Bitcoin Forum
October 22, 2016, 04:17:05 PM *
News: Latest stable version of Bitcoin Core: 0.13.0  [Torrent].
   Home   Help Search Donate Login Register  
Pages: [1]
Author Topic: Beware of Mt. Gox Phishing Attack! And how we can reduce the risk for OTHERS.  (Read 1616 times)
Hero Member
Offline Offline

Activity: 490

View Profile WWW
September 13, 2011, 03:28:12 PM

Just now I received an email, reads this:

Dear Mt.Gox user,

Your account will be blocked for violating the rules of exchange.

The Mt.Gox team

The link will direct you to

It's a frame webpage with inner URL of

If you enter your password, it will record it down and redirect you to the real Mt. Gox login page. So you may not have realized the problem if you typed your password again and got in.

Do enter your real password. You're welcomed to enter fake passwords!

I have set up a bot to randomly generate real-looking usernames and passwords like:

>> username
=> "brianb"
>> password
=> "HerbertWhite69"


>> username
=> "pauljoseph"
>> password
=> "B8LdoTvYquht"

(There are ten different formats with a lot of random uncertainty. I'm sure that the attacker can't filter them algorithmically even if I publicize these two examples. So don't worry.)

These fake usernames will be sent to the phishing login every few seconds from various IP addresses.

I encourage other developers to do the same, using your own random formats. Let's start the phishing-baiting game, and waste their time!

Founder of NameTerrific ( Co-founder of CoinJar (

Donations for my future Bitcoin projects: 19Uk3tiD5XkBcmHyQYhJxp9QHoub7RosVb
Creating a Bitcoin client that fully implements the network protocol is extremely difficult. Bitcoin-Qt is the only known safe implementation of a full node. Some other projects attempt to compete, but it is not recommended to use such software for anything serious. (Lightweight clients like Electrum and MultiBit are OK.)
Advertised sites are not endorsed by the Bitcoin Forum. They may be unsafe, untrustworthy, or illegal in your jurisdiction. Advertise here.
Sr. Member
Offline Offline

Activity: 454

View Profile
September 13, 2011, 03:36:38 PM

Pages: [1]
Jump to:  

Sponsored by , a Bitcoin-accepting VPN.
Powered by MySQL Powered by PHP Powered by SMF 1.1.19 | SMF © 2006-2009, Simple Machines Valid XHTML 1.0! Valid CSS!