My mtgox account got compromised, what can I do?

[Buffcorp]

My mtgox account was comprised. The individual used $599 I had to buy btc and then sent the btc to himself. Is there anything mtgox can do?

[1715510586]

1715510586

[1715510586]

1715510586

[1715510586]

1715510586

[1715510586]

1715510586

[Maged]

They can send you a free yubikey to prevent this from happening in the future, but that's about it. Sorry.

[rjk]

Not that it will help or anything, but you could post transaction info so that it could be traced thru the blockchain.

Was your password total crap? And was it used on other sites?

Have you checked for viruses on your computer?

[Liberty Payout]

Yes, please post some more info so other members know the source of the phisher. They also can't do anything from what I know BTC is irreversible.

[Buffcorp]

My password was strong, the computer is clean and no I did not use the same pass on other sites.

2012/05/29 02:59:48    Spent       $298.99994    $0.26022
BTC bought: [tid:1338260388928667] 58.62790000 BTC at $5.09996
2012/05/29 02:57:40    Spent       $113.63315    $299.26016
BTC bought: [tid:1338260260509217] 22.28144636 BTC at $5.09990
2012/05/29 02:57:40    Spent       $24.53052    $412.89331
BTC bought: [tid:1338260260480565] 4.81000000 BTC at $5.09990
2012/05/29 02:57:40    Spent       $99.55005    $437.42383
BTC bought: [tid:1338260260448265] 19.52000000 BTC at $5.09990
2012/05/29 02:57:40    Spent       $0.05080    $536.97388
BTC bought: [tid:1338260260262724] 0.01000000 BTC at $5.08000
2012/05/29 02:57:40    Spent       $62.86950    $537.02468
BTC bought: [tid:1338260260204812] 12.37615364 BTC at $5.07989

2012/05/29 03:00:56    Withdraw       28.30900000 BTC    0.00006095 BTC
Bitcoin withdraw to 1FLVVbi22zeuEz5JRRuZvAqSeeA5PcYfez
2012/05/29 03:00:41    Withdraw       30.00000000 BTC    28.30906095 BTC
Bitcoin withdraw to 1FLVVbi22zeuEz5JRRuZvAqSeeA5PcYfez
2012/05/29 02:59:48    Fee       0.32245345 BTC    58.30906095 BTC
BTC bought: [tid:1338260388928667] 58.62790000 BTC at $5.09996 (0.55% fee)
2012/05/29 02:59:48    In       58.62790000 BTC    58.63151440 BTC
BTC bought: [tid:1338260388928667] 58.62790000 BTC at $5.09996
2012/05/29 02:58:45    Withdraw       28.64000000 BTC    0.00361440 BTC
Bitcoin withdraw to 1FLVVbi22zeuEz5JRRuZvAqSeeA5PcYfez
2012/05/29 02:58:31    Withdraw       30.00000000 BTC    28.64361440 BTC
Bitcoin withdraw to 1FLVVbi22zeuEz5JRRuZvAqSeeA5PcYfez

[Liberty Payout]

My password was strong, the computer is clean and no I did not use the same pass on other sites.

2012/05/29 02:59:48    Spent       $298.99994    $0.26022
BTC bought: [tid:1338260388928667] 58.62790000 BTC at $5.09996
2012/05/29 02:57:40    Spent       $113.63315    $299.26016
BTC bought: [tid:1338260260509217] 22.28144636 BTC at $5.09990
2012/05/29 02:57:40    Spent       $24.53052    $412.89331
BTC bought: [tid:1338260260480565] 4.81000000 BTC at $5.09990
2012/05/29 02:57:40    Spent       $99.55005    $437.42383
BTC bought: [tid:1338260260448265] 19.52000000 BTC at $5.09990
2012/05/29 02:57:40    Spent       $0.05080    $536.97388
BTC bought: [tid:1338260260262724] 0.01000000 BTC at $5.08000
2012/05/29 02:57:40    Spent       $62.86950    $537.02468
BTC bought: [tid:1338260260204812] 12.37615364 BTC at $5.07989

2012/05/29 03:00:56    Withdraw       28.30900000 BTC    0.00006095 BTC
Bitcoin withdraw to 1FLVVbi22zeuEz5JRRuZvAqSeeA5PcYfez
2012/05/29 03:00:41    Withdraw       30.00000000 BTC    28.30906095 BTC
Bitcoin withdraw to 1FLVVbi22zeuEz5JRRuZvAqSeeA5PcYfez
2012/05/29 02:59:48    Fee       0.32245345 BTC    58.30906095 BTC
BTC bought: [tid:1338260388928667] 58.62790000 BTC at $5.09996 (0.55% fee)
2012/05/29 02:59:48    In       58.62790000 BTC    58.63151440 BTC
BTC bought: [tid:1338260388928667] 58.62790000 BTC at $5.09996
2012/05/29 02:58:45    Withdraw       28.64000000 BTC    0.00361440 BTC
Bitcoin withdraw to 1FLVVbi22zeuEz5JRRuZvAqSeeA5PcYfez
2012/05/29 02:58:31    Withdraw       30.00000000 BTC    28.64361440 BTC
Bitcoin withdraw to 1FLVVbi22zeuEz5JRRuZvAqSeeA5PcYfez

The money is gone, right now the best thing is to establish how it was stolen in the first place. Otherwise you may still be at risk. When did you notice it was missing, have you visited any suspicious sites/ clicked any links recently?

[MtGox_Dylan]

If you haven't already, please lodge a support request with us so we can investigate. Unfortunately, once BTC has left our system we have no control over it, but we can at least return the account to your control (if that hasn't been done yet) and investigate what happened here.

We're very sorry for the negative experience you've had with our service, and hope we can do something to help.

[the joint]

What about your email password?  Is that strong?  Maybe your email account was hacked and they used it to recover your Mt. Gox password?

[Buffcorp]

I have submitted a request to mtgox but considering how nothing can be done based on mtgox_dylan's comments and I am now out $599, I highly doubt I want to try and recover an account that was comprised... if anything I'd just open a new one but with this experience I highly doubt I will ever touch mtgox again. I am just completely devastated.

[Lumpy]

Does your browser remember passwords for you? Is your computer physically accessible by any other party?

[Andrew Bitcoiner]

I have submitted a request to mtgox but considering how nothing can be done based on mtgox_dylan's comments and I am now out $599, I highly doubt I want to try and recover an account that was comprised... if anything I'd just open a new one but with this experience I highly doubt I will ever touch mtgox again. I am just completely devastated.

I've been ripped off similar amounts, these things happen and it is best to not dwell on it to much.  I would suggest adding two factor authentication to all the services you intend to have access to your account information including the mtgox yubikey which would of saved you in this situation.

[edd]

I have submitted a request to mtgox but considering how nothing can be done based on mtgox_dylan's comments and I am now out $599, I highly doubt I want to try and recover an account that was comprised... if anything I'd just open a new one but with this experience I highly doubt I will ever touch mtgox again. I am just completely devastated.

Do you believe Mt Gox was responsible for this? If so, what leads you to this conclusion?

[rjk]

Opening more accounts won't help you if you don't fix the problem(s) that caused the issue in the first place. So if you have a strong password and computer has no viruses etc, there are other ways this could have happened that could just as easily happen again if you don't take precautions.

So do you have any other clues?

[bitdragon]

please do share so that we can learn from this.
What was your password ?
have you always used the same computer to access MTGOX?

[Stephen Gornick]

could just as easily happen again if you don't take precautions.

Exactly.  I'ld switch to the assumption that my system was compromised unless I could prove otherwise.  That usually would mean a reinstall and proper security.

I'ld like to see some measures made for those whose account value is too small to justify the cost of a Yubikey.  Like offering to have a separate password for doing a withdrawal, or the ability to set a grace period on all BTC or redeemable code withdrawals (e.g., an e-mail gets sent out, and the withdraw can be cancelled up to NN hour hours before the BTC gets sent or the code gets created.)

[Stephen Gornick]

Possibly related - two GLBSE accounts have been compromised recently:
 - https://bitcointalk.org/index.php?topic=84893.0  [URL fixed, thanks Casascius, Kluge]

[casascius]

Possibly related - two GLBSE accounts have been compromised recently:
 - http://bitcointalk.org/index.php?topic=84585.0

possibly bad link - circular link to this thread

[TT]

Withdrawal to bitcoin address is the exchange function/API call that is most prone to theft.
Other withdrawal methods have at least some level of traceability and/or reversibility.

Therefore, I propose the following solution:
1) create a completely separate right for both the web and the API for withdrawal to bitcoin address, separate from all the other withdrawal methods.
2) allow the owner of the account to have a whitelist of bitcoin addresses to which it is allowed to withdraw from both the web AND the API.
3) require two-factor authentication for adding or removing addresses to and from the whitelist.

This simple feature means that even in the event of an attacker gaining access to the user's web dashboard or the user's API keys,
the attacker will not be able to withdraw bitcoins to addresses of his choice.

Simple fix to a significant security risk.

[Kluge]

Possibly related - two GLBSE accounts have been compromised recently:
 - http://bitcointalk.org/index.php?topic=84585.0

My initial thought, too. Proper link is https://bitcointalk.org/index.php?topic=84893.0

[Stephen Gornick]

Another one:
 - http://bitcointalk.org/index.php?topic=80562.msg941759#msg941759

And one more even:
 - http://bitcointalk.org/index.php?topic=85533.0

[EuSouBitcoin]

could just as easily happen again if you don't take precautions.

I'ld like to see some measures made for those whose account value is too small to justify the cost of a Yubikey.  

I'd like to see Mt Gox and other bitcoin exchanges offer the free two-factor authentication, Google Authenticator.

The following Bitcoin exchanges currently do offer optional two-factor authentication

BitFloor
Camp BX
Crypto X Change
Mercado Bitcoin
Mt Gox

I think this is a nice optional layer of security to offer for your clients. The 3 methods offered are:

Google Authenticator
SMS Text Message
Yubikey

Of the 3 methods listed above, personally, I prefer Google Authenticator

http://en.wikipedia.org/wiki/Google_Authenticator

I don't like the yubikey because I don't want another piece of hardware.
SMS text message is OK, but I use a prepaid cellphone and have to pay for every text I receive. Being somewhat of a tightwad, I don't like that.

Google Authenticator works on my iPod touch and it's free.

If the cost is free even small accounts can afford to be secure. While it's probably best to just make this an optional level of security, Bitcoin exchanges could make it mandatory for accounts above a certain BTC or fiat currency balance.

[Maged]

I'd like to see Mt Gox and other bitcoin exchanges offer the free two-factor authentication, Google Authenticator.

As of a few hours before your post, they do. 

[Unacceptable]

I got hacked too.So did a new guy that PM'ed me.

This is something to do with MTgox 

[rjk]

I got hacked too.So did a new guy that PM'ed me.

This is something to do with MTgox 

It was a poor password choice.

[Unacceptable]

I got hacked too.So did a new guy that PM'ed me.

This is something to do with MTgox 

It was a poor password choice.

Maybe so,but I use something similar with banks & had no problems ever.............putting on flame retardent suit 

It just dawned on me that Deepbit always sends an email with a confirm link when changing info or withdrawing coins,MTgox needs something similar.

[EuSouBitcoin]

I'd like to see Mt Gox and other bitcoin exchanges offer the free two-factor authentication, Google Authenticator.

As of a few hours before your post, they do. 

Sweet! Ask and ye shall receive. I'm going to set up authentication now.

[ludo0777]

It sucks people are getting hacked, but nobody can do anything about it so just try make sure it never happens again.

[zvs]

i use piece of paper and password kfdJO$3jO:CXZMnfkcxM$L#@:!

[rjk]

It sucks people are getting hacked, but nobody can do anything about it so just try make sure it never happens again.

Of course people can do things to prevent it, but sometimes it takes getting hacked to knock some common sense into them.

[Unacceptable]

It sucks people are getting hacked, but nobody can do anything about it so just try make sure it never happens again.

Of course people can do things to prevent it, but sometimes it takes getting hacked to knock some common sense into them.

Well,with nothing backing BTC like the dollar or other fiat (police or fed gov think BTC is "play" money & don't care),you have no recourse in getting your coins or cash back.Its a hackers paradise (they can suffer no conciqences)& will continue to be so.Illegal activities are too easy to get away with in the make believe land of BTC.

If the exchanges were to make it mandatory for PW's to be ________________(insert digit amount) or something to that effect,maybe it would make it harder for hackers.Most folks aren't cryoto phreaks or super software savvy like alot of you on this forum.Sorry for me/most of us "outsiders" being so ignorant..............

Hell,even exchanges are getting hacked for very large amounts & you'll never see a penny recovered.Will the local gov come & help,yeah right.

Chalk it up to experience You bet,I don't trust anyone or anyplace anymore..............My coins stay on my PC & if I do go to trade,it's only long enough for that trade............

[rjk]

Reminds me, it's about time that I rotated my main passwords. I'm starting to use LastPass more with generated passwords, but the master password for LastPass is a few years old at this point. Although it is more than 20 characters with caps and numbers, it's still based on a phrase and doesn't have symbols. I'll need to come up with a suitable replacement.

[Ghostofkobra]

My money on MT.Gox was transferred out ~2k USD on the 31th of may.

And there are no logins that match the withdraw. Did you check if
the logins to your account match the withdraws before you beat yourself up
about your password?

My thread: https://bitcointalk.org/index.php?topic=89142.0

//GoK