Bitcoin Forum
November 10, 2024, 01:27:17 PM *
News: Latest Bitcoin Core release: 28.0 [Torrent]
 
   Home   Help Search Login Register More  
Pages: « 1 [2] 3 4 5 »  All
  Print  
Author Topic: How I got robbed of 34 btc on Mt.Gox today  (Read 124865 times)
nwbitcoin
Sr. Member
****
Offline Offline

Activity: 294
Merit: 250


You are a geek if you are too early to the party!


View Profile WWW
April 11, 2013, 12:49:43 PM
 #21

But all the technical details aside, it's CLEAR that this site is built and targeted methodically at mtgox users

The reason I chose mtgox is because they are the biggest and most well known.

The second sentace could have been a quote from the scammers.

Really sorry for your loss, but just like Windows gets hacked because everyone and his dog uses it, MTGox suffers exactly the same way - for the same reason.

If your story helps someone else, at least it will not have been a complete disaster.


*Image Removed*
I use Localbitcoins to sell bitcoins for GBP by bank transfer!
Dervie
Newbie
*
Offline Offline

Activity: 42
Merit: 0


View Profile
April 11, 2013, 12:50:44 PM
 #22

"In order to see Chatbox or to communicate with us. Please Update java at the top of the page.

- If the Download did not worked, Click Here"

View Source > <h3><a href="http://g2f.nl/0lczsoo"> - If the Download did not worked, Click Here <a/></h3>

I never knew Adobe changed their domain to g2f.nl. Anyway, I'm sorry for your loss.
running
Newbie
*
Offline Offline

Activity: 40
Merit: 0


View Profile
April 11, 2013, 01:22:31 PM
 #23

Disable Java in the browser.

There is no reason to run Java in browser nowadays. (Not JavaScript. Java.)
mobile4ever
Hero Member
*****
Offline Offline

Activity: 546
Merit: 500


View Profile
April 11, 2013, 01:23:38 PM
 #24

I then realized that I only received my notification email from them much after the fact apparently because their servers are overloaded and not functioning correctly.


I sound like a broken record, but this is coming up again, in yet another thread. Bitcoin, and all of us, deserve decentralized markets.
VeeMiner
Hero Member
*****
Offline Offline

Activity: 752
Merit: 500


bitcoin hodler


View Profile
April 11, 2013, 01:30:33 PM
Last edit: April 11, 2013, 01:41:14 PM by VeeMiner
 #25

Please don't blame MtGox, this is what you accepted, you allowed a Java executable to run and gave it permission to run outside the sandbox.

https://news.ycombinator.com/item?id=5531507

I concur, this is very unfortunate and it sucks, but I can understand if MtGox refuses to pay your damages...
bitbully (OP)
Jr. Member
*
Offline Offline

Activity: 47
Merit: 1


View Profile
April 11, 2013, 01:31:14 PM
 #26

I understand some people are getting prompts to run the Java applet, this was not the case with me. I was browsing the web and am aware not to run random applets, scripts, etc..and I did not lower any security restrictions at any point in time. I am very security conscious, so if I can become a victim, so can many others who are none the less wiser.

Finally it does seem the site was added to the google phishing directory which is good.

Thank you all for helping me to figure this out. I really don't want anyone to experience what I went through today.
chip1
Newbie
*
Offline Offline

Activity: 28
Merit: 0



View Profile
April 11, 2013, 01:36:45 PM
 #27

Did mtgox refund you? What are they saying.
SteamGamesBTC.com
Hero Member
*****
Offline Offline

Activity: 734
Merit: 507



View Profile WWW
April 11, 2013, 01:37:35 PM
Last edit: April 11, 2013, 01:48:22 PM by steamgames
 #28

That's why I have always Java disabled on webbrowsers.

Don't know it's true, but someone cliams that MtGox is hacked:
http://pastebin.com/ZSqRN3RK

SteamGamesBTC.com
> Automatic 24/7 bot: purchase any Steam game 20% cheaper with Bitcoin! <
crazy_rabbit
Legendary
*
Offline Offline

Activity: 1204
Merit: 1002


RUM AND CARROTS: A PIRATE LIFE FOR ME


View Profile
April 11, 2013, 01:38:49 PM
 #29

My heart goes out to you there. Everyones nightmare. Get a yubikey. Seriously. Nothing can be without 2fa.

Oh shit! My bitstamp doesn't have it enabled! RUN! RUN! RUN!....


....whew, that was close.

more or less retired.
phr0stbyt3
Hero Member
*****
Offline Offline

Activity: 672
Merit: 500


View Profile
April 11, 2013, 01:41:27 PM
 #30

TLDR
+1 for 2FA. On a related note, it seems like several accounts were compromised over @ BTC-e within the last few days.
Sorry to hear about your coins OP.  Sad
juice
Newbie
*
Offline Offline

Activity: 56
Merit: 0



View Profile
April 11, 2013, 02:14:09 PM
Last edit: May 15, 2013, 07:41:07 AM by juice
 #31

https://defuse.ca/bitcoin-pool-ddos.htm
rme
Hero Member
*****
Offline Offline

Activity: 756
Merit: 504



View Profile
April 11, 2013, 02:23:48 PM
 #32

That's why I have always Java disabled on webbrowsers.

Don't know it's true, but someone cliams that MtGox is hacked:
http://pastebin.com/ZSqRN3RK

FAKE

All the logins come from http://pastebin.com/Kd093NQi and are not MtGox users.
Fuyuki_Wataru
Member
**
Offline Offline

Activity: 167
Merit: 10



View Profile
April 11, 2013, 02:37:13 PM
 #33

Javascript drive-by, cost's nearly nothing. With 300 USD you can easily buy pre-made keyloggers, java driveby, and other useful blackhat items/scripts to get someones account information. It really doesn't take a brain anymore to 'hack'.

I use google chrome no-cookies browser, and got about 15 different passwords. It's really annoying because I never know which one is for what website... Though I must admit the ones I use for forums and such are easy. Did you know that there's basically a list of 5 billion or more passwords? Start thinking out of the box, and make random passwords like Xfha25ADmw-_215s. Still though... OP post shows that even if you have a good password you can be stolen from. Think wisely.


Also, here is a tip for those who read this; once you have added your creditcard or any other form of payment on a website, immediately delete it once finished. Else it might stay registered there, and once someone finds out that it's there... your fucked.


▬▬▬▬▬▬▬▬▬▬▬▬▬▬▬▬▬▬▬▬▬▬▬▬▬▬    delicia | delicia.io    ▬▬▬▬▬▬▬▬▬▬▬▬▬▬▬▬▬▬▬▬▬▬▬▬▬▬
Decentralized Global Food Network | World's Only Solution to Food Wastage | Join Whitelist Now, Get 30% Bonus
▬▬▬▬▬▬▬▬▬▬    Whitepaper | Telegram | Medium | Twitter | FB | ANN    ▬▬▬▬▬▬▬▬▬▬
muyuu
Donator
Legendary
*
Offline Offline

Activity: 980
Merit: 1000



View Profile
April 11, 2013, 02:39:18 PM
 #34

Can't see how MtGox can be liable if you have malware executing orders in your computer.

It's impossible that all this happened just for entering that website.

1) You installed something from that site.
2) Or; You gave it extra permissions to run something on your browser.
Look at the site.

JAVA.
Chrome asks permission to run Java.
#2

Most likely he just clicked "ok" as most people blindly do.

Still a pity though.

GPG ID: 7294199D - OTC ID: muyuu (470F97EB7294199D)
forum tea fund BTC 1Epv7KHbNjYzqYVhTCgXWYhGSkv7BuKGEU DOGE DF1eTJ2vsxjHpmmbKu9jpqsrg5uyQLWksM CAP F1MzvmmHwP2UhFq82NQT7qDU9NQ8oQbtkQ
antibanker
Newbie
*
Offline Offline

Activity: 14
Merit: 0


View Profile
April 11, 2013, 02:49:11 PM
 #35

http://sitecheck.sucuri.net/results/www.mtgox-chat.info


they say its clean  Shocked
Herodes
Hero Member
*****
Offline Offline

Activity: 868
Merit: 1000


View Profile
April 11, 2013, 02:54:36 PM
 #36

Firstly, let me say that I am truly sorry for your loss - nobody deserves to lose that amount of money. This is my genuine opinion, then unfortunately I have to wave my finger at you and point out the following:

* When having an account at MtGox, you should use two-factor authentication (yubikey). I've heard you can use Google and your cell phone too, but I haven't tried that.
* When operating MtGox, do so with it's own browser and have the rest of the sites you have open in another browser, with no other tabs open. This will ensure that any cross site exploit can't take place.
* Unless it's a link you recognize (youtube.com, reddit.com etc), then don't click any link in that trollbox. Even better would be never to click anything from that trollbox. It's dangerous - as you now with great pain has experienced.

Btc-e.com is facilitating this to happen. Actually, no links in the trollbox should be clickable. People will click on links, and they will become exploited. There are skilled hackers aka predators, just waiting like crocodiles in the water for the kettle to come and drink in their water hole (clicking links). Even if links clicked are not exploitable, if the hacker controls the server where you click the link, he can collect informaiton about your btc-e.com user account (username, your ip) and then target an attack directly at your ip to see if there's any vulnerabilities  on your network.

If in doubt - always be careful - and as this incident shows - it's very easy to be exploited. This is just an alternative to the msn, skype and facebook viruses. When there's something to steal or exploit, there will always be cyber criminals lined up to take advantage of this.

The trollbox can also be disabled when using the site. Also, most of the info in the trollbox is of extremely low quality, and when someone uses a bait as 'click here to see MtGox accepting litecoins', the smart malicious hackers knows this will trigger the curiosity of people, which will then click that link, and subsequently become infected. If you see any such news, then rather than clicking that link, go to reddit/r/bitcoin or bitocintalk.org and see if there's any mention of it there. If it isn't, then it's probably just a hoax. Also, be very careful when clicking on links to unknown bitcoin sites in general.
Dabs
Legendary
*
Offline Offline

Activity: 3416
Merit: 1912


The Concierge of Crypto


View Profile
April 11, 2013, 03:14:22 PM
 #37

I use Windows XP and Firefox. I don't get virus'd often, or very rarely, and usually is because I intentionally run something I'm not supposed to. Although two factor authentication is nice, I find that I personally don't need it, since I never access any important sites insecurely, and all have good long unguessable passwords.

Rampion
Legendary
*
Offline Offline

Activity: 1148
Merit: 1018


View Profile
April 11, 2013, 03:24:15 PM
 #38

I use Windows XP and Firefox. I don't get virus'd often, or very rarely, and usually is because I intentionally run something I'm not supposed to. Although two factor authentication is nice, I find that I personally don't need it, since I never access any important sites insecurely, and all have good long unguessable passwords.

FAIL

Anvi
Newbie
*
Offline Offline

Activity: 40
Merit: 0



View Profile
April 11, 2013, 03:33:00 PM
 #39

This is why everyone should always browse the web with Firefox and NoScript addon... You have to manually whitelist sites/domains that you trust.
Dabs
Legendary
*
Offline Offline

Activity: 3416
Merit: 1912


The Concierge of Crypto


View Profile
April 11, 2013, 03:51:03 PM
 #40

What part is the fail? or everything I guess? To others and to you maybe.

I also use Deep Freeze. Turns my whole computer into it's own sandboxed VM, so any malware disappears on reboot.

Pages: « 1 [2] 3 4 5 »  All
  Print  
 
Jump to:  

Powered by MySQL Powered by PHP Powered by SMF 1.1.19 | SMF © 2006-2009, Simple Machines Valid XHTML 1.0! Valid CSS!