Bc.game account hacked or inside job?

pre 2 meseci

Original

Prevod

Bio sam na svom bc.game nalogu pre nekog vremena usred igre, iznenada sam bio izbačen. Ponovo sam se prijavio i moj eterijum novčanik je bio ispražnjen u 2 transakcije u roku od 20 sekundi.

Prilično impresivno s obzirom da vam je potreban moj Google autentifikator, kao i 2FA za telefon i imejl da biste se prijavili i pokrenuli isplatu. Nisam dobio nikakvu imejl ili poruku da je kod poslat. Proverio sam svoj bc.game nalog, moj 2FA broj i imejl nisu promenjeni niti su dodati novi. Moj Google nalog povezan sa Google autentifikatorom nije bio ugrožen i nisam siguran da bi to bilo važno jer generiše kodove na uređaju koji nije onlajn. Dakle, očigledno sam veoma zbunjen kako se ovo moglo dogoditi.

Kontaktiram podršku uživo u roku od jednog minuta, nakon što proverim transakcije isplate i podešavanja 2FA. Rečeno mi je da će mi nalog biti zaključan i da mi pošaljete imejl recovery@bcgame.com Pre nego što sam mogao da završim razgovor, blokirao sam nalog. Poslao sam sve tražene informacije i nisam dobio ništa nedeljama, niti sam dobio odgovore na imejlove koji su me pratili. Nedavno sam dobio imejl od recovery@bcgame.com bez naslova. Traži od mene da kliknem na link i uradim KYC. Pregledam link i on vodi do SumSub-a, velike navodno renomirane KYC platforme, link deluje stvarno. SumSub je imao problema sa kazinima koja su lažirala svoje veb stranice da bi ukrali informacije, takođe su kritikovani zbog toga ko zaista kontroliše kompaniju. U svom istraživanju sam otkrio da kompanija koja pokreće KYC, bc.game u mom slučaju, možda poseduje otpremljene informacije i ne osećam se prijatno da bc.game ima kopiju mog pasoša zajedno sa bilo čim drugim što bi mogli tražiti. Takođe ćete pronaći mnogo objava na mreži o ljudima koji upadaju u beskrajnu petlju verifikacije sa BC.game-om koji mnogo puta prolaze kroz to, a neki jednostavno odustaju.

Dok istražujem sve ovo, šaljem imejl da bih podržao/la i recovery@bcgame.com Pitaju šta će biti urađeno sa mojim ukradenim sredstvima kada završim KYC i da li će zadržati neka od mojih ličnih dokumenata. Još uvek nisam dobio odgovor.

Dakle, da li je moj nalog hakovan? Definitivno. Da li je to urađeno uz pomoć nekoga sa insajderskim informacijama ili samo uz pomoć same veb stranice? Možda. Ne mogu da shvatim kako je, sa svim zaštitnim merama koje sam imao na snazi, neko mogao da uđe u moj nalog, a da mi ne pošalje dvostruko obaveštenje ili da ima pristup mom Google Authenticator-u. Prilično sam dobar sa tehnologijom i, koliko sam istraživao, osim ako mi je Google nalog hakovan, što nije bio slučaj, nije bilo neobičnih aktivnosti, nepoznatih uređaja, promena lozinki i čudnih aktivnosti na njemu od tada, onda se ovo jednostavno nije smelo desiti.

Samo želim neke odgovore.

I was on my bc.game account awhile back in the middle of a game, I was suddenly booted. I logged back in and my ethereum wallet had been drained in 2 transactions within 20 seconds,

Pretty impressive considering you need my google authenticator as well as 2fa to phone and email to both login and initiate a withdrawal. I recieved no email or text indicating a code was sent. I checked my bc.game account my 2fa number and email hadn't been changed or new ones added. My google account linked to google authenticator hadn't been compromised and im not sure it would have mattered bc It generates codes on the device not online. So obviously im very confused how this could have happened.

I contact live support within a minute, after checking the withdrawal transactions and 2fa settings. They tell me my account is going to be locked and to email recovery@bcgame.com before I could finish the conversation im locked out of account. I sent all the info requested and heard nothing for weeks, no replies to follow up emails either. Recently I got an email from recovery@bcgame.com with no subject line. It asks me to click a link and do a kyc. I look into the link and its to SumSub, a large supposedly reputable KYC platform, the link appears to be real. SumSub has had problems with casinos faking their website to steal information, they have also been criticized about whos really in control of the company. In my research I found out the company that initiates the KYC, bc.game in my case, may own the information uploaded and I dont feel comfortable with bc game having a copy of my passport along with anything else they may ask for. You'll also find many posts online of people getting into an endless verification loop with BC.game foing through it many times, some just give up.

While im looking into all this I shoot an email to support and recovery@bcgame.com asking what will be done about my stolen funds when I complete KYC, and if they will retain any of my personal documents. I have yet to recieve an answer.

So was my account hacked? Definitely. Was it done with the help of someone with inside information or just the website itself? Maybe. I fail to understand how with all the safeguards I had in place someone was able to get into my account without sending me a 2fa notification or have access to my Google Authenticator. Im pretty good with technology and from what I've looked into unless my google account was hacked, which it wasnt, no unusual activity or unknown devices or password changes and no strange activity on it since, then this just shouldn't have happened.

I just want some answers.

Kenj72888

pre 2 meseci

Original

Prevod

Hello, I would like to thank you for sharing such a very precise and practical description of the events. A few years ago I experienced a hacked bank debit card; a failed 2fa process also played a part back then. I had no answers, but I recall perfectly how frustrating those few months were for me.

I have also come across phishing attempts targeting players with larger winnings in online casinos, which were focusing on passing the KYC "on behalf" of those players. Some were successful. 🙁

I truly want to help you in some way, but to be honest, I have no idea how to do that. Shall we stay in touch to see whether the casino comes up with something?

I wish I could say something more.

Bc.game account hacked or inside job?

Dodajte post