Bitcoin Forum
April 23, 2014, 01:09:03 PM *
News: Due to the OpenSSL heartbleed bug, changing your forum password is recommended.
 
   Home   Help Search Donate Login Register  
Pages: 1 2 3 [All]
  Print  
Author Topic: Mt. Gox: If your coins were stolen, please write here  (Read 10598 times)
MagicalTux
VIP
Hero Member
*
Offline Offline

Activity: 617


Working on new MtGox features


View Profile WWW

Ignore
June 18, 2011, 07:55:40 AM
 #1

Ok, we've been seeing a "lot" of cases recently.

So far I have 10 known cases of people whose coins were stolen (someone logged in on the account using their password, traded USD for BTC, withdrew all the BTC). Considering we have now over 60000 accounts (2 months ago we had 10 times less), this seems to be a problem coming mainly from users.

Problem is many have been posting in various places (forums, reddit, twitter, irc, etc) causing a lot of fear among users when the problem is still fairly limited.

Trust me, if we had a problem in Mt.Gox and it was actively exploited, we'd have way more than a dozen compromised accounts.

By the way we are working on adding an extra feature: a withdraw password. If you define one (on the settings screen) you will have to enter this password too. Should be available by monday.



Now, we cannot recover the funds, however we can try to track those and locate to which account they were sent. I guess that if your account was compromised you first sent an email to info@mtgox.com asking for your account to be blocked until investigation, providing as much information as you can as for the problem.

Please post here your ticket number that was assigned to you when you created this if you want priority handling. Please read the following FAQ before.


FAQ

My history disappears along all my coins and monies

You have not logged in with your usual login. Please make sure you are using the right account.

My coins were traded for USD, or my USD were traded for coins, I never entered any order

You had an open order that couldn't be filled because you didn't have enough funds. When you added funds (or coins) your order could be filled, and was filled.


1398258543
Hero Member
*
Offline Offline

Posts: 1398258543

View Profile Personal Message (Offline)

Ignore
1398258543
Reply with quote  #2

1398258543
Report to moderator
1398258543
Hero Member
*
Offline Offline

Posts: 1398258543

View Profile Personal Message (Offline)

Ignore
1398258543
Reply with quote  #2

1398258543
Report to moderator
Private Internet Access™ - No logs, Unlimited Bandwidth, PC Magazine's Editor's Choice
Advertised sites are not endorsed by the Bitcoin Forum. They may be unsafe, untrustworthy, or illegal in your jurisdiction. Advertise here.
1398258543
Hero Member
*
Offline Offline

Posts: 1398258543

View Profile Personal Message (Offline)

Ignore
1398258543
Reply with quote  #2

1398258543
Report to moderator
1398258543
Hero Member
*
Offline Offline

Posts: 1398258543

View Profile Personal Message (Offline)

Ignore
1398258543
Reply with quote  #2

1398258543
Report to moderator
1398258543
Hero Member
*
Offline Offline

Posts: 1398258543

View Profile Personal Message (Offline)

Ignore
1398258543
Reply with quote  #2

1398258543
Report to moderator
1398258543
Hero Member
*
Offline Offline

Posts: 1398258543

View Profile Personal Message (Offline)

Ignore
1398258543
Reply with quote  #2

1398258543
Report to moderator
koin
Hero Member
*****
Offline Offline

Activity: 868


View Profile

Ignore
June 18, 2011, 08:07:11 AM
 #2

Trust me, if we had a problem in Mt.Gox and it was actively exploited, we'd have way more than a dozen compromised accounts.

Now, we cannot recover the funds, however we can try to track those and locate to which account they were sent.

are you saying that no changes were made to the site in the past 24 hours to protect against a csrf?

if it wasn't broken, would you have any explanation for this claim that a hole had been fixed? http://forum.bitcoin.org/index.php?topic=18709.msg235994#msg235994
MagicalTux
VIP
Hero Member
*
Offline Offline

Activity: 617


Working on new MtGox features


View Profile WWW

Ignore
June 18, 2011, 08:24:07 AM
 #3

Trust me, if we had a problem in Mt.Gox and it was actively exploited, we'd have way more than a dozen compromised accounts.

are you saying that no changes were made to the site in the past 24 hours to protect against a csrf?

if it wasn't broken, would you have any explanation for this claim that a hole had been fixed? http://forum.bitcoin.org/index.php?topic=18709.msg235994#msg235994

There was indeed a CSRF vulnerability in the "change email" and "send funds" features, however we verified the logs of the webserver and could confirm neither were ever exploited, except by the people who discovered it.

Both are now fixed.

anatolikostis
Hero Member
*****
Online Online

Activity: 1064


View Profile WWW

Ignore
June 18, 2011, 10:30:37 AM
 #4

Trust me, if we had a problem in Mt.Gox and it was actively exploited, we'd have way more than a dozen compromised accounts.

are you saying that no changes were made to the site in the past 24 hours to protect against a csrf?

if it wasn't broken, would you have any explanation for this claim that a hole had been fixed? http://forum.bitcoin.org/index.php?topic=18709.msg235994#msg235994

There was indeed a CSRF vulnerability in the "change email" and "send funds" features, however we verified the logs of the webserver and could confirm neither were ever exploited, except by the people who discovered it.

Both are now fixed.
You know about my case very well MARK - I`m still waiting for my stolen 13.4 BTC...

leepfrog
Member
**
Offline Offline

Activity: 84


View Profile

Ignore
June 18, 2011, 12:03:14 PM
 #5

What do you have to say about this here:

http://securityforthemasses.blogspot.com/2011/06/mt-gox-db-purportedly-for-sale.html

If you find one of my posts useful you have the possibility to express your gratitude here: 1CHjoCfU9R6z5iadGqhed2HdHepmv7NjUE
Man From The Future
Full Member
***
Offline Offline

Activity: 126


View Profile

Ignore
June 18, 2011, 12:08:51 PM
 #6

Copy in case that disappears:

Quote
Mt. Gox Db Purportedly for Sale...
Posted to the 'Bin:

"I Got mtgox database,1 day old.Got also bitcoins7;it not as big but still lots hehe!no secure LOL.....

would send user&pass in here but,I want to sell to big buyer

Email: auto36299386@hushmail.com

Make big offer!!!

~cRazIeStinGeR~"


http://pastebin.com/xhnNdvte

19sQD6Xncfbh72mnipuPf9ok7ESwDNxuvW
Grant
Sr. Member
****
Offline Offline

Activity: 252


View Profile

Ignore
June 18, 2011, 12:19:05 PM
 #7

Copy in case that disappears:

Quote
Mt. Gox Db Purportedly for Sale...
Posted to the 'Bin:

"I Got mtgox database,1 day old.Got also bitcoins7;it not as big but still lots hehe!no secure LOL.....

would send user&pass in here but,I want to sell to big buyer

Email: auto36299386@hushmail.com

Make big offer!!!

~cRazIeStinGeR~"


http://pastebin.com/xhnNdvte

I call that a fake/scam attempt. If it was true, this "hacker" would first have emptied as many accounts as possible before selling it. My account remains untouched and so do accounts of most others, only a small % of the people got "exploited".

The utilization of money to create money through economic activity is the intrinsic value of money.
zpinto
Jr. Member
*
Offline Offline

Activity: 58


View Profile

Ignore
June 18, 2011, 12:31:13 PM
 #8

Ok, due to that, i tried to change my password in MTGox and it doesnt let me... wtf?
Man From The Future
Full Member
***
Offline Offline

Activity: 126


View Profile

Ignore
June 18, 2011, 12:46:50 PM
 #9

Seeing the database doesn't mean having write access.

19sQD6Xncfbh72mnipuPf9ok7ESwDNxuvW
MagicalTux
VIP
Hero Member
*
Offline Offline

Activity: 617


Working on new MtGox features


View Profile WWW

Ignore
June 18, 2011, 01:14:11 PM
 #10


Password are encrypted one way (+salt). Someone cannot be selling "user + pass" unless he has some way to revert this.

In one expression: FUD

MagicalTux
VIP
Hero Member
*
Offline Offline

Activity: 617


Working on new MtGox features


View Profile WWW

Ignore
June 18, 2011, 01:39:42 PM
 #11

You know about my case very well MARK - I`m still waiting for my stolen 13.4 BTC...

As I already replied you, your funds were stolen by someone logging in onto your account with your password. Your funds are right now on a bitcoin address and have not moved since then.

As a reminder we assume no responsibility should your funds be stolen by someone using your own password.

smackdaddy
Jr. Member
*
Offline Offline

Activity: 45


View Profile

Ignore
June 18, 2011, 01:46:36 PM
 #12


Password are encrypted one way (+salt). Someone cannot be selling "user + pass" unless he has some way to revert this.

In one expression: FUD

Well, to be fair, if you have the hashed values, it takes very little effort to bruteforce a large number of passwords. Especially if you use tables.

Your statement makes me nervous about the state of overall security at mtgox....relying on hashed passwords was a failing paradigm over a decade ago.
Sukrim
Hero Member
*****
Offline Offline

Activity: 994


View Profile

Ignore
June 18, 2011, 01:48:16 PM
 #13

That's what salt is for! Roll Eyes

Just read it up on Wikipedia...

https://bitfinex.com <-- leveraged trading of BTCUSD, LTCUSD and LTCBTC (long and short) - 10% discount on fees for the first 30 days with this refcode: x5K9YtL3Zb
Mail me at Bitmessage: BM-BbiHiVv5qh858ULsyRDtpRrG9WjXN3xf | https://just-dice.com/ <-- Bitcoin gambling done right!
smackdaddy
Jr. Member
*
Offline Offline

Activity: 45


View Profile

Ignore
June 18, 2011, 01:52:10 PM
 #14

That's what salt is for! Roll Eyes

Just read it up on Wikipedia...

Uhm, I think you need to read up on it. Salting helps defend against table lookups but does not strongly protect against brute force.

joepie91
Sr. Member
****
Offline Offline

Activity: 280


View Profile

Ignore
June 18, 2011, 01:53:37 PM
 #15

MagicalTux, a few cases can already be found here: http://forum.bitcoin.org/index.php?topic=18050.0
It also has some information regarding passwords strengths and operating systems that people used etc.

Also, have you received my PM about the CSS history sniffing vulnerability?


Copy in case that disappears:

Quote
Mt. Gox Db Purportedly for Sale...
Posted to the 'Bin:

"I Got mtgox database,1 day old.Got also bitcoins7;it not as big but still lots hehe!no secure LOL.....

would send user&pass in here but,I want to sell to big buyer

Email: auto36299386@hushmail.com

Make big offer!!!

~cRazIeStinGeR~"


http://pastebin.com/xhnNdvte

I call that a fake/scam attempt. If it was true, this "hacker" would first have emptied as many accounts as possible before selling it. My account remains untouched and so do accounts of most others, only a small % of the people got "exploited".
If the easiest way of "laundering" stolen money would be the exact site you compromised (Mt. Gox) I can imagine that someone does not want to go through the trouble of laundering everything, and would rather sell off the entire database in one hit and have others deal with that. Not to mention selling the database to multiple people.


Password are encrypted one way (+salt). Someone cannot be selling "user + pass" unless he has some way to revert this.

In one expression: FUD
Hashes (even salted) can be bruteforced. Especially if someone has for example already set up Bitcoin mining rigs, he would have considerable power to use on bruteforcing passwords, not to mention things like Amazon AWS (or other cloud computing services) that can be used to very quickly crack hashes.


Like my post(s)? 1MjuJ9NjVjEmfKMf87RW9yDSg1Lj71n44j Smiley
http://www.anonnews.org/ | http://www.encyclopediadramatica.ch/
Quote from: hawks5999
I just can't wait for fall/winter. My furnace never generated money for me before. I'll keep mining until my furnace is more profitable.
Man From The Future
Full Member
***
Offline Offline

Activity: 126


View Profile

Ignore
June 18, 2011, 02:14:00 PM
 #16

The fact that it uses MD5 is an issue.

It should definitely have been set up using SHA256/SHA512, and at least a per user salt(You haven't clarified as to whether it's the same for all, unless I've misread something). Or even double SHA512 two-unique-salts halved.

Sad

19sQD6Xncfbh72mnipuPf9ok7ESwDNxuvW
joepie91
Sr. Member
****
Offline Offline

Activity: 280


View Profile

Ignore
June 18, 2011, 02:23:24 PM
 #17

The fact that it uses MD5 is an issue.

It should definitely have been set up using SHA256/SHA512, and at least a per user salt(You haven't clarified as to whether it's the same for all, unless I've misread something). Or even double SHA512 two-unique-salts halved.

Sad
Where was MD5 mentioned?

Like my post(s)? 1MjuJ9NjVjEmfKMf87RW9yDSg1Lj71n44j Smiley
http://www.anonnews.org/ | http://www.encyclopediadramatica.ch/
Quote from: hawks5999
I just can't wait for fall/winter. My furnace never generated money for me before. I'll keep mining until my furnace is more profitable.
jondecker76
Full Member
***
Offline Offline

Activity: 238


View Profile

Ignore
June 18, 2011, 03:07:12 PM
 #18

I had 20 BTC stolen from my account, I didn't find out until 2 days later.

Here, I added 20 BTC to do some trading:
Quote
06/13/11 09:34   Add BTC   1AbvTGGyKKQDezsnaYDAhJDNPkZYv7aM9z   20   0   20.199   0.059

Within a single day, it had been transferred out (unknown to me)
Quote
06/14/11 15:45   Withdraw BTC   17RT6Ne994VjC762wh7TpXRdrZRMbhJSUC    -20.19   0   0.009   0.059

I sent an email from your website reporting the problem, here is the automated reply:
Quote
## Please do not write below this line ##
Ticket #1605: I was hacked

Your request (#1605) has been received, and will be reviewed by our support staff.

Our help desk is experiencing unusually high traffic currently. We regret to inform you that you will experience some delays (currently 48-72 hrs) in us getting back to you.

We sincerely apologize for the inconvenience and are working on all fronts to improve our response times.

To review the status of the request and add additional comments, follow the link below:
http://support.mtgox.com/tickets/1605


Jondecker76, Jun-17 22:02 (JST):

I've seen it a lot on the forums as well and never thought it could happen to me, but today I logged in to my account to find that my balance of 20 BTC is gone.

here is a the copy and paste from my account history:
06/14/11 15:45 Withdraw BTC 17RT6Ne994VjC762wh7TpXRdrZRMbhJSUC -20.19 0 0.009 0.059


I truly believe you guys have a security problem on your end Sad

I feel that it is MtGox's responsibility to own up to losses from multiple users.  You can confirm yourself that my original report to you was received before there was any mention of a confirmed vulnerability.

RollerBot Advanced Trading Platform
https://bitcointalk.org/index.php?topic=447727.0
BTC Donations for development: 1H36oTJsi3adFh68wwzz95tPP2xoAoTmhC
Man From The Future
Full Member
***
Offline Offline

Activity: 126


View Profile

Ignore
June 18, 2011, 03:36:31 PM
 #19

The fact that it uses MD5 is an issue.

It should definitely have been set up using SHA256/SHA512, and at least a per user salt(You haven't clarified as to whether it's the same for all, unless I've misread something). Or even double SHA512 two-unique-salts halved.

Sad
Where was MD5 mentioned?

It must be in the thread ocnfirming the existence of the CSRF vulnerability.

19sQD6Xncfbh72mnipuPf9ok7ESwDNxuvW
Noitev
Hero Member
*****
Offline Offline

Activity: 574



View Profile

Ignore
June 18, 2011, 04:17:10 PM
 #20

That's what salt is for! Roll Eyes

Just read it up on Wikipedia...

Uhm, I think you need to read up on it. Salting helps defend against table lookups but does not strongly protect against brute force.



if you put enough salt in a md5, itll take thousands of years until you can crack it, ive tried

Free bitcoins,possibly more than 0.2 per hour. See what's coming up NXT Tips: NXT: 7579216551136708118 BTC: 1PJpPoVv1Eq5wkMVguJ71zGyn6E7WmN3K2
Man From The Future
Full Member
***
Offline Offline

Activity: 126


View Profile

Ignore
June 18, 2011, 04:27:49 PM
 #21

Noitev, why use weaker security when better security is available? As mentioned before, if someone was to rent out power from Amazon ECC... :?

19sQD6Xncfbh72mnipuPf9ok7ESwDNxuvW
xjosx
Jr. Member
*
Offline Offline

Activity: 33


View Profile

Ignore
June 18, 2011, 04:30:48 PM
 #22

MagicalTux,

I'm getting the "Too many failure from your IP, temporarly blocked" error when I try to login to the site. I've reset my router, and have successfully logged in, then immediately to a few minutes later, I get logged out. After trying to login again, I receive the above error message. I don't have a keylogger on my system (running OS X), and I even open the Mt. Gox site in a new browser, to prevent any CSRF exploit. My password is over 25 characters long, including symbols + numbers, and isn't a dictionary word or contain dictionary words.

What can I do to use my account as usual? I can PM you my username if it'll help.

Thanks.
cronopio
Jr. Member
*
Offline Offline

Activity: 59


View Profile

Ignore
June 18, 2011, 04:59:32 PM
 #23

As said davout, the password most be encrypt it using bcrypt, hash dont do a good job in password area.

http://codahale.com/how-to-safely-store-a-password/

12FKPNwQUS6Em7Ar6wc1GnzpU4NWBKhTAK

WARNING! This game its so addictive
Man From The Future
Full Member
***
Offline Offline

Activity: 126


View Profile

Ignore
June 18, 2011, 05:35:34 PM
 #24

As said davout, the password most be encrypt it using bcrypt, hash dont do a good job in password area.

http://codahale.com/how-to-safely-store-a-password/

If I knew a site was using encryption, I wouldn't use it.

Why use something reversible by the owners/anyone who gets access to the server... (Since if they have DB, they probably now have the key).

19sQD6Xncfbh72mnipuPf9ok7ESwDNxuvW
TheColdOne
Newbie
*
Offline Offline

Activity: 29


View Profile

Ignore
June 18, 2011, 07:18:19 PM
 #25

I think my account might have been compromised. I successfully logged into my account at least 3 times today. I added some bitcoins. Then when I attempted to login to trade those bitcoins, I was unable to login. Also when I went to recover/reset my password it said that there was no email account attached to my account when I know there is. I don't know if money has been stolen yet but it seems likely that my account was compromised. My ticket is #1836

Exchange Bitcoin to Liberty Reserve and have your Liberty Reserve within 12 hours: https://www.bitcoin7.com/?ref=6815
Try it and you'll never use a slower exchanger again.
diven
Newbie
*
Offline Offline

Activity: 14


View Profile

Ignore
June 18, 2011, 08:46:59 PM
 #26

All my coins were stolen, I immediately filed a ticket (two days ago) and was assigned #1407.  I would appreciate a reply.
casascius
Mike Caldwell
VIP
Hero Member
*
Online Online

Activity: 1204


The Casascius 1oz 10BTC Silver Round (w/ Gold B)


View Profile WWW

Ignore
June 18, 2011, 09:17:18 PM
 #27

What would be nice is if we could optionally restrict the account with a PGP key, so that functions like withdrawals (or at least setting the withdrawal address) had to be signed.

Companies claiming they got hacked and lost your coins sounds like fraud so perfect it could be called fashionable.  I never believe them.  If I ever experience the misfortune of a real intrusion, I declare I have been honest about the way I have managed the keys in Casascius Coins.  I maintain no ability to recover or reproduce the keys, not even under limitless duress or total intrusion.  Remember that trusting strangers with your coins without any recourse is, as a matter of principle, not a best practice.  Don't keep coins online. Use paper wallets instead.
joepie91
Sr. Member
****
Offline Offline

Activity: 280


View Profile

Ignore
June 18, 2011, 09:19:12 PM
 #28

Again, two factor auth using email would be incredibly easy to implement, and a huge improvement in security - mostly because you can't get around that by having database access through a vulnerability.

Like my post(s)? 1MjuJ9NjVjEmfKMf87RW9yDSg1Lj71n44j Smiley
http://www.anonnews.org/ | http://www.encyclopediadramatica.ch/
Quote from: hawks5999
I just can't wait for fall/winter. My furnace never generated money for me before. I'll keep mining until my furnace is more profitable.
Benjie
Member
**
Offline Offline

Activity: 84


View Profile

Ignore
June 18, 2011, 10:20:59 PM
 #29

I dont keep money in my Mt.gox account, but an hour ago i wanted to exchange some btc and i sent in 7 to my mtgox account..
Now I came back to my pc and I cant access my account try to reset password says no email in account file..... wtf
I am sure i regg'ed using an email............Please help me asap 7 coins is like 15 days mining to me

my ticket #1862
Benjie
Member
**
Offline Offline

Activity: 84


View Profile

Ignore
June 18, 2011, 10:37:38 PM
 #30

Avira just finished scanning my pc, nothing was found...also I only use this password for mtgox....
REF
Hero Member
*****
Offline Offline

Activity: 519


View Profile

Ignore
June 18, 2011, 10:49:47 PM
 #31

I think some of you guys are starting to make up stories now..... Mt. Gox is not going to give you any funds back so if your pretending you were hacked to get some BTC forget about it. Mt. Gox is only going to help you track where the funds get moved to.
padrino
Sr. Member
****
Online Online

Activity: 448


View Profile

Ignore
June 18, 2011, 11:02:54 PM
 #32

I think some of you guys are starting to make up stories now..... Mt. Gox is not going to give you any funds back so if your pretending you were hacked to get some BTC forget about it. Mt. Gox is only going to help you track where the funds get moved to.

It's hard to tell either way however you are right that I wouldn't expect Mt. Gox to give them back. With teh volume of users and trading if .001% of people had an issue I expect we would see more then the posts we have seen thus far. There is enough money going around for people to focus effort on exploting accounts.

With that said they are providing a financial service and although not regulated I expect there will be a lawsuit sometime soon because for the type of service offered it's fairly obvious adequate authentication is not enforced and yes there is some precedent for that.

Donations always welcome 1CPi7VRihoF396gyYYcs2AdTEF8KQG2BCR
Benjie
Member
**
Offline Offline

Activity: 84


View Profile

Ignore
June 18, 2011, 11:21:17 PM
 #33

I think my account might have been compromised. I successfully logged into my account at least 3 times today. I added some bitcoins. Then when I attempted to login to trade those bitcoins, I was unable to login. Also when I went to recover/reset my password it said that there was no email account attached to my account when I know there is. I don't know if money has been stolen yet but it seems likely that my account was compromised. My ticket is #1836

This is what happened to me exactly, please tell me what did mt.gox tell you... I sent an email to them but didnt get a case number..
MagicalTux
VIP
Hero Member
*
Offline Offline

Activity: 617


Working on new MtGox features


View Profile WWW

Ignore
June 19, 2011, 01:30:53 AM
 #34

Ok so:

#1407: Confirmed hacked on june 16th, investigation in progress
#1836: Investigation in progress, no lost coins
#1862: Investigation in progress, no lost coins

Benjie
Member
**
Offline Offline

Activity: 84


View Profile

Ignore
June 19, 2011, 01:33:05 AM
 #35

Ok so:

#1407: Confirmed hacked on june 16th, investigation in progress
#1836: Investigation in progress, no lost coins
#1862: Investigation in progress, no lost coins

please tell me was my password changed Huh or what


EDIT: Just received this email :  Huh

Mark Karpeles, Jun-19 10:25 (JST):

Hi,

We have confirmed the bitcoins you have added to your account were stolen, and your account has been automatically blocked.

Could you tell me where you got those bitcoins from?

Thanks,
Mark
MtGox.com Team.

So the owner of the site says no coins lost, and customer support says your coins are lost Huh?Whom do I believe ??
Twiddle
Newbie
*
Offline Offline

Activity: 11



View Profile

Ignore
June 19, 2011, 02:02:06 AM
 #36

Quote
So the owner of the site says no coins lost, and customer support says your coins are lost Huh?Whom do I believe ??

I wouldn't worry about this at all. Mark Karpeles and MagicalTux often contradict themselves. For example, Mark has just confirmed to us that a few accounts were hacked into. However, MagicalTux reassured us yesterday that the CSRF exploits "were never used," even though there was an obvious corresponding increase in reports of coins being stolen via Mt. Gox.
Benjie
Member
**
Offline Offline

Activity: 84


View Profile

Ignore
June 19, 2011, 02:06:22 AM
 #37

Account was reinstated turns out one of my players in Triple Trouble, sent money from the 25k stolen coins....
Twiddle
Newbie
*
Offline Offline

Activity: 11



View Profile

Ignore
June 19, 2011, 02:08:31 AM
 #38

Account was reinstated turns out one of my players in Triple Trouble, sent money from the 25k stolen coins....

So did you get to keep your coins? Or were they repossessed by Mt. Gox?
Benjie
Member
**
Offline Offline

Activity: 84


View Profile

Ignore
June 19, 2011, 02:13:22 AM
 #39

Account was reinstated turns out one of my players in Triple Trouble, sent money from the 25k stolen coins....

So did you get to keep your coins? Or were they repossessed by Mt. Gox?
only 0.16 were fraudulent
MagicalTux
VIP
Hero Member
*
Offline Offline

Activity: 617


Working on new MtGox features


View Profile WWW

Ignore
June 19, 2011, 02:13:32 AM
 #40

Quote
So the owner of the site says no coins lost, and customer support says your coins are lost Huh?Whom do I believe ??

I wouldn't worry about this at all. Mark Karpeles and MagicalTux often contradict themselves. For example, Mark has just confirmed to us that a few accounts were hacked into. However, MagicalTux reassured us yesterday that the CSRF exploits "were never used," even though there was an obvious corresponding increase in reports of coins being stolen via Mt. Gox.

The coins stolen from Mt.Gox were not stolen using any CSRF exploit.

Twiddle
Newbie
*
Offline Offline

Activity: 11



View Profile

Ignore
June 19, 2011, 02:16:06 AM
 #41

The coins stolen from Mt.Gox were not stolen using any CSRF exploit.

So they were stolen from Mt.Gox using another exploit...?
MagicalTux
VIP
Hero Member
*
Offline Offline

Activity: 617


Working on new MtGox features


View Profile WWW

Ignore
June 19, 2011, 02:20:43 AM
 #42

The coins stolen from Mt.Gox were not stolen using any CSRF exploit.

So they were stolen from Mt.Gox using another exploit...?

No, they logged in on users account using the correct login and password. We have logs showing the loggin succeed on first try.

Twiddle
Newbie
*
Offline Offline

Activity: 11



View Profile

Ignore
June 19, 2011, 02:22:35 AM
 #43

No, they logged in on users account using the correct login and password. We have logs showing the loggin succeed on first try.

Oh, that's good news. Thanks for keeping your site secure and staying on top of everything.
joepie91
Sr. Member
****
Offline Offline

Activity: 280


View Profile

Ignore
June 19, 2011, 12:13:13 PM
 #44

The coins stolen from Mt.Gox were not stolen using any CSRF exploit.

So they were stolen from Mt.Gox using another exploit...?

No, they logged in on users account using the correct login and password. We have logs showing the loggin succeed on first try.
Then I suppose you have the IP address of the person who logged in to the accounts?

Also, I have not yet received a response to my tickets #957/#1797, nor to the PM I sent you on this forum.

Like my post(s)? 1MjuJ9NjVjEmfKMf87RW9yDSg1Lj71n44j Smiley
http://www.anonnews.org/ | http://www.encyclopediadramatica.ch/
Quote from: hawks5999
I just can't wait for fall/winter. My furnace never generated money for me before. I'll keep mining until my furnace is more profitable.
anatolikostis
Hero Member
*****
Online Online

Activity: 1064


View Profile WWW

Ignore
June 19, 2011, 12:39:38 PM
 #45

No, they logged in on users account using the correct login and password. We have logs showing the loggin succeed on first try.

Oh, that's good news. Thanks for keeping your site secure and staying on top of everything.
You are not alone, I`m with you too... Grin Grin Grin
The same case - correct login/password...
No exchange responsibility - no 13.4BTC

Such a nice mtgox.com exchange  Grin Grin Grin


PS
MagicalTux

Well Mark,
I`d like to know from which IP was made 13.4BTC transaction to fraudster wallet...
Is this a open information for me?

jondecker76
Full Member
***
Offline Offline

Activity: 238


View Profile

Ignore
June 19, 2011, 09:06:28 PM
 #46

Magical Tux:

Now that you guys finally admit that you were indeed compromised and usernames/passwords (hashed) were stolen, are you going to refund us customers that had our BTC stolen? (20.19 in my case). I (and others that had BTC stolen while in your care) are angry and frustrated the way this whole thing was denied and handled.  Over the past days, I have seen honest bitcoin users and supporters (of which I am both) accused of lieing, not having secure enough passwords, and of being hacked themselves -- and everything in between.  Are you guys going to own up, do the right thing, and refund us?
(and I will point out again, that I originally reported my stollen BTC to you before any mention of the vulnerabilities and comprimises - without any reply back at all (though, i know you must be busy at the moment, but still))

Quote
UPDATE REGARDING LEAKED ACCOUNT INFORMATIONS

We will address this issue too and prevent logins from each users. Leaked information includes username, email and hashed password, which does not allow anyone to get to the actual password, should it be complex enough. If you used a simple password you will not be able to login on Mt.Gox until you change your password to something more secure. If you used the same password on different places, it is recommended to change it as soon as possible.
https://support.mtgox.com/entries/20208066-huge-bitcoin-sell-off-due-to-a-compromised-account-rollback


RollerBot Advanced Trading Platform
https://bitcointalk.org/index.php?topic=447727.0
BTC Donations for development: 1H36oTJsi3adFh68wwzz95tPP2xoAoTmhC
anatolikostis
Hero Member
*****
Online Online

Activity: 1064


View Profile WWW

Ignore
June 19, 2011, 09:51:16 PM
 #47

mtgox.com - epic fail  - one by one...hug and cry
 Smiley

You can keep my stolen 13.4BTC for doing reliable protection...

PS It was a joke... Cheesy

idev
Hero Member
*****
Offline Offline

Activity: 663


View Profile

Ignore
June 19, 2011, 10:02:42 PM
 #48

OMG when did this happen  Huh
no wonder my gmail account got locked  Embarrassed
and how can i find if my coins and lr have been stolen from my account?

Help keep Nxt Wallet public node and web based UI online. Donations: 8933896963096332561 are greatly appreciated. | Buy XRP with NXT
_s3v3n_
Member
**
Offline Offline

Activity: 111


View Profile

Ignore
June 20, 2011, 01:28:41 AM
 #49

Let's all make no mistake about this. ALL accounts in Mt. Gox are affected. Even Tradehill and deepbit already made a universal password change on their side just to make sure this doesn't become much worse.

Let's give Mt. Gox some time to resolve this critical issue. For now, I suggest at least CHANGE ALL YOUR PASSWORDS on accounts related to bitcoin - I mean ALL OF THEM.

If possible change your email account, too. Might as well register a new email account which I already did.



P.S.

This will definitely bring the difficulty down to at least 50%.


RDD RjBUYX75fvQ1yeSDJPkuB5wU35etvZ9JES
snoleo
Member
**
Offline Offline

Activity: 71


A Colt Crossed the River


View Profile

Ignore
June 20, 2011, 07:51:21 AM
 #50

I also got hacked.

I cannot access my mtgox account June 19th at around 13:00 o'clock (GMT) BEFORE the big incident occurred.

Someone changed my account password and changed the email, so I even cannot recover my password.

I don't know whether the fund (over 200 LR) or BTC (20BTC) are stolen since I cannot access it for about 20 hours.

I have submitted a request at https://support.mtgox.com, it has been marked as "Urgent", but got no reply yet.

Hope you can figure the problem soon.

My account is:
snoleo
Email:
snoleo@gmail.com

I use a very strong password which is only used for mtgox.

btc123.com - bitcoin Info & Web directory
jondecker76
Full Member
***
Offline Offline

Activity: 238


View Profile

Ignore
June 20, 2011, 03:29:12 PM
 #51

So Magical Tux,
Are you ever going to answer,  what are MtGox's plans for those of us who got bitcoins stolen in the days preceding the sell off?  You know, those if us that have been telling you since before the compromise was made public.  It should be easy to validate our claims by comparing ip address history,  as I have only logged in to your site from home, work and my phone (verizon)

RollerBot Advanced Trading Platform
https://bitcointalk.org/index.php?topic=447727.0
BTC Donations for development: 1H36oTJsi3adFh68wwzz95tPP2xoAoTmhC
anatolikostis
Hero Member
*****
Online Online

Activity: 1064


View Profile WWW

Ignore
June 21, 2011, 07:03:50 AM
 #52

So Magical Tux,
Are you ever going to answer,  what are MtGox's plans for those of us who got bitcoins stolen in the days preceding the sell off?  You know, those if us that have been telling you since before the compromise was made public.  It should be easy to validate our claims by comparing ip address history,  as I have only logged in to your site from home, work and my phone (verizon)

You know their answer very well - correct login/pass, so they are not responce for this, It`s a very sad story... Cry Cry Cry

_s3v3n_
Member
**
Offline Offline

Activity: 111


View Profile

Ignore
June 21, 2011, 03:02:37 PM
 #53

So Magical Tux,
Are you ever going to answer,  what are MtGox's plans for those of us who got bitcoins stolen in the days preceding the sell off?  You know, those if us that have been telling you since before the compromise was made public.  It should be easy to validate our claims by comparing ip address history,  as I have only logged in to your site from home, work and my phone (verizon)

You know their answer very well - correct login/pass, so they are not responce for this, It`s a very sad story... Cry Cry Cry


Kindda like that now since they said the hacker used correct username/password. But they can match all the IP address with yours and take it from there. Not an easy thing to do but doable.

PROS AND CONS guys. We all know that this is risky in the first place. Let's just all wait for Mt. Gox to sort their service out first. I, too lost some coins and $$$ but I understand what's happening right now at Mt. Gox so I'm waiting for them to finish putting the site up and then will contact them.


RDD RjBUYX75fvQ1yeSDJPkuB5wU35etvZ9JES
snoleo
Member
**
Offline Offline

Activity: 71


A Colt Crossed the River


View Profile

Ignore
June 21, 2011, 05:11:15 PM
 #54

    Now requesting to recover your Mt.Gox account has been started.
    But since my account has been stolen 5 hours before the "big compromised account incident", now I even cannot request to recover my MtGox account.

I know mtgox has some urgent affairs to handle right now. But it should also set up a way for the users like me to request for recovering the account.

I have post a request to report my stolen account before the the "big compromised account incident". Now 3 days passed, no answer no email. This request is set to Urgent Priority but no one has even given me a reply.

We pay transaction fees to mtgox, I think we deserved to have an account recovery service. But now the fact is that someone entered my account, changed my email address, changed my passwd. And I even do not know whether the fund or the btc is still in my account or not.

When mtgox website open again, I still cannot login to my account. If the price rises, I cannot sell. If the price drops, I cannot buy. I think this is also another lost brought by mtgox.

Do not forget the users just like me.
At least offer a way to handle this problem.
I can provide the proof the I am actually the owner of this account.

btc123.com - bitcoin Info & Web directory
joepie91
Sr. Member
****
Offline Offline

Activity: 280


View Profile

Ignore
June 21, 2011, 07:51:59 PM
 #55

So Magical Tux,
Are you ever going to answer,  what are MtGox's plans for those of us who got bitcoins stolen in the days preceding the sell off?  You know, those if us that have been telling you since before the compromise was made public.  It should be easy to validate our claims by comparing ip address history,  as I have only logged in to your site from home, work and my phone (verizon)

You know their answer very well - correct login/pass, so they are not responce for this, It`s a very sad story... Cry Cry Cry


Kindda like that now since they said the hacker used correct username/password. But they can match all the IP address with yours and take it from there. Not an easy thing to do but doable.

PROS AND CONS guys. We all know that this is risky in the first place. Let's just all wait for Mt. Gox to sort their service out first. I, too lost some coins and $$$ but I understand what's happening right now at Mt. Gox so I'm waiting for them to finish putting the site up and then will contact them.


Want the benefits (rather high transaction fees), then also take the risks (system getting compromised and having to refund people and/or hire extra staff).
He has been massively profiting off all transactions, then he will also have to bear things like this in a proper manner. This is a for-profit exchange, and the same rules go for that as for every other company.

Like my post(s)? 1MjuJ9NjVjEmfKMf87RW9yDSg1Lj71n44j Smiley
http://www.anonnews.org/ | http://www.encyclopediadramatica.ch/
Quote from: hawks5999
I just can't wait for fall/winter. My furnace never generated money for me before. I'll keep mining until my furnace is more profitable.
RandyMarsh
Full Member
***
Offline Offline

Activity: 237



View Profile

Ignore
June 21, 2011, 09:25:51 PM
 #56

Whats the story with the claims? I claimed about an hour after you started and nothing yet, but there was already threads on the other board of people having gotten their accounts back?
how about prioritizing  the folk who have half a years wages in your site, rather than randomly sorting out people with 20$ in there for the laugh?

Stan?! STAN?!?!
Jdumond
Member
**
Offline Offline

Activity: 81



View Profile

Ignore
June 21, 2011, 10:32:07 PM
 #57

Whats the story with the claims? I claimed about an hour after you started and nothing yet, but there was already threads on the other board of people having gotten their accounts back?
how about prioritizing  the folk who have half a years wages in your site, rather than randomly sorting out people with 20$ in there for the laugh?

You sir, need to be smarter.

I dont like the guy. How many reasons do I have? alot.
How many reasons do I need? none.
I just dont like the guy.

Donate here: 1Juv5x7PHcNQdRzdUpWK1DHMKwMy7j7zxj
Tradehill: TH-R11447
Loozik
Sr. Member
****
Offline Offline

Activity: 364


Born to chew bubble gum and kick ass


View Profile

Ignore
April 30, 2013, 04:27:28 AM
 #58

I suspect my account was compromised or I am just paranoid.

I have an account at MtGox and visit this account very frequently (3-5 times a day) to check my number in a verification queue.

I went to Mtgox website 40 minutes ago, typed my Username and Password, and a red small window told me my password was incorrect and if I forgot it I could type in my e-mail address to recover it or to get a new one. I thought I just simply made a typo in my password. I repeated the action 2 times more and the red window kept on popping up and telling me ''incorrect password''.

I shut down my computer and my modem. Then I restarted the computer and the modem, went to MtGox's website entered the Username and the Password and could log in without any problems.

I searched the website, while logged in, for ''you were logged in on ...(date and time)...'' information to check if someone else was logged in using my Username and Password, and I couldn't find such an information.

Could someone tell me:
a) if I should consider it a problem not having being able to log in three times using the correct Username and Password (there is of course an unlikely possibility I typped in a wrong password);
b) is there a log in history for an account at MtGox's website available to account holders?

Thanks.
mc_lovin
Hero Member
*****
Offline Offline

Activity: 938


www.bitcointrading.com


View Profile WWW

Ignore
April 30, 2013, 10:44:43 PM
 #59

I suspect my account was compromised or I am just paranoid.

I have an account at MtGox and visit this account very frequently (3-5 times a day) to check my number in a verification queue.

I went to Mtgox website 40 minutes ago, typed my Username and Password, and a red small window told me my password was incorrect and if I forgot it I could type in my e-mail address to recover it or to get a new one. I thought I just simply made a typo in my password. I repeated the action 2 times more and the red window kept on popping up and telling me ''incorrect password''.

I shut down my computer and my modem. Then I restarted the computer and the modem, went to MtGox's website entered the Username and the Password and could log in without any problems.

I searched the website, while logged in, for ''you were logged in on ...(date and time)...'' information to check if someone else was logged in using my Username and Password, and I couldn't find such an information.

Could someone tell me:
a) if I should consider it a problem not having being able to log in three times using the correct Username and Password (there is of course an unlikely possibility I typped in a wrong password);
b) is there a log in history for an account at MtGox's website available to account holders?

Thanks.

Omg so it's true.  There are people dialing up modems to get bitcoins. 

Congrats on the epic 2 year old thread bump.  Good read.

Pages: 1 2 3 [All]
  Print  
 
Jump to:  

Sponsored by , a Bitcoin-accepting VPN.
Powered by MySQL Powered by PHP Powered by SMF 1.1.19 | SMF © 2006-2009, Simple Machines Valid XHTML 1.0! Valid CSS!