Bitcoin Forum
December 07, 2016, 11:01:09 AM *
News: Latest stable version of Bitcoin Core: 0.13.1  [Torrent].
 
   Home   Help Search Donate Login Register  
Pages: « 1 2 3 4 [5] 6 7 8 9 »  All
  Print  
Author Topic: If your Mt. Gox account has been compromised, PLEASE READ.  (Read 33034 times)
mvd7793
Newbie
*
Offline Offline

Activity: 8


View Profile
June 19, 2011, 09:08:02 PM
 #81

Anyone tried 1Password? I've been looking at getting that.
1481108469
Hero Member
*
Offline Offline

Posts: 1481108469

View Profile Personal Message (Offline)

Ignore
1481108469
Reply with quote  #2

1481108469
Report to moderator
1481108469
Hero Member
*
Offline Offline

Posts: 1481108469

View Profile Personal Message (Offline)

Ignore
1481108469
Reply with quote  #2

1481108469
Report to moderator
1481108469
Hero Member
*
Offline Offline

Posts: 1481108469

View Profile Personal Message (Offline)

Ignore
1481108469
Reply with quote  #2

1481108469
Report to moderator
Advertised sites are not endorsed by the Bitcoin Forum. They may be unsafe, untrustworthy, or illegal in your jurisdiction. Advertise here.
1481108469
Hero Member
*
Offline Offline

Posts: 1481108469

View Profile Personal Message (Offline)

Ignore
1481108469
Reply with quote  #2

1481108469
Report to moderator
1481108469
Hero Member
*
Offline Offline

Posts: 1481108469

View Profile Personal Message (Offline)

Ignore
1481108469
Reply with quote  #2

1481108469
Report to moderator
joepie91
Sr. Member
****
Offline Offline

Activity: 294


View Profile
June 19, 2011, 09:24:25 PM
 #82

Update: Mt. Gox was compromised, the database of users was released. I believe the thread here was removed, but many people will probably be able to verify it.

Change your passwords now.

I told you so

As I said, there is no use to change your password if it will be hacked again.

What just happened is just not serious. It's such a fucking joke I can't believe it.

I would recommend to get out of there and go somewhere else.

If those people can not secure their web server, they should be responsible for it and assume the consequences.
I was not just talking about Mt. Gox password, but passwords everywhere. Judging from the few passwords that were posted (cracked) on Pastebin as well, a lot of people are reusing passwords.


Hey hey…

I believe people at MTGOX are little stupid kids.

Do not change your password.

Just delete your damn MT GOX account and go find a more trustworthy site.

I've just downloaded that CSV file with all the informations, I can't believe it.

Mt GOX IS NOT SECURE.

Mt Gox is a fucking security hole and you'd better get out of there quick.

For instance, try Trade Hill.
Nice referal link spam, bro.

Also, personally I would advise people to use an exchange that runs on an open-source platform. Tradehill (and most other exchanges) are just yet another proprietary platform of which you have no guarantees regarding security. You can not look through the code (noone can, really), and will have to blindly believe that they can not be compromised.

Like my post(s)? 12TSXLa5Tu6ag4PNYCwKKSiZsaSCpAjzpu Smiley
Quote from: hawks5999
I just can't wait for fall/winter. My furnace never generated money for me before. I'll keep mining until my furnace is more profitable.
Coffee Ninja
Newbie
*
Offline Offline

Activity: 7


View Profile
June 19, 2011, 09:35:29 PM
 #83

Thankfully had not gotten around to setting an account up. Bitcoin seems to be drawing more and more on real world parallels- these are all real issues that any other currency/market/exchange would face. Definitely trial by fire, will be interesting to see how the market reacts over the next few weeks.
agedet
Newbie
*
Offline Offline

Activity: 2


View Profile
June 19, 2011, 10:19:50 PM
 #84

Screw MtGox, moving my money to Tradehill.  Used code TH-R15720 when signing up to get reduced fees.
SoggyMoggy
Newbie
*
Offline Offline

Activity: 15


View Profile
June 19, 2011, 10:24:37 PM
 #85

Has anybody been able to confirm that their account balances at MtGox are safe? I have a small about of BTC there (ready for sale - more than 1, less than 10). It's only a small amount (as I don't yet trust MtGox) and I moved it there last week.

I am a newbie, and I'm just experimenting with purchases and sales of smaller amounts before investigating the currency further. The recent events at MtGox are indeed troubling... I hope they haven't lost my BTC...
PandaMiner
Sr. Member
****
Offline Offline

Activity: 252


I got scammed Jan2014


View Profile WWW
June 19, 2011, 10:25:46 PM
 #86

Now that mtgox closed their exchange, how can I tell if I got hacked?

I have read people mention that they checked the "dump" and found their info in it with their email changed (or not changed). Where is this dump?

EDIT: Google Mail just asked me to verify myself due to suspicious activity.  I did use the same 9 char. password as my email on mtgox.

I'm scared.

My Litecoin address: Lf9WKM61AhmXchG2Ph2cftHKSQhxHutcdk
My Bitcoin address: 1Hwem4GSQWPCtBTKcSpXg2jYwxF6PtTjZx
--> Have you tried Triplemining.com? <--
joepie91
Sr. Member
****
Offline Offline

Activity: 294


View Profile
June 19, 2011, 10:31:09 PM
 #87

Screw MtGox, moving my money to Tradehill.  Used code TH-R15720 when signing up to get reduced fees.
How do you know Tradehill is any more secure than Mt. Gox?

Quite a lot of people using this opportunity to have people flock to Tradehill (which has no guarantees of being secure either), conveniently including a referal code (which smells a lot like referal spamming.)

Like my post(s)? 12TSXLa5Tu6ag4PNYCwKKSiZsaSCpAjzpu Smiley
Quote from: hawks5999
I just can't wait for fall/winter. My furnace never generated money for me before. I'll keep mining until my furnace is more profitable.
PandaMiner
Sr. Member
****
Offline Offline

Activity: 252


I got scammed Jan2014


View Profile WWW
June 19, 2011, 10:35:08 PM
 #88

I heard TradeHill's referral codes use to give 30% discounts, now they are only 10%.

My Litecoin address: Lf9WKM61AhmXchG2Ph2cftHKSQhxHutcdk
My Bitcoin address: 1Hwem4GSQWPCtBTKcSpXg2jYwxF6PtTjZx
--> Have you tried Triplemining.com? <--
GeniuSxBoY
Hero Member
*****
Offline Offline

Activity: 546



View Profile
June 19, 2011, 10:45:03 PM
 #89

how the hell do I know tradehill can't get hacked
BitcoinPorn
Hero Member
*****
Offline Offline

Activity: 560


Posts: 69


View Profile WWW
June 19, 2011, 10:49:29 PM
 #90

how the hell do I know tradehill can't get hacked
You don't.

There is risk with no insurance.

Welcome to Bitcoin.

Blackhawke
Newbie
*
Offline Offline

Activity: 22



View Profile WWW
June 19, 2011, 11:19:28 PM
 #91

Anyone tried 1Password? I've been looking at getting that.

Personally I've been using LastPass over over year and am quite happy with it. They also have smart phone apps for all platforms I think. If you're an Android user, there's even a LastPass plugin for the Dolphin web browser.

Just my 2 DoBits. You can keep the change.  Grin
Patrón
Newbie
*
Offline Offline

Activity: 27


View Profile WWW
June 20, 2011, 12:32:14 AM
 #92

I got a gmail notification about account security compomised, meaning someone attempted to password guess their way through google, meaning my shit was in the leak.

Thankfully I use a different password for erryting.

All my bitcoin/altcoin addresses can be found here. (http://moveco.in/geoff)
Create a list of your easily at http://moveco.in/
joepie91
Sr. Member
****
Offline Offline

Activity: 294


View Profile
June 20, 2011, 01:38:47 AM
 #93

I got a gmail notification about account security compomised, meaning someone attempted to password guess their way through google, meaning my shit was in the leak.

Thankfully I use a different password for erryting.
I believe a Bitcoin community member that is working for / related to Google, has flagged all the Gmail accounts in the leaked database, to prevent breakins.

Like my post(s)? 12TSXLa5Tu6ag4PNYCwKKSiZsaSCpAjzpu Smiley
Quote from: hawks5999
I just can't wait for fall/winter. My furnace never generated money for me before. I'll keep mining until my furnace is more profitable.
Technopope
Newbie
*
Offline Offline

Activity: 10


View Profile
June 20, 2011, 01:40:50 AM
 #94

How much funds did you lose?

17 BTC and a dollar value of under one dollar.


To what address were your stolen funds sent?

There is no way to check, as I couldn't log in with my email address.


What OS are you using (Windows, Linux, Mac OSX ...)?

Windows 7, all updates current.


How long was your old password?

20 characters.


Was your old password random?

Not random, but generally considered "strong". Certainly not guessable.


Was your username the same on Mt. Gox as on the forum?

This is my first post, having just registered for this topic. Same as DeepBit though...


Did you use your Mt. Gox password somewhere else?

No, but a 10 character variation of it was used at DeepBit. Now changed.


Did your old password contain lowercase letters, uppercase letters, special characters and numbers?

A mix of lowercase and numbers.


Have you used any Bitcoin-related software, and if yes, what software? Think about things like miners, wallet managers, etc.

Only GUIMiner v2011-05-21


Please also include a screenshot if possible so we know it's a real report.

No screenshot available, as the MtGox account is inaccessible. I reregistered at MtGox and sent in a ticket describing my situation.
Technopope
Newbie
*
Offline Offline

Activity: 10


View Profile
June 20, 2011, 02:00:56 AM
 #95


qft

if they are a financial institution, they have to have fraud recovery efforts.  He is trying to be legit, maybe he will come around when he thinks that hey I should have spent the money on security, now i have to pay for the breach.

But MtGox is not a financial institution. It is just a guy who started trading online game items,  (Magic The Gathering Online eXchange) and progressed to BitCoins. 

Hopefully he will and is financially able to do the right thing. If he doesn't try, MtGox as a BitCoin exchange is over. Of course, if things are as bad as some people are hypothesizing, MtGox is finished anyway.

Let's hope things work out.
Technopope
Newbie
*
Offline Offline

Activity: 10


View Profile
June 20, 2011, 02:31:19 AM
 #96

Now that mtgox closed their exchange, how can I tell if I got hacked?

I have read people mention that they checked the "dump" and found their info in it with their email changed (or not changed). Where is this dump?

EDIT: Google Mail just asked me to verify myself due to suspicious activity.  I did use the same 9 char. password as my email on mtgox.

I'm scared.

Yes, you are on the list, along with your gmail address, number 3419 out of 61,016 users listed at MtGox.

Understand that the passwords are not directly readable, and must be run through some fairly intense computational power to crack. Very similar to the way BitCoins are mined, actually. Takes a *long* time...

However, I had a 20 character password, using both letters and numbers, and exclusive to MtGox. Looks like my email address was changed in my account and I can't log into my account. I have to assume it lost.

Just change all your passwords that are similar and associated with that address.
pharmhero
Newbie
*
Offline Offline

Activity: 3


View Profile
June 20, 2011, 03:19:25 AM
 #97

First post.

Thankfully I had nothing stolen because I took my coins out just yesterday cause I was afraid MtGox wasn't secure. 

Here is what interested me.  If you look at the leaked list of user accounts it has as the first user jed@thefarwilds.com  Just a little investigative work finds that the first registered user of MtGox is actually Jed McCaleb, creator the the P2P program eDonkey2000! 

What exactly does he have to do with MtGox and what does he know about this.  Was MtGox his coding? I know MtGox stands for "Magic: The Gathering Online Exchange" and Jed's The Far Wilds looks just as dumb.

So is this a coincidence Roll Eyes or does he have something he would like to share with the rest of us?
ErgoOne
Full Member
***
Offline Offline

Activity: 126


View Profile
June 20, 2011, 03:29:41 AM
 #98

1) I'm a brand new Bitcoin user with no Bitcoins.  According to Mt. Gox, my brand new account and password were compromised, but there was nothing for any intruder to steal.

2) Password: 16+ characters, random, upper-case/lower-case letters, numbers, symbols. (I'm anal about passwords.)

3) I do not reuse any passwords on any account that has access to any financial transactions.  This includes bank, payment processor, Bitcoin trading, and any online business where I do business.  I save my passwords in a GPG-encrypted file, keep copies backed up various locations.

4) Mt. Gox currently indicates that the compromise was through the user account of an auditor who has read-only access to the system.  They aren't sure how yet.  My guess is either a spear phish (personalized "phish" email) claiming to be from Mt. Gox, or a trojan with a keylogger that stole their password.

This is scary. :/  However, I"m glad it happened now and not later.  The entire Bitcoin system needs to be made both more secure and more easily usable while secure than it is currently.  I would like to see Bitcoin gain wide acceptance and use outside of the geek world -- the human race needs a digital replacement for cash, and this is the best idea I've seen yet on how to do it.  But I don't see that happening until the security of wallets is ensured (by encrypting them by default), and online trading and payment methods for Bitcoin approach the security of my bank's online banking system.
bc4md
Newbie
*
Offline Offline

Activity: 29


View Profile
June 20, 2011, 03:30:05 AM
 #99

I had nothing on MT gox thank god but I'm still waiting for a transfer from BC market.  

Either that I'm still having generating block issues.
cconover
Newbie
*
Offline Offline

Activity: 2


View Profile
June 20, 2011, 04:02:56 AM
 #100

Mt Gox and other Bitcoin markets ought to enable and encourage the use of some form of multi-factor authentication.  I use a Yubikey in conjunction with my Lastpass account (Lastpass generates very strong, unique passwords for every site so I'm not concerned about my Mt Gox password providing access to anything else), and it's a fantastic and open source authentication system.  Since Bitcoin is growing exponentially in usage and legitimacy, trading services should be growing with it and hardening their systems both on the code side, and on the user interaction side.  Many banks offer or require multi-factor authentication, why shouldn't Bitcoin services?
Pages: « 1 2 3 4 [5] 6 7 8 9 »  All
  Print  
 
Jump to:  

Sponsored by , a Bitcoin-accepting VPN.
Powered by MySQL Powered by PHP Powered by SMF 1.1.19 | SMF © 2006-2009, Simple Machines Valid XHTML 1.0! Valid CSS!