I have been hacked!

T

tsavvy

Well-Known Member
Joined
Nov 13, 2015
Messages
244
Reaction score
31
Location
Johannesburg
This is what happened:
I received an email from bitfinex.com.saying I was acessing my account. When I went to gmail to check it out the email suddenly disappeared.

I went to check my google activity and there it was:. An IP that originated from Zurich accessed my Google, Poloniex, Blockchain.com, Bitfinex and Huobi accounts.

Who knows what else is out there now?

Luckily I updated most of my passwords and immediately activated 2 factor authentication on Google Authenticator for most of my online accounts and sms for the remaining that doesnt support GA.
 
tsavvy said:
This is what happened:
I received an email from bitfinex.com.saying I was acessing my account. When I went to gmail to check it out the email suddenly disappeared.

I went to check my google activity and there it was:. An IP that originated from Zurich accessed my Google, Poloniex, Blockchain.com, Bitfinex and Huobi accounts.

Who knows what else is out there now?

Luckily I updated most of my passwords and immediately activated 2 factor authentication on Google Authenticator for most of my online accounts and sms for the remaining that doesnt support GA.
Click to expand...

Hope you didn't click on any links ... ;)
 
tsavvy said:
This is what happened:
I received an email from bitfinex.com.saying I was acessing my account. When I went to gmail to check it out the email suddenly disappeared.

I went to check my google activity and there it was:. An IP that originated from Zurich accessed my Google, Poloniex, Blockchain.com, Bitfinex and Huobi accounts.

Who knows what else is out there now?

Luckily I updated most of my passwords and immediately activated 2 factor authentication on Google Authenticator for most of my online accounts and sms for the remaining that doesnt support GA.
Click to expand...

Were you using a password manager before this?

If not, get with the times and use LastPass. And order a YubiKey 4 too while you're at it. It's an NFC-enabled USB key with a button that provides awesomely secure authentication for desktop, laptop and mobile. It's so good that every Google employee is required to use one.
 
Bryn said:
Were you using a password manager before this?

If not, get with the times and use LastPass. And order a YubiKey 4 too while you're at it. It's an NFC-enabled USB key with a button that provides awesomely secure authentication for desktop, laptop and mobile. It's so good that every Google employee is required to use one.
Click to expand...

My company gave us a yubi key and still waiting on the instructions on how to use it.
 
crackersa said:
My company gave us a yubi key and still waiting on the instructions on how to use it.
Click to expand...

Just go to YubiKey's website and find the documentation for your particular device. I have to assume it's explained adequately.

I have a YubiKey 4 coming in the mail thanks to subscribing recently to a year of WIRED for $10. It's a pretty good quality site, but I did it for the key. How they make money giving me digital access, a monthly print edition delivered to my door and a YubiKey 4 for $40 ($30 annual delivery fee for international customers) is a mystery.
 
Bryn said:
Just go to YubiKey's website and find the documentation for your particular device. I have to assume it's explained adequately.

I have a YubiKey 4 coming in the mail thanks to subscribing recently to a year of WIRED for $10. It's a pretty good quality site, but I did it for the key. How they make money giving me digital access, a monthly print edition delivered to my door and a YubiKey 4 for $40 ($30 annual delivery fee for international customers) is a mystery.
Click to expand...

Nice, have just subscribed, thats very reasonable for a sub to wired. Now hopefully I'll actually receive them. Last sub I had to something I got maybe 1 in 4...
 
Bryn said:
Just go to YubiKey's website and find the documentation for your particular device. I have to assume it's explained adequately.

I have a YubiKey 4 coming in the mail thanks to subscribing recently to a year of WIRED for $10. It's a pretty good quality site, but I did it for the key. How they make money giving me digital access, a monthly print edition delivered to my door and a YubiKey 4 for $40 ($30 annual delivery fee for international customers) is a mystery.
Click to expand...

Good idea.

Things work like that here in the US. I did a promo for Directv now where I had to sign up for 3 months ($35/mo) and got a free Apple TV 4K ($179 value). My 3 months is up and I’m thinking about doing the promo again, will just use my work email :)
 
AstroTurf said:
2 factor authentication not on?
Click to expand...

that, as wewll as signing up to breachalarm and haveIbeenpned help quite a bit,

been hacked numerous times, got the warning in time and changed the passwords to prevent anything being hacked.
but yes, authy and breachalarm have been good to me,

do have an interesting question for you guys,
is it possible to import all my saved logins from firefox password manager into lastpass or dashlane?

as that would sure help instead of creating everything from scratch.
 
Bryn said:
Just go to YubiKey's website and find the documentation for your particular device. I have to assume it's explained adequately.

I have a YubiKey 4 coming in the mail thanks to subscribing recently to a year of WIRED for $10. It's a pretty good quality site, but I did it for the key. How they make money giving me digital access, a monthly print edition delivered to my door and a YubiKey 4 for $40 ($30 annual delivery fee for international customers) is a mystery.
Click to expand...

Thanks. Maybe I'll buy two and send it to a US forwarding address. Don't want SAPO to take it.
 
Classic case of using the same password on everything.

2FA on your Google Account was a good start. Now start using Google Passwords to generate random passwords for each and every one of your online accounts instead of manual (and the same) password you are currently using.

You can look them up on passwords.google.com when you need to and that page itself will be protected by your 2FA.

Go make sure none of the compromised accounts had API access enabled.

***

Also change your username....because it's inaccurate. :)
 
biometrics said:
Hope you didn't click on any links ... ;)
Click to expand...
What actually happened to the op, even clicking on a link that may install malware isn't going to instantly expose account details for online accounts?

If the op followed a link and typed in log in info on a phishing site that's different but that didn't happen?
 
Bryn said:
I have a YubiKey 4 coming in the mail thanks to subscribing recently to a year of WIRED for $10. It's a pretty good quality site, but I did it for the key.
Click to expand...

Thanks. Post of the day!

That's a sweet deal. Just subscribed as well. Even If I dont read the magazine its a Yubikey fort $10! Been wanting to get one for a while.
 
Last edited:
Why didn't you have 2FA on gmail and all of the other exchanges on as a default? Why do people still ignore it? especially considering the obvious crypto in those wallets? Would you leave your online banking open like that too? ignoring their constant pleas and harassment to enable 2FA?
 
You must log in or register to reply here.
Back
Top
Sign up to the MyBroadband newsletter
X