|
Man From The Future
|
 |
June 18, 2011, 04:27:49 PM |
|
Noitev, why use weaker security when better security is available? As mentioned before, if someone was to rent out power from Amazon ECC... :?
|
|
|
|
|
|
|
|
|
|
|
|
Advertised sites are not endorsed by the Bitcoin Forum. They may be unsafe, untrustworthy, or illegal in your jurisdiction.
|
|
|
|
|
|
|
xjosx
Newbie
 Offline
Activity: 33
Merit: 0
|
|
June 18, 2011, 04:30:48 PM
Last edit: June 18, 2011, 05:43:48 PM by xjosx |
|
MagicalTux,
I'm getting the "Too many failure from your IP, temporarly blocked" error when I try to login to the site. I've reset my router, and have successfully logged in, then immediately to a few minutes later, I get logged out. After trying to login again, I receive the above error message. I don't have a keylogger on my system (running OS X), and I even open the Mt. Gox site in a new browser, to prevent any CSRF exploit. My password is over 25 characters long, including symbols + numbers, and isn't a dictionary word or contain dictionary words.
What can I do to use my account as usual? I can PM you my username if it'll help.
Thanks.
|
|
|
|
|
|
|
|
Man From The Future
|
|
June 18, 2011, 05:35:34 PM |
|
If I knew a site was using encryption, I wouldn't use it. Why use something reversible by the owners/anyone who gets access to the server... (Since if they have DB, they probably now have the key). |
|
|
|
TheColdOne
Newbie
Offline
Activity: 28
Merit: 0
|
|
June 18, 2011, 07:18:19 PM |
|
I think my account might have been compromised. I successfully logged into my account at least 3 times today. I added some bitcoins. Then when I attempted to login to trade those bitcoins, I was unable to login. Also when I went to recover/reset my password it said that there was no email account attached to my account when I know there is. I don't know if money has been stolen yet but it seems likely that my account was compromised. My ticket is #1836
|
|
|
|
|
diven
Newbie
Offline
Activity: 14
Merit: 0
|
|
June 18, 2011, 08:46:59 PM |
|
All my coins were stolen, I immediately filed a ticket (two days ago) and was assigned #1407. I would appreciate a reply.
|
|
|
|
|
casascius
Mike Caldwell
VIP
Legendary
Offline
Activity: 1386
Merit: 1136
The Casascius 1oz 10BTC Silver Round (w/ Gold B)
|
|
June 18, 2011, 09:17:18 PM |
|
What would be nice is if we could optionally restrict the account with a PGP key, so that functions like withdrawals (or at least setting the withdrawal address) had to be signed.
|
Companies claiming they got hacked and lost your coins sounds like fraud so perfect it could be called fashionable. I never believe them. If I ever experience the misfortune of a real intrusion, I declare I have been honest about the way I have managed the keys in Casascius Coins. I maintain no ability to recover or reproduce the keys, not even under limitless duress or total intrusion. Remember that trusting strangers with your coins without any recourse is, as a matter of principle, not a best practice. Don't keep coins online. Use paper or hardware wallets instead.
|
|
|
|
joepie91
|
|
June 18, 2011, 09:19:12 PM |
|
Again, two factor auth using email would be incredibly easy to implement, and a huge improvement in security - mostly because you can't get around that by having database access through a vulnerability.
|
Like my post(s)? 12TSXLa5Tu6ag4PNYCwKKSiZsaSCpAjzpu  I just can't wait for fall/winter. My furnace never generated money for me before. I'll keep mining until my furnace is more profitable.
|
|
|
Benjie
Member
Offline
Activity: 82
Merit: 10
|
|
June 18, 2011, 10:20:59 PM
Last edit: June 18, 2011, 11:23:25 PM by Benjie |
|
I dont keep money in my Mt.gox account, but an hour ago i wanted to exchange some btc and i sent in 7 to my mtgox account..
Now I came back to my pc and I cant access my account try to reset password says no email in account file..... wtf
I am sure i regg'ed using an email............Please help me asap 7 coins is like 15 days mining to me
my ticket #1862
|
|
|
|
|
Benjie
Member
Offline
Activity: 82
Merit: 10
|
|
June 18, 2011, 10:37:38 PM |
|
Avira just finished scanning my pc, nothing was found...also I only use this password for mtgox....
|
|
|
|
|
|
REF
|
|
June 18, 2011, 10:49:47 PM |
|
I think some of you guys are starting to make up stories now..... Mt. Gox is not going to give you any funds back so if your pretending you were hacked to get some BTC forget about it. Mt. Gox is only going to help you track where the funds get moved to.
|
|
|
|
|
padrino
Legendary
Offline
Activity: 1428
Merit: 1000
https://www.bitworks.io
|
|
June 18, 2011, 11:02:54 PM |
|
I think some of you guys are starting to make up stories now..... Mt. Gox is not going to give you any funds back so if your pretending you were hacked to get some BTC forget about it. Mt. Gox is only going to help you track where the funds get moved to.
It's hard to tell either way however you are right that I wouldn't expect Mt. Gox to give them back. With teh volume of users and trading if .001% of people had an issue I expect we would see more then the posts we have seen thus far. There is enough money going around for people to focus effort on exploting accounts. With that said they are providing a financial service and although not regulated I expect there will be a lawsuit sometime soon because for the type of service offered it's fairly obvious adequate authentication is not enforced and yes there is some precedent for that. |
|
|
|
Benjie
Member
Offline
Activity: 82
Merit: 10
|
|
June 18, 2011, 11:21:17 PM |
|
I think my account might have been compromised. I successfully logged into my account at least 3 times today. I added some bitcoins. Then when I attempted to login to trade those bitcoins, I was unable to login. Also when I went to recover/reset my password it said that there was no email account attached to my account when I know there is. I don't know if money has been stolen yet but it seems likely that my account was compromised. My ticket is #1836
This is what happened to me exactly, please tell me what did mt.gox tell you... I sent an email to them but didnt get a case number.. |
|
|
|
|
MagicalTux (OP)
VIP
Hero Member
Offline
Activity: 608
Merit: 501
-
|
|
June 19, 2011, 01:30:53 AM |
|
Ok so:
#1407: Confirmed hacked on june 16th, investigation in progress
#1836: Investigation in progress, no lost coins
#1862: Investigation in progress, no lost coins
|
|
|
|
|
Benjie
Member
Offline
Activity: 82
Merit: 10
|
|
June 19, 2011, 01:33:05 AM |
|
Ok so:
#1407: Confirmed hacked on june 16th, investigation in progress
#1836: Investigation in progress, no lost coins
#1862: Investigation in progress, no lost coins
please tell me was my password changed  or what EDIT: Just received this email : Mark Karpeles, Jun-19 10:25 (JST): Hi, We have confirmed the bitcoins you have added to your account were stolen, and your account has been automatically blocked. Could you tell me where you got those bitcoins from? Thanks, Mark MtGox.com Team. So the owner of the site says no coins lost, and customer support says your coins are lost ?Whom do I believe ?? |
|
|
|
|
Twiddle
Newbie
Offline
Activity: 11
Merit: 0
|
|
June 19, 2011, 02:02:06 AM |
|
So the owner of the site says no coins lost, and customer support says your coins are lost ?Whom do I believe ?? I wouldn't worry about this at all. Mark Karpeles and MagicalTux often contradict themselves. For example, Mark has just confirmed to us that a few accounts were hacked into. However, MagicalTux reassured us yesterday that the CSRF exploits "were never used," even though there was an obvious corresponding increase in reports of coins being stolen via Mt. Gox. |
|
|
|
|
Benjie
Member
Offline
Activity: 82
Merit: 10
|
|
June 19, 2011, 02:06:22 AM |
|
Account was reinstated turns out one of my players in Triple Trouble, sent money from the 25k stolen coins....
|
|
|
|
|
Twiddle
Newbie
Offline
Activity: 11
Merit: 0
|
|
June 19, 2011, 02:08:31 AM |
|
Account was reinstated turns out one of my players in Triple Trouble, sent money from the 25k stolen coins....
So did you get to keep your coins? Or were they repossessed by Mt. Gox? |
|
|
|
|
Benjie
Member
Offline
Activity: 82
Merit: 10
|
|
June 19, 2011, 02:13:22 AM |
|
Account was reinstated turns out one of my players in Triple Trouble, sent money from the 25k stolen coins....
So did you get to keep your coins? Or were they repossessed by Mt. Gox? only 0.16 were fraudulent |
|
|
|
|
MagicalTux (OP)
VIP
Hero Member
Offline
Activity: 608
Merit: 501
-
|
|
June 19, 2011, 02:13:32 AM |
|
So the owner of the site says no coins lost, and customer support says your coins are lost ?Whom do I believe ?? I wouldn't worry about this at all. Mark Karpeles and MagicalTux often contradict themselves. For example, Mark has just confirmed to us that a few accounts were hacked into. However, MagicalTux reassured us yesterday that the CSRF exploits "were never used," even though there was an obvious corresponding increase in reports of coins being stolen via Mt. Gox. The coins stolen from Mt.Gox were not stolen using any CSRF exploit. |
|
|
|
|
|
