Bitcoin Forum
December 11, 2016, 10:08:00 AM *
News: To be able to use the next phase of the beta forum software, please ensure that your email address is correct/functional.
 
   Home   Help Search Donate Login Register  
Pages: « 1 [2] 3 4 »  All
  Print  
Author Topic: MT.Gox account hacked - lost 2k USD - MT.GOX will not explain how.  (Read 10513 times)
Stephen Gornick
Legendary
*
Offline Offline

Activity: 2002



View Profile
July 08, 2012, 03:31:59 AM
 #21

I lost roughly 2000 USD from my MT.Gox account at 08:40 JST on the 31th of may 2012.

A lot of that going on.

"MtGox account got cleared out"
 - http://bitcointalk.org/index.php?topic=85533.0

"All BTC disappeared from my Mt. Gox account"
 - http://bitcointalk.org/index.php?topic=88368.0

Another:
 - http://bitcointalk.org/index.php?topic=80562.msg941759#msg941759

And another:
"My mtgox account got compromised, what can I do?"
 - http://bitcointalk.org/index.php?topic=84585.0

And on other services as well.  Here same thing happened to some GLBSE users:
 - http://bitcointalk.org/index.php?topic=84893.0

In none of these was the person using multi-factor authentication.  Mt. Gox has had Yubikey support for a while.  Mt. Gox accounts now support Google Authenticator:
 - https://mtgox.com/press_release_20120605.html

And another report.  Mt. Gox now has Google Authenticator support, for mobile (Android, iPhone/iPad/iPod Touch (any iOS), BlackBerry).  Use it, love it!

BTCSYN reports a $12k (1,852 BTC) theft
 - http://bitcointalk.org/index.php?topic=92142.0

Advertised sites are not endorsed by the Bitcoin Forum. They may be unsafe, untrustworthy, or illegal in your jurisdiction. Advertise here.
1481450880
Hero Member
*
Offline Offline

Posts: 1481450880

View Profile Personal Message (Offline)

Ignore
1481450880
Reply with quote  #2

1481450880
Report to moderator
1481450880
Hero Member
*
Offline Offline

Posts: 1481450880

View Profile Personal Message (Offline)

Ignore
1481450880
Reply with quote  #2

1481450880
Report to moderator
1481450880
Hero Member
*
Offline Offline

Posts: 1481450880

View Profile Personal Message (Offline)

Ignore
1481450880
Reply with quote  #2

1481450880
Report to moderator
Hunterbunter
Hero Member
*****
Offline Offline

Activity: 980


View Profile
July 08, 2012, 03:55:10 AM
 #22

Someone is having a whale of a time with MtGox it seems. It's like watching someone smack a pinata.

My sympathies to those who were stolen from.

Mt Gox is one of the worst companies I've ever had the displeasure in dealing with. They're extortionate, obfuscated, and utterly unprofessional.
mav
Full Member
***
Offline Offline

Activity: 168


View Profile
July 08, 2012, 08:39:47 AM
 #23

Someone is having a whale of a time with MtGox it seems. It's like watching someone smack a pinata.

My sympathies to those who were stolen from.

Mt Gox is one of the worst companies I've ever had the displeasure in dealing with. They're extortionate, obfuscated, and utterly unprofessional.

So who do you use for exchanges if you don't use Gox? I agree, Gox service is terrible, and they aren't very professional.

Sorry to hear about your loss OP. I know it doesn't help you much but your plight has encouraged me to purchase a Yubi Key just last week, so for that, I thank you.
Ghostofkobra
Full Member
***
Offline Offline

Activity: 167



View Profile
July 08, 2012, 10:06:51 PM
 #24

Thanx,

Im wondering if a yubikey would have helped since there are no signs of the thief ever logging on to Gox, and if he/she can transfer money out w/o Gox noticing that he logged on. Maybe he/she could have transferred the money anyway?

However, a yubikey might stop it.

GL

And which service should one use?

Coin Reaper @ http://coinreaper.com - Your expressway to FREE Bitcoins!
Bunny Run @ http://bunnyrun.us and win every time. No Bets required
unclemantis
Member
**
Offline Offline

Activity: 98


(:firstbits => "1mantis")


View Profile
July 27, 2012, 01:34:24 AM
 #25

Good luck on that police report. It will be just as useful as filing a missing person's report for your imaginary friend!

PHP, Ruby, Rails, ASP, JavaScript, SQL
20+ years experience w/ Internet Technologies
Bitcoin OTC | GPG Public Key                                                                               thoughts?
MagicalTux
VIP
Hero Member
*
Offline Offline

Activity: 617


Working on new MtGox features


View Profile WWW
July 27, 2012, 05:05:49 AM
 #26

If you have a police report you can request us to forward the details to the police. We'll need a case number and details on the law enforcement in charge (person in charge, etc) to forward the appropriate details.

unclemantis
Member
**
Offline Offline

Activity: 98


(:firstbits => "1mantis")


View Profile
July 27, 2012, 05:01:37 PM
 #27

If you have a police report you can request us to forward the details to the police. We'll need a case number and details on the law enforcement in charge (person in charge, etc) to forward the appropriate details.

+1

PHP, Ruby, Rails, ASP, JavaScript, SQL
20+ years experience w/ Internet Technologies
Bitcoin OTC | GPG Public Key                                                                               thoughts?
galambo
Sr. Member
****
Offline Offline

Activity: 390



View Profile
July 30, 2012, 11:36:01 AM
 #28

http://en.wikipedia.org/wiki/Doe_subpoena
repentance
Hero Member
*****
Offline Offline

Activity: 840


View Profile
July 30, 2012, 12:04:27 PM
 #29

Btw, saying "file a police report" to me is like saying "you got screwed and we won't help you anyhow, move over". I've seen police being utterly useless for much more serious cases.

It's a bit like insurance companies requiring a police report number before you can claim for stolen items.  They know that the police aren't going to investigate petty theft but they also know that many people who'd be willing to make false insurance claims won't be willing to make false police reports.

Let's suppose that MtGox did give the OP the IP information.  How does that really help establish that this was an actual theft? 


All I can say is that this is Bitcoin. I don't believe it until I see six confirmations.
caveden
Legendary
*
Offline Offline

Activity: 1106



View Profile
July 30, 2012, 01:47:34 PM
 #30

Let's suppose that MtGox did give the OP the IP information.  How does that really help establish that this was an actual theft? 

Probably wouldn't help, but the guy wants to know, let him know. It's his account after all. What's the big deal in knowing which IPs were used to access your own account?

18rZYyWcafwD86xvLrfuxWG5xEMMWUtVkL
Mike Jones
Newbie
*
Offline Offline

Activity: 14


Bitcoin's Chief Executive Officer


View Profile
July 30, 2012, 02:27:49 PM
 #31

Let's suppose that MtGox did give the OP the IP information.  How does that really help establish that this was an actual theft? 

Probably wouldn't help, but the guy wants to know, let him know. It's his account after all. What's the big deal in knowing which IPs were used to access your own account?
If Gox treats its users like this, like children, I should of really stuck to buying elsewhere.

Don't you worry about Bitcoin, let me worry about Bitcoin.

1HjH1Gm45w1m6J44VmXezvih3NzgXG7YfE
Ghostofkobra
Full Member
***
Offline Offline

Activity: 167



View Profile
September 10, 2012, 03:03:11 PM
 #32

Getting the IP-address wouldnt help me one bit.

But getting a "null" response when asking why/how money dissapeared from my account w/o me (or anyone else)
logging in is fradulent.

They couldnt show that anyone logged on to my account, and they cant/wont give me the ip-address of the "eledged" person
who took my bitcoins...


Sorry for the late reply, had a long vacation Smiley

and i didnt want to think about the thief (internet crook or MtGox or bug)

Ghost of Kobra

Coin Reaper @ http://coinreaper.com - Your expressway to FREE Bitcoins!
Bunny Run @ http://bunnyrun.us and win every time. No Bets required
Ghostofkobra
Full Member
***
Offline Offline

Activity: 167



View Profile
September 14, 2012, 02:52:18 PM
 #33

My discussion with mtGoxx support is approximately the same.

When i saw that the account was empty i checked the withdraws and noted the time of the withdrawal.

Asked mtGoxx for information about logins (because i knew i didnt log in at the time of the withdraw).

Got a list with login's (no IP's) and the list showed that no user was logged on at the time of the withdrawal.

Asked mtGoxx how this could happen and for IP's of the logins.

And all of a sudden i start to get the same answer on every question.
- We only talk to the police.
- Upload your scanned ID and the police report.

If someone "lost" 380 of my bitcoins and refuse to tell me how it happened i sure as hell wont give them my ID.

They claim they cant reimburse me coz i it might attract scammers, and they cant be sure i didnt transfer them out.

LOOK AT YOUR OWN LOGS YOU SENT ME.

I WAS NOT LOGGED ON. and noone else was logged on either....

Sorry for the caps, still get irritated about this.
I think i will scan the police report on monday when i get back to work.

Coin Reaper @ http://coinreaper.com - Your expressway to FREE Bitcoins!
Bunny Run @ http://bunnyrun.us and win every time. No Bets required
RandomQ
Hero Member
*****
Offline Offline

Activity: 616



View Profile
September 17, 2012, 04:09:34 AM
 #34

I have a feeling the ID/AML request is because of reporting a loss of over $2,000.

In this modern age, using just a password to secure anything of value is unwise.

I use 2 factor for any account that has over $10 dollars in it. Except those protected by the FDIC.
For my MtGox Account I use (Two) 2 factor accounts on two different devices, they would have to have access to both devices or crack 2 factor.

I also use 2 factor on all email accounts, to prevent password resets.

Did you access your account from a Desktop Or Laptop?

Was it running Windows? Are you up to date?
What AntiVirus are you using? is it up to date?

Have you ever accessed your account using WIFI? Unsecured? WEP?

Most likely your password was stolen from a Keylogger or They were able to login into MtGox by routing thru your Computer Remotely.

Do you download any software from torrents?

Just be aware there is also a virus that has appeared in Asia mostly,that can survive a format of the HD, by hiding inside your BIOS and reinfecting your system after reinstall.


File a police report,Verify your AML with MtGox(I don't think it will do any good),and Redeem Free Yubikey Offer

Until I see an account that has 2 factor used get stolen from, your security was the cause of your loss because you were easy picking.











Bitcoin To Cash LLC Receive cash in the mail for Bitcoin!
[CryptoStocks] GREEN - GreenBTC - Mining Company on CryptoStocks
Ghostofkobra
Full Member
***
Offline Offline

Activity: 167



View Profile
September 17, 2012, 12:32:39 PM
 #35

You are missing the point...

mtGox OWN logs show that NOONE was logged on at the moment of the withdrawal.

Dont say my account was "easy picking" or that i should blame myself for not using 2 factor authentication.
When my credentials wasnt used by the thief to log on (whomever it might be).


If someone stole my password (from me and not mtgox) and logged on and withdrew the money, sure.
Then your statements would be valid.

Since noone logged on with my password, my security was not the cause!


I have filed a police report, but im not sure i want to verify my account since i sadly do not trust them, anymore.


/GoK

I have a feeling the ID/AML request is because of reporting a loss of over $2,000.

In this modern age, using just a password to secure anything of value is unwise.

I use 2 factor for any account that has over $10 dollars in it. Except those protected by the FDIC.
For my MtGox Account I use (Two) 2 factor accounts on two different devices, they would have to have access to both devices or crack 2 factor.

I also use 2 factor on all email accounts, to prevent password resets.

Did you access your account from a Desktop Or Laptop?

Was it running Windows? Are you up to date?
What AntiVirus are you using? is it up to date?

Have you ever accessed your account using WIFI? Unsecured? WEP?

Most likely your password was stolen from a Keylogger or They were able to login into MtGox by routing thru your Computer Remotely.

Do you download any software from torrents?

Just be aware there is also a virus that has appeared in Asia mostly,that can survive a format of the HD, by hiding inside your BIOS and reinfecting your system after reinstall.


File a police report,Verify your AML with MtGox(I don't think it will do any good),and Redeem Free Yubikey Offer

Until I see an account that has 2 factor used get stolen from, your security was the cause of your loss because you were easy picking.












Coin Reaper @ http://coinreaper.com - Your expressway to FREE Bitcoins!
Bunny Run @ http://bunnyrun.us and win every time. No Bets required
squid
Member
**
Offline Offline

Activity: 112


View Profile
September 17, 2012, 12:45:50 PM
 #36

You are missing the point...

mtGox OWN logs show that NOONE was logged on at the moment of the withdrawal.

Dont say my account was "easy picking" or that i should blame myself for not using 2 factor authentication.
When my credentials wasnt used by the thief to log on (whomever it might be).


If someone stole my password (from me and not mtgox) and logged on and withdrew the money, sure.
Then your statements would be valid.

Since noone logged on with my password, my security was not the cause!


I have filed a police report, but im not sure i want to verify my account since i sadly do not trust them, anymore.


/GoK

I have a feeling the ID/AML request is because of reporting a loss of over $2,000.

In this modern age, using just a password to secure anything of value is unwise.

I use 2 factor for any account that has over $10 dollars in it. Except those protected by the FDIC.
For my MtGox Account I use (Two) 2 factor accounts on two different devices, they would have to have access to both devices or crack 2 factor.

I also use 2 factor on all email accounts, to prevent password resets.

Did you access your account from a Desktop Or Laptop?

Was it running Windows? Are you up to date?
What AntiVirus are you using? is it up to date?

Have you ever accessed your account using WIFI? Unsecured? WEP?

Most likely your password was stolen from a Keylogger or They were able to login into MtGox by routing thru your Computer Remotely.

Do you download any software from torrents?

Just be aware there is also a virus that has appeared in Asia mostly,that can survive a format of the HD, by hiding inside your BIOS and reinfecting your system after reinstall.


File a police report,Verify your AML with MtGox(I don't think it will do any good),and Redeem Free Yubikey Offer

Until I see an account that has 2 factor used get stolen from, your security was the cause of your loss because you were easy picking.


Seems like you are grasping for straws. Please secure your money next time with one of the many features Mt.Gox offers.
Ghostofkobra
Full Member
***
Offline Offline

Activity: 167



View Profile
September 17, 2012, 01:07:12 PM
 #37


Seems like you are grasping for straws. Please secure your money next time with one of the many features Mt.Gox offers.


Did you tell that to the guys that got their Linode accounts hacked too?


Stuff cant get stolen from a closed safe, somehow it has to be opened for the gold to be taken.

I have asked mtGox to tell me how my gold was removed from the safe, they answer:
We only talk to the police.

If asking for an answer to how the coins were stolen is grasping for straws: I am guilty.

But i think it it is a fair request.


Please not that mtGox is not claiming that somone logged on to my account and sent the money.

Their log says: Noone was logged on to your account at the time of the withdraw.
They say: We only talk to the police.



/GoK


Coin Reaper @ http://coinreaper.com - Your expressway to FREE Bitcoins!
Bunny Run @ http://bunnyrun.us and win every time. No Bets required
Come-from-Beyond
Legendary
*
Online Online

Activity: 1414

Newbie


View Profile
September 18, 2012, 09:44:36 AM
 #38

Someone is having a whale of a time with MtGox it seems. It's like watching someone smack a pinata.

My sympathies to those who were stolen from.

Mt Gox is one of the worst companies I've ever had the displeasure in dealing with. They're extortionate, obfuscated, and utterly unprofessional.

+2
RandomQ
Hero Member
*****
Offline Offline

Activity: 616



View Profile
September 18, 2012, 03:05:39 PM
 #39


Seems like you are grasping for straws. Please secure your money next time with one of the many features Mt.Gox offers.


Did you tell that to the guys that got their Linode accounts hacked too?


Stuff cant get stolen from a closed safe, somehow it has to be opened for the gold to be taken.

I have asked mtGox to tell me how my gold was removed from the safe, they answer:
We only talk to the police.

If asking for an answer to how the coins were stolen is grasping for straws: I am guilty.

But i think it it is a fair request.


Please not that mtGox is not claiming that somone logged on to my account and sent the money.

Their log says: Noone was logged on to your account at the time of the withdraw.
They say: We only talk to the police.



/GoK



I have to disagree with you saying its not a fair request to disclose how your funds got removed because if there "an easy way" or undisclosed hack they shouldn't release that information to protect other accounts.For the Greater Good of all.

The Lowest hanging fruit are always picked first. Accounts only protected by passwords are easy targets.

Plus sometimes the Japanese to English might not have translated correctly from the people you talked to.

So the account "not logged in" part might be a mistranslated, i've talked with alot of non-native english speakers and sometimes it just comes out wrong.

If this was a hack, the hacker would be getting as many accounts emptied as possible before the hole was closed.


Per MtGox As a reminder we assume no responsibility should your funds be stolen by someone using your own password.


















Bitcoin To Cash LLC Receive cash in the mail for Bitcoin!
[CryptoStocks] GREEN - GreenBTC - Mining Company on CryptoStocks
zvs
Legendary
*
Offline Offline

Activity: 1386



View Profile WWW
September 24, 2012, 01:38:03 AM
 #40

If you trade more than $150 USD it is worth it to invest in a Yubikey, IMHO. I have other issues with MtGox, but getting hacked is the least of my concerns.
i don't have a yubikey, but my password is something similar to jfdsaMFDasjm#R$MnVMXCL:m43mMVL:XJOP%$#mvc

Dacentec, best deals for US dedicated servers. They regularly restock $20-$25 Opterons with 8-16GB RAM & 2x1-2TB HDD's (ofc, usually lots of other good stuff to choose from).  I did a Serverbear benchmark of one of my $20/mo Opteron (June last year), it's here.  Have had about a half dozen different servers with Dacentec, & none have failed to sustain at least 40MB/s (burst higher). My favorite is a 12-month rent-to-own ZT Systems 2XL5520 16GB 2x2TB SATA for $40/month (got lucky with the 'off-brand', haven't seen a RTO 2xL5520 for under $50/mo since -- at least for monthly contracts).  wholesaleinternet.com has some ancient 2-core intel CPUs @ $10/mo sometimes (I got an Intel Core 2 6300 @ 1.86GHz, with a 250GB HDD with 46000 hours on it, LOL. $20 @ Dacentec is much better, if you can grab one). joesdatacenter.com (same location as Wholesale Internet) also occasionally has specials (or if you don't want to wait, it has an AMD Opteron 170 @ $16/mo).
Pages: « 1 [2] 3 4 »  All
  Print  
 
Jump to:  

Sponsored by , a Bitcoin-accepting VPN.
Powered by MySQL Powered by PHP Powered by SMF 1.1.19 | SMF © 2006-2009, Simple Machines Valid XHTML 1.0! Valid CSS!