Bitcoin Forum
November 08, 2024, 02:30:33 AM *
News: Latest Bitcoin Core release: 28.0 [Torrent]
 
   Home   Help Search Login Register More  
Pages: [1] 2 »  All
  Print  
Author Topic: MtGox Account got Hacked Today  (Read 2826 times)
jbmiller10 (OP)
Full Member
***
Offline Offline

Activity: 134
Merit: 100



View Profile
June 13, 2011, 10:44:21 PM
Last edit: June 14, 2011, 01:16:22 AM by jbmiller10
 #1

I don't really know why I'm posting this, but my Mt. Gox account got hacked today, lost ~8K USD, absolutely devastated, as it was most of my money for college. Be careful. I assume there's no recourse for this?

Fuck my life. Be careful, people.

I go by threestar most places.
Join us in the Digitalcoin Chatroom!
Targus Targus
Newbie
*
Offline Offline

Activity: 22
Merit: 0


View Profile
June 13, 2011, 10:45:34 PM
 #2

You're like the third guy here alone to be hacked recently. I think the attacks have begun in force.
YoYa
Hero Member
*****
Offline Offline

Activity: 809
Merit: 501


Always verify deals with me through my public key!


View Profile WWW
June 13, 2011, 11:03:02 PM
 #3

You don't just get **Hacked**!

Your sec is only as good as the weakest link, and it's waaaay more likely that someone you know actually just got your pc unlocked.

ALSO!

MtGox is a legal entity, if you did get hacked, you are more then welcome to get the police to request the details to which your money was sent, MtGox at it's discretion may choose to comply.
jbmiller10 (OP)
Full Member
***
Offline Offline

Activity: 134
Merit: 100



View Profile
June 13, 2011, 11:11:45 PM
 #4

Nope, I had my computer with me all the while this went down, and no one's used my computer.
I imagine someone bruteforced my password. It was all withdrawn in Bitcoin, so I have no delusions that I'll be able to track down the person that did it. That's kind of the point of bitcoin I suppose.

I don't really know why I posted this thread. It's just shitty. I'm devastated and needed to vent. Sorry for taking up space. Use complex passwords, people. Don't make the mistake I did.

Also, Mt. Gox needs to use a captcha. Really. Other people don't need to go through what I've gone through.


I go by threestar most places.
Join us in the Digitalcoin Chatroom!
Mr. E
Newbie
*
Offline Offline

Activity: 20
Merit: 0


View Profile
June 13, 2011, 11:14:27 PM
 #5

Use very strong passwords anywhere where money is involved online, and DON'T use the same password at multiple sites.

Agreed, so many people underestimate the power of the password.  To make one really secure, use special characters like #, !, &... that
makes it real hard to crack.  Also use upper/lowercase and alpha/numeric.
tokn
Newbie
*
Offline Offline

Activity: 21
Merit: 0


View Profile
June 13, 2011, 11:21:03 PM
 #6

Use very strong passwords anywhere where money is involved online, and DON'T use the same password at multiple sites.

Agreed, so many people underestimate the power of the password.  To make one really secure, use special characters like #, !, &... that
makes it real hard to crack.  Also use upper/lowercase and alpha/numeric.

While I whole heartedly agree that a strong password is a must, but don't stop there.  Ensure you take other security measurements on your system as well: Up to date antivirus, scan pcs for malware/spyware, patch your systems.  And if you have questionable browsing habbits, then make sure you use a different system (if available) for that.

I'm sorry for your loss, hopefully there are some recourse with the vendor.

I know how you must be feeling to have something taken from you.  I once had my poker account broken into and they used up all my funds, while not to your amount, but I still felt violated.
yoake
Newbie
*
Offline Offline

Activity: 20
Merit: 0


View Profile
June 13, 2011, 11:24:48 PM
 #7

You guys warning him about how to guard his own PC, seem to be assuming that Mt. Gox itself is 100% secure.
Targus Targus
Newbie
*
Offline Offline

Activity: 22
Merit: 0


View Profile
June 13, 2011, 11:27:44 PM
 #8

There needs to be a full investigation on every employee there to ensure they are not members of the financial terrorist groups that have been assaulting Bitcoins.
Soros Shorts
Donator
Legendary
*
Offline Offline

Activity: 1617
Merit: 1012



View Profile
June 13, 2011, 11:28:30 PM
 #9

Yes, whatever you do don't use the same userid/password that you use for your pools, no matter how strong the password is!

The pools are under constant attack, and if you connect to many pools could you really trust each and everyone of the operators? There are only a few places where you can cash out your Bitcoins and it doesn't take much for someone who obtains your pool login to try to see if it also works on Mt Gox or Trade Hill.

ddod
Newbie
*
Offline Offline

Activity: 12
Merit: 0


View Profile
June 13, 2011, 11:31:37 PM
 #10

So from you statements, is it safe to assume that your password was not a very good one?
tokn
Newbie
*
Offline Offline

Activity: 21
Merit: 0


View Profile
June 14, 2011, 12:24:51 AM
 #11

You guys warning him about how to guard his own PC, seem to be assuming that Mt. Gox itself is 100% secure.

No one entity is ever 100% secure.  But based on the OP's post, he mentioned that to use strong passwords and don't make his mistake, meaning its was probably not a strong password.  So a hacker could have easily brute force or dictionary attacked his password.
meighty
Newbie
*
Offline Offline

Activity: 28
Merit: 0


View Profile WWW
June 14, 2011, 12:30:47 AM
 #12

Use strong passwords. Change them on a regular basis. Transfer BTC out on a regular basis. Hope that sites start to use reCaptcha.
Alex Beckenham
Full Member
***
Offline Offline

Activity: 154
Merit: 100


View Profile
June 14, 2011, 12:34:23 AM
 #13

I don't really know why I'm posting this, but my Mt. Gox account got hacked today, lost 8K USD, absolutely devastated, as it was my money for college. Be careful. I assume there's no recourse for this?

Fuck my life. Be careful, people.

How is this possible, when the withdrawal limit is $1000?

NothinG
Hero Member
*****
Offline Offline

Activity: 560
Merit: 500



View Profile
June 14, 2011, 12:36:30 AM
 #14

I don't really know why I'm posting this, but my Mt. Gox account got hacked today, lost 8K USD, absolutely devastated, as it was my money for college. Be careful. I assume there's no recourse for this?

Fuck my life. Be careful, people.

How is this possible, when the withdrawal limit is $1000?

Estimated worth of BTC in USD?

md2k7
Newbie
*
Offline Offline

Activity: 16
Merit: 0


View Profile
June 14, 2011, 12:37:10 AM
 #15

Hope that sites start to use reCaptcha.

Fun that people still think CAPTCHA, especially reCaptcha - which is extremely widely used - is any good against bots. I have a small personal website with a simple comment form secured by reCaptcha. One or two spam entries per week. Don't tell me some Chinese guy is being forced to solve them, because posting spam on a website without any traffic doesn't generate profits. That leaves bots solving them. Welcome the 21st century's image recognition.

Yours
David
Vanquistador
Newbie
*
Offline Offline

Activity: 28
Merit: 0


View Profile
June 14, 2011, 12:43:39 AM
 #16

Hope that sites start to use reCaptcha.

Fun that people still think CAPTCHA, especially reCaptcha - which is extremely widely used - is any good against bots. I have a small personal website with a simple comment form secured by reCaptcha. One or two spam entries per week. Don't tell me some Chinese guy is being forced to solve them, because posting spam on a website without any traffic doesn't generate profits. That leaves bots solving them. Welcome the 21st century's image recognition.

Yours
David

I remember using bots that would work around CAPTCHA when I was a little kid playing neopets.
jbmiller10 (OP)
Full Member
***
Offline Offline

Activity: 134
Merit: 100



View Profile
June 14, 2011, 12:48:17 AM
 #17

So from you statements, is it safe to assume that your password was not a very good one?

It was a reasonably secure alphanumeric pass (or so I thought, at least), but I admittedly used it on more than one website.

Don't be naive about your password security, I guess is the moral of the story.

It's not fun.

I go by threestar most places.
Join us in the Digitalcoin Chatroom!
haydent
Full Member
***
Offline Offline

Activity: 154
Merit: 100



View Profile
June 14, 2011, 12:57:24 AM
 #18

thanks for the heads up, something we all need to keep in mind. possible MTGox needs a third security number like internet banking often do. something you choose but its on top of your password and therefore not used widely across the internet already by you.

2x Gigabyte 6950 OC @ 920/450 w/ ati tray tools (1 shader modded) - 760Mhs on ozco.in 0% fee aus pool
btc: 1HS5Brzcsh7XkJn566XYbvfpa2JuBRBdss
Alex Beckenham
Full Member
***
Offline Offline

Activity: 154
Merit: 100


View Profile
June 14, 2011, 01:12:15 AM
 #19

I don't really know why I'm posting this, but my Mt. Gox account got hacked today, lost 8K USD, absolutely devastated, as it was my money for college. Be careful. I assume there's no recourse for this?

Fuck my life. Be careful, people.

How is this possible, when the withdrawal limit is $1000?

Estimated worth of BTC in USD?

Whaaaaaaaaaaaaaaaaaaaat?

I mean, how can someone steal $8000 worth of coins in one day? They could withdraw $1000 of them due to Mt Gox withdrawal limit, then you could contact Mt Gox admin to retrieve the remaining $7000 worth in the theif's account.

jbmiller10 (OP)
Full Member
***
Offline Offline

Activity: 134
Merit: 100



View Profile
June 14, 2011, 01:15:07 AM
 #20

I don't really know why I'm posting this, but my Mt. Gox account got hacked today, lost 8K USD, absolutely devastated, as it was my money for college. Be careful. I assume there's no recourse for this?

Fuck my life. Be careful, people.

How is this possible, when the withdrawal limit is $1000?

Estimated worth of BTC in USD?

Whaaaaaaaaaaaaaaaaaaaat?

I mean, how can someone steal $8000 worth of coins in one day? They could withdraw $1000 of them due to Mt Gox withdrawal limit, then you could contact Mt Gox admin to retrieve the remaining $7000 worth in the theif's account.

The limit is for dwolla/lr/euro withdrawals, I guess. You can take out as many bitcoins as you want at any time.

I go by threestar most places.
Join us in the Digitalcoin Chatroom!
Pages: [1] 2 »  All
  Print  
 
Jump to:  

Powered by MySQL Powered by PHP Powered by SMF 1.1.19 | SMF © 2006-2009, Simple Machines Valid XHTML 1.0! Valid CSS!