A Warning To Huobi Users – I suspect and have proof Huobi.Pro is planting malware on it’s users computers.
I want to preface this message with a couple notes –
1 – I have no affiliation with any crypto exchange, cryptocurrency, blockchain company etc. (besides the coins I hodl). I have no agenda here except informing the community of what I have experienced.
2 – I do not understand coding, website UI, but I have been around the block enough to spot suspicious activity.
3 – I would be elated if someone out there who understands malware/adware/hacking/coding reads this and provides a logical explanation for my experience that doesn’t raise suspicion towards Huobi.Pro exchange.
Ok, I’ve been trading crypto for 1 year now. As the market took off last year, I took a lot of precautions to keep my data & coins secured. I use Kapersky’s full protection suite on a MacOS among many other measures.
My Mac is new & fast (for what it is) – 2.5 GHz Intel Core i7, 16 GB 1600 MHz DDR3, Intel Iris Pro 1536 MB.
Last week I signed up for Huobi.Pro in order to gain access to a few coin projects I’m interested in but are unavailable elsewhere. No problems signing up.
Red Flag #1: about 10 seconds after I log into Huobi.Pro for the first time my CPU usage increased 2-3x.
Red Flag #2: My CPU fan only kicks on when I’m installing software, running virus scans, saving large video files etc. Simply logging into Huobi.Pro kicked my fan on. I’m positive this was caused by Huobi.Pro in some way.
Red Flag #3: Huobi.Pro’s pages are barely navigable, the lag to scroll a few inches down the screen is 4-5 seconds.
Red Flag #4: Kapersky went bonkers during my first session on Huobi.Pro immediately after my first BTC deposit made it to my wallet. – 2 Quarantined files: “Reason: not-a-virus:HEUR:Adware.OSX.Cimpli.c (Adware)”.
I obviously quarantined and deleted the files, logged out of Huobi.Pro, paced around frantically for a few minutes to figure out the best course of action. I did some Googling, found nothing similar to what I had just experienced. So, I decided to try to log back in, first closing all other applications and also clearing my browsers cache & deleting cookies.
Upon trying to login, I am unable to access my account. It allows me to go through the entire login process (enter email code, move the little verification bar I suppose it’s to prevent bot traffic, and enter my SMS code and 2FA code). Everything seems to go fine, except when I click login, it directs me back to the homepage but I am NOT logged in.
I continue to try to log in, testing using multiple browsers, trying my hotspot (instead of Wi-Fi), even tried Tor. No luck.
Red Flag #5: I finally get in by logging in under incognito mode on Chrome. Magic! I’m in. Since then, I’ve had no problems. I’ve made a couple trades, and today I submitted my first withdraw request (which is being “manually reviewed” for approval) and for some reason I have a bad feeling about that.
Red Flag #6 (YES THERE’S MORE!): While I was locked out of my account I attempted to use their chat support to figure out what was going on. They asked me to send them a screenshot of my email – I reluctantly obliged, but as soon as I clicked the upload file button, Kapersky goes off again and says Huobi.Pro is trying to identify information about me using my photo meta data. The warning wasn’t “this could happen if you send”, it was “this is exactly what they’re doing” – I’ve tried to find a log of this warning in Kapersky but have been unable to locate it.
I hope someone reads this and explains what is going on. It’s very clearly malicious activity IMO, probably Huobi.Pro infecting computers with keystroke trackers or private key scanners. Who knows. I’m getting my money the fuck out of there and never looking back…
edit: TLDR; Kapersky blocked Huobi.Pro from installing adware on my computer, on 2 separate occasions.