Advertisement
If you have a new account but are having problems posting or verifying your account, please email us on [email protected] for help. Thanks :)
Private profiles - please note that profiles marked as private will soon be public. This will facilitate moderation so mods can view users' warning histories. All of your posts across the site will appear on your profile page (including PI, RI). Groups posts will remain private except to users who have access to the same Groups as you. Thread here
Some important site news, please read here. Thanks!

Binance account hacked

  • 30-10-2018 7:32pm
    #1
    Registered Users Posts: 81 ✭✭ brane.nikic87
    Registered User


    Hi everyone,

    Today my binance account was hacked in matter of minutes.

    So somehow they got into my e-mail and set up that all emails from Binance are immediately sent to bin so I don't see any e-mails coming from Binance on my phone. Second they logged on my Binance by cracking my password there (it was different then the one on my e-mail) and they broke through 2FA.
    They sold all my altcoins and sent BTC to their address.

    Looking at IP address it was done in Dublin (I doubt it as it is probably through VPN).

    So what do you guys think what are my options for restoring my crypto? Should I report it to Gardai or is it already lost case?

    P.S. Binance was not very helpful at all, they just sent me some automated response,


Comments

  • Moderators, Society & Culture Moderators Posts: 15,421 Mod ✭✭✭✭ smacl
    Moderator


    Hi everyone,

    Today my binance account was hacked in matter of minutes.

    So somehow they got into my e-mail and set up that all emails from Binance are immediately sent to bin so I don't see any e-mails coming from Binance on my phone. Second they logged on my Binance by cracking my password there (it was different then the one on my e-mail) and they broke through 2FA.
    They sold all my altcoins and sent BTC to their address.

    Looking at IP address it was done in Dublin (I doubt it as it is probably through VPN).

    So what do you guys think what are my options for restoring my crypto? Should I report it to Gardai or is it already lost case?

    P.S. Binance was not very helpful at all, they just sent me some automated response,

    Sorry for your loss. I doubt the Gardai would have the skills to help much assuming they had the inclination. How was your 2fa hacked? That usually needs access to your phone. It might not help, but I'd have another go at binance suggesting their security was at fault and let them know you're going to kick up crap across all crypto forums and social media until you've received a more reasonable response. Sometimes being a long term royal pain in the arse to support channels gets the desired response.


  • Registered Users Posts: 81 ✭✭ brane.nikic87
    Registered User


    I have no clue how did they break through 2FA.

    This is the latest response from Binance:
    Hi,

    Thank you for your follow up.

    Two-factor authentication (2FA) does not make authentication 100% safe. There is no magic wand that will make your account invincible. However, it does make authentication much safer and harder to breach.
    Most users believe that once they have activated 2FA they are 100% safe and this is a mistake, this idea makes users drop the guard when surfing on the internet and they end up disclosing their login, password and other personal information.

    It is recommended that you search for the following term on the internet: "can 2fa be hacked" so you can find in the listed results different websites that explain this hacking activity.

    As much as we would like to help you, we are sorry that as an exchange Binance will not be responsible to compensate for any loss or consequences caused by your failure to protect your account.

    If you would like to investigate how your account was compromised, it is advised that you contact a security expert and conduct a thorough research.

    If you choose to file a police report with your local law enforcement, we will do our best to assist and cooperate in the investigation.

    Should you have any other questions, please feel free to contact us.
    Kind regards,
    Binance Support Team

    I can't believe that they are telling me to hire private investigator. It's like if bank was robbed and your bank just tells you that they can't do anything and if you want your money hire private investigator.

    I will try to tell them that I will spread their responses through whole crypto community and see what will they say.


  • Moderators, Society & Culture Moderators Posts: 15,421 Mod ✭✭✭✭ smacl
    Moderator


    Reading this article on 2FA hacks suggest re-use of session cookies to get back onto a given session on a given site. It also requires you to have fallen for a phishing scam of some kind to get an initial session cookie. If you get 2FAs through SMS or Authenticator, you should maybe check the dates of these messages and your browser history to see when and where you entered them.

    A quick google search shows a fair number of binance accounts hacked over the last couple of months. The following reddit thread seems very similar to your own experience and may be of some value


  • Moderators, Society & Culture Moderators Posts: 15,421 Mod ✭✭✭✭ smacl
    Moderator


    FWIW, I've had other accounts hacked earlier this year through using the same passwords on multiple sites. A few big sites got hacked, and lifted user details apparently including weakly encoded passwords, of late. Just a guess but I reckon it was TicketMaster in my case as they notified me to change all my passwords following a breach on their site. I've since changed to using Dashlane to produce strong unique passwords for all sites I use regularly.


  • Registered Users Posts: 81 ✭✭ brane.nikic87
    Registered User


    Smacl, thank you for all replies.

    The thing is I did not login-ed into this account for months as I was bot trading from Linux. And no one got a hold of my phone as this happened when I was on my tea break. I have checked my e-mail and it was not ever phished and of course I did not clicked link in some e-mail like its 1995 :)

    I have sent response on their message and I told them that I don't need to research how 2FA can be hacked the same way that I don't need to check how a bank can be robbed before I deposit my money. And at the end of the day enabling 2FA is part of their security procedure and why would they ask to enable it if it's so unsafe. It is their job to protect their customers and if they can't then they are not better than banks as they are always saying.


  • Advertisement
  • Moderators, Society & Culture Moderators Posts: 15,421 Mod ✭✭✭✭ smacl
    Moderator


    Smacl, thank you for all replies.

    The thing is I did not login-ed into this account for months as I was bot trading from Linux. And no one got a hold of my phone as this happened when I was on my tea break. I have checked my e-mail and it was not ever phished and of course I did not clicked link in some e-mail like its 1995 :)

    I have sent response on their message and I told them that I don't need to research how 2FA can be hacked the same way that I don't need to check how a bank can be robbed before I deposit my money. And at the end of the day enabling 2FA is part of their security procedure and why would they ask to enable it if it's so unsafe. It is their job to protect their customers and if they can't then they are not better than banks as they are always saying.

    Could well be the hack was at their end, but nigh on impossible to prove. Unfortunately they're not a bank, and my guess they won't help you unless it becomes difficult for them not to. Given they're in another jurisdiction any legal resource would also be difficult and potentially very expensive.


  • Registered Users Posts: 1,830 ✭✭✭ tcawley29
    Registered User


    Smacl, thank you for all replies.

    The thing is I did not login-ed into this account for months as I was bot trading from Linux. And no one got a hold of my phone as this happened when I was on my tea break. I have checked my e-mail and it was not ever phished and of course I did not clicked link in some e-mail like its 1995 :)

    I have sent response on their message and I told them that I don't need to research how 2FA can be hacked the same way that I don't need to check how a bank can be robbed before I deposit my money. And at the end of the day enabling 2FA is part of their security procedure and why would they ask to enable it if it's so unsafe. It is their job to protect their customers and if they can't then they are not better than banks as they are always saying.

    Is it a third party bot? Maybe thats responsible


  • Registered Users Posts: 14,621 ✭✭✭✭ banie01
    Registered User


    tcawley29 wrote: »
    Is it a third party bot? Maybe thats responsible

    Was just about to ask this, did you share an API key with an app or Bot?

    Fixed spelling


  • Registered Users Posts: 1,830 ✭✭✭ tcawley29
    Registered User


    banie01 wrote: »
    Was just about to ask this, did you share an API key with an app or Bot?

    Fixed spelling

    I wouldn't even access any other account on the same machine as a 3rd party bot for fear of keylogging


  • Registered Users Posts: 81 ✭✭ brane.nikic87
    Registered User


    It's a profit trailer, well know trading bot. And I have it running for more than a year. It's not some free online software that is infected with all sorts of things. And API is not allowed to withdraw, only to trade.


  • Advertisement
  • Registered Users Posts: 81 ✭✭ brane.nikic87
    Registered User


    tcawley29 wrote: »
    I wouldn't even access any other account on the same machine as a 3rd party bot for fear of keylogging


    No Bot is running on Linux VPS. I am accessing my Gmail and other accounts on windows PC. So two of them are not connected.


  • Registered Users Posts: 1,830 ✭✭✭ tcawley29
    Registered User


    It's a profit trailer, well know trading bot. And I have it running for more than a year. It's not some free online software that is infected with all sorts of things. And API is not allowed to withdraw, only to trade.

    what bot is this? I wouldn't mind doing my own research


  • Registered Users Posts: 81 ✭✭ brane.nikic87
    Registered User


    tcawley29 wrote: »
    what bot is this? I wouldn't mind doing my own research

    No it's a well kmow bot. One of the best and API did not have permission to withdraw, just to buy and sell on exchange.


  • Closed Accounts Posts: 4,791 JJJJNR


    There's no way they got past 2fa. They hacked your email and sent binance a photo of you probably your own security photo telling them to turn off 2fa.


  • Registered Users Posts: 81 ✭✭ brane.nikic87
    Registered User


    I don't think they could do it that way as I have never confirmed my identity on Binance on this account, so they don't know how I look. And they would probably have to change my password, but my password was the same after hacking.


  • Closed Accounts Posts: 4,791 JJJJNR


    I don't think they could do it that way as I have never confirmed my identity on Binance on this account, so they don't know how I look. And they would probably have to change my password, but my password was the same after hacking.

    You have to send them photo ID with the date, so they can verify the account. How were you able to hold coin without this.

    What's the name of the trading bot your using btw.


  • Registered Users Posts: 81 ✭✭ brane.nikic87
    Registered User


    You don't need to verify your account on Binance. Without verification, you have a daily limit of 2 BTC for withdrawal. With verification, you can withdraw 100BTC daily.

    And trading bot is Profit Trailer


Advertisement