Jump to content

CrisSyd

Member
  • Content Count

    17
  • Joined

  • Last visited

About CrisSyd

  • Rank
    Regular

Recent Profile Visitors

The recent visitors block is disabled and is not being shown to other users.

  1. Guys, I finally got Binance to return 3.7 Bitcoins after contacting the SEC (https://www.sec.gov) and the MAS (http://www.mas.gov.sg). There is still some bureaucracy to go through so I'm not sure when my account will be credited. Considering the XRP value, the amount refunded is less than half of what I got stolen but better than nothing. Binance claims the hacker traded and withdrew part of the funds on the day of the hack, which I think is correct as the total BTC you can withdraw per day is 2, and on the day of the hack, the value of my funds was 5.7 BTC. Despite the big loss, to be honest I feel lucky as I believe it's pretty rare to be able to recover crypto once hacked.
  2. This is the hacker IP: 176.227.59.0 It comes from Turkey. Not sure how to run netstat but I have an antivirus so I believe to be quite safe though I know no antivirus is 100% securing your devices.
  3. I don't know for sure but here are few articles after a quick search on Google. https://www.ccn.com/crypto-exchange-kraken-denies-security-breach-and-office-closure-in-halifax-canada/
  4. You might be correct in thinking that Kraken might have left little trail if it was them. But maybe they wanted to make it look like an external hack to have a kind of alibi. I'm only speculating here anyway. Surely I don't want to point fingers to anyone without valid reasons, but the way they didn't want to provide support whatsoever certainly doesn't make them a favor. Anyway, thanks again for your comments.
  5. Happy for the thread to be close if the moderators wish to do so. Perhaps it's worth to keep it visible for few more days so that more people can learn from my experience. Truly my main concern is that Kraken has deliberately perpetrated this hack, or it might be the act of few employees. Their support was practically null, so I'd like to warn everyone about this.
  6. I was not really asking to answer that specific question. I just wanted to highlight the fact that I had the GLS on, otherwise the hacker would have moved the funds very easily. I can see that unfortunately there is not much I can do at this stage, except hoping that Binance can track the funds, and return the XRP to me. But I will also contact another authority to see if they can further look into this case and query both Kraken and Binance to clarify their position into the matter. For all of you who had time to read my post I hope my experience can save someone else from a similar misfortune.
  7. If the GLS was not on, then how would you explain the fact the the hacker didn't edit the email address? This way he could have approved any wallet he wanted, at any time.
  8. fidgetspinner all comments are welcome. I made all my trades at home, connected to my own modem/router (secured), so there is no way of sharing my IP with anyone else.
  9. Yes. I've just read how it works, which explain the fact that the hacker could not update my email address. However, he never submitted an unlock request.
  10. Thanks for your comments. Please refer to my reply to NightJanitor. I had a 2FA but apparently it didn't work. I might be wrong but I suspect an inside job. And sure, all exchanges are insecure but I can only speak for my experience with Kraken in particular.
  11. I was logged into my account at the same time as the hacker, hence Kraken should have warned me of it. When you log into Bittrex with a different IP, they always send you an email to confirm it's you. I'm not saying I'm not responsible as well by clicking on the link to confirm the wallet, but from Kraken there was no effort to prevent this, nor to provide support right after the XRP was stolen. Moreover, the hacker had access to my account already because he managed to sell my XRP for BTC, and trigger new wallet approval emails. He could have changed the email address as well (and approve new wallets) but he didn't do that. How strange is this? Did he use an API which could perform only the first two operations but not change the email address? Or was Kraken part of this operation, and by letting me confirm the new address, can now state it was my responsibility for the stolen funds? Why Kraken didn't notify me of someone else logging into my account? I never received any email about this. And how did the hacker gain access to my account while I had a 2FA on and I store all my PW on paper?
  12. I had 2FA but for login only
  13. Thanks again Pablo. I will ask Binance to review my post in case they also think there are sensitive info I better not disclose.
  14. Thanks Pablo for your comments. I do appreciate your suggestions, however I haven't much to hide at this stage. I also wanted to disclose these sensitive info so hopefully someone can assist with valuable information.
×
×
  • Create New...