By: admin Posted on

Hey everyone, and thanks in advance for any insight here.

On Monday night I get a text from Coinbase that my password was changed and to call an 888 number to lock my account. I swiftly did, successfully locking my account. I go to my email to find that my emails are being forwarded to a foreign address (with btc in email address.) I removed the forwarding of my mail to the hacker and change my email and coinbase password using 2FA to SMS. I unfortunately did not realize the hacker had another fwding rule, to fwd emails from coinbase.

While the account is locked it couldn’t fetch my portfolio balance, but I could see my sats were still there.

On Wednesday night my account was unfrozen from coinbase. I received 4 emails

7:50pm – Coinbase account restored

9:30pm – Password change request

9:32 – Password change successful

9:45 – New device authorization

9:50 – Account recovery submitted

9:50 – Account recovery approved

I didn’t see any of this until the morning (he was able to achieve this, to my knowledge, because of the missed fwding rule. Anyway when I woke up I found the rule, removed it, updated my coinbase account but my authenticator number was changed to the hackers number.

I called my phone provider who ensured me there was no SIM changes. I am running my computer on a new hard drive as I just fixed it up. I bought and ran malewarebytes and there was nothing from the scan. I cant be sure my phone is not compromised, but have since changed all my passwords again from my laptop, including other email addresses.

How was the hacker able to so quickly change my authenticator and go through the account recovery, immediately after a freeze on my account. I’ve read on other threads that coinbase has a few day grace period before any withdrawls can take place, which has me slightly hopeful. I don’t believe the hacker has access to my emails any more, and hopefully not coinbase because I feel I was able to secure the coinbase password. Is this grace period true? My ticket to coinbase says 4-5 business days and haven’t heard much at all from them.

Any advice helps. I know, its my fault for having it on the exchange and not having a security key…

Thanks.

submitted by /u/seashantyjew
[link] [comments]

Categories: Crypto Currency