Kucoin account hacked

On 8/25/2020 at approximately 5pm central time I logged into my Kucoin account to buy some Grin.

What I found was my 20,339 Grin were gone. Seemingly traded for ETH.

Somehow the hacker got passed my password, google authentication 2FA and my trading password.

I have contacted Kucoin support many times through official channels, twitter and telegram and they all say the same thing.

They say I was hacked, my funds are gone and there’s nothing they can do. They also claim I leaked info. I didn’t. No one has access to my phone except me. No one has access to my trading password as it’s unique to Kucoin and Kucoin only.

This is absolutely devastating- mostly the reaction I got from Kucoin.

So I’m asking for a few things:

1:) dont store your coins on kucoin. At this point, I wouldn’t recommend them at all.
2:) if anyone had contacts at Kucoin please let me know so I can hopefully escalate this to a manager or executive.

If anyone needs any sort of proof by all means ask. I got nothing to hide.

If anyone feels like donating to help me get back on my feet my grin address is

grin1atulja8436ull8hgekjsnf4hs0dfm5g064mgkeyzgf2tw2jjh3lqh79vl5

Or

http://5l47s5hvr2477hxizwsqtjvxqpnj3uip2v3iwzecijklokssxr7ka6qd.grinplusplus.com/

I would also be grateful for BTC or any other currency, I would convert them to grin and store in grin++.

I am JustAResearcher in discord and CaptainCrypto33 on twitter.

Edit: the most recent interaction with Kucoin for your amusement. https://imgur.com/a/jbGdsE7

3 Likes

This is most unfortunate. I’ve used KuCoin on multiple occasions for Grin trades, doing exactly as you have, for trading towards more Grin to grow my bag. I did find it awkward that this exchange had a regular wallet, then a trading wallet, which felt cumbersome. It’s a shame that they aren’t cooperating to at least provide you with everything they can on their back-end, such as IPs. You’d think they’d protect you with an insurance payout, I think that’s what Binance would do. Suspecting inside job here. I went through a similar strife when Nicehash was hacked and I lost .6 BTC from mining. I was ultimately refunded 82% over 2 years, but at the time, it felt devastating. Your personal scenario is multitudes in severity, and so I sincerely hope KuCoin comes through for you or that you recover another way and that this event doesn’t destroy your passion for Grin and crypto.

3 Likes

I feel your frustration and pain. Unfortunately there is not much we can do. This is the reason I never traded with my mined coins. I just don’t trust any of those exchanges.

1 Like

There’s no withdrawal history on your account?

2 Likes

The Reply of Kucoin to your complaint regarding your dissapeared coins is just gross. The funds have dissapeared on their accounts, thus this narrow-lipped reply to your complain is absolutely inaccaptable, even if it hypothetically was your fault (which is unlikely here since you used 2FA and additionally different passwords). You should get in touch with every Crypto-News-Site existing (you can find a good list on the App “Hodler” under “News Sources”) and get in touch with them so they cover this shady behaviour. Additionally you should threat to sue them for compensation. In such a case the only perspective for the exchange is bad publicity, losing customers and a lawsuit they will likely lose. Furthermore they could not just “sit out your complain”, a legal procedure works usually that way that if you don’t move and react, you lose automatically (at least its that way in the country im from).

4 Likes

Never trust online platforms. Historically biggest hacks and cypto “dissapear” or gapped (!!!) took place in online websites. Remember MTGox. Are you the only one who has access to your computer? If you keep history in your browser check if the past days login from a phishing website. Another possibility is someone has remote access to your mobile phone or hack you with sim swap method. Another possibility is keylogger if someone had physical access with your computer. Otherwise its an inside job but i never heard before something similar with kucoin. Be sure first your computer is safe and updated and you dont have other issues cause if your computer monitored you will have problem again and again. Be careful. Format your pc encrypt your ssd or hard disk use a safe distro and dont use online wallets everyday. If u have your wallets seeds no need to restore it. Just keep your grin or other crypto addresses in a usb stick. Ihope you are lucky and find what happened with ur grins! Check your withdraw or exchange history. You will find what really happened with ur grins
Be sure your are protected and sure for your computer and mobile security.

2 Likes

No withdrawal history for grin. Just .43 ETH withdrawn from the account.

Kucoin won’t tell me anything. Just that I was hacked and they are very sorry this happened. They are blaming me saying I either leaked information (false) or my iCloud was hacked (also false)

Can you please check your withdrawal history for every coin traded on the exchange?

Few things that came to mind I think you could still try.

Demand they provide an ip-list combined with all actions done on that account, also with timestamps etc.
Expain how the ledger is not showing were previous amount of coins went (bad accounting)
Request Apple for a sign on list to proof you are not hacked
They do not know you leaked info. A2fa hack, f.i. google 2fa requires either a full control on your phone with a keylogger or they man-in-the-middle attacked you. Try to proof that your 2-fa is not comprised.
If Kucoin did this. They did it before and will do it again. Find other users who experienced the same. Probably bitcoinforum / reddit is a good place to start with that.

Best of luck m8.

4 Likes

No other withdrawals I can see. Just the .43ETH. I should have about 28 ETH if all my grin was traded. It doesn’t make any sense and Kucoin isn’t helping at all!

Have a Reddit post - getting decent traction. If you guys could upvote id appreciate it.

4 Likes

Check your account activity , browser activity and login record in kucoin. “Last login time,Device and IP, mobile app”. Do you see an unknown ip address, or a different device u usually login from?

I also read a month ago about a coordinated Twitter Hack that target Coinbase, Kucoin, Binance, Gemini, and more. The message was “We have partnered with CryptoForHealth and are giving back 5,000 BTC to the community”

2 Likes

Yeah there’s a login from Canada that I don’t recognize.

Once in the account how could google authentication and trading password be bypassed?

My trading password is unique to Kucoin. No one, not even my wife knows that and it isn’t written down or emailed.

1 Like

If u use android let me inform you that since February the “cerberus malware” can steal your 2fa. Its a serious banking trojan.

Did you change your trading passwd last days? Or did you logged in from an untrusted link?

1 Like

Even if u leaked ur passwords (which is false) it should be in your withdrawal history as @Paouky says and this makes it clear that mistake is from Kucoin side.

1 Like

No to all. I use an iPhone that isn’t jail broken.

Most recent response from Kucoin.

Edit: they are in reverse order. The oldest is on bottom.

Actually the comments on his reddit post suggest another likely scenario where an attacker might use his coins to make super bad trades with other illiquid coins of their choosing, thus “stealing” his funds without withdrawing any of them.

But even then, his trading history should show that.

4 Likes

That means Kucoin knows what happened to me. It looks like my money was all wash traded away. The person used the GRIN/ETH pair to do hundreds or low value trades since they probably wouldn’t withdraw anything.

Again, this feels like an inside job at Kucoin. Please don’t keep any funds there.

1 Like

This is a very serious incident. If you really find evidence of such a claim proceed legally. Personally, however, I give you a friendly piece of advice. Avoid anything related to online cryptocurrency storage especially on websites. You never know what might happen. From a problem on the server for a period of time that you want to make deals to a massive hack that results in the loss of cryptocurrencies and the theft of personal data. (passwds, emails, names, accounts etc). Take care bro, calm down. Personally I have lost the private keys of an old offline bitcoin wallet to a house move (if that makes you feel better :stuck_out_tongue: )

I am personally available to send you some Grins but not today. First secure your computer, your wallets, your emails, your passwds and mobile phone. Take care

2 Likes