Im just been attacked and robbed on my MT Gox account

[stsbrad]

HIS email got owned and it's mtgox's fault? wtf is wrong with some of you people? I can't see how this is their fault at all. On a side note I would like the option to maybe pay mtgox a small fee monthly maybe or free whatever so they  can make a pin number notation on my account. when someone requests a withdrawal I receive a phone call asking for that pin then its released. its how the company I work for handles certain transactions and it's wonderful. customers get warm fuzzies using it. yubikey would have worked too.

 if they reset password on his etrade account and the same happened its etrades fault? c'mon

[1714828600]

1714828600

[1714828600]

1714828600

[1714828600]

1714828600

[fcmatt]

HIS email got owned and it's mtgox's fault? wtf is wrong with some of you people? I can't see how this is their fault at all. On a side note I would like the option to maybe pay mtgox a small fee monthly maybe or free whatever so they  can make a pin number notation on my account. when someone requests a withdrawal I receive a phone call asking for that pin then its released. its how the company I work for handles certain transactions and it's wonderful. customers get warm fuzzies using it. yubikey would have worked too.

 if they reset password on his etrade account and the same happened its etrades fault? c'mon

In one breath you criticize my suggestion while asking for a different security feature.

Then you mention etrade which clearly does not have such a simple way to reset a password without knowing:

E*TRADE User ID:
Social Security or Tax ID Number:
Last Name:
Zip or Postal Code:

The fact of the matter is that MTGOX has a reset password feature that is about right for a forum like this and not
a place to store money/BTC.

Is it really that hard to see it has room for improvement or do a lot of people like to argue for the fun of it?

Anyway... enough is enough. I said my piece. I am sure tux read it and will consider what he should do with his website.
I will simply go where I feel comfortable when I wish to sell my BTC.

[stsbrad]

this is anonymous currency isn't it? now you're saying you basically want mtgox storing ssn's? what I'm asking is how far are they supposed to take it before it's just.... paypal? why wasn't this guy using a yubikey? at what point do you draw the line and say well.... the end user fucked up?

[stsbrad]

wow after reading it all again you might be right bro. lol. and I might have helped

who knows anymore.

[CCCMikey]

Yubikey has been around since about 2008 - I remember when Steve Gibson met Stina Ehrensvrd at the RSA Security Conference, trying to drum up interest in the product. http://www.grc.com/sn/sn-143.txt Since Yubikey is used in many environments besides MtGox, I doubt this entire post exists just to drum up support for it. But then, this is the Internet, so who knows (It looks a bit to me like someone used a web language translation tool.)

Certainly, if it's true that MtGox passwords can be reset simply by controlling the email address, then that is probably a cause for concern. Up until fairly recently, pretty much all email clients default to POP or IMAP access using plaintext password transmission. As a result, any other non-isolated members of a wireless network have a strong chance of being able to see that password. (Wired networks are generally less susceptible.) All routers between the end user and their email server can also see that password.

Similarly, almost all email clients store the password within the machine somewhere. On Windows, there are plenty of freeware programs that will read the email password in the blink of an eye (mailpv for example) so it too is another security risk. Even third party programs such as Thunderbird will happily reveal your password.

Basically, for financial sites; a simple password reset facility via email is not sufficient security. It needs to be paired with another out-of-bound medium such as SMS, Yubikey, etc.

[RandyFolds]

@CCCMike

Not saying anything bad about the YubiKey, it's a great little device.

A web translator will not misspell words or speak in American slang. I am not a native English speaker, I am Chinese. I know "real" broken English when I see it. This is as fake as when as native English speaker tries to talk in broken English.

I doubt seriously that this guy's account was hacked at all.

The whole thing was to drum up sympathy for Mt.Gox by accusing them of a security breach with zero evidence, expose it as user error and fix it with YubiKey.

Honestly you can't blame them for thinking Bitcoin users are stupid. Rip them off, claim a hack and they come back for more!

Man, you are dumb.

[defxor]

The phony broken English is totally fake.

It looks perfectly on par for someone from Denmark (and other European countries where people grow up with subtitled american TV series).

[SgtSpike]

wow after reading it all again you might be right bro. lol. and I might have helped

who knows anymore.

Another example of perfect structure, spelling and verb-subject usage followed by perfect spelled FAKE syntax error.

"it also seems that there have been several sales and purchases in the last few days where I have not been inside ... it can not be true ... I expect all my money and bitcoins is back on my account."

This is nothing more than scare tactic to promote the YubiKey as the ONLY safe way to guard your bitcoins.

This is the moral of this whole thread.....


Hurry people, run out and buy a YubiKey from Mt.Gox LOL

Seriously?  I see plenty of errors in all three of those sentences.  Not one of them is perfect.

I also deal with a BUNCH of international people on a daily basis who have a variety of skill levels when it comes to the English language.  Some write in exactly the same "BS" broken manner as J. does.

Go find another thread to throw wild, baseless accusations around in.

[defxor]

Didn't realize there were so many Gox Apologist in action!

How is my knowledge on northern European English skills being "Gox Apologist"? We can go into more detail if you want to learn more about how hearing perfectly spoken English, but seldom using it in writing, result in people who use american expressions but with grammar and/or spelling mistakes - but I suggest you start another thread for that study.

PS: "hagget" is a Danish version of "hacked", an English word having been Danishified. Even a simple Google search would've told you that.

[Jack of Diamonds]

The whole thing was to drum up sympathy for Mt.Gox by accusing them of a security breach with zero evidence, expose it as user error and fix it with YubiKey.

Honestly you can't blame them for thinking Bitcoin users are stupid. Rip them off, claim a hack and they come back for more!

I'm a skeptic but I know an over-the-top-paranoid person when I see one. Your theory is insane.

The YK is just free compensation. Even if everyone were to buy one after reading it's safer, Gox would gain next to no profit.
The keys actually do cost $30, Mt. Gox is sending them with free shipping & a customized logo, so they are *losing* money initially by sending them out
(though gaining in the long term due to less problems from stolen accounts and disputes)

[paraipan]

@CCCMike

Not saying anything bad about the YubiKey, it's a great little device.

A web translator will not misspell words or speak in American slang. I am not a native English speaker, I am Chinese. I know "real" broken English when I see it. This is as fake as when as native English speaker tries to talk in broken English.

I doubt seriously that this guy's account was hacked at all.

The whole thing was to drum up sympathy for Mt.Gox by accusing them of a security breach with zero evidence, expose it as user error and fix it with YubiKey.

Honestly you can't blame them for thinking Bitcoin users are stupid. Rip them off, claim a hack and they come back for more!

Man, you are dumb.

YubiKey is based on RSA’s SecureID, look what could happen to it if the keys are stored in a central database http://steve.grc.com/2011/03/19/reverse-engineering-rsas-statement/

and please calm down guys 

[J.]

Hi, I checked the account history quickly, and saw the hack had nothing to do with your account email. The attacker used the reset password function and got the right reset key right after, which he used to change your password. Therefore here are my questions for you:

• Was your email password strong too?
• Are you sure you NEVER logged into your email from any other place than your home, on a safe computer (ie. never used that email from a mobile device, for example)

I would think that my password should be strong enough ..

I have not touched on my MT Gox account elsewhere in the home and from my office, and both lines are secured with codes.

I figure even with that it is my password has been cracked, as it is a very strong code .... but thank you because you have looked at it because I am very frustrated over this, it is much money I've lost ..

r I've lost all me fath too bitcoins, and it's sad after which I was in the process of getting it out in Denmark and Scandinavia.

[J.]

Hi, I checked the account history quickly, and saw the hack had nothing to do with your account email. The attacker used the reset password function and got the right reset key right after, which he used to change your password. Therefore here are my questions for you:

• Was your email password strong too?
• Are you sure you NEVER logged into your email from any other place than your home, on a safe computer (ie. never used that email from a mobile device, for example)

So basically, the attacker gained control of his email account, reset the MtGox password, then stole the coins.

I see this as a definite possibility, especially if his email password wasn't very strong.  As soon as that MtGox list got out, his email address was out there too.  Someone may have brute-forced (or otherwise extracted) his email address password.

Isn't it true that IMAP email/passwords are sent in plaintext unless a secure connection is specified?  Maybe someone was sniffing his data when he connected to his mailserver, and retrieved his account password that way...

J., do you have a "Reset password" email from MtGox in your inbox or deleted mail folder?  It was probably fully deleted, but you never know... not that it would really solve anything, it would just give confirmation to MagicalTux's investigation.

I could not find such an email, with it's no harder than perosner have deleted them afterwards ... the person may very well delete it entirely using my code.

[defxor]

I would think that my password should be strong enough ..

I have not touched on my MT Gox account elsewhere in the home and from my office, and both lines are secured with codes.

The vector would be that your email adress, as everyone elses, became known from the MtGox hacking incident. Somehow someone decided it was worth trying to hack your emailaccount - making it possible to do a pw reset on MtGox.

Why someone targetted you in particular, and managed to guess your email password, is another question. The most likely cause would be that you signed up somewhere else Bitcoin related and re-used the same pw as you use with your email provider.

(If your email account has been hacked you of course need to make sure to clean your account from any hidden forwards and then basically consider EVERYTHING you've ever signed up for as "broken" since the attacker could've used it to gain entry to a lot more than just MtGox)

Of course, all the above is based on MagicalTux both being honest about what the logs say and that if the logs say pw reset through email that there's no way to fool the system into doing pw resets some other way.

[J.]

perhaps it should not be so easy to reset a password on mtgox then?
perhaps it should be more painful for those who forget their passwords and have to wait
for a call from a mtgox employee who will then quiz them about details of their account?

Come on, there's only so much mtgox can do.
If someone breaks into your primary email address they've got you.

but the only way they could get this mail code is that it has gone out of MT Gox's system and data ...

no matter how you look at it, then MT Gox has my IP addresses and know I am from Denmark, how can they allow an IP address from Malaisia ​​and U.S. to empty my account ... it is because of poor security ..

[m0w3r]

Whoa , chill out, I never said I was going psycho. You obviously have the typical Ga or is it Va reading comprehension problem....

Anyway you're taking this way too serious.

Take care

You can go back to China with that slander.

[J.]

J, Aug-05 02:51 (JST):
my account has been hagget, my code did not work more because I wanted to go today, so may have sent an email with a new code .... HEVEDERES what happens to your ridiculous shitty site ...

119 bitcoin stolen and
300 USD.

what the hell is this bullshit.

send to this address:
Thu 28 Jul 2011 04:56:57 PM GMT   withdraw   Bitcoin withdraw to 1LxTV74oksinziDR3fgvvLUf6jdsnwSUiP   100.00000000 ฿TC

Thu 28 Jul 2011 05:15:42 PM GMT   withdraw   Generate redeem code: MTGOX-USD-4K7SA-UYVH8-UH85P-50E3D   $305.49932

Accound balance$0.00000
Accound balance BTC 0.00000

it also seems that there have been several sales and purchases in the last few days where I have not been inside ... it can not be true ... I expect all my money and bitcoins is back on my account.

Otherwise, the refund all my $ 4000 which I have added to your shitty site and lost because of your incompetent security.

_______________________________________________________________________________ __________________________________

Jasmine, Aug-05 10:39 (JST):
Hello,

I apologize about your recent theft. We do not have the ability to "reverse" any transfers. The IP addresses of both transactions are 115.133.198.86 and 64.120.79.136. At this point, I strongly advise you to change your password to a more secure one; using at least one upper case, number, and special character will prevent anyone and any computers from guessing your password. Also, please change the password to any connecting email addresses.

I also strongly encourage you to obtain a Yubikey, which we can offer it to you for free. Unfortunately, that is the only thing we can do for your situation. You may file a police report, which we can try our best to cooperate with the investigation.

I apologize for any inconvenience this has caused.

Thanks,

MtGox.com Team

The IP addresses of both transactions are 115.133.198.86 and 64.120.79.136.
MY IP Adress i 192.168.2.103

I strongly advise you to change your password to a more secure one, using at least one upper case, number, and special character will prevent anyone and any computers from guessing your password.
Me password was (have been changed) J08-uU33-1604-82-xXx

This whole thread is BOGUS and is nothing but a scare tactic to promote YubiKey.

The phony broken English is totally fake. We have "misspelled" words, sentence fragments, followed by 100% proper subject-verb agreement that is 10 times harder to master by non-English speakers than anything else.

The whole thing about "My IP was to try and demonstrate he was an idiot". Problem is, previous post by this user demonstrate a much higher understanding.

TOTAL FAKE BS


added: He can't spell hacked (hagget) but can spell ridiculous, incompetent, and has perfect command of "American Slang"....

Google translate your idiot.

As you can see below I have nothing to do with MT Gox to do.

I am Danish and live in Denmark, English is not my strong point in terms of writing . I use google translate + imtranslation.net if I can just spell the word or phrase I should use.

As you can see longer admitted also says in my profile

DANISH BITCOIN SUPPORT.

I think it's incredibly boring to see that people are so few indkompetente idiots and do not see the forest for the trees ....

it's not me who is the evil here ...
I'm just trying to warn others and even get some help on how I can get on with this here .. it is not you who has lost a lot of money and bitcoins ...

so stop all your crap with conspiracy theories and ghosts ... there's nothing in it

and yes it may well be that I've made a mistake, but why should you not call me incompetent or retarded .. because I think my IQ and ability to increase your skill with meters

[J.]

My Wallet
Here you can see what has been the movement on my wallet, 3 activities for MT Gox

https://i.imgur.com/YI6oH.jpg

Recover mail
mail that I sent after I tried to get into my account on Thursday 04.08.2011

I could not login with my regular password: (

https://i.imgur.com/KSSVq.jpg

MY MT Gox account
As you can see there on 28.07.2011 was 100 BTC and move up afterwards sold 19 BTC.

then there are so moved about $ 305 and then the account was empty: (

Account History $

https://i.imgur.com/3tarl.jpg

Account History BTC

https://i.imgur.com/CydPm.jpg

which in his view, there is one who has to move 100 BIC and subsequently sold the rest to move a lot of $ out of my account ..

[Inedible]

Hi, I checked the account history quickly, and saw the hack had nothing to do with your account email. The attacker used the reset password function and got the right reset key right after, which he used to change your password. Therefore here are my questions for you:

• Was your email password strong too?
• Are you sure you NEVER logged into your email from any other place than your home, on a safe computer (ie. never used that email from a mobile device, for example)

So basically, the attacker gained control of his email account, reset the MtGox password, then stole the coins.

I see this as a definite possibility, especially if his email password wasn't very strong.  As soon as that MtGox list got out, his email address was out there too.  Someone may have brute-forced (or otherwise extracted) his email address password.

Isn't it true that IMAP email/passwords are sent in plaintext unless a secure connection is specified?  Maybe someone was sniffing his data when he connected to his mailserver, and retrieved his account password that way...

J., do you have a "Reset password" email from MtGox in your inbox or deleted mail folder?  It was probably fully deleted, but you never know... not that it would really solve anything, it would just give confirmation to MagicalTux's investigation.

I could not find such an email, with it's no harder than perosner have deleted them afterwards ... the person may very well delete it entirely using my code.

How could it have been a password by email reset hack? You said you logged into your account after coming back form holiday. If this is true then I'm assuming you used the same password as before you went on holiday and the only way that can happen is if the hacker knew your password to set it back... in which case, would they reset your password?

[Inedible]

Recover mail
mail that I sent after I tried to get into my account on Thursday 04.08.2011

I could not login with my regular password: (

You answered whilst I was writing my last post