Bitcoin Forum
March 29, 2024, 08:32:41 AM *
News: Latest Bitcoin Core release: 26.0 [Torrent]
 
   Home   Help Search Login Register More  
Pages: [1]
  Print  
Author Topic: Victim of pishing in MtGox  (Read 3060 times)
mineriapepe (OP)
Newbie
*
Offline Offline

Activity: 23
Merit: 0


View Profile
December 24, 2011, 09:42:04 PM
 #1

Hello. Lamentably I was a victim of pishing from Mtgix.tk. , asking me for a MtGox verification. Angry All my funds are gone. I send a mail to MtGox to abort the transactions. Do it work???

Thanks. 
1711701161
Hero Member
*
Offline Offline

Posts: 1711701161

View Profile Personal Message (Offline)

Ignore
1711701161
Reply with quote  #2

1711701161
Report to moderator
1711701161
Hero Member
*
Offline Offline

Posts: 1711701161

View Profile Personal Message (Offline)

Ignore
1711701161
Reply with quote  #2

1711701161
Report to moderator
"In a nutshell, the network works like a distributed timestamp server, stamping the first transaction to spend a coin. It takes advantage of the nature of information being easy to spread but hard to stifle." -- Satoshi
Advertised sites are not endorsed by the Bitcoin Forum. They may be unsafe, untrustworthy, or illegal in your jurisdiction.
1711701161
Hero Member
*
Offline Offline

Posts: 1711701161

View Profile Personal Message (Offline)

Ignore
1711701161
Reply with quote  #2

1711701161
Report to moderator
btc_artist
Full Member
***
Offline Offline

Activity: 154
Merit: 101

Bitcoin!


View Profile WWW
December 24, 2011, 09:44:11 PM
 #2

Bitcoin transactions cannot be aborted.

BTC: 1CDCLDBHbAzHyYUkk1wYHPYmrtDZNhk8zf
LTC: LMS7SqZJnqzxo76iDSEua33WCyYZdjaQoE
JusticeForYou
VIP
Sr. Member
*
Offline Offline

Activity: 490
Merit: 271



View Profile
December 24, 2011, 09:46:20 PM
 #3

You clicked the link...  Undecided

The site is was not very accurate, was missing the CA...,

You can, I guess, fill out a ticket and see... but I doubt it.

Use the real site http://support.mtgox.com  this time.

Sorry to here it.

.
..1xBit.com   Super Six..
▄█████████████▄
████████████▀▀▀
█████████████▄
█████████▌▀████
██████████  ▀██
██████████▌   ▀
████████████▄▄
███████████████
███████████████
███████████████
███████████████
███████████████
▀██████████████
███████████████
█████████████▀
█████▀▀       
███▀ ▄███     ▄
██▄▄████▌    ▄█
████████       
████████▌     
█████████    ▐█
██████████   ▐█
███████▀▀   ▄██
███▀   ▄▄▄█████
███ ▄██████████
███████████████
███████████████
███████████████
███████████████
███████████████
███████████████
███████████▀▀▀█
██████████     
███████████▄▄▄█
███████████████
███████████████
███████████████
███████████████
███████████████
         ▄█████
        ▄██████
       ▄███████
      ▄████████
     ▄█████████
    ▄███████
   ▄███████████
  ▄████████████
 ▄█████████████
▄██████████████
  ▀▀███████████
      ▀▀███
████
          ▀▀
          ▄▄██▌
      ▄▄███████
     █████████▀

 ▄██▄▄▀▀██▀▀
▄██████     ▄▄▄
███████   ▄█▄ ▄
▀██████   █  ▀█
 ▀▀▀
    ▀▄▄█▀
▄▄█████▄    ▀▀▀
 ▀████████
   ▀█████▀ ████
      ▀▀▀ █████
          █████
       ▄  █▄▄ █ ▄
     ▀▄██▀▀▀▀▀▀▀▀
      ▀ ▄▄█████▄█▄▄
    ▄ ▄███▀    ▀▀ ▀▀▄
  ▄██▄███▄ ▀▀▀▀▄  ▄▄
  ▄████████▄▄▄▄▄█▄▄▄██
 ████████████▀▀    █ ▐█
██████████████▄ ▄▄▀██▄██
 ▐██████████████    ▄███
  ████▀████████████▄███▀
  ▀█▀  ▐█████████████▀
       ▐████████████▀
       ▀█████▀▀▀ █▀
.
Premier League
LaLiga
Serie A
.
Bundesliga
Ligue 1
Primeira Liga
.
..TAKE PART..
mineriapepe (OP)
Newbie
*
Offline Offline

Activity: 23
Merit: 0


View Profile
December 24, 2011, 09:56:39 PM
 #4

You clicked the link...  Undecided

The site is was not very accurate, was missing the CA...,

You can, I guess, fill out a ticket and see... but I doubt it.

Use the real site http://support.mtgox.com  this time.

Sorry to here it.

Thanks, I send the tickets already in the correct place Wink

The green dot of the start of .tk domains, confused me.  Embarrassed
Otoh
Donator
Legendary
*
Offline Offline

Activity: 3024
Merit: 1104



View Profile
December 28, 2011, 01:48:35 PM
 #5

I received this phishing email in the last 24 hours (my email was on the original leaked list - surprised that they took this long to get around to it), forwarded it to Mt.Gox

from:    info@mtgox.com via de1.imhoster.net
sender time: redacted
reply-to:    info@mtgox.com
to:    redacted
date:    27 December 2011
subject:    [Mt.Gox] Your account is currently pending review.
mailed-by:    de1.imhoster.net

Dear Mt.Gox user,

Your account is currently pending review, please visit https://mtgox.com/forms/verification
For those users who have had their accounts marked for review, an explanation of why were are implementing these security measures can be found here:

Security Measures Explained

“Verified” Accounts are eligible for monthly/daily transaction limits of up to 5 times the monthly limit and 10 times the daily limit.

In order to apply for the “Verified” account status please attach a copy of the following documents:
- Your government issued photo ID (passport, permanent residence card or driver’s license) and
- A scan of either your monthly utility bill (power, phone, TV, gas, water, etc.) or a certificate of residency issued by your local government.

Thanks,
The Mt.Gox team

...these were the dodgy links in it going to:

http://www.mtgkx.tk/forms/verification
http://www.mtgkx.tk/entries/20471711-security-measures-explained

Genuine Mt.Gox reply:

Hello Redacted,

Thank you, this is indeed a phishing attempt. We will never send you an email asking you to log in anywhere, although we may occasionally send emails pointing you to the support page for information updates.

The email you provided has been documented, and will be used in our efforts to prevent phishers from continuing to target our users.

Kind regards,

Mt.Gox Support

BTC = $c²     My BTC addie = 1otohotohMoQoxHuxLBveQiZcV3Pji3Tc 
Bitstamp Exchange: Referal Code
CHARITY | MY REP | PREDICTION 1 | PREDICTION 2 | PREDICTION 3
DeathAndTaxes
Donator
Legendary
*
Offline Offline

Activity: 1218
Merit: 1063


Gerald Davis


View Profile
December 28, 2011, 02:01:27 PM
 #6

I have wondered why Mt. Gox doesn't implement an optional irrevocable timer.

User sets a 1 hour to 48 hour delay timer.  Once set this timer can't be removed or reduced without waiting timeout period.

1) User (or attacker makes withdraw attempt)
2) User email (and possible SMS) is notified.
3) Timer engages.  If user set a 24 hour delay then funds will transfer in 24 hours.
4) If transfer is valid then user does nothing and in 24 hours funds will transfer.
5) If transfer if bogus then user aborts the transfer.

Making other "high security" changes would also require notification and delay timer period.
* changing email address
* adding new bank account for wire transfers


Yeah it would be less convenient is user wants to move funds rapidly but it would be user optional.  Users can each choose the compromise between security and convenience.
finway
Hero Member
*****
Offline Offline

Activity: 714
Merit: 500


View Profile
December 28, 2011, 03:17:03 PM
 #7

I think put some private "welcome message" hilighted -- like LibertyReserve does -- would somehow help.

mc_lovin
Legendary
*
Offline Offline

Activity: 1190
Merit: 1000


www.bitcointrading.com


View Profile WWW
December 28, 2011, 07:06:45 PM
 #8

I have wondered why Mt. Gox doesn't implement an optional irrevocable timer.

User sets a 1 hour to 48 hour delay timer.  Once set this timer can't be removed or reduced without waiting timeout period.

1) User (or attacker makes withdraw attempt)
2) User email (and possible SMS) is notified.
3) Timer engages.  If user set a 24 hour delay then funds will transfer in 24 hours.
4) If transfer is valid then user does nothing and in 24 hours funds will transfer.
5) If transfer if bogus then user aborts the transfer.

Making other "high security" changes would also require notification and delay timer period.
* changing email address
* adding new bank account for wire transfers


Yeah it would be less convenient is user wants to move funds rapidly but it would be user optional.  Users can each choose the compromise between security and convenience.

Thats a damn good idea, you would save so much money from being stolen!
DeathAndTaxes
Donator
Legendary
*
Offline Offline

Activity: 1218
Merit: 1063


Gerald Davis


View Profile
December 29, 2011, 03:29:21 PM
 #9

I have wondered why Mt. Gox doesn't implement an optional irrevocable timer.

User sets a 1 hour to 48 hour delay timer.  Once set this timer can't be removed or reduced without waiting timeout period.

1) User (or attacker makes withdraw attempt)
2) User email (and possible SMS) is notified.
3) Timer engages.  If user set a 24 hour delay then funds will transfer in 24 hours.
4) If transfer is valid then user does nothing and in 24 hours funds will transfer.
5) If transfer if bogus then user aborts the transfer.

Making other "high security" changes would also require notification and delay timer period.
* changing email address
* adding new bank account for wire transfers


Yeah it would be less convenient is user wants to move funds rapidly but it would be user optional.  Users can each choose the compromise between security and convenience.

Thats a damn good idea, you would save so much money from being stolen!

I was at 7-11 yesterday.  They have those time lock safes and it made me think of it. 
DeathAndTaxes
Donator
Legendary
*
Offline Offline

Activity: 1218
Merit: 1063


Gerald Davis


View Profile
December 29, 2011, 03:30:51 PM
Last edit: December 29, 2011, 06:32:02 PM by DeathAndTaxes
 #10

I have wondered why Mt. Gox doesn't implement an optional irrevocable timer.

User sets a 1 hour to 48 hour delay timer.  Once set this timer can't be removed or reduced without waiting timeout period.

1) User (or attacker makes withdraw attempt)
2) User email (and possible SMS) is notified.
3) Timer engages.  If user set a 24 hour delay then funds will transfer in 24 hours.
4) If transfer is valid then user does nothing and in 24 hours funds will transfer.
5) If transfer if bogus then user aborts the transfer.

Making other "high security" changes would also require notification and delay timer period.
* changing email address
* adding new bank account for wire transfers


Yeah it would be less convenient is user wants to move funds rapidly but it would be user optional.  Users can each choose the compromise between security and convenience.

Thats a damn good idea, you would save so much money from being stolen!

I was at 7-11 yesterday.  They have those time lock safes and it made me think of it.  

Hopefully Mt. Gox understands that layered security is the only real security.  Personally I always look for the Green Address but some people don't.

Green Address
yubikey
strong password requirement
encrypted hashed password table (w/ key hardening)
user education
time locks
etc

all together created a layered defense.
btc_artist
Full Member
***
Offline Offline

Activity: 154
Merit: 101

Bitcoin!


View Profile WWW
December 29, 2011, 04:59:19 PM
 #11

encrypted password list
If you're referring to how passwords are stored server-side, then it should be hashed, not encrypted (huge difference).  Also, they should be salted and hashed with something like bcrypt with performs key hardening, not a hash primitive like sha256.

BTC: 1CDCLDBHbAzHyYUkk1wYHPYmrtDZNhk8zf
LTC: LMS7SqZJnqzxo76iDSEua33WCyYZdjaQoE
DeathAndTaxes
Donator
Legendary
*
Offline Offline

Activity: 1218
Merit: 1063


Gerald Davis


View Profile
December 29, 2011, 06:31:29 PM
 #12

encrypted password list
If you're referring to how passwords are stored server-side, then it should be hashed, not encrypted (huge difference).  Also, they should be salted and hashed with something like bcrypt with performs key hardening, not a hash primitive like sha256.

Yeah I was thinking that just wrote encryption for some reason.  Updated.
mc_lovin
Legendary
*
Offline Offline

Activity: 1190
Merit: 1000


www.bitcointrading.com


View Profile WWW
December 30, 2011, 06:10:26 AM
 #13

I wonder how many BTC's they stole total that day?
bitcoinTrader
Sr. Member
****
Offline Offline

Activity: 364
Merit: 250


View Profile
December 31, 2011, 08:23:27 PM
 #14

I also got the same mail, stating that my account is under review.
I was shocked for a moment, since after much struggle I was able to get Verified status.
When I clicked the link, it asked for username and password, resembling the same new mtgox interface.
Then I noticed the last price, which was some $3.xx, which alarmed me, since I had seen the price at 4.6x some 5-10 minutes ago.
After that I noticed the URL and then I was sure this is phishing Smiley

Edward50
Hero Member
*****
Offline Offline

Activity: 602
Merit: 500



View Profile
February 19, 2012, 05:26:29 PM
 #15

I just got this same phishing E-mail about acounts being verified today.
It looked pretty legit also. But I knew right away it was wierd.




How the hell did they get my E-Mail address to send me this letter?

Empty your mind, be formless, shapeless — like water. Now you put water in a cup, it becomes the cup; You put water into a bottle it becomes the bottle; You put it in a teapot it becomes the teapot. Now water can flow or it can crash. Be water, my friend.
Otoh
Donator
Legendary
*
Offline Offline

Activity: 3024
Merit: 1104



View Profile
February 19, 2012, 06:13:02 PM
 #16

assume that your email address wasn't on the original Mt.Gox leaked list or you wouldn't have asked such an obvious question, personally in your case I'd be inclined to suspect Goldilocks on this one  Grin

BTC = $c²     My BTC addie = 1otohotohMoQoxHuxLBveQiZcV3Pji3Tc 
Bitstamp Exchange: Referal Code
CHARITY | MY REP | PREDICTION 1 | PREDICTION 2 | PREDICTION 3
Pages: [1]
  Print  
 
Jump to:  

Powered by MySQL Powered by PHP Powered by SMF 1.1.19 | SMF © 2006-2009, Simple Machines Valid XHTML 1.0! Valid CSS!