Bitcoin Forum
December 06, 2016, 10:14:14 PM *
News: Latest stable version of Bitcoin Core: 0.13.1  [Torrent].
 
   Home   Help Search Donate Login Register  
Pages: [1] 2 3 »  All
  Print  
Author Topic: Mt. Gox hacked?  (Read 4328 times)
amazingrando
Hero Member
*****
Offline Offline

Activity: 546



View Profile
December 09, 2011, 05:47:49 PM
 #1

A few hours ago, someone was able to get into my Mt. Gox account, change the password and change the wallet address.  I have not be able to log in yet, but I assume that the a**hole that accessed my account took out my 225 btc that was in there.

Stupidly I also used the same password for a few of my pool accounts, which the hacker has since hijacked.

Has anyone else had a problem today?

Even if you haven't, be sure you're using a strong password and not using the same password among sites.

Bitbond - 105% PPS mining bond - mining payouts without buying hardware
1481062454
Hero Member
*
Offline Offline

Posts: 1481062454

View Profile Personal Message (Offline)

Ignore
1481062454
Reply with quote  #2

1481062454
Report to moderator
Advertised sites are not endorsed by the Bitcoin Forum. They may be unsafe, untrustworthy, or illegal in your jurisdiction. Advertise here.
1481062454
Hero Member
*
Offline Offline

Posts: 1481062454

View Profile Personal Message (Offline)

Ignore
1481062454
Reply with quote  #2

1481062454
Report to moderator
amazingrando
Hero Member
*****
Offline Offline

Activity: 546



View Profile
December 09, 2011, 06:00:14 PM
 #2

Update:

Here is the hacker's wallet ID:
1G4ij7kiUqpV8Cz3omtubLthM1Bmo9wmML

http://blockexplorer.com/q/getreceivedbyaddress/1G4ij7kiUqpV8Cz3omtubLthM1Bmo9wmML

Shows he took 238 btc from me.

Bitbond - 105% PPS mining bond - mining payouts without buying hardware
sturle
Legendary
*
Offline Offline

Activity: 1418

http://bitmynt.no


View Profile WWW
December 09, 2011, 06:04:45 PM
 #3

Even if you haven't, be sure you're using a strong password and not using the same password among sites.
A Yubikey may be worth all your bitcoins.  Get one and use it.  At least for withdrawals.

Sjå http://bitmynt.no for veksling av bitcoin mot norske kroner.  Trygt, billig, raskt og enkelt sidan 2010.
I buy with EUR and other currencies at a fair market price when you want to sell.  See http://bitmynt.no/eurprice.pl
I support the roadmap.  If a majority of miners ever try to forcefully take control of Bitcoin through a hard fork without 100% consensus, I will immediately split out and dump all my forkcoins, and buy more real Bitcoin.
amazingrando
Hero Member
*****
Offline Offline

Activity: 546



View Profile
December 09, 2011, 06:08:08 PM
 #4

A Yubikey may be worth all your bitcoins.  Get one and use it.  At least for withdrawals.

I made two critical mistakes: 1) leaving btc in Mt Gox as opposed to my encrypted wallet, 2) being lazy about sharing passwords.

You are right, though, I should have had a Yubikey.  Mt. Gox really should have some form of two factor authentication beyond the yubikey.

Bitbond - 105% PPS mining bond - mining payouts without buying hardware
amazingrando
Hero Member
*****
Offline Offline

Activity: 546



View Profile
December 09, 2011, 06:09:09 PM
 #5

IP address the hacker used:

196.200.102.6

Bitbond - 105% PPS mining bond - mining payouts without buying hardware
cablepair
Hero Member
*****
Offline Offline

Activity: 854


https://btc-republic.com/index.php?ref=cablepair


View Profile WWW
December 09, 2011, 06:10:50 PM
 #6

amazingrando my friend! I am so sorry to hear that!

The person probably GOT your password from one of the pools you use. Most pools use mysql and they are really easy to do an injection attack and gain access - it's either that or a dishonest pool admin.

Either way those are far more likely to be true than MTGox being hacked.
amazingrando
Hero Member
*****
Offline Offline

Activity: 546



View Profile
December 09, 2011, 06:21:00 PM
 #7

amazingrando my friend! I am so sorry to hear that!

The person probably GOT your password from one of the pools you use. Most pools use mysql and they are really easy to do an injection attack and gain access - it's either that or a dishonest pool admin.

Either way those are far more likely to be true than MTGox being hacked.

I thought the same thing.  The only reason I thought it might be Mt. Gox being hacked (besides other people having the same issue) is that the first change to any of my accounts was at Mt. Gox.  Accessing my pool accounts came afterward.

Bitbond - 105% PPS mining bond - mining payouts without buying hardware
SgtSpike
Legendary
*
Offline Offline

Activity: 1344



View Profile
December 09, 2011, 06:28:13 PM
 #8

Sucks, that was a lot of money.  Sad
proudhon
Legendary
*
Offline Offline

Activity: 1148



View Profile
December 09, 2011, 06:30:43 PM
 #9

amazingrando my friend! I am so sorry to hear that!

The person probably GOT your password from one of the pools you use. Most pools use mysql and they are really easy to do an injection attack and gain access - it's either that or a dishonest pool admin.

Either way those are far more likely to be true than MTGox being hacked.

I thought the same thing.  The only reason I thought it might be Mt. Gox being hacked (besides other people having the same issue) is that the first change to any of my accounts was at Mt. Gox.  Accessing my pool accounts came afterward.

That was probably done intentionally to keep from raising red flags.  Had you noticed suspicious activity or discovered your pool account hacked I'm sure (I hope) you would have changed passwords on any related websites.  I'm very sorry that happened.  You really should get a YubiKey.
jamesg
VIP
Legendary
*
Offline Offline

Activity: 1330


AKA: gigavps


View Profile
December 09, 2011, 06:35:03 PM
 #10

amazingrando my friend! I am so sorry to hear that!

The person probably GOT your password from one of the pools you use. Most pools use mysql and they are really easy to do an injection attack and gain access - it's either that or a dishonest pool admin.

Either way those are far more likely to be true than MTGox being hacked.

I thought the same thing.  The only reason I thought it might be Mt. Gox being hacked (besides other people having the same issue) is that the first change to any of my accounts was at Mt. Gox.  Accessing my pool accounts came afterward.

That was probably done intentionally to keep from raising red flags.  Had you noticed suspicious activity or discovered your pool account hacked I'm sure (I hope) you would have changed passwords on any related websites.  I'm very sorry that happened.  You really should get a YubiKey.

And never use the same password twice. Last pass is free. -> https://lastpass.com/
mixmastermine
Jr. Member
*
Offline Offline

Activity: 37



View Profile
December 09, 2011, 06:44:53 PM
 #11

Amazingrando,

If you (or anyone else) need a Yubikey, I have a Mt. Gox code for a free Yubikey for sale for 6 BTC.
bitfoo
Donator
Sr. Member
*
Offline Offline

Activity: 289



View Profile
December 09, 2011, 06:48:33 PM
 #12

I thought the same thing.  The only reason I thought it might be Mt. Gox being hacked (besides other people having the same issue) is that the first change to any of my accounts was at Mt. Gox.  Accessing my pool accounts came afterward.

Tough luck, amazingrando! Would you care to reveal the pools you were using, so that other users of those pools can be on high alert, check their payout addresses, change their passwords, etc?

proudhon
Legendary
*
Offline Offline

Activity: 1148



View Profile
December 09, 2011, 06:49:00 PM
 #13

Amazingrando,

If you (or anyone else) need a Yubikey, I have a Mt. Gox code for a free Yubikey for sale for 6 BTC.

Anyone know, can you have more than one YubiKey for the same account?
casascius
Mike Caldwell
VIP
Legendary
*
Offline Offline

Activity: 1344


The Casascius 1oz 10BTC Silver Round (w/ Gold B)


View Profile WWW
December 09, 2011, 06:50:37 PM
 #14

You are right, though, I should have had a Yubikey.  Mt. Gox really should have some form of two factor authentication beyond the yubikey.

I will say this though: the yubikey is going to save you from the vast majority of the attacks that are actually happening.

The Yubikey most certainly would have prevented this.

I hesitated to get a Yubikey, and then one day MtGox offered me a free one (probably since I made a rather large deposit).  Now that I have it, in retrospect, if I felt then how I feel about it now, I would have quickly paid for one.

Companies claiming they got hacked and lost your coins sounds like fraud so perfect it could be called fashionable.  I never believe them.  If I ever experience the misfortune of a real intrusion, I declare I have been honest about the way I have managed the keys in Casascius Coins.  I maintain no ability to recover or reproduce the keys, not even under limitless duress or total intrusion.  Remember that trusting strangers with your coins without any recourse is, as a matter of principle, not a best practice.  Don't keep coins online. Use paper wallets instead.
casascius
Mike Caldwell
VIP
Legendary
*
Offline Offline

Activity: 1344


The Casascius 1oz 10BTC Silver Round (w/ Gold B)


View Profile WWW
December 09, 2011, 06:55:12 PM
 #15

Anyone know, can you have more than one YubiKey for the same account?

Do you carry more than one set of keys?  The YubiKey fits nicely on a keychain.

As a backup, you could always pop your Yubikey into a text editor and spit out a few one time passwords, print them, and carry them with you.  They can only be used sequentially, so the next time you really use your Yubikey, all of the prior ones will become void.  It kind of sucks to hand-key 30+ nonsense characters at once, but it's at least an option if you think you might be out in the boonies with nothing but a smartphone next time the price drops or something and you want to do some trading.

You could also e-mail yourself a large list of one-time passwords, and use them one by one via the clipboard.  Sure, that's somewhat less secure than using the physical key, but at least someone can't withdraw with them (withdrawal requires a one time password from a completely different secret key, which you get by holding the Yubikey button down for longer than 3 seconds)

Companies claiming they got hacked and lost your coins sounds like fraud so perfect it could be called fashionable.  I never believe them.  If I ever experience the misfortune of a real intrusion, I declare I have been honest about the way I have managed the keys in Casascius Coins.  I maintain no ability to recover or reproduce the keys, not even under limitless duress or total intrusion.  Remember that trusting strangers with your coins without any recourse is, as a matter of principle, not a best practice.  Don't keep coins online. Use paper wallets instead.
MysteryMiner
Legendary
*
Offline Offline

Activity: 910



View Profile
December 09, 2011, 06:57:56 PM
 #16

Using the same password in multiple places is Your mistake. Probably Poll got hacked first. Or maybe dishonest pool operator took your bitcoins. Or maybe the password was sniffed from the pool because of lack or improperly implemented SSL. This is possible even if You system is 100% secure and malware free. Most windows computers today run by non-expert users are infected with one or another malware because of user error.

Lastpass is not 100% secure. Where is the guarantee that the lastpass does not keep all the passords provided? Better use KeePass software on Your computer to generate, store and backup the passwords.

Yubikey is overkill. If You computer and MtGox are safe, there is no need for one. If MtGox are hacked and database are accessed, the coins can be stolen anyway. I would love to have the key in my disposal just to play around with it, but I feel safe and know I'm safe without yubikey, because I take all precautions to keep all my coins safe on my computer and know how such things are done.

1LEaxxAh1LKFUvDKYVhiMEVAHRM7K5o7cF
notme
Legendary
*
Offline Offline

Activity: 1526


View Profile
December 09, 2011, 07:11:06 PM
 #17

If all the actors play nice it will be fine < Yubikey

Yubikey would have protected your account.

https://www.bitcoin.org/bitcoin.pdf
While no idea is perfect, some ideas are useful.
12jh3odyAAaR2XedPKZNCR4X4sebuotQzN
amazingrando
Hero Member
*****
Offline Offline

Activity: 546



View Profile
December 09, 2011, 07:16:33 PM
 #18

Tough luck, amazingrando! Would you care to reveal the pools you were using, so that other users of those pools can be on high alert, check their payout addresses, change their passwords, etc?

I have accounts on almost every pool.   The first pool I got a notice of a wallet change was deepbit.  Then slush, btcguild, and bitclockers.

I am going through accounts right now to see what others were compromised

Bitbond - 105% PPS mining bond - mining payouts without buying hardware
amazingrando
Hero Member
*****
Offline Offline

Activity: 546



View Profile
December 09, 2011, 07:19:50 PM
 #19

Using the same password in multiple places is Your mistake. Probably Poll got hacked first. Or maybe dishonest pool operator took your bitcoins. Or maybe the password was sniffed from the pool because of lack or improperly implemented SSL. This is possible even if You system is 100% secure and malware free. Most windows computers today run by non-expert users are infected with one or another malware because of user error.

Lastpass is not 100% secure. Where is the guarantee that the lastpass does not keep all the passords provided? Better use KeePass software on Your computer to generate, store and backup the passwords.

Yubikey is overkill. If You computer and MtGox are safe, there is no need for one. If MtGox are hacked and database are accessed, the coins can be stolen anyway. I would love to have the key in my disposal just to play around with it, but I feel safe and know I'm safe without yubikey, because I take all precautions to keep all my coins safe on my computer and know how such things are done.

I would agree that a Yukibey isn't necessary.  It would have protected me in this case, but just not doing stupid things like sharing passwords across accounts would have helped.  I don't do a lot of withdrawals, so using the Yubikey wouldn't be that much of an issue.  I'll probably pick one up.  $18 for a Yubikey could have saved me $700 of losses.

Hope the guy who did this encounters some nasty bad karma

Bitbond - 105% PPS mining bond - mining payouts without buying hardware
MysteryMiner
Legendary
*
Offline Offline

Activity: 910



View Profile
December 09, 2011, 07:26:36 PM
 #20

Quote
It would have protected me in this case, but just not doing stupid things like sharing passwords across accounts would have helped
Using unique and unrelated passwords are the golden rule of security. Some learn it in a hard way.
Quote
a Yubikey could have saved me $700 of losses.

Hope the guy who did this encounters some nasty bad karma
There is no such thing as karma. For what I have done, I'm pretty fine. Probably the guy who did this just jizzed his pants and monitor.

1LEaxxAh1LKFUvDKYVhiMEVAHRM7K5o7cF
Pages: [1] 2 3 »  All
  Print  
 
Jump to:  

Sponsored by , a Bitcoin-accepting VPN.
Powered by MySQL Powered by PHP Powered by SMF 1.1.19 | SMF © 2006-2009, Simple Machines Valid XHTML 1.0! Valid CSS!