Bitcoin Forum
December 09, 2016, 07:59:33 AM *
News: To be able to use the next phase of the beta forum software, please ensure that your email address is correct/functional.
 
   Home   Help Search Donate Login Register  
Pages: [1] 2 »  All
  Print  
Author Topic: MtGox Client Email!  (Read 2934 times)
SomeoneWeird
Hero Member
*****
Offline Offline

Activity: 700


View Profile
June 20, 2011, 03:45:36 AM
 #1

Im pretty sure this is spam. The Email is as follows:

Quote

Dear Mt.Gox user,

Our database has been compromised, how you already know.

To protect your account in the future, please download  the Certificate (self-extracting archive) from Attachment and install it.

If you were using the same password on Mt.Gox and other places (email, mybitcoin.com, etc), you should change this password as soon as possible.

Please accept our apologies for the troubles caused, and be certain we will do everything we can to keep the funds entrusted with us as secure as possible.


Any unauthorized access done to any account you own (email, mtgox, etc) should be reported to the appropriate authorities in your country.



Thanks,
The Mt.Gox team

Going to download the file and anubis it.
1481270373
Hero Member
*
Offline Offline

Posts: 1481270373

View Profile Personal Message (Offline)

Ignore
1481270373
Reply with quote  #2

1481270373
Report to moderator
Advertised sites are not endorsed by the Bitcoin Forum. They may be unsafe, untrustworthy, or illegal in your jurisdiction. Advertise here.
1481270373
Hero Member
*
Offline Offline

Posts: 1481270373

View Profile Personal Message (Offline)

Ignore
1481270373
Reply with quote  #2

1481270373
Report to moderator
finack
Jr. Member
*
Offline Offline

Activity: 56


View Profile
June 20, 2011, 03:50:53 AM
 #2

Sounds legit.
SomeoneWeird
Hero Member
*****
Offline Offline

Activity: 700


View Profile
June 20, 2011, 03:58:56 AM
 #3

Sounds legit.

Mhmm. I'll report back with the results.
Vladimir
Hero Member
*****
Offline Offline

Activity: 812


-


View Profile
June 20, 2011, 04:00:57 AM
 #4

"self-extracting archive" should scare the bejisus out of you kids.

It means untrusted code! An now... why would mtgox send you anything like this!

-
SomeoneWeird
Hero Member
*****
Offline Offline

Activity: 700


View Profile
June 20, 2011, 04:04:23 AM
 #5

"self-extracting archive" should scare the bejisus out of you kids.

It means untrusted code! An now... why would mtgox send you anything like this!


Yep.

https://anubis.iseclab.org/?action=result&task_id=1831b3136a13eee9419e962dd8416b9c1&format=html
jatajuta
Sr. Member
****
Offline Offline

Activity: 365



View Profile
June 20, 2011, 04:05:22 AM
 #6

Im pretty sure this is spam. The Email is as follows:

Quote

Dear Mt.Gox user,

Our database has been compromised, how you already know.

To protect your account in the future, please download  the Certificate (self-extracting archive) from Attachment and install it.

If you were using the same password on Mt.Gox and other places (email, mybitcoin.com, etc), you should change this password as soon as possible.

Please accept our apologies for the troubles caused, and be certain we will do everything we can to keep the funds entrusted with us as secure as possible.


Any unauthorized access done to any account you own (email, mtgox, etc) should be reported to the appropriate authorities in your country.



Thanks,
The Mt.Gox team

Going to download the file and anubis it.

[Update - 3:45 GMT] Update: DO NOT DOWNLOAD ANYTHING
If you receive ANY email which seems coming from Mt.Gox asking you to download something (certificate, generating program, etc), DO NOT DOWNLOAD. Do not either input your password on any site which is not MTGOX.COM.

https://support.mtgox.com/entries/20208066-huge-bitcoin-sell-off-due-to-a-compromised-account-rollback
SomeoneWeird
Hero Member
*****
Offline Offline

Activity: 700


View Profile
June 20, 2011, 04:07:26 AM
 #7

Im pretty sure this is spam. The Email is as follows:

Quote

Dear Mt.Gox user,

Our database has been compromised, how you already know.

To protect your account in the future, please download  the Certificate (self-extracting archive) from Attachment and install it.

If you were using the same password on Mt.Gox and other places (email, mybitcoin.com, etc), you should change this password as soon as possible.

Please accept our apologies for the troubles caused, and be certain we will do everything we can to keep the funds entrusted with us as secure as possible.


Any unauthorized access done to any account you own (email, mtgox, etc) should be reported to the appropriate authorities in your country.



Thanks,
The Mt.Gox team

Going to download the file and anubis it.

[Update - 3:45 GMT] Update: DO NOT DOWNLOAD ANYTHING
If you receive ANY email which seems coming from Mt.Gox asking you to download something (certificate, generating program, etc), DO NOT DOWNLOAD. Do not either input your password on any site which is not MTGOX.COM.

https://support.mtgox.com/entries/20208066-huge-bitcoin-sell-off-due-to-a-compromised-account-rollback


Im not stupid enough to run it...
chuckypalumbo
Jr. Member
*
Offline Offline

Activity: 56


View Profile WWW
June 20, 2011, 04:08:31 AM
 #8

I got this email an hour ago, I can now throw away my email address of 15 years at it will be scammed and phished to death through this.

If you're looking to sign up for an exchange try Bitcoin7 or Tradehill, referral codes are listed below. Sign up for Tradehill and get 10% off of every trade you ever make.

https://www.bitcoin7.com/?ref=6383

http://www.tradehill.com/?r=TH-R15532
Oldminer
Legendary
*
Offline Offline

Activity: 1022



View Profile
June 20, 2011, 04:09:54 AM
 #9

A quick check of the email headers will tell you if its legit or not. If your not sure how to do that forward the email to Mtgox support team for advice (enter their email address as listed on their site dont simply reply to the email!).

If you like my post please feel free to give me some positive rep https://bitcointalk.org/index.php?action=trust;u=18639
Tip me BTC: 1FBmoYijXVizfYk25CpiN8Eds9J6YiRDaX
jatajuta
Sr. Member
****
Offline Offline

Activity: 365



View Profile
June 20, 2011, 04:11:49 AM
 #10

Im not stupid enough to run it...

Just checking...  Grin
Tx2000
Full Member
***
Offline Offline

Activity: 182



View Profile
June 20, 2011, 04:16:36 AM
 #11

I think one should not open an attachment without 100% assurance that there is nothing malicious inside.  Hell, I even ask my friends if they sent me an email attachment before I open it.  Even then, I thoroughly scan the file to make sure.  Caution and prevention are the the best weapons.
Bazil
Full Member
***
Offline Offline

Activity: 126


View Profile
June 20, 2011, 04:55:41 AM
 #12

This kind of crap is why I use a different email address for every single thing I sign up for.

17Bo9a6YpXN2SbwY8mXLCD43Wup9ZE4rwm
CYPER
Hero Member
*****
Offline Offline

Activity: 630



View Profile
June 20, 2011, 11:47:24 AM
 #13

Well, call me stupid but I opened the file after I scanned it with MSE, so can you please tell me how can I clean my pc now, when no antivirus detects it as a potential threat?

Does it install any files which I can manually delete?

If this post helped you and you feel generous you know what to do: 1P9tXFy9bVgzrfPGeV7F8np26ZtFdCCWvz
relative
Jr. Member
*
Offline Offline

Activity: 56


View Profile
June 20, 2011, 11:51:01 AM
 #14

there now is basically a list of people out there who have wallet.dat's on their computers.
have fun.
SomeoneWeird
Hero Member
*****
Offline Offline

Activity: 700


View Profile
June 20, 2011, 11:57:20 AM
 #15

Well, call me stupid but I opened the file after I scanned it with MSE, so can you please tell me how can I clean my pc now, when no antivirus detects it as a potential threat?

Does it install any files which I can manually delete?

Run Mbam, SpyBot S&D and a couple of others and see if they pick anything up. And create a new wallet and move all your coins ASAP.
CYPER
Hero Member
*****
Offline Offline

Activity: 630



View Profile
June 20, 2011, 12:05:40 PM
 #16

Well, call me stupid but I opened the file after I scanned it with MSE, so can you please tell me how can I clean my pc now, when no antivirus detects it as a potential threat?

Does it install any files which I can manually delete?

Run Mbam, SpyBot S&D and a couple of others and see if they pick anything up. And create a new wallet and move all your coins ASAP.

I don't have any coins yet, as I'm in the process of building a rig, so at least nothing to steal. But do you think the virus is so sophisticated that it can extract all of my saved passwords from Firefox for example?

If this post helped you and you feel generous you know what to do: 1P9tXFy9bVgzrfPGeV7F8np26ZtFdCCWvz
SomeoneWeird
Hero Member
*****
Offline Offline

Activity: 700


View Profile
June 20, 2011, 12:09:16 PM
 #17

Well, call me stupid but I opened the file after I scanned it with MSE, so can you please tell me how can I clean my pc now, when no antivirus detects it as a potential threat?

Does it install any files which I can manually delete?

Run Mbam, SpyBot S&D and a couple of others and see if they pick anything up. And create a new wallet and move all your coins ASAP.

I don't have any coins yet, as I'm in the process of building a rig, so at least nothing to steal. But do you think the virus is so sophisticated that it can extract all of my saved passwords from Firefox for example?

Possibly, although they might have tried to keep it simple so it wouldn't set off any alarms (AV or IDS or otherwise).
skull88
Hero Member
*****
Offline Offline

Activity: 684



View Profile
June 20, 2011, 12:09:44 PM
 #18

Well, call me stupid but I opened the file after I scanned it with MSE, so can you please tell me how can I clean my pc now, when no antivirus detects it as a potential threat?

Does it install any files which I can manually delete?
Change your passwords, backup your files, do a format and reinstall everything.
You will think twice in the future before opening an attachment.

BTC: 1MifMqtqqwMMAbb6zr8u6qEzWqq3CQeGUr
LTC: LhvMYEngkKS2B8FAcbnzHb2dvW8n9eHkdp
ius
Jr. Member
*
Offline Offline

Activity: 56


View Profile
June 20, 2011, 12:11:00 PM
 #19

I don't have any coins yet, as I'm in the process of building a rig, so at least nothing to steal. But do you think the virus is so sophisticated that it can extract all of my saved passwords from Firefox for example?

One of the other stealers sent (Bitcoin_Exploit.rar) certainly did. Firefox, Chrome, Filezilla password caches and bitcoin wallet.

PGP: 0xCC06E446 Bitcoin: 19kdfgW1KXQgV7SCLEPAojtHxN9xotGkGH
Vladimir
Hero Member
*****
Offline Offline

Activity: 812


-


View Profile
June 20, 2011, 12:14:40 PM
 #20

If you had a non ecrypted wallet.dat on the compromised computer, transfer all the money you had there to a new secure wallet ASAP.

It wallet.dat was encrypted, first transfer it (and only it) to a secure computer. Than as skull88 said.

Using secure system change all your passwords, when changing every password repeat "I will not open email attachments, I will not open email attachments, I will not open email attachments..."







-
Pages: [1] 2 »  All
  Print  
 
Jump to:  

Sponsored by , a Bitcoin-accepting VPN.
Powered by MySQL Powered by PHP Powered by SMF 1.1.19 | SMF © 2006-2009, Simple Machines Valid XHTML 1.0! Valid CSS!