Kraken: A tail of a compromised account

in #ethereum8 years ago

Hello Steemers!

Have a seat and listen to my tail, a tail of how I almost lost 133 ether to a attacker that got the keys to my account. This frightful tale begins on the 2nd August, I was winding down with a couple of beers watching my open positions on kraken. I was currently shorting ether and I had a healthy profit 250 Euro ( the night of Bitfinex hack). I decided to close my position and retire for the night, I now ha 133 ether up from 97 so it was a good day.

I made my way to bed, read for a while then settled down to fall asleep. Fast forward to 02:10 AM, I couldn't sleep so I grabbed my phone to play some relaxing nature noises on spotify ( it actually does work). The BAAM 3 emails from kraken, first email "your 2fa details have been updated", second email "new ether deposit address added" and finally "withdrawal requested".

How could this be!! I had 2fa for login enabled! Panicked I opened google and luckily I was still logged in as auto logout had not kicked in yet (240 mins). Heart racing I went to withdrawals and there it was 133 ether being sent to an unknown address! Hang on why does it say on hold? Maybe there is a god. Lets not forget this is at 2 am, I'm a bit disorientated and I proceed to do the worst thing possible I turn on global lock! Effectively locking in all settings the attacker changed, It cant be turned off for 3 days. I quickly sent a support tickets to kraken, I know present you the ramblings of a scared man at 2.30AM.

There was nothing more I could do at this stage so I went back to bed and prayed that I would still have my ether at the end of it all. Come morning I woke up to an Email from Kraken support saying that the withdrawal had failed and they had suspended withdrawals from my account. My next step was getting back control of my account which was fairly straight forward, a list of questions to verify who I was and a week later I know have access to my funds.

I still have no idea how they gained access as I had 2fa enabled for login, they also had my gmail login/password so this leaves me to believe that my laptop was compromised. I had a lucky escape and a lesson was learned, I have a ledger nano S on the way and I will no longer be margin trading. I would advise anyone who has crypto on an exchange to withdraw it, do not leave it there to vegetate. If you are a frequent margin trader have a look over your account and make sure its locked down with every available security feature.

Thanks for listening

Sort:  

I upvoted, for the luck you had.

It's "tale, not "tail". ;)

Do you use TeamViewer? It's a common attack vector for Bitcoin thefts.

Although I don't believe I have the same vulnerability, after this and the BitFinex hack, I've withdrawn my remaining Ether to my wallet...

Congratulations @mick1187! You have received a personal award!

Happy Birthday - 1 Year
Click on the badge to view your own Board of Honor on SteemitBoard.

For more information about this award, click here

By upvoting this notification, you can help all Steemit users. Learn how here!

Congratulations @mick1187! You received a personal award!

Happy Birthday! - You are on the Steem blockchain for 3 years!

You can view your badges on your Steem Board and compare to others on the Steem Ranking

Vote for @Steemitboard as a witness to get one more award and increased upvotes!