Blockchain.info wallet hacked & emptied. Warning!

[KasinoKing]

Email verification is not "google authenticator" verification = 2fa. You should turn it on and print its code, destroy the file and safe the printed code somewhere "like a key to your gold box".

Yeah - I've done that now. Something about locking the stable after the horse has bolted...

I still don't get how the hackers got past the e-mail thing though - I reckon the hack was at Blockchain's end.

KK

 

[ocportal]

might be that someone who knew your email connected to the account did the thing, if someone would have entered blockchain.info DB, I don't think they would care for the accounts with holding <10 btc, more likely someone targeted your account. You can never be sure but from what you wrote, thats the conclusion from my perspective.

 

[ocportal]

You could try and contact them at blockchain.com to ask for a log with all the IP's that logged into your account, if you know the date when it happened it should be possible to look further into it.

 

[Webzcas]

Jesus Mark, just seen this thread now. Really sorry to hear this mate

 

[bonustreak]

This is horrible! So sorry

 

[AussieDave]

I don't profess to be a crypto expert, if anything, I'm at the other end of the pole.

However, I use coinjar and every time I login, I'm sent a auth code to my mobile. This mobile is never used online. On the odd occasion when I use Chrome instead of FireFox to login, I'm sent an auth link to my email addy. But even after that's verfied, I'm still sent an auth code to my mobile, which has to be entered before I'm given access.

Seems in this case, either your email addy has been hacked KK, or the wallet has been hacked. While you might have an infected PC (keylogger etc) I doubt it. You've not reported any other nefarious activities...

P.S. Coinjar have a option to remember the browser for 30 days. I don't use this option. Instead, I must authenticate my credentials on every login.

 

[TipAGambler]

Sorry to hear that. Thanks a lot for the heads up!

 

[HLE]

Yep, happened to me to.
11/15/2018
Here's the transaction ID on ETH blockchain: 0xe2cd575450954a60f273569cbcc412d03a9060c152eb5f8b2d942df88bdb1431
Hacker transfer in and out of the address immediately.

On that date I was traveling oversea and do not use computer, phone to check accounts.
I have 2 form authentication enabled. To sign in they have to click an email.

Seem like systematically hacked from the backend from blockchain.info exposed private keys.

Good bye blockchain.info!

Be careful folks.

 

[LandofOz]

I'm sorry to hear that. There are so many lowlifes out there and one can't be too careful.

 

[Bladebringer]

Fine. Thank you so much for sharing.

 

[Joonas]

Really sad to hear KK. Also really annoying to read about these cases as they can negatively impact on how masses think and perceive the whole crypto and even blockchain tech.

 

[e_abrams]

These hacks are my biggest fear about the crypto market. They happen way too often it seems, and you almost never hear that the perpetrators have been caught.

 

[AussieDave]

These hacks are my biggest fear about the crypto market. They happen way too often it seems, and you almost never hear that the perpetrators have been caught.

Call me cynical, but who's to say these hacks aren't 'inside jobs'.

As KK explained, as we've heard many times before, and as we all know, these wallets use email verification, and some even have PIN sent to mobile, for every login/transaction. I dare say the majority of folks who have wallets, aren't newbies. Meaning, they know passwords need to complex, EG: not 'myblackcat'.

Everything just seems too damn easy for these so-called "crypto wallet hackers".

If these are "inside jobs", by law they are responsible for said losses.

Worse, or so it seems, when a hack is reported to said wallet, they do nothing. Granted their not banks, but imagine the same happening to your bank account. These wallets need to be held accountable!

 

[ronald hulst]

Someone also hacked my blockchain wallet account and transferred all my etherium.
this happend when no pc or any other device was active and i also didn't recieved a confirmation email.

also strange is when i want to login into my account on a pc, he's sending a confirmation email to me in russian????
i'm dutch...

i say there system is hacked and they don't want to admit...

i've send them more emails but they don't reply to any of them.

my advise, don't ever use an online wallet

 

[Biti]

Call me cynical, but who's to say these hacks aren't 'inside jobs'.

As KK explained, as we've heard many times before, and as we all know, these wallets use email verification, and some even have PIN sent to mobile, for every login/transaction. I dare say the majority of folks who have wallets, aren't newbies. Meaning, they know passwords need to complex, EG: not 'myblackcat'.

Everything just seems too damn easy for these so-called "crypto wallet hackers".

If these are "inside jobs", by law they are responsible for said losses.

Worse, or so it seems, when a hack is reported to said wallet, they do nothing. Granted their not banks, but imagine the same happening to your bank account. These wallets need to be held accountable!

This.

The same thing, for example, the Cubits debacle. It's for sure an inside job. They aren't even cooperating with the administrators. To get back the losses is almost impossible without their cooperation. And they simply refuse that. Administrators now have to negotiate with former employees. Hence, pay ex-employees to open their mouth a bit.

The biggest advantage of all these wallets, the fact that they aren't regulated, is also the biggest problem. So many dodgy people involved in the crypto business. And even honest people can turn into thieves once they're having millions of euros at their disposal with just a few mouse clicks.

 

[AussieDave]

While I use a wallet, it's only used to receive aff payments, then it's either transferred to the ATM card, or bank account. I only use a wallet cause I can't for the life of me figure out how to hold crypto without one. Hence I don't hold crypto...

even honest people can turn into thieves once they're having millions of euros at their disposal with just a few mouse clicks.

Only have to look at our own industry to see how money can turn some people into crooks. Worse part is, 9 times outa 10 its folks who can't afford to be ripped, it's those people who get shafted more often than not

 

[SUBHRA]

Hi,
Its a very worse thing that happened with you. I too lost this month a considerable amount of bitcoin from my pc. I discovered that a trojan ran a script in my pc and had greatly damaged me financially.Its not that case that blockchain is not secured but the loopholes left behind a way that the hackers had used. These are mostly asians and i traced them a group of hackers from egypt.
Blockchain had advanced features to whitelist ur ip only but if ur pc is hacked again nothing can be done. Better use strong passwords everywhere.Done installed software from an unauthorized source.

 

[Gamblerspro.com]

Oh man, this truly sucks. I keep some crypto in a hot wallet on my desktop. I'm now moving them to the Nano Ledger S immediately. Well, at least the ones it supports. Sorry to hear this happened to you.

 

[LandofOz]

If you don't want to use a hardware wallet like the Ledger Nano S or Trezor, then the Atomic desktop wallet is a good alternative. It's very easy to use, supports hundreds of coins, has excellent customer support (since they resolved an issue that I was having within 6 hours), but the only thing is that it doesn't offer two-factor authentication.

 

[Gamblerspro.com]

100% agee. Atomic wallet is the best software wallet I have come across. I like the ability to buy directly from it, too, but I still much prefer a hardware wallet when possible.