[ 3 / biz / cgl / ck / diy / fa / ic / jp / lit / sci / vr / vt ] [ index / top / reports ] [ become a patron ] [ status ]
2023-11: Warosu is now out of extended maintenance.

/biz/ - Business & Finance

View post   

File: 101 KB, 1024x904, wtf.jpg [View same] [iqdb] [saucenao] [google]
7023917 No.7023917 [Reply] [Original]

So I know someone who got their Binance account hacked. He had Google auth 2FA and a strong password. He said he logged in, logged out, and the next time he checked all his bitcoin was gone. He didn't get any email notifications or anything.

How is this possible? I was under the impression you had to physically have someones phone to get that auth code.

>> No.7023957

The hacker was coming from inside his own computer

>> No.7023967

most likely they lied about having google 2FA to save face. if this is true it'd be news-worthy.
probably had sms 2fa which is hackable if someone messes with your mobile provider

>> No.7023974

Did he mess with TurtleCoin at all before this?

>> No.7023995

also there are programs that lets you generate google 2fa on desktop. obviously that guarantees no additional safety, if an attacker gets access to just your pc they have the code.

one more option is, his phone was rooted. then its much easier to retrieve 2fa codes from it remotely for an attacker.

>> No.7024016

What coins was he holding anon?

>> No.7024036
File: 1.91 MB, 506x285, mesmerize.gif [View same] [iqdb] [saucenao] [google]


>> No.7024052

I do all my trading on my computer

And my 2fa is on my phone

Will I be okay?

>> No.7024061

>I know someone who X
Is that someone you?

>> No.7024076

Someone might have played binance support into giving unlocking the 2fa

>> No.7024128

so when you go to the part of the page where it shows the IP's from which the account was being logged does it show a different one or not?

>> No.7024171

Ask this op

>> No.7024180

>keeping your coins in an exchange wallet
Don't do it again fucking retard

>> No.7024285

Yeah there was an IP log in from a different country.

>> No.7024335

well you dun goofd then friendo, and there's more than one way you could've fucked up so geegee, reinstall you PC, reinstall your phone, make new accounts and wallets, stop visiting sketchy sites and torrenting shit, stop licking on every link posted in here, make sure you don't log into phishing sites, and maybe you'll be safe

>> No.7024381

but what does this mean? he had remote access to the PC?

>> No.7024396

how is this possible?

>> No.7024398

also the he bypassed the 2FA part seems really sketchy, most retards on here get locked out of their account because their phones fuck up and they're too stupid to write down the code to get back the 2FA on another phone, yet this guy manages to get fucked fucked from the outside

>> No.7024401

Binance phishing links are really common in google search.

Often as the top result.

>> No.7024452

as I said there's more than one way you could've fucked up, you either had keyloggers which you got from downloading shit, or going to a page trough a link that first redirects you to other pages, also if you're dumb enough to save your passwords on the browser etc. the 2FA part is the really weird thing for me, unless of course you just never had it in the first place

>> No.7024848


So phishing or malware is most likely you think?

If they had remote access to the PC, if he didn't log out of binance (even though he said he did), they could open his browser and open the page with him still logged in. Would that account for the different IP though? Would it uses his IP or theirs?

>> No.7024867

I ve said it in an earlier thread.
These are Russian scammers that are targeting Binance users. They get your password with a keylogger. Idk where I got it but I formatted the hard ride after the first time but somehow they got mine twice . since i started typing the passwords in a digital keyboard nothing happened in the last three months.
If you don't have 2fa using Google authentication you are fucked because SMS 2fa can be disabled if they know your service provider.
For those who have Google Auth they are known to larping as Binance support to get you to disable it in order to restore your password. Of course no one is that retarded and those who are won't never say to save face. The two times I got phishing it was a Russian ip. The only thing clear is that you are using binance you should get 2fa Asap

>> No.7024873

and it legit was not me, this is someone I know. I'm just wondering how it happened to him, I don't want to get JUSTED like he did.

>> No.7024886

It probably didn't happen and it was some faggot shilling KuCoin.

>> No.7024901

no, if it's remote access it wouldn't show up a different IP first because you never logged out, and second everything was don trough your PC even though it's controlled remotely via the hackers PC

>> No.7024923

When people say they were hacked because of X or Y they are usually wrong.

>> No.7024987

Okay, so the hacker got his passwords.

He said he thinks it was malware that got downloaded through an email. Still don't understand how they would get his google auth code, unless he's lying.

>> No.7025022

I had someone access my binance from an IP in Alabama near the beginning of the month anon.

I have never used the account, so it’s not too huge of an issue. I don’t trust binance myself. I honestly don’t trust any non-US based exchange.

If something goes wrong, I want the ability to take legal action. I can’t do that against an exchange in China.

If it’s in the US I can get put into prison and sue them into perpetual poverty for the rest of their life.

>> No.7025047

Get them put into prison. This autocorrect is terrible. What are you think Devs?

>> No.7025063

This threads got me a little nervous: does ICX have a wallet?

>> No.7025108
File: 256 KB, 2411x1544, ledger.jpg [View same] [iqdb] [saucenao] [google]

here's the solution to that obnoxious shit

>> No.7025142

>How is this possible?
simply not the truth

>> No.7025162

>Still don't understand how they would get his google auth code, unless he's lying.
told you this is the weirdest part for me too, malware trough email, maybe but still, he prob downloaded from some shady site or clicked some shit "you're the 1000000 visitor" type of thing

>> No.7025208

Wondering this as well

>> No.7025222

It was a phishing site. It passes your login to the real binance then does a withdrawal in the background with the credentials it got.

>> No.7025251

single point of failure.

>> No.7025326

Yes, as long as you aren't retarded like OP's friend and download obvious malware with 2fa on the same device you log in to binance from.

>> No.7025402

Your friend is either lying or is a complete fucking retard and got phished. Tell him to kys.