It has been a very rough 24 hours. No sleep and the not knowing how this happened has been driving me up the wall.
I want you all to know I appreciate the support you have all been awesome. Love Steemit
I have been on a mission
I have been in the Coinigy slack to ask for advice etc. Willaim was kind enough to help and mentioned that Bittrex should be able to see if they made the withdraws using the API or the UI.
Another factor is the withdraws were already made before I logged in at 2:32 am so I am sure they should be able to see where and what IP was used for this.
I am not expecting to get the funds back, but I really want to know how I was compromised. If it was a mistake I made then I want to know so I can fix it. if nothing else comes out of this maybe it will help people not make any of the potential mistakes I made if I did.
I want to thank everyone for the messages and kind words, you all on steemit rock and I am so happy I am still here and part of the community.
I also want to thank Jona Derks (Partner in the account) who has been awesome through all this and helped me tough it out and help make sure the other 4btc wasn't taken.
I will keep everyone updated on whats going on and hopefully, I can find out exactly what happened.
UPDATE: We now know how it was executed.
I am being 100% transparent here so I want you to see what I see so it makes it better for all of us. It is quite possible it was a mistake made on my part and I am willing to take the blame.
Bittrex has just got back to me after I submitted all the details they needed to investigate. Thanks to Niri and the fast response
Here is my submitted ticket to them and all their responses:
REQUEST #98214 WITHDRAWS NOT AUTHORIZED
Shayne Rivas-Shiells Today at 22:48
Early this morning between the hours of 1 am and 3 am my account was compromised and I lost 5.397 BTC and 1899 PIVX. I was fortunate enough to log in at 2:32 am and stop them from stealing the rest of the funds. I also have captured this on video so I can show you what was happening. It was the hardest thing I have ever had to go through. I worked hard every day and made sacrifices for my family to try and provide a better life.
here is a link to the video
Here are the transactions in question:
Address: 1AjLk3BDEkFtv3nVYeKokPZAtq9YAs3JYa
TxId: 94a71d358f412eed3da37e84b02a0a631b2f927cb5beb79094f254b83ba2fcae
Address: 1AjLk3BDEkFtv3nVYeKokPZAtq9YAs3JYa
TxId: c25dd79f093dbf5c1fe4104624172f45d17a9824d85d778ece1c002b5dd82f05
Address: 1LX2idYnKAAXFA683xvcRu7wsgGePKszWb
TxId: 7bc54259eb529af48a518870041c3d6235f41f04d3e50114e8db693eb31644ef
Address: DBv2NRC3u9xH2uWjLKfVEzKN8rPPjWpwsL
TxId: cb3f82abb71054d5e6bec112d9865ae21b0aa0707660e8463756f6499a996182
Also maybe you can track them by the times they were using the account. I logged in at 2:32 am and the 4 transactions had already been made, I was fortunate enough to quickly cancel an XEM withdraw they were attempting. They were in the account the same time as I was as you can see in the video. I also have the full-length 2-hour video I captured through all the drama, but didn't obviously upload the full video to youtube. I can provide that if you need it ill attach a screenshot. Also, Willaim from Coinigy mentioned you maybe able to see if they used the API or UI to make the 4 transactions. http://prntscr.com/fn51tz Anything you need to assist you I am here, I haven't slept since this happened so I I am here if you need me...thanks...Shayne.
BITTREX RESPONCE
Niri Yesterday at 23:19
Hi Shayne,
I had a chance to watch your video. It was really tough to see your account get drained like that. It's obvious from your story that you've worked hard on building up your account. Bittrex takes the security of your account very seriously, offering Two-Factor verification, login notifications with Account Disable link and IP Whitelisting to prevent unauthorized access.
Checking your account history we can see however that these sales are happening through API calls.
Time Stamp
Address
User Agent
Activity
06/22/17 09:55:37
78.129.186.234
WITHDRAWAL_APIV1_SUCCESS
06/22/17 09:45:17
78.129.186.234
WITHDRAWAL_APIV1_SUCCESS
06/22/17 09:11:57
78.129.186.234
WITHDRAWAL_APIV1_SUCCESS
06/22/17 09:07:06
78.129.186.234
WITHDRAWAL_APIV1_SUCCESS
06/22/17 08:58:33
78.129.186.234
WITHDRAWAL_APIV1_SUCCESS
06/22/17 08:32:42
78.129.186.234
WITHDRAWAL_APIV1_SUCCESS
The IP address appears to originate from London, UK.
Is it possible your API key was compromised?
Thank you,
Niri @ Bittrex
Follow us on Twitter @ https://twitter.com/BittrexExchange
Shayne Shiells Yesterday at 23:27
Heya, thanks for the speedy reply
It maybe possible I made many video tutorials showing Bittrex and Coinigy using the keys, but I was positive I always deleted any keys that I used in the videos. Is it possible to know what keys were used in the calls?
Niri Yesterday at 23:50
Hi Shayne,
Thanks for updating the ticket.
For security reasons we do not store and display the API keys, you are using to our Support agents.
I would recommend revoking and removing your API keys considering what you have been through today. You have taken great measures protecting your account but unfortunately one of your API keys got in the wrong hands. Hackers write bot programs around API keys and can quickly drain an account of all coin.
Thank you,
Niri @ Bittrex
Follow us on Twitter @ https://twitter.com/BittrexExchange
So it seems somehow my API keys were stolen. Now, this could have quite possibly been my fault as I have used API keys in video tutorials before and may have somehow deleted the wrong ones and not double checked before I uploaded the video. You can see in this particular video below. I take full responsibility for my actions if this is the case.
time: 3:10
If you read the Bittrex first response from Niri you can see they found the transactions and they were in fact executed through the API and it was from an IP Address in the UK.
I have always tried to be as careful as possible when it comes to security but no one is perfect and this has been a valuable lesson to me.
And Finally
Thanks to everyone that supported me and knows me as a person inside and outside of steemit and knows I would never create something fake or deceive anyone like some people have stated in various places. I am here to help people and have been doing so all my life.
Thanks to @bittrex for responding so fast and letting me know how they took the funds, I am glad I at least know now the mistakes that were made.
Peace everyone!
Dude, I am so freakin sorry to hear that. It just makes me sick to my stomach. I'm glad to hear they didn't get everything at least, a small crumb of comfort I know. I'm so sorry.
Thanks man...TBH ive been thinking about it alot today and iam really lucky that i decided to go into the account at that moment, i think i should be counting my lucky stars i came out with anything. When the bot was working my sales it was incredibly fast, so i think maybe another 30-40 minutes and the account would have been empty.
I'm so sorry man, you are so lucky to have caught it when you did.
im sorry to hear this! I am new to steemit and can't even imagine how you felt! Thanks to dexter-k I read about your story. I hope you manage to redeem your hard earned cash soon.
This sucks that it happened. If anyone ever finds themselves in a situation like this, go to your email and click on the disable account link in the login mail you received. There is no reason to sit around and try to out think/out speed the attacker. Disable the account, cut a support ticket, and we'll work with you to get it sorted out.
Good advice.
thanks for advise
But he said in the video he got no e-mail for other logins... where can you do that in that case?
In other old login e-mails is the same link to can lock it down (from what i see is a different link every time)?
Why isn't a way from the account to cancel all current transactions and lock account?
Anyway, to have locked account and don't know what is happening there is still bad, in a way. It could be ok to have at least a just viewer to your account to be able to see what's happening.
Eh... hope it's not happening again.
Watch what you share.
Sure you would sort it out, except returning his 20k loss - because your poor security ! Oh but it was his fault - I hear you say,
sure Richie, maybe one day it will happen to you!
Oh man, fuck those people really. Since the Hardfork 19 from Steemit you can earn a lot more with your posts. Just keep posting everyday and you will be back in no time. Steem community will support you with 100% votes :)
Yeah people that do this sort of thing to others are the bottom of the barrel, scum of the earth in my eyes. And if they get caught they should get punished hard.
Yes. But life not always do that.
That's why we must realize that not everybody is our friend or want us good.
So, better not showing personal or sensitive things in public. Is the best option to secure a little bit our life.
Life in a way or another will punish everybody, but not when we think it does... So, we must go on and some support from our beloved is welcomed to strengthen us.
Cheers man and best wishes
Sorry about your losses, and thanks for sharing your story so others can learn from it.
I'm so sorry this happened to you.
As far as I understand, you can create API Keys that are good for trading only, but revoque the right to withdraws any fund from your bittrex account. Can this kind of keys still be used to steal your coins?
You are correct, you can simply leave the 'withdraw' function disabled, and then there is noway for a hacker to gain access to your funds. That coupled with whitelisting your ip and whitelisting withdraw addresses is the way to maximize your security....i have just learnt all this actually, made a video about it. https://steemit.com/bitcoin/@cryptoiskey/bittrex-how-to-make-sure-your-bittrex-account-is-secured-as-much-as-possible
I saw now about white list. But they say if you have for one, you should have then for all of them:
I don't believe will retrieve other than main 4-5 coins in personal wallets. The rest, only through conversion in market.
But, that is what they say there.
I have whitelist addresses for all my coins.
This really sucks man!
I hope you make all your money back x 10. best of luck in the future!
Sorry to hear this man, i had a small amount hacked nothing along these lines. this is one iss that has to be fixed before crypto can hit the masses
To be honest it was my fault. I should have not enabled the 'withdraw' function in the API and should have been alot more careful when making video tutorials and using the API keys. So it has been a huge lesson.
Congratulations @cryptoiskey! You have completed some achievement on Steemit and have been rewarded with new badge(s) :
Click on any badge to view your own Board of Honnor on SteemitBoard.
For more information about SteemitBoard, click here
If you no longer want to receive notifications, reply to this comment with the word
STOPBy upvoting this notification, you can help all Steemit users. Learn how here!
Not the ideal timing for this post from @steemitboard. I think @cryptoiskey has bigger issues to think about, I can only assume that a badge isn't high on his priority list right now.
Good news is sometimes welcome, even in worst situations.
And if @cryptoiskey has other priorities (wich is perfectly understandable), he can simply ignore this notification.
This post received a 1.0% upvote from @randowhale thanks to @dexter-k! For more information, click here!
Hi my friend in steam please follow and vote me yes at @ herman2141 okey
Damn...sorry to hear about this. At least we know HOW it actually happened though. Upvoting & ReSteemed for ya.
Iam glad i do to...ty
wow ... thats... wow... that sucks rly rly hard!! :-O !! withdrawal whitelist may help you in future
Oh my god 5.397 BTC.
So is there no way to recuperate the coins?
No my API keys were stolen so it is my fault i think. I should have been more careful
Well that really sucks, Bitrex should make 2-factor authentication the default.
@fechaugger, this is not a problem with 2-factor, but the author leaving the withdraw option enabled on his API as well as disclosing those keys on a video.
@cryptoiskey, the PIVX slack guys are setting up a tip jar for you, I hope many people will donate to help you recover a small share of your loss, I've just made a small donation.
Please do you best to sharpen your technical understanding of what API can do, only enable what is needed (not withdraw) and never release private information in the future!
Wishing you the best so your trades will recover your loss as soon as possible.
I had heard about this story last night
The key APIs are very dangerous. I think I gave a few of them I'd have to reset some stuff.
I have reset everything and iam going to double check everything i do even more than i use to from now on. I will not make that same mistake ever again.
Thanks for being so transparent about this. Anyhow, it made me rethink the concept of a brain wallet. I think I will write a post about that soon.
Good idea.
Omg so sad. But this is how thenwhole.l crypto world a simple
Mistake all ur funds are gone . There is no insurance protection like the banks
I just hope people take note and do what i did, i wouldnt wish this apon my biggest enemy.
In case of banking i keep a separate accont with right amount every month to do transactikn. My bigger account donot even have online transaction access and no debit card
So sorry to hear about your ordeal @cryptoiskey. Hope you'll make up for this loss soon through your other crypto investments.
Huge lesson learned i can tell you that much. It has set me back a bit, but i am so young in this space that if you want to succeed you can. Iam more mentally tierd than anything, it drains you like crazy..anyway today is a new day.
Shayne, you have revealed yourself to be an honest decent human being and the way you have transparently shared your experience makes it of great value to others. It's tough being a victim of such a crime when you know you'd never perpetrate such a dastardly deed yourself. May good fortune shine on you going forward.
(btw is that a fellow Kiwi accent I detect?)
Really sorry to hear. By trying to help others you made a mistake and lost so much. I know it must drive you crazy. I pray that your other coins go to the moon. Thanks for sharing and helping us to stay aware and not make similar mistake.
Thanks for the message I appreciate it.
Thanks for sharing your sad story ! i know you worked hard for it, saw you always in slacks and chats ... as minimum my advice is to NOT tick the "withdraw permission" at the API key settings (in Bittrex ) - good luck WildVest
Yes thats the key right there...leave the withdraw off, thats the one mistake that cost me i think.
I hope your post goes viral, we can al learn of it and you get some satisfaction, and hopefully you get some $ back..
I just hope it makes people more aware.
Dude, relly sorry to hear that. Thats really heart breaking to see your hard earned BTC being stolen. I lost just 0.06 had couldn't sleep for two days. Here you lost 5 BTC!!!God. Don't worry let us make it up with Steem!!! Hail Steem!!! Heres a upvote, follow and resteem for you :)
Thanks for the message. Sorry to hear that i feel for ya aswell. Any amount big or small hurts when it is earned and then lost.
Could be you did nothing wrong and someone accessed your screen through a remote access tool (or rat). They could have recorded you and got your key that way. Do you keep a text file or screenshot of your keys on your PC? Have you run a virus scan? Maybe you logged in using Tor or VPN?
I dont use tor or a vpn but the screenshot part i might be guilty of with a few things.. But i dont think i took any screenshots of the actual API keys. I have run a scan. Actually ran it twice today to be certain.
Some rats are hard for anti-virus tools to detect because of the ports used. I would reformat your HD and re-install your OS just to be sure they are not using this method. Anyway, it sucks what they did to you. Some people are shit humans.
I was thinking about reformatting today...I think it might be a good idea incase. Thanks for the advice.
I would reformat everything, even smartphone/ipad, and change some passwords. Once somebody from the US hacked into my paypal and started withdrawing everything. Those fuckers...
I love your attitude, and I pray blessings for you and your family!
Thanks i appreciate that :)
thank you for sharing
I have zero clue how I made it through Trig, or even Algebra - let alone Pre-calculus in high school, Chemistry with the mols (what is a mol again?!) - but this crypto business is off-the-charts insanity and much too stressful to get any sort of a handle on, even for this brainiac~whiz~bang ! More power to you my good friend - STEEM On !
(
I'm amazed you got to the bottom of this, what a day it must've been...
I wonder how many other people these guys have stolen from.
Definitely suggest using an offline wallet for storage of anything you don't want to lose or day trade
It was tough..but there might be some light at the end of the tunnel...we are in hot pursuit of the thief.
meep
Well least we know now... thats crazy...... Here is the LAT Long of the Source.
yeah but that could be a VPN and the server host, it's very very rare to have the LAT source to the actual person. it's normally the ISP where you connect too so looksups like that can only do so much. it's something i guess.
scares the shit out of me am now following and upvoting i hope that helps
Good that will mean you take more precautions like i should have :)
it is a terrible thing that people are like vultures trying to steal all the time
Yeah its sad mate..really sad.
time to invest in hardware wallets man too, sorry this happened to you, i use screenflow to record the screen and use the blur too to blur out an area on the screen before pushing your videos live. i hope you get some kind of resolution on all of this!
I feel for you mate :( But don't be discouraged, just concentrate and you will make it all back and more!
Iam good today, managed to get some awesome sleep, and today is a new day ...full power ahead.
Sad to hear about this!
resteemed!
Following!
Ty :)
Bro I feel for you but this is a learning experience! It won't happen again. We all got to be careful. Watch them API keys bros!
Yup the one mistake was enabling 'withdraw' in the API...will never happen again that is 100% for sure.
My post Polo vs bittrex:
https://steemit.com/steemit/@miketr/how-to-make-in-5-minutes-more-then-20-profit-if-you-hold-sbd-on-poloniex
You got to love Bittrex! Now we know why they are the best exchange! All exchanges should run or be like bittrex! Customer Service is key!
A dont even kow what an API is yet.... I have a lot of learning to do. Passwords are no problem its just making sure they dont get lost!
This story made me take a 2nd look at all my security around my exchanges.
Biggest take away is that if you see something fishy going on just immediately disable the account from your email and open a support ticket to get it back open.
Not something I really wanted to hear my first day on Steemit. But knowing that you have gotten a great amount of support from the community really goes a long way. I hope everything comes your way like it should.
So sorry to hear you lost your funds to some f***cking people but karma is just around the corner for them who did you wrong. Continue to work hard for your family and believe that you will be rewarded greatly.
Hate to say it, but this is probably what you get for being too open about your crypto trading & personal life in public. Even in the update you reveal your full real name. You never know what bits of info are useful to an attacker.
Resteemit for others to see and learn from...
Thanks so much for sharing the full story with us here, @crytpoiskey.
It's really upsetting to see that there are people intentionally hurting others who try to contribute and share their knowledge, like you do.
So sorry that this happened to you, but also so grateful that you allowed us to learn from it together with you.
That was a tough video to watch. Very sorry this happened to you. Thanks for sharing the entire experience. Lessons learned like this are invaluable.
Figure out who had access to those api keys, and sic em.
I am on it :)
As burnsy once said.. "Excellent!"
Not good mate sorry to hear this. Hope you recover from this. thanks for posting all the info so the rest of us can benefit from the very unfortunate occurrence. Chin up mate you will recover from it, you look like a smart bloke and make it back.
cheers
THL
Thanks. Yeah i have not let it discourage me, it was a huge lesson learnt. I have set up another Bittrex account but with all security including ip whitelists and API without the withdraw function. Also only will be using small amounts at a time.
Mate i have been hoping you would reply.. Im not just saying that you look like you know what your doing mate i really meant it...I'm really new to steemit and I wanted to know a lot of thing especially how to get the money out and into my bank...I don't want to play the market or anything like that, I'm just a farmer and I need to fix my tractor. Would you be able to tell me how to do that? in the most basic way you could please...lol.. like im a retard..: o) i'm not really but you're a smart guy and i'm sure you know what I meen. I really gotta get my tractor fixed. i'm halfway through building a dam and the big girl is stuck i the field. can't move her because she's a big bugger and if break the 4x4 pulling her out i'm crap creek without a paddle.. I only have $488 in here but I only need $375 to get the steering box and i can fix it in the field.
Ok so there are a few ways to achieve this. I dont use a bank account anymore so my method is a bit different. It can depend on how fast you need funds aswell. You can go the route where you have a coinbase account and have your bank account connected, you can then sell your Steem Dollars for Bitcoin on an exchange then send that Bitcoin to Coinbase and then withdraw the Bitcoin from coinbase to your bank account. Or you could get yourself a Bitpay debit card or a Shift debit card and load the card with Bitcoin. Here is a tutorial i found from a while ago that shows the full process using an exchange Poloniex to convert your Steem Dollrs to Bitcoin then sending that to coinbase and finally to your bank account https://steemit.com/steemit/@illidans/how-to-cash-out-your-steemit-dollars-to-usd that may help. You can also connect a Paypal account to coinbase and withdraw the bitcoin to paypal but the fees are very heavy.
Mate you are bloody champion ! I get that no worries, so much simpler than what other people have been saying...Wow mate you just don't know the load you just took of my mind . I been tellen the wife this seemit is good stuff and because she hasn't seen the money...well you women i'm sure. Mate I really can't thank you enough... gona have good night sleep tonight I can tell you. : o)
I'm building a farm on 40 acres out in the Darling Downs in QLD and put me last dollars into it. I'm raising goats to start of with on account of the land isn't the best and water is a big problem, but it's taken me years to get the coin together to start this farm and it's all on hold because of the tractor. If I can ever do anything to help you just let me know. i'm guessing a fella like you is way up the food chain from a bloke like me but hey you never know there just might be that day I can return the favor. thanks again and I followed you cos im sure I can learn alot from a smart kind and generous bloke like you.
You just made some big brownie points for helping a bloke like me and never even hesitated to do so. Mate every time i look at my damn i'll be thinking of you.
I recon your gonna get that money back or if not you're gonna make twice as much.
Thanks again and I wish you and your family all the best and may you receive everything you ever wished for.
Cheers
Graham the farmer : o)
ps... brownie points are good karma if you're unfamiliar with the turn.
Awesome...I actually lived in Mildura for 13 years from 1999 to 2012. I had a Backpacker there and ran contracts on the Vineyards. Was a great life. And your welcome, if you need more help just hit me up :)
Will do brother will do...bloody hell I haven't been this happy since the wife first let me cop feel...lol
upvoted and following, unlucky man, it will come back one day soon in other ways, your partner is a chilled dude, maybee switch positions
Yeah he is very cool , he has been my inspiration and has helped me get where i am today, I owe most of my recent success to him.
I saw the post by @dexter-k, so came here to read, upvote, and resteem. So sorry for your loss. Thank you for sharing so others may learn from it. Good luck! It looks like you have a wonderful community of supporters around you.
Its an awesome community. Steemit always comes together in important times.
A frightening feeling when you are robbed of it .. I hope everything will recover to your luck! Resteemed, upvoted! Have a nice day :)
That's terrible - really sorry that has happened to you. Best of luck, I've upvoted to try help you
Thanks for sharing your experience and the video. I learnt a lot.