Bitcoin Forum
August 30, 2016, 03:11:22 AM *
News: Latest stable version of Bitcoin Core: 0.13.0 (New!) [Torrent]. Make sure you verify it.
 
   Home   Help Search Donate Login Register  
Pages: [1] 2 3 4 5 »  All
  Print  
Author Topic: MtGox UPDATE  (Read 22348 times)
jed
Full Member
***
Offline Offline

Activity: 161

Jed McCaleb


View Profile WWW
June 19, 2011, 09:10:29 PM
 #1

Hello everyone, MagicalTux is busy getting everything back in order on mtgox so he asked me to post here and answer any questions people have.

First, only a small amount of BTC was stolen. MtGox will refund the stolen BTC to the compromised user.

Everyone's bitcoins are safe on the site. We still are holding all the coins safely in reserve. The vast majority of the coins are stored offline so they are impossible to compromise.

He understands the rollback won't be popular with people who were able to pick up coins for .10 or whatever but none of those trades were legitimate so mtgox has a legal obligation to reverse the trades.

I'm sure when you think about it you don't actually want to buy stolen coins and take advantage of the situation.

Things have been very hectic with mtgox since MagicalTux took over. He has simultaneously been trying to fend off persistent ddos attacks, hire more staff, deal with the huge increase in users, improve the code to support the much larger trade volume, ensure regulatory compliance and deal with various security issues. Obviously things haven't gone as smoothly as we would like but we can see the light at the end of the tunnel with more people being hired and the backend changes done. MtGox will hopefully be able to regain your trust in the coming weeks.

The site should be up again shortly. I'm asking him to clear all the standing orders.

Please post any questions you have here and I'll do my best to answer.




stellar.org   |    twitter
1472526682
Hero Member
*
Offline Offline

Posts: 1472526682

View Profile Personal Message (Offline)

Ignore
1472526682
Reply with quote  #2

1472526682
Report to moderator
Coin bet 24 .com CASINO Live dealers Jackpot slots Blackjack mBTC 500 BONUS NOW!
Advertised sites are not endorsed by the Bitcoin Forum. They may be unsafe, untrustworthy, or illegal in your jurisdiction. Advertise here.
1472526682
Hero Member
*
Offline Offline

Posts: 1472526682

View Profile Personal Message (Offline)

Ignore
1472526682
Reply with quote  #2

1472526682
Report to moderator
paulie_w
Sr. Member
****
Offline Offline

Activity: 420


View Profile
June 19, 2011, 09:13:00 PM
 #2

i really don't think you can call them 'stolen coins' with a straight face. what's done is done, and it's on your shoulders to fix it, NOT by denying people with legitimate bids their feast.
done
Jr. Member
*
Offline Offline

Activity: 56


View Profile
June 19, 2011, 09:13:41 PM
 #3

excellent lets keep the updates rolling in
hiVe
Member
**
Offline Offline

Activity: 102


View Profile
June 19, 2011, 09:14:15 PM
 #4

Thank you [MT and Jed] for the information.
BioMike
Legendary
*
Offline Offline

Activity: 1204


View Profile
June 19, 2011, 09:14:57 PM
 #5

How was the list with accounts stolen? Was this through a SQL injection?

How will resetting of passwords be arranged?
klaus
Legendary
*
Offline Offline

Activity: 1554



View Profile
June 19, 2011, 09:16:07 PM
 #6

++1

fine with it.

MtGox is doing good job !!

bitmessage:BM-2D9c1oAbkVo96zDhTZ2jV6RXzQ9VG3A6f1​
threema:HXUAMT96
MyFarm
Hero Member
*****
Offline Offline

Activity: 770


View Profile
June 19, 2011, 09:18:14 PM
 #7

Considering there is a database dump with my mt gox information making its way around the internet, it's obvious your security has been compromised.  I would assume that you're going to do a FULL security and code audit to make sure there aren't further exploits or backdoors placed on your system.  As these audits take awhile, I also assume that you're not going to be back online anytime soon.

Or do I assume wrong?
DamienBlack
Jr. Member
*
Offline Offline

Activity: 56


View Profile
June 19, 2011, 09:18:39 PM
 #8

The rollback is inevitable, and the right thing to do. If it were just a system glitch or a typo, would you still say "what's done is done"? These weren't real trades. Sorry if you don't get to keep 10,000 bitcoins bought at $.10. I'd be pissed too, but there is not an alternative.

I trade bitcoin options at https://bitoption.org/ ... Join me.
I play poker at https://betco.in/ ... Join me.
Support the bitcoin economy, what do you do?
Tips: 1NfXhiTFEdKQTdLy49s6DYAP1K7MeFWyao
dikidera
Full Member
***
Offline Offline

Activity: 126


View Profile
June 19, 2011, 09:22:20 PM
 #9

Hello everyone, MagicalTux is busy getting everything back in order on mtgox so he asked me to post here and answer any questions people have.

First, only a small amount of BTC was stolen. MtGox will refund the stolen BTC to the compromised user.

Everyone's bitcoins are safe on the site. We still are holding all the coins safely in reserve. The vast majority of the coins are stored offline so they are impossible to compromise.

He understands the rollback won't be popular with people who were able to pick up coins for .10 or whatever but none of those trades were legitimate so mtgox has a legal obligation to reverse the trades.

I'm sure when you think about it you don't actually want to buy stolen coins and take advantage of the situation.

Things have been very hectic with mtgox since MagicalTux took over. He has simultaneously been trying to fend off persistent ddos attacks, hire more staff, deal with the huge increase in users, improve the code to support the much larger trade volume, permit SQL injection to compromise security, ensure regulatory compliance and deal with various security issues. Obviously things haven't gone as smoothly as we would like but we can see the light at the end of the tunnel with more people being hired and the backend changes done. MtGox will hopefully be able to regain your trust in the coming weeks.

The site should be up again shortly. I'm asking him to clear all the standing orders.

Please post any questions you have here and I'll do my best to answer.
Fix'd
FairUser
Sr. Member
****
Offline Offline

Activity: 261


View Profile WWW
June 19, 2011, 09:23:19 PM
 #10

I think this post was long overdue.  People have been reporting for over a week now that they've been getting hacked on MtGox, and then this happened.  Every account, every e-mail, every (hashed) password. What's sad is that it's taken this long to post about it.  Lots of people have been reporting this and it seems to fall on deaf ears.   They have a whole thread about MtGox accounts that got hacked, yet no word was said to try and calm users or ease concerns.

Sorry to be so hard on you guys, don't get me wrong I love(d) the service, but you NEED to talk with users and tell them what's going on when they report getting hacked, and that needs to happen ASAP...not a week later. I hope your actions or lack thereof don't affect your business when it re-opens....cause I have/had(not sure, can't login) bitcoins with you guys and was looking forward to the value working it's way back up to 20.

HOPEFULLY people will trust you guys after this.  A come back from this level of hack is hard, but I wish you guys the best.  
jhansen858
Sr. Member
****
Offline Offline

Activity: 336


View Profile
June 19, 2011, 09:23:29 PM
 #11

My question is:

how is the situation where people withdrew funds in between the massive selloff and the trading freeze going to addressed?

People who withdrew coins will have a rollback + a withdraw?

Hi forum: 1DDpiEt36VTJsiJunyBc3XtG6CcSAnsQ4p
paulie_w
Sr. Member
****
Offline Offline

Activity: 420


View Profile
June 19, 2011, 09:24:05 PM
 #12

The rollback is inevitable, and the right thing to do. If it were just a system glitch or a typo, would you still say "what's done is done"? These weren't real trades. Sorry if you don't get to keep 10,000 bitcoins bought at $.10. I'd be pissed too, but there is not an alternative.

grumble. i suppose you're right after all.

fuck it. good luck mtgox. :-)
klamathonsite
Full Member
***
Offline Offline

Activity: 154



View Profile WWW
June 19, 2011, 09:25:44 PM
 #13

This just goes to show the safest way to protect your coins are put them on usb key and keep them there until they are ready to sell and i would deffently think twice using mtgox for the service do the fact they have taken down access to our accounts and we have to take a 3rd parties advice to settle down and they they are safe btc or funds this is BULLSHIT with how much i have invested I DO NOT LIKE ANYONE keeping me from my investment. so for this day forward I look to start dealing with people direct and use like clearcoin for the transfer of coins that also cuts out the % mtgox takes. I am freaking pissed I cant trust they took enough security measures to protect us in the first freaking place then they should not have opened their online service.

I dont have to worry about banks not letting me have access to my accounts or funds do to a issue they could not have for-sen so for mtgox.com to pull that shit is a power play with OUR money. Im looking into attornys tomorrow to find out their responsibly
and loss of revenues.

this my opinion and the facts.
Tomorrow is a day of reckoning .
jed
Full Member
***
Offline Offline

Activity: 161

Jed McCaleb


View Profile WWW
June 19, 2011, 09:27:04 PM
 #14

> How will resetting of passwords be arranged?

All passwords will be disabled and you will have to reset your password with the email on file. If no email is on file then it will be handled manually.

> How was the list with accounts stolen? Was this through a SQL injection?

We are still investigating.

MyFarm:
Yes the site won't be back online until we are certain there are no other exploits.

stellar.org   |    twitter
qikaifu
Full Member
***
Offline Offline

Activity: 168


God creats math and math creats bitcoin.


View Profile
June 19, 2011, 09:28:50 PM
 #15

hope you will be fine after such disaster. It's a good lesson for you.

If you see any of my suggestions useful, please donate me. http://btc.to/ec
Houdini
Member
**
Offline Offline

Activity: 84



View Profile
June 19, 2011, 09:29:19 PM
 #16

That's all nice but the fact remains that thanks to you guys my username, e-mail and password are now out there for anyone to see...
jhansen858
Sr. Member
****
Offline Offline

Activity: 336


View Profile
June 19, 2011, 09:30:15 PM
 #17

@klamathonsite

whoa buddy, if you were investing in stocks, bonds, or other, you wouldn't be able to get your money out any faster.

I recommend you just chillax a tiny bit before you have a burst vessel in the brain.

Hi forum: 1DDpiEt36VTJsiJunyBc3XtG6CcSAnsQ4p
jed
Full Member
***
Offline Offline

Activity: 161

Jed McCaleb


View Profile WWW
June 19, 2011, 09:30:29 PM
 #18

> how is the situation where people withdrew funds in between the massive selloff and the trading freeze going to addressed?
Very few coins were withdrawn between selloff and when we took the site down. We will deal with it on a case by case basis.




stellar.org   |    twitter
qikaifu
Full Member
***
Offline Offline

Activity: 168


God creats math and math creats bitcoin.


View Profile
June 19, 2011, 09:32:26 PM
 #19

I think this post was long overdue.  People have been reporting for over a week now that they've been getting hacked on MtGox, and then this happened.  Every account, every e-mail, every (hashed) password. What's sad is that it's taken this long to post about it.  Lots of people have been reporting this and it seems to fall on deaf ears.   They have a whole thread about MtGox accounts that got hacked, yet no word was said to try and calm users or ease concerns.

Sorry to be so hard on you guys, don't get me wrong I love(d) the service, but you NEED to talk with users and tell them what's going on when they report getting hacked, and that needs to happen ASAP...not a week later. I hope your actions or lack thereof don't affect your business when it re-opens....cause I have/had(not sure, can't login) bitcoins with you guys and was looking forward to the value working it's way back up to 20.

HOPEFULLY people will trust you guys after this.  A come back from this level of hack is hard, but I wish you guys the best.  


Hopefully more great entrepreneurs will join bitcoin world, replacing those guys who providing bitcoin service with a one-man company.

If you see any of my suggestions useful, please donate me. http://btc.to/ec
Findeton
Full Member
***
Offline Offline

Activity: 126


View Profile
June 19, 2011, 09:34:25 PM
 #20

Hi. I'm trying to login but it says "No user with email address -heremyemailaddress-". Should I worry?

Bitcoin Weekly, bitcoin analysis and commentary

14DD7MhRXuw3KDuyUuXvAsRcK4KXTT36XA
Pages: [1] 2 3 4 5 »  All
  Print  
 
Jump to:  

Sponsored by , a Bitcoin-accepting VPN.
Powered by MySQL Powered by PHP Powered by SMF 1.1.19 | SMF © 2006-2009, Simple Machines Valid XHTML 1.0! Valid CSS!