Bitcoin Forum
November 15, 2024, 09:25:08 PM *
News: Latest Bitcoin Core release: 28.0 [Torrent]
 
   Home   Help Search Login Register More  
Pages: [1]
  Print  
Author Topic: My MtGox account was hacked.  (Read 1909 times)
K.A.T (OP)
Member
**
Offline Offline

Activity: 78
Merit: 10



View Profile
December 25, 2011, 05:07:45 PM
 #1


 Hello,

After receiving an email that my account had been withdrwan from. I check and couldn't login. Even a 'Forgot Password' gave no result.

The withdraw info is:


There has been a withdrawal from your Mt.Gox account:

Transaction reference: 7e201d54-4109-4ba7-b87c-c02650a61adc
Date: 2011-12-25 14:51:43 GMT
IP: 84.19.169.232


After little investigation, the account seems to be a spammers IP address.

I contacted MtGox and they helped me recover the login mail. BUT and here's the catch my 4 BTC is gone!!!
Account balance is 0.000 BTC.

The account history is below to help people avoid dealing with this thief:

Sun 25 Dec 2011 02:51:43 PM GMT    Withdraw    Bitcoin withdraw to 1Bmd4BCamKMso6LymoGAHpq3y8nUFqmBfR   Amount 4 BTC   Balance 0.0000


Be careful guys I lost my coins and MtGox is not doing anything about although I had a good password in place.
Raoul Duke
aka psy
Legendary
*
Offline Offline

Activity: 1358
Merit: 1002



View Profile
December 25, 2011, 05:13:17 PM
 #2

That IP belongs to cyberghostvpn.com, a VPN service. Maybe they can help you.
Tril
Full Member
***
Offline Offline

Activity: 213
Merit: 100


View Profile
December 26, 2011, 08:04:56 AM
 #3

K.A.T. are you sure there's not a keylogger on your computer?

Mtgox offers a Yubikey for cases where you must use bitcoins on unsecure computers.

EDIT: also, instead of a keylogger, your e-mail account could have been compromised, then your mtgox account taken
over by "recovering it" using your e-mail.  Make sure your e-mail is secure!
K.A.T (OP)
Member
**
Offline Offline

Activity: 78
Merit: 10



View Profile
December 26, 2011, 08:09:51 AM
 #4


 Hi,

I'm using my own computers only.

With some discussion with Mt.Gox, I clicked on phishing mail masked as an Mt.Gox mail asking to review my account just before the withdrawal. MtGox did not send such a mail and I fell for it.

It's my mistake and I paid for it.
N.Olmos
Full Member
***
Offline Offline

Activity: 162
Merit: 100



View Profile
December 26, 2011, 01:49:51 PM
 #5

Sorry to hear of your loss.

Unfortunately their are scammers everywhere.

Here is a link with more info:

https://bitcointalk.org/index.php?topic=55647.0

Refer friends and earn 25%!

http://offers.coinad.com/?r=3
K.A.T (OP)
Member
**
Offline Offline

Activity: 78
Merit: 10



View Profile
December 26, 2011, 07:44:11 PM
 #6


 Thanx for your comments.
casascius
Mike Caldwell
VIP
Legendary
*
Offline Offline

Activity: 1386
Merit: 1140


The Casascius 1oz 10BTC Silver Round (w/ Gold B)


View Profile WWW
December 26, 2011, 07:51:37 PM
 #7

A second withdrawal password would help with this.

I hear another popular Bitcoin-related site just started doing this.

Companies claiming they got hacked and lost your coins sounds like fraud so perfect it could be called fashionable.  I never believe them.  If I ever experience the misfortune of a real intrusion, I declare I have been honest about the way I have managed the keys in Casascius Coins.  I maintain no ability to recover or reproduce the keys, not even under limitless duress or total intrusion.  Remember that trusting strangers with your coins without any recourse is, as a matter of principle, not a best practice.  Don't keep coins online. Use paper or hardware wallets instead.
K.A.T (OP)
Member
**
Offline Offline

Activity: 78
Merit: 10



View Profile
December 27, 2011, 06:58:20 AM
 #8


 Totally with you casascius.

Or some 2-factor approval if possible.

zer0
Sr. Member
****
Offline Offline

Activity: 350
Merit: 250



View Profile
December 30, 2011, 12:02:18 AM
 #9

Did you click the link in the spammer email and give them your login info?
I like how Pecunix is set up. You can still use it through Tor and they give you a 16-character PIK and without it withdrawing is useless.
K.A.T (OP)
Member
**
Offline Offline

Activity: 78
Merit: 10



View Profile
December 31, 2011, 06:10:18 AM
 #10


 As I mentioned I did click the link.....

I think if we suggest a black list of BITCOIN addresses, would that be OK ?

So you don't send coins to suspicious addresses.....
vuce
Sr. Member
****
Offline Offline

Activity: 476
Merit: 250


View Profile
December 31, 2011, 09:30:32 AM
 #11

Doesn't mtgox have support for some mobile phone two factor authentication? Why the hell are people not using that is beyond me...
Fiyasko
Legendary
*
Offline Offline

Activity: 1428
Merit: 1001


Okey Dokey Lokey


View Profile
January 01, 2012, 06:20:24 PM
 #12

Doesn't mtgox have support for some mobile phone two factor authentication? Why the hell are people not using that is beyond me...

Psh, They think One mobile alert is too much effort and time wasted when "all i wanna do is make a withdrawl"

http://bitcoin-otc.com/viewratingdetail.php?nick=DingoRabiit&sign=ANY&type=RECV <-My Ratings
https://bitcointalk.org/index.php?topic=857670.0 GAWminers and associated things are not to be trusted, Especially the "mineral" exchange
senbonzakura
Hero Member
*****
Offline Offline

Activity: 602
Merit: 502


View Profile
January 01, 2012, 07:14:38 PM
 #13

Sad
brox
Member
**
Offline Offline

Activity: 71
Merit: 10



View Profile
June 05, 2012, 11:26:49 PM
 #14

Tonight my MtGox acc was hacked as well (
Total of 35 BTC were withdrawn to 1B629eJKZQeQgbjwoTpkPGXmCs6psaN4WW

Save dolphins! Donate to 1BTC4brox2pd14QubXGsXwarp9zV9tc8CZ
Mine Bitcoins in the cloud at cex.io
Pages: [1]
  Print  
 
Jump to:  

Powered by MySQL Powered by PHP Powered by SMF 1.1.19 | SMF © 2006-2009, Simple Machines Valid XHTML 1.0! Valid CSS!