Bitcoin Forum
December 07, 2016, 12:32:58 PM *
News: Latest stable version of Bitcoin Core: 0.13.1  [Torrent].
 
   Home   Help Search Donate Login Register  
Pages: « 1 2 3 [4] 5 »  All
  Print  
Author Topic: MtGox UPDATE  (Read 22786 times)
mizerydearia
Hero Member
*****
Offline Offline

Activity: 574



View Profile
June 20, 2011, 12:12:33 AM
 #61

Also come chat in #bitcoin-onlyonetv on Freenode IRC network.  If you don't have an IRC client, visit http://webchat.freenode.net


MTGOX BREAKING NEWS

We will do one hour with the TradeHill guys LIVE via Skype.... at 9pm to 10pm ET tonight.

Then, we will do one hour with the MtGox guys LIVE via telephone from Tokyo.... at 10pm to 11pm ET tonight.

Go to http://onlyonetv.com and click the "Watch Live" button now... and join in the Live Chatroom.

See All Time Zones here:  http://goo.gl/ZqQRq

1481113978
Hero Member
*
Offline Offline

Posts: 1481113978

View Profile Personal Message (Offline)

Ignore
1481113978
Reply with quote  #2

1481113978
Report to moderator
Goat says: "Bitcoin is NOT Illegal in Thailand. There is no law against Bitcoin in Thailand!"
Advertised sites are not endorsed by the Bitcoin Forum. They may be unsafe, untrustworthy, or illegal in your jurisdiction. Advertise here.
CharlieContent
Full Member
***
Offline Offline

Activity: 210


View Profile
June 20, 2011, 12:13:57 AM
 #62

And what about the users who had their accounts compromised in the past few weeks or so?

Many were trolls who lied, IMO.
A password hash does not allow you to login. The mysterious big account might have had a virus/key-logger on his PC.
I have had $200 vanish from my account. I have turned my PC upside down, including manual analysis and found no malware of any kind. I had a 20 character alphanumeric mixed case KeePass-generated random password. I was not a victim of the CSRF exploit as I could not reach the Mt. Gox site (thus wasn't logged in) at the moment the funds were stolen. Someone could easily break such a password by using a service like Amazon AWS - and it would actually pay off as you are trying to compromise accounts on a financial service that holds money. Not to mention that miners have hardware that is specifically suited for hashcracking.

Now tell me with a straight face that this was not related to the database leak.

Lol at a guy who is in LulzSec complaining on here about losing $200.

To be honest I think you have bigger things to worry about than losing $200 Sven. You losing your money has given me much Lulz! I suppose you must approve of that! There will also be much Lulz when you are arrested by your local police force. Smiley

http://lulzsecexposed.blogspot.com/2011/06/joepie-doxed.html
Yes, because everything you read on the internet is absolutely and completely true. Do some research before you claim things. I am not a part of Lulzsec, and I'm not involved in what they do. If you had actually read a bit *more* than just one single blog, you would have found that the supposed "Lulzsec channel" was not actually a Lulzsec channel, and that the dox and/or information on that site are grossly inaccurate (Barrett Brown a part of Lulzsec? REALLY?)

Get a clue before you shout.

I've read more than that blog, and I realise the logs weren't from the LulzSec channel. However, the logs show you assisting them, no matter what channel it's from. The dox on there might be bullshit (other than yours) but the logs are genuine, regardless of the channel. You might not be in the main crew, but you're in deep with those fucks.

You're a disgusting little cunt and I'm glad you've got even a tiny portion of what's coming for you. Your buddy Sabu hit the FBI. Do you know what that means? He's going to get caught. As soon as they catch him, the American's are going to try and extradite you under RICO laws. You've been seen on IRC handling their money and the Blockchain will confirm this. Under RICO legislation, that's enough to make you complicit.

You better hope and pray that the Dutch government doesn't roll over and extradite you. Either way you've got a tough autumn and winter coming up. You've bitten off more than you can chew here, son. I'd be very, very scared if I was you.
blendergasket
Newbie
*
Offline Offline

Activity: 28


View Profile
June 20, 2011, 12:20:34 AM
 #63

got an alert from google, someone's been trying to log into my gmail acct.  That is on the MT.Gox database.

My gmail pass was different, and I have changed it.

this is a reminder to me to go around to all the sites and change the pw.

Same thing happened to me. I had a different PW from the PW that was on my MtGox site but I got that notification from Gmail. Maybe that was a notifications that people were trying to brute force it or test it against the ones they'd cracked in that list or something? This is just a total guess but I definitely had the same situ that you had.

trippp
Jr. Member
*
Offline Offline

Activity: 47


View Profile
June 20, 2011, 12:40:06 AM
 #64

It's now approximately 20 minutes until Mt. Gox is supposed to resume service. Will this happen in time, or will it be delayed further?
TheSeven
Hero Member
*****
Offline Offline

Activity: 504


FPGA Mining LLC


View Profile WWW
June 20, 2011, 12:53:33 AM
 #65

got an alert from google, someone's been trying to log into my gmail acct.  That is on the MT.Gox database.

My gmail pass was different, and I have changed it.

this is a reminder to me to go around to all the sites and change the pw.

Same thing happened to me. I had a different PW from the PW that was on my MtGox site but I got that notification from Gmail. Maybe that was a notifications that people were trying to brute force it or test it against the ones they'd cracked in that list or something? This is just a total guess but I definitely had the same situ that you had.

According to what I read in #bitcoin-dev, someone from the community who's working at Google got hold of the dump and flagged all the gmail addresses he could find as possibly compromised for safety reasons. So while this is probably nothing to worry about if you didn't use your Mt. Gox password anywhere else, you should immediately change it if you did.

My tip jar: 13kwqR7B4WcSAJCYJH1eXQcxG5vVUwKAqY
joepie91
Sr. Member
****
Offline Offline

Activity: 294


View Profile
June 20, 2011, 01:34:40 AM
 #66

And what about the users who had their accounts compromised in the past few weeks or so?

Many were trolls who lied, IMO.
A password hash does not allow you to login. The mysterious big account might have had a virus/key-logger on his PC.
I have had $200 vanish from my account. I have turned my PC upside down, including manual analysis and found no malware of any kind. I had a 20 character alphanumeric mixed case KeePass-generated random password. I was not a victim of the CSRF exploit as I could not reach the Mt. Gox site (thus wasn't logged in) at the moment the funds were stolen. Someone could easily break such a password by using a service like Amazon AWS - and it would actually pay off as you are trying to compromise accounts on a financial service that holds money. Not to mention that miners have hardware that is specifically suited for hashcracking.

Now tell me with a straight face that this was not related to the database leak.

Lol at a guy who is in LulzSec complaining on here about losing $200.

To be honest I think you have bigger things to worry about than losing $200 Sven. You losing your money has given me much Lulz! I suppose you must approve of that! There will also be much Lulz when you are arrested by your local police force. Smiley

http://lulzsecexposed.blogspot.com/2011/06/joepie-doxed.html
Yes, because everything you read on the internet is absolutely and completely true. Do some research before you claim things. I am not a part of Lulzsec, and I'm not involved in what they do. If you had actually read a bit *more* than just one single blog, you would have found that the supposed "Lulzsec channel" was not actually a Lulzsec channel, and that the dox and/or information on that site are grossly inaccurate (Barrett Brown a part of Lulzsec? REALLY?)

Get a clue before you shout.

I've read more than that blog, and I realise the logs weren't from the LulzSec channel. However, the logs show you assisting them, no matter what channel it's from. The dox on there might be bullshit (other than yours) but the logs are genuine, regardless of the channel. You might not be in the main crew, but you're in deep with those fucks.

You're a disgusting little cunt and I'm glad you've got even a tiny portion of what's coming for you. Your buddy Sabu hit the FBI. Do you know what that means? He's going to get caught. As soon as they catch him, the American's are going to try and extradite you under RICO laws. You've been seen on IRC handling their money and the Blockchain will confirm this. Under RICO legislation, that's enough to make you complicit.

You better hope and pray that the Dutch government doesn't roll over and extradite you. Either way you've got a tough autumn and winter coming up. You've bitten off more than you can chew here, son. I'd be very, very scared if I was you.
Assuming, assuming, and more assuming. It would be nice if you kept assumptions, personal attacks, insults, and fearmongering (oh, how original) off these threads, and actually focus on doing something constructive.

Like my post(s)? 12TSXLa5Tu6ag4PNYCwKKSiZsaSCpAjzpu Smiley
Quote from: hawks5999
I just can't wait for fall/winter. My furnace never generated money for me before. I'll keep mining until my furnace is more profitable.
pinjas
Newbie
*
Offline Offline

Activity: 28


View Profile
June 20, 2011, 01:43:33 AM
 #67

got an alert from google, someone's been trying to log into my gmail acct.  That is on the MT.Gox database.

My gmail pass was different, and I have changed it.

this is a reminder to me to go around to all the sites and change the pw.

Same thing happened to me. I had a different PW from the PW that was on my MtGox site but I got that notification from Gmail. Maybe that was a notifications that people were trying to brute force it or test it against the ones they'd cracked in that list or something? This is just a total guess but I definitely had the same situ that you had.

According to what I read in #bitcoin-dev, someone from the community who's working at Google got hold of the dump and flagged all the gmail addresses he could find as possibly compromised for safety reasons. So while this is probably nothing to worry about if you didn't use your Mt. Gox password anywhere else, you should immediately change it if you did.

Bravo to gmail if that is the case.  Luckily I use different passwords for everything important and several different ones for things unimportant.  However, I was still greeted with a 'change your password due to suspicious activity' when logging into gmail.
Bazil
Full Member
***
Offline Offline

Activity: 126


View Profile
June 20, 2011, 02:01:31 AM
 #68

I know people are mad they won't get to keep the 10k bitcoins they bought at 10c a piece, but you have to keep in mind you bought STOLEN bitcoins.  They aren't your's anyway, they were owned by who ever the schmo was with 500k bitcoinns.  He is the one who lost in all of this technically, if anyone withdrew bitcoins after buying them that guy was the one losing them.  We should be happy that mtgox is willing to roll everything back and take a hit on the bitcoins that were stolen.

17Bo9a6YpXN2SbwY8mXLCD43Wup9ZE4rwm
dust
Hero Member
*****
Offline Offline

Activity: 840



View Profile WWW
June 20, 2011, 02:02:44 AM
 #69

I know people are mad they won't get to keep the 10k bitcoins they bought at 10c a piece, but you have to keep in mind you bought STOLEN bitcoins.  They aren't your's anyway, they were owned by who ever the schmo was with 500k bitcoinns.  He is the one who lost in all of this technically, if anyone withdrew bitcoins after buying them that guy was the one losing them.  We should be happy that mtgox is willing to roll everything back and take a hit on the bitcoins that were stolen.
+1

Cryptocoin Mining Info | OTC | PGP | Twitter | freenode: dust-otc | BTC: 1F6fV4U2xnpAuKtmQD6BWpK3EuRosKzF8U
unk
Member
**
Offline Offline

Activity: 84


View Profile
June 20, 2011, 02:07:06 AM
 #70

I know people are mad they won't get to keep the 10k bitcoins they bought at 10c a piece, but you have to keep in mind you bought STOLEN bitcoins.  They aren't your's anyway, they were owned by who ever the schmo was with 500k bitcoinns.  He is the one who lost in all of this technically, if anyone withdrew bitcoins after buying them that guy was the one losing them.  We should be happy that mtgox is willing to roll everything back and take a hit on the bitcoins that were stolen.

there is almost no case in the 'real world' where someone who unknowingly obtains 'stolen' currency in a trade is forced to repay it.

this is true even in legal jurisdictions where unknowingly receiving stolen goods can sustain an action by the original owner to recover the goods.

would a 'rollback' even be considered here if the amount were 500 btc rather than something that had a noticeable effect on the market? or if someone stole us dollars and used them to purchase bitcoins? reversing trades will, in practice, simply help mt. gox selfishly (and the handful of accounts affected by either the owner's negligence or mt. gox's). perhaps breaking trades is meant, in a misguided way, to try to shore up the exchange rate of bitcoins, but that won't work, and it's not a typical or easily justifiable response to currency theft. based on what is being reported, the exchange worked perfectly; mt. gox failed as a broker or a fiduciary holder of accounts, not as an exchange. if the two entities (the broker side and the exchange side) were separate, breaking trades wouldn't even be a possibility.
jatajuta
Sr. Member
****
Offline Offline

Activity: 365



View Profile
June 20, 2011, 02:08:18 AM
 #71

I know people are mad they won't get to keep the 10k bitcoins they bought at 10c a piece, but you have to keep in mind you bought STOLEN bitcoins.  They aren't your's anyway, they were owned by who ever the schmo was with 500k bitcoinns.  He is the one who lost in all of this technically, if anyone withdrew bitcoins after buying them that guy was the one losing them.  We should be happy that mtgox is willing to roll everything back and take a hit on the bitcoins that were stolen.

+1
Babylon
Sr. Member
****
Offline Offline

Activity: 336



View Profile
June 20, 2011, 02:18:53 AM
 #72

Emailed issued few minutes ago from the mt.gox

Dear Sir or Madam,


A few hours ago the Bitcoin trading website Mt Gox has been hacked. Malicious individuals have been able to obtain a database containing usernames, email address and encrypted passwords. This information has been posted publicly on the internet.

As a Bitcoin supporter I'm now sending a message to every email address contained in the hacked database. This is to warn you that your username, email address and password have been leaked. I therefore strongly advice you to change your passwords. If you have used the same password on different websites it's highly recommended to change your password on all of your accounts!

For a more secure alternative to Mt Gox, the community appears to be moving to TradeHill. So this is no reason to lose faith in Bitcoin itself. It must be seen as a warning that not every website can be trusted with your data however! Their link is http://www.tradehill.com/?r=TH-R15683 (Note: You can remove the Referral Code when registering if you want!) This is certainly not the only website where you can exchange Bitcoins, also check out http://www.thebitcoinlist.com/dp_bitcoin/bitcoin-exchange/


Sincerely,

A Bitcoin supporter
1CWSjov2N7ix41bZ8bJfHXkdLLbkUsG9Y7

I got that like 10 times.

pokermon919
Member
**
Offline Offline

Activity: 84


View Profile
June 20, 2011, 02:23:08 AM
 #73

Emailed issued few minutes ago from the mt.gox

Dear Sir or Madam,


A few hours ago the Bitcoin trading website Mt Gox has been hacked. Malicious individuals have been able to obtain a database containing usernames, email address and encrypted passwords. This information has been posted publicly on the internet.

As a Bitcoin supporter I'm now sending a message to every email address contained in the hacked database. This is to warn you that your username, email address and password have been leaked. I therefore strongly advice you to change your passwords. If you have used the same password on different websites it's highly recommended to change your password on all of your accounts!

For a more secure alternative to Mt Gox, the community appears to be moving to TradeHill. So this is no reason to lose faith in Bitcoin itself. It must be seen as a warning that not every website can be trusted with your data however! Their link is http://www.tradehill.com/?r=TH-R15683 (Note: You can remove the Referral Code when registering if you want!) This is certainly not the only website where you can exchange Bitcoins, also check out http://www.thebitcoinlist.com/dp_bitcoin/bitcoin-exchange/


Sincerely,

A Bitcoin supporter
1CWSjov2N7ix41bZ8bJfHXkdLLbkUsG9Y7

I got that like 10 times.

Spammer that everyone is talking about since the Mt. Gox fail
TheSeven
Hero Member
*****
Offline Offline

Activity: 504


FPGA Mining LLC


View Profile WWW
June 20, 2011, 02:36:04 AM
 #74

Spammer that everyone is talking about since the Mt. Gox fail
He even got bitcoins for that: http://blockexplorer.com/address/1CWSjov2N7ix41bZ8bJfHXkdLLbkUsG9Y7  Undecided

My tip jar: 13kwqR7B4WcSAJCYJH1eXQcxG5vVUwKAqY
grndzero
Sr. Member
****
Offline Offline

Activity: 392


View Profile
June 20, 2011, 04:22:36 AM
 #75

yeah they got into my email just few minutes ago and then i found new email from mtgox they are still hacking the site.
so DONT TRUST MTGOX they took your info and if you have same mail and same password on Dwolla change it RIGHT NOW OOOH MTGOX!!! Liability i can see if going up higher and higher by the hour.



If they got into your mail that mean you violated the #1 rule of online security by using the same password on multiple sites. You should REALLY examine your own security policies before telling everyone how much of a liability Mt Gox is.

Ubuntu Desktop x64 -  HD5850 Reference - 400Mh/s w/ cgminer  @ 975C/325M/1.175V - 11.6/2.1 SDK
Donate if you find this helpful: 1NimouHg2acbXNfMt5waJ7ohKs2TtYHePy
Epinnoia
Full Member
***
Offline Offline

Activity: 207


View Profile
June 20, 2011, 04:34:03 AM
 #76

What use is an audit performed by unnamed entities?

My first miner -> ATI 4550 (7.2 Mh/sec): 
https://www.facebook.com/groups/cryptospeculators/
realnowhereman
Hero Member
*****
Offline Offline

Activity: 504



View Profile
June 20, 2011, 09:10:09 AM
 #77

I have no problem with the rollback.  Mt.Gox can't reasonably do anything else.

To those who moan about that, here's a question: if your trade was so brilliant, you can post it again and someone will accept it again, yes?  No, of course they won't.  No one would willingly have sold you 10,000 BTC for a penny.  The fact that you are moaning means that you know it wasn't a willing trade (and all free markets should be based on trades where both parties walk away happy).  Trading with someone who didn't want to trade is not a market, it's a robbery.

I'm posting though with reference to the original poster's message: questions.

  • When the site is restored will bids/asks that were pending before the hack be recreated?  That seems wrong to me.  The orderbook should be set to blank and we can all work from where we are now, rather than scrambling to undo what was.  Traders can easily add back whatever orders they think appropriate.
  • When the site is restored will trading be restored instantly?  I think that that would be unwise.  First start the site up.  Give us all time to log in, check our balances and transfer in and out anything we might wish.  Then unsuspend trading.  A day of suspended market would probably be enough.  It would also give people time to enter their bids and asks without anything happening at first.  A new equilibrium would sit ready for when the market goes live again.
  • I happen not to have an email set for my account on Mt.Gox; but I do have a secure password.  There have been conflicting reports: are all accounts going to be disabled or just accounts with insecure passwords?  What will be the procedure for those of us in this position to regain access to our accounts?  Will this be done in a timely manner, or will we have to watch in despair as the market moves and we have no access?
  • Someone should be working now on a disaster recovery plan.  You should publish that on the Mt.Gox site.  We should all already have known what would happen when something like this happens.  Suspension, shutdown, rollback, restart.  Information avoids panic.

1AAZ4xBHbiCr96nsZJ8jtPkSzsg1CqhwDa
LeFBI
Member
**
Offline Offline

Activity: 98



View Profile
June 20, 2011, 11:20:33 AM
 #78

@jed / MagicalTux

could you please give an official statement on how you will deal with accounts that do not have an email address?

your support site says:
Quote from: support.mtgox.com
When Mt.Gox comes back online, we will be putting all users through a new security measure to authenticate the users. This will be a mix of matching the last IP address that accessed the account, verifying their email address, account name and old password. Users will then be prompted to enter in a new strong password.

i didn't sign up with an email address, will my coins be forever alone in your wallet? :-/
jed
Full Member
***
Offline Offline

Activity: 165

Jed McCaleb


View Profile WWW
June 20, 2011, 12:17:09 PM
 #79

LeFBI: No just email support once the site comes back online. They will walk you through how to recover your password.

stellar.org   |    twitter
Timo Y
Legendary
*
Offline Offline

Activity: 938


bitcoin - the aerogel of money


View Profile
June 20, 2011, 01:06:59 PM
 #80

Everyone's bitcoins are safe on the site. We still are holding all the coins safely in reserve. The vast majority of the coins are stored offline so they are impossible to compromise.

Could you please prove this by signing this message with the private keys from the wallets in question, in order to shut up the conspiracists?

GPG ID: FA868D77   bitcoin-otc:forever-d
Pages: « 1 2 3 [4] 5 »  All
  Print  
 
Jump to:  

Sponsored by , a Bitcoin-accepting VPN.
Powered by MySQL Powered by PHP Powered by SMF 1.1.19 | SMF © 2006-2009, Simple Machines Valid XHTML 1.0! Valid CSS!