Bitcoin Forum
June 20, 2018, 01:08:28 PM *
News: Latest stable version of Bitcoin Core: 0.16.1  [Torrent]. (New!)
 
   Home   Help Search Donate Login Register  
Pages: [1] 2 »  All
  Print  
Author Topic: MtGox stealing my BTCs?  (Read 1850 times)
byter
Jr. Member
*
Offline Offline

Activity: 40
Merit: 0



View Profile
October 11, 2013, 07:55:42 AM
 #1

Hello,

All my bitcoins are gone from my bitcoin address... Received an e-mail 10 minute ago here:

Transaction reference: 27fb49c7-72d4-4e88-9bb0-d2646d403e97
Date: 2013-10-11 07:43:40 GMT
IP: 209.21.68.151

How is that even possible? I have a very strong password and no viruses... Can't be true!

The IP is in California and I am in Switzerland. Jeez....

My tip wallet: 1bytERKmkdVkodUYndfwDH7FXB9AxQpfE
1529500108
Hero Member
*
Offline Offline

Posts: 1529500108

View Profile Personal Message (Offline)

Ignore
1529500108
Reply with quote  #2

1529500108
Report to moderator
The World's Betting Exchange

Bet with play money. Win real Bitcoin. 5BTC Prize Fund for World Cup 2018.

Advertised sites are not endorsed by the Bitcoin Forum. They may be unsafe, untrustworthy, or illegal in your jurisdiction. Advertise here.
1529500108
Hero Member
*
Offline Offline

Posts: 1529500108

View Profile Personal Message (Offline)

Ignore
1529500108
Reply with quote  #2

1529500108
Report to moderator
1529500108
Hero Member
*
Offline Offline

Posts: 1529500108

View Profile Personal Message (Offline)

Ignore
1529500108
Reply with quote  #2

1529500108
Report to moderator
1529500108
Hero Member
*
Offline Offline

Posts: 1529500108

View Profile Personal Message (Offline)

Ignore
1529500108
Reply with quote  #2

1529500108
Report to moderator
Kluge
Donator
Legendary
*
Offline Offline

Activity: 1218
Merit: 1001



View Profile
October 11, 2013, 08:01:12 AM
 #2

Perhaps the credentials of your email account or password manager are compromised?
byter
Jr. Member
*
Offline Offline

Activity: 40
Merit: 0



View Profile
October 11, 2013, 08:04:57 AM
 #3

I thought about that, but would be strange that the guy doesn't even change the password afterwards... And where would he have found my e-mail address?

That's too much to be true...

My tip wallet: 1bytERKmkdVkodUYndfwDH7FXB9AxQpfE
Kluge
Donator
Legendary
*
Offline Offline

Activity: 1218
Merit: 1001



View Profile
October 11, 2013, 08:08:51 AM
 #4

I thought about that, but would be strange that the guy doesn't even change the password afterwards... And where would he have found my e-mail address?

That's too much to be true...
Email provider should let you check last few IP addresses which accessed your account so you can double-check. (Usually in a "tools" or sometimes "settings" tab - though with smaller providers, you' may have to email support)
byter
Jr. Member
*
Offline Offline

Activity: 40
Merit: 0



View Profile
October 11, 2013, 08:22:33 AM
 #5

No connections whatsoever outside of Switzerland...

My tip wallet: 1bytERKmkdVkodUYndfwDH7FXB9AxQpfE
byter
Jr. Member
*
Offline Offline

Activity: 40
Merit: 0



View Profile
October 11, 2013, 08:27:35 AM
 #6

And I guess that MtGox will just tell me that it's my fault of course...

My tip wallet: 1bytERKmkdVkodUYndfwDH7FXB9AxQpfE
byter
Jr. Member
*
Offline Offline

Activity: 40
Merit: 0



View Profile
October 11, 2013, 08:28:35 AM
 #7

By the way, it was sent to: 155SfFNjcqVZdoHDM6M3uR1hSjJtuW3xRf

If anyone can help finding back the guy, I'll reward!

My tip wallet: 1bytERKmkdVkodUYndfwDH7FXB9AxQpfE
TheButterZone
Legendary
*
Offline Offline

Activity: 2184
Merit: 1008


Pay with SegWit!


View Profile WWW
October 11, 2013, 08:36:00 AM
 #8

Well, it's not the first time it's been used... http://blockchain.info/address/155SfFNjcqVZdoHDM6M3uR1hSjJtuW3xRf

If I were MtGox, I'd log the accounts and IPs trying to withdraw to that address, and try to alert the account owners directly before the withdrawals are allowed to execute.

NBA Store coupons here!
Saying that you don't trust someone because of their behavior is completely valid.
greyhawk
Hero Member
*****
Offline Offline

Activity: 924
Merit: 1000


View Profile
October 11, 2013, 08:38:30 AM
 #9

Let me guess. No 2FA?

no viruses...

How would you even know that?
byter
Jr. Member
*
Offline Offline

Activity: 40
Merit: 0



View Profile
October 11, 2013, 09:01:22 AM
 #10

Let me guess. No 2FA?

no viruses...

How would you even know that?

Because I ran a full check with 4 different anti malware / anti virus tools?

My tip wallet: 1bytERKmkdVkodUYndfwDH7FXB9AxQpfE
greyhawk
Hero Member
*****
Offline Offline

Activity: 924
Merit: 1000


View Profile
October 11, 2013, 09:15:24 AM
 #11

Let me guess. No 2FA?

no viruses...

How would you even know that?

Because I ran a full check with 4 different anti malware / anti virus tools?

That would only protect you from common threats, which the highly specialiced trojans/keyloggers out for bitcoin exchange login data most definitely are not.

The only way to confidently deny the presence of bitcoin malware is if you'd exclusively accessed exchanges via a fresh and clean VM.
viboracecata
Legendary
*
Offline Offline

Activity: 1316
Merit: 1000


Varanida : Fair & Transparent Digital Ecosystem


View Profile
October 11, 2013, 09:23:29 AM
 #12

Let me guess. No 2FA?

no viruses...

How would you even know that?

Because I ran a full check with 4 different anti malware / anti virus tools?

antivirus tools can not kill the real cracker's backdoors, your PC using habit is the best safeguard for you private information

iBuilding A Better Interneti
━━━━━━━━━━━━━━━━━━━━ ━━━━━━━━━━━━━━━━━━━━

 
 █b
▐█=
║█
██                                         ¡▄▄▄▄▄▄▄▄┌
██M                                  ╒▄▄▄▄█▀    ▂▂ ╙▀▀▆▄
██▌                                ╓, ,██╨      ▀▀▀    ╜▀█▌
███                                ▀▀██╙     ▄▄▄▄▄      ╓█L
█ █▌                            ▄▄▄▄█▀          └▀▀▀▀█Φ█▀"
█▌ █▄                            ██▀           ▄█▀
▐▌  ▀▌                       ▀▄██▀            ▄▀
▐█     ▂▂▂                ▄  ▄█▀           ▄▄▀
 █▌  ╙▀▀▀▀▀█▄         ▄   ███▀     ▁▂▃▄▄▄█▀▀
  █▄        █▌    █▄  ██▄█▀        ▔▔╙▀▐█
   █▄       █▌ ▀▀████▀▀▀               ▐▌
    ▀█     █▀                          ▐▌
     ╙█▄  ▄▌                        ╓█ ▐█
       └▀██  ╓▄▄µ╓▄▄µ            ,▄█▀┘  █▌    ▄▄ ╓▄▄µ
         ██▄█▀▀███▀▀█▄       ╓▄▄█▀▀      ▀█▄█▀▀▀██▄╙▀█▄▄
          ▀╙    ▀▀▀  ▀▀▀  ▀▀▀▀╙           `      "▀▀  └╙
You Can See Me Now, Hi :}
VARANIDA

 
 
 
 
               ▄██   ▄███▄
              ▄███████  ██
              ██    ▀████▀
             ██
  ▄▄  ▄▄█████████████▄▄  ▄▄
▄███████████████████████████▄
█████████████████████████████
▀███████    █████    ███████▀
  ▀█████    █████    █████▀
   ███████████████████████
    █████▄  ▀▀▀▀▀  ▄█████
     ▀█████▄▄▄▄▄▄▄█████▀
        ▀▀█████████▀▀
|Hello Again
GWhitePaperG
GAnn ThreadG
posormo
Member
**
Offline Offline

Activity: 109
Merit: 10


View Profile
October 11, 2013, 12:42:46 PM
 #13

Their stealing their money because your to stupid to secure your shit?  Interesting.   How many btc were taken?  Was your password 1234?

byter
Jr. Member
*
Offline Offline

Activity: 40
Merit: 0



View Profile
October 11, 2013, 12:59:03 PM
 #14

Their stealing their money because your to stupid to secure your shit?  Interesting.   How many btc were taken?  Was your password 1234?

No, I have a strong password. 3 BTCs were taken... Not that much but hey, that sucks...

My tip wallet: 1bytERKmkdVkodUYndfwDH7FXB9AxQpfE
posormo
Member
**
Offline Offline

Activity: 109
Merit: 10


View Profile
October 11, 2013, 02:54:23 PM
 #15

Their stealing their money because your to stupid to secure your shit?  Interesting.   How many btc were taken?  Was your password 1234?

No, I have a strong password. 3 BTCs were taken... Not that much but hey, that sucks...

oh, you have a strong password.  that is all you have to say?  now I know its your own fault and not theirs.  typical end user.  ya, they are going to risk it all to steal 3 btc from you.   change the thread title to I don't understand how to use a computer, game over.

byter
Jr. Member
*
Offline Offline

Activity: 40
Merit: 0



View Profile
October 16, 2013, 11:12:23 AM
 #16

Well, I actually know how to use a computer...

Anyways, complaint has been open at the FBI, hope they find the guy :-)

At least I have an IP address to start with...

My tip wallet: 1bytERKmkdVkodUYndfwDH7FXB9AxQpfE
Newar
Legendary
*
Offline Offline

Activity: 1316
Merit: 1000


https://gliph.me/hUF


View Profile
October 16, 2013, 11:59:24 AM
 #17

Did you have 2FA?

OTC rating | GPG keyid 1DC91318EE785FDE | Gliph: lightning bicycle tree music | Mycelium, a swift & secure Bitcoin client for Android | LocalBitcoins
hulk
Sr. Member
****
Offline Offline

Activity: 392
Merit: 250


View Profile
October 16, 2013, 12:02:01 PM
 #18

I believe you don't have 2FA? anyway bye bye 3 BTC. Most likely its hacker and not MTGOX Smiley

malevolent
can into space
Staff
Legendary
*
Offline Offline

Activity: 2044
Merit: 1013



View Profile
October 16, 2013, 08:57:40 PM
 #19

That would only protect you from common threats, which the highly specialiced trojans/keyloggers out for bitcoin exchange login data most definitely are not.
The only way to confidently deny the presence of bitcoin malware is if you'd exclusively accessed exchanges via a fresh and clean VM.

It wouldn't be enough if the host OS wasn't "fresh and clean" too.

It would probably be enough if he used the host OS exclusively for accessing exchanges and the guest OS for other Internet-interacting stuff. Though it may still be sometimes possible to compromise the host OS from the guest OS (or other guests if they aren't properly isolated).

http://www.blackhat.com/presentations/bh-usa-09/KORTCHINSKY/BHUSA09-Kortchinsky-Cloudburst-PAPER.pdf
http://media.blackhat.com/bh-us-11/Elhage/BH_US_11_Elhage_Virtunoid_WP.pdf
trilightzone.org
Jr. Member
*
Offline Offline

Activity: 47
Merit: 0



View Profile WWW
October 17, 2013, 11:30:15 PM
 #20

Hello,

All my bitcoins are gone from my bitcoin address... Received an e-mail 10 minute ago here:

Transaction reference: 27fb49c7-72d4-4e88-9bb0-d2646d403e97
Date: 2013-10-11 07:43:40 GMT
IP: 209.21.68.151

How is that even possible? I have a very strong password and no viruses... Can't be true!

The IP is in California and I am in Switzerland. Jeez....

Just did a quick check and this might help too, looks like a gmail user is connected to that IP for sending spam for the site discountflitflopshoes.com:

https://webcache.googleusercontent.com/search?q=cache:g2xvH6u5lVMJ:http://cleantalk.org/blacklists/discountflitflopshoes.com%2B209.21.68.151



TrilightZone - Internet Privacy Services Since 2005 - Contact Us For All Your Privacy Needs !
Offshore OpenVPN, Hosting, Servers, Email, Storage, Backup, DNS, Domains, Multiple Countries Available (https://www.trilightzone.org/services.html)
Pages: [1] 2 »  All
  Print  
 
Jump to:  

Sponsored by , a Bitcoin-accepting VPN.
Powered by MySQL Powered by PHP Powered by SMF 1.1.19 | SMF © 2006-2009, Simple Machines Valid XHTML 1.0! Valid CSS!