Bitcoin Forum
October 20, 2017, 02:12:52 AM *
News: Latest stable version of Bitcoin Core: 0.15.0.1  [Torrent]. (New!)
 
   Home   Help Search Donate Login Register  
Pages: [1] 2 »  All
  Print  
Author Topic: MtGox stealing my BTCs?  (Read 1834 times)
byter
Jr. Member
*
Offline Offline

Activity: 40



View Profile
October 11, 2013, 07:55:42 AM
 #1

Hello,

All my bitcoins are gone from my bitcoin address... Received an e-mail 10 minute ago here:

Transaction reference: 27fb49c7-72d4-4e88-9bb0-d2646d403e97
Date: 2013-10-11 07:43:40 GMT
IP: 209.21.68.151

How is that even possible? I have a very strong password and no viruses... Can't be true!

The IP is in California and I am in Switzerland. Jeez....

My tip wallet: 1bytERKmkdVkodUYndfwDH7FXB9AxQpfE
1508465572
Hero Member
*
Offline Offline

Posts: 1508465572

View Profile Personal Message (Offline)

Ignore
1508465572
Reply with quote  #2

1508465572
Report to moderator
Advertised sites are not endorsed by the Bitcoin Forum. They may be unsafe, untrustworthy, or illegal in your jurisdiction. Advertise here.
1508465572
Hero Member
*
Offline Offline

Posts: 1508465572

View Profile Personal Message (Offline)

Ignore
1508465572
Reply with quote  #2

1508465572
Report to moderator
1508465572
Hero Member
*
Offline Offline

Posts: 1508465572

View Profile Personal Message (Offline)

Ignore
1508465572
Reply with quote  #2

1508465572
Report to moderator
1508465572
Hero Member
*
Offline Offline

Posts: 1508465572

View Profile Personal Message (Offline)

Ignore
1508465572
Reply with quote  #2

1508465572
Report to moderator
Kluge
Donator
Legendary
*
Offline Offline

Activity: 1218


Michael, send me some coins before I hitman you


View Profile
October 11, 2013, 08:01:12 AM
 #2

Perhaps the credentials of your email account or password manager are compromised?

Don't mix your coins someone said isn't legal
byter
Jr. Member
*
Offline Offline

Activity: 40



View Profile
October 11, 2013, 08:04:57 AM
 #3

I thought about that, but would be strange that the guy doesn't even change the password afterwards... And where would he have found my e-mail address?

That's too much to be true...

My tip wallet: 1bytERKmkdVkodUYndfwDH7FXB9AxQpfE
Kluge
Donator
Legendary
*
Offline Offline

Activity: 1218


Michael, send me some coins before I hitman you


View Profile
October 11, 2013, 08:08:51 AM
 #4

I thought about that, but would be strange that the guy doesn't even change the password afterwards... And where would he have found my e-mail address?

That's too much to be true...
Email provider should let you check last few IP addresses which accessed your account so you can double-check. (Usually in a "tools" or sometimes "settings" tab - though with smaller providers, you' may have to email support)

Don't mix your coins someone said isn't legal
byter
Jr. Member
*
Offline Offline

Activity: 40



View Profile
October 11, 2013, 08:22:33 AM
 #5

No connections whatsoever outside of Switzerland...

My tip wallet: 1bytERKmkdVkodUYndfwDH7FXB9AxQpfE
byter
Jr. Member
*
Offline Offline

Activity: 40



View Profile
October 11, 2013, 08:27:35 AM
 #6

And I guess that MtGox will just tell me that it's my fault of course...

My tip wallet: 1bytERKmkdVkodUYndfwDH7FXB9AxQpfE
byter
Jr. Member
*
Offline Offline

Activity: 40



View Profile
October 11, 2013, 08:28:35 AM
 #7

By the way, it was sent to: 155SfFNjcqVZdoHDM6M3uR1hSjJtuW3xRf

If anyone can help finding back the guy, I'll reward!

My tip wallet: 1bytERKmkdVkodUYndfwDH7FXB9AxQpfE
TheButterZone
Legendary
*
Offline Offline

Activity: 1932


Nemo me impune lacessit


View Profile WWW
October 11, 2013, 08:36:00 AM
 #8

Well, it's not the first time it's been used... http://blockchain.info/address/155SfFNjcqVZdoHDM6M3uR1hSjJtuW3xRf

If I were MtGox, I'd log the accounts and IPs trying to withdraw to that address, and try to alert the account owners directly before the withdrawals are allowed to execute.

greyhawk
Hero Member
*****
Offline Offline

Activity: 924


View Profile
October 11, 2013, 08:38:30 AM
 #9

Let me guess. No 2FA?

no viruses...

How would you even know that?
byter
Jr. Member
*
Offline Offline

Activity: 40



View Profile
October 11, 2013, 09:01:22 AM
 #10

Let me guess. No 2FA?

no viruses...

How would you even know that?

Because I ran a full check with 4 different anti malware / anti virus tools?

My tip wallet: 1bytERKmkdVkodUYndfwDH7FXB9AxQpfE
greyhawk
Hero Member
*****
Offline Offline

Activity: 924


View Profile
October 11, 2013, 09:15:24 AM
 #11

Let me guess. No 2FA?

no viruses...

How would you even know that?

Because I ran a full check with 4 different anti malware / anti virus tools?

That would only protect you from common threats, which the highly specialiced trojans/keyloggers out for bitcoin exchange login data most definitely are not.

The only way to confidently deny the presence of bitcoin malware is if you'd exclusively accessed exchanges via a fresh and clean VM.
viboracecata
Legendary
*
Offline Offline

Activity: 1288



View Profile
October 11, 2013, 09:23:29 AM
 #12

Let me guess. No 2FA?

no viruses...

How would you even know that?

Because I ran a full check with 4 different anti malware / anti virus tools?

antivirus tools can not kill the real cracker's backdoors, your PC using habit is the best safeguard for you private information

posormo
Member
**
Offline Offline

Activity: 109


View Profile
October 11, 2013, 12:42:46 PM
 #13

Their stealing their money because your to stupid to secure your shit?  Interesting.   How many btc were taken?  Was your password 1234?

byter
Jr. Member
*
Offline Offline

Activity: 40



View Profile
October 11, 2013, 12:59:03 PM
 #14

Their stealing their money because your to stupid to secure your shit?  Interesting.   How many btc were taken?  Was your password 1234?

No, I have a strong password. 3 BTCs were taken... Not that much but hey, that sucks...

My tip wallet: 1bytERKmkdVkodUYndfwDH7FXB9AxQpfE
posormo
Member
**
Offline Offline

Activity: 109


View Profile
October 11, 2013, 02:54:23 PM
 #15

Their stealing their money because your to stupid to secure your shit?  Interesting.   How many btc were taken?  Was your password 1234?

No, I have a strong password. 3 BTCs were taken... Not that much but hey, that sucks...

oh, you have a strong password.  that is all you have to say?  now I know its your own fault and not theirs.  typical end user.  ya, they are going to risk it all to steal 3 btc from you.   change the thread title to I don't understand how to use a computer, game over.

byter
Jr. Member
*
Offline Offline

Activity: 40



View Profile
October 16, 2013, 11:12:23 AM
 #16

Well, I actually know how to use a computer...

Anyways, complaint has been open at the FBI, hope they find the guy :-)

At least I have an IP address to start with...

My tip wallet: 1bytERKmkdVkodUYndfwDH7FXB9AxQpfE
Newar
Legendary
*
Offline Offline

Activity: 1246


https://gliph.me/hUF


View Profile
October 16, 2013, 11:59:24 AM
 #17

Did you have 2FA?

OTC rating | GPG keyid 1DC91318EE785FDE | Gliph: lightning bicycle tree music | Mycelium, a swift & secure Bitcoin client for Android | LocalBitcoins
hulk
Sr. Member
****
Offline Offline

Activity: 392


View Profile
October 16, 2013, 12:02:01 PM
 #18

I believe you don't have 2FA? anyway bye bye 3 BTC. Most likely its hacker and not MTGOX Smiley

malevolent
can into space
Staff
Legendary
*
Online Online

Activity: 1834



View Profile
October 16, 2013, 08:57:40 PM
 #19

That would only protect you from common threats, which the highly specialiced trojans/keyloggers out for bitcoin exchange login data most definitely are not.
The only way to confidently deny the presence of bitcoin malware is if you'd exclusively accessed exchanges via a fresh and clean VM.

It wouldn't be enough if the host OS wasn't "fresh and clean" too.

It would probably be enough if he used the host OS exclusively for accessing exchanges and the guest OS for other Internet-interacting stuff. Though it may still be sometimes possible to compromise the host OS from the guest OS (or other guests if they aren't properly isolated).

http://www.blackhat.com/presentations/bh-usa-09/KORTCHINSKY/BHUSA09-Kortchinsky-Cloudburst-PAPER.pdf
http://media.blackhat.com/bh-us-11/Elhage/BH_US_11_Elhage_Virtunoid_WP.pdf
trilightzone.org
Jr. Member
*
Offline Offline

Activity: 47



View Profile WWW
October 17, 2013, 11:30:15 PM
 #20

Hello,

All my bitcoins are gone from my bitcoin address... Received an e-mail 10 minute ago here:

Transaction reference: 27fb49c7-72d4-4e88-9bb0-d2646d403e97
Date: 2013-10-11 07:43:40 GMT
IP: 209.21.68.151

How is that even possible? I have a very strong password and no viruses... Can't be true!

The IP is in California and I am in Switzerland. Jeez....

Just did a quick check and this might help too, looks like a gmail user is connected to that IP for sending spam for the site discountflitflopshoes.com:

https://webcache.googleusercontent.com/search?q=cache:g2xvH6u5lVMJ:http://cleantalk.org/blacklists/discountflitflopshoes.com%2B209.21.68.151


Pages: [1] 2 »  All
  Print  
 
Jump to:  

Sponsored by , a Bitcoin-accepting VPN.
Powered by MySQL Powered by PHP Powered by SMF 1.1.19 | SMF © 2006-2009, Simple Machines Valid XHTML 1.0! Valid CSS!