|
Title: MtGox Client Email! Post by: SomeoneWeird on June 20, 2011, 03:45:36 AM Im pretty sure this is spam. The Email is as follows:
Quote Dear Mt.Gox user, Our database has been compromised, how you already know. To protect your account in the future, please download the Certificate (self-extracting archive) from Attachment and install it. If you were using the same password on Mt.Gox and other places (email, mybitcoin.com, etc), you should change this password as soon as possible. Please accept our apologies for the troubles caused, and be certain we will do everything we can to keep the funds entrusted with us as secure as possible. Any unauthorized access done to any account you own (email, mtgox, etc) should be reported to the appropriate authorities in your country. Thanks, The Mt.Gox team Going to download the file and anubis it. Title: Re: MtGox Client Email! Post by: finack on June 20, 2011, 03:50:53 AM Sounds legit.
Title: Re: MtGox Client Email! Post by: SomeoneWeird on June 20, 2011, 03:58:56 AM Sounds legit. Mhmm. I'll report back with the results. Title: Re: MtGox Client Email! Post by: Vladimir on June 20, 2011, 04:00:57 AM "self-extracting archive" should scare the bejisus out of you kids.
It means untrusted code! An now... why would mtgox send you anything like this! Title: Re: MtGox Client Email! Post by: SomeoneWeird on June 20, 2011, 04:04:23 AM "self-extracting archive" should scare the bejisus out of you kids. It means untrusted code! An now... why would mtgox send you anything like this! Yep. https://anubis.iseclab.org/?action=result&task_id=1831b3136a13eee9419e962dd8416b9c1&format=html Title: Re: MtGox Client Email! Post by: jatajuta on June 20, 2011, 04:05:22 AM Im pretty sure this is spam. The Email is as follows: Quote Dear Mt.Gox user, Our database has been compromised, how you already know. To protect your account in the future, please download the Certificate (self-extracting archive) from Attachment and install it. If you were using the same password on Mt.Gox and other places (email, mybitcoin.com, etc), you should change this password as soon as possible. Please accept our apologies for the troubles caused, and be certain we will do everything we can to keep the funds entrusted with us as secure as possible. Any unauthorized access done to any account you own (email, mtgox, etc) should be reported to the appropriate authorities in your country. Thanks, The Mt.Gox team Going to download the file and anubis it. [Update - 3:45 GMT] Update: DO NOT DOWNLOAD ANYTHING If you receive ANY email which seems coming from Mt.Gox asking you to download something (certificate, generating program, etc), DO NOT DOWNLOAD. Do not either input your password on any site which is not MTGOX.COM. https://support.mtgox.com/entries/20208066-huge-bitcoin-sell-off-due-to-a-compromised-account-rollback (https://support.mtgox.com/entries/20208066-huge-bitcoin-sell-off-due-to-a-compromised-account-rollback) Title: Re: MtGox Client Email! Post by: SomeoneWeird on June 20, 2011, 04:07:26 AM Im pretty sure this is spam. The Email is as follows: Quote Dear Mt.Gox user, Our database has been compromised, how you already know. To protect your account in the future, please download the Certificate (self-extracting archive) from Attachment and install it. If you were using the same password on Mt.Gox and other places (email, mybitcoin.com, etc), you should change this password as soon as possible. Please accept our apologies for the troubles caused, and be certain we will do everything we can to keep the funds entrusted with us as secure as possible. Any unauthorized access done to any account you own (email, mtgox, etc) should be reported to the appropriate authorities in your country. Thanks, The Mt.Gox team Going to download the file and anubis it. [Update - 3:45 GMT] Update: DO NOT DOWNLOAD ANYTHING If you receive ANY email which seems coming from Mt.Gox asking you to download something (certificate, generating program, etc), DO NOT DOWNLOAD. Do not either input your password on any site which is not MTGOX.COM. https://support.mtgox.com/entries/20208066-huge-bitcoin-sell-off-due-to-a-compromised-account-rollback (https://support.mtgox.com/entries/20208066-huge-bitcoin-sell-off-due-to-a-compromised-account-rollback) Im not stupid enough to run it... Title: Re: MtGox Client Email! Post by: chuckypalumbo on June 20, 2011, 04:08:31 AM I got this email an hour ago, I can now throw away my email address of 15 years at it will be scammed and phished to death through this.
Title: Re: MtGox Client Email! Post by: Oldminer on June 20, 2011, 04:09:54 AM A quick check of the email headers will tell you if its legit or not. If your not sure how to do that forward the email to Mtgox support team for advice (enter their email address as listed on their site dont simply reply to the email!).
Title: Re: MtGox Client Email! Post by: jatajuta on June 20, 2011, 04:11:49 AM Im not stupid enough to run it... Just checking... ;D Title: Re: MtGox Client Email! Post by: Tx2000 on June 20, 2011, 04:16:36 AM I think one should not open an attachment without 100% assurance that there is nothing malicious inside. Hell, I even ask my friends if they sent me an email attachment before I open it. Even then, I thoroughly scan the file to make sure. Caution and prevention are the the best weapons.
Title: Re: MtGox Client Email! Post by: Bazil on June 20, 2011, 04:55:41 AM This kind of crap is why I use a different email address for every single thing I sign up for.
Title: Re: MtGox Client Email! Post by: CYPER on June 20, 2011, 11:47:24 AM Well, call me stupid but I opened the file after I scanned it with MSE, so can you please tell me how can I clean my pc now, when no antivirus detects it as a potential threat?
Does it install any files which I can manually delete? Title: Re: MtGox Client Email! Post by: relative on June 20, 2011, 11:51:01 AM there now is basically a list of people out there who have wallet.dat's on their computers.
have fun. Title: Re: MtGox Client Email! Post by: SomeoneWeird on June 20, 2011, 11:57:20 AM Well, call me stupid but I opened the file after I scanned it with MSE, so can you please tell me how can I clean my pc now, when no antivirus detects it as a potential threat? Does it install any files which I can manually delete? Run Mbam, SpyBot S&D and a couple of others and see if they pick anything up. And create a new wallet and move all your coins ASAP. Title: Re: MtGox Client Email! Post by: CYPER on June 20, 2011, 12:05:40 PM Well, call me stupid but I opened the file after I scanned it with MSE, so can you please tell me how can I clean my pc now, when no antivirus detects it as a potential threat? Does it install any files which I can manually delete? Run Mbam, SpyBot S&D and a couple of others and see if they pick anything up. And create a new wallet and move all your coins ASAP. I don't have any coins yet, as I'm in the process of building a rig, so at least nothing to steal. But do you think the virus is so sophisticated that it can extract all of my saved passwords from Firefox for example? Title: Re: MtGox Client Email! Post by: SomeoneWeird on June 20, 2011, 12:09:16 PM Well, call me stupid but I opened the file after I scanned it with MSE, so can you please tell me how can I clean my pc now, when no antivirus detects it as a potential threat? Does it install any files which I can manually delete? Run Mbam, SpyBot S&D and a couple of others and see if they pick anything up. And create a new wallet and move all your coins ASAP. I don't have any coins yet, as I'm in the process of building a rig, so at least nothing to steal. But do you think the virus is so sophisticated that it can extract all of my saved passwords from Firefox for example? Possibly, although they might have tried to keep it simple so it wouldn't set off any alarms (AV or IDS or otherwise). Title: Re: MtGox Client Email! Post by: skull88 on June 20, 2011, 12:09:44 PM Well, call me stupid but I opened the file after I scanned it with MSE, so can you please tell me how can I clean my pc now, when no antivirus detects it as a potential threat? Change your passwords, backup your files, do a format and reinstall everything.Does it install any files which I can manually delete? You will think twice in the future before opening an attachment. Title: Re: MtGox Client Email! Post by: ius on June 20, 2011, 12:11:00 PM I don't have any coins yet, as I'm in the process of building a rig, so at least nothing to steal. But do you think the virus is so sophisticated that it can extract all of my saved passwords from Firefox for example? One of the other stealers sent (Bitcoin_Exploit.rar) certainly did. Firefox, Chrome, Filezilla password caches and bitcoin wallet. Title: Re: MtGox Client Email! Post by: Vladimir on June 20, 2011, 12:14:40 PM If you had a non ecrypted wallet.dat on the compromised computer, transfer all the money you had there to a new secure wallet ASAP.
It wallet.dat was encrypted, first transfer it (and only it) to a secure computer. Than as skull88 said. Using secure system change all your passwords, when changing every password repeat "I will not open email attachments, I will not open email attachments, I will not open email attachments..." Title: Re: MtGox Client Email! Post by: CYPER on June 20, 2011, 12:17:31 PM If you had a non ecrypted wallet.dat on the compromised computer, transfer all the money you had there to a new secure wallet ASAP. It wallet.dat was encrypted, first transfer it (and only it) to a secure computer. Than as skull88 said. I have a wallet, but since I haven't started mining yet there are no coins in it. Of f*** I so hate myself - I really don't want to reinstall Windows Title: Re: MtGox Client Email! Post by: SomeoneWeird on June 20, 2011, 12:19:52 PM If you had a non ecrypted wallet.dat on the compromised computer, transfer all the money you had there to a new secure wallet ASAP. It wallet.dat was encrypted, first transfer it (and only it) to a secure computer. Than as skull88 said. Using secure system change all your passwords, when changing every password repeat "I will not open email attachments, I will not open email attachments, I will not open email attachments..." haha +1 |