mtgox account compromised minutes after requesting dwolla dep/with ability

[donkeybozo]

Yesturday my mtgox account was finally verified and i had cash in the account. After my account was verified I requested to make deposit withdrawl using Dwolla possible in the future. and the system needed to verify that. Minutes after the system verified Dwolla someone purchased bitcoins with my cash and then transferred the btc to a outside address.

[2x0ninja]

Your computer is probably compromised. Not sure what you can do to get your money back.

Burn yourself a live CD (like ubuntu) and change your password from that. Then you'll probably want to backup your files (non executable only), reformat and reinstall your main OS. REFORMAT, DON'T JUST REINSTALL WINDOWS THAT MIGHT LEAVE FILES THAT COULD REINFECT YOU.
I'd recommend using a sandbox program for running downloaded files and your web browser. Sandboxie is my favorite and, last I checked, the most secure. It has a 30 day trail, but when it expires there's just a 5 sec nag screen and you still get full protection. There's also browser plugins that can help prevent you being hacked as well. Firefox with NoScript is a great start. Request Policy is another great one. Only allow sites you really trust, never allow things you just clicked on off of google. Also it's smart not to just google for porn or "free" downloads, find a few well established sites and stick to them.

[donkeybozo]

Only used my smartphone when I would log on to GOX

[dwolfman]

You sure it was Mt Gox account that was compromised?  Maybe Dwolla was compromised.

Did you use different passwords everywhere?

[donkeybozo]

Yes I did. I'm trying to understand the timing of the situation. Why would it happen minutes after I request deposit withdraw dwolla capability ?

[tHash]

It has to be a coincidence.   For future reference, the only safe thing to do is use two factor authentication.

[virtualfaqs]

Get a Yobe key.

[uuidman]

Only used my smartphone when I would log on to GOX

What OS, android or IOS ? Is the phone rooted or not ? How strong was the password used ?

[DeathAndTaxes]

You were using 2FA right?

Rhetorical questions as these events which happen on an almost daily basis never involve 2FA.  To any noob reading if you don't use 2FA you are one malware, 0-day java exploit, or phishing attack from losing your entire bitcoin savings in a split second.

[ProfMac]

You were using 2FA right?

Rhetorical questions as these events which happen on an almost daily basis never involve 2FA.  To any noob reading if you don't use 2FA you are one malware, 0-day java exploit, or phishing attack from losing your entire bitcoin savings in a split second.

Mt. Gox sent me a Yubikey.  They paid the entire cost, and it was about 3 days from the time I submitted my street address until the package was at the front door.

The guy who lost 60 BTC last week had a rooted android.

[coastermonger]

OP, most importantly were you using 2 factor authorization?