nycsurf808 (OP)
Newbie
 Offline
Activity: 3
Merit: 0
|
 |
February 07, 2013, 07:18:00 PM |
|
Have been using it over a year but today found out someone accessed my account and cleaned it out. Here is the response I got from Mt. Gox (not very helpful):
---------
Hello,
Sorry for the inconvenience.Please change your email address password and Mt.Gox password immediately. Please do not use the same username and password on different services. You can use the Yubikey or Software Authentication on our Security Center to further secure your accounts.
Please file a police report in order for the police to investigate the case and make an effort to retrieve your funds and once filing a police report, please send a copy of the police report and the official ID document to Mt.Gox. We will cooperate with the police authority in providing the necessary information for the investigation, but we are unable to reimburse any stolen funds.
Thanks,
MtGox.com Team
---
I'm trying to decide if it's worth trying to explain the police what a bitcoin is.
There is no other human being on the planet who had my Mt. Gox password... has anyone else had this problem?
|
|
|
|
|
|
|
|
|
|
There are several different types of Bitcoin clients. The most secure are full nodes like Bitcoin Core, which will follow the rules of the network no matter what miners do. Even if every miner decided to create 1000 bitcoins per block, full nodes would stick to the rules and reject those blocks.
|
|
|
Advertised sites are not endorsed by the Bitcoin Forum. They may be unsafe, untrustworthy, or illegal in your jurisdiction.
|
|
|
SgtSpike
Legendary
Offline
Activity: 1400
Merit: 1005
|
|
February 07, 2013, 07:19:41 PM |
|
This is the 3rd MtGox account I've heard of that's been cleaned out in the last week. A new vulnerability, perhaps?
|
|
|
|
|
nycsurf808 (OP)
Newbie
Offline
Activity: 3
Merit: 0
|
|
February 07, 2013, 07:31:39 PM |
|
Man it really sucks.
Remote IP was 193.11.111.212, for whatever it's worth.
|
|
|
|
|
SgtSpike
Legendary
Offline
Activity: 1400
Merit: 1005
|
|
February 07, 2013, 07:33:59 PM |
|
Different IP than the one reported here ( https://bitcointalk.org/index.php?topic=141816), but that doesn't mean it's not the same person. In all likelihood, they'd be using a VPN or botnet computer to cover their tracks. |
|
|
|
|
DeathAndTaxes
Donator
Legendary
Offline
Activity: 1218
Merit: 1079
Gerald Davis
|
|
February 07, 2013, 07:34:47 PM |
|
Let me guess.... no two factor authentication?
|
|
|
|
|
gweedo
Legendary
Offline
Activity: 1498
Merit: 1000
|
|
February 07, 2013, 07:40:08 PM |
|
That ip is out of sweden, and owned by www.junet.se so maybe try and reach out to them. But next time two factor authentication is the only way to go. |
|
|
|
|
|
robocoin
|
|
February 07, 2013, 07:53:45 PM |
|
This is the 3rd MtGox account I've heard of that's been cleaned out in the last week. A new vulnerability, perhaps?
None of them had two factor auth. If there is a vulnerability on Mt.Gox itself I think I would hear more bad news... The botsnets of this world are seriously big. I think more and more bot masters let their bots harvest BTC related data. |
|
|
|
|
|
RandomQ
|
|
February 07, 2013, 07:56:31 PM |
|
Let me guess.... no two factor authentication?
Yea beat me too it... I wont put more than 1 BTC anywhere that doesnt support two factor. I think im up to 20 accounts now with two factor or yubikey |
|
|
|
|
SgtSpike
Legendary
Offline
Activity: 1400
Merit: 1005
|
|
February 07, 2013, 07:57:36 PM |
|
This is the 3rd MtGox account I've heard of that's been cleaned out in the last week. A new vulnerability, perhaps?
None of them had two factor auth. If there is a vulnerability on Mt.Gox itself I think I would hear more bad news... The botsnets of this world are seriously big. I think more and more bot masters let their bots harvest BTC related data. Perhaps... maybe someone has access to the database with passwords? Hashes are pushed against a rainbow table to pick out the easy ones? Obviously, 2FA would prevent this from working, hence the reason only 1FA accounts have been broken? I would think many more accounts than just 3 would be accessed in such a case, as you alluded to, but you never know how many have been accessed without the owner finding out yet or without the owner posting here on this forum. Not sure what else the attacks could be from. Keylogger? Maybe. |
|
|
|
|
|
robocoin
|
|
February 07, 2013, 08:19:49 PM |
|
This is the 3rd MtGox account I've heard of that's been cleaned out in the last week. A new vulnerability, perhaps?
None of them had two factor auth. If there is a vulnerability on Mt.Gox itself I think I would hear more bad news... The botsnets of this world are seriously big. I think more and more bot masters let their bots harvest BTC related data. Perhaps... maybe someone has access to the database with passwords? Hashes are pushed against a rainbow table to pick out the easy ones? Obviously, 2FA would prevent this from working, hence the reason only 1FA accounts have been broken? I would think many more accounts than just 3 would be accessed in such a case, as you alluded to, but you never know how many have been accessed without the owner finding out yet or without the owner posting here on this forum. Not sure what else the attacks could be from. Keylogger? Maybe. Yes, the keyloggers from the malware victims connected to the botnets, I mean.  Many are specialized, like advertising and stuff. But many log paypal logins and bank stuff. I can only imagine, thats one line of code or a name added to a list for the bad guys. This storys will probably increase as Bitcoin adoption grows. |
|
|
|
|
nycsurf808 (OP)
Newbie
Offline
Activity: 3
Merit: 0
|
|
February 08, 2013, 03:55:51 AM |
|
All fair responses. I guess it's more of a warning...
1. I did not share my password with anyone.
2. I was an active member of Mt. Gox for over a year, maybe more
3. I can show my account was accessed by an IP registered to someplace in Sweden this morning, and someone came into my account and sent about 4k USD of bitcoins into the ether.
I can prove some of the above and would be happy to share whatever info I have, not that it matters, but to whatever extent it would help Mt. Gox of the bitcoin community fix whatever security hole was exploited. I have no illusions about getting my money back. I've learned and moved on (an expensive lesson), but I'm not a total newbie... I do think I would know if something was capturing keystrokes etc. or there was some rogue process running on my laptop, but who knows...
Cheers
|
|
|
|
|
|
robocoin
|
|
February 08, 2013, 04:07:51 AM |
|
All fair responses. I guess it's more of a warning...
1. I did not share my password with anyone.
2. I was an active member of Mt. Gox for over a year, maybe more
3. I can show my account was accessed by an IP registered to someplace in Sweden this morning, and someone came into my account and sent about 4k USD of bitcoins into the ether.
I can prove some of the above and would be happy to share whatever info I have, not that it matters, but to whatever extent it would help Mt. Gox of the bitcoin community fix whatever security hole was exploited. I have no illusions about getting my money back. I've learned and moved on (an expensive lesson), but I'm not a total newbie... I do think I would know if something was capturing keystrokes etc. or there was some rogue process running on my laptop, but who knows...
Cheers
You wouldn't notice advanced malware/keylogger etc, osx or windows. Even security professionals and darn black hats learn this from time to time. A yubikey is our only effective solution at the moment. Good luck. |
|
|
|
|
casascius
Mike Caldwell
VIP
Legendary
Offline
Activity: 1386
Merit: 1136
The Casascius 1oz 10BTC Silver Round (w/ Gold B)
|
|
February 08, 2013, 04:10:01 AM |
|
I am still waiting to hear about the first person who ever loses a single bitcoin stored on a paper wallet.
|
Companies claiming they got hacked and lost your coins sounds like fraud so perfect it could be called fashionable. I never believe them. If I ever experience the misfortune of a real intrusion, I declare I have been honest about the way I have managed the keys in Casascius Coins. I maintain no ability to recover or reproduce the keys, not even under limitless duress or total intrusion. Remember that trusting strangers with your coins without any recourse is, as a matter of principle, not a best practice. Don't keep coins online. Use paper or hardware wallets instead.
|
|
|
|
robocoin
|
|
February 08, 2013, 04:12:09 AM |
|
I am still waiting to hear about the first person who ever loses a single bitcoin stored on a paper wallet.
But I can't trade paper wallets on Mt.Gox^^ |
|
|
|
|
casascius
Mike Caldwell
VIP
Legendary
Offline
Activity: 1386
Merit: 1136
The Casascius 1oz 10BTC Silver Round (w/ Gold B)
|
|
February 08, 2013, 04:14:28 AM |
|
I am still waiting to hear about the first person who ever loses a single bitcoin stored on a paper wallet.
But I can't trade paper wallets on Mt.Gox^^ Sure you can: mtgox->paperwallet: use the withdraw function paperwallet->mtgox: use the import private key function About all you can't do is list an ask for btc on a paper wallet. |
Companies claiming they got hacked and lost your coins sounds like fraud so perfect it could be called fashionable. I never believe them. If I ever experience the misfortune of a real intrusion, I declare I have been honest about the way I have managed the keys in Casascius Coins. I maintain no ability to recover or reproduce the keys, not even under limitless duress or total intrusion. Remember that trusting strangers with your coins without any recourse is, as a matter of principle, not a best practice. Don't keep coins online. Use paper or hardware wallets instead.
|
|
|
Jutarul
Donator
Legendary
Offline
Activity: 994
Merit: 1000
|
|
February 08, 2013, 04:15:57 AM |
|
Recycled the password or parts of it on a different site?
|
|
|
|
|
robocoin
|
|
February 08, 2013, 04:20:23 AM |
|
I am still waiting to hear about the first person who ever loses a single bitcoin stored on a paper wallet.
But I can't trade paper wallets on Mt.Gox^^ Sure you can: mtgox->paperwallet: use the withdraw function paperwallet->mtgox: use the import private key function About all you can't do is list an ask for btc on a paper wallet. Yes we can  But once they are imported you have to deal with security.  |
|
|
|
|
casascius
Mike Caldwell
VIP
Legendary
Offline
Activity: 1386
Merit: 1136
The Casascius 1oz 10BTC Silver Round (w/ Gold B)
|
|
February 08, 2013, 04:29:45 AM |
|
Wish MtGox offered a way to lock withdrawals to a single address. This would solve so much.
|
Companies claiming they got hacked and lost your coins sounds like fraud so perfect it could be called fashionable. I never believe them. If I ever experience the misfortune of a real intrusion, I declare I have been honest about the way I have managed the keys in Casascius Coins. I maintain no ability to recover or reproduce the keys, not even under limitless duress or total intrusion. Remember that trusting strangers with your coins without any recourse is, as a matter of principle, not a best practice. Don't keep coins online. Use paper or hardware wallets instead.
|
|
|
|
dust
|
|
February 08, 2013, 04:31:54 AM |
|
This is the 3rd MtGox account I've heard of that's been cleaned out in the last week. A new vulnerability, perhaps?
Adobe released an emergency patch today for a Flash vulnerability that "is being exploited in the wild" and could lead to malicious code running on users' computers.I am still waiting to hear about the first person who ever loses a single bitcoin stored on a paper wallet.
To be fair, a common use for a paper wallet is long term storage, so there is a lag between the use of paper wallets and the reporting of lost coins with them. The majority of paper wallets that have been created have probably never been redeemed. When people finally get around to redeeming them, they may find them lost, destroyed, stolen, or that the private keys were printed incorrectly in the first place. Wish MtGox offered a way to lock withdrawals to a single address. This would solve so much.
2-factor authentication solves 99.9% of the issues with stolen mtgox accounts. |
|
|
|
casascius
Mike Caldwell
VIP
Legendary
Offline
Activity: 1386
Merit: 1136
The Casascius 1oz 10BTC Silver Round (w/ Gold B)
|
|
February 08, 2013, 04:35:04 AM |
|
Paper wallets having private keys printed incorrectly is an extremely unlikely problem.
It would be like having a dollar print incorrectly.
|
Companies claiming they got hacked and lost your coins sounds like fraud so perfect it could be called fashionable. I never believe them. If I ever experience the misfortune of a real intrusion, I declare I have been honest about the way I have managed the keys in Casascius Coins. I maintain no ability to recover or reproduce the keys, not even under limitless duress or total intrusion. Remember that trusting strangers with your coins without any recourse is, as a matter of principle, not a best practice. Don't keep coins online. Use paper or hardware wallets instead.
|
|
|
|
