Binance account hacked

brane.nikic87 · 30-10-2018 8:32pm #1

Hi everyone,

Today my binance account was hacked in matter of minutes.

So somehow they got into my e-mail and set up that all emails from Binance are immediately sent to bin so I don't see any e-mails coming from Binance on my phone. Second they logged on my Binance by cracking my password there (it was different then the one on my e-mail) and they broke through 2FA.
They sold all my altcoins and sent BTC to their address.

Looking at IP address it was done in Dublin (I doubt it as it is probably through VPN).

So what do you guys think what are my options for restoring my crypto? Should I report it to Gardai or is it already lost case?

P.S. Binance was not very helpful at all, they just sent me some automated response,

smacl · 30-10-2018 11:58pm

brane.nikic87 wrote: »

Hi everyone,

Today my binance account was hacked in matter of minutes.

So somehow they got into my e-mail and set up that all emails from Binance are immediately sent to bin so I don't see any e-mails coming from Binance on my phone. Second they logged on my Binance by cracking my password there (it was different then the one on my e-mail) and they broke through 2FA.
They sold all my altcoins and sent BTC to their address.

Looking at IP address it was done in Dublin (I doubt it as it is probably through VPN).

So what do you guys think what are my options for restoring my crypto? Should I report it to Gardai or is it already lost case?

P.S. Binance was not very helpful at all, they just sent me some automated response,

Sorry for your loss. I doubt the Gardai would have the skills to help much assuming they had the inclination. How was your 2fa hacked? That usually needs access to your phone. It might not help, but I'd have another go at binance suggesting their security was at fault and let them know you're going to kick up crap across all crypto forums and social media until you've received a more reasonable response. Sometimes being a long term royal pain in the arse to support channels gets the desired response.

brane.nikic87 · 31-10-2018 2:17pm

I have no clue how did they break through 2FA.

This is the latest response from Binance:

Hi,

Thank you for your follow up.

Two-factor authentication (2FA) does not make authentication 100% safe. There is no magic wand that will make your account invincible. However, it does make authentication much safer and harder to breach.
Most users believe that once they have activated 2FA they are 100% safe and this is a mistake, this idea makes users drop the guard when surfing on the internet and they end up disclosing their login, password and other personal information.

It is recommended that you search for the following term on the internet: "can 2fa be hacked" so you can find in the listed results different websites that explain this hacking activity.

As much as we would like to help you, we are sorry that as an exchange Binance will not be responsible to compensate for any loss or consequences caused by your failure to protect your account.

If you would like to investigate how your account was compromised, it is advised that you contact a security expert and conduct a thorough research.

If you choose to file a police report with your local law enforcement, we will do our best to assist and cooperate in the investigation.

Should you have any other questions, please feel free to contact us.
Kind regards,
Binance Support Team

I can't believe that they are telling me to hire private investigator. It's like if bank was robbed and your bank just tells you that they can't do anything and if you want your money hire private investigator.

I will try to tell them that I will spread their responses through whole crypto community and see what will they say.

smacl · 31-10-2018 2:47pm

Reading this article on 2FA hacks suggest re-use of session cookies to get back onto a given session on a given site. It also requires you to have fallen for a phishing scam of some kind to get an initial session cookie. If you get 2FAs through SMS or Authenticator, you should maybe check the dates of these messages and your browser history to see when and where you entered them.

A quick google search shows a fair number of binance accounts hacked over the last couple of months. The following reddit thread seems very similar to your own experience and may be of some value

smacl · 31-10-2018 2:53pm

FWIW, I've had other accounts hacked earlier this year through using the same passwords on multiple sites. A few big sites got hacked, and lifted user details apparently including weakly encoded passwords, of late. Just a guess but I reckon it was TicketMaster in my case as they notified me to change all my passwords following a breach on their site. I've since changed to using Dashlane to produce strong unique passwords for all sites I use regularly.

brane.nikic87 · 31-10-2018 4:20pm

Smacl, thank you for all replies.

The thing is I did not login-ed into this account for months as I was bot trading from Linux. And no one got a hold of my phone as this happened when I was on my tea break. I have checked my e-mail and it was not ever phished and of course I did not clicked link in some e-mail like its 1995

I have sent response on their message and I told them that I don't need to research how 2FA can be hacked the same way that I don't need to check how a bank can be robbed before I deposit my money. And at the end of the day enabling 2FA is part of their security procedure and why would they ask to enable it if it's so unsafe. It is their job to protect their customers and if they can't then they are not better than banks as they are always saying.

smacl · 31-10-2018 4:28pm

brane.nikic87 wrote: »

Smacl, thank you for all replies.

The thing is I did not login-ed into this account for months as I was bot trading from Linux. And no one got a hold of my phone as this happened when I was on my tea break. I have checked my e-mail and it was not ever phished and of course I did not clicked link in some e-mail like its 1995

I have sent response on their message and I told them that I don't need to research how 2FA can be hacked the same way that I don't need to check how a bank can be robbed before I deposit my money. And at the end of the day enabling 2FA is part of their security procedure and why would they ask to enable it if it's so unsafe. It is their job to protect their customers and if they can't then they are not better than banks as they are always saying.

Could well be the hack was at their end, but nigh on impossible to prove. Unfortunately they're not a bank, and my guess they won't help you unless it becomes difficult for them not to. Given they're in another jurisdiction any legal resource would also be difficult and potentially very expensive.

tcawley29 · 31-10-2018 5:03pm

brane.nikic87 wrote: »

Smacl, thank you for all replies.

The thing is I did not login-ed into this account for months as I was bot trading from Linux. And no one got a hold of my phone as this happened when I was on my tea break. I have checked my e-mail and it was not ever phished and of course I did not clicked link in some e-mail like its 1995

I have sent response on their message and I told them that I don't need to research how 2FA can be hacked the same way that I don't need to check how a bank can be robbed before I deposit my money. And at the end of the day enabling 2FA is part of their security procedure and why would they ask to enable it if it's so unsafe. It is their job to protect their customers and if they can't then they are not better than banks as they are always saying.

Is it a third party bot? Maybe thats responsible

banie01 · 31-10-2018 5:20pm

tcawley29 wrote: »

Is it a third party bot? Maybe thats responsible

Was just about to ask this, did you share an API key with an app or Bot?

Fixed spelling

tcawley29 · 31-10-2018 5:46pm

banie01 wrote: »

Was just about to ask this, did you share an API key with an app or Bot?

Fixed spelling

I wouldn't even access any other account on the same machine as a 3rd party bot for fear of keylogging

brane.nikic87 · 31-10-2018 5:56pm

It's a profit trailer, well know trading bot. And I have it running for more than a year. It's not some free online software that is infected with all sorts of things. And API is not allowed to withdraw, only to trade.

brane.nikic87 · 31-10-2018 5:58pm

tcawley29 wrote: »

I wouldn't even access any other account on the same machine as a 3rd party bot for fear of keylogging

No Bot is running on Linux VPS. I am accessing my Gmail and other accounts on windows PC. So two of them are not connected.

tcawley29 · 31-10-2018 6:07pm

brane.nikic87 wrote: »

It's a profit trailer, well know trading bot. And I have it running for more than a year. It's not some free online software that is infected with all sorts of things. And API is not allowed to withdraw, only to trade.

what bot is this? I wouldn't mind doing my own research

brane.nikic87 · 31-10-2018 6:55pm

tcawley29 wrote: »

what bot is this? I wouldn't mind doing my own research

No it's a well kmow bot. One of the best and API did not have permission to withdraw, just to buy and sell on exchange.

JJJJNR · 01-11-2018 9:27pm

There's no way they got past 2fa. They hacked your email and sent binance a photo of you probably your own security photo telling them to turn off 2fa.

brane.nikic87 · 01-11-2018 9:34pm

I don't think they could do it that way as I have never confirmed my identity on Binance on this account, so they don't know how I look. And they would probably have to change my password, but my password was the same after hacking.

JJJJNR · 01-11-2018 9:44pm

brane.nikic87 wrote: »

I don't think they could do it that way as I have never confirmed my identity on Binance on this account, so they don't know how I look. And they would probably have to change my password, but my password was the same after hacking.

You have to send them photo ID with the date, so they can verify the account. How were you able to hold coin without this.

What's the name of the trading bot your using btw.

brane.nikic87 · 02-11-2018 12:04am

You don't need to verify your account on Binance. Without verification, you have a daily limit of 2 BTC for withdrawal. With verification, you can withdraw 100BTC daily.

And trading bot is Profit Trailer

Binance account hacked

Comments