1. This website uses cookies to improve service and provide a tailored user experience. By using this site, you agree to this use. See our Cookie Policy.
    Dismiss Notice

Need Help: $650 worth Crypto stolen from my Coinbase account

Discussion in 'CryptoCurrency' started by Inconite, Apr 17, 2019.

  1. br4sco

    br4sco Regular Member

    Joined:
    Sep 29, 2017
    Messages:
    425
    Likes Received:
    228
    Gender:
    Male
    Its not Coinbase issue if he lost money from Skrill aswell. Just saying.
     
  2. CryptoKujira

    CryptoKujira Regular Member

    Joined:
    Dec 27, 2018
    Messages:
    414
    Likes Received:
    127
    Gender:
    Male
    Occupation:
    Day Trader
    Location:
    California
    Home Page:
    ^This.

    Malware has become rampant in crypto. Do you have ANY plugins on your browsers or phone? Do you have any non-legit software installed? Any weird apps on your phone? Could be any piece of software or app, not even crypto related, such as stupid weather app or anything like that.

    Could also be on USB sticks that you've bought online and used for your computer, SD cards, etc. Hackers are finding crafty ways to embed code that will allow them access to your coin accounts.
     
    • Thanks Thanks x 2
  3. Oz0102

    Oz0102 Jr. VIP Jr. VIP

    Joined:
    Jun 28, 2010
    Messages:
    1,233
    Likes Received:
    347
    Gender:
    Male
    Location:
    world wide web
    Your OS must have been compromised.
     
    • Thanks Thanks x 1
  4. tb303

    tb303 Senior Member

    Joined:
    Dec 18, 2011
    Messages:
    1,035
    Likes Received:
    727
    I couldnt see in the thread above but did anyone ask what form of 2FA you were using with your email, coinbase & skrill?
     
  5. Inconite

    Inconite Junior Member

    Joined:
    May 16, 2017
    Messages:
    138
    Likes Received:
    52
    Gender:
    Male
    Occupation:
    Internet
    Location:
    Solar System
    The issue was with 2FA. even if the hacker got my passwords he shouldn't have gone through 2FA. that indicated that 2FA is not reliable.

    I was using authy for coinbase, Google Authenticator for Skrill and mobile sms code for Gmail account.
     
  6. Inconite

    Inconite Junior Member

    Joined:
    May 16, 2017
    Messages:
    138
    Likes Received:
    52
    Gender:
    Male
    Occupation:
    Internet
    Location:
    Solar System
    I did format my PC after hacking incident but I don't think my PC had any malware. I always used latest version of software and malware security.
     
  7. Herion

    Herion Jr. VIP Jr. VIP

    Joined:
    Jul 8, 2012
    Messages:
    566
    Likes Received:
    160
    You've been hacked twice with 2FA enabled on two different sites. It's either your phone or your PC.

    Also, haven't used Authy, but if you're using something like their browser extension, then stop and change your 2FA keys. The whole point of 2FA is keeping things separate.
     
  8. GoGuerilla

    GoGuerilla Jr. VIP Jr. VIP

    Joined:
    Oct 15, 2018
    Messages:
    259
    Likes Received:
    108
    If you don't own the private keys it isn't your money.... How long will it take people to learn
     
  9. CryptoKujira

    CryptoKujira Regular Member

    Joined:
    Dec 27, 2018
    Messages:
    414
    Likes Received:
    127
    Gender:
    Male
    Occupation:
    Day Trader
    Location:
    California
    Home Page:
    Most pro traders use dedicated trading computers. if you're serious about protecting your money, you might consider that, as well as storing your coins off the exchanges. Look at getting Ledger or Trezor.
     
  10. KingZen

    KingZen Jr. VIP Jr. VIP

    Joined:
    Feb 15, 2014
    Messages:
    145
    Likes Received:
    43
    Right but technically in crypto, nobody "owns" the private key. It is not tied to any person. If someone can figure out your private key, then it becomes theirs to take.

    To the OP, did you by any chance make copies of 2FA QR codes as a backup anywhere?
     
  11. boldrack

    boldrack Junior Member

    Joined:
    Apr 12, 2016
    Messages:
    136
    Likes Received:
    37
    Gender:
    Male
    IMO .. Though you might not agree with me. .
    Best bet is that you were engineered and not coinbase. If there were discovered flaw in coinbase 2FA or coinbase was faulty, they wouldn't go for your account .. there are many accounts out there over $15k. And there would already be an outbreak.

    Who knows though.
     
    Last edited: Apr 18, 2019
  12. Yzetien

    Yzetien Jr. VIP Jr. VIP

    Joined:
    Jul 23, 2018
    Messages:
    153
    Likes Received:
    75
    Gender:
    Male
    Occupation:
    Strategist
    Don't store your Bitcoin in any of the online digital wallets, they code the same level as Facebook or less.

    iPhone6 is no longer secure, you will need upgrades to better hardware.

    I suggest you call your phone line provider immediately for one question: How many simcards do I have attached to this current line I am using to call you?
     
  13. shivacharm

    shivacharm Newbie

    Joined:
    Apr 18, 2019
    Messages:
    17
    Likes Received:
    5
    Gender:
    Male
    thats bad...hope coinbase not respon your tickets in next year like they usually did
     
  14. Metatrons Cube

    Metatrons Cube Regular Member

    Joined:
    Feb 9, 2019
    Messages:
    244
    Likes Received:
    102
    Gender:
    Male
    Occupation:
    Transcribing the Fibonacci sequence
    Location:
    Within every particle in the universe
    I'm no expert in 2FA, but having the algorithm doesn't seem like it would mean you could hack people at will. (By the way the likelihood of some low-medium level hacker having an accurate working knowledge of any major 2FA algo is beyond infinitesimally-small.)

    An algorithm is just a set of rules doing something computationally or mathematically, but if part of the process is tied to the phone itself which you don't have access to then it means dick having the algo.

    Every phone gets different 2FA's on Google Auth etc (ie. all getting 291849 at the same time would defeat the purpose of it just a bit), and the fact that globally 2FA is still widely used without the system breaking down (ie. random intermittent thefts on a large scale) means that Google calculates the digits securely and sends to your phone and having knowledge of the algorithm without also having the phone would mean nothing - otherwise 2FA would collapse very quickly and it would be a global news story.

    What's much more likely is that someone else with physical access to your phone is stealing your money. If it's happened twice on two different platforms then it fits a pattern that the security issue is a human vulnerability as opposed to a technological vulnerability. The only other logical answer would be some kind of malware or spyware on your phone which can scrape your 2FA and transmit it over your wifi/4g instantly. Get a new phone, install Google Auth, and use brand new passwords to lock your phone which you keep to yourself.

    I wouldn't think that saying it's a flaw with Coinbase is accurate, only because their system is relying on the 2FA not to be known by anyone else but you and how can they tell if it's you or someone else. My feeling is that 2FA is rock solid when other people can't access it as well.
     
    Last edited: Apr 18, 2019
  15. AngelSeo

    AngelSeo Jr. VIP Jr. VIP

    Joined:
    Nov 3, 2017
    Messages:
    1,381
    Likes Received:
    749
    Gender:
    Male
    yeah pretty sure that is not coinbase, but you. Someone finding way to break 2fa and go for your $650 worth of crypto.. kind of hard to believe.
     
  16. shivacharm

    shivacharm Newbie

    Joined:
    Apr 18, 2019
    Messages:
    17
    Likes Received:
    5
    Gender:
    Male
    i think OP ever told someone about his coinbase access
     
  17. FindDIY

    FindDIY Regular Member

    Joined:
    Dec 12, 2018
    Messages:
    215
    Likes Received:
    39
    Gender:
    Male
    Location:
    United States
    Home Page:
    Coinbase has the option to not ask for 2FA for 30 days, if you select it when logging in from the browser. Would be pretty easy to access an account if someone has your email and password.
     
  18. Mr. Tokyo

    Mr. Tokyo Jr. VIP Jr. VIP

    Joined:
    May 27, 2013
    Messages:
    227
    Likes Received:
    68
    No, because this is limited to the current device only. If you log in like this from another device, it will still ask you for 2FA because of access from an unknown device.

    In this case, I suspect it was the OP's device that got compromised.
     
  19. FindDIY

    FindDIY Regular Member

    Joined:
    Dec 12, 2018
    Messages:
    215
    Likes Received:
    39
    Gender:
    Male
    Location:
    United States
    Home Page:
    That was what I was kind of implying.
     
  20. Maticzilla

    Maticzilla Jr. VIP Jr. VIP

    Joined:
    Jul 10, 2013
    Messages:
    847
    Likes Received:
    425
    Gender:
    Male
    Home Page:
    i really think someone who has access to your pc or whatever device you used in managing your coins , took your money

    CB account with 2fa requires verification before accessing funds, which cant be brute force or phised. you mention something similar happend with skrill i would advice you scan your device for malware or phising app etc.