CryptoCurrency : I was hacked — Cautionary tale inside.
TL;DR at bottom, and any help/advice appreciated.
My copy of windows is pirated. After some updates, it started warning me that I needed to activate.
I go download the latest activator thing that always worked for me. I just google the program, see a familiar website, I install it, uncheck all the bloatware it wants to give me, and it takes way too long to install. I stop it. it uninstalls my google chrome. I get emails saying “successful login attempt from unknown address”. I thought “bullshit, I’m using Google 2FA and my password is ridiculous.” I go log into binance with my phone just to be safe, see they are selling all my alts for BTC. I search all over the account page in panic for a “DISABLE ACCOUNT” or something, anything. It’s nowhere. I remember seeing that text in the original notifying email. Go back to that and it’s gone. All incoming emails were being sent to the trash. I go to the trash and it’s actually emptied from there.
It got into my coinbase account and sent to an address, then tried to buy the maximum amount. I call coinbase and get my account locked pretty quick.
I also remember taking a photo of my recovery words and storing it in my google drive like an asshole. I deleted that and generated new words and get my coins off those compromised wallets. Those are safe now.
**Precautions I take:**
-90% of coins on ledger (these are safe, and should be 100%. I got lazy.)
-2FA on EVERYTHING
-Have MetaCert extension on chrome
-Passwords saved on google account (mistake probably)
**Mistakes**:
-Leaving coins on exchanges (coinbase and binance)
-Downloading a shady program in attempt to re-activate my pirated copy of windows 10.
-Passwords saved on google account
-Keeping a photo of my ledger’s recovery words on google drive (though it didn’t get touched, could have been WAY worse.
It happened SO fast. I knew it was automated. I stood no chance. I thought I would never make one of these posts.
Here’s the address it all went to: https://explorer.bitcoin.com/btc/address/16tHNbDfjby7ZtK5Zi4dcfeyatuhcsXW3e
I’ll get the LTC and ETH addresses from my coinbase account later when I gain access again.
**Now for the questions:**
– What is the next step to tracking the addresses he has sent to? Can I track his address and email all exchanges that have USD/BTC pairs to warn them? Possibly recover my funds??
-I’m guessing google password saving is bullshit now. What’s the best thing? LastPass?
I know the other threads probably have these questions but right now I’m tired and pissed, brain’s been running on fumes for the past 3 hours…
I’m lucky the prices are dumping. I could re-buy that portion of my crypto pretty easily.
**TL;DR:**
Downloaded shady program and “installed” it. I have 2FA on everything, it didn’t matter. He gained access to all my exchanges and emails, bypassing 2FA. Luckily 90% of it is safe on my hardware wallet.
**WHAT YOU SHOULD TAKE AWAY FROM THIS:**
Keep it all on your hardware wallet, and just buy legit windows 10 in order to avoid downloading sketchy “activation crack” programs. Or any crack/piracy things. Be paranoid.
Cryptocurrency
The official source for CryptoCurrency News, Discussion & Analysis.
Author: SNAFUBAR-
Score: 6
Don’t forget to share the post if you love it !