Just lost 6.4 bitcoins or 663 euros from MT.gox STOLEN

[etheral]

http://i36.tinypic.com/2rrs9z8.jpg

Just noticed that an hour ago someone transferred approx 660 euros from my account

I used different email and mt.gox passwords, both very relatively strong and my pc is not infected

I have never opened any unknown executable files without scanning with virustotal.com

My only guess is that my account was hacked by some kind of bot that just brute forced my password

And I was just going to sleep... no words


I contacted mt.gox but of course I doubt they will be able to help

The worst thing is that I have no idea how this happened

Another thing that might have compromised me is lastpass add-on that stores my logins and passwords




thief who got my bitcoins: https://blockchain.info/address/1TM5uR7wRo3n5tr4NMpakuMEeU8TeFruS
info from Mt.Gox:

>Transaction reference: 07439aba-a384-4e72-9c0b-d2391a7fc35e
>
> Date: 2013-04-23 00:42:45 GMT
>
> IP: 78.108.63.44
>


feel my pain?: 1CoPSAzTBNYAuqi9tZq4hEK9B5HYsVWTTZ

[1715606743]

1715606743

[1715606743]

1715606743

[1715606743]

1715606743

[1715606743]

1715606743

[1715606743]

1715606743

[1715606743]

1715606743

[altmine2]

Ouch that sounds pretty horrible. You may have been subject to a Man-In-The-Middle attack, or someone may have brute forced your password. Maybe someone stole your Mt.Gox session for a malicious website you visited. There are so many threats.

When picking a password, the longer you can go, the better.

Code:

Correct horse battery staple!

is a better password than

Code:

14Ms0l33t!$

Either way, I feel sorry for your loss. Hope it doesn't happen again!

[🏰 TradeFortress 🏰]

2FA, is this hard?

[shibaji]

2FA, is this hard?

What is the way to do 2FA at mt.gox ? I use this at blockchain.info but cannot see any 2FA via email at gox other than yubikey

[advanced]

2FA, is this hard?

What is the way to do 2FA at mt.gox ? I use this at blockchain.info but cannot see any 2FA via email at gox other than yubikey

yubikey is 2FA, isn't it?

[shibaji]

2FA, is this hard?

What is the way to do 2FA at mt.gox ? I use this at blockchain.info but cannot see any 2FA via email at gox other than yubikey

yubikey is 2FA, isn't it?

Well, its a hassle and not free. Blockchain 2FA is much better.

[BadBear]

2FA, is this hard?

What is the way to do 2FA at mt.gox ? I use this at blockchain.info but cannot see any 2FA via email at gox other than yubikey

yubikey is 2FA, isn't it?

Well, its a hassle and not free. Blockchain 2FA is much better.

Getting robbed and trying to recover it is even more of a hassle.

[Remember remember the 5th of November]

The IP you have given corresponds to the Bitcoinica mtgox account hacker.

https://bitcointalk.org/index.php?topic=95738.0

[shibaji]

2FA, is this hard?

What is the way to do 2FA at mt.gox ? I use this at blockchain.info but cannot see any 2FA via email at gox other than yubikey

yubikey is 2FA, isn't it?

Well, its a hassle and not free. Blockchain 2FA is much better.

Getting robbed and trying to recover it is even more of a hassle.

True - I was just looking for a easier 2FA, if there is any. I do not keep much in Gox for this reason.

[John (John K.)]

A simple Google search reveals that this guy is a frequent thief. He apparently does not cover his tracks well, and he's most probably a member here....a simple taint search shows even I am connected to him somehow. He's probably behind the blockchain.info hacks involving whiskers75 and others too.

https://bitcointalk.org/index.php?topic=180261.0

[etheral]

I just analysed my passwords and the only places where I used the same password as for mt.gox are https://bitme.com/ and http://betsofbitco.in/   (I know - stupid)

I am 90% sure that one of these websites is connected to the breach of my mt.gox account

I am giving the other 9% to a few bitcoin mining programs and 1% for a brute force attack

I find it really sad that someone is working fulltime on scamming other people, very sad indeed

[John (John K.)]

There's a java exploit running rampant lately - did you visit any dodgy looking sites lately?

[etheral]

no, that's why I am 90% sure that one of these websites is connected

[elux]

I just analysed my passwords and the only places where I used the same password as for mt.gox are https://bitme.com/ and http://betsofbitco.in/   (I know - stupid)

You just gave the hacker the information he needs to clean out any remaining balance from those two sites.

Same login/username too? What is bitme.com?

[etheral]

I don't have any balance on those sites
bitme was an exchange

[jonytk]

2FA
use google authenticator if you have android !!!

that's why they say in the media bitcoins is for nerds...

you need a computer technician to certify your computer is clean and protected,

i worked as system administrator for the government and you cannot believe the amount of viruses i had to clean.

most likely you clicked a link related to bitcoin somwhere that uses the java /flash exploit.

[Mushoz]

Mtgox supports google authenticator just like blockchain.info, so there's no reason at all not to use 2-FA for Mtgox. I'm sorry for your loss

[shibaji]

Mtgox supports google authenticator just like blockchain.info, so there's no reason at all not to use 2-FA for Mtgox. I'm sorry for your loss

Please show me where. All I see is yubikey.

[bizz]

Mtgox supports google authenticator just like blockchain.info, so there's no reason at all not to use 2-FA for Mtgox. I'm sorry for your loss

Please show me where. All I see is yubikey.

https://mtgox.com/security

Welcome to the Mt.Gox Security Center.

Here you can secure your account by linking One Time Password (OTP) solutions such as a YubiKey or Google Authenticator to various account functions.