Lads, just logged into my bittrex account and found all my money funnelled out. Daily reminder to always activate 2fa on trading websites. Lost over 2btc worth of coins.
>Feelsbadman
Please if any anons feel generous donate:
1QcbiwZzBKHLjBrwwrLujvnDTAEgvtcpU
2 years of trading down the drain because no 2fa
pic related
you would have gotten my sympathy if you didn't beg at the end
glad you got hacked
get fucked
lol shit
setting my 2fa now, what the fuck was your password?
It was pretty obscure, plenty of capitals and numbers. No idea how they logged in. They managed to log in at 1am when I was asleep so couldn't really disable account until I was rinsed
maybe it was your mom
has she bought any new lambos lately?
...
i lost 5btc in 2013 from my btc-e account from a computer virus that stole my passwords
hurts brah but you just gotta move on
Sounds like bullshit and phishing for free money to me.
With logins and withdrawals, Bittrex shouldve notified you through automated email.
In fact some people swear to keep 2fa turned off because once turned on, Bittrex will stop notifying you of any activity on your account, and hackers can do as they please without you knowing should they get access to your Authenticator.
I've heard so many stories like this about bittex. I'm glad I stopped using them.
if you feel bad for OP and want to help him donate here
1JofHvmAGXjoPiMjVwob4xUrNJRFDfGuQ1
i am an organisation who collects coins and helps people in need like OP
Bittrex is fine.
Poloniex is by far way more risky.
You need email verification for withdrawal, you are either lying or you've downloaded a keylogger or something
>he used an exchange without 2fa
this
people lose money on bittrex by being retards like op (sorry op if true btw, no offense)
I wouldn't trust poloniex with $1
you join any fishy pump and dump groups lately user?
Nah, someone from ireland managed to get my password. See ip in pic related
This. Bittrex requires email verification for withdrawal.
Look at The cunt funneled money from my ark coin to eth then rinsed that through lunyr coin. No withdrawal needed
>In fact some people swear to keep 2fa turned off because once turned on, Bittrex will stop notifying you of any activity on your account
That's bullshit. I have 2FA and still get my notifications.
Someone logged into my facebook connected to my hotmail yesterday. The account has 0 friends and the name isn't even legible. Hacker was from russia and somehow successfully changed my password but within the security setting of my email he never connected so I'm confused as to how he could have done it. Got a blockchain.info phishing email yesterday too on the same email address.
Sounds like a meme to me, you sure ur not just a trash investor
Nope, nothing. Emailed bittrex but he's probably withdrawn everything by now
First, try contacting Bittrex and explain the situation, I think they might track him down
Second, did you use the same email and password on some pajeet exchange? Any crypto-related website? Shitcoin wallet?
You can see the time where he dumped all my coins.
IP is provided by Amazon?
Weird. They must be using one of Amazon's servers?
Yeah, that's the way hackers work. Fill support ticket. Bittrex should definitely have logs about buying/selling history from these coins.
I really liked bittrex but their buy orders weren't working and I lost a lot of money because of it. When I clicked on them all the values said zero. I tried different browsers, computers, and eventually networks and they all did it so it wasn't on my end. I even asked people on here and they said it was doing it for them too. I emailed them and they responded three days later and said we'll look into it and never responded again. 10 days later it was still fucked up so I pulled all my money off their and sent them some angry drunken emails. It's probably fixed now but it really pissed me off when shit was crashing and I couldn't sell my coins. It cost me a lot of money and I don't think I will use them again because of it.
>managing coins with your regular computer/phone/email/passwords/etc.
you can try and find out who owns that amazon vps, don't sure how but it could be worth a shot
They had to get your password somehow.
They most likely phised you in a email or text to login at a certain website that looked similar to bittrex or something.
Are they installed a keylogger/malware on your computer.
Sent a ticket, no reply yet
OP,
>did you use the same email and password on some pajeet exchange? Any crypto-related website? Shitcoin wallet?
>tfw youre at work and cant check your bittrex account
i never use the same passwords for anything...but now I'm scared
That's sad my man. I've heard about other people having their bittrex accounts hacked too. There is additional security apart from 2FA to enable, if you own static IP address.
IP Whitelist, with this and 2FA you're pretty much 100% secure unless exchange itself gets hacked. Also enable 2FA on your e-mail address too. It doesn't matter how complicated your password is, hackers don't guess passwords they just retrieve it from data. Good luck too you. Even, if ticket won't help it should put some light on bittrex accounts being easy to hack...
Nope, only use poloniex and bittrex.
yeah if you use the same password & email/username on all the crypto exchanges
that's an easy way for an admin to gain access to your accounts at other sites
wew this made me transfer all of my 2fa to a dedicated phone which will remain offline
Maybe you installed some shitcoin wallet on your PC (which could be bundled with a keylogger)?
Because there must be a way they learned your email and password. And most likely you compromised it yourself.
Attention
You may have seen threads on Veeky Forums stating simply "Do not come to coinbase in the next few days"
These threads created on Veeky Forums over and over once or twice a day for maybe a week or two. The OP would never post again in his own thread afterwards. Yesterday this happened:
I suggest you guys move any holdings over to blockchain.info, the most secure and trusted wallet in the Bitcoin community. Set up your security tight.
Security is Crypto's kryptonite; just thinking about wallets and bullshit gives me headache. Then there is all the hacker bullshit.
Only electrum, doge and ARK. No other wallets installed
Yeah, anything I had left on poloniex i've transferred out and holding offline for a few years now. No point risking it anymore.
>leaving your shit on a non-fiat exchange
>not with withdrawing immediately after buying
My balance on bittrex is almost always zero or whatever miniscule amount of sats too small to withdraw, when i log out.
i need muh stop orders though
This, also "hacked"
I had overnight buy orders to fill, normally I do the same but got over confident this time
You should recall what you did on your PC, what sites you visited, what newsletters you're subscribed to and figure out how exactly your account was compromised. It's obviously not magic and not a random hack, just think of what could lead to your account getting stolen.
kek
Dude, same exact thing happened to me last week.
Had 1.5 BTC on bittrex due to pending trade, but at 1am, someone logged into my account and made a series of shit trades of ETH/LUN pissing away all of my money in 3 minutes...
Different IP address, but also traced back to Ireland.
I emailed bittrex, but they said they couldn't do anything since I didn't have 2fa activated.
It hurts man. I just enabled 2fa and am slowly trying to claw my way back, already back up nearly .5 BTC...
Just keep fighting
Damn, that's really strange, and must not be a coincidence
Your account data must have leaked from the same source
Yes because we all have the ability to just download terabytes worth of blockchain data for every single coin onto our computers and eat into our ISP bandwidth.
Sure, I get what I can off the exchange, and the majority are off, but its just not feasible for every single one of them.
Sucks but what can you do?
Fucking hell, exact same time too. Did you change pass+activate 2fa since then and has your account been safe? I'm hesitating putting my offline coins back up
That's some nasty shit.
It's frightening the number of hack stories from Bittrex users.
Poloniex has shit support and locks stuff for weeks sometimes, but people don't get outright hacked. Whereas Bittrex hacks are seemingly everywhere.
Also strange OP got his bittrex account hacked but not the poloniex one.
>being so dumb you keep coins on exchange
>being so fucking dumb you keep coins on exchange without 2-step verification
what did you expect? you fucking lazy piece of shits, I bet you don't lock your house because its too much efforts.
Oh wait, you sure as hell don't own a house you fucking kids
Change pw and enabled 2fa. Been a week and so far been safe, but only have approx .25 BTC worth of coins on there now... They probably only hit accounts with over 1 BTC to make it wrth their time.
Keeping everything else more secure.
Is there some way they can have a bot monitoring log-ins to find accounts without 2fa to exploit?
So, where do you think you got compromised?
>Is there some way they can have a bot monitoring log-ins to find accounts without 2fa to exploit?
Bittrex uses an encrypted SSL connection, so the only way it could happen is if they have spyware on your computer or you typed your password on some phishing site that looked exactly like Bittrex.com and redirected you to the real site right after you logged in. The latter is very probable, I believe.
No recent emails so phishing is out of the question imo, honestly I have no idea how they got in.
The only other way is that I signed up for some mining pools in 2013 so they may have kept an email list
U need to ad #%!^#%@& keys to ur password otherwise they can ne bruteforce with enough time n power
Phishing not only happens through email. One of the ways is if you randomly browsed crypto-related websites, one of the tabs displayed "Bittrex.com" which you could negligently take for the real one.
The mining pools are also a possiblity. Some of them could simply get hacked, and the hacker who got the email database knew that it's full of Bittrex users
did you fall for the faucets meme?
>he doesn't use 2fa
lmao it's the only way to not get fucked in the ass.
>OP hacked
This Bittrex hacking shit was posted a week ago, so it's true... I am out, got enough dough, FUCK IT !
If Bittrex was hacked, we would see news about it all over. I still think it's either phishing, or compromised passwords on some mining pool or shit
This fucking happened to my cousin. ENABLE 2FA, same shit coin buying and selling.
bittrex may have been hacked
OR, there may simply be a widespread Bittrex phishing clone that opens in pop-ups and redirects, particularly on crypto-related websites.
this thread finally forced my lazy ass to change my password to a "real" password and to enable 2FA.
thanks guys!
>"hacking"
what a bunch of gullible little weaklings, you are guys not ready for this world
Update
Apparently Bittrex phishing sites do exist. And not only that: just two years ago one of them managed to get approved by Google Adwords, which means it was displayed on top among the search results!
See this thread from 2015:
bitcointalk.org
Whenever you browse crypto-related websites, some sites may open a pop-up window or simply redirect themselves to a bogus "Bittrex.com" page, and then boom, if you're not careful enough, you're hacked.
In short, I think it's the most likely way of how OP and other unfortunate folks got compromised
>The cunt funneled money from my ark coin to eth then rinsed that through lunyr coin. No withdrawal needed
WTF does it even mean? What do you mean "no withdrawal needed"? How? How the fuck do you withdraw coins without withdrawing?
this happens when NEETs that have more than enough but refuse to pay deezer, legit office, legit windows, and steam. you deserve to get hack for using pirate shit or botnet loonix
Bittrex is a shit exchange, this was likely the case where they did a customer "hack" weekly lottery to pay for their strippers. This time the lottery fell on you. It happens often. Cryptocucks are easiest to scam.
Remember the old meme
Don't ivnest more than yu can julse :0 )
Technically, until it's proven that the leakage is on Bittrex's part, it's not their fault. The thing is, Bittrex phishing sites are not uncommon and many people could have fallen for them.
It was either a phishing site you dun goofed on, or you got a keylogger on your computer.
Bittrex boss's wife:
"Honeeey, I want a new fur coat"
sure thing babe, hold on
>"well...let's see who the lucky sheeple its this time hehehe"
>*rolling*
>"Nice, user seems to ahve lots of coins *devilish*"
>"We are sorry to inform you your account seems to be compromised"
Literally this
What's frightening is retards thinking their $1000+ are safe behind a simple fucking password on a fucking exchange
These faggots don't even have 2fa enabled. Plus, I'm sure they have spyware on their computer due to downloading anime and trap porn
They transfer all your alts into eth first. See Instead of withdrawing they buy high sell low until theres nothing left on your account.
>Instead of withdrawing they buy high sell low until theres nothing left on your account.
What is the fucking point of this lol?
So there is nothing left and? How does the hacker gain?
I think they set high sell orders on another account, and then buy from the stolen account. And typically using low-volume coins.
You join some trading bot which require API info aren't you, you fucking retard?
This is so fuckd up.
I'm tired of hearing about loser hackers stealing peoples coins.
Fiat is so much safer.
it means some exchange databases had leak, or they got a vulnerability. the info didn't got from the outside but from the exchange itself.
they only needed the data the exchange can't ask, the mail password.
so basically they had an entire protocol to what to do with "hotmail, gmail, icloud, aol" and act fast the other part they were ready with scrippt.
>but user if they had access to account why they didn't stole everything avoiding the email part?
when sql was vulnerable hackers didn't stole right away millions, they bleed the users in a long time with small amount. here the scenario has change, the money cant get back but it can be traced. the exchange would have crash ala mtgox.
so my wild guess is that people inside, just said "hey 0.03% hacking attacks are normal levels right?" "we can sell some info to a specialized forum and no one will never know".
>100 BTC worth list, sold at 30 BTC
Companies are good, people working inside can be shit. This will explain why they havent leak the main account ones. only randomly small ones.
Uh, I did this to use tabtrader am I fucked
>it means some exchange databases had leak, or they got a vulnerability. the info didn't got from the outside but from the exchange itself.
Not necessarily, in fact. There are phishing sites out there that look exactly like Bittrex.com, and they can show up when you browse crypto-related websites.
its doesn't explain the email part. if they were form phishing sites why did they had to cover the moves from email to reset?
the idea of phishing is to get the exchange pass and user and dump everything fast
this case SOMEHOW they had the USER and EMAIL relation. To me they had the exchange pass too, just that they didn't want to be so obvs, masking the mail hack to avoid their job getting entire responsibility.
>middle man between browser
>keylog
>phising
they dont need email pass but OP attacker did
many cases using the same modus operandi, so it wasn't taken from social engineering. but a from a databse.
>hey boss our system is perfect
>clients got their email hacked so they reseted their password here
>not our fault at all.! this shit is normal its under healthy levels.
In OP's case there's no email involved. They were not withdrawn, they were simply sold and purchased from another account.
Sorry to hear user. Just enables 2fa on all my shit : /
I.e. coins
is authy the same as 2fa?
still if someone under a different IP than yours logs into your account it should of sent off a warning or some other verification prompt
OP said it happened at night so we was sleeping
Why are you even trading crypto if you don't understand basic tech and security ideas like 2fa? Do you think the blockchain is an actual chain that someone writes transactions on in permenant marker? I sure know I'd like to get a linked list of heavy metal rings and give you a good kek or two.
Do you get confirmation email when you withdrow coins from Bittrex and you have enable 2fa?
Also, I have an explanation why hacking incidents are much more common with Bittrex than with Poloniex. Apparently Poloniex has a more advanced log-in screening (notice how before logging in it says "Checking your browser before accessing poloniex.com") which means you can't log in from a phishing website, you'll notice you've been scammed straight away. Since Bittrex doesn't have it, apparently it allows smooth authorization from phishing websites, which is exactly why they're widespread.
His coins got stolen in a different way, they were not withdrawn
so... is authy the same as 2fa? and wtf is a blocked chain?
LOL
I told you about buttrex months ago
there is literally the same thread on bitcointalk about that shit happening to dozens of accounts every few months
I warned you about buttrex
yes, and authy is token based auth, pretty fucking secure.
Because Bittrex is a popular target for phishing websites. It was already happening long before your "warning"