Bitcoin Forum
December 05, 2016, 08:37:50 AM *
News: To be able to use the next phase of the beta forum software, please ensure that your email address is correct/functional.
 
   Home   Help Search Donate Login Register  
Pages: « 1 2 [3] 4 5 6 7 8 9 »  All
  Print  
Author Topic: If your Mt. Gox account has been compromised, PLEASE READ.  (Read 33027 times)
Desu
Newbie
*
Offline Offline

Activity: 28



View Profile
June 18, 2011, 03:59:00 AM
 #41

Wait wait wait...


are we saying that people's cash-moneys have been stolen and sent to other people's banks from mt gox?
Lawl, I love saying cash-monies.

Tip me?
1KBuL4At3kKEsBbDwAqKa16CG4nbyjosdD
That's right, I'm a girl on the Interwebz
http://flipforbits.com/?id=1570
Spend cheaply, Win More. : ]
1480927070
Hero Member
*
Offline Offline

Posts: 1480927070

View Profile Personal Message (Offline)

Ignore
1480927070
Reply with quote  #2

1480927070
Report to moderator
1480927070
Hero Member
*
Offline Offline

Posts: 1480927070

View Profile Personal Message (Offline)

Ignore
1480927070
Reply with quote  #2

1480927070
Report to moderator
1480927070
Hero Member
*
Offline Offline

Posts: 1480927070

View Profile Personal Message (Offline)

Ignore
1480927070
Reply with quote  #2

1480927070
Report to moderator
Advertised sites are not endorsed by the Bitcoin Forum. They may be unsafe, untrustworthy, or illegal in your jurisdiction. Advertise here.
1480927070
Hero Member
*
Offline Offline

Posts: 1480927070

View Profile Personal Message (Offline)

Ignore
1480927070
Reply with quote  #2

1480927070
Report to moderator
1480927070
Hero Member
*
Offline Offline

Posts: 1480927070

View Profile Personal Message (Offline)

Ignore
1480927070
Reply with quote  #2

1480927070
Report to moderator
goldbit
Newbie
*
Offline Offline

Activity: 23



View Profile
June 18, 2011, 05:54:24 AM
 #42

I think my account has been compromised.

I can login my account. After I login, I can still see my user name and my balance on the top right corner, but it said "Not logged in".

Can someone confirm me if my account is hacked??

Insert Quote
* How much funds did you lose?
not that much
* To what address were your stolen funds sent?
Can't log in to check; email address was changed as well.
* What OS are you using (Windows, Linux, Mac OSX ...)?
Windows 7 x64
* How long was your old password?
12 word,
* Was your old password random?
No really random
* Was your username the same on Mt. Gox as on the forum?
No
* Did you use your Mt. Gox password somewhere else?
Yes
* Did your old password contain lowercase letters, uppercase letters, special characters and numbers?
No
* Have you used any Bitcoin-related software, and if yes, what software? Think about things like miners, wallet managers, etc.
Bitcoin, CPU-miner, namecoin,
* Please also include a screenshot if possible so we know it's a real report.


Am I screwed???

Update: I try to use forgot password function. I entered email, but it didn't work, so I think they changed my email.
So I submit my username to reset my password (even I know I won't receive the email).
But a few minutes later, I receive an reset password email in my original email account!
WTF is happening with Mt Gox???

Another update:
After I reset my password to 24 character, I am able to login and my fund is still there.
But I am very skeptical about using Mt Gox now.


19pTRoTFAcQ2PVBPrqVoWGy7RczDNhTygN
TrainDeluxe
Jr. Member
*
Offline Offline

Activity: 56


View Profile
June 18, 2011, 05:57:15 AM
 #43

I also get this error on login now:

Too many failure from your IP, temporarly blocked

Does anybody know what it means or have sold it?

Feel free to donate: 1JRfgDwga27bh4mfjXqATRTL5mEPQtgHfQ
geek-trader
Sr. Member
****
Offline Offline

Activity: 294


View Profile
June 18, 2011, 06:20:41 AM
 #44

I also get this error on login now:

Too many failure from your IP, temporarly blocked

Does anybody know what it means or have sold it?

I was getting it, then I clicked "forgot password" and reset my password, and I can log in now.

Make 1 deposit and earn BTC for life! http://bitcoinpyramid.com/r/345
Play my FREE HTML5 games at: http://magigames.org  BTC donations accepted.
opticbit
Hero Member
*****
Offline Offline

Activity: 676


PGP: 6EBEBCE1E0507C38


View Profile WWW
June 18, 2011, 06:49:15 AM
 #45

Mine hasn't been touched, but is a low balance, changed my pw just incase attacer was sitting on it, waiting for me to add more funds.

Set up the same thing..
http://bit.ly/btcrefs
Get more bitcoins.
MBH
Jr. Member
*
Offline Offline

Activity: 51


View Profile WWW
June 18, 2011, 08:14:54 AM
 #46

Was anyone using this app, by any chance? I downloaded it the other day but decided against giving them my password. Noticed today that there is a new version that is now closed source. Coincidence?

I saw the app in the market and it spooked me since it wasn't developed by MtGox itself.

My friend installed it & gave it access. I donno if he got compromised or not (if not, he probably doesn't have worthy funds).

I highly suspect this app.
joepie91
Sr. Member
****
Offline Offline

Activity: 294


View Profile
June 18, 2011, 09:39:08 AM
 #47

I will list some of the found (potential) attack vectors here and their relation to my own account (I can only speak for myself):

* CSRF vulnerability - not applicable to my account, the BTC were transfered at a time I could not access Mt. Gox at all, let alone be logged in.
* CSS history vulnerability - not applicable to my account, unfeasible for non-dictionary passwords over 6 characters (mine was randomized 20)
* Android app - not applicable to my account, I do not have an Android phone nor have I ever touched the app, I have also never entered my Mt. Gox details anywhere but on Mt. Gox itself
* Malware/keylogger/etc - almost certainly not applicable to my account, I turned my entire computer upside down with manual analysis (something I already do regularly) and haven't been able to find anything
* Distributed bruteforce (using a botnet) - possibly applicable to my account, but unlikely due to password length... it IS a possibility however, with a large enough botnet it's feasible.

Now the question is, what is the cause for my account (and potentially others)? I believe there's a mix of different attacks being used here.

Like my post(s)? 12TSXLa5Tu6ag4PNYCwKKSiZsaSCpAjzpu Smiley
Quote from: hawks5999
I just can't wait for fall/winter. My furnace never generated money for me before. I'll keep mining until my furnace is more profitable.
lechuck
Member
**
Offline Offline

Activity: 81


View Profile
June 18, 2011, 10:32:05 AM
 #48

have you guys considered that mt.gox servers themselfes might be compromised with backdoors, hosted at a insecure location or their passfiles might have been stolen? pfiles get stolen all the time from porn sites and such, all it takes is the pfile, a good wordlist or rainbow table and jack the ripper to decrypt the password hashes.

jondecker76
Full Member
***
Offline Offline

Activity: 238


View Profile
June 18, 2011, 11:26:09 AM
 #49

It has been proven that MtGox has been compromised via a CSRF attack.  I lost 20BTC myself,

Quote
06/14/11 15:45 Withdraw BTC 17RT6Ne994VjC762wh7TpXRdrZRMbhJSUC -20.19 0 0.009 0.059

I also emailed MtGox as soon as I found out, and received an automated reply and assigned support ticket #1605

From my understanding, all you have to do is have the MtGox webiste open in your browser at the same time as another website running the attack.  I commonly open all of my bitcoin related sites in separate tabs in firefox (not anymore!).

My question is, is MtGox going to refund our money that they failed to secure?  20 BTC may not seem like a lot to some people, but it was a lot to me, and rightfully mine.  I  hope they do the right thing for those that lost money due to their security flaw.
(in fact, I would even continue to use MtGox now that they have fixed the problem, and they did the right thing in returning money to those that lost out)

RollerBot Advanced Trading Platform
https://bitcointalk.org/index.php?topic=447727.0
BTC Donations for development: 1H36oTJsi3adFh68wwzz95tPP2xoAoTmhC
apflux
Newbie
*
Offline Offline

Activity: 6


View Profile
June 18, 2011, 11:33:47 AM
 #50

* CSRF vulnerability - not applicable to my account, the BTC were transfered at a time I could not access Mt. Gox at all, let alone be logged in.
Maybe a CSRF attack that changed your password and the funds were transferred later?
joepie91
Sr. Member
****
Offline Offline

Activity: 294


View Profile
June 18, 2011, 11:42:46 AM
 #51

* CSRF vulnerability - not applicable to my account, the BTC were transfered at a time I could not access Mt. Gox at all, let alone be logged in.
Maybe a CSRF attack that changed your password and the funds were transferred later?
My password was never changed, I could still access my account - just the funds were converted to BTC and then transfered away.

Like my post(s)? 12TSXLa5Tu6ag4PNYCwKKSiZsaSCpAjzpu Smiley
Quote from: hawks5999
I just can't wait for fall/winter. My furnace never generated money for me before. I'll keep mining until my furnace is more profitable.
apflux
Newbie
*
Offline Offline

Activity: 6


View Profile
June 18, 2011, 11:51:33 AM
 #52

My password was never changed, I could still access my account - just the funds were converted to BTC and then transfered away.
So if it wasn't a XSS attack and the passwords were strong, it could only be that either the clients, the servers or the network traffic was compromised. Was any victim using linux? I tend to the servers, but how can you tell?
randomguy7
Hero Member
*****
Offline Offline

Activity: 528


View Profile
June 18, 2011, 01:00:54 PM
 #53

Has a site been found which actually performs the CSRF attack? Maybe some well visited bitcoin site is vulnerable to xss and got the attack code included.
joepie91
Sr. Member
****
Offline Offline

Activity: 294


View Profile
June 18, 2011, 01:15:04 PM
 #54

My password was never changed, I could still access my account - just the funds were converted to BTC and then transfered away.
So if it wasn't a XSS attack and the passwords were strong, it could only be that either the clients, the servers or the network traffic was compromised. Was any victim using linux? I tend to the servers, but how can you tell?
Yes. If you read the reports in this thread, you will see several people were using Linux.

I have also just seen a report of someone allegedly selling the Mt. Gox database. It would be nice if we could get a response from MagicalTux on all of this.

Like my post(s)? 12TSXLa5Tu6ag4PNYCwKKSiZsaSCpAjzpu Smiley
Quote from: hawks5999
I just can't wait for fall/winter. My furnace never generated money for me before. I'll keep mining until my furnace is more profitable.
Megamind
Newbie
*
Offline Offline

Activity: 11


View Profile
June 18, 2011, 01:40:51 PM
 #55

My account is safe although it has only a few BTC. Anyway, my new password is looooong.
evileric
Newbie
*
Offline Offline

Activity: 14


View Profile
June 18, 2011, 02:00:00 PM
 #56

Thankfully I'm not one of those affected as I'm still hoarding my coins and biding my time. The markeyts will mature and securirty will improve with time, still, remember the old saying:j Don't put all of your eggs in one basket, or keep all of your coins in one wallet Wink
F104
Newbie
*
Offline Offline

Activity: 26



View Profile
June 18, 2011, 03:23:47 PM
 #57

It would be nice if we could get a response from MagicalTux on all of this.

I'm beginning to think we have heard all we are ever going to hear from him.
joepie91
Sr. Member
****
Offline Offline

Activity: 294


View Profile
June 18, 2011, 04:14:08 PM
 #58

It would be nice if we could get a response from MagicalTux on all of this.

I'm beginning to think we have heard all we are ever going to hear from him.
To be fair, he posted a thread today at http://forum.bitcoin.org/index.php?topic=18858 - however, so far it looks a lot like deny-everything marketing talk, although I may be wrong.
Plus I don't understand why he doesn't just implement two factor authentication (through email) instead of a withdrawal password, as the latter can still be circumvented when someone indeed successfully exploits the site to a point where he has database read access.

Like my post(s)? 12TSXLa5Tu6ag4PNYCwKKSiZsaSCpAjzpu Smiley
Quote from: hawks5999
I just can't wait for fall/winter. My furnace never generated money for me before. I'll keep mining until my furnace is more profitable.
zzyyxx
Newbie
*
Offline Offline

Activity: 12


View Profile
June 18, 2011, 05:06:34 PM
 #59

as Jondecker76 said
  "I have stepped forward on a few other posts - I also had money stolen from my MtGox account (20.19 BTC)
I even reported it to MtGox with no reply (this report was made before it was announced that there was a security exploit found).
It has recently been revealed that MtGox did in fact have a vulnerability, and someone even showed them the exploit by using it to prove it was there. There are also a dozen or so of us that have had this happen. Yet, the owner claimed that he can see no evidence in his logs that our money was lost due to the exploit, and that he is not going to refund anybody for the BTC stolen from his (insecure) site.
I for one will never use MtGox again.  Its one thing to make a mistake and have such a simple exploit left open it happens. Its another thing to not own up to your responsibilities as a responsible business owner. Look at the number of trades on his market, look at his fee and do the math.  Bottom line is that he makes very good money from his userbase, and should be trivial to do the right thing for a few handfuls of users that lost modest amounts of bitcoins.  I don't know if it can be proven one way or another whether or not the withdrawn funds were via an exploit or not - but honestly, look at the evidence"

having been a victim of this security flaw myself, I dont see why, considering the mass amount of cash mtgox is pulling in right now. they don't reimburse the people who, in say the 24 hour or 48 hour window this scam occurred, and reported a trouble ticket to them in that time (seems all happened on the 15th 16th) even if from their own funds for gods sake... up to say "x" amount, but whatever... I guess that's why I don't run a business.
Big Time Coin
Sr. Member
****
Offline Offline

Activity: 332



View Profile
June 18, 2011, 06:17:37 PM
 #60

having been a victim of this security flaw myself, I dont see why, considering the mass amount of cash mtgox is pulling in right now. they don't reimburse the people who, in say the 24 hour or 48 hour window this scam occurred, and reported a trouble ticket to them in that time (seems all happened on the 15th 16th) even if from their own funds for gods sake... up to say "x" amount,

qft

if they are a financial institution, they have to have fraud recovery efforts.  He is trying to be legit, maybe he will come around when he thinks that hey I should have spent the money on security, now i have to pay for the breach.

Big time, I'm on my way I'm making it, big time, oh yes
- Peter Gabriel
Pages: « 1 2 [3] 4 5 6 7 8 9 »  All
  Print  
 
Jump to:  

Sponsored by , a Bitcoin-accepting VPN.
Powered by MySQL Powered by PHP Powered by SMF 1.1.19 | SMF © 2006-2009, Simple Machines Valid XHTML 1.0! Valid CSS!