Ninjastic
PostEdited versionsQuotes to this post
Post
Topic
Board Bitcoin Discussion
Re: This is how my 7 bitcoins at coinbase got hacked
by
BillyBobZorton
on 20/10/2017, 23:26:03 UTC
Quote from: figmentofmyass on October 20, 2017, 10:41:59 PM
Quote from: nanonymousx on October 20, 2017, 02:53:33 AM
Sorry for your loss OP.

I think he raised a very valid point, google phone number of Coinbase will come back a fake one. And the fake one will steal your coin.

if this was how OP got socially engineered, that's interesting. it's true that people (including myself) use the top search results to quickly confirm we are entering the correct, legitimate site. i assume the same goes for phone numbers. i google restaurants all the time and order takeout/delivery the same way. if the #2 result is a fake number, we should collectively report the number to google.

the unfortunate thing is that coinbase didn't even have phone support until very recently (the last month or two). so if this is how OP was compromised, this might have been avoided if not for the timing.

Quote from: UnknownBTC on October 20, 2017, 05:55:38 AM
i think this guy got his host file hacked and he was trying to log in to a pishing coinbase website is the only thing that makes sense to me

it sounds like he was probably socially engineered into giving up his login/password to the hackers. since he had 2FA on the account, i believe this is the "secret seed" he was referring to. this is a term that coinbase actually uses to refer to the 2FA token used to generate TOTP codes: https://support.coinbase.com/customer/en/portal/articles/2820377-2-factor-authentication-2fa-faq

it sounds like the hackers (on the phone with the OP) got him to verify the hackers' device through email while they were on the phone. it's not 100% clear from the OP, but it seems like he probably handed them his login/password, verified their device for them, and gave them his 2FA token. that's everything they needed to compromise his account.

Yeah this looks like a phishing attack. But where is the fake Coinbase site at? Or he never accessed a fake site and it was just him calling a phone number and telling them his password and user?

If there was a phone call then he could ask the police to look it up. Phone calls are not that easy to make anonymously, maybe there is a case here.

Also he must have gotten the fake phone umber from somewhere, so where is the website that listed the fake phone number?

These are the 2 things that could lead to an investigation. The BTC transaction is pretty useless, it's too anonymous to trace the money unless the thief are stupid enough to not mix the coins, then maybe you can trace the coins back to some exchange.