Bitcoin Forum
December 03, 2016, 04:41:24 AM *
News: Latest stable version of Bitcoin Core: 0.13.1  [Torrent].
 
   Home   Help Search Donate Login Register  
Pages: « 1 2 3 4 5 [6] 7 8 9 »  All
  Print  
Author Topic: If your Mt. Gox account has been compromised, PLEASE READ.  (Read 33013 times)
bitcoin.monger
Newbie
*
Offline Offline

Activity: 14


View Profile
June 20, 2011, 04:25:59 AM
 #101

Regardless how strong your password is, if it's not stored with a strong hashing method on the server it makes no difference. When MtGox was originally launched, it appears it was using MD5 for hashing. This was a very poor decision, MD5 is not secure (although it has been a de-facto standard for years, and change is hard  Smiley ) It appears that lately they have decided to move to something better and offer two-factor authentication etc. Hopefully we will see less incidents in the future.
1480740084
Hero Member
*
Offline Offline

Posts: 1480740084

View Profile Personal Message (Offline)

Ignore
1480740084
Reply with quote  #2

1480740084
Report to moderator
1480740084
Hero Member
*
Offline Offline

Posts: 1480740084

View Profile Personal Message (Offline)

Ignore
1480740084
Reply with quote  #2

1480740084
Report to moderator
Advertised sites are not endorsed by the Bitcoin Forum. They may be unsafe, untrustworthy, or illegal in your jurisdiction. Advertise here.
chr15m
Newbie
*
Offline Offline

Activity: 3


View Profile
June 20, 2011, 04:51:06 AM
 #102

Just a heads up that someone is sending a lovely .exe trojan to all mtgox users under the guise of "info@mtgox.com" from wiscointl.com.cn - the subject of the email is "[Mt.Gox] Account Certificate Download."

You probably do not want to run the exe.
chr15m
Newbie
*
Offline Offline

Activity: 3


View Profile
June 20, 2011, 05:15:19 AM
 #103

The Reply-To address is "info_@mtgox.com". Does this mean that the mtgox.com machine is compromised too and they have set up a special mailbox there?

This should probably be posted on the non-newbies part of this forum.
conbitcoin.com
Newbie
*
Offline Offline

Activity: 22


View Profile
June 20, 2011, 05:28:58 AM
 #104

Just a heads up that someone is sending a lovely .exe trojan to all mtgox users under the guise of "info@mtgox.com" from wiscointl.com.cn - the subject of the email is "[Mt.Gox] Account Certificate Download."

You probably do not want to run the exe.

Thanks alot for the info !

Comprar, Vender e Intercambiar con bitcoins (http://conbitcoin.com)
pharmhero
Newbie
*
Offline Offline

Activity: 3


View Profile
June 20, 2011, 05:32:00 AM
 #105

I'm going with LastPass.com  It seems secure and well written

I'm redoing all my passwords with it
henri
Newbie
*
Offline Offline

Activity: 6


View Profile
June 20, 2011, 05:38:40 AM
 #106

Now that mtgox closed their exchange, how can I tell if I got hacked?
I have read people mention that they checked the "dump" and found their info in it with their email changed (or not changed). Where is this dump?
EDIT: Google Mail just asked me to verify myself due to suspicious activity.  I did use the same 9 char. password as my email on mtgox.
I'm scared.
You should be.
Your Password has been compromised and the username /email / password is public now.
Hacker around the world will try to hack into whatever accounts you may have (google, paypal, amazon, facebook..) with these data.
So if you use this Password somewhere else, change it! NOW, EVERYWHERE.

Google and some other services have a 2-step verification, you should activate this.

Technopope
Newbie
*
Offline Offline

Activity: 10


View Profile
June 20, 2011, 05:39:55 AM
 #107

The Reply-To address is "info_@mtgox.com". Does this mean that the mtgox.com machine is compromised too and they have set up a special mailbox there?


No. Any email can have any reply-to address.

If you examine the *full* header of the email, you should be able see the actual path of where it originated. An application such as Mozilla Thunderbird allows this under "View-Headers-Full". I don't think most web-based email reader easily allow this.
morr
Newbie
*
Offline Offline

Activity: 8


View Profile
June 20, 2011, 05:41:15 AM
 #108

I'm going with LastPass.com  It seems secure and well written

I'm redoing all my passwords with it

KeePass has been my choice for password storage for ages now.

http://keepass.info/
mieomeo
Newbie
*
Offline Offline

Activity: 22


View Profile
June 20, 2011, 05:44:48 AM
 #109

How much funds did you lose?
50 BTC, a few dollars, and 11 more BTC were coming just before I couldn't log in to my account.

To what address were your stolen funds sent?
There is no way to check, as I couldn't log in.

What OS are you using (Windows, Linux, Mac OSX ...)?
Windows 7

How long was your old password?
25 characters.

Was your old password random?
Yes.

Was your username the same on Mt. Gox as on the forum?
Yes, but I've just registered this forum account for this breakdown issue.


Did you use your Mt. Gox password somewhere else?
No.


Did your old password contain lowercase letters, uppercase letters, special characters and numbers?
All of them.

Have you used any Bitcoin-related software, and if yes, what software? Think about things like miners, wallet managers, etc.
Only GUIMiner.

Please also include a screenshot if possible so we know it's a real report.
No screenshot available, as the MtGox account is inaccessible.
HatlessCat
Newbie
*
Offline Offline

Activity: 10


View Profile
June 20, 2011, 06:33:03 AM
 #110

sigh i like that company already
chr15m
Newbie
*
Offline Offline

Activity: 3


View Profile
June 20, 2011, 07:11:59 AM
 #111

The Reply-To address is "info_@mtgox.com". Does this mean that the mtgox.com machine is compromised too and they have set up a special mailbox there?


No. Any email can have any reply-to address.

If you examine the *full* header of the email, you should be able see the actual path of where it originated. An application such as Mozilla Thunderbird allows this under "View-Headers-Full". I don't think most web-based email reader easily allow this.

What I mean is, why would they set the Reply-To header to "info_"? I think they're trying to trick people into replying to that address instead of info@mtgox.com because they have somehow set up a redirect address from there which they can use to continue to fool people.
dego
Sr. Member
****
Offline Offline

Activity: 379



View Profile
June 20, 2011, 07:59:40 AM
 #112

A bad day for Mt. Gox users. I decided to change over to TradeHill.com and hope that their security will be better. Right now they also stopped services to give users time in case they used the same password on both exchanges (just NEVER do that!)

Following the crypto revolution since 2011.
ribuck
Donator
Legendary
*
Offline Offline

Activity: 826


View Profile
June 20, 2011, 10:36:16 AM
 #113

... the first registered user of MtGox is actually Jed McCaleb, creator the the P2P program eDonkey2000! 

What exactly does he have to do with MtGox
Jed McCaleb (of eDonkey2000 fame) was the creator of MtGox. He operated it for a few months before selling it to the current owner (MagicalTux's corporation).
arkados
Newbie
*
Offline Offline

Activity: 18


View Profile
June 20, 2011, 10:59:27 AM
 #114

Extreme caution for all registered users of Mt.Gox, please.
Plenty of spam, phishing and malware coming. Bitcoin now is serious business to hackers, so at least use standard security (encrypted wallet.dat, 1 password per website, strong passwords, separate email addresses,...)
Since Windows users are especially targeted, we've got to teach the security basics, I fear  Sad
bitcoin.monger
Newbie
*
Offline Offline

Activity: 14


View Profile
June 20, 2011, 12:03:56 PM
 #115

Tradehill will hopefully learn something from all this, as well as the users...
jeanjean
Newbie
*
Offline Offline

Activity: 3


View Profile
June 20, 2011, 12:18:17 PM
 #116

Hello,

I am another bitcoin newbie being hacked.

They logged into the site www.mybitcoin.com where I was using the same password and stole everything there (which was ~0.5 BTC).


The bitcoin address which benefited from the stolen BTC is : 1MAazCWMydsQB5ynYXqSGQDjNQMN3HFmEu
The transaction happened at "2011-06-20 10:09:28". Finaly, the exact sum they took was 0.500001


I hope people here will stop the thieves. Anyway, I doubt it as theire hack was really well done hack, programming bots to check the various services (emails, online BTC clients, probably more) with the obtained passwords. But maybe it's possible to stop them from exchanging the bitcoins.

PS : I will consult my PM here if anyone needs more information about my case, but there are just *too many* posts about it for me to follow and reply directly in the forum (and I'm restricted to the newbie section for now).
bitcoin.monger
Newbie
*
Offline Offline

Activity: 14


View Profile
June 20, 2011, 12:26:43 PM
 #117

jeanjean, sorry to hear about it, but I guess you will survive  Smiley
It's the first time I hear about mybitcoin being hacked. Maybe you should start a new thread about that where people can report?
jeanjean
Newbie
*
Offline Offline

Activity: 3


View Profile
June 20, 2011, 12:33:12 PM
 #118

Sorry for the flood, I thought I should give more informations by responding carefully to all the questions from the OP.

So :

* How much funds did you lose?
-0.500001

* To what address were your stolen funds sent?
1MAazCWMydsQB5ynYXqSGQDjNQMN3HFmEu
The transaction was done on www.mybitcoin.com where I used the same password.
I did not have a single BTC or $ in my Mt Gox account.

* What OS are you using (Windows, Linux, Mac OSX ...)?
Linux

* How long was your old password?
12 characters

* Was your old password random?
no, but it was a non-dictionary word and it was not linked with my login

* Was your username the same on Mt. Gox as on the forum?
Yes, "jeanjean" (and I'm number 31478 in the leaked .csv)

* Did you use your Mt. Gox password somewhere else?
Yes, on www.mybitcoin.com (and only there, I use more secured passwords usually)

* Did your old password contain lowercase letters, uppercase letters, special characters and numbers?
only lowercase letters

* Have you used any Bitcoin-related software, and if yes, what software? Think about things like miners, wallet managers, etc.
none, apart from mybitcoin.com

* Please also include a screenshot if possible so we know it's a real report.
I did so there (blacked out the other irrelevant transactions). For some reason I could not upload my picture on the forum, so here is the link : http://www.imagup.com/data/1123238572.html

nobod
Newbie
*
Offline Offline

Activity: 3


View Profile
June 20, 2011, 01:39:25 PM
 #119

Lost 10.88 BTC and 198 USD on MTGOX  Sad
vivithemage
Member
**
Offline Offline

Activity: 77


View Profile
June 20, 2011, 02:15:40 PM
 #120

I'd love to see some sort of iphone app authenticator for the log in.

YinCoin YangCoin ☯☯First Ever POS/POW Alternator! Multipool! ☯ ☯ http://yinyangpool.com/ 
Free Distribution! https://bitcointalk.org/index.php?topic=623937
Pages: « 1 2 3 4 5 [6] 7 8 9 »  All
  Print  
 
Jump to:  

Sponsored by , a Bitcoin-accepting VPN.
Powered by MySQL Powered by PHP Powered by SMF 1.1.19 | SMF © 2006-2009, Simple Machines Valid XHTML 1.0! Valid CSS!