16. FTX support finally asked the hackers for a photo for an identification. They took the photo that I sent FTX compliance when I did the KYC, it was available in my e-mail. And the reason it was in the e-mail was that compliance refused the first photo that used on FTX website.
17. Compliance refused my first photo because it was blurry they could not read my the id. Then I communicated with them through e-mail, where they accept the new photo. The photo remained in the e-mail. How support accepted this same photo as proof is beyond me.
18. The hackers were able to remove the 2FA with a photoshoped pic. But I had to have a Zoom video conference to prove my ID. The strangest part was that the hackers were asking for a 2FA reset will I was accessing FTX everyday trading on it, security could not see this paradox?
19. the hackers were having prompt discussions with support while support ignored me for days. However support realized that it was odd I was complaining my 2FA was not working when they reset it.
20. I know from other exchanges and from people on tweeter that resetting the 2FA is not easy, it requires more proof of identity than the KYC. The fact that I was banned from telegram group also made it impossible to report that it was not me withdrawing from the account.
21. from this experience I have learned how to beef up security. You must have 2FA on the exchange account as well as the email. 2FA on the password manager if you use it but I don't recommend. All passwords and keys should be stored on paper. enable SMS for account activity.
22. Have a dedicated e-mail for your exchange account and don't store any pictures on it. Have a withdrawal password and a whitelist. Don't store anything on exchanges except for a short while. I put all my USD on FTX to take interest, now I think it is not worth it.
23. Currently I have nothing, I am completely REKT. I lost a lot, not small money. I am a careful trader, I trade only 1% of my account and use very tight risk management. I got completely REKT without taking any risks. Makes me wish I just threw all my money on some shitcoins.
Finally, the biggest clue that the hackers left was the email filters on my gmail. Check your filters on all your emails.
You can follow @nagihatoum.
Tip: mention @twtextapp on a Twitter thread with the keyword “unroll” to get a link to it.

Latest Threads Unrolled:
There are a lot of misconceptions about the Turkish diaspora in Germany. Since i just finished writing an essay about this topic I thought it's time to give other people
Read more
Las mejores calculadoras online en 2020A thread http://totumat.com/2020/11/26/las-mejores-calculadoras-online-en-2020/ Cuando se estudian asignaturas que requieren de cálculos complicados, nada mejor que contar con una buena calculadora.
Read more
Mitigating #ClimateChange is as much about taking up new techs as about leaving others behindMost studies focus on #coal's global downfall but another #energy tech decline is loomingRead my new
Read more