Im just been attacked and robbed on my MT Gox account

[J.]

Did you change your password after the last security breech?

Yes

[1715440617]

1715440617

[1715440617]

1715440617

[1715440617]

1715440617

[1715440617]

1715440617

[1715440617]

1715440617

[TheGer]

"I just discovered that there is someone who has taken all my bitcoins + sold the last to move money from one account to another."

This is either fake or the guy is to stupid and deserves to lose his stuff.  Personally I lean fake since if they transferred the money to another account I would simply take it up with MtGox before crybabying on some Forum since there is a paper trail if he's telling the truth.

Fake to sow seeds of discontent among the Bitcoin Community?  Hmm.

[SgtSpike]

We should definitely strive to discover what the cause of this breach was.  Was it a trojan or keylogger on the OP's computer?  Did someone find a new security hole in MtGox?  CSRF attack?  Phishing website?  Etc, etc.

There had to be SOME cause to it, and pointing fingers at either side isn't going to do any good.

[fcmatt]

i cannot imagine MTGOX allows IPs to attempt to brute force a password over and over again from the
same IP address. Even if the attacker had 10,000 public IPs to use and MTGOX allowed 10 attempts
before locking it out for 24 hours.. it would be almost impossible to brute force a password like the OP
has in any reasonable amount of time.

So that leaves me thinking that the OP has some time of virus/trojan on his PC and the attacker
snarfed the password via that vector.

OP, do you run windows, linux or a mac? I am just curious.

[nostrum]

Where did you store your password?

[Man From The Future]

Did you change your password after the last security breech?

I don't wear breeches!

(You mean breach!)

[J.]

I went through you post history and I see you have been an asset to the community.
You helped people and projected a confident acknowledgement to and of people here.

there is nothing any of us here can do for you besides speculate and possibly console you.
The only person that might be able to help you is MagicalTux, but they offer no kind of security AFAIK when it comes to someone getting past authentication.

I love bitcoin and the whole idea of being able to  Hande more freely, but I'm also getting tired of constantly being put back.

I'm not one second of doubt that if MT Gox was not hagget last time, so bitcoins had been worth $ 40-60 today ... this does not help that there is more security about the exchanges we user. and I have made risk spreading by using several exchanges have little bitcoins in each but it does not help a damn thing ... think I'm done with bitcoins ....

[J.]

"I just discovered that there is someone who has taken all my bitcoins + sold the last to move money from one account to another."

This is either fake or the guy is to stupid and deserves to lose his stuff.  Personally I lean fake since if they transferred the money to another account I would simply take it up with MtGox before crybabying on some Forum since there is a paper trail if he's telling the truth.

Fake to sow seeds of discontent among the Bitcoin Community?  Hmm.

send to this address:
Thu 28 Jul 2011 04:56:57 PM GMT   withdraw   Bitcoin withdraw to 1LxTV74oksinziDR3fgvvLUf6jdsnwSUiP   100.00000000 ฿TC

Thu 28 Jul 2011 05:15:42 PM GMT   withdraw   Generate redeem code: MTGOX-USD-4K7SA-UYVH8-UH85P-50E3D   $305.49932

Accound balance$0.00000
Accound balance BTC 0.00000

[J.]

i cannot imagine MTGOX allows IPs to attempt to brute force a password over and over again from the
same IP address. Even if the attacker had 10,000 public IPs to use and MTGOX allowed 10 attempts
before locking it out for 24 hours.. it would be almost impossible to brute force a password like the OP
has in any reasonable amount of time.

So that leaves me thinking that the OP has some time of virus/trojan on his PC and the attacker
snarfed the password via that vector.

OP, do you run windows, linux or a mac? I am just curious.

Mac

[J.]

Where did you store your password?

I do not understand your question

[Johnny Pizza]

A sucker is born every minute.  I'm sure whoever got them from you is enjoying themselves. 

[SgtSpike]

Did you change your password after the last security breech?

I don't wear breeches!

(You mean breach!)

Dang... my spelling is getting worse as I age.

[fcmatt]

i cannot imagine MTGOX allows IPs to attempt to brute force a password over and over again from the
same IP address. Even if the attacker had 10,000 public IPs to use and MTGOX allowed 10 attempts
before locking it out for 24 hours.. it would be almost impossible to brute force a password like the OP
has in any reasonable amount of time.

So that leaves me thinking that the OP has some time of virus/trojan on his PC and the attacker
snarfed the password via that vector.

OP, do you run windows, linux or a mac? I am just curious.

Mac

Well running a mac surely throws out 99% of virus and typical internet attacks.
The other .99% can be defeated via updated software on a regular basis leaving only 0day attacks and blatant
mistakes by a user who runs untrusted software and otherwise clicks YES to anything that
pops up on his desktop.

Do you run all sorts of goofy software found on the internet? Especially odd bitcoin related software?

[J.]

A sucker is born every minute.  I'm sure whoever got them from you is enjoying themselves. 

Nice!!!!

[KeyserSoze]

how was the vacation?

rotfl

[J.]

i cannot imagine MTGOX allows IPs to attempt to brute force a password over and over again from the
same IP address. Even if the attacker had 10,000 public IPs to use and MTGOX allowed 10 attempts
before locking it out for 24 hours.. it would be almost impossible to brute force a password like the OP
has in any reasonable amount of time.

So that leaves me thinking that the OP has some time of virus/trojan on his PC and the attacker
snarfed the password via that vector.

OP, do you run windows, linux or a mac? I am just curious.

Mac

Well running a mac surely throws out 99% of virus and typical internet attacks.
The other .99% can be defeated via updated software on a regular basis leaving only 0day attacks and blatant
mistakes by a user who runs untrusted software and otherwise clicks YES to anything that
pops up on his desktop.

Do you run all sorts of goofy software found on the internet? Especially odd bitcoin related software?

no all my software is bought and paid for and I update regularly ...

I do not use pogrammer I do not know and have never had an attack of any kind.

[nostrum]

Where did you store your password?

I do not understand your question

You said you had a unique, long and secure password. I generally do not expect people (like myself) being able to remember them.
Did you use a service like LastPass or did you have the password written down in (encrypted) text somewhere (inside or outside the computer)?

[J.]

Where did you store your password?

I do not understand your question

You said you had a unique, long and secure password. I generally do not expect people (like myself) being able to remember them.
Did you use a service like LastPass or did you have the password written down in (encrypted) text somewhere (inside or outside the computer)?

outside the computer
in my head:)

[fcmatt]

MTGOX uses https for auth.. so it is not like a man in the middle attack is trivial.

Also, it seems the user is not a noob running windows XP with sp2 or what not.

If I was MTGOX I would be taking this post oh so seriously as an attacker of the MTGOX
website would surely go about draining accounts in a slow methodical fashion versus going
all out and alerting many people at once.

If they were owned once.. it can happen again. Especially when an attacker knows there is
a currency that can be transferred anonymously.

The OP seems to have his bases covered unless, no offense, you are not telling us exactly
how you use this apple mac computer. Perhaps you like to view odd things online going to
several possibly malicious websites per day?

[pdki]

Whatever happened, before blaming this guy, remember what people were saying when the first reports of cracked mtgox accounts were reported on this forum. Nobody believed them. A couple of days later the mtgox account database was available for download.