Kucoin account hacked

GRIN/ETH has the lowest trading volume out of all the GRIN pairs on Kucoin, which is ideal for that type of wash trading. However, if 20,000 grin was traded back and forth it should be visible on the chart, but I’m not sure I’m seeing any signs of that. Furthermore, this should be all in your Kucoin trading history. What does your trading history say? That’s quite an important detail.

My trading history shows hundreds of small trades for ETH.

Do you have the exact time and date? It would be interesting to find them on the chart.

There’s pages and pages of transactions that are tiny that look like this. Looks like 16:17 local time.

[Album] Imgur

Kucoin just replied, https://www.reddit.com/r/kucoin/comments/ih5res/kucoin_account_hacked/g37z9j5/?utm_source=reddit&utm_medium=web2x&context=3

“My trading history shows hundreds of small trades for ETH.”

So Kucoin can see if the trades were made against a single trader or the whole orderbook.

Yeah Kucoin replied.

This is truest devastating. They won’t help at all.

The hacker was able to unbind my google Authentication Code. But how?

Edit: they supposedly just sent an email to Kucoin but Kucoin is supposed to lock the account for 2-5 day’s after that?

Ask kucoin if they received a message via “help” near the days of the hack either from your email or from someone claiming to be you. I also wonder how the hacker knew with such certainty that there is a large amount in your account. The odds are 2. Either you have spoken openly to someone about the amount in your account or kucoin knows which members have large amounts and from time to time targets them. You have to take things from the beginning dude to come up with some certainty. So begin from early days of August to search and check your email activity.

I’ll ask them. It looks like they aren’t willing to help or provide any additional details until I contact law enforcement.

What’s the purpose of a highly secure 2FA (TOTP aka “Google Auth”) if it’s able to be cancelled with an unsecure 2FA (e-mail)? Not sure if this is common practice, but it seems like a security flaw to me.

Check this out. Updated 20 hours ago. At least ridiculous. The problem is not in not using 2fa but that with its use a person was hacked.

I repeat that I am very curious that we are not talking about a massive hacking (something like this would have been published but that an account with a lot of grins was hacked.

Did you ever share your mobile phone or personal infos in social media?

The sim swap method allows someone to have full control of your mobile or you or access Kucoin from a malware infected link or device and got keylogged.

I don’t share my information anywhere. I don’t even have social media outside of twitter and reddit.

I definitely wasn’t sim swapped as my phone still works and I work for the phone company so I definitely don’t use SMS 2FA - only google authentication.

According to what you say, the case of a security gap has been ruled out either on your mobile phone or in your email. Do you conclude that this is an inside job? If so, take legal action immediately and do not cut off communication with kucoin. Be careful not to block your account. Take a screenshot of all the communication you had with them and transfer it to a usb. Make sure dates, hours are displayed. Screenshot of exchanges etc.

An inside job is the only thing I can think.

How do you get past google 2FA (on an iPhone I know there’s an exploit for android)

How do you get past email verification and trading passcode?

The trading passcode is a PIN number I’ve never used anywhere else. Not even a version of it.

How do I take legal action against a company based in China as a US citizen?

Can Kucoin confirm that a picture was submitted in support of the 2FA disable request? Did you ask them for the picture?

Kucoin is saying that you can unbind your 2FA directly from the app by yourself, but IF you want us to help you can reach out by email and then you will have to send a picture etc
check this link. it’s easy for them to say that captain crypto was hacked/compromised and relieve themselves of responsibility.

They won’t give me the picture. They say it’s sensitive information. I have no records of an email coming from my address with my picture. This feels like an inside job. I feel like I’m going crazy at this point.

Here’s their final response to me.

[Album] Imgur

I’m not sure that this representative knows what she’s talking about.
I don’t think there was a picture Id verification for disabling the 2FA, but it was disabled using the existing 2FA key (or an inside job of course).
But, if there was a picture ID with a date, it would be easy to compare it with your existing KYC IDs you provided when opening an account (did you?), or make a video call where they can verify and perhaps show you the picture was used while you show them yourself and your ID.

I didnt even think about this. I have a non KYC account - so they don’t even have my photo. So now I’m REALLY curious what photo was supposedly sent to verify my identity or how they got access the account.

Things Just don’t add up. Whoever got access to my account either worked for Kucoin or had direct access to my phone (didn’t happen)

As far as keylogger, I believe you need root access for that and my iPhone isn’t jail broken so I don’t have root access to my phone.

This is so frustrating.

Note that they phrased that ambiguously to avoid confirming that a picture was submitted in support of disabling 2FA.
Just ask them explicitly: did or did they not receive a picture in support of the 2FA disable request.
You’re not asking for the picture, just for a simple yes or no. That’s not sensitive information and I see no valid reason for not sharing it with you.