Bitcoin Forum
April 17, 2014, 01:09:13 AM *
News: ♦♦ A bug in OpenSSL, used by Bitcoin-Qt/Bitcoin Core, could allow your bitcoins to be stolen. Immediately updating Bitcoin Core to 0.9.1 is required in some cases, especially if you're using 0.9.0. Download. More info.
The same bug also affected the forum. Changing your forum password is recommended.
 
   Home   Help Search Donate Login Register  
Pages: [1]
  Print  
Author Topic: Beware of Mt. Gox Phishing Attack! And how we can reduce the risk for OTHERS.  (Read 1096 times)
zhoutong
VIP
Hero Member
*
Offline Offline

Activity: 490


View Profile WWW

Ignore
September 13, 2011, 03:28:12 PM
 #1

Just now I received an email, reads this:


Dear Mt.Gox user,

Your account will be blocked for violating the rules of exchange.
Details:https://www.mgtox.com/users/blocked

Thanks,
The Mt.Gox team


The link will direct you to http://www.mtgzx.tk/users/blocked.

It's a frame webpage with inner URL of http://ewf43wef.tmweb.ru/.

If you enter your password, it will record it down and redirect you to the real Mt. Gox login page. So you may not have realized the problem if you typed your password again and got in.

Do enter your real password. You're welcomed to enter fake passwords!


I have set up a bot to randomly generate real-looking usernames and passwords like:

>> username
=> "brianb"
>> password
=> "HerbertWhite69"

OR

>> username
=> "pauljoseph"
>> password
=> "B8LdoTvYquht"

(There are ten different formats with a lot of random uncertainty. I'm sure that the attacker can't filter them algorithmically even if I publicize these two examples. So don't worry.)

These fake usernames will be sent to the phishing login every few seconds from various IP addresses.

I encourage other developers to do the same, using your own random formats. Let's start the phishing-baiting game, and waste their time!

Founder of NameTerrific (https://www.nameterrific.com/). Co-founder of CoinJar (https://coinjar.io/)

Donations for my future Bitcoin projects: 19Uk3tiD5XkBcmHyQYhJxp9QHoub7RosVb
1397696953
Hero Member
*
Offline Offline

Posts: 1397696953

View Profile Personal Message (Offline)

Ignore
1397696953
Reply with quote  #2

1397696953
Report to moderator
1397696953
Hero Member
*
Offline Offline

Posts: 1397696953

View Profile Personal Message (Offline)

Ignore
1397696953
Reply with quote  #2

1397696953
Report to moderator
CoinReporting   A Portfolio Manager For All Your Digital Currencies
» Join Now For FREE «

Advertised sites are not endorsed by the Bitcoin Forum. They may be unsafe, untrustworthy, or illegal in your jurisdiction. Advertise here.
1397696953
Hero Member
*
Offline Offline

Posts: 1397696953

View Profile Personal Message (Offline)

Ignore
1397696953
Reply with quote  #2

1397696953
Report to moderator
1397696953
Hero Member
*
Offline Offline

Posts: 1397696953

View Profile Personal Message (Offline)

Ignore
1397696953
Reply with quote  #2

1397696953
Report to moderator
1397696953
Hero Member
*
Offline Offline

Posts: 1397696953

View Profile Personal Message (Offline)

Ignore
1397696953
Reply with quote  #2

1397696953
Report to moderator
1397696953
Hero Member
*
Offline Offline

Posts: 1397696953

View Profile Personal Message (Offline)

Ignore
1397696953
Reply with quote  #2

1397696953
Report to moderator
Maria
Sr. Member
****
Offline Offline

Activity: 441



View Profile

Ignore
September 13, 2011, 03:36:38 PM
 #2

YES YOUNG MAN!!!
Pages: [1]
  Print  
 
Jump to:  

Sponsored by , a Bitcoin-accepting VPN.
Powered by MySQL Powered by PHP Powered by SMF 1.1.19 | SMF © 2006-2009, Simple Machines Valid XHTML 1.0! Valid CSS!