Bitcoin Forum
August 18, 2017, 01:51:49 AM *
News: Latest stable version of Bitcoin Core: 0.14.2  [Torrent].
 
   Home   Help Search Donate Login Register  
Pages: « 1 2 3 4 5 [6] 7 8 9 »  All
  Print  
Author Topic: If your Mt. Gox account has been compromised, PLEASE READ.  (Read 33846 times)
chr15m
Newbie
*
Offline Offline

Activity: 3


View Profile
June 20, 2011, 04:51:06 AM
 #101

Just a heads up that someone is sending a lovely .exe trojan to all mtgox users under the guise of "info@mtgox.com" from wiscointl.com.cn - the subject of the email is "[Mt.Gox] Account Certificate Download."

You probably do not want to run the exe.
1503021109
Hero Member
*
Offline Offline

Posts: 1503021109

View Profile Personal Message (Offline)

Ignore
1503021109
Reply with quote  #2

1503021109
Report to moderator
Advertised sites are not endorsed by the Bitcoin Forum. They may be unsafe, untrustworthy, or illegal in your jurisdiction. Advertise here.
1503021109
Hero Member
*
Offline Offline

Posts: 1503021109

View Profile Personal Message (Offline)

Ignore
1503021109
Reply with quote  #2

1503021109
Report to moderator
chr15m
Newbie
*
Offline Offline

Activity: 3


View Profile
June 20, 2011, 05:15:19 AM
 #102

The Reply-To address is "info_@mtgox.com". Does this mean that the mtgox.com machine is compromised too and they have set up a special mailbox there?

This should probably be posted on the non-newbies part of this forum.
conbitcoin.com
Newbie
*
Offline Offline

Activity: 22


View Profile
June 20, 2011, 05:28:58 AM
 #103

Just a heads up that someone is sending a lovely .exe trojan to all mtgox users under the guise of "info@mtgox.com" from wiscointl.com.cn - the subject of the email is "[Mt.Gox] Account Certificate Download."

You probably do not want to run the exe.

Thanks alot for the info !

Comprar, Vender e Intercambiar con bitcoins (http://conbitcoin.com)
pharmhero
Newbie
*
Offline Offline

Activity: 3


View Profile
June 20, 2011, 05:32:00 AM
 #104

I'm going with LastPass.com  It seems secure and well written

I'm redoing all my passwords with it
henri
Newbie
*
Offline Offline

Activity: 6


View Profile
June 20, 2011, 05:38:40 AM
 #105

Now that mtgox closed their exchange, how can I tell if I got hacked?
I have read people mention that they checked the "dump" and found their info in it with their email changed (or not changed). Where is this dump?
EDIT: Google Mail just asked me to verify myself due to suspicious activity.  I did use the same 9 char. password as my email on mtgox.
I'm scared.
You should be.
Your Password has been compromised and the username /email / password is public now.
Hacker around the world will try to hack into whatever accounts you may have (google, paypal, amazon, facebook..) with these data.
So if you use this Password somewhere else, change it! NOW, EVERYWHERE.

Google and some other services have a 2-step verification, you should activate this.

Technopope
Newbie
*
Offline Offline

Activity: 10


View Profile
June 20, 2011, 05:39:55 AM
 #106

The Reply-To address is "info_@mtgox.com". Does this mean that the mtgox.com machine is compromised too and they have set up a special mailbox there?


No. Any email can have any reply-to address.

If you examine the *full* header of the email, you should be able see the actual path of where it originated. An application such as Mozilla Thunderbird allows this under "View-Headers-Full". I don't think most web-based email reader easily allow this.
morr
Newbie
*
Offline Offline

Activity: 8


View Profile
June 20, 2011, 05:41:15 AM
 #107

I'm going with LastPass.com  It seems secure and well written

I'm redoing all my passwords with it

KeePass has been my choice for password storage for ages now.

http://keepass.info/
mieomeo
Newbie
*
Offline Offline

Activity: 22


View Profile
June 20, 2011, 05:44:48 AM
 #108

How much funds did you lose?
50 BTC, a few dollars, and 11 more BTC were coming just before I couldn't log in to my account.

To what address were your stolen funds sent?
There is no way to check, as I couldn't log in.

What OS are you using (Windows, Linux, Mac OSX ...)?
Windows 7

How long was your old password?
25 characters.

Was your old password random?
Yes.

Was your username the same on Mt. Gox as on the forum?
Yes, but I've just registered this forum account for this breakdown issue.


Did you use your Mt. Gox password somewhere else?
No.


Did your old password contain lowercase letters, uppercase letters, special characters and numbers?
All of them.

Have you used any Bitcoin-related software, and if yes, what software? Think about things like miners, wallet managers, etc.
Only GUIMiner.

Please also include a screenshot if possible so we know it's a real report.
No screenshot available, as the MtGox account is inaccessible.
HatlessCat
Newbie
*
Offline Offline

Activity: 10


View Profile
June 20, 2011, 06:33:03 AM
 #109

sigh i like that company already
chr15m
Newbie
*
Offline Offline

Activity: 3


View Profile
June 20, 2011, 07:11:59 AM
 #110

The Reply-To address is "info_@mtgox.com". Does this mean that the mtgox.com machine is compromised too and they have set up a special mailbox there?


No. Any email can have any reply-to address.

If you examine the *full* header of the email, you should be able see the actual path of where it originated. An application such as Mozilla Thunderbird allows this under "View-Headers-Full". I don't think most web-based email reader easily allow this.

What I mean is, why would they set the Reply-To header to "info_"? I think they're trying to trick people into replying to that address instead of info@mtgox.com because they have somehow set up a redirect address from there which they can use to continue to fool people.
dego
Sr. Member
****
Offline Offline

Activity: 381



View Profile
June 20, 2011, 07:59:40 AM
 #111

A bad day for Mt. Gox users. I decided to change over to TradeHill.com and hope that their security will be better. Right now they also stopped services to give users time in case they used the same password on both exchanges (just NEVER do that!)

Following the crypto revolution since 2011.
ribuck
Donator
Legendary
*
Offline Offline

Activity: 826


View Profile
June 20, 2011, 10:36:16 AM
 #112

... the first registered user of MtGox is actually Jed McCaleb, creator the the P2P program eDonkey2000! 

What exactly does he have to do with MtGox
Jed McCaleb (of eDonkey2000 fame) was the creator of MtGox. He operated it for a few months before selling it to the current owner (MagicalTux's corporation).
arkados
Newbie
*
Offline Offline

Activity: 18


View Profile
June 20, 2011, 10:59:27 AM
 #113

Extreme caution for all registered users of Mt.Gox, please.
Plenty of spam, phishing and malware coming. Bitcoin now is serious business to hackers, so at least use standard security (encrypted wallet.dat, 1 password per website, strong passwords, separate email addresses,...)
Since Windows users are especially targeted, we've got to teach the security basics, I fear  Sad
bitcoin.monger
Newbie
*
Offline Offline

Activity: 14


View Profile
June 20, 2011, 12:03:56 PM
 #114

Tradehill will hopefully learn something from all this, as well as the users...
jeanjean
Newbie
*
Offline Offline

Activity: 3


View Profile
June 20, 2011, 12:18:17 PM
 #115

Hello,

I am another bitcoin newbie being hacked.

They logged into the site www.mybitcoin.com where I was using the same password and stole everything there (which was ~0.5 BTC).


The bitcoin address which benefited from the stolen BTC is : 1MAazCWMydsQB5ynYXqSGQDjNQMN3HFmEu
The transaction happened at "2011-06-20 10:09:28". Finaly, the exact sum they took was 0.500001


I hope people here will stop the thieves. Anyway, I doubt it as theire hack was really well done hack, programming bots to check the various services (emails, online BTC clients, probably more) with the obtained passwords. But maybe it's possible to stop them from exchanging the bitcoins.

PS : I will consult my PM here if anyone needs more information about my case, but there are just *too many* posts about it for me to follow and reply directly in the forum (and I'm restricted to the newbie section for now).
bitcoin.monger
Newbie
*
Offline Offline

Activity: 14


View Profile
June 20, 2011, 12:26:43 PM
 #116

jeanjean, sorry to hear about it, but I guess you will survive  Smiley
It's the first time I hear about mybitcoin being hacked. Maybe you should start a new thread about that where people can report?
jeanjean
Newbie
*
Offline Offline

Activity: 3


View Profile
June 20, 2011, 12:33:12 PM
 #117

Sorry for the flood, I thought I should give more informations by responding carefully to all the questions from the OP.

So :

* How much funds did you lose?
-0.500001

* To what address were your stolen funds sent?
1MAazCWMydsQB5ynYXqSGQDjNQMN3HFmEu
The transaction was done on www.mybitcoin.com where I used the same password.
I did not have a single BTC or $ in my Mt Gox account.

* What OS are you using (Windows, Linux, Mac OSX ...)?
Linux

* How long was your old password?
12 characters

* Was your old password random?
no, but it was a non-dictionary word and it was not linked with my login

* Was your username the same on Mt. Gox as on the forum?
Yes, "jeanjean" (and I'm number 31478 in the leaked .csv)

* Did you use your Mt. Gox password somewhere else?
Yes, on www.mybitcoin.com (and only there, I use more secured passwords usually)

* Did your old password contain lowercase letters, uppercase letters, special characters and numbers?
only lowercase letters

* Have you used any Bitcoin-related software, and if yes, what software? Think about things like miners, wallet managers, etc.
none, apart from mybitcoin.com

* Please also include a screenshot if possible so we know it's a real report.
I did so there (blacked out the other irrelevant transactions). For some reason I could not upload my picture on the forum, so here is the link : http://www.imagup.com/data/1123238572.html

nobod
Newbie
*
Offline Offline

Activity: 3


View Profile
June 20, 2011, 01:39:25 PM
 #118

Lost 10.88 BTC and 198 USD on MTGOX  Sad
vivithemage
Member
**
Offline Offline

Activity: 77


View Profile
June 20, 2011, 02:15:40 PM
 #119

I'd love to see some sort of iphone app authenticator for the log in.

YinCoin YangCoin ☯☯First Ever POS/POW Alternator! Multipool! ☯ ☯ http://yinyangpool.com/ 
Free Distribution! https://bitcointalk.org/index.php?topic=623937
mike85123
Full Member
***
Offline Offline

Activity: 196


View Profile
June 20, 2011, 02:49:35 PM
 #120

how does everyone know how much they lost?? I didn't think anyone could access anything.
Pages: « 1 2 3 4 5 [6] 7 8 9 »  All
  Print  
 
Jump to:  

Sponsored by , a Bitcoin-accepting VPN.
Powered by MySQL Powered by PHP Powered by SMF 1.1.19 | SMF © 2006-2009, Simple Machines Valid XHTML 1.0! Valid CSS!