Hacked on Bittrex
So yeah, woke up this morning to find my account of 1.5 btc comprised and just wanted to know what are you guys' thoughts on how it could have happened.
Granted, it was my own fault for not having two-factor authentication implemented but to risk it from happening again, I'd like to find out how it went down, so yeah no need to remind me of my stupidity.
This is how it all went down and I appreciate any input.
So as I stated, my bittrex account was only secured by my login password. This morning I woke up and tried to access my bittrex account as usual. I have my login and password infos saved to chrome so I've never had to input any of my login infos. As I click to log in I am prompted to enter a two factor authentication code which I've never implemented, imagine my suprise. By this time I realize that I've probably been hacked so I visit my email for confirmations. I see nothing new in my inbox but find newly deleted messages in my deleted bin. There I find 3 deleted emails: one of bittrex informing me of a new IP login, one of a notification from bittrex that a two-factor authentication has been implemented on my bittrex account, and one from my email provider telling me that there was unusual sign-in activity onto my email from some IP in Argentina. All three of these emails were sent the in the afternoon of the day before, all with in 10 mins of each other. Now I realize that not only was my bittrex account hacked, my email was also. I do not have new email notifications turned on on my phone due to large amounts of emails received so by this time it has already been ~14 hours since my accounts have been comprised.
Here is why I'm slightly confused. I am pretty sure that I have not input either my email login info nor my bittrex account info on my laptop that I use, which is a macbook. My email has been bookmarked with the password saved for forever, and I've never had to input my login details for at least months. I've also checked my browsing history to confirm that I've not been on any bittrex phishing sites. My login infos for bittrex are too, saved on chrome, so I've never had to input those as well from since I joined up with them, which was for 3 days approximately. Also my password for my email and bittrex are different. I have not downloaded any add-ons for chrome. So the question is how could the hacker have gotten both my bittrex and email passwords?
The only possibility that I can think of for how has happened is that I logged in my email manually once last week using my family desktop that is rarely used. But even then I am very careful and sure that I entered it in the outlook site. But I've also used that email to sign up for a bunch of ICOs via slack in the past two weeks with the same password which I used on my bittrex account.
So I am assuming that there was a malware/keylogger on my PC that caused my logins to be comprised, or could there have been something up with my macbook that I missed? Lesson learned to always use google authenticator but damn, at least I wanna know how I got got.
I've filed a support ticket with bittrex to remove the two-way authenticator on my account so I can login and see what shitcoins he bought with my account at absurd prices to steal my money since that's what others seem to have endured. There was no withdraw confirmation in my email.
TL;DR
Both bittrex and email used got hacked with different passwords. Hacker went on my email and tried deleting evidence. Assuming that I've lost 1.5 btc which wasn't THAT much but still enough to make me feel retarded for not using google authenticator like I have been for other exchanges. Wondering how it went down.
[link] [comments]
Read More
