Mtgox account hacked and emptied by huge mining fee

[bhy]

My friend received an email saying a Germany IP address 188.93.8.82 logged into his Mtgox account and made withdrawal. He then came into the account and saw several withdrawals like this:
https://i.imgur.com/zgPYK4Z.jpg

The hacker made several 1 satoshi withdrawal but very high withdrawal fee like 2 or 4 BTC. All withdrawal fee are paid as network transaction fees to miner. You could see the satoshis gone to this address: http://blockchain.info/address/14WPGYVtrVTVWuBsNFArXvXXpxWKJ676yv

My friend has 2FA. But he stored a backup of the 2FA barcode in his harddisk. He emailed Mtgox. But Mtgox basically say it's not their fault.


Several questions:

Does the hacker laundering the stolen BTCs by transaction fee? Then how could the hacker make sure he got the block mined?

How could Mtgox even allow this to happen? At the Mtgox withdrawal page there's "Pay 0.005BTC Fee For Faster Processing (Required for Transactions below 0.01 BTC)", but that doesn't mean such huge fee could be paid.

The mining fee all went to BTC Guild. We are trying to contact BTC Guild and hope to get some coin back...

[1714173340]

1714173340

[1714173340]

1714173340

[1714173340]

1714173340

[murraypaul]

Does the hacker laundering the stolen BTCs by transaction fee? Then how could the hacker make sure he got the block mined?

Isn't it more likely that he just screwed up, and meant to send the 2BTC to himself rather than as a fee?

[Birdy]

As they were all included in a block by BTC Guild - the biggest mining pool, I don't think the hacker got those coins.
Maybe the hacker screwed up the script of his walletstealer?

[bhy]

Isn't it more likely that he just screwed up, and meant to send the 2BTC to himself rather than as a fee?

You mean the hacker screwed up? Maybe. However the transactions are sent by Mtgox. And how could Mtgox sent transaction with such a huge fee?

[kik1977]

Isn't it more likely that he just screwed up, and meant to send the 2BTC to himself rather than as a fee?

You mean the hacker screwed up? Maybe. However the transactions are sent by Mtgox. And how could Mtgox sent transaction with such a huge fee?

No, I guess he means if your friend made a mistake and put the 2BTC as a fee while what he wanted to do was sending 2BTC..

[bhy]

No, I guess he means if your friend made a mistake and put the 2BTC as a fee while what he wanted to do was sending 2BTC..

Note that these transactions are all made from Mtgox. And in the Mtgox withdrawal interface there's no way for you to set a 2BTC fee.

I think there could be some buggy problem in Mtgox to allow this happen.

[Birdy]

No, I guess he means if your friend made a mistake and put the 2BTC as a fee while what he wanted to do was sending 2BTC..

7 times in a row?

And in the Mtgox withdrawal interface there's no way for you to set a 2BTC fee.

I think there could be some buggy problem in Mtgox to allow this happen.

Maybe it was sent over the Api or something like that.
(I don't use Gox, so I don't know what's possible there, but I've read they have some kind of api feature)

[ninjaboon]

Did your friend install antivirus or a firewall on his PC?

Did your friend use Windows or Linux?

There seems to be plenty of malware going around and we need to be vigilant.

[Leehoya]

Tell your friend to use linux or install a anti virus. I dont really think anyone who wants the bitcoin would use such a huge amount of transaction fees, he might be fooling around and trolling.

[MadHasher]

If your "friend" wants to shed some light on a possible hack on MtGox that could have gone unnoticed, EVERYONE would appreciate it. Otherwise, not much else you can do (I guess) since, as pointed out, the only way this seems possible is by MtGox being hacked, which would mean he would be entitled to get his BTC back from them.

[joesmoe2012]

Maybe it can be submitted via the API somehow, but there's not a way in the web interface to even specify a fee that high. Have you contacted gox support? What did they say?

[MAbtc]

Maybe it can be submitted via the API somehow, but there's not a way in the web interface to even specify a fee that high. Have you contacted gox support? What did they say?

This is what I am confused about. I don't trade on Gox, so excuse my noobish sentiment, but do you have a choice re the fee you pay on BTC withdrawal there? Like, on Bitstamp, there is no fee on BTC withdrawals, and on BTC-E, it is like .001 fee.

[vm1990]

sounds like they went trough the API this would allow them to mess up the transaction fees.. the only transaction fee you can choose is a tick box of 0.005 so its either a server exploit of API exploit both of which could or couldnt be your friends fault but should be serious concern to mtgox..

[Dougie]

Tell him to contact BTC Guild with proof of what happened and they should give him his coins back. Generally pools pay back accidentally high transaction fees and this is a similar situation only the hackers mistake works in his favour.

[Delerium]

sounds like they went trough the API this would allow them to mess up the transaction fees.. the only transaction fee you can choose is a tick box of 0.005 so its either a server exploit of API exploit both of which could or couldnt be your friends fault but should be serious concern to mtgox..

This - website does not allow you to change the amount of the trading fee. You've had your key and secret stolen somehow from your local machine. 2FA will not help in this instance unfortunatley.