Bitcoin Forum

Economy => Service Discussion => Topic started by: cupo on June 01, 2013, 03:58:10 AM



Title: Is 2FA safe enough??Bad News. A guy with 2FA in Mt has been stolen for $7000+
Post by: cupo on June 01, 2013, 03:58:10 AM
It's amazing that an account under 2FA in Mt.gox can be hacked. This guy found his money withdrawn on May 31, 2013. Someone changed his password and cancelled all 2FA in Security Center. He says he didn't use his mobile phone to get on Mt.gox. How did the hacker get his private key of 2FA??
It's so terrible which means the 2FA maybe not safe.

Link to this post:https://bitcointalk.org/index.php?topic=221098.0


Title: Re: Is 2FA safe enough??Bad News. A guy with 2FA in Mt has been stolen for $7000+
Post by: CtrlAltBernanke420 on June 01, 2013, 04:37:11 AM
It's amazing that an account under 2FA in Mt.gox can be hacked. This guy found his money withdrawn on May 31, 2013. Someone changed his password and cancelled all 2FA in Security Center. He says he didn't use his mobile phone to get on Mt.gox. How did the hacker get his private key of 2FA??
It's so terrible which means the 2FA maybe not safe.

Link to this post:https://bitcointalk.org/index.php?topic=221098.0

I wonder if that it why you also have the option to 2FA the ability to change the security settings. Which is the 3rd step.


Title: Re: Is 2FA safe enough??Bad News. A guy with 2FA in Mt has been stolen for $7000+
Post by: zhcy123 on June 01, 2013, 04:41:16 AM
It's amazing that an account under 2FA in Mt.gox can be hacked. This guy found his money withdrawn on May 31, 2013. Someone changed his password and cancelled all 2FA in Security Center. He says he didn't use his mobile phone to get on Mt.gox. How did the hacker get his private key of 2FA??
It's so terrible which means the 2FA maybe not safe.

Link to this post:https://bitcointalk.org/index.php?topic=221098.0

Thank reproduced, ask for help


Title: Re: Is 2FA safe enough??Bad News. A guy with 2FA in Mt has been stolen for $7000+
Post by: btbrae on June 01, 2013, 05:19:09 AM
That can't be right. Why would you have the ability to enable 2FA whilst allowing someone to disable it without using 2FA? It just doesn't make sense. Surely the main added benefit of 2FA is to mitigate keylogger risk and password grabs, so you would be assuming an account can be comprised before enacting it.


Title: Re: Is 2FA safe enough??Bad News. A guy with 2FA in Mt has been stolen for $7000+
Post by: Vince Torres on June 01, 2013, 06:03:32 AM
I don't understand how this is possible. Did the guy have malware?


Title: Re: Is 2FA safe enough??Bad News. A guy with 2FA in Mt has been stolen for $7000+
Post by: cupo on June 01, 2013, 06:45:39 AM
I don't understand how this is possible. Did the guy have malware?
Maybe there is one in his device, how to detect the malware?