Somebody just hacked my Poloniex account.

Hi all,

Few minutes ago i received a email from poloniex stating to change my password follow the link, i didn't clicked the link next minute next email password changed successfully arrived.

I immediately logged into poloniex and my password was already changed then i tried to reset password again it said "wait minimum 10 minutes to reset the password" after 10 minutes i changed my password.

By that time i received the email for fund withdrawal request confirmation again i didn't clicked and the next minute Funds withdraw successfully completed.

I have a strong feeling that its POLONIEX who is stealing.

Stop inserting ur data in those free bitcoin generators and activate 2 step verification.

Strong feeling ain't facts, buddy.
Sorry for your loss, I hope you can recover it somehow.

after reading your story looks like you need to change your email password also . active 2 step verification and hope you will recover your loss somehow .

dragonera said:

did you complained to polonex about this?

It makes no sense for polniex to steal your money, if you are using their service.

Click to expand...

I know its a very small amount and they may not be. But there security sucks, i have raised a ticket but i don't have any hope. There are lot of people like me out there.
https://www.reddit.com/r/Bitcoin/comments/6b40b3/how_are_hackers_changing_the_password_on_my/

I think somebody hacked your email try change your email pass and add more security.

That's the reason why you always have to active the FA2 verification.

Get dancing: two step.

That's the reason why you should never keep your BTC online. Cold storage or at least HW wallets are good ways to go.

Cold Storage, 2FA, and picking up the slack in security with exchange accounts. That was a $1000 lesson for me recently.
I had a similar surreal hack occur except mine was Eobot. (definitely not a referral, stay away) Received an email about a successful log on from a Denmark ip address (Im in US). I immediately got in touch with Eobot chat, email, and attempted phone. I sat there asking the Eobot rep if they were just going to sit by watching as my ME get robbed on thier platform! " We assume no liability, you hold all risk" nothing was even attempted in the short 5-7 minutes it took to load BTC/ETH/etc on the Eobot manual withdrawal platform and watch as it accumulated with other poor bastards coin into a healthy wallet none of us have access to... (This Eobot had minimal coin, this happened on Skriller and Paxful too)

Im betting this is a semi coordinated effort by people that have access to secure account info at some wallet/exchange/hyip entity.

I would love to develope a way to trace this type of theft (including chargebacks) and produce something actionable to recover and convict
this criminal activity. These exchanges couldnt care less and seem to facilitate this activity although they are simply impudent.

Well 55trillion... I actually posted to ask if you used candlesticks / charts to target your entry and exit points and at what time intervals?

All my Best.

Here is a possible source of the breach. Check this site out to see if you got PWNED,
(my BHW credentials sure did) Suggest everyone check on breaches:

https://haveibeenpwned.com/

This is the account to which my BTC were transferred . Looks like professional hacker.

Its not going to end well for the hack thieves, live by the Hack, die by the Hack.

Just because one has the ability and opportunity to do something does in itself justify any given act.

55trillion said:

This is the account to which my BTC were transferred . Looks like professional hacker.

View attachment 92462
View attachment 92463

Click to expand...

I just found that this BTC wallet belongs to POLONIEX , its their cold wallet. So little hope to recover the funds.

Little sliver of hope. Wonder how your coins made it to a Poloneix address unless They quickly performed a double spend to have the initial hacker transaction rejected. Strange....but hope you recover.

tman73 said:

Little sliver of hope. Wonder how your coins made it to a Poloneix address unless They quickly performed a double spend to have the initial hacker transaction rejected. Strange....but hope you recover.

Click to expand...

Even i am little confused, may be their system has been hacked and many accounts were compromised so their security system frozen the account.

Activate 2-factor authentication. I created account just to check how the website works. Next day I recieved an email of successful login from an IP not belonging to me. And then every hour there was a login from a new IP.

they could of hacked your email too, change that password

Polo didn't hack you to steal $73 worth of btc. Likely your browsing habits revealed your personal info to a hacker.
Use 2FA or an app like Google Authenticator.
Change your email if you can..your pw to something very complex...reformat your pc (maybe you have a keylogger), stop doing any shady things like downloading hacked/cracked tools or signing up for free bitcoin generators. If you have to, you must do it on a different computer. Some people get dedicated laptop just for managing their portfolio to keep it extra safe.
If the funds were sent to another poloniex wallet, talk to support maybe they can help.

uncutu said:

Polo didn't hack you to steal $73 worth of btc. Likely your browsing habits revealed your personal info to a hacker.
Use 2FA or an app like Google Authenticator.
Change your email if you can..your pw to something very complex...reformat your pc (maybe you have a keylogger), stop doing any shady things like downloading hacked/cracked tools or signing up for free bitcoin generators. If you have to, you must do it on a different computer. Some people get dedicated laptop just for managing their portfolio to keep it extra safe.
If the funds were sent to another poloniex wallet, talk to support maybe they can help.

Click to expand...

^^ This.

Polo couldn't give more fucks about your 70 bucks when they pull off 6 figures a day from fees. If you can't secure your account properly, then you deserve to get hacked.

Also, opening support ticket with Poloniex lololol. I waited 22 days for a reply to my ticket and I had to spam half the Twitter for it. Some people have been waiting for 40+ days already, so don't bother. Secure your account next time.

I am using Yubikey for Gmail and Kraken. 2FA for Poloniex (They don't support Yubikeys as of now) and Ledger S as my cold wallet. This is the very least that you can do.