Hey guys thought I would put this one through the community before I completely give up on it.
Early last year I started investing and trading into some cryptocurrencies/blockchain stuff before the all time highs as well as building a small mining rig to play around with learn more about how it all works and hopefully let it earn a little in the process.
Earlier in January/February this year while on an overseas trip in SE Asia my primary email/webhost somehow got hacked, data mined then used to break into as much financial, cryptocurrency and a few online shopping accounts using the forgotten/reset password feature on all sites.
Aside from my email they did not have any other passwords at all. They intercepted,confirmed/approved transactions and deleted incoming emails before any reached my phone which has a popup/notification when it does. Due to transaction limits they were in there about a week clearing out my accounts then managed to get into my Google account, changed the password, linked number, datamined email and apps which is the morning I woke up to find out everything that happened.
They stole just over $25,000 at the time across Coinbase, Poloniex, Bittrex, Binance, Coinjar, Nicehash, Steemit accounts which also had all my travel funds mixed in there.
As soon as they knew I found out my email was compromised they changed the passwords and locked me out of there. I'm guessing a lot of it is heavily script based and do this to hundreds to thousands because they were steps ahead every move I could make. I used Cpanel/WHM to change my email password and later found out the hackers also had access from the Webhosts own account/billing user portal which can open up Cpanel/WHM/Webmail at click. My webhost/email host is a local Aussie based.
Basically got stuck in SE Asia and had to contact parents to borrow some funds to cover the accommodation and flight back to Sydney.
Since getting back they managed to break into my Webhost/Email twice and narrow failed attempts with my Google one a few weeks apart. I was on the phone with support during one of the attacks and they were barely able to do much and took a while to block them. IP showed it came from Brisbane and Istanbul but probs a proxy/VPN .
I had filled up and put a report with ACORN which police said to do and FBI (don't think they even care). It took over a month for a response from ACORN which basically said since the hackers are based overseas they can't do anything then a line about sending money to strangers (as if I sent funds through Western Union or so). The online exchanges assisted in getting access back to my accounts gave the tone of tough luck the hackers got your money , use 2FA "please come again".
My biggest frustation with them is they needed my passport/licence and all sorts of details to open up an account and yet served it up to a silver platter for hackers without any additional verifications
- just automated online process and instant access to funds. They could have asked additional questions or called the number linked at time of signing up to verify.
My local webhost/email provider was the weakest point in terms of security and allowed access to almost everything. They won't enable 2FA as part of their security and take no accountability.
I've since changed to a much more secure email provider and separated my website from it onto a separate provider. I've tried to address most of the security flaws as I could and get over it but its been a hard year trying to get back on top of finances and also my partner getting sick and needing regular hospital stays right into December.
So without much hope and trying to move on is there anything else left I can do in getting any of it back?
Cheers
Should have used 2FA