Bitcoin Forum

Bitcoin => Press => Topic started by: gweedo on April 11, 2013, 06:36:42 PM



Title: 2013-04-11 Mt Gox Cross Site Scripting Attack Wipes Out Bitcoin Accounts
Post by: gweedo on April 11, 2013, 06:36:42 PM
http://techcrunch.com/2013/04/11/mt-gox-cross-site-scripting-attack-wipes-out-bitcoin-accounts/
Quote
The price of freedom, as they say, is eternal vigilance. A user called bitbully on the Bitcointalk Forums found himself 34 bitcoins poorer when he visited a site claiming to be a chat service connected with Mt. Gox, a popular bitcoin trading service. The site, wwwdotmtg(this is an o)x-ch(this is an a)tdotinfo (do not visit this site), apparently places a cross-site transfer order on the victim’s computer immediately upon visiting using a Java applet. Because the transactions aren’t reversible and the attackers are anonymous, the victims are out of luck.