$20,000 (7BTC) Stolen from Bittrex (captured live on video) Huge lesson learned

in #bitcoin5 years ago

If you're a trader and you have lost money I am sure you can understand how I feel.

Early this morning after talking with @brandon and @cordjackman on live chat, I logged into my Bittrex account at 2:32 am.

As soon as I open the wallets tab I saw my total was only 4.1 BTC when it should be approximately 11 BTC.

At first, i thought it must be an error or maybe something hadn't updated, but then I realized there were transactions just gone out that I didn't authorize.

The shock hit me and I almost went into an extreme panic mode which never happens.

The first thing I thought about was to record while this was happening to make sure if I needed it for evidence with Bittrex.

This has been such a huge shock I really thought with all my security (2fa, 30 character password) that this wouldn't happen.

What made this situation worse, was not the fact it got stolen but the fact I was in the account while they were doing it, and I was in a panic to try and stop them stealing the rest of the funds.

I have been working night and day to try and get ahead to give me son a better life. I do get a bit emotional in the video but understand that is because of what I have sacrificed to try and get ahead for my family.

I think if maybe the person/people involved new about the person behind the account they may not have stolen this. But then again I guess people that do this don't care they just want to steal people's money regardless of who they are.

I think sometimes these things happen to make us stronger and to be very well prepared to help prevent it happening again.

I know now I will never leave any large amounts on any exchange ever again. This lesson has been a very hard one and one I will never forget, but I will not give up and I will come back even stronger again.

This has now lit a fire under my ass and I will not let this beat me mentally.

I hope you watch the video and you can take something from it and it makes you aware of how dangerous holding any coins on any exchange can be.

Summary 32:25


Thats what i cant understand..and whats even stranger is how 2 of the amounts they withdraw were exactly the same 2.1990000 ...you can see here http://prntscr.com/fn3ugf it almost seemed like it was a bot doing it.

It probably was a bot. You have heard of ransomware - they operate by encrypting your profile and then demanding you pay bitcoins to clear it - these are malware infections, and you probably just suffered such a robbery... Bank robbers don't need guns anymore...

I run windows, but I am something of an IT expert, and I just basically don't run anything or visit sites that would have malware payloads. This is the real reason why you should be running adblockers, because, unfortunately, and a big fuck you to the advertising user-as-product business model who claim that there isn't a way to monetise digital content and services without advertising cough cough... Most such malwares arrive either in some crappy pirate software, or, more commonly now, injected into your web browser. It doesn't even have to escape the browser box to pull this off, though it has to hijack the pipe that connects each web page to the controlling application.

After such a horrible loss, I would suggest that you up your security and segregate either a computer, or an operating system, that is not used for general tasks or whatnot, just for money, and lock it down tight, strong password, and don't install anything more than the browser and cryptocoin wallets you need.

I am in the hole at the moment with poloniex to the tune of 1233 steem... I am kicking myself for using poloniex again, it's almost never been smooth or pleasant working with that site, and if I had just waited another 5 minutes for blocktrades.us to come back online, (and it did, directly afterwards), a little tiny bit more patience, I would not be in this situation...

I still want to go visit poloniex's offices and personally slap everyone who works there, and for good measure, I want the CEO's luxury car for my trouble.

Fucking criminals >_<

Excellent instruction, thanks! But:

After such a horrible loss, I would suggest that you up your security and segregate either a computer, or an operating system, that is not used for general tasks or whatnot, just for money, and lock it down tight, strong password, and don't install anything more than the browser and cryptocoin wallets you need.

But what if bittrex himself is infected??

And I think this 7BTC was stolen by bittrex, Not by malware bot.

The thing is, you need to have a lot more than adblockers, antiviruses and so on in order to beat the hackers... First of all common sense, which is hard to achieve. Secondly you need to know the way things can go wrong / malware can reach your computer or how phishing is able to mislead you. This knowledge is even harder to achieve... Funny things is, I'm an IT expert as well and Data Security specialist and even I have been hacked by a phishing website, which was a perfect https enabled secure certificate fake Ether Delta copy. So yes even the best most secure guys out there can be hacked in a matter of seconds when they make one tiny mistake.
I can guide you in a good direction by advising you to block http websites, check certificates, block plugins or other web services from running outside their virtual sandbox, disable flash player (for sure), keep your browser up to date... As you can see these ar all things you can change by simply setting up your browser correclty :)

mostly agree

What does Bittrex say? To get 2FA verified they would need to be on your phone

I havent heard back from them yet. I was using my Ipad mini.

Edit now i hear from hilarski that this video is actually fake.

Well he jumped the gun on that..he should have got his facts straight before he went around telling people that false information. He said that because apparently he checked with Bittrex and they didnt know anything at the time. But i had already sent the first email and they requested more info, i just hadnt had the time to actually submit the ticket at that stage because i was homeschooling my son. But if you check my latest post you can clearly see Bittrex has given me the info and it looks like it may have been my fault they were able to get my API keys.

can't you see your APIs in the previous video?

Apparently this was a Scam - See recent Steem Post

Take one second to actually think about this man's struggle, and take your own subjective apathy out of this. You may not understand the gravity of this theft, but Shayne is a friend of mine and lying, let alone lying about something like isn't even in his plane of thought. You are offending me and others who know this is truth, imagine losing half of the savings you've built up just to have it stolen. In a time where this guy can use some sympathy, you and some others only accost him. Maybe you just want upvotes and attention, but saying an innocent man is a liar (and in essence a thief) falls more on you than it does on him.

Thieves and charlatans can do far more than $20,000 damage to this platform.
Any time there's money involved, there are going to be liars.
If your friend is on the level, then ignore it or by all means defend the accusations with facts; but if we don't call attention to potential fraud when we see it, we'll be overrun in a heartbeat.
I realise it's a bitter pill, at a terrible time, but it's not personal.
My sympathies to your friend.

@cryptoiskey do you ever access Bittrex on your phone???? which 2FA do you have? Googles or SMS??? I'm studying this trying to figure out how they did it... You are right to assume its a Bot

No i only ever use my ipad mini Picture 2.jpg what makes me think it was a bot is the transactions being the same

@cryptoiskey..Before I get to excited.... 1. That notification at the beginning of your video... Is that the first notification you received about someone else logging into your account? If not could you give me the info on that notification? Or is that your notification of you logging in? I looked up the Ip and found a location in Cali but that might be you (see you from Cali) If its the 1st notification you got about the hack... then you have a trojan on a system and they have a backdoor on one of your computers in your house... i traced the IP shown in the video... thats why i ask

no that was me showing i logged in....the 4 withdraws had alredy been made before i logged in, so maybe Bittrex can track them somehow

damn it... :/ never got a notification for that login? the hackers login? hmm that makes it even weirder

perhaps the hacker deleted the email notification

Possibly it was email - so email was hacked.

@cryptoisky - thats what im thinking... with Google Authority.. Im thinking if someone got my google account they could get the same 2FA codes that I get if they downloaded the program... (I'm gonna do a test of it)

@cryptoisky Yes In Google Account Settings you can simply change you phone 2 factor Authentication to new phone..If you are not using same 2 factor authentication is not using to open Gmail Account (At least through SMS)

That is why I use different email service because 2FA is on Google authenticator.

kingscrown, I am counting on you to get to the bottom of this! You are one of the most esteemed members here.


apparently 2FA is not enough

I've seen it before, if they crack into your gmail account and know your online with bittrex its an open door for them. That's in spite your 2FA was sent to your gmail account as normally happens.

I'm not saying this is what happened but the API doesn't need Two Step verification once it is enabled. It also appears that Withdrawal Whitelist wasn't used and could have been an option to use during the video. I'm sorry to hear of the loss. Please reach out to me as I'm happy to help assist with your cyber security.

Did you enabled your API?, maybe the hacker got your API code.
or your PC infected by trojan virus?

Yeah my API was enabled i had it hooked into Coinigy, but that doesn't allow withdraws i don't think. PC is a very good security suite on it "Eset" that i have faith in and nothing has ever got through.

API part is interesting- check if it doesnt allow withdrawals

Wow, I am really, really sorry man. My heart goes out to you and your family. Upvoted. Coinigy does not allow deposits or withdrawals, they must be done directly through the exchange.

Rotten theives, this is immoral and absolutely ridiculous! I don't want to say anything which would keep you stressed out and worried but if you can't do anything then you can't!

If there was something like a decentralised insurance platform which covers us for our losses on exchanges like Bittrex or Poloniex then that would make life so much easier.

Yeah tbh it hurts me to know these people can do it to others. I wouldnt' want this nightmare to hit anyone else, its a horrible feeling. When things are handed to you it doesn't sting. But when you grind on the stone for every penny it makes it kick very hard. But we live and we learn and we have to keep positive.

When under the immense circumstances the one victim replies in this manner!

It truly motivates us all.

Keep striving, but I guess I don't have to tell you that!



I guess these things can happen to anyone. I must say though posting publicly about your crypto holdings makes you a target for these sorts of things.

Some journalist posted on twitter about how he bought a bunch of Btc or Eth only to have it stolen a few days later.

Always keep quiet about how much you have and store anything you're not willing to lose in a cold storage/paper wallet.

Yeah i was trying to be helpful, i guess even that bites you in the butt sometimes. Yeah its a hard lesson for sure.

I feel for you, I really do. I lost 0.15btc by sending it to the wrong address once, I was devastated and extremely annoyed at myself. But the fault was mine and I've always been slow and cautious when making transactions in the future.

I can't imagine losing 7Btc and all because of someone else's malicious act. That'd make me mad as hell.

Keep your head up, your posts on steemit are getting good traction and spike my interest throughout the day, hopefully they can earn you back a fraction of what was lost.

Wow that's rough. I'm sorry man.

That's why I always tell people to buy in exchanges and store on external wallets. I wrote a post about it just a couple days ago but not many people viewed it. I've told close friends about it but they don't budge. I guess it's because keeping it on exchanges is so much easier to do than depositing it into a whole separate wallet.

Hope you stick with it and get through it though.

Yeah the only reason i kept anything on the exchange is because i have been full time trading, so to move it back and forth would be a pain in the butt...but at the end of the day any pain in the butt is worth doing to protect your funds.

Ya I feel you on that. It is annoying going through different addresses, I admit I do that too sometimes if I know I'm going to be trading something soon. Either way hopefully Bittrex does something about it. Will be following you and expecting an update!

Hey Stephcurry, I'm new to the whole crypto thing and just learning for now. Thanks for the tip. So the thing is to buy in exchanges and store on an external wallet ? I'll remember that one. Thanks. Phil

Yup its essential because exchanges don't personally store the crypto you purchase unlike external wallets. I wrote a post on the Exodus Wallet which I personally use along with two others, you can read more there.

Do you mine sharing that post about storing cryptocurrencies on external wallets? I would like to read it.

Im sorry for your loss. This is just a a bump in the road and you will play a smarter game moving forward. I go by the saying, if you're flashing it, you must not want it. People dont need to know your cards. Best of luck brother!

I feel so uncomfortable and afraid that even we use 2FA and the hacker still can stole our BTC! As poloniex cannot cash out SBD not, what we earn in steemit is not under well production and no guarantee. We cannot cash out them into bittrex as they we stole by people!

What do you think will happen when India with more than a billion people wants a slice of the 16 million Bitcoins that have already been mined? You're right... The price is going to shoot through the moon!

Comment below if you would like to know how I capitalize on this and how I create wealth with using Bitcoins as my vehicle!

I don't much about programming and but it looks like your API key was somehow compromised. If someone gets your API key then it is possible they can program a bot to automatically do this. I don't think it is just Bittrex but can maybe happen on all exchanges as they also allow bot trading.

Wow i dint know they could actually withdraw..

Go to settings and under API key you can see whether you have an API key set. If you have set a API key then there a set of numbers should be seen otherwise no keys should be seen. This how I think your account has been compromised. I may be wrong. Will be good to know if you have or not have have a API key and whether you set this key yourself.

I really sorry mr. I just like to say, with my respect sir, that maybe for a computer that manage bitcoin is better to use a linux version instead of windows. best regards from here sir.

You are probably right.

After reading this blog I am going to download the Linux Tails distro. It is the most private and secure of all Linux distros. You do not load it onto your computer. It runs off of a USB stick, therefore, it is ROM so a hacker can't make any changes to it. When I want to make transactions I will run my computer off of the USB stick.


Thanks for the info i will check it out.

Hi @catto000 I am new here with 35 posts (comments) but you are my very first follow. Why is linux better than mac or windows for managing crypto?

well.. i don't know about mac... but more secure than win is an old fact...

Agreed ... Linux is a must to even have a semblance of net security.
Windows is nothing but bloated control/spyware.

Scary.. Where is it safest to store bitcoin/ETH or any cryptocurrency?

I think the only real safe place is offline on paper.

offline. Move it to some wallet that you have ownership over and rarely access. Once you create the wallet and move your funds across don't touch it any more.

Keep backups in multiple physical locations in case of a barbarian raid on your village

Hardware wallet, I use a Trevor.

WOW, in$ane amount to get robbed ;/

I feel for you man and I'm definitely going to share this with everyone I ever know in the crypto game. Keep your head up pal! You'll get through this and soar higher than ever!

Does bittrex does not send the withdrawal confirmation link to your mail after that the withdrawal is completed like poloniex does?

No i only get emails when i login. Maybe there is a way to receive emails for that but i havent seen it.

With poloneix it is must but with bittrex I do not know.

Dang, sorry to hear.. this is something I need to be smarter about as well. I guess exchanges are not as secure I thought they were

Definitely not.

That is not a good sign in crypto world !

No it's not, but i have heard this happen to many people. I think the biggest lesson i have learnt here is to keep as much as possible off the exchanges.

It's just like banks getting hacked... there will always be thieves...

Really sorry this happened to you; you have my sympathies. Regarding on getting to the bottom of how this happened, I would start by considering all the possible attack vectors and narrowing down the surface.

Here are some of my thoughts on the situation:

  • Where are all the places and devices that could get access into your bittrex account? Could one of them be compromised with malware or trojan?
  • Open up your process manager(ctrl-shift-esc) and see if there's any suspicious process running. This isn't a foolproof way to check if you're compromised(eg. if you're infected with a rootkit, it likely be hidden from the OS itself) but it's some place to start.
  • You mentioned that the account is shared with a partner. Does he have access to the account as well? Could one of the devices he's using be compromised?
  • You mentioned that the bittrex logs didn't show the perpetrator logging in and it could be a bot doing it. Did you check the API Keys list? Did you ever create any api keys before that you can recall? Keep in mind resetting the 2FA deletes all keys there so it probably won't show up now.
  • The email notification on login has a "disable your account" link which will basically freeze your account which will stop any further withdrawals. This could act as a "oh shit" panic button.
  • You'll have to redo the 2FA again since your video exposed the new 2FA QR code for it.
  • Consider using the whitelist withdrawal feature and have it locked to a cold store address you control.
  • Consider using the IP whitelist.

Do keep us updated on how this turns out. Good luck.

Thanks for the reply. Only access is my pc. Checked processes and nothing fishy. My partner is only finacially invested and had no access to the account. I had a few sets of API keys but i was sure i deleted any that i used for video tutorials etc. But as far as i know they couldnt actually withdraw from that, i might be wrong. The account is now using new keys and is empty. Yeah i looked at that ip whitelist after getting advice from my partner about it....and i will post any updates for sure.

sorry to hear this happen to you. As a cyber security person I can tell you that 2FA does make hacking an account harder but not IMPOSSIBLE... I'm sure Bittrex is a stable enough Exchange that they will help you out.... Be careful what you click on on your computer and your phone....

how to prevent this ? Can you write a post with some tips?

I will be looking at every angle to try and put a solid game plan together from now on. I am not the best one to post about how to prevent this considering it has just happened. But give me a few days and i will be a walking vault.

They target a man who wants to help others trade and make better for themselves, it hurts to see this happen to you. Can't imagine the heartache, rest well my friend you'll be stronger tomorrow.

Thanks my man :)

Sad. Sorry. I'm still new to blogging, and only two months ago I registered for Bittrex. Afraid to leave there bitcoins. Probably will get myself a external wallet

Wow, I'm currently scared of putting $100 on Bittrex and you got $20K stolen....

I hope somehow you recover your BTC...

Iam scared to now. I have taken everything off until i create a better system

Unbelievable. Really sorry to hear that. Have you looked into cold storage? I own a TREZOR and it's super simple to use. Even if you only have 1 BTC it pays for itself in peace of mind.

Good luck!

I am looking right now at the best hardware option. It is something i should have done along time ago.

I downloaded some to a wallet and then put it on a usb stick and put in the safe

This is absolutely absurd and pure evil. I don't understand how these type of thieves skeepsleep at night. Don't worry, I believe you can bounce back from this my friend. ;)

I just don't understand how people can be like this. It is very sad to see people this way.

exactly, I believe as a part of the human race we should all be helping each other :) some people are just too selfish and have no morals which is sad but don't worry karma comes right around :)

expect some good karma to come your way, what your doing is great and letting people know and telling your story can save a lot of people form having the situation you have, the universe will bless and reward you well :)


Sorry to hear that man. Let me ask you, when you sign in into your bittrex account, do you use incognito mode? Not saying it would have helped but apparently it's a good idea to use an incognito tab. If I'm not trading on a daily basis I just store my cryptos on my ledger nano s. If you have a large amount of bitcoin, ethereum or litecoin the safest bet is to just store them in a hardware wallet. Again, sorry for your loss...

no i dont but thats something i will be doing from now one for sure. I think thats the only safe way is to keep any significant amounts offline for sure.

How did this happen? Did you leave your browser open and logged in?

No thats what i cant understand. There was also no email notification of any other logins. I really am stumped how they did this.

OH WOW i do feel sorry for your loss


It's too bad, there should be some mechanism to secure our asset to exchanges. how anyone can stolen the bitcoin from the world renounce exchanges as easily?

I actually think having a daily withdraw limit is also very important. I didnt think when i did all the levels of identification check that it was 25k per day limit.

Have you contacted any person's of bittrex ? what are they saying about this matter? It should be big issued around the crypto-world...

oh thats really bad i hate scammers bro enabled 2fa then your account will be safe

my advice:
Change all your passwords (obviously)
Reformat your computer to factor settings (you could have a backdoor on your computer...
Do the same for your phone
Don't auto save passwords EVER ....
When not using your computer turn it off.. Especially when you are asleep.. pending where are.. alot of hacks happen at night when your sleep because of over seas Hackers (i'm in america)

Thanks for the advice i appreciate it.

@seymourbucks what do you think about cold storage? putting btc on a usb memory stick - is it okay? or better to go with trezor. Also wha do you think about password managers? They kinda freak me out

Never store Your everything in 1 spot is the key... Even if a hacker gets to one thing, it doesnt give them the keys to the kingdom.. Password managers are horrible... Just Like the Autosave feature for credit cards.. passwords usernames... People usually choose Convenience over security... If something will save them time.. they just go with it... That is what hackers love.. Put all the keys in one dish (program / area).. Set all your accounts to the same information.. And they already won.

Thanks Seymourbucks - you have a bright future -can certainly help a lot of people. I took a intro to cyber security class two years back. I would like to get into some type of programming but keeping people safe - well thats just an honorable profession

its a very fun career field... my wife hates all the things I show her I can do (calls it scary)... but its like hiring a bank robber to rob a bank but instead he tells them how he did it and how to prevent it..

awesome. now I hate my job even more....

I was hacked once for $1K for a plane ticket to Norway... Since then I dont trust anything on the internet.. and the second i think I clicked something shady I reformat my computer

even that - reformatting pc to avoid hacks- seems like it could be a big money post - the majority of people rarely do that stuff so really don''t have a clue where to start. AND there is opportunity on Steemit with the recent class of 44k newbs like me . Hey Seymour -are you into ICOS?

Well I think a Trezor is pretty secure!

I have a few that I keep on USB myself but with that you could always lose the USB.. You cant keep the password on the USB (thats like handing keys over to somebody) so if you lose that you are screwed.. I haven't tried a Trezor so I cant really speak on that.... ...

Get some USB's put your bitcoin away on them with some cold storage wallets.. ... Put your password in multiple places PHYSICALLY.. Hackers aren't going to break into your house steal a piece of paper and then go hack your account...

As for the 2FA... that one is tricky and takes some social engineering.. I'll look into some hacker forums.. if there is a program that can copy Google Authority or SMS 2FA.. they will say it...

sounds smart - I bought a little fire and water proof safe around 50$ to keep stuff in - but yes I agree paper is smart.

also you always need to investigate for an inside job - someone at work who snooped your workstation -etc

I work from home, only me and my son, so i know i can eliminate that part.

I dont know if youve blogged on it, but there are a lot of people that are looking for ways they can work from home - would probably be some big money blogs, I would be all over blogs that could help me get free from the ultra oppressive depressive repressive empoymentslavery control pyramid

What a hardcore loss...

@cryptoiskey I am really sorry to hear your unfortunate story i can understand your feeling a similar thing happened to me 6 months ago. I know that can be hard but try to be positive and learn a lesson from it.

To all the guys stating that 2FA can't be breached...
This is not true at all!
There have been many cases were people could easily hack your 2FA by misleading your provider (social engineering). Or if it's Google's 2FA hacking into your Google account could also suffice. Or someone getting his hands on an old phone you threw away...

maybe the hacker got your API code.
did you PC get infected with an trojan virus or something?

We should all be careful about exchanges especially regarding crytocurrency exchanges. If this happens to you in a traditional exchange like Forex, the banks would take your money back for you.

Crypto transactions cannot be canceled so these criminals exploit this by targeting crypto currency wallet and exchanges. We should all learn from this and make sure we use hardware or paper wallet to store cryptos.

Agree 100%

Sorry to hear this... but thanks for sharing. I gave you an upvote... hope it helps!

I feel so sad for you :/ Hope you get over it.

We can only get stronger

Im crying - because its is so evil -this world - you are right bro u will beat this and what was taken will be restored with interest

Pure evil.

Thank you very much for your testimony. I am convinced that thieves will arrive on steemit (using virus / spyware). There's a lot to be gained, accounts will jump. I will follow you to find out more about this case

After this nothing will surprise me about what they are capable of. I really thought i had the account locked down.

Wow that is horrible! I hope you can somehow get it back, or with goodluck earn a lot more

Unfortunately its gone. But not forgotten

I am so sorry to hear this @cryptoiskey. The community (the exchanges, the crypto-enthussiasts and programmers) should take a solid stand against such acts of cruelty

I really want to know how they bypassed the login notification email. Stuff like this makes me paranoid about any 2fa account, maybe it is a flawed system that is over hyped.

I really wish i new. They must have also somehow bypassed the login aswell, because i recieved no notification of any login attempt.

This just breaks my heart! Oooh my I am so sorry, so sorry that you have to go through this :'( :'( You do NOT deserve this @cryptoiskey. :'( :'(

They stole more money from you than I ever had. Sorry that it happened but thank you for sharing the video. Have you figured out what happened? You said you used a 30 digit password and 2 way auth? How is that even possible?

When you got emotional in the second part of the video it really touched me. Now I have to wipe away a tear myself. Must be tough particularly when you work so hard to be where are. Stay positive, you will make this money back, I am sure.

What Slack channel are you in?

You are being followed by a coin puppet!

Please follow it back ;)

I wish i new how they did it so i could prevent it from happening again. I honestly believed my account was strong. I took all the right steps. The only other thing i maybe should have done is whitelisted the ip. Yeah the emotional side was because of the sacrifice i have made to get where i was. Missing weekends with spending time with my son to try and provide a better life for him.

I know nothing about your situation but I hope you can recover from it and look back one day with a smile on your face because you learned a valuable lesson in that.

This is really heartbreaking and scary. Is there any recourse to get the coins back? I'm thinking no....but this is a big problem. The first thought that pops into my head is what about deposit insurance or regulation? Wait! That's exactly what the crypto world is trying to avoid. I guess it just goes to show Bitcoin may be the perfect coin, but these exchanges have a long way to go with security and handling high volumes.