Today a rather unpleasant story has come into our hands. Story about how in a fairly short period of time fraudsters managed to withdraw all funds from the wallet on the Blockchain service. The following story is described by the victim himself:
It all started on January 20, when unknown people tried to get remote access to my laptop (after scanning, I found a trojan, a backdoor, a running explorir.exe process, and 18 more processes from various viruses).
I assumed that the main purpose of the scam was my Google account, on which the Blockchain wallet was tied.
How did this happen?
At this time my friends and I were watching a movie on a laptop. Viewing was interrupted by the SMS on the confirmation of entry into the account (two-factor identification). Immediately after that, messages began to arrive on the mail confirming the change of the phone number tied to the account.
After a few minutes it was confirmed that the shift was successful. I immediately disconnected the laptop from the network, and from another phone I tried to log into my account. The password is no longer suitable. I attempted to reach Google support using my second email. It was there that I received a letter with the extortion to transfer $ 300 for return access to Google account.
This email has been sent to support. From the third time, the stolen account was blocked, but only for the duration of the check. After passing the test questions, I regained access.
At this time, a message with Blockchain about disabling two-factor identification comes to the mail. I was lucky that I already had time to return access to the mail and I managed to cancel the disconnection of the two-factor identification. All these events took place close to 1 am and took about 30 minutes. In the history of operations,
I discovered that attempts to enter were first from Poltava, and then from Egypt determined by the IP system itself. Although it may just VPN. I changed the passwords and began to hope that this would not happen again. However, it was not there!
Three days later, incomprehensible SMS came again, this time from the Blockchain service they say you want to disable two-factor identification. Since I did not exactly do this, I pressed reject.
I, having turned on the incognito mode and disconnecting from the home Internet, began to enter my wallet. In the personal account I changed the attached mail, at the same time creating a new Google account. I checked the current two-factor authentication and all the checkboxes in the security section. From the point of view of logic, everything is fine. Yes, mail was hacked, but I quickly changed it and transferred my account to the one I just created. All checked for the security of the new account and wallet.
I thought I won
After three more days I decided to withdraw the money from my wallet. But when I go to my wallet, I find that it is empty, and there are zeros on the balance sheet (or rather, they left me $ 0.38, apparently for tea).
From the transaction history, you can see that all funds were transferred last night. But nothing came to the mail or to the phone during these days. In the settings in my account, my new mail and my phone still glowed. But the money went quietly without a single sound alert security systems…
I wrote the whole story to the Blockchain support service and in response to silence … just like with an alert, when transferring all funds from the wallet, to fraudulent crooks.
I sat for 10 minutes and just stared at the point. They stole everything that he earned during the year and saved up for the DREAM.