Possible false alarm: MtGox break in

[DiabloD3]

my bet is Diablo has had his forum acct hacked.  look, he puts up an OP then refuses to elaborate?

this could be a new tactic from the banker/gov't trolls lurking here to combat Bitcoin.  an "allten" guy here is advocating clearing out your mtgox accts as well to force an audit which makes no sense if he really was concerned about bitcoin or mtgox as it would cause a bank run like event killing mtgox.

Having my forum account "hacked" (which theymos does not believe has happened to anyone because everyone changed their passwords too fast) cannot be related to mtgox getting hacked. I use two different passwords if the op post wasn't clear by the use of the word unique.

[DiabloD3]

At this moment, I'm questioning if DiabloD3 really posted this thread, I smelll something fishy here.
Maybe the forum (or DiabloD3 account) is compromised again.

Nope, its really me. Hi.

[gusti]

At this moment, I'm questioning if DiabloD3 really posted this thread, I smelll something fishy here.
Maybe the forum (or DiabloD3 account) is compromised again.

Nope, its really me. Hi.

Really ? Please show your ID.   

[niko]

I'm out of here. Goodbye.

[DiabloD3]

I notified MagicTux through his support email, and he sent back a useless form letter as a reply.

Hello,


Recently there has been a large increase in the number of “phishing” attacks that have been made against the users of Mt.Gox.

Phishing involves deceiving users through fake emails or websites into providing their user name and password to the phisher, who then uses this information to log into the account and withdraw as many funds as they are able into their own bank account.

Phishing is another form of Internet crime similar to hacking which has steadily become more prevalent with the increase of Internet banking, shopping and exchange services. We urge our users to be cautious of phishing attacks, not only when accessing Mt.Gox but when providing any personal information over the Internet.

While the following steps cannot protect users completely from phishing, they will ensure that any attempt to steal personal information is far less successful:

-Always check the URL in the address bar of your browser when logging into Mt.Gox. It should read “https://mtgox.com”.
-Never click on hyperlinks in emails to access Mt.Gox.
-If you are ever unsure of the veracity of an email’s contents, contact Mt.Gox Support. We will be more than happy to confirm whether or not the email you have received is authentic.
-Be aware that Mt.Gox will never contact you by email asking for your user name or password.
-Check the security certificate of the website you are logging into. In modern browsers, this can be done by looking at the address bar and checking whether or not a blue certificate appears to the left of the address.
-Mt.Gox will soon implement the VeriSign EV Authentication certificate, which will make the address bar turn green when you are accessing the real Mt.Gox website.
-Use anti-virus software at all times. A number of anti-virus programmes include anti-phishing features which will notify you when you are accessing a suspect website.

We sincerely apologize for the inconvenience our users have suffered at the hands of phishers, and are doing all that we can to prevent further attacks in the future.

Thanks,

MtGox.com Team

I consider this a smoking gun.

[stsbrad]

so you are staff here. developer? seen it all done it all bitcoin related. and you still chose to leave your money on an exchange that was compromised before and never decided that two factor auth might be a good idea? bro... I'm sorry but c'mon. I know if they have been compromised they are the LARGER part of the problem don't get me wrong but shit. you should know better.

[ctoon6]

my bet is Diablo has had his forum acct hacked.  look, he puts up an OP then refuses to elaborate?

this could be a new tactic from the banker/gov't trolls lurking here to combat Bitcoin.  an "allten" guy here is advocating clearing out your mtgox accts as well to force an audit which makes no sense if he really was concerned about bitcoin or mtgox as it would cause a bank run like event killing mtgox.

Having my forum account "hacked" (which theymos does not believe has happened to anyone because everyone changed their passwords too fast) cannot be related to mtgox getting hacked. I use two different passwords if the op post wasn't clear by the use of the word unique.

do you have a key we can verify?

[ElectricMucus]

So far I can come up with 5 possible scenarios:

-mtgox is compromised and are covering it up.
-mtgox deliberately messing with Diablo3Ds account.
-Diablo3Ds computer/account is compromised.
-Diablo3D is posting disinformation.
-a third party is engaging in a cyberwar against bitcoin using man in the middle attacks.
/tinfoilhat mode off

[ctoon6]

At this moment, I'm questioning if DiabloD3 really posted this thread, I smelll something fishy here.
Maybe the forum (or DiabloD3 account) is compromised again.

Nope, its really me. Hi.

Long form birth certificate, please.

starting to sound like a certain incident involving a certain president we currently have...

[bitrick]

So far I can come up with 5 possible scenarios:

-mtgox is compromised and are covering it up.
-mtgox deliberately messing with Diablo3Ds account.
-Diablo3Ds computer/account is compromised.
-Diablo3D is posting disinformation.
-a third party is engaging in a cyberwar against bitcoin using man in the middle attacks.
/tinfoilhat mode off

Perhaps we should take a poll?

[ctoon6]

So far I can come up with 5 possible scenarios:

-mtgox is compromised and are covering it up.
-mtgox deliberately messing with Diablo3Ds account.
-Diablo3Ds computer/account is compromised.
-Diablo3D is posting disinformation.
-a third party is engaging in a cyberwar against bitcoin using man in the middle attacks.
/tinfoilhat mode off

Perhaps we should take a poll?

what good is a poll, all that matters is what is, not what people think.

[Shortline]

I notified MagicTux through his support email, and he sent back a useless form letter as a reply.

Hello,


Recently there has been a large increase in the number of “phishing” attacks that have been made against the users of Mt.Gox.

I consider this a smoking gun.

It probably is.

But he may have just forgotten who you are. Perhaps he thinks your some run-of-the-mill bitcoin crackpot. I don't know if you've noticed, but there are more than a few of those around.

[geek-trader]

So far I can come up with 5 possible scenarios:

-mtgox is compromised and are covering it up.
-mtgox deliberately messing with Diablo3Ds account.
-Diablo3Ds computer/account is compromised.
-Diablo3D is posting disinformation.
-a third party is engaging in a cyberwar against bitcoin using man in the middle attacks.
/tinfoilhat mode off

Perhaps we should take a poll?

what good is a poll, all that matters is what is, not what people think.

As far as the short term price of BTC goes, what matters is what people think, not what is. 

[DiabloD3]

-a third party is engaging in a cyberwar against bitcoin using man in the middle attacks.

After a lengthy conversation with MagicTux, unless it does turn up that mtgox has been hacked, neither of us can figure out what happened. Its obviously not me and I didn't fall for a phishing expedition, and Im pretty sure its not on his end. His description of security on the new post-hack mtgox is pretty decent. Its not perfect, but he has gone to great lengths to prevent a repeat.

Even if they dumped the password database, the passwords are sufficiently salted and hashed that it is extremely unlikely they grabbed my password first.

I also do not think it is likely the recent DigiNotar or Globalsign break ins have produced SSL certs to attack mtgox with (which WOULD explain this) because mtgox uses EV certs and as far as I know none of the fake certs were for EV, but DigiNotar and Globalsign both DO issue EV certs. Although I am not ruling this out.

DigiNotar knew about the break in for months, and I obviously have logged in since then.

Tux has replaced the missing BTC.

[fastandfurious]

-a third party is engaging in a cyberwar against bitcoin using man in the middle attacks.

After a lengthy conversation with MagicTux, unless it does turn up that mtgox has been hacked, neither of us can figure out what happened. Its obviously not me and I didn't fall for a phishing expedition, and Im pretty sure its not on his end. His description of security on the new post-hack mtgox is pretty decent. Its not perfect, but he has gone to great lengths to prevent a repeat.

Even if they dumped the password database, the passwords are sufficiently salted and hashed that it is extremely unlikely they grabbed my password first.

I also do not think it is likely the recent DigiNotar or Globalsign break ins have produced SSL certs to attack mtgox with (which WOULD explain this) because mtgox uses EV certs and as far as I know none of the fake certs were for EV, but DigiNotar and Globalsign both DO issue EV certs. Although I am not ruling this out.

DigiNotar knew about the break in for months, and I obviously have logged in since then.

Tux has replaced the missing BTC.

Asking once again. Do you use a Yubikey on Mt.Gox?

[stsbrad]

easy answer. no

[DiabloD3]

-a third party is engaging in a cyberwar against bitcoin using man in the middle attacks.

After a lengthy conversation with MagicTux, unless it does turn up that mtgox has been hacked, neither of us can figure out what happened. Its obviously not me and I didn't fall for a phishing expedition, and Im pretty sure its not on his end. His description of security on the new post-hack mtgox is pretty decent. Its not perfect, but he has gone to great lengths to prevent a repeat.

Even if they dumped the password database, the passwords are sufficiently salted and hashed that it is extremely unlikely they grabbed my password first.

I also do not think it is likely the recent DigiNotar or Globalsign break ins have produced SSL certs to attack mtgox with (which WOULD explain this) because mtgox uses EV certs and as far as I know none of the fake certs were for EV, but DigiNotar and Globalsign both DO issue EV certs. Although I am not ruling this out.

DigiNotar knew about the break in for months, and I obviously have logged in since then.

Tux has replaced the missing BTC.

Asking once again. Do you use a Yubikey on Mt.Gox?

As Ive said in the past, I do not believe that they improve security.

[fcmatt]

Do not improve security? How could it possibly hurt or at least be neutral?
It seems it would have stopped this whole problem easily unless the attacker was using a more sophisticated method.

[cypherdoc]

-a third party is engaging in a cyberwar against bitcoin using man in the middle attacks.

After a lengthy conversation with MagicTux, unless it does turn up that mtgox has been hacked, neither of us can figure out what happened. Its obviously not me and I didn't fall for a phishing expedition, and Im pretty sure its not on his end. His description of security on the new post-hack mtgox is pretty decent. Its not perfect, but he has gone to great lengths to prevent a repeat.

Even if they dumped the password database, the passwords are sufficiently salted and hashed that it is extremely unlikely they grabbed my password first.

I also do not think it is likely the recent DigiNotar or Globalsign break ins have produced SSL certs to attack mtgox with (which WOULD explain this) because mtgox uses EV certs and as far as I know none of the fake certs were for EV, but DigiNotar and Globalsign both DO issue EV certs. Although I am not ruling this out.

DigiNotar knew about the break in for months, and I obviously have logged in since then.

Tux has replaced the missing BTC.

i'm sure at his own expense too.  you should at least say thank you.

i'm sick and tired of ppl blaming mtgox and MagTux as some sort of lying crook.  if he were would he have done this?  as well as bailing out Bitomat and donating many btc to charity and btc businesses?

[phantomcircuit]

-a third party is engaging in a cyberwar against bitcoin using man in the middle attacks.

After a lengthy conversation with MagicTux, unless it does turn up that mtgox has been hacked, neither of us can figure out what happened. Its obviously not me and I didn't fall for a phishing expedition, and Im pretty sure its not on his end. His description of security on the new post-hack mtgox is pretty decent. Its not perfect, but he has gone to great lengths to prevent a repeat.

Even if they dumped the password database, the passwords are sufficiently salted and hashed that it is extremely unlikely they grabbed my password first.

I also do not think it is likely the recent DigiNotar or Globalsign break ins have produced SSL certs to attack mtgox with (which WOULD explain this) because mtgox uses EV certs and as far as I know none of the fake certs were for EV, but DigiNotar and Globalsign both DO issue EV certs. Although I am not ruling this out.

DigiNotar knew about the break in for months, and I obviously have logged in since then.

Tux has replaced the missing BTC.

I believe that fraudulent EV certificates were issued.