Godzilla99



Offline



Activity: 28

Merit: 0







NewbieActivity: 28Merit: 0 WARNING! 40 000 USD was stolen fom BTC-e.com account! February 14, 2015, 09:56:03 AM #1 It was only btc-e account was hacked, email box was not hacked, so the thief just traded all my 40 K USD to his profit and to my loss. He changed all my US dollars mostly to LTC, then sold LTC to CHG thats the way how he did that. When contacting with BTC-E support and wanted them to investigate the situation they answered approximately the next:



Hello, thank you for contacting btc-e support. We do investigation only when we have the official request from police (Police of what country they want???). We do all the possible to protect money of our clients. But you dint set two factors authentication, thats why we cant be responsible for safety of your account. Thank you, feel fee to contact us



So and other in the same style. You can blame only yourself, your computer full of viruses and you are poor victim of hackers and so on go f k yourself.





Further more to look closer to the way how it was done I suspect that somebody from the btc-e employees was involved or there SSL protocol is piece of shit and you can never be safe contacting btc-e.com. Also a history of the ip entrance gives a thought that the thief was exactly sure where he was doing,and how much money was there and that everything was ready for

stealing and all that was done from the first connection, and 30 minutes!



The thief entered my account only one time at the time of the robbery, and there was 40 K. So everything was ready for the stealing. He bought LTC from all the sellers, then sold LTC for CNH. It was also the time chosen ideally for the robbery when the order line was minimal, in order to gain maximum, and fast.

To maximise his profit when selling my dollars he should have also half of my money on his accounts.

My email box wasnt hacked so if to suppose virus on my computer which let the hacker now my password so in that case he easily took my email password too because it was much easier and more profitable to withdraw money through email confirmation.

If not having virus on my mac (Im experienced user, it is very rare situation having virus on mac, otherwise I should have installed it myself) that means that they have the big bug in there SSL protocol so that means that nobody is safe when connecting btc-e and that means that one day they announce as MTGOX did that we were hacked and all money was stolen

Even if I was fished, what is least probable because Im experienced user, so in that case having my password the hacker should have entered once before the robbery time, to be sure how much money is there and to plan the operation and collect the resources.

The say that they need official request from the police! Isnt it mockery is it? What country they need a police request? Cyprus? USA? Nigeria? Russia





And the only conclusion I can make from that situation that they dont want to investigate the situation because they understand that in that case they will find out that somebody of there employees is involved or there https connection has a big bug.

ajareselde



Offline



Activity: 1722

Merit: 1000



Satoshi is rolling in his grave. #bitcoin







LegendaryActivity: 1722Merit: 1000Satoshi is rolling in his grave. #bitcoin Re: WARNING! 40 000 USD was stolen fom BTC-e.com account! February 14, 2015, 10:42:36 AM #8 Quote from: redsn0w on February 14, 2015, 10:30:29 AM Quote from: Godzilla99 on February 14, 2015, 10:13:02 AM Quote from: Rannasha on February 14, 2015, 10:03:28 AM So you had $40K in your account and you didn't even set up 2FA?



Without 2FA there are so many ways an attacker can obtain your password.



If they have a thief inside a company, 2FA also will be hacked.

So tell me please the way how hackers can obtain my password, exluding trojan, and fishing? the only way to obtain my password from outside to hack https of btc-e?

If they have a thief inside a company, 2FA also will be hacked.So tell me please the way how hackers can obtain my password, exluding trojan, and fishing? the only way to obtain my password from outside to hack https of btc-e?

Maybe your 2FA device has a virus and the hacker can able to obtain the code. Contact agatin the btc-e support, only they can help you.

Maybe your 2FA device has a virus and the hacker can able to obtain the code. Contact agatin the btc-e support, only they can help you.

Quote Hello, thank you for contacting btc-e support. We do investigation only when we have the official request from police (Police of what country they want???). We do all the possible to protect money of our clients. But you dint set two factors authentication, thats why we cant be responsible for safety of your account. Thank you, feel fee to contact us



It seams like they ditched him off, blaming him alone for the theft because he had no 2fa enabled, which is insane, atleast they could track down where the money went and allow him to fight for his money.

Their support is terrible, i can confirm, but never did i expect something like this to happen.

Presuming op is telling the whole truth ofc.



cheers It seams like they ditched him off, blaming him alone for the theft because he had no 2fa enabled, which is insane, atleast they could track down where the money went and allow him to fight for his money.Their support is terrible, i can confirm, but never did i expect something like this to happen.Presuming op is telling the whole truth ofc.cheers

ajareselde



Offline



Activity: 1722

Merit: 1000



Satoshi is rolling in his grave. #bitcoin







LegendaryActivity: 1722Merit: 1000Satoshi is rolling in his grave. #bitcoin Re: WARNING! 40 000 USD was stolen fom BTC-e.com account! February 14, 2015, 11:04:08 AM #11 Quote from: user2 on February 14, 2015, 10:53:15 AM Quote from: ajareselde on February 14, 2015, 10:42:36 AM

It seams like they ditched him off, blaming him alone for the theft because he had no 2fa enabled, which is insane, atleast they could track down where the money went and allow him to fight for his money.

Their support is terrible, i can confirm, but never did i expect something like this to happen.

Presuming op is telling the whole truth ofc.



cheers



To be fair it's pretty hard for them to do something. Just think about it, the stolen account has been selling his LTC for CNH, CNH price went up. A lot of people made something on it. I personally made about btc in the ensuing panic. I saw in the btc-e trollbox people boasting about making much more. The thieves could have had several accounts. How do you suppose to go after them?

To be fair it's pretty hard for them to do something. Just think about it, the stolen account has been selling his LTC for CNH, CNH price went up. A lot of people made something on it. I personally made about btc in the ensuing panic. I saw in the btc-e trollbox people boasting about making much more. The thieves could have had several accounts. How do you suppose to go after them?

few years back there was a security breach with liberty reserve deposits, allowing the attacker to deposit fake usd in unlimited quantities,

attacker used funds to buy bitcoin and litecoin and then withdrew them, what btc-e did was to roll-back every transaction on btc-e to the state before the attack took place.



im not saying they should do the same now, but atleast they can investigate the theft, compare ip's used to login to his account and compare it to the ones that benefited the most out of trades.

its likely that the attacker used vpn, but maybe he didnt, maybe its just some skid that grabbed his login in some lame way, iwe seen alot of them over the years.

but to tell someone its their own faul and goodbye, well mister, you just lost some customers, presuming this story turns out to be true.



cheers few years back there was a security breach with liberty reserve deposits, allowing the attacker to deposit fake usd in unlimited quantities,attacker used funds to buy bitcoin and litecoin and then withdrew them, what btc-e did was to roll-back every transaction on btc-e to the state before the attack took place.im not saying they should do the same now, but atleast they can investigate the theft, compare ip's used to login to his account and compare it to the ones that benefited the most out of trades.its likely that the attacker used vpn, but maybe he didnt, maybe its just some skid that grabbed his login in some lame way, iwe seen alot of them over the years.but to tell someone its their own faul and goodbye, well mister, you just lost some customers, presuming this story turns out to be true.cheers

ik_do



Offline



Activity: 522

Merit: 500







Hero MemberActivity: 522Merit: 500 Re: WARNING! 40 000 USD was stolen fom BTC-e.com account! February 14, 2015, 11:16:40 AM #12 Before you go assuming your mac is perfect and your password alone is enough to protect you--it isn't. I've seen macs firsthand with viruses. Nowadays visiting a single website is enough to completely compromise your system.



My opinion:

-Not having 2FA enabled = asking for money to be stolen

-Keeping 40k worth of money on a website that could disappear at any moment = asking for money to be stolen

-Acting as if macs can't get viruses = asking for money to be stolen

-Using a service which doesn't send you an email to authorize every single transaction and then trusting said service with 40k USD = asking for money to be stolen

-"So everything was ready for the stealing." = you made it ready for stealing by not following basic security procedures (activating 2FA etc)



My questions (please answer all of these so we can see what factors may have attributed to this situation):

-Were you using wifi?

-Were you using a wireless keyboard?

-What browser do you use?

-Does anyone else use your computer?

-Do you share your wifi access with anyone else?

-How long is your password (roughly), is it a dictionary word? or is it a complicated set of numbers/letters.

-Do you share the same password on ANY other service ANYWHERE?



Regardless of you being slightly naive (my personal opinion anyway) with a lot of these, this service should still be assisting you (once they have identified you are the legitimate account holder).

FanEagle



Offline



Activity: 1624

Merit: 1045







LegendaryActivity: 1624Merit: 1045 Re: WARNING! 40 000 USD was stolen fom BTC-e.com account! February 14, 2015, 11:40:42 AM #17 and I'm still wondering how the hell they hacked into my email too.

The password I personally used was a complex one, but they still managed to enter and change it, and they even gone to my cex.io without issues and that password was one time used and they searched for any btc in it(luckily it was empty, I was only lurking there)

but still, they managed to reset some of many not bitcoin related websites/games password

But hell, I would never trust a website to hold 40K dollars, maybe only on my computer, inside a virtual machine.(If I break that virtual machine im damned to hell but, I would use that method.

ik_do



Offline



Activity: 522

Merit: 500







Hero MemberActivity: 522Merit: 500 Re: WARNING! 40 000 USD was stolen fom BTC-e.com account! February 14, 2015, 11:43:35 AM #19 Quote from: FanEagle on February 14, 2015, 11:40:42 AM and I'm still wondering how the hell they hacked into my email too.

The password I personally used was a complex one, but they still managed to enter and change it, and they even gone to my cex.io without issues and that password was one time used and they searched for any btc in it(luckily it was empty, I was only lurking there)

but still, they managed to reset some of many not bitcoin related websites/games password

But hell, I would never trust a website to hold 40K dollars, maybe only on my computer, inside a virtual machine.(If I break that virtual machine im damned to hell but, I would use that method.



Again if you're going to say your email address or any account was hacked please provide the following information:

-What operating system?

-What browser do you use?

-Were you using wifi?

-Were you using a wireless keyboard?

-Does anyone else use your computer (at ALL)?

-Do you share your wifi access with anyone else?

-How long is your password (roughly), is it a dictionary word? or is it a complicated set of numbers/letters.

-Do you share the same password on ANY other service ANYWHERE?

Again if you're going to say your email address or any account was hacked please provide the following information:-What operating system?-What browser do you use?-Were you using wifi?-Were you using a wireless keyboard?-Does anyone else use your computer (at ALL)?-Do you share your wifi access with anyone else?-How long is your password (roughly), is it a dictionary word? or is it a complicated set of numbers/letters.-Do you share the same password on ANY other service ANYWHERE?