I will now come out with the full story of how my account on #FTX was easily taken over by hackers and completely looted despite having 2FA.Apart from restoring for me access,FTX support and @FTX_Official @SBF_Alameda are completely ignoring this serious security breach and loss.
2. On April 21st, I was locked out of my account, when entering 2FA code, I would get a message that 2FA code is invalid. I have 2FA running on two devices, so the redundancy proves nothing wrong with my 2FA. I resynced time on the 2FA, & tried different computers, nothing worked
3. I immediately sent an email to support informing them that my 2FA is not working and that I tried everything. And I also mentioned that I got a message in my account of an unusual login attempt some days prior which I notified.
4. I got the automated message of receipt from support. This was the only response I got from support. For days I was ignored by support and I kept sending e-mails, until they reopened my account somedays ago.
I was so concerned about the situation that I even DMed Sam the same day almost immediately. Sam had personally helped me before with a transfer issue in August 2020. I was so impressed that I adopted FTX and placed all I have in this exchange.
The next day I went on the FTX support telegram group. I explained my situation, all they said that it was a security issue & I must wait 24 to 48 hours for them response by e-mail. Nobody mentioned the possibility of a hack. $8 hours seemed a longtime for me so I DMed Sam again.
I found 24H was too long for a response so I asked the telegram group again to do something, they answered by banning me and calling me a spammer, but it was the third message and 6 hours later. this was on the 22 morning, the day the hackers started to withdraw in the evening.
8. Banning me from the telegram group shocked me and cut me from any communication with FTX. I reported to Sam that I was banned, and needed help. But no answer. I started to get very frustrated and 48 hours had past. I decided to get help from CT https://twitter.com/nagihatoum/status/1385513743526907906
9. CT was very responsive and retweeted my plea, it made such a commotion that Sam and @FTX_Official finally answered. This was Sam's public acknowledgement. CT was impressed he answered me personally. I was relived, but the relief was short lived.
10. Sam DMed me in private that he was working on the situation but it will take time and that it was "complicated". I asked what was complicated about it, he didn't answer. This was the last time Sam DMed me.
11. On the 24th, Keith @FTX_Official contacted me to set a Zoom video meeting.I had a zoom meeting the next day. They asked me to prove my identity on video, that if had access to the account and if I did any withdrawals. I answered I had no access since the 21st & no withdrawals
12. After the zoom meeting, I had no contact with anybody, I asked for some updates but received no response. Until I got a reply from support 3 days ago. They removed the 2FA
13. I opened my account and found it was completely empty. At first I was in disbelief, I though FTX moved it. So I went to the account records and found that everything was liquidated to ETH and withdrawn on the 22th. It dawned on my that I was hacked.
14. Of course I contacted everybody that I was hacked. But again nobody answered. I started to piece together how I was hacked. Obviously the hackers had retrieved my username and password for both my e-mail and FTX account. But without 2FA they could not enter.
15. The way the hackers used my e-mail without me noticing is by deleting all the sent & received emails. And they put a filter available in google mail to place anything received from FTX support into the trash can so I will not notice it. They will open the trash & read them
16. FTX support finally asked the hackers for a photo for an identification. They took the photo that I sent FTX compliance when I did the KYC, it was available in my e-mail. And the reason it was in the e-mail was that compliance refused the first photo that used on FTX website.
17. Compliance refused my first photo because it was blurry they could not read my the id. Then I communicated with them through e-mail, where they accept the new photo. The photo remained in the e-mail. How support accepted this same photo as proof is beyond me.
18. The hackers were able to remove the 2FA with a photoshoped pic. But I had to have a Zoom video conference to prove my ID. The strangest part was that the hackers were asking for a 2FA reset will I was accessing FTX everyday trading on it, security could not see this paradox?
19. the hackers were having prompt discussions with support while support ignored me for days. However support realized that it was odd I was complaining my 2FA was not working when they reset it.
20. I know from other exchanges and from people on tweeter that resetting the 2FA is not easy, it requires more proof of identity than the KYC. The fact that I was banned from telegram group also made it impossible to report that it was not me withdrawing from the account.
21. from this experience I have learned how to beef up security. You must have 2FA on the exchange account as well as the email. 2FA on the password manager if you use it but I don't recommend. All passwords and keys should be stored on paper. enable SMS for account activity.
22. Have a dedicated e-mail for your exchange account and don't store any pictures on it. Have a withdrawal password and a whitelist. Don't store anything on exchanges except for a short while. I put all my USD on FTX to take interest, now I think it is not worth it.
23. Currently I have nothing, I am completely REKT. I lost a lot, not small money. I am a careful trader, I trade only 1% of my account and use very tight risk management. I got completely REKT without taking any risks. Makes me wish I just threw all my money on some shitcoins.
Finally, the biggest clue that the hackers left was the email filters on my gmail. Check your filters on all your emails.
This is another security note, I have been told someone was banned from their gmail account and couldn't access the exchange anymore. They say proton mail is better.
Sam answered, but he blamed me for everything and said I am not truthful, he said he needed my permission to discuss publicly my case, I gave him my permission. At least he acknowledges I was hacked but is acting like an outsider and just criticizing me. https://twitter.com/SBF_Alameda/status/1388147101725388802
I talked to security experts and there two main security lapses that FTX committed. I will discuss these lapses after Sam answers. I cannot be blamed for what happened. I am the victim not the perpetuator. I did not "give someone access" to anything.
You can follow @nagihatoum.
Tip: mention @twtextapp on a Twitter thread with the keyword “unroll” to get a link to it.

Latest Threads Unrolled:
There are a lot of misconceptions about the Turkish diaspora in Germany. Since i just finished writing an essay about this topic I thought it's time to give other people
Read more
Las mejores calculadoras online en 2020A thread http://totumat.com/2020/11/26/las-mejores-calculadoras-online-en-2020/ Cuando se estudian asignaturas que requieren de cálculos complicados, nada mejor que contar con una buena calculadora.
Read more
Mitigating #ClimateChange is as much about taking up new techs as about leaving others behindMost studies focus on #coal's global downfall but another #energy tech decline is loomingRead my new
Read more