Lawyer up and sue the various parties.

Required reading: https://www.bloomberg.com/news/featu...th-a-vengeance

That's a fantastic read.

The ending is marvelous. Like the hero at the end of a vengeance movie standing over his latest dying foe saying "I'm not done yet." Then cut to black.

try to get google on the phone. not sure if they have phone support for personal accounts but i've talked to their business support a bunch and it's great. maybe you could make a business account just for the sake of getting a phone pin and then try to explain the hack once you have them on the line.

1) No, not really. I don't really even have that much (everything is relative though). That said, I am a developer that is involved with a crypto related project and I haven't really made any effort to hide myself. I also post on Reddit at times. I guess if you were crawling the web looking for crypto related people, you might come across me.

2) Not that I know of . If this guy had access to my machine he wouldn't need to SIM swap me. Also, also most of my crypto is on chain and I guess he would've gone after that...

Yes, this has gone through my mind. The only party I can think of that I can sue is T-Mobile (where the breach began), am I missing anybody. Any recommendations for lawyers? I talked to a lawyer that was recommended to me by a friend who seemed to think I had no case against T-Mobile but I don't know if he knew what he was talking about.

Funny that you mention this. I actually do have a paid account and realized I could do this yesterday. I chatted with a rep online who basically told me that he couldn't help me because there is no way they can verify the account.

He told me my one possible salvation is to fill out a "inappropriate conduct of google account" complaint form (I can't find it now) because this person has extorted me by email in which case google might disable the account. I did that.

Other than that, he said that my only chance of completely recovering the account is going through he FBI/IC3.

I think google should be suable. The situation is completely absurd. But obviously T Mobile is a stronger case. Your aim is go away money imo.

That said, I'm not a lawyer.

A third option if you're rich is to hire someone to find this guy. Send them whatever details you have. Or put a $10K bounty on reddit or a black hat forum for the verified name and address of the hacker. If they're super careful it might be impossible to find them, but most people are a bit sloppy and leave fingerprints/IPs/browser IDs which can be traced down with the right connections. You are also still in contact with the guy and he's happy to receive stuff from you (money), so that gives an avenue for someone creative and talented to trap and track him. Please read Brian's article above for what the proper attitude is

Hmm not sure why google is suable, they just seem to be doing their job. T-Mobile is totally incompetent. Do you have any recommendations for lawyers? I hate the idea of just calling the first google search result...

Yeah, I am not interested in starting some kind of personal vendetta or hiring randoms on the internet. I have a moderately busy life and making this (likely smalltime) crook "pay" is pretty far down my list of priorities. I have filed a complaint with the FBI and will let them do their job.

Freeze your credit with all three bureaus if you haven't already done so

yep.... sorry for your loss. This is probably 99% root cause.


gl

and dont pay that ransom.

First rule of owning crypto is don't post publicly about owning crypto

Yes, I already did that.

somigosaden is the ****. He gets how the world works.

How is it possible to crack accounts protected with hardware 2FA (authy, authenticator).

Unless exchanges are stupid enough to disable 2FA without extreme vetting (which should include a face picture that matches one displayed on the passport provided in KYC), it should not be possible. The authentication codes are not tied to mobile carriers. Well, Authy is, but you can disable multi-device support.

There should be ample time to contact exchanges when you realize your phone lost connection to its mobile network.

As I understand it, OP didn't 2FA his gmail account (which he now thinks is permanently gone), but his crypto account had google auth protected 2FA and is fine so he moved it to a different part of the blockchain.

Everyone should follow this
https://blog.kraken.com/post/219/sec...mobile-phones/

Key points:
Don't store coins on exchange
Don't use SMS 2fa
As secure as anything is that is related to your phone number is, it's still only as secure as a low paid mobile company employee decides it to be.
Try to hack yourself. It's fun.

Just taking a stab here, this post looks suspicious to me^^^^

Gamblor777 (aka iamHIV, Jonathan Drane, veganhippie) is a well known Crypto degen that is connected to multiple scams in the past.

Might be worth doing some digging.

https://forumserver.twoplustwo.com/s...&postcount=785

could you expand? in what ways?

Do those steps. Then call your phone company and try to social engineer access to your account.

Or try to social engineer an exchange to give you access