Bitcoin Forum

https://rapidshare.com/#!download|359tg2|1969319443|accounts.csv|4023 (https://rapidshare.com/#!download|359tg2|1969319443|accounts.csv|4023)

All mtgox account password has been dumped in their hashed form (can be downloaded from the above link), passwords are being cracked as we speak. Change them asap, anywhere you used it.

I wonder how they were able to get it?

SQL injection?

I wrote an MMOG backend with better password security than MtGox. :(
(Two times SHA512 hashes needed to be cracked to find a user's password)

The front page of mtgox is redirecting to something showing this now:


It also says "One account with a lot of coins was compromised" and "Apart from this no account was compromised, and nothing was lost".  If that's true, how did everyone's password hashes end up on the Internet for public download?  Something fishy is going on.

I use a customized version of passwordmaker.org ...this let's me hash together one master password with various other details to generate completely unique usernames and passwords for every single online account that I have.  I sleep easy knowing that if my password on one service (like mtgox) has been compromised, that my password (or username) is not compromised on other services.  I highly recommend it (it can be a little inconvenient though).

If this was Facebook I would not like this at all

One have to be an idiot to believe that statement, someone has 500k+ btc just sitting in their mtgox account? lol

Man from the future, you seem to know this stuff. How hard would it be for people to bruteforce or crack a reasonably strong password with the encryption in the MtGox file? Say 10 characters alphanumeric.

If the hacker also got their hand on the mtgox sourcecode, it's pretty trivial to crack, probably 5-10 accounts per hour depending on password strength.

lol wow that password hash is just begging to be cracked.   That kind of length of total output hash is like the luggage lock of electronic security...  Even salted sufficiently that is just not adequate.

I would like to echo the previous poster who said they have stronger encryption in a game they develop...

Everybody with password lengths of less than 8 characters are totally screwed now.

Change your passwords everywhere as soon as you can!

I waited through the crappy Rapidshare wait time and finally downloaded the file.

I can confirm that my Mt. Gox username and password are here! This is real.

If the salt hasn't been compromised, then the passwords should be safe, no?

Argh, fuck everything about this. Really MtGox? Really? You aren't playing nice. Also hacker who did this? Screw you too. #superbummed

mmh how can i login and change my password, i only see the login to the support section

No, absolutely not. I have already seen cracked mtgox passwords being shared in the IRC channels. Do not take a chance, change them as soon as possible, everywhere you used it.

This explains all the recent vague topics about 'my MtGox account got hacked'. The hacker went through each of them, and when he found one that had 500k bitcoins.. well you know what happened.

This still might be a phony spreedsheet.
Let's see some real proof now!


But I'm not sure you are telling the truth (no offense)
I want real proof, please send me an email, same username as this forum.
I'm waiting for real proof, now....

Edit:
Now I have real proof, thank you.

Bit_Happy, if you had an account on MtGox you could easily verify it. My account was on there. Edit: not same username as here.

Thanks guys for the info on the strength of the encryption.

It's not entirely clear if the attacker got access to the Mt.Gox source code, but at the moment it's probably safer to assume the salt was compromised as well.

Emails received, thanks all.


I wasn't going to bother with Rapidshare.
Remember all the trolls a week ago. It was possible that, everyone screaming about this is phony, but now I know for certain.

They have my username and the email I signed up with. I cannot confirm that it is my password. The hash must be salted.

They have my username and the email I signed up with. I cannot confirm that it is my password. The hash must be salted.

It's definitely NOT safe, someone just showed me a big list of cracked mtgox passwords on IRC channels. It's likely that salt has already been discovered.

If anyone out there is still using the same password on more than one site then take this opportunity to stop doing that. Get some kind of password manager and use a different random password of the maximum length and complexity each web site you register on allows.

Bit_Happy: PM sent. I'm 99% certain it's legit.


Exactly. When you see a DB leak for a site you're a member of, you don't sit around wondering how strong the hashing mechanism is you start changing your passwords. If you only used the password on MtGox, oh well you don't really have anything to do right now. If you reused the same password anywhere else, stop thinking about how strong the hash is and change your freakin' password - the effort required for the latter is much less than the former and then it's done... from your perspective the information that's leaked is no longer valid. Whether it takes 2 minutes or 2 years to crack your password is irrelevant if you've already changed it someplace else.

Password hashing isn't meant so that a bunch of fools can sit and think "I'm safe" - it's to buy you time between when the credentials are taken, and when they're useful... to give you a chance to make them not useful.

It would appear that almost all the acounts are hashed with unique salts. The issue is, it is still easy to crack any of the weaker passwords with this, thanks to GPU MD5 crackers. Most bitcoin miners have soo much GPU power anyway...

Some passwords from earlier accounts appear to have NO SALT. That, or salt is derived from username. I don't know, sinc eI've not tried cracking any, and do not want to. :)

Uh, the salt is right there in the file.  Look at line 1.  Password hash is $1$E1xAsgR1$vPt0d/L3f81Ys3SxJ7rIh/

The bold part is the salt for that hash.

The italic part is md5(password + salt)

I'm not that worried, my password is quite long and secure.

Looks like the kind of hashes that come out of phpass (http://www.openwall.com/phpass/).
I guess that means if the attackers managed to get hold of the salt, I'm prone to change my password.

well look at what some of the users have in there rigs and there are programs like Extreme GPU Bruteforcer out there that can do up to 700million passwords a sec on a geforce 250 and with what people here have in there rigs it would not take long at all.

Anyway change ya passwords to be safe and if you use the same password on another site change that as well (use a different password this time)

I'm certainly never using MtGox again. Who uses MD5 for password hashing nowadays?

This is why all websites should be using bcrypt for password hashing. It's an adaptive hashing function that can be made to perform slower over time as computers get faster. Authentication on websites does not require a fast hashing function for just this reason.

I use 1Password for password management. It was Mac only until recently - there is now a Windows version out there. I had to double check whether I was following my own best practices but I did use a unique password for mtgox.

User #8 is quitting?? Craziness.

Some passwords appear to be without a salt.

For example, check user id #156. Google for the hash shown as "password" in accounts.csv. Find the password on a forum. (The forum post that comes up on the google search might shed some light on the guy who hacked mtgox?)

So... Anyone with a plain md5 hash (no $-signs) as password in accounts.csv should be worried.

it would have been nice to keep emails encoded mtgox...

there is no >the salt< in this case it's 59231 password hashes with 59219 >different< salts. and ~1700 simple md5 hashes.

we're talking about md5crypt a.k.a MD5(Unix) a.k.a. FreeBSD MD5 ...not simple md5()!
with a decent gpu you'll be lucky to get ~1.5Mhash/s per gpu, not 700M. On a single HD4870 i get ~640.0k/s , that's nothing.
anything else than a wordlist attack is pretty useless on these hashes. so if you have a at least decent 8char pass, you should be fine.
if you're one of the poor guys, who's pass was encrypted with simple md5()...well good luck then. but the rest shouldn't worry too much.

however everyone still should change his password when they are back online

Someone with a network should email everyone on the list and let them know.

Issue is you'd probably en dup on spam blacklists. :(

Except that an account with 500k and other accounts were hacked and it's true. So you're opinion that it's all ok is bs.

https://uloadr.com/u/CF.txt (https://uloadr.com/u/CF.txt)

Apparently cracked in 3 mins with a gpu.

That sentence doesn't make sense at all.

OK, somehow I am on that list. I remember considering signing up for mtgox, but never fully went through with it, and they didnt recognize my email when I tried to use the reset password form, I got the "that email isnt registered here" message. However, I DID get an email from them just a few minutes ago. And my email is on that list. It doenst make sense to me.

I use long passwords, and several different ones for the sites I frequent, and Ive gone and changed most of them, but now Im really paranoid.

jesus christ look at those terrible passwords.....

+1

nowadays you can't even send a sixty thousand emails any more...

I've had too many issues to want to risk it, if you're being sarcastic.

I don't want my VPS blocked from emails, it needs to do ones for the services on it! :P

and a ton of people used "bitcoin" as their password, lol

So, MtGox does not us salt... It's really bad. The only good thing they can do is to reset all passwords and revalidate accounts through emails. But in case of passwords that match email ones situation becomes even worse...

Can anyone see a flaw in this plan? (besides not working for accounts with no email):

1.  All accounts are locked and no one is allowed to log in after mtgox comes back online
2.  An email is sent to account owners with a password reset link
3.  Users can then log into mtgox with no chance of attackers logging in first.

In the meantime:
1.  Change you password ASAP if you used your mtgox password somewhere else.

Also, I saw this on 4chan /g/


I'm glad i used a strong password...

We don't know which accounts were really used. For example, do you really think "testuser" has a lot of BTC floating around? I would love to know the account balance to each of these now compromised accounts.

A great lesson in web security!


No, that list is a list of cracked passwords that were salted but were so stupidly easy that they got bruteforced in no time!

Fuck. This is legit. 5 minutes after reading the email from MTGox saying they got hacked, They logged into my email and I had to text myself a special code just to get back in and change my password. MTGox needs to fucking burn hard for this. I'm changing everything, they're going to get you too if you don't.

I already got an email from mt.gox regarding the hack - so please, do not mail the whole list ;)

No, the vast majority of the passwords were done properly with md5_crypt().  They will probably never be cracked in any serious number.

The few that have been cracked were all passwords stored using the old unsalted DES based crypt().  Everyone knew that the old school crypt() was unsafe, which was the whole reason for switching to salted md5_crypt().

Ukrainian government - ROTFL

possibly unrelated, but the email account i had associated with mtgox just got locked up.

it looks like someone was trying to access it.

Could you explain to a layman how we can tell the difference? Looking at the string next my email I'd like to feel a little more secure if I know it was a more secure encryption.

What are the odds that it would happen to the both of us (MTGox users) at the same time?

Salt does not help weak passwords.

I pity anyone who used the same password.   :(

Wanna bet next leak is going to come from this forum unless it has already been hacked and data taken?

This is would be very profitable target indeed since many people here are likely to use same passwords and usernames as they use in their mails and bitcoin exchanges.

Don't trust e-mails now. Your address is public, it's the perfect opportunity to fool you.

Is this the whole list or not ? I would really like to know if my password is out there or not...


Oh I never do...

Crypt (http://en.wikipedia.org/wiki/Crypt_(Unix))

If it starts with $, it is probably pretty safe.

Without a $, the field is calculated by taking 25 rounds of DES on a 56 bit key field derived from the first 8 characters of the password.  This is very easy to crack.

If it starts with $1$, the next part is a random salt, ending with the next $.  The password and this random salt are hashed with MD5.  Then this hash, the password and the salt are all hashed again.  Then there are 1000 rounds of hashing using the password and the previous hash.  This value is what is finally stored in the file after the last $.

There are other schemes, such as $2$ and $2a$ that are based on blowfish, $3$ which blows, $5$ and $6$ which are based on SHA.  But I don't think any of those were used here.

By looking at the password file, I think the problem is that they upgraded the password hashing code to switch from DES to MD5, but didn't force changes of old passwords.  Looks like this was months ago.  The newest account I can find with the old style password is #3045 (out of ~60,000).

that's because he most likely used a very weak password and not because of md5(unix). it has barely to do with the algorithm, more with too lazy people. these are just....weak passes:
lazy people, even when it comes to protect an account that holds real money.

Thank you very much for that explanation. I do feel better now. I dont remember even signing up for Mt. Gox, let alone what password I used, but I use a bunch of different passwords for different sites. I've changed them all, and all of them are very long, strong passwords. Hopefully I am safe. Thank you.

If you can remember your password, it probably isn't strong enough.  Get a password manager, I've never been so glad to have a different 18-character random ASCII password for every online account I have.

I'm not that stupid to use something like "password" (really it is a few times in that file) and luckily the password I used on mtgox is a unique pass not to simple but easy enough for me to remember.
I always use unique passes that are harder to crack for things that involve money or other important things and I have a few common passes for not so important things that wouldn't really bother me to much if they got hacked.

I know it is far from waterproof my system and I'm interested in using a password manager, the only problem I have with a password manager, how can I than log in to my accounts on other computers? And if your computer is hacked they have all your passwords even the ones for the important sites, while nobody can crack into my head. Or am I missing something and is there a manager that gives me the ease of passwords I can remember so I can log in on different computers and the security that nobody can get my passwords from the manager.

don't see mine in there.

I'm still wondering if the DB contains my old pw or new one.