Common Types of Crypto Heist Cases
-
Phishing Attacks
Phishing attacks are one of the most common hacking techniques employed by cybercriminals. These attacks involve the creation of fraudulent emails or websites that mimic the appearance of legitimate Gemini communications or platforms.
Unwitting users may be lured into providing their login credentials or other sensitive information, enabling the attacker to gain unauthorized access to their accounts and assets.
Phishing attacks may also involve malicious attachments or links, which, when opened or clicked, can install malware on the user’s device.
-
Credential Stuffing Attacks
Credential stuffing attacks occur when cybercriminals obtain previously leaked or stolen login credentials (such as usernames and passwords) and attempt to use them to gain unauthorized access to cryptocurrency exchange. These attacks rely on the fact that many users often reuse the same credentials across multiple platforms.
By using automated tools, hackers can test large volumes of credentials in a relatively short amount of time, potentially gaining access to numerous accounts.
-
Exploitation of Software Vulnerabilities
Software vulnerabilities refer to weaknesses or flaws in the design, implementation, or operation of software that can be exploited by hackers to compromise system security.
Cybercriminals may target vulnerabilities in Gemini’s platform, user devices, or third-party applications to gain unauthorized access, manipulate data, or execute malicious code.
Patches and updates are regularly released to address known vulnerabilities, making it essential for users to keep their software up to date.
-
SIM-Swapping Attacks
SIM-swapping attacks involve the unauthorized transfer of a victim’s phone number to a SIM card controlled by the attacker. Cybercriminals often accomplish this by social engineering or bribing employees at the victim’s mobile service provider.
Once the attacker gains control of the victim’s phone number, they can bypass two-factor authentication (2FA) and reset account passwords, granting them unauthorized access to the victim’s Gemini account and other online platforms.
SIM-swapping attacks highlight the need for robust and diversified security measures beyond traditional 2FA methods.
Consequences of Unauthorized Account Access
One of the most immediate and devastating consequences of hacking incidents is the loss of funds and digital assets. Once cybercriminals gain unauthorized access to a Gemini user’s account, they can quickly transfer or liquidate the user’s holdings, often making recovery extremely difficult, if not impossible.
The loss of valuable assets can result in significant financial hardships for the victims, particularly if they rely on their cryptocurrency investments as a primary source of income.
- Personal Information Exposure
In addition to stealing funds and assets, hackers may also gain access to users’ personal information, such as names, addresses, phone numbers, and email addresses. This exposure can lead to further attacks, identity theft, and other forms of cybercrime.
Victims may also be targeted for future phishing or social engineering attacks, as cybercriminals leverage the compromised data to manipulate or deceive them.
- Negative Impact on User’s Reputation and Credibility
Being a victim of a hacking incident can have serious repercussions on a user’s reputation and credibility within the cryptocurrency community and beyond.
Trust and confidence are critical in the digital asset space, and users who have experienced security breaches may be viewed as less reliable or competent by their peers, investors, or potential business partners. This negative perception can hinder professional opportunities and growth in the industry.
- Legal Implications and Potential Liabilities
Hacking incidents may also give rise to legal implications and potential liabilities for the affected users. In some cases, victims may need to report the breach to relevant authorities or face regulatory penalties for non-compliance.
Furthermore, if a user’s compromised account is used to facilitate other cybercrimes, such as money laundering or fraud, the user could potentially be held liable for those activities, even if they were not directly involved.
Navigating the legal complexities surrounding hacking incidents can be challenging, making it crucial for victims to seek expert legal counsel to protect their interests and ensure compliance with applicable laws and regulations.
Dilendorf Law Firm’s Services for Victims Whose Funds Were Stolen From Gemini
We offer a comprehensive suite of services to assist and support Gemini victims, utilizing our extensive expertise in cryptocurrency and blockchain law to address the unique challenges faced by clients affected by cyberattacks.
- Legal Consultation and Assessment
Dilendorf team provides expert legal consultation and assessment to help clients understand the nature of the cyber incident, identify the methods used by cybercriminals, and evaluate potential legal actions and remedies tailored to the client’s specific needs and circumstances.
We assist clients in the process of asset recovery by initiating investigations, tracing lost assets, and identifying the responsible parties. The firm collaborates with law enforcement and regulatory agencies to facilitate a coordinated response and represents clients in negotiations with Gemini and other involved parties to secure the return of lost assets or appropriate compensation.
Dilendorf Law Firm represents clients in court for lawsuits and arbitration proceedings related to hacking incidents, advocating on their behalf to seek justice for damages suffered. Additionally, our attorneys are skilled negotiators, working diligently to secure favorable settlements for clients in cases where litigation may not be the preferred or most effective option.
If your funds were stolen from Gemini or you require legal assistance related to cryptocurrency and blockchain matters, contact us today at (212) 457-9797 or via email at info@dilendorf.com to schedule a consultation with our experienced attorneys.
We stay up to date and track cases involving phishing attacks and sim swap affecting major cryptocurrency exchanges and mobile operators:
One of the largest cellphone carriers in the United States is facing yet another lawsuit by a digital currency investor over SIM swap fraud. T-Mobile failed in its duty to protect its users and resulted in the plaintiff’s loss of $55,000 worth of BTC, according to the lawsuit filed in Pennsylvania.
I am victim of a SIM Swap scam. Both T-Mobil and Coinbase.com where negligent and failed to protect me. I have all the evidence to prove my case.
An 84-year-old grandmother living in West Palm Beach started investing in cryptocurrency to help save up for her family’s future. Then, nearly all of the money she put into cryptocurrency vanished after she claims a hacker got into her accounts and drained it of about $800,000.
Coinbase users have filed 134 pages of complaints to the SEC alleging that their funds have been “stolen” by the exchange
Yesterday, Kevin Frye filed a complaint in the Southern District of Florida against T-Mobile USA, Inc. for allegedly conducting a “SIM-Swap” without his consent, resulting in the loss of tens of thousands of dollars worth of cryptocurrency. The plaintiff claimed that “T-Mobile Representatives were either complicit with the theft or grossly negligent” since they have been on “notice for years that their security measures were not adequate.”
A Pennsylvania woman who lost the equivalent of $20,000 in cryptocurrency as part of a mobile fraud scheme says T-Mobile failed to protect her account in the face of a wave of similar incidents.
Nine months before scammers stole $20,000 from Kesler’s Coinbase account, the suit argues, Jack Dorsey was the victim of another high profile SIM swap, in which outsiders seized control of the Twitter CEO’s information. Security journalist Brian Krebs also covered the issue in 2018, specifically reporting that a T-Mobile retail store employee was under investigation for making an unauthorized SIM swa
A man is suing Gemini, claiming it was negligent not to notice significant sums of money moved from his money market account to buy cryptocurrency on the exchange over seven days. While the trader was out of reach in the Australian outback, someone allegedly stole money from his CIT account and wired it to Gemini to purchase crypto. Later, he noticed fraudulent activity on his accounts with other banks, and is suing CIT in addition to Gemini, claiming it violated the Electronic Funds Transfer A
Hackers stole $21 million in Bitcoin and $15 million in Ethereum from retirement accounts held with IRA Financial Trust on February 8, according to a report from Bloomberg based on an anonymous source.
Interviews and thousands of complaints have revealed a pattern of account hacks where users have reported money vanishing from their accounts, reports CNBC. Once criminals gain access to an account, funds can be drained within minutes.
My account that my mom and I use together got hacked in June of this year. We lost $350,000.The hacker not only transferred out all of the crypto we owned, they used the bank accounts that were linked to purchase more. When we found out about the hack, we called our banks to stop the transfer of money. We also immediately contacted Coinbase to report the hack. However, Coinbase still let the purchase go through while the bank transactions were pending. Now, Coinbass is claiming that because we stopped our banks from transferring the money, we owe them $10,000 to reimburse them for the purchase.
California-headquartered crypto trading platform Coinbase—has been named in at least 115 complaints sent to the U.S. Securities and Exchange Commission and the California Department of Business Oversight
“I believe Coinbase has engaged in fraud by knowingly marketing a service it knows it cannot actually provide,” the filing from November last year read, adding: “Coinbase knows it does not have the infrastructure to timely and adequately meet customer needs.” At the time, bitcoin and other virtual currencies were rocketing in value, leading to an unprecedented interest from eager new investors.
It took only two minutes for the attacker to clean Sean Everett out of what was then a few thousand dollars’ worth of digital coins from his Coinbase wallet
Author Jeff Roberts said $250,000 was stolen from Coinbase in 2013/2014. Roberts claims Coinbase’s hot wallet was hacked just a year after the company’s inception in 2012, and that the hacker made away with $250,000 worth of Bitcoin
Olympia and Steve Kallman of Parma said they are dealing with some sleepless nights after police reported they had more than $22,000 taken by con artists from their Coinbase cryptocurrency virtual wallet back on Aug. 16.
T-Mobile is facing a multi-million dollar lawsuit after hackers were able to gain unauthorized access to a client’s account. Using information provided by the cellular company, hackers successfully bypassed their two-factor authentication security measures enabling them to obtain a SIM card with the client’s personal and financial information. $8.7 million in cryptocurrency was ultimately transferred out of the customer’s account.
T-Mobile has been hit with a multi-million-dollar lawsuit after Reginald Middleton lost millions of dollars when hackers gained unauthorized access to his account. The hackers used information supplied by T-Mobile to successfully circumvent the two-factor authentication measure, which allowed them to obtain a SIM card containing all of Middleton’s financial and personal information. Ultimately, $8.7 million in cryptocurrency was transferred out of Middleton’s account.
Richard Harris, the customer and plaintiff, is alleging T-Mobile’s misconduct including its failure to adequately protect customer information, hire appropriate support staff and its violation of federal and state laws led to his loss of 1.63 bitcoin.
Last night while I was sleeping my account was logged into (web) from Russia…
The Vidovics lost nearly $170,000 in the blink of an eye when someone hacked their Coinbase account.
John said his accounts with Coinbase and Coinbase Pro were emptied as he watched his phone screen.
….an increasing number of users of the currently highly popular cryptocurrency exchange called Coinbase have suddenly found their accounts on the platform empty. This is after hackers have managed to gain access to them and thoroughly drain their cryptocurrency wallets.
League of Legends superstar has had $200,000 in cryptocurrency stolen from them – directly from their Coinbase account
…an unauthorized user had changed Ms. Maguian’a passwords for trading platforms… Coinbase and initiated transactions that emptied her accounts of crypto valued at around $80,000 at the time
The Eleventh Circuit Court of Appeals ruled today that the class action against Coinbase…will be held in open court. The case in question alleges that Coinbase assisted in laundering around $8.2 mln of stolen Bitcoin (BTC) – valued at over $100 mln today.
The Vidovics lost nearly $170,000 in the blink of an eye when someone hacked their Coinbase account.
Dr. Anders Apgar, a Coinbase customer, said his account had a balance of more than $100,000 in crypto when it was hacked during a robocall.
I had $14,000+ USD in my coinbase pro account. The account was hacked at the money was switched over to crypto and sent to multiple people this occured several hours ago (05/14/2021). Case # 06082303
Tampa resident David Bryant knew something was wrong last October when he found Coinbase notifications deleted from his account and his login no longer worked. “I lost about $15,000 dollars worth of crypto,” David said.
A Texas man is suing Coinbase, the cryptocurrency trading platform. The man alleges his Coinbase account was breached to make a $50,000 unauthorized transaction. He says at least 1,000 other Coinbase accounts have also been breached.
A new report finds that Russia was linked to the majority of crypto ransomware invasions, siphoning the equivalent of $400 million in stolen funds to illicit addresses in that country. It appears Russia has strong ties to the majority of crypto hacks and cybercrimes, especially when you consider that 74% of ransomware revenue in 2021 — over $400 million worth of cyptocurrency — went to accounts affiliated with the country in some way, according to a new report from cryptocurrency tracking and analytics firm, Chainalysis.
Case #05530638, #05542432. This all happened 4/15/21-4/16/21. How can I talk with someone from coinbase? I am so frustrated that someone stole my Bitcoin, ETH, and transferred $500 from my bank account and stole that too from my coinbase… Total almost $12,000. I am trying to understand what is going on and now I am completely blocked out of coinbase. I want answers!
An increasing number of users of the highly popular cryptocurrency exchange Coinbase have found their accounts on the platform empty after hackers managed to gain access to them and drain their cryptocurrency wallets.
Raza says Coinbase, the cryptocurrency exchange where he was robbed, has not been able to provide a solution and he thinks they need to step up security protocols.
In four minutes, cyber looters pilfered $34,123 worth of virtual currency from a Virginia resident’s Coinbase (COIN) account, the 38-year-old told Yahoo Finance.
I received several txts last night sending me a 2fa code. I woke up and my bitcoin was transferred at 230am to some address. Any idea what happened? Was it my cell phone provider? Seems fishy to me since I could not detect any threats my phone. No idea how the culprit read my txt messages but oh well.
I am an active user of CoinBase and somehow my account was breached even with 2FA enabled. The hackers stole all of the coins in my account by converting them to BTC and sending them to their wallet. They then deposited $1k USD and purchased BTC using my debit card and stole it before I could lock my account down.
Taking my case to reddit. My account was hacked approximately 3 weeks ago and .50 BTC (approximately $23k USD) was stolen from my account. In summary, I decided to log into my account one day to check in on the balance. A hacker had locked my account out.
…hackers managed to get into the accounts and move funds off the platform, draining some accounts dry. Thousands of customers had already begun to complain to Coinbase that funds had vanished from their accounts…Coinbase did not disclose how much cryptocurrency was stolen in the attack.
CNBC interviewed Coinbase users across the country. The interviews and complaints revealed a pattern of account takeovers, where users see money suddenly vanish from their account, followed by poor customer service from the company. Since 2016, Coinbase users have filed more than 11,000 complaints against Coinbase with the Federal Trade Commission and Consumer Financial Protection Bureau, mostly related to customer service.
An increasing number of users of the highly popular cryptocurrency exchange Coinbase have found their accounts on the platform empty after hackers managed to gain access to them and drain their cryptocurrency wallets.
Loads of scams out there. Remember Coinbase does not support chat. You will never speak with a Coinbase employee.
I have been trying to contact Coinbase support since Thursday when I saw $25k BTC sold from my wallet without my consent and could not receive any assistance at all from Coinbase to protect my investment.
It was 10.6 bitcoins held in the wallet service Coinbase, the most well-funded and widely implemented service on the market.
All your money is gone. Whoops! Sorry for your loss. Some Coinbase account holders are losing their shit today as they look to their bank statements to find that the exchange has withdrawn excessive amounts of money from their accounts.
California-headquartered crypto trading platform Coinbase—has been named in at least 115 complaints sent to the U.S. Securities and Exchange Commission and the California Department of Business Oversight
“I believe Coinbase has engaged in fraud by knowingly marketing a service it knows it cannot actually provide,” the filing from November last year read, adding: “Coinbase knows it does not have the infrastructure to timely and adequately meet customer needs.” At the time, bitcoin and other virtual currencies were rocketing in value, leading to an unprecedented interest from eager new investors
Yesterday, Kevin Frye filed a complaint in the Southern District of Florida against T-Mobile USA, Inc. for allegedly conducting a “SIM-Swap” without his consent, resulting in the loss of tens of thousands of dollars worth of cryptocurrency. The plaintiff claimed that “T-Mobile Representatives were either complicit with the theft or grossly negligent” since they have been on “notice for years that their security measures were not adequate.”
A Pennsylvania woman who lost the equivalent of $20,000 in cryptocurrency as part of a mobile fraud scheme says T-Mobile failed to protect her account in the face of a wave of similar incidents.
Nine months before scammers stole $20,000 from Kesler’s Coinbase account, the suit argues, Jack Dorsey was the victim of another high profile SIM swap, in which outsiders seized control of the Twitter CEO’s information. Security journalist Brian Krebs also covered the issue in 2018, specifically reporting that a T-Mobile retail store employee was under investigation for making an unauthorized SIM swap.
Mr. Harris sued T-Mobile in July, alleging the company’s practices didn’t meet federal standards and allowed a hacker to take over his phone number in 2020 and steal bitcoin worth nearly $15,000 at the time, and more now.
T-Mobile declined to comment on the suit but motioned to move the case to arbitration. Like Verizon and AT&T, the company requires arbitration to resolve disputes in its terms of service, often leading to closed-door settlements.
Hackers stole the personal identification data for millions of past, present and prospective T-Mobile customers, leading to a huge class-action lawsuit.
Losing cellphone service is inconvenient. But in some cases, it also might mean you’re getting hacked.
“It’s a whole new wave of crime,” said Erin West, the deputy district attorney of Santa Clara County. “It’s a new way of stealing of money: They target people that they believe to have cryptocurrency,” she told CNBC.
Just when you think the massive T-Mobile hack can’t get any worse, on Friday the carrier announced that over 50 million people, including current and former customers as well as prepaid customers, were affected by the breach. Information like Social Security numbers, driver’s licenses and account PINs were exposed.
Cellphone carrier T-Mobile is being sued over allegations it failed to safeguard against a SIM swap scam that cost one customer $55,000 in lost.
The CEO of a crypto firm that recently settled with the SEC over its 2017 ICO is suing T-Mobile over a series of SIM-swaps that resulted in the loss of $8.7 million worth of crypto.
The suit accuses T-Mobile of having “abjectly failed” in its responsibility to protect the personal and financial information of its customers.
A victim of a crypto theft using SIM-swap attack has filed a lawsuit against T-Mobile, alleging the failure and negligence on the part of the US cell phone carrier in preventing these scams.
“This action arises out of T-Mobile’s systemic and repeated failures to protect and safeguard its customers’ highly sensitive personal and financial information against common, widely reported, and foreseeable attempts to illegally obtain such information,” the lawsuit alleged.
T-Mobile is currently facing a complaint against one of the victims of SIM swapping, a type of fraud.
Cheng believed that the attack would not have happened if not for “T-Mobile‘s negligent practices and its repeated failure to adhere to federal and state law.”
T-Mobile is facing yet another SIM swapping complaint involving cryptocurrency theft. Last week, a Philadelphia man named Richard Harris filed a complaint in the Eastern District of Pennsylvania against the wireless giant alleging he lost approximately $55,000 worth of Bitcoin due to the company’s failure to safeguard his account
The sim was successfully swapped which means that either it was done without the pin or the person knew the pin. Again, this is only possible if it was a T-Mobile employee and most likely one of the employees that help a month prior during the line add and upgrade.
When it comes to security or whatever it is leave T-Mobile. It is insider job someone is doing sim swaps.
T-Mobile confirmed this week that it was hit by a “highly sophisticated cyberattack” that exposed names, dates of birth, Social Security numbers and driver’s license information for more than 40 million consumers who had applied for credit with T-Mobile.
After a crazy week where T-Mobile handed over my phone number to a hacker twice, I now have my T-Mobile, Google, and Twitter accounts back under my control. However, the weak link in this situation remains and I’m wary of what could happen in the future.
American telecommunications provider T-Mobile has disclosed a data breach after an unknown number of customers were apparently affected by SIM swap attacks. SIM swap fraud (or SIM hijacking) allows scammers to take control of targets’ phone numbers after porting them using social engineering or after bribing mobile operator employees to a SIM controlled by the fraudsters.
Yesterday, someone went into a T-Mobile retail store used a fake California Drivers License to buy a copy of my SIM card.
And now for the crazy chain of events, where T-mobile allowed a complete stranger to do a SIM swap on me, and Coinbase allowed a complete stranger to change my Coinbase identity with no questions asked.
Silver Miller said that “with little more than a persuasive plea for assistance, a willing telecommunications carrier representative, and an electronic impersonation of the victim,” criminals can manage to steal millions of dollars targeting unsuspecting victims.
Hackers swapped my T-Mobile SIM card without my approval and methodically shut down access to most of my accounts and began reaching out to my Facebook friends asking to borrow crypto.
Coinbase has admitted that hackers stole crypto from thousands of its users’ accounts over a three-month period.
Bad actors were able to infiltrate the accounts of and steal cryptocurrency from around 6,000 Coinbase customers by exploiting a multi-factor authentication flaw.
Matthew doesn’t know how the hackers were able to access his Coinbase account, but he remembered that when he signed up with Coinbase, they advertised they had insurance.
My binance account was hacked a day before. All my funds were converted into ETC and withdrawn from binance. I received no confirmation mail for withdrawals too. All security steps – login password, 2FA, confirmation mail were compromised.
I don’t know how people can do this? I used strong password and also use all security option but no result this bloody f**king person got access my account.
The world’s crypto market turned red as rumours about Binance, the world’s most traded cryptocurrencies exchange, being hacked began circulating on the web yesterday morning. Some users reported that their alts on Binance were “market sold” at a loss and balances drained.
Yesterday, BeanThe5th made a thread in the popular /r/cryptocurrency subreddit, regarding a theft that has occurred on his or her Binance account. Many users who saw this Reddit thread were quite surprised, as it has become common knowledge that Binance is one of the most reputable and secure exchanges that exist.
Hackers have stolen $570 million from a blockchain linked with Binance. The largest crypto exchange has had to temporarily halt the operation of its Binance Smart Chain after the exploit.1 Since the hack, Binance Coin’s (BNB) price has also dropped noticeably, with the token down 3.5% in the last 24 hours. At the time of writing, it is trading at $281.
Hackers just stole $40 million worth of bitcoin from Binance, one of the largest cryptocurrency exchanges in the world. It’s hardly the first time crypto has been targeted by thieves. For a technology that’s supposed to be hyper secure, in practice, it’s often proven itself to be, well, not.
Binance, the world’s biggest cryptocurrency exchange, is investigating a hacking incident that affected a number of crypto tokens Friday. According to its founder and CEO Changpeng Zhao, a private key, used to encrypt or decrypt data, had been hacked.
“Initial analysis is developer private key was hacked, and the hacker updated the smart contract to a more malicious one,” Zhao said on Twitter, adding that the Ankr and Hay tokens were affected.
On Tuesday, May 7, Binance, the world’s largest cryptocurrency exchange, announced that malicious actors had compromised user application programming interface (API) keys and two-factor authentication (2FA) codes, enabling them to access the company’s hot wallet and steal more than 7,000 bitcoin (BTC).
Cryptocurrency exchange Binance temporarily suspended its blockchain network after hackers made off with around $570 million worth of its BNB token.
Hello, I have been impersonated and sim swapped, they hacked my emails, twitter, facebook, exchanges, literally everything including binance, which they stole 2 btc (daily limit) from today and will steal more if the account isn’t frozen by tomorrow. They logged in and somehow disabled my google authenticator and I cannot get into my account, microsoft is working on giving me the hacked email back that is related to binance but they say it will take 3 days to escalate the ticket. In 3 days the hackers will have already taken my entire balance so I really need the binance account frozen now before they can steal more.
My account was compromised with multiple security layers on it. Google 2FA and Email Authentication which i both had on it. My google 2FA was on a device only for my google authentication apps, I take necessary steps to prevent hacks & The crazy thing is i always receive emails when anything is changing or so on so when the hack was happening binance did not not alert my email or anything. All my securities was reset and email was changed.
Someone made a withdrawal on my Binance account when I was sleeping last night and took all my money away. My Binance account had 2FA on and everything was safe and secure but somehow the hacker managed to hack it and withdrew all my holdings out. Binance support does not have a hacked feature, so it’s pissing me off. Is there anyway that I can get it back? This is all my life savings.
Crypto exchange Gemini Trust Co. lacked proper safeguards that resulted in retirement-account holders losing around $36 million in Bitcoin and Ether when the master key got hacked, IRA Financial Trust said in a new lawsuit.
Then, on Tuesday of this this week, someone posted the entire stolen database for free on Breach Forums. It’s unclear whether this individual previously attempted to sell the database but was unsuccessful, covertly purchased it, or otherwise obtained it through some other means. We also still don’t know when the data breach occurred, though the second post attempting to sell the database claimed it was obtained in September.
Regardless, the personal information of Gemini’s 5.7 million customers is now publicly available online.
San Francisco resident Robert Ross, a father of two, noticed his phone suddenly lose its signal on Oct. 26. Confused, he went to a nearby Apple store and later contacted his service provider, AT&T. But he wasn’t quick enough to stop a hacker from draining $500,000 from two separate accounts he had at Coinbase and Gemini, according to Santa Clara officials.
My account on Gemini was hacked. My password and email address on Gemini were both changed. I have been trading on Gemini for 4 years. Gemini now claims that there is no account at Gemini with my email. I have a ton of USD in my Gemini account and they will not even confirm that the funds are frozen. There is no person
