Jump to content
Stake Forum
Flansca

What do you do when your wallet got hacked?

Featured Comment

What are you going to do when your wallet got hacked? Recently I got hack, I try to contact their support.

But still no answer from them. Any idea?

Thanks for your answers.

Share this post


Link to post
Share on other sites
2 minutes ago, DarkBlood069 said:

Simple - to prevent any such hacking, always have a 2FA so this never happens, it's the most secure way of keeping your account safe from any threats. I always make sure my funds are safe so my advise to older and newer players is that if you haven't got a 2FA yet - put one on so that you don't lose your funds to any hackers/scammers within stake.

Well to be honest, I already used 2FA on Stake, and 2FA at my wallet (blockchain.com)

I already use my 2FA, but i don't know who can bypass my wallet, and even take my 0,001 BTC, and even take any single of my credits so i got 0.00$ right now. 

 

Share this post


Link to post
Share on other sites
35 minutes ago, DarkBlood069 said:

I was going to say that if so to say that your account got hacked even with a 2FA code - I would personally 100% go to customer support and expect them to pay out the according losses because it's impossible to hack an account with a 2FA code on. I would to say that the hack with either have to be on the staff's end if that was the case. But right now, the security is really good at stake but in the long run... you can only keep yourself safe if you ignore anyone that attempts to scam, any forms of unfulfilled promises to pay you back double if they win etc etc. So just avoid those and you'll be just fine. 

 

@flansca check your withdrawal history,

I will do those things right now. Thanks for the tips. But anyway, this was my recent payment. Are it really possible after you receive BTC, he can hack to resent more from my money?

Before I really not in this trouble but, idk. I would wait what will support do about this (I mean at blockchain wallet support)

image.png.163fdb4a8e5abeeb17bda413b6843c79.png

Edited by flansca

Share this post


Link to post
Share on other sites
50 minutes ago, DarkBlood069 said:

I was going to say that if so to say that your account got hacked even with a 2FA code - I would personally 100% go to customer support and expect them to pay out the according losses because it's impossible to hack an account with a 2FA code on. I would to say that the hack with either have to be on the staff's end if that was the case. But right now, the security is really good at stake but in the long run... you can only keep yourself safe if you ignore anyone that attempts to scam, any forms of unfulfilled promises to pay you back double if they win etc etc. So just avoid those and you'll be just fine. 

 

@flansca check your withdrawal history,

It's possible to hack account with 2fa.

1. or it's someone close to you, who can get access to your 2fa (yea, I recently heard story, how husb emptied wife's wallet). You can just make sure, no one can access your 2fa (like use app in mobile and lock it with your fingerprint).

2. or get access to your pc (if your 2fa is desktop app).

3. or get access to somewhere, you saved your security key on installing 2fa. With same key you can get 2fa codes in any other 2fa app or device.

15 minutes ago, flansca said:

I will do those things right now. Thanks for the tips. But anyway, this was my recent payment. Are it really possible after you receive BTC, he can hack to resent more from my money?

Before I really not in this trouble but, idk. I would wait what will support do about this (I mean at blockchain wallet support)

image.png.163fdb4a8e5abeeb17bda413b6843c79.png

Blockchain support is slow, but always solves issues in the end :) Patience :)

Share this post


Link to post
Share on other sites
12 minutes ago, lupandina said:

It's possible to hack account with 2fa.

1. or it's someone close to you, who can get access to your 2fa (yea, I recently heard story, how husb emptied wife's wallet). You can just make sure, no one can access your 2fa (like use app in mobile and lock it with your fingerprint).

2. or get access to your pc (if your 2fa is desktop app).

3. or get access to somewhere, you saved your security key on installing 2fa. With same key you can get 2fa codes in any other 2fa app or device.

Blockchain support is slow, but always solves issues in the end :) Patience :)

I agree with lupandina.....it's sad to say, but more often than not - funds stolen out of secure accounts are usually done by people we know.

I know this is the case with money being stolen from bank accounts, and it would make sense that it would also be probable for accounts secured with 2FA. 

You may want to increase security on your devices that are used to hold your 2FA as well.   :(

 

Share this post


Link to post
Share on other sites

Well there is nothing much one can do once the momey is transferred to another wallet but if it was throught the online wallet then you can contact support team of the site so they can inspect it. Anyhow I'm so sorry for your loss. That's why always have the maximest security you can !

Share this post


Link to post
Share on other sites

Hello, i guess you cant do nothing once you get hacked. But you can prevent it.

For crypto in particular, once the access to your accounts is secure you must decide whether you should leave your assets on the exchange or be your own custodian. Both come with their own risks.

Leaving it on an exchange: Your risk here is defined by the probability that this exchange will be hacked or be subject to new regulation. If you decide to go down this path, there are certainly better options than others. I know that the Coinbase team is doing a terrific job at keeping their assets secure. This does come with the drawback of users not being able to participate in certain airdrops, or not having access to new currencies from forks immediately, but I won’t delve into that topic here.

Being the custodian: Your risk here is defined by the likelihood of your seed phrase been stolen, or all replicas of it being permanently damaged/irrecoverable. Someone could also get the password for your given wallet and steal the hardware from you, in which case, unless you immediately get a new wallet, recover your keys from the passphrase, and transfer all of your assets out, they’ll all be soon gone. You could also lose your passphrase, as well as the password as it infamously happened to Wired writer Mark Frauenfelder in his epic tale of hacking his own wallet.

People should weigh the probability of the exchange being hacked versus the probability of their seed phrase being stolen or lost. For most people with little crypto exposure, I would recommend they leave their crypto on Coinbase as it probably has a lower probability than the risks involved in being your own custodian. In addition, it’s way more convenient to just have your assets there rather than have to deal with the hassle of custody.

If you own a lot of crypto assets, you should avoid leaving coins in exchanges to avoid the risk of those being hacked as it famously happened to Mt. Gox, Bitfinex, and YoBit not so long ago. In 2014, Mt. Gox handled 70% of all Bitcoin transactions worldwide when 850,000 bitcoins belonging to customers were stolen. They subsequently filed for bankruptcy and went out of business. It’s certainly worth your time to learn how to protect yourself against these attacks.

If you choose to go down this path, I would highly recommend you getting your own hardware wallet. The two main companies in this space are Trezor and Ledger. I’m not very familiar with Trezor but can vouch for Ledger. When you first setup your wallet, you will be prompted with a passphrase and a password, the latter being specific to that wallet. Think of the passphrase as your master password for all private-public key pairs you will use in the future. If your wallet is damaged or lost, you can recover all transactions on a new one by having this passphrase. Just as you can be the one recovering these keys, anyone else who gets access to it will be able to do so as well so make sure that you save it in a safe place. Safe means: not on a computer with internet access; not on a hard-drive that’s not encrypted; not on a paper that could be easily stolen. You should also have more than one copy in different places (all of which must have tight security since your system is just as secure as your weakest link) to protect yourself against a potential loss (hard-drive malfunction, fire, a potential robbery, and others). As you are probably thinking by now, being the custodian of your own keys is no easy job.

As a side note, while hardware wallets are certainly great products, if you are an institution or someone who might be likely the target of a personalized attack, this path might also fall short. First, when talking about redundancy and safety, this is not a binary dimension but a spectrum. You could either leave a paper with your passphrase hidden in the closet or store it in a safety box inside of a bank. On top of the steps described above, you should also seriously consider multi-signature security. At a high level, this means that you’d need multiple keys to transfer your funds (e.g. 2-of-4 policy would be mean that there are 4 keys, and you’d need at least two of them). There are already a few companies like Coinbase and Anchor that provide this kind of service.

Stay safe!

Share this post


Link to post
Share on other sites

Anyway, my conclusion was removing all email, phone numbers, and another private files that I already submitted there, then create a new wallet with another 2FA, backup code, else. 

Thanks for your answer past days, and now I will lock this thread because there is no need to be discussed anymore.

Share this post


Link to post
Share on other sites
Guest
This topic is now closed to further replies.

×