Bitcoin Forum
December 09, 2016, 04:24:20 AM *
News: To be able to use the next phase of the beta forum software, please ensure that your email address is correct/functional.
 
   Home   Help Search Donate Login Register  
Pages: « 1 [2] 3 »  All
  Print  
Author Topic: Mt. Gox: If your coins were stolen, please write here  (Read 20186 times)
Man From The Future
Full Member
***
Offline Offline

Activity: 126


View Profile
June 18, 2011, 04:27:49 PM
 #21

Noitev, why use weaker security when better security is available? As mentioned before, if someone was to rent out power from Amazon ECC... :?
1481257460
Hero Member
*
Offline Offline

Posts: 1481257460

View Profile Personal Message (Offline)

Ignore
1481257460
Reply with quote  #2

1481257460
Report to moderator
1481257460
Hero Member
*
Offline Offline

Posts: 1481257460

View Profile Personal Message (Offline)

Ignore
1481257460
Reply with quote  #2

1481257460
Report to moderator
1481257460
Hero Member
*
Offline Offline

Posts: 1481257460

View Profile Personal Message (Offline)

Ignore
1481257460
Reply with quote  #2

1481257460
Report to moderator
Advertised sites are not endorsed by the Bitcoin Forum. They may be unsafe, untrustworthy, or illegal in your jurisdiction. Advertise here.
xjosx
Jr. Member
*
Offline Offline

Activity: 33


View Profile
June 18, 2011, 04:30:48 PM
 #22

MagicalTux,

I'm getting the "Too many failure from your IP, temporarly blocked" error when I try to login to the site. I've reset my router, and have successfully logged in, then immediately to a few minutes later, I get logged out. After trying to login again, I receive the above error message. I don't have a keylogger on my system (running OS X), and I even open the Mt. Gox site in a new browser, to prevent any CSRF exploit. My password is over 25 characters long, including symbols + numbers, and isn't a dictionary word or contain dictionary words.

What can I do to use my account as usual? I can PM you my username if it'll help.

Thanks.
cronopio
Jr. Member
*
Offline Offline

Activity: 59


View Profile
June 18, 2011, 04:59:32 PM
 #23

As said davout, the password most be encrypt it using bcrypt, hash dont do a good job in password area.

http://codahale.com/how-to-safely-store-a-password/

12FKPNwQUS6Em7Ar6wc1GnzpU4NWBKhTAK

WARNING! This game its so addictive
Man From The Future
Full Member
***
Offline Offline

Activity: 126


View Profile
June 18, 2011, 05:35:34 PM
 #24

As said davout, the password most be encrypt it using bcrypt, hash dont do a good job in password area.

http://codahale.com/how-to-safely-store-a-password/

If I knew a site was using encryption, I wouldn't use it.

Why use something reversible by the owners/anyone who gets access to the server... (Since if they have DB, they probably now have the key).
TheColdOne
Newbie
*
Offline Offline

Activity: 29


View Profile
June 18, 2011, 07:18:19 PM
 #25

I think my account might have been compromised. I successfully logged into my account at least 3 times today. I added some bitcoins. Then when I attempted to login to trade those bitcoins, I was unable to login. Also when I went to recover/reset my password it said that there was no email account attached to my account when I know there is. I don't know if money has been stolen yet but it seems likely that my account was compromised. My ticket is #1836

Exchange Bitcoin to Liberty Reserve and have your Liberty Reserve within 12 hours: https://www.bitcoin7.com/?ref=6815
Try it and you'll never use a slower exchanger again.
diven
Newbie
*
Offline Offline

Activity: 14


View Profile
June 18, 2011, 08:46:59 PM
 #26

All my coins were stolen, I immediately filed a ticket (two days ago) and was assigned #1407.  I would appreciate a reply.
casascius
Mike Caldwell
VIP
Legendary
*
Offline Offline

Activity: 1344


The Casascius 1oz 10BTC Silver Round (w/ Gold B)


View Profile WWW
June 18, 2011, 09:17:18 PM
 #27

What would be nice is if we could optionally restrict the account with a PGP key, so that functions like withdrawals (or at least setting the withdrawal address) had to be signed.

Companies claiming they got hacked and lost your coins sounds like fraud so perfect it could be called fashionable.  I never believe them.  If I ever experience the misfortune of a real intrusion, I declare I have been honest about the way I have managed the keys in Casascius Coins.  I maintain no ability to recover or reproduce the keys, not even under limitless duress or total intrusion.  Remember that trusting strangers with your coins without any recourse is, as a matter of principle, not a best practice.  Don't keep coins online. Use paper wallets instead.
joepie91
Sr. Member
****
Offline Offline

Activity: 294


View Profile
June 18, 2011, 09:19:12 PM
 #28

Again, two factor auth using email would be incredibly easy to implement, and a huge improvement in security - mostly because you can't get around that by having database access through a vulnerability.

Like my post(s)? 12TSXLa5Tu6ag4PNYCwKKSiZsaSCpAjzpu Smiley
Quote from: hawks5999
I just can't wait for fall/winter. My furnace never generated money for me before. I'll keep mining until my furnace is more profitable.
Benjie
Member
**
Offline Offline

Activity: 84


View Profile
June 18, 2011, 10:20:59 PM
 #29

I dont keep money in my Mt.gox account, but an hour ago i wanted to exchange some btc and i sent in 7 to my mtgox account..
Now I came back to my pc and I cant access my account try to reset password says no email in account file..... wtf
I am sure i regg'ed using an email............Please help me asap 7 coins is like 15 days mining to me

my ticket #1862
Benjie
Member
**
Offline Offline

Activity: 84


View Profile
June 18, 2011, 10:37:38 PM
 #30

Avira just finished scanning my pc, nothing was found...also I only use this password for mtgox....
REF
Hero Member
*****
Offline Offline

Activity: 526


View Profile
June 18, 2011, 10:49:47 PM
 #31

I think some of you guys are starting to make up stories now..... Mt. Gox is not going to give you any funds back so if your pretending you were hacked to get some BTC forget about it. Mt. Gox is only going to help you track where the funds get moved to.
padrino
Legendary
*
Offline Offline

Activity: 1260



View Profile
June 18, 2011, 11:02:54 PM
 #32

I think some of you guys are starting to make up stories now..... Mt. Gox is not going to give you any funds back so if your pretending you were hacked to get some BTC forget about it. Mt. Gox is only going to help you track where the funds get moved to.

It's hard to tell either way however you are right that I wouldn't expect Mt. Gox to give them back. With teh volume of users and trading if .001% of people had an issue I expect we would see more then the posts we have seen thus far. There is enough money going around for people to focus effort on exploting accounts.

With that said they are providing a financial service and although not regulated I expect there will be a lawsuit sometime soon because for the type of service offered it's fairly obvious adequate authentication is not enforced and yes there is some precedent for that.

1CPi7VRihoF396gyYYcs2AdTEF8KQG2BCR
Benjie
Member
**
Offline Offline

Activity: 84


View Profile
June 18, 2011, 11:21:17 PM
 #33

I think my account might have been compromised. I successfully logged into my account at least 3 times today. I added some bitcoins. Then when I attempted to login to trade those bitcoins, I was unable to login. Also when I went to recover/reset my password it said that there was no email account attached to my account when I know there is. I don't know if money has been stolen yet but it seems likely that my account was compromised. My ticket is #1836

This is what happened to me exactly, please tell me what did mt.gox tell you... I sent an email to them but didnt get a case number..
MagicalTux
VIP
Hero Member
*
Offline Offline

Activity: 617


Working on new MtGox features


View Profile WWW
June 19, 2011, 01:30:53 AM
 #34

Ok so:

#1407: Confirmed hacked on june 16th, investigation in progress
#1836: Investigation in progress, no lost coins
#1862: Investigation in progress, no lost coins

Benjie
Member
**
Offline Offline

Activity: 84


View Profile
June 19, 2011, 01:33:05 AM
 #35

Ok so:

#1407: Confirmed hacked on june 16th, investigation in progress
#1836: Investigation in progress, no lost coins
#1862: Investigation in progress, no lost coins

please tell me was my password changed Huh or what


EDIT: Just received this email :  Huh

Mark Karpeles, Jun-19 10:25 (JST):

Hi,

We have confirmed the bitcoins you have added to your account were stolen, and your account has been automatically blocked.

Could you tell me where you got those bitcoins from?

Thanks,
Mark
MtGox.com Team.

So the owner of the site says no coins lost, and customer support says your coins are lost Huh?Whom do I believe ??
Twiddle
Newbie
*
Offline Offline

Activity: 11



View Profile
June 19, 2011, 02:02:06 AM
 #36

Quote
So the owner of the site says no coins lost, and customer support says your coins are lost Huh?Whom do I believe ??

I wouldn't worry about this at all. Mark Karpeles and MagicalTux often contradict themselves. For example, Mark has just confirmed to us that a few accounts were hacked into. However, MagicalTux reassured us yesterday that the CSRF exploits "were never used," even though there was an obvious corresponding increase in reports of coins being stolen via Mt. Gox.
Benjie
Member
**
Offline Offline

Activity: 84


View Profile
June 19, 2011, 02:06:22 AM
 #37

Account was reinstated turns out one of my players in Triple Trouble, sent money from the 25k stolen coins....
Twiddle
Newbie
*
Offline Offline

Activity: 11



View Profile
June 19, 2011, 02:08:31 AM
 #38

Account was reinstated turns out one of my players in Triple Trouble, sent money from the 25k stolen coins....

So did you get to keep your coins? Or were they repossessed by Mt. Gox?
Benjie
Member
**
Offline Offline

Activity: 84


View Profile
June 19, 2011, 02:13:22 AM
 #39

Account was reinstated turns out one of my players in Triple Trouble, sent money from the 25k stolen coins....

So did you get to keep your coins? Or were they repossessed by Mt. Gox?
only 0.16 were fraudulent
MagicalTux
VIP
Hero Member
*
Offline Offline

Activity: 617


Working on new MtGox features


View Profile WWW
June 19, 2011, 02:13:32 AM
 #40

Quote
So the owner of the site says no coins lost, and customer support says your coins are lost Huh?Whom do I believe ??

I wouldn't worry about this at all. Mark Karpeles and MagicalTux often contradict themselves. For example, Mark has just confirmed to us that a few accounts were hacked into. However, MagicalTux reassured us yesterday that the CSRF exploits "were never used," even though there was an obvious corresponding increase in reports of coins being stolen via Mt. Gox.

The coins stolen from Mt.Gox were not stolen using any CSRF exploit.

Pages: « 1 [2] 3 »  All
  Print  
 
Jump to:  

Sponsored by , a Bitcoin-accepting VPN.
Powered by MySQL Powered by PHP Powered by SMF 1.1.19 | SMF © 2006-2009, Simple Machines Valid XHTML 1.0! Valid CSS!