Bitcoin Forum
November 17, 2024, 04:35:18 PM *
News: Latest Bitcoin Core release: 28.0 [Torrent]
 
   Home   Help Search Login Register More  
Pages: « 1 2 [3]  All
  Print  
Author Topic: MtGox attack from Poland: accounts compromised  (Read 8389 times)
indiekiduk
Newbie
*
Offline Offline

Activity: 27
Merit: 0


View Profile
July 13, 2013, 06:52:23 PM
 #41

I was a victim of this same attack today. I woke up to read a password reset email that I didn't request. I can't log in and the password reset link didn't work either. Although it did say in the reset email that Gox's main support days are Monday to Friday I replied to the reset email saying I didn't request it. And they got back to me in about an hour and said: "We apologize for the inconvenience caused. We have disabled the withdrawals on the account and we are investigating further on this. We will keep you updated."

I've seen 2 other forum users that got the same attack here:
https://bitcointalk.org/index.php?topic=178336.msg2721093#msg2721093
And another on reddit.
http://www.reddit.com/r/Bitcoin/comments/1i7ydk/psa_reminder_do_not_store_anything_of_value_at_a/

I think the OP's theory that someone can access Gox's password reset mails has some merit.

My reset was done from Belgium not Poland though:

request was made from:
> IP: 81.246.181.166
> Browser: Opera/9.80 (Windows NT 6.1; WOW64) Presto/2.12.388 Version/12.15
shitaifan2013
Legendary
*
Offline Offline

Activity: 874
Merit: 1000

monero


View Profile
July 13, 2013, 07:49:17 PM
 #42

there is a german user claiming the same kind of attack:

https://bitcointalk.org/index.php?topic=255532.0

CurbsideProphet
Hero Member
*****
Offline Offline

Activity: 672
Merit: 500


View Profile
July 13, 2013, 08:29:14 PM
 #43

Jump on irc, #mtgox, and see if you can get in touch with them that way. 

1ProphetnvP8ju2SxxRvVvyzCtTXDgLPJV
wareen
Millionaire
Legendary
*
Offline Offline

Activity: 910
Merit: 1001

Revolutionizing Brokerage of Personal Data


View Profile
July 13, 2013, 10:24:46 PM
 #44

I was a victim of this same attack today. I woke up to read a password reset email that I didn't request. I can't log in and the password reset link didn't work either. Although it did say in the reset email that Gox's main support days are Monday to Friday I replied to the reset email saying I didn't request it. And they got back to me in about an hour and said: "We apologize for the inconvenience caused. We have disabled the withdrawals on the account and we are investigating further on this. We will keep you updated."

Exact same story here. My account should be safe though thanks to Yubikey. I'm pretty confident that neither my mail server nor my client machine was compromised but of course there's no way to be 100% sure.

I think the OP's theory that someone can access Gox's password reset mails has some merit.
+1

Here the details from my case:
Quote
Time: Sat 13 Jul 2013 07:08:17 AM GMT
IP: 173.160.58.186
Browser: Opera/9.80 (Windows NT 6.1; WOW64) Presto/2.12.388 Version/12.15

        ▄▄▀▀▄▄
    ▄▄▀▀▄▄██▄▄▀▀▄▄
▄▄▀▀▄▄█████▄████▄▄▀▀▄▄
█▀▀█▄█████████████
█▄▄████▀   ▀██████
███████     █▄████
█████▀█▄   ▄██████
█▄█████▌   ▐█████
█████▀█     ██████
██▄███████████████
▀▀▄▄▀▀█████▀████▀▀▄▄▀▀
    ▀▀▄▄▀▀██▀▀▄▄▀▀
        ▀▀▄▄▀▀
.PDATA..
.
TOKEN..
██
██
██   ██
██   ██
██   ██
██   ██
██   ██
██   ██

██   ██
██   ██

██   ██
██
██
██
██
██  ██
██  ██
██  ██
██  ██
██  ██
██  ██

██  ██
██  ██

██  ██
██
██
██
██
██   ██
██   ██
██   ██
██   ██
██   ██
██   ██

██   ██
██   ██

██   ██
██
██
TELEGRAM     BITCOINTALK     FACEBOOK
MEDIUM    SLACK    TWITTER    YOUTUBE
▬▬▬▬▬▬▬   E M A I L   ▬▬▬▬▬▬▬
██
██
██  ██
██  ██
██  ██
██  ██
██  ██
██  ██

██  ██
██  ██

██  ██
██
██
bitcoinplaza
Sr. Member
****
Offline Offline

Activity: 266
Merit: 250



View Profile WWW
July 13, 2013, 10:44:43 PM
 #45

I was a victim of this same attack today. I woke up to read a password reset email that I didn't request. I can't log in and the password reset link didn't work either. Although it did say in the reset email that Gox's main support days are Monday to Friday I replied to the reset email saying I didn't request it. And they got back to me in about an hour and said: "We apologize for the inconvenience caused. We have disabled the withdrawals on the account and we are investigating further on this. We will keep you updated."

Exact same story here. My account should be safe though thanks to Yubikey. I'm pretty confident that neither my mail server nor my client machine was compromised but of course there's no way to be 100% sure.

I think the OP's theory that someone can access Gox's password reset mails has some merit.
+1

Here the details from my case:
Quote
Time: Sat 13 Jul 2013 07:08:17 AM GMT
IP: 173.160.58.186
Browser: Opera/9.80 (Windows NT 6.1; WOW64) Presto/2.12.388 Version/12.15

+1
Time: Sat 13 Jul 2013 11:24:38 AM GMT
IP: 95.102.170.242
Browser: Opera/9.80 (Windows NT 6.1; WOW64) Presto/2.12.388 Version/12.15




mjosephs
Full Member
***
Offline Offline

Activity: 129
Merit: 100


View Profile
July 14, 2013, 09:57:04 AM
 #46

OP is paranoid fuckball.

indiekiduk
Newbie
*
Offline Offline

Activity: 27
Merit: 0


View Profile
July 14, 2013, 04:44:33 PM
 #47

Just to follow up, after waiting 24 hours after the original password reset was requested, I did a password reset myself and the email came instantly to my own email and was able to get back in and my balance was still there. So I'm assuming (along with another reddit user) they didn't manage to get into the accounts at all, just for some reason Gox deleted the original password of the accounts that got the bulk reset attempt, preventing us from logging in.

If I was as paranoid as the OP I would thing that it could have been part of some price manipulation strategy, since many users were unable to trade for 24 hours, but I guess that's a bit far fetched.
hdcafe
Member
**
Offline Offline

Activity: 100
Merit: 10


View Profile
July 14, 2013, 04:59:58 PM
 #48

FYI,  a chinese user reported a similar issue

https://bitcointalk.org/index.php?topic=255897.0
bitbully
Jr. Member
*
Offline Offline

Activity: 47
Merit: 1


View Profile
July 14, 2013, 10:02:45 PM
 #49

My friend had exact same thing happen to him 2 days ago. Reset email arrived and he got locked out of account. Same opera browser idenitifier. He's still waiting to get access back and check his balance.
Kouye
Sr. Member
****
Offline Offline

Activity: 336
Merit: 250


Cuddling, censored, unicorn-shaped troll.


View Profile
July 14, 2013, 10:38:02 PM
 #50

No one is losing money, stop spreading FUD

Spreading FUD you are.

Unless you post some form of proof, it's FUD.
~BCX~

Or not ?

[OVER] RIDDLES 2nd edition --- this was claimed. Look out for 3rd edition!
I won't ever ask for a loan nor offer any escrow service. If I do, please consider my account as hacked.
peetah
Member
**
Offline Offline

Activity: 364
Merit: 10


View Profile
July 16, 2013, 02:04:25 AM
 #51

I can vouch that this is happening as well.

Exactly as the OP says, except more feedback from the support staff in that they are looking into it, the funds are safe, and they acknowledge that this has affected a number of accounts.
Pages: « 1 2 [3]  All
  Print  
 
Jump to:  

Powered by MySQL Powered by PHP Powered by SMF 1.1.19 | SMF © 2006-2009, Simple Machines Valid XHTML 1.0! Valid CSS!