MtGox not stole my Bitcoins ! - 2nd part

[vlada.bgw]

new answer :


Hello,

(1) I was not thinking to an order when i let you know about the change made by the robber.
Replace "Then" by "And".

(2) Yes, hackers write script to hack. It is a very difficult script to develop and your account is banned for investigations.
The hackers seems really really smart...

(3) No, we do not send mail, since in order to be able to change the mail you must know the account password.

(4) Robber made the withdrawal the 16th :
Sun 16 Jun 2013 04:35:54 PM JST withdraw Bitcoin withdraw to 15pxUjQ6TmKyTfu1PJ6DSNR6C2mEFhJoFH 4.90400000 BTC 0.00521564 BTC 46.109.13.62

(5) IP address list :
91.105.76.111
46.109.13.62
178.148.140.36
24.135.200.122
76.181.209.35
77.243.22.9
82.145.211.16
85.222.178.126

Hackers seems to be from Latvia. But he could have used a proxy, or vpn or compromised computer...

Best regards,

Mt.Gox Team

[1714980111]

1714980111

[1714980111]

1714980111

[vlada.bgw]

"Dear Marion ,

(3) No, we do not send mail, since in order to be able to change the mail you must know the account password.

If you send mail , even if mail changed , i will see that mail , i  have 24h to stop robery ...

I can not beleive , that tousends sites on internet , working with money , have that security measure , but MtGox do not have one ...

Best regards

Vlada
"

I think this is with purpose  ...

[Blazr]

You should have had 2-factor authentication on your account, the email change would have not been possible if you did.

I think MtGox should force everyone to use 2 factor authentication, this kind of thing occurs way too often.

[vlada.bgw]

I find the way how they did it ...

As a fact , it is my guilty ...

One day MtGox wasn't online , over the phone i get adress : www.mtgoxcom.info/login  (Mt Gox - Buy and Sell Bitcoins  http://mtgoxcom.info/uo/mtgox/html )

All that i have in my phone as a prove .


Then i gave them user and pass  

From IP 76.181.209.35 changed my email and password , junkies from MtGox DO NOT sent email that email is changed ( to old mail )  , and afther 24h logged in using proxy from Latvia ( Litvania ) : 46.109.13.62

Also find who is owner of the page   :


Domain ID:D50014060-LRMS
Domain Name:MTGOXCOM.INFO
Created On:31-May-2013 20:25:39 UTC
Last Updated On:31-May-2013 20:25:39 UTC
Expiration Date:31-May-2014 20:25:39 UTC
Sponsoring Registrar:GoDaddy.com LLC (R171-LRMS)
Status:CLIENT DELETE PROHIBITED
Status:CLIENT RENEW PROHIBITED
Status:CLIENT TRANSFER PROHIBITED
Status:CLIENT UPDATE PROHIBITED
Status:TRANSFER PROHIBITED
Registrant ID:CR144402040
Registrant Name:Barbara Graves
Registrant Organization:
Registrant Street1:11231 Macaw Ct
Registrant Street2:
Registrant Street3:
Registrant City:Chicago
Registrant State/Province:Illinois
Registrant Postal Code:60601
Registrant Country:US
Registrant Phone:+1.3153123920
Registrant Phone Ext.:
Registrant FAX:
Registrant FAX Ext.:
Registrant Email:xiangkaiha365@gmail.com




Now, i can contact Chigago police and prepare to sue this lady ( if it is lady ) ,or contact my friend in Chicago to have a little chat with this person ...


This addres need to be sticky in this forum , to prevent somebody else to be fraudulent





I find also logging time from near Chicago to my MtGox acc from IP listed in earlyer posts  :  http://en.utrace.de/?query=76.181.209.35

[Red_Wolf_2]

Probably a fake name and address on that WHOIS info. I wouldn't expect that to be too useful. That gmail address on the other hand...

[Blazr]

Unfortunately, while you can't know for sure, the WHOIS info is most likely fake. Domain registrars don't check this information, it would be stupid for the scammer to use their real details especially when nobody checks it.

I don't seem to be able to find a Macaw Ct in Chicago.

Also to add to the fact is the email, xiangkaiha365@gmail.com, Xiang Kaiha looks like a name to me.

[sabahgamemaker]

that is china hacker/phisher!!

[OnkelPaul]

One day MtGox wasn't online , over the phone i get adress : www.mtgoxcom.info/login  (Mt Gox - Buy and Sell Bitcoins  http://mtgoxcom.info/uo/mtgox/html )

All that i have in my phone as a prove .


Then i gave them user and pass  

So you had to learn it the hard (and expensive) way:

Never enter your account info on a webpage that someone sent you with unsolicited e-mail!

I don't know whether Mt.Gox states this clearly when you open an account with them, but my bank shows it very prominently on its login page, there are several other services that I use which also warn of this, so everybody who deals with valuable information online should know this.
Only use the addresses you know (best have them stored as bookmarks in your browser), use https, if anything looks suspicious (and a change of address of a large web site is suspicious) back off and don't deal with them until you have verified that everything is ok.

Onkel Paul

[vlada.bgw]

One day MtGox wasn't online , over the phone i get adress : www.mtgoxcom.info/login  (Mt Gox - Buy and Sell Bitcoins  http://mtgoxcom.info/uo/mtgox/html )

All that i have in my phone as a prove .


Then i gave them user and pass  

So you had to learn it the hard (and expensive) way:

Never enter your account info on a webpage that someone sent you with unsolicited e-mail!

I don't know whether Mt.Gox states this clearly when you open an account with them, but my bank shows it very prominently on its login page, there are several other services that I use which also warn of this, so everybody who deals with valuable information online should know this.
Only use the addresses you know (best have them stored as bookmarks in your browser), use https, if anything looks suspicious (and a change of address of a large web site is suspicious) back off and don't deal with them until you have verified that everything is ok.

Onkel Paul

I didn't get mail , i never use links from mail ... i get this address on google first page !

[davo266]

Hey dude, Sorry you lost your BTC,

I doubt though that MT Gox are responsible though.  The number of ways that your password can be compromised is quite incredible.

All it would take is your email password to be compromised, and its all down hill from there. 

Simple rules I follow
Never ever ever use the same passwords unless you are willing for these accounts to be compromised.
Always use passwords longer than 8 characters,
Never use a computer that does not have up to date A/V or System updates (Ie windows updates, or Apple updates, etc).
If you can, dont use java, it has more security holes than a screen door.

[vlada.bgw]

Hey dude, Sorry you lost your BTC,

I doubt though that MT Gox are responsible though.  The number of ways that your password can be compromised is quite incredible.

All it would take is your email password to be compromised, and its all down hill from there.  

Simple rules I follow
Never ever ever use the same passwords unless you are willing for these accounts to be compromised.
Always use passwords longer than 8 characters,
Never use a computer that does not have up to date A/V or System updates (Ie windows updates, or Apple updates, etc).
If you can, dont use java, it has more security holes than a screen door.

It is not email problem , they never find my email account , it is classic physhing over the site above . That site is not active now , but i know that he loks the same as MtGox .

I hope that this topic will help other people NOT TO DO same thing as i did .

I am now few months behind , almost no BTC  :/

If anybody have some btc to spare  , please donate some and help me  :   1AJ8rchBsBtXUqMSRwD12A9PFhg6pg6wKL

[mbelshe]

I didn't do it.

[vlada.bgw]

Thank you all for donation , this little means a lot to me !

[hany103]

hope you recover soon buddy

[DungLongWang]

They should use Google or FB auth