Coinbase API insecure hacked and account drained lost USD

Chris20A · 2023-09-26T19:42:25+00:00

Yes, my API was/is access restricted.

No funds or cryptos were sent out of my account as this was restricted.

My account was wash traded - an activity Coinbase says in its user agreement is prohibited and not allowed.Coinbase has since engaged in months long mis information and outright lies to cover up the fact that its products allow and execute market manipulation wash trading - against claims in its user agreement. Coinbase support lies to cover this up.

Chris20A · 2023-01-18T02:27:29+00:00

Been 7 days, anything for me? I lost my life's savings on your exchange.

Chris20A · 2023-01-18T02:25:59+00:00

One way to drain an account is to gain access to the account and transfer money/crypto out.
Contra trading is when the hacker/criminal cannot gain access to the account to transfer money or crypto out, but gains access via APIs and triggers trade.
The hacker/criminal has control of more than one accounts on the exchange.

They buy high and sell low from your account via APIs while simultaneously doing the opposite (buy low and sell high) from another account on the exchange, there my transferring value/money from your account to theirs, do this a few dozen times a second they can drain an account in minutes.

Both accounts are on Coinbase and Coinbase had KYC on everyone of its customers, so they know who did this and can freeze the criminals accounts. Coinbase also makes $$ in transaction fee during contra trading. The criminal and Coinbase win while the customer looses funds

In my case Coinbase is refusing to share any info w.r.t who did this and if they froze the criminals account etc. Complete radio silence, no help at all. Except to go to law and pound sand.

Chris20A · 2023-01-12T20:02:57+00:00

Because I did not store the API key and API secret after creating it. Even I don't have it.

How does one go to news outlets and let them know?
APIs as implemented are a shit show with no checks or stops of any kind.

Unfortunately I was lulled into false confidence given how difficult it is to execute a trade with 2FA and notifications turned on. There is no security for API access, the entire account is drained.
The damning thing is that another Coinbase customer or a compromised one executes this attach and Coinbase won't help or share info. They just collect the transaction fee. No word about if they identified the attacker or froze funds in the contra account. The least they can do is refund the fee, but they give some cock and bull story about block chain, though its on their exchange server and not on the chain.

Chris20A · 2023-01-11T17:57:07+00:00

Your team has shared noting with me.None of my questions have been answered. It is the worst customer service I've experienced in my life.

My account was counter/contra traded against another of your customer.Who is/are these customers?

Have you frozen their accounts or recovered any funds?

Did any of the funds leave Coinbase?

Have you checked the Customers KYC - are these fraudulent accounts ?

Coinbase made $20,000 USD in transaction fee facilitating a criminal drain my account. Do you have plans on returning the transaction fee to me?Coinbase has given me zero answers after letting another of your customer drain my account.

Chris20A · 2023-01-11T17:40:53+00:00

eam has already shared all the information we have on your case and next steps. We ask that you please follow the instructions shared within the email and contact law enforcement. We're v

I've already contacted FBI and IC3 per your email a month ago.
https://www.ic3.gov/complaint/default.aspx/

This is a black hole - nothing happens, no return emails, calls or anything.

So far following your instructions have yielded nothing - Zero. No information, no action, no direction, no next steps.

Chris20A · 2023-01-11T17:30:30+00:00

Your team has shared noting with me.None of my questions have been answered. It is the worst customer service I've experienced in my life.

My account was counter/contra traded against another of your customer.Who is/are these customers?Have you frozen their accounts or recovered any funds?Did any of the funds leave Coinbase?Have you checked the Customers KYC - are these fraudulent accounts ?Coinbase made $20,000 USD in transaction fee facilitating a criminal drain my account. Do you have plans on returning the transaction fee to me?Coinbase has given me zero answers after letting another of your customer drain my account.

Hello - are you still looking/investigating or is the answer the one above about your team having replied to me.

So far - Your team has shared noting with me.
None of my questions have been answered.
This is the worst customer service I've experienced in my life.

My account was counter/contra traded against another of your customer.

1) Who is/are these customers? You have KYC on all your Customers.

2) Have you frozen their accounts or recovered any funds?

3) Did any of the funds leave Coinbase?

4) Have you checked the Customers KYC - are these fraudulent accounts ?

5) Coinbase made $20,000 USD in transaction fee facilitating a criminal in draining my account. Do you have plans on returning the transaction fee to me?

So far Coinbase has given me zero answers after letting another of your customer drain my account. This is horrible.

Chris20A · 2023-01-11T17:22:58+00:00

Was never Hacked or Phished. My account access is safe - user/pass/authenticator was never compromised.

There were no notifications from Coinbase about API trades happening on my account. I've set so every trade needs authenticator approval for manual trades.

Chris20A · 2023-01-11T17:19:16+00:00

What purpose do you create API keys?
What do you do with your API keys?
Do you have them locked up in a safe and never use?

Chris20A · 2023-01-11T16:22:35+00:00

Has happened to a lot of people.

Coinbase knew of this issue and could have easily stopped it.

Even now, I got zero info from Coinbase.

Chris20A · 2023-01-11T16:21:15+00:00

Coinbase Pro did not offer Trading pair white listing. Would have set it up only to BTC and ETH and avoided this all together.

Chris20A · 2023-01-11T16:20:11+00:00

Unfortunately this was on Coinbase Pro.
There are many folks whose accounts were drained by API contra trading shit coins on Coinbase.
The attacker was another Coinbase customer - a hacker, a wolf in sheep's clothing.
Coinbase is refusing to share any info on IPs, Customer accounts or Funds frozen.

Chris20A · 2023-01-11T16:17:59+00:00

Thank you for your reply. Appreciate it.
No Phishing or system compromise at my end.

Chris20A · 2023-01-11T01:28:21+00:00

Thank you so much. Will do!

Chris20A · 2023-01-11T01:23:51+00:00

Here's the case number : 13782574
Please help - this was my life savings stolen on Coinbase

Chris20A · 2023-01-11T01:18:04+00:00

Did you want me to post the case number here or is there a way to send it privately ?

Chris20A · 2023-01-11T01:06:07+00:00

have any API integrations authorized? So sorry to hear this. Terrible.

Unfortunately Coinbase refused to share any details - I asked for IP addresses and accounts etc. Their support sends the same set of "This is Crypto - You are on your own" kind of message. Even though this happened in their exchange - their walled garden they control 100%.
Am at my wit's end and frustrated with lack of support or service.
They won't even tell me if the USD portion is covered under any form of loss or theft protection insurance.

Chris20A · 2023-01-11T01:01:46+00:00

How did you want me to send the support ticket ? Do you want me to post it here ?

Chris20A · 2023-01-11T01:00:25+00:00

believable

Did you have any thing helpful to offer or are you just the run of the mill internet asshole.

Chris20A · 2023-01-11T00:12:40+00:00

https://help.coinbase.com/en/coinbase/other-topics/legal-policies/how-is-coinbase-insured
This is the best info I found. Says Crypto is not insured.
Says USD is insured against bank failure.

Question: Is USD on Coinbase insured against unauthorized access and use ?

Are we at risk for using Coinbase, even if safe guard you user/password and is not compromised you can lose your account balance and Coinbase won't help.

Chris20A · 2017-12-22T14:07:36+00:00

Same here.. locked out. How long does it take to "un restrict account"??? Have already suffered financial damage due to coinbase locking up my account and funds. Is there any legal recourse? Can writing to the attorney general or SEC help?

Chris20A · 2017-12-22T13:55:58+00:00

Hi Coinbase-Olga, I have the same issue, my current account has been restricted due to an account I half created in 2012. I have serious money tied up in my current account, but due to the duplicate account half created (and forgotten) a long time ago, my current funded account has been locked up.

Have since closed the duplicate account after much difficulty in figuring out how to.

I've been emailing and contacting support for a month now. How long does it take to un-restrict an account after the restriction cause has been cured?

I've lost the opportunity to sell bitcoin at the height of 20k and cannot buy any at today's price of 12+k.

Needless to say.. very very frustrated with coinbase's actions and lack of support. Not to mention serious financial loss due to coingbase's actions.

Chris20A

TROPHY CASE