Hot Deal

flipkart account hack, very serious issue, everyone beaware

913°
Deal Cadet
sitapodila227

my account is hacked and i am continuously contacting flipkart customer care from 26-09-2021, as per cc request i logout from all the devices and changed password in friends apple laptop, apple phone. Even after changing the password , hacker was able to find the password with in minutes which is a clear indication that the hacker is able to get the password from flipkart’s data base. from 26-09-2021 i contacted flipkart cc more than 10 times, i spent more than 10 to 15 hours in speaking with customer care , but cc support was not able to provide any resolution. Hacker is very advanced . he used all the loopholes from the flipkart. first loophole : 1) flipkart data base breach 2) hacker is able to get the password in minutes 3) hacker changes the password of the customers and sends 10 otp requests continuously to customers mobile number and after that for login with otp option – server says maximum limits reached and customer also cant change the password . Hacker uses that option and he places the order with next day delivery option , even customer also cant cancel it as he couldnt login with otp option. this is a serious loophole from flipkart. The product is about to deliver today and the mobile number given by courier is not working, even the mobile number given for delivery of the product is not working. Please tell your courier person to stop the delivery.

154 Comments  |  
42 Dimers
  • Sort By
Deal Cadet Deal Cadet
Link Copied
Expand
sardasa wrote:

For that order needs to be placed from same device on which account was logged in st the time of adding GV in that account

I also don’t know how the hacker/cheater used the wallet amount for the order with out Otp ?

Deal Subedar Deal Subedar
Link Copied
Expand
sitapodila227 wrote:

I also don’t know how the hacker/cheater used the wallet amount for the order with out Otp ?

Getready mentioned it’s some loophole when cod order can be paid via gv balance before order is shipped without needing OTP

Deal Cadet Deal Cadet
Link Copied
Expand
sardasa wrote:

Tell flipkart cc to give phone number of delivery partner and try to contact  him and request him to cancel the delivery (if possible). Which product is being ordered? Mobile phones?

He ordered cycle , courier person number is not working , the mobile number given for delivery is 8717829803, he is not lifting the call

Deal Cadet Deal Cadet
Link Copied

Million dollars question is how the cheater is getting the password ?

The PostMighty The PostMighty
Link Copied

Afaik , the problem isn’t with flipkart but with your devices , my suggestion is to format your windows and android devices since they are most prone to these kind of attacks

Deal Subedar Deal Subedar
Link Copied
Expand
sitapodila227 wrote:

He ordered cycle , courier person number is not working , the mobile number given for delivery is 8717829803, he is not lifting the call

You checked it on true caller? Does it belong to Gujarat only?

Deal Cadet Deal Cadet
Link Copied
Expand
sardasa wrote:

You checked it on true caller? Does it belong to Gujarat only?

It shows MM from Madhya Pradesh

Deal Hunter Deal Hunter
Link Copied

Flipkart is not having a data breach right now and you’re using apple devices which are supposed to have better protection then my cheaper android phone. I think it might be someone from your own house.
A similar thing happened to my uncle and it turned out to be my cousin lolol

Deal Hunter Deal Hunter
Link Copied
Tanmayyy wrote:

Afaik , the problem isn’t with flipkart but with your devices , my suggestion is to format your windows and android devices since they are most prone to these kind of attacks

He has apple stuff and still got scammed/hacked

Deal Cadet Deal Cadet
Link Copied
rini50 wrote:

Flipkart is not having a data breach right now and you’re using apple devices which are supposed to have better protection then my cheaper android phone. I think it might be someone from your own house.
A similar thing happened to my uncle and it turned out to be my cousin lolol

I am 100 percent sure it is not from my family members or friends, I changed password almost 15 times and logout from all devices , even after that he is able to login and place the order

The PostMighty The PostMighty
Link Copied
Expand
sitapodila227 wrote:

I am 100 percent sure it is not from my family members or friends, I changed password almost 15 times and logout from all devices , even after that he is able to login and place the order

Email to [email protected] and ask them to do something about it

Deal Cadet Deal Cadet
Link Copied
Expand
rini50 wrote:

He has apple stuff and still got scammed/hacked

now account is in my apple phone only , 3 days back I logout from all the devices

The PostMighty The PostMighty
Link Copied
Expand
rini50 wrote:

He has apple stuff and still got scammed/hacked

He used an ios device to change the password , he owns windows and android devices as well

Deal Hunter Deal Hunter
Link Copied
Expand
sitapodila227 wrote:

I am 100 percent sure it is not from my family members or friends, I changed password almost 15 times and logout from all devices , even after that he is able to login and place the order

Did you use somebody else’s phone to login ? That might be the case as how they’re able to know your password?

Deal Lieutenant Deal Lieutenant
Link Copied

Talk to fk cc and get in touch some senior executive to stop the delivery
Also mail woohoo/mpin/fk to cancel/block all gvs

Deal Hunter Deal Hunter
Link Copied
Expand
Tanmayyy wrote:

He used an ios device to change the password , he owns windows and android devices as well

Might be a hacked app with a different name.. you know fraudster disguised as govt or service center guy telling you to download suspicious app so that they can help with our complains?
I almost fell for such a trap this year until luckily I cross questioned and caught him.

The PostMighty The PostMighty
Link Copied
Expand
rini50 wrote:

Might be a hacked app with a different name.. you know fraudster disguised as govt or service center guy telling you to download suspicious app so that they can help with our complains?
I almost fell for such a trap this year until luckily I cross questioned and caught him.

There can be many ways to pull yhis kind of thing off.

1. Keyloggers but we can rule out this possibility since op says he used an ios device to change password of his account.

2. The second way could be that the hacker has access to the mobile phone that originally was logged in with fk account and copied the cookies to get access to the fk account. And/or has access to the mobile that has the sim card of the number that the op used for his account and is remotely copying and deleting otps from the phone.

3. Third way could be that the person has access to the email address of op and is using it to login to his account as well delete traces of it.

4. Fourth and mostly not probable way would be that the culprit is someone op knows in real life and who’s also having access to op’s phone/laptop to pull this off.

Deal Hunter Deal Hunter
Link Copied
Expand
Tanmayyy wrote:

There can be many ways to pull yhis kind of thing off.

1. Keyloggers but we can rule out this possibility since op says he used an ios device to change password of his account.

2. The second way could be that the hacker has access to the mobile phone that originally was logged in with fk account and copied the cookies to get access to the fk account. And/or has access to the mobile that has the sim card of the number that the op used for his account and is remotely copying and deleting otps from the phone.

3. Third way could be that the person has access to the email address of op and is using it to login to his account as well delete traces of it.

4. Fourth and mostly not probable way would be that the culprit is someone op knows in real life and who’s also having access to op’s phone/laptop to pull this off.

I didn’t understand point 2 … Can you elaborate in layman’s terms? Like how does one have access to sim/phone without stealing??

Deal Cadet Deal Cadet
Link Copied

flipkart cc is not at all connecting to manager also, can someone post the contact number or email of higher authorities ?

The PostMighty The PostMighty
Link Copied
Expand
rini50 wrote:

I didn’t understand point 2 … Can you elaborate in layman’s terms? Like how does one have access to sim/phone without stealing??

People don’t think a lot about installing modded/ even apps from playstore and give them all the permissions they ask for such as sms and call log access. This allows apps to read otps as well as delete them although deleting isn’t possible in newer androids. Other way is that the app didn’t actually ask for any special permissions but was laced with spyware and exploited some vulnerability in the device that allowed it to access app data/network activity and get the cookies that were being used by the op’s flipkart app

Deal Hunter Deal Hunter
Link Copied
Expand
Tanmayyy wrote:

People don’t think a lot about installing modded/ even apps from playstore and give them all the permissions they ask for such as sms and call log access. This allows apps to read otps as well as delete them although deleting isn’t possible in newer androids. Other way is that the app didn’t actually ask for any special permissions but was laced with spyware and exploited some vulnerability in the device that allowed it to access app data/network activity and get the cookies that were being used by the op’s flipkart app

Oh dear… Even downloading apps from official stores were safe and gave permission without any thought scream

The PostMighty The PostMighty
Link Copied
Expand
rini50 wrote:

Oh dear… Even downloading apps from official stores were safe and gave permission without any thought scream

Nothing is safe these days , Google has found malware even in apps that were downloaded millions of times.

Deal Cadet Deal Cadet
Link Copied

This has something to do with someone working in FK itself else it is almost impossible without spyware to know the password resetted 15 times.

Deal Subedar Deal Subedar
Link Copied

@ OP, do one thing, comment your username/password here, and we will change it for you and confirm whether it’s your device/network that is compromised laughing

Deal Cadet Deal Cadet
Link Copied

Until now product is not delivered, how to stop delivering the product

Deal Newbie Deal Newbie
Link Copied

Let me tell u how this happend.

>u used same password for flipkart as of bigbasket, ixiigo, shaadi
>hacked bruteforced password on flipkart
>Logged in acc and changed password and made u logout and limit for otp
>made COD order to address of him
>clicked on make payment now in such cases giftcard balance dont ask otp

Deal Lieutenant Deal Lieutenant
Link Copied
BlueFlash wrote:

@ OP, do one thing, comment your username/password here, and we will change it for you and confirm whether it’s your device/network that is compromised laughing

Will u also place a order ?

Deal Cadet Deal Cadet
Link Copied
alexdavdid386117 wrote:

Let me tell u how this happend.

>u used same password for flipkart as of bigbasket, ixiigo, shaadi
>hacked bruteforced password on flipkart
>Logged in acc and changed password and made u logout and limit for otp
>made COD order to address of him
>clicked on make payment now in such cases giftcard balance dont ask otp

Second point may be wrong , I kept different passwords but he is able to login everytime , he placed 6 to 7 orders but everytime I cancelled the order

Deal Subedar Deal Subedar
Link Copied
Expand
sitapodila227 wrote:

Second point may be wrong , I kept different passwords but he is able to login everytime , he placed 6 to 7 orders but everytime I cancelled the order

How different are the passwords that you are setting? Are they linked to previous password?

Missing