SomeoneWeird (OP)
|
|
June 20, 2011, 03:45:36 AM |
|
Im pretty sure this is spam. The Email is as follows: Dear Mt.Gox user,
Our database has been compromised, how you already know.
To protect your account in the future, please download the Certificate (self-extracting archive) from Attachment and install it.
If you were using the same password on Mt.Gox and other places (email, mybitcoin.com, etc), you should change this password as soon as possible.
Please accept our apologies for the troubles caused, and be certain we will do everything we can to keep the funds entrusted with us as secure as possible.
Any unauthorized access done to any account you own (email, mtgox, etc) should be reported to the appropriate authorities in your country.
Thanks, The Mt.Gox team
Going to download the file and anubis it.
|
|
|
|
finack
Member
Offline
Activity: 126
Merit: 10
|
|
June 20, 2011, 03:50:53 AM |
|
Sounds legit.
|
|
|
|
SomeoneWeird (OP)
|
|
June 20, 2011, 03:58:56 AM |
|
Sounds legit.
Mhmm. I'll report back with the results.
|
|
|
|
Vladimir
|
|
June 20, 2011, 04:00:57 AM |
|
"self-extracting archive" should scare the bejisus out of you kids.
It means untrusted code! An now... why would mtgox send you anything like this!
|
-
|
|
|
|
jatajuta
|
|
June 20, 2011, 04:05:22 AM |
|
Im pretty sure this is spam. The Email is as follows: Dear Mt.Gox user,
Our database has been compromised, how you already know.
To protect your account in the future, please download the Certificate (self-extracting archive) from Attachment and install it.
If you were using the same password on Mt.Gox and other places (email, mybitcoin.com, etc), you should change this password as soon as possible.
Please accept our apologies for the troubles caused, and be certain we will do everything we can to keep the funds entrusted with us as secure as possible.
Any unauthorized access done to any account you own (email, mtgox, etc) should be reported to the appropriate authorities in your country.
Thanks, The Mt.Gox team
Going to download the file and anubis it. [Update - 3:45 GMT] Update: DO NOT DOWNLOAD ANYTHING If you receive ANY email which seems coming from Mt.Gox asking you to download something (certificate, generating program, etc), DO NOT DOWNLOAD. Do not either input your password on any site which is not MTGOX.COM. https://support.mtgox.com/entries/20208066-huge-bitcoin-sell-off-due-to-a-compromised-account-rollback
|
|
|
|
SomeoneWeird (OP)
|
|
June 20, 2011, 04:07:26 AM |
|
Im pretty sure this is spam. The Email is as follows: Dear Mt.Gox user,
Our database has been compromised, how you already know.
To protect your account in the future, please download the Certificate (self-extracting archive) from Attachment and install it.
If you were using the same password on Mt.Gox and other places (email, mybitcoin.com, etc), you should change this password as soon as possible.
Please accept our apologies for the troubles caused, and be certain we will do everything we can to keep the funds entrusted with us as secure as possible.
Any unauthorized access done to any account you own (email, mtgox, etc) should be reported to the appropriate authorities in your country.
Thanks, The Mt.Gox team
Going to download the file and anubis it. [Update - 3:45 GMT] Update: DO NOT DOWNLOAD ANYTHING If you receive ANY email which seems coming from Mt.Gox asking you to download something (certificate, generating program, etc), DO NOT DOWNLOAD. Do not either input your password on any site which is not MTGOX.COM. https://support.mtgox.com/entries/20208066-huge-bitcoin-sell-off-due-to-a-compromised-account-rollbackIm not stupid enough to run it...
|
|
|
|
chuckypalumbo
|
|
June 20, 2011, 04:08:31 AM |
|
I got this email an hour ago, I can now throw away my email address of 15 years at it will be scammed and phished to death through this.
|
|
|
|
Oldminer
Legendary
Offline
Activity: 1022
Merit: 1001
|
|
June 20, 2011, 04:09:54 AM |
|
A quick check of the email headers will tell you if its legit or not. If your not sure how to do that forward the email to Mtgox support team for advice (enter their email address as listed on their site dont simply reply to the email!).
|
|
|
|
jatajuta
|
|
June 20, 2011, 04:11:49 AM |
|
Im not stupid enough to run it...
Just checking...
|
|
|
|
Tx2000
|
|
June 20, 2011, 04:16:36 AM |
|
I think one should not open an attachment without 100% assurance that there is nothing malicious inside. Hell, I even ask my friends if they sent me an email attachment before I open it. Even then, I thoroughly scan the file to make sure. Caution and prevention are the the best weapons.
|
|
|
|
Bazil
|
|
June 20, 2011, 04:55:41 AM |
|
This kind of crap is why I use a different email address for every single thing I sign up for.
|
17Bo9a6YpXN2SbwY8mXLCD43Wup9ZE4rwm
|
|
|
CYPER
|
|
June 20, 2011, 11:47:24 AM |
|
Well, call me stupid but I opened the file after I scanned it with MSE, so can you please tell me how can I clean my pc now, when no antivirus detects it as a potential threat?
Does it install any files which I can manually delete?
|
|
|
|
relative
Newbie
Offline
Activity: 56
Merit: 0
|
|
June 20, 2011, 11:51:01 AM |
|
there now is basically a list of people out there who have wallet.dat's on their computers. have fun.
|
|
|
|
SomeoneWeird (OP)
|
|
June 20, 2011, 11:57:20 AM |
|
Well, call me stupid but I opened the file after I scanned it with MSE, so can you please tell me how can I clean my pc now, when no antivirus detects it as a potential threat?
Does it install any files which I can manually delete?
Run Mbam, SpyBot S&D and a couple of others and see if they pick anything up. And create a new wallet and move all your coins ASAP.
|
|
|
|
CYPER
|
|
June 20, 2011, 12:05:40 PM |
|
Well, call me stupid but I opened the file after I scanned it with MSE, so can you please tell me how can I clean my pc now, when no antivirus detects it as a potential threat?
Does it install any files which I can manually delete?
Run Mbam, SpyBot S&D and a couple of others and see if they pick anything up. And create a new wallet and move all your coins ASAP. I don't have any coins yet, as I'm in the process of building a rig, so at least nothing to steal. But do you think the virus is so sophisticated that it can extract all of my saved passwords from Firefox for example?
|
|
|
|
SomeoneWeird (OP)
|
|
June 20, 2011, 12:09:16 PM |
|
Well, call me stupid but I opened the file after I scanned it with MSE, so can you please tell me how can I clean my pc now, when no antivirus detects it as a potential threat?
Does it install any files which I can manually delete?
Run Mbam, SpyBot S&D and a couple of others and see if they pick anything up. And create a new wallet and move all your coins ASAP. I don't have any coins yet, as I'm in the process of building a rig, so at least nothing to steal. But do you think the virus is so sophisticated that it can extract all of my saved passwords from Firefox for example? Possibly, although they might have tried to keep it simple so it wouldn't set off any alarms (AV or IDS or otherwise).
|
|
|
|
skull88
|
|
June 20, 2011, 12:09:44 PM |
|
Well, call me stupid but I opened the file after I scanned it with MSE, so can you please tell me how can I clean my pc now, when no antivirus detects it as a potential threat?
Does it install any files which I can manually delete?
Change your passwords, backup your files, do a format and reinstall everything. You will think twice in the future before opening an attachment.
|
BTC: 1MifMqtqqwMMAbb6zr8u6qEzWqq3CQeGUr LTC: LhvMYEngkKS2B8FAcbnzHb2dvW8n9eHkdp
|
|
|
ius
Newbie
Offline
Activity: 56
Merit: 0
|
|
June 20, 2011, 12:11:00 PM |
|
I don't have any coins yet, as I'm in the process of building a rig, so at least nothing to steal. But do you think the virus is so sophisticated that it can extract all of my saved passwords from Firefox for example?
One of the other stealers sent (Bitcoin_Exploit.rar) certainly did. Firefox, Chrome, Filezilla password caches and bitcoin wallet.
|
|
|
|
Vladimir
|
|
June 20, 2011, 12:14:40 PM |
|
If you had a non ecrypted wallet.dat on the compromised computer, transfer all the money you had there to a new secure wallet ASAP.
It wallet.dat was encrypted, first transfer it (and only it) to a secure computer. Than as skull88 said.
Using secure system change all your passwords, when changing every password repeat "I will not open email attachments, I will not open email attachments, I will not open email attachments..."
|
-
|
|
|
|