Yeas and another blockchain story
Hi i want to share my experience with a security breach from Blockchain.info Because i think it might be helpful for Others.
I am aware that nobody should store lager amounts of btc in services like them. and use a ledger hw Wallet for my Stack.
I had from a Recent Buy a lower triple digit amount in the b lockchain Trade Account. i Simply did not have the time because i wanted to distribute the amount in different Ledger adresse.
however today i received 3 Notifications from the Blockchain Wallet with a 2 Fa Code on My iphone .
afaik the godfather malware is currently just an android thing ? correct me if i am wrong
I asked my wife which was not near me is she is trying to login --
Negative.
i began to panic and logged in my self.
next notification was that 2 Fa has been disabled. in a rush of panic i copied a ledger Receiving adress and initiated a transfer of the whole balance to that adress i did not even cross check if the adress was copied properly i just wanted to be faster then the attacker.
i instantly also changed the blockchain password and re enabled 2 fa and changed the password of my gmail adress which was tied to the blockchain account.
I also unliked all the Credit cards which where associated trough Crypto buys out of Blockchain.
The transfer to my ledger adress was still showing pending i was nervours .....
was it really the right adress..
will they maybe hold back the transfer because of security issues....
Which imho should automatically rise if there where attempts withouth the right 2fa, 2fa has been disabled , reenabled and the password has changed and a transfer has been initiated.
But none of these after some really really long 20 minutes i saw the transfer went to my adress
Puuh Lucky i was awake at that time and instantly reacted.
Dont know if they would have been able to send the funds to their adresses if i was not quicker
i also wrote to a support agent onto their site but he could not answer the questions if my account is safe now or not. i am waiting now for an email from their security team.
In the end i have to say lesson learned i will never Buy there BTC again and of course not store the smallest chunk of crypto in their wallet.
But what could lead to this ? how can 2fa be just simply disabled it makes no sense to me.
The login email i received after i logged in with the new password was Russian < what else>
had anyone of you similar experiences ?
Would you trust that the account is safe ow ? or just dump it and make a new one ?
[link] [comments]
No comments:
Post a Comment