top of page
This site was designed with the
.com
website builder. Create your website today.Start Now

With weak Security (weak Password, no 2FA) welcome mat is out for Hacker

a. Email. Hacker logs into public email (and tries weak password "123456" or "qwerty" or weak 2FA e.g. home town from Facebook, or clicks "Forgot Password?". Email accessed or service provides temp password. Hacker has access and changes email password. Hack clue 1 -- you can't login to email.

 

b. Exchange. Hacker reviews folders (from a) for likely exchanges (or credit cards, banks, ...). Logs into exchange with email id (from a) and clicks "Forgot Password?". Exchange provides temp password. Hacker now has access and changes exchange password. Hack clue 2 -- you can't login to exchange.

 

c. Withdraw. At exchange (from b), hacker enters bitcoin withdraw request to hacker wallet id. Exchange sends email to user (from a) to OK withdraw. Hacker has control of email (from a) and OK's withdraw request. Exchange processes withdraw. Hack clue 3 -- bitcoins gone/withdrawn.

 

d. Confirmation. Enter hacker wallet id (from c) in Search field on Blockchain.info. Hack confirmed -- withdraw recorded in Blockchain. => Steps a thru c in minutes

bottom of page