email when you withdrow coins from Bittrex and you have enable 2fa?
Daniel Phillips
Also, I have an explanation why hacking incidents are much more common with Bittrex than with Poloniex. Apparently Poloniex has a more advanced log-in screening (notice how before logging in it says "Checking your browser before accessing poloniex.com") which means you can't log in from a phishing website, you'll notice you've been scammed straight away. Since Bittrex doesn't have it, apparently it allows smooth authorization from phishing websites, which is exactly why they're widespread.
His coins got stolen in a different way, they were not withdrawn
David Powell
so... is authy the same as 2fa? and wtf is a blocked chain?
Joseph Cox
LOL I told you about buttrex months ago there is literally the same thread on bitcointalk about that shit happening to dozens of accounts every few months
I warned you about buttrex
Ian Collins
yes, and authy is token based auth, pretty fucking secure.
Carter Rivera
Because Bittrex is a popular target for phishing websites. It was already happening long before your "warning"