Bitcoin Forum
December 09, 2016, 11:57:46 AM *
News: Latest stable version of Bitcoin Core: 0.13.1  [Torrent].
 
   Home   Help Search Donate Login Register  
Pages: « 1 [2] 3 4 5 6 7 8 9 »  All
  Print  
Author Topic: If your Mt. Gox account has been compromised, PLEASE READ.  (Read 33042 times)
F104
Newbie
*
Offline Offline

Activity: 26



View Profile
June 17, 2011, 03:57:07 AM
 #21

Noob here with a noob question. I bought 9 BTC on Mt Gox just as I was picking up on Gox' security problems. I moved the BTC to my wallet. The status is "unconfirmed" and I went back to Mt Gox and changed my password there. Am I safe?

1. The BTC are *mine,* right, even if the transfer is not yet confirmed?
2. Once they are confirmed in my wallet, no one can get at them, right? (unless my computer is hacked in a more general way...I mean, the wallet is secure, right?)

thanks for your help
1481284666
Hero Member
*
Offline Offline

Posts: 1481284666

View Profile Personal Message (Offline)

Ignore
1481284666
Reply with quote  #2

1481284666
Report to moderator
1481284666
Hero Member
*
Offline Offline

Posts: 1481284666

View Profile Personal Message (Offline)

Ignore
1481284666
Reply with quote  #2

1481284666
Report to moderator
1481284666
Hero Member
*
Offline Offline

Posts: 1481284666

View Profile Personal Message (Offline)

Ignore
1481284666
Reply with quote  #2

1481284666
Report to moderator
Advertised sites are not endorsed by the Bitcoin Forum. They may be unsafe, untrustworthy, or illegal in your jurisdiction. Advertise here.
1481284666
Hero Member
*
Offline Offline

Posts: 1481284666

View Profile Personal Message (Offline)

Ignore
1481284666
Reply with quote  #2

1481284666
Report to moderator
beginningbitcoin
Newbie
*
Offline Offline

Activity: 27


View Profile
June 17, 2011, 03:58:23 AM
 #22

Noob here with a noob question. I bought 9 BTC on Mt Gox just as I was picking up on Gox' security problems. I moved the BTC to my wallet. The status is "unconfirmed" and I went back to Mt Gox and changed my password there. Am I safe?

1. The BTC are *mine,* right, even if the transfer is not yet confirmed?
2. Once they are confirmed in my wallet, no one can get at them, right? (unless my computer is hacked in a more general way...I mean, the wallet is secure, right?)

thanks for your help

Yes you are safe.
geebus
Sr. Member
****
Offline Offline

Activity: 258



View Profile WWW
June 17, 2011, 05:06:40 AM
 #23

* How much funds did you lose?

~20 BTC

* To what address were your stolen funds sent?

No clue, can't login to check.

* What OS are you using (Windows, Linux, Mac OSX ...)?

Windows 7 x64

* How long was your old password?

8-characters, mixed alphanumeric

* Was your old password random?

It was not a dictionary word.

* Was your username the same on Mt. Gox as on the forum?

No.

* Did you use your Mt. Gox password somewhere else?

The only other place I used it was on Slush's pool, about 4 months ago. Before launching Bitcoinpool.

* Did your old password contain lowercase letters, uppercase letters, special characters and numbers?

Mixed alphanumeric.

* Have you used any Bitcoin-related software, and if yes, what software? Think about things like miners, wallet managers, etc.

Phoenix Rising. But never entered the password in it.

* Please also include a screenshot if possible so we know it's a real report.

A screenshot of what? ...my password was changed, and email removed from my account. I have no way to log in to retrieve any details of the account.
I can provide transaction details (withdraw amounts, and accounts) to MtGox to verify it is me, but aside from that, I'm just locked out.

Feel like donating to me? BTC Address: 14eUVSgBSzLpHXGAfbN9BojXTWvTb91SHJ
DrMoriarty
Newbie
*
Offline Offline

Activity: 3


View Profile
June 17, 2011, 05:32:53 AM
 #24

EDIT: If you cannot access your account and your e-mail address on your account has been changed, please post here as well with as much information as you have.

I have another problem.
I have not been able to login into my mtgox account for three days. I use my own trading program. I can make orders and check balance with it. And I know my balance is ok.

But I can not login to withdraw any funds.
When I enter my login and password it only shows me start page with links "sign up" and "login". If I enter a wrong password I'll get an error message. But for right password it just doesn't work.

Does anybody know what happened?

PS: I have written to support twice but they keep silence.

PPS: I have registered a new account but I can't login with it. Does Mt.Gox think that I made ddos? Does it take revenge on me?
secmff
Newbie
*
Offline Offline

Activity: 10


View Profile
June 17, 2011, 10:38:32 AM
 #25

Yes, I installed that android app posted earlier. I did get a funny feeling about it and changed my password (in the browser, removed the app again).

Still I was not able to log into my account a few hours later. Got 1550 dollar and 170 bitcoins in that account. I'm working with Mt.Gox support now, to see what is going on exactly.
OS: Linux
Password Length: 8
Random: yes
characters: lower, upper and numbers
jkminkov
Hero Member
*****
Offline Offline

Activity: 534


View Profile
June 17, 2011, 11:08:00 AM
 #26

include browser version you use browser addons if any, is it dedicated for safe sites or it is your primary browser, how you close the site - close tab/window, do you use log-out?

do you have adobe pdf reader

Bleutrade
600 dollars in one place talking - Dudes, hooray, Bitcoin against us just one, but we are growing in numbers!
Vandroiy
Legendary
*
Offline Offline

Activity: 1036


View Profile
June 17, 2011, 03:02:14 PM
 #27

What does MagicalTux say about this? This looks extremely critical! I'm very happy now I did not increase the withdrawal limits.

Password bruteforcing cannot be an issue, since it is trivial to block IPs that have too many failed login attempts -- unless MtGox is allowing an insane amount of attempts from a single source, which would be very similar to openly accepting theft risks.

This should be resolved and the origin of the attack found ASAP. MagicalTux, please comment and analyze the cases at hand; also, explain your security measures against password extraction.
rasengan
Member
**
Offline Offline

Activity: 114



View Profile WWW
June 17, 2011, 03:08:28 PM
 #28

Was anyone using this app, by any chance? I downloaded it the other day but decided against giving them my password. Noticed today that there is a new version that is now closed source. Coincidence?

Hi BitterTea :-)

I assure you our application is 100% safe and does not make any calls to anything outside of MtGox and BTC.to(when using the bitcoin address shortener).  This can be verified/validated using any tools such as wireshark, ethereal etc. so that you can validate these facts to be true.

If you are still worried or do not know how to sniff your device's outgoing packets (requires Intermediate to Advanced skill level), then an additional option is to use our discontinued, free version of our software on the Android Market called "MtGox Live Bitcoin Trader Free."  This version is older and is not optimized at all.  However, the source code is included with this release in the APK.  Simply view the /assets/Resources folder within the APK to review the code to validate its safety.

I hope this clears any information and misconceptions out there.  If you have any questions, please come find us in #MtGoxLive on IRC.Freenode.Net and we will discuss with you more about the software, how it works, and also provide you helpful hints on how to stay safe online and in the Bitcoin community.

Thanks!

Co-Founder of Private Internet Access VPN service
Privacy Online News Blog
heli0s
Newbie
*
Offline Offline

Activity: 6


View Profile
June 17, 2011, 03:25:06 PM
 #29

* How much funds did you lose?
Approx $2000 and 100 BTC
* To what address were your stolen funds sent?
Can't log in to check; email address was changed as well.
* What OS are you using (Windows, Linux, Mac OSX ...)?
Windows 7 x64
* How long was your old password?
I never divulge specifics regarding passwords, but it was at least 8 characters long.
* Was your old password random?
No.  It used multiple dictionary words.
* Was your username the same on Mt. Gox as on the forum?
No, but I've since discovered that someone on Mt. Gox has the same username as I do.
* Did you use your Mt. Gox password somewhere else?
No.  However, I did discover a similar password on a published list (but it wasn't any of my accounts on the list), so my guess is that whoever is doing this is using the published lists and performing some additional checks on variations on them.
* Did your old password contain lowercase letters, uppercase letters, special characters and numbers?
Yes; it contained all of them.
* Have you used any Bitcoin-related software, and if yes, what software? Think about things like miners, wallet managers, etc.
Only the Bitcoin client and Phoenix mining software.  Nothing used the same password as what Mt. Gox used.
* Please also include a screenshot if possible so we know it's a real report.
Since I can't access the account, it isn't feasible to include a screenshot.

I've submitted a support ticket but I haven't had any response to it yet.
coinonymous
Jr. Member
*
Offline Offline

Activity: 33


Disappearing into the ethernet


View Profile WWW
June 17, 2011, 04:14:51 PM
 #30

Just a note, looking into this I tried to log in; I was using tor at the time and it said:

Quote from: mtgox
Too many failure from your IP, temporarly blocked

Which suggests somebody is staging some sort of semi-brute-force dictionary attack.

This is consistent with the hypothesis that someone is executing an attack plan along the following lines:

  • collect passwords -- or maybe just javascript-generated-hashes of passwords -- perhaps by peeking at tor exit node traffic, or perhaps by managing to secure VPSes on the same LAN segment as other popular bitcoin sites
  • replay those passwords/hashes (I'm too lazy to figure out exactly how MtGox's login system works) at MtGox
  • steal teh maneys

As has been pretty much suggested already in this thread.

 Huh

coinonymous
Jr. Member
*
Offline Offline

Activity: 33


Disappearing into the ethernet


View Profile WWW
June 17, 2011, 04:25:08 PM
 #31

For Christs sake, MagicTux, IMO at least quit camping/having sex/sleeping/flying in aeroplanes/etc for 10 minutes and just freeze all transfers in/out of MtGox until this is sorted out!  At this point any concern about how such a thing might reflect on your business or Bitcoin is surely dwarfed by the bad PR these theft allegations are generating?

One other observation.  There is a striking plurality of newbs purporting to be affected by this... which, to some extent, might suggest that the real nature of this attack might be some kind of weird social engineering trick either to make MtGox look bad or create Bitcoin FUD....

That's just an idea though -- sincere apologies to any innocent victims who I may very well be falsely indicting with that line of reasoning -- still it needs to be considered.  By hiring a handful of guys to repeatedly start new forum accounts and post that they were robbed on MtGox, an anti-Bitcoin-villain could create quite a bit of understandable anxiety about the safety and efficacy of BTC.  Anybody good at fingerprinting forum posters?

Desu
Newbie
*
Offline Offline

Activity: 28



View Profile
June 17, 2011, 05:08:10 PM
 #32

Wierd this is all happening right after the freeze this last weekend. The first big hack as well. (Poor Allinvain.)
Just Saying...

Tip me?
1KBuL4At3kKEsBbDwAqKa16CG4nbyjosdD
That's right, I'm a girl on the Interwebz
http://flipforbits.com/?id=1570
Spend cheaply, Win More. : ]
TowlieLives
Newbie
*
Offline Offline

Activity: 15


You're a towel!


View Profile
June 17, 2011, 05:37:15 PM
 #33

You make a good point Coinonymous.  I honestly think Mt.Gox was compromised though, and they may not even know it considering it could have happened amidst the spike in trading and ddos attack.  All of the posts here are people that lost relatively large sums of money and coins, and I have seen posts elsewhere of the same thing happening.  After reading through all of these posts and the ones i've found elsewhere it seems the only thing all of these people have in common is Mt.Gox.  Sony is a multi-billion dollar company that has been doing business for a long long time, and they were absolutely destroyed by hackers.  In comparison, Mt.Gox is a young company that probably doesn't have anywhere near the security team Sony does.  It only makes sense!

Donate: 1D8gYG9adaMXmRrhth2qGqXx2gFJnyG526
GeniuSxBoY
Hero Member
*****
Offline Offline

Activity: 546



View Profile
June 17, 2011, 07:01:27 PM
 #34

Wait wait wait...


are we saying that people's cash-moneys have been stolen and sent to other people's banks from mt gox?
citryphus
Newbie
*
Offline Offline

Activity: 6


View Profile
June 17, 2011, 07:54:49 PM
 #35

One other observation.  There is a striking plurality of newbs purporting to be affected by this... which, to some extent, might suggest that the real nature of this attack might be some kind of weird social engineering trick either to make MtGox look bad or create Bitcoin FUD....

I don't know if Mt. Gox has been comprimised or not and I'm not ruling out your idea, but the fact that mostly newbs are posting here could be because (a) this is the only place they can post, and (b) they didn't register here until they had a reason to post, i.e. a problem.
Run BTC
Newbie
*
Offline Offline

Activity: 5


View Profile
June 17, 2011, 08:56:47 PM
 #36

Bitcoin are excellent! I love bit coin.
Run BTC
Newbie
*
Offline Offline

Activity: 5


View Profile
June 17, 2011, 08:57:50 PM
 #37

Wait wait wait...


are we saying that people's cash-moneys have been stolen and sent to other people's banks from mt gox?

I do'not think this can happen. BitCoin is Secure!
coinonymous
Jr. Member
*
Offline Offline

Activity: 33


Disappearing into the ethernet


View Profile WWW
June 17, 2011, 09:16:26 PM
 #38

Heh.  This thread is rapidly degenerating.  Here's some interesting content for you though (I'm apperently too newbish to post url's so you'll have to type  "http://" yourself):

Code:
www.parttimepoker.com/private-poker-site-info-being-posted-on-anonymous-website

How many of y'all were using your compromised password on Stars/FTP?

I don't have a lot of verification on this story from anyone I particularly trust yet so please take it with a grain of salt for now.

AntiVigilante
Member
**
Offline Offline

Activity: 98



View Profile
June 18, 2011, 02:46:17 AM
 #39

EDIT: If you cannot access your account and your e-mail address on your account has been changed, please post here as well with as much information as you have.

EDIT2: Added a question about password reuse, please update your posts


While Mt. Gox being compromised is a possibility, there is no proof for it, and it's best NOT to assume that is the case - this may be an attempt at spreading fear and getting people to leave Mt. Gox.
It's best to wait for a response from MagicalTux on this. Personally I normally don't leave any funds in Mt. Gox (or any web wallet / exchange) any longer than necessary, exactly to avoid things like this. The only reason it happened now was because I was unable to access Mt. Gox at all for a long time, and thus didn't have the chance to withdraw my funds.

CSRF has been found. Having said that though bitcoin7 is riddled with them.

I'm still proposing that bitcoins themselves need to have unix like perms on them. Receive, Send, Operate. Wrap them up and they can't be transfered until there is a three way handshake.

Proposal: http://forum.bitcoin.org/index.php?topic=11541.msg162881#msg162881
Inception: https://github.com/bitcoin/bitcoin/issues/296
Goal: http://forum.bitcoin.org/index.php?topic=12536.0
Means: Code, donations, and brutal criticism. I've got a thick skin. 1Gc3xCHAzwvTDnyMW3evBBr5qNRDN3DRpq
cronopio
Jr. Member
*
Offline Offline

Activity: 59


View Profile
June 18, 2011, 03:14:21 AM
 #40



Yeah, I see this today in bitcoincharts.com

12FKPNwQUS6Em7Ar6wc1GnzpU4NWBKhTAK

WARNING! This game its so addictive
Pages: « 1 [2] 3 4 5 6 7 8 9 »  All
  Print  
 
Jump to:  

Sponsored by , a Bitcoin-accepting VPN.
Powered by MySQL Powered by PHP Powered by SMF 1.1.19 | SMF © 2006-2009, Simple Machines Valid XHTML 1.0! Valid CSS!