How to lose $8k worth of bitcoin in 15 minutes with Verizon and Coinbase.com
 

https://medium.com/@CodyBrown/how-to...m-ba75fb8d0bac

Looks like a hacker took reset a guy's verizon phone to another device. The hacker reset his password on coinbase and then transferred all the bitcoin/ethereum out.

Moral of this story? Use a hardware wallet.

hacked him in 2 days ??? hats off what a mad hacker

:1orglaugh:1orglaugh

Another method to lose more money

That has to suck.

yep, except this is a bad way to encourage mass adoption (just saying 'use a hardware wallet'). From what I read, it's pretty piss poor from verizon

That, in a nutshell is the problem with the adoption of digital currencies.

You have to K.I.S.S (keep it simple stupid!) Think if credit cards had this complexity -- credit cards succeed because of their perceived recourse.

There are definite advantages in blockchained currency. Finality of transaction, and when peer2peer: -0- cost (so long as all things go well).

Bitcoin needs to do a 1000:1 split. As far as 'mining' goes the same goal could just yield 1000 Bitcoin, Or, you could lower the goal to 'mine' 1 Bitcoin. < none of this makes any sense because Bitcoin is an illusion of wealth.

I only think of Bitcoin as a transactional currency and not a tangible or traded instrument with long-term liquidity. No currency should be so speculative -- that defeats the purpose of currency as a storage of value. Even Fiat Currencies are based on the issuers ability to honor them :2 cents:

his "hopes and dreams fund" yet he did not keep in his "vault"?

2 factor auth. with g auth.

fuck google's g auth, use DUO has coinbase built in along with a ton of others, just scan the code and done, get a SECURE one time 2 factor code to go along with normal log in.

I am mistaken, G authis good, I just with there was one that had all the logins for the stuff I use.........I had to actually IP restrict SMTP and IMAP email to my server with all this crap going on, can't get into the email even with the password unless you know the correct IP's. Same with Paxum. Combine this with the fact I ALWAYS use a VPN all day, speed is great. I think that should do it pretty well.

but with no txt auth, it cannot be transferred, not understanding how this could happen unless the hacker has the same phone number for the txt code and email code...

its called social engineering , he talked with Verizon customer support and told them its his phone number using the billing info he found inside the guy gmail .


i don't understand how you can claim a phone number without having a physical sim card since i did not used Verizon before ...

Read the link. Its clearly laid out how they got the phone ability.

Use a dice site, I saw some guy/gal lose 140BTC in two rolls... sheesh insanity, OP guy only lost 3 btc in 15 minutes.

Russian have been doing this for months now, they broke SS7 encryption on regular cell networks. It was a weak encryption that's been around for ages and now they figured out how to hack it and they can clone you're phone and number from the outside now. They were doing the same hack but with bank accounts I think 50 million last few months when they are able to get your number then break the SS7 then they can get the 2factor auth codes sent to SMS sent to them, that's why SMS 2 factor is no good anymore.

You know, there is no one to blame but one's self. It's not like this hasn't happened before and it will most certainly happen again. Shit happens, but if you are going to play in this sandbox, you better pay attention and educate yourself. Nobody gets a break in this world. Encouraging mass adoption means the adopters had better be smart. Some things just can't be dumbed down. If you don't read the instructions, it just takes longer to figure out.
No one says I left my bitcoin on top of my car a drove off. It's always about someone or something else that caused the problem. Well, the problem starts with the owner of the coin. And ends with the owner of the coin.

wow.....

here is more info

https://www.techworm.net/2016/06/how...-ss7-flaw.html

Yeah was gonna post it's been over a year, not a few months :1orglaugh that's why WhatsApp is such a joke, nothing private about it :stoned It's one big Honeypot that can clone all users phones and ....
It's all a cluster fuck

they hack mobile networks now easy, jez

You don't want mass adoption so your holdings rise in value drastically? The guy wasn't acting too bright (and admitted as much in his article), but that doesn't mean it isn't a problem for mass adoption.

Well he is now educated it just sucks that he had to learn all about it after. It could have been more so almost better sooner than later. Hackers just get away with so much right now one day it will be a hanging offence.

We have mass adoption. Who do you think is driving the market for Bitcoin? Take notice of India and China just for starters. Then there is Japan. And Russia just legitimized BTC. People rob banks because that's where the money is. Hackers gonna hack.

Wait... so he lost like... 6 BTC? Someone with that low of an amount, probably not super tech savvy anyways...

coinbase only support SMS 2FA? Ouch.

I like his suggestion of an forced cooling off period when an unknown device or IP logs in. Some exchanges allow you to tie your login to an IP, so anyone trying to log in from elsewhere immediately gets booted.

$8k is a lot!! Geez

Never thought about the porting aspect before. If someone can port your number (transfer YOUR number to THEIR phone) then they're effectively intercepting your SMSs, and can authenticate an action they perform.

The Australian government uses SMS 2FA to log into its "MyGov" service. If someone was able to gain access to the MyGov login credentials of the victim, and subsequently port the phone number over, they'd have control of their tax accounts, social security benefits, medicare, ......

keep the wallet on a USB drive

duh.

no if you download DUO which is good and widespread they have coinbase on there as well. Use them for coinbase.

Fair enough, we have different definitions of 'mass adoption' I guess :thumbsup

I know what you are saying, but BTC is not much different than gold, real estate, commodities, stocks and bonds or anything else similar. There will be mass adoption to a point. If one does not educate oneself in the above, they are just as capable of losing their investment to scammers as this individual. Everything is beginning to center around the smartphone and I mean everything. There is just one problem with that and that would be the smart phone itself. People can lose them, misplace them, they can have them stolen from them and on and on.
And that's the weakest link. If you are going to put your life on the phone you better chain it to your Prince Albert piercing ring for security. You will know where it is at all times.