Ninjastic
PostEdited versionsQuotes to this post
Post
Topic
Board Scam Accusations
Re: BC.GAME Lost Fund (Unauthorized transactions)
by
Drahmaar
on 06/03/2025, 19:18:17 UTC
Quote from: Drahmaar on Today at 07:15:10 PM
Quote from: holydarkness on Today at 06:56:45 PM
Quote from: Drahmaar on Today at 06:36:21 PM
Quote from: holydarkness on Today at 05:48:31 PM
I see. Thank you for clarifying.

And this actually goes along with the explanation made by my contact upon the findings made by their security team, as well as give some sense to point on the explanation above about why they require a week to process your 2FA activation, that they're still trying to determine whether you're the real owner or not.

If I may convey what my contact tell me, summarized:

In BC, you have three security methods to do actions like withdrawal or tipping:
1. SMS OTP
2. Email OTP
3. 2FA by Google Authenticator

Their seclog revealed that 2FA [Google Authenticator] was activated after your withdrawal and after that, the tipping happened.

Given you're not the one who activates 2FA, I shall strongly assume that it was the hacker who activated it. I think this also explained why live support assured you that someone else initiated the tipping was not possible in your case as you have OTP, since I believe they don't have access to your account seclog and did not see that you have 2FA activated and followed by tippings; thus they assume you only have OTP and/or all of the authorization methods were controlled by you.

With the ongoing assumption that someone else had 2FA access to your BC account, it could help them "bypass" your OTP as 2FA [Google Authenticator] can be used as one of the two from three security verification methods mentioned above to authorize an action.

I also assumed, upon reviewing your seclog and realized that there is a possible scenario where a hacker was the one being in possession of your 2FA, they require such obscenely long time to activate your 2FA, as they want to be sure it is [this time] you who activated it.

Is this explanation make some sense and possibly fits and explained your situation?

Well, if someone was using 2FA app to login my account, than it was hacker. Ive checked my Google Authenticator and I have zero codes added.
What I dont get is, how hacker accessed my account and how he activated 2FA.
Because as I said Ive activated OTP on my first withdrawal.

If you needed my approval that me (real owner) wasnt using Google Authenticator as authorization method, I approve.
Ive never used Google Authenticator to login my BC account.

Probably your email address and BC password was leaked somewhere for some unknown reason to anybody. Upon having an access to your account, they set the GA that allows them to approve the tipping. As a side --but important-- note, GA does not need to be bound to the same email address [e.g.: your BC account is under drahmaar@gmail.com, the GA can be set under not_drahmaar@gmail.com], thus you can't see any account being added to your GA.

With this, I guess everything is now made clear? Or is there other thing that I can help you with to be addressed to my contact?

Yes. Everything is clear, because what you said is possible method how hacker send those tips. But its unlikely. Because if someone has access to my BC email. Than he have access on almost every account of mine. And all of this time I have zero Unauthorized actions on other accounts.
Thats more unbelivable. That someone hacked my email and used it for only BC and send only two tips.
Im so, so curious whats happening here 🤔

EDIT:
If you have BC contact with you. Can you ask him to reset my 2FA? Or disable it?
Because now I cant login to my account. When I input user, pass, it requires 2FA app and as I mentioned before. Ive never used 2FA app, so I cant login to my account.