Bitcoin Forum
December 26, 2024, 02:07:09 PM *
News: Latest Bitcoin Core release: 28.0 [Torrent]
 
   Home   Help Search Login Register More  
Pages: [1]
  Print  
Author Topic: I GOT HACKED MTGOX....  (Read 1793 times)
nitoniwatori (OP)
Newbie
*
Offline Offline

Activity: 48
Merit: 0


View Profile WWW
July 05, 2012, 07:35:28 AM
 #1

sorry i post it here in newbie zone because i can't post other forum...

my 13.29297276 BTC is sent to " 1AhCxA5FBzFYzxtLTQosjX9XZC65q7jpjY "


it's begin here... i suspect dnnbitcoin.aricie.com (sorry aricie ... it's only one factor what i can think right now i only suspecting)
i use dnn because to test and protect BTC from shock drop ... while i'm trading when i have time (i'm not full time bitcoiner)

http://dl.dropbox.com/u/18704286/HACKED.png


2012/07/04 14:56:52   Withdraw      13.29297276 BTC   0.00000000 BTC
Bitcoin withdraw to 1AhCxA5FBzFYzxtLTQosjX9XZC65q7jpjY

2012/07/04 14:56:38   Fee      0.03180529 BTC   13.29297276 BTC
BTC bought: [tid:1341413798312732] 5.30088106 BTC at $6.54890 (0.6% fee)
2012/07/04 14:56:38   In      5.30088106 BTC   13.32477805 BTC
BTC bought: [tid:1341413798312732] 5.30088106 BTC at $6.54890

i have to say i believe that MTGOX API can't do withdraw if i don't allow it to do..it via API command
that seem maybe i got hacked by another way... but if someone got same situation you can share it with me

btw Thanks to fast MTGOX ...

if i got hacked by human he/she should use that almost 14 secs to trade and Withdraw ?


it's seem i can do nothing only want to giving my info for peoples it maybe only little of money...
but it's show what i have learn...

I really appreciate if anyone can help me to find more information or advise me better method to protect this thing to happen

Thanks

- Nito Niwatori
msn: nitoniwatori@hotmail.com
skype: nitoniwatori

TbbW
Newbie
*
Offline Offline

Activity: 20
Merit: 0


View Profile
July 05, 2012, 09:37:46 AM
 #2

If you want to prevent this from hapening ever again then get a Yubikey.
Check at the first page of mtgox and at the bottom right it says "Get your Yubikey now (be sure to log in)".
Kazimir
Legendary
*
Offline Offline

Activity: 1176
Merit: 1011



View Profile
July 05, 2012, 12:45:06 PM
 #3

Did you get hacked, or did someone guess your password?

Out of curiosity, and assuming you already changed your Mt.Gox password and that you didn't use it anywhere else (if this is not the case: DO IT NOW), could you share what your old password was? I'm wondering about the probability that someone just guessed it.

In theory, there's no difference between theory and practice. In practice, there is.
Insert coin(s): 1KazimirL9MNcnFnoosGrEkmMsbYLxPPob
Joe200
Sr. Member
****
Offline Offline

Activity: 317
Merit: 252



View Profile
July 05, 2012, 01:24:05 PM
 #4

Your cat's name + your favorite color = your password. Lol.
pekv2
Hero Member
*****
Offline Offline

Activity: 770
Merit: 502



View Profile
July 05, 2012, 03:11:24 PM
 #5

https://bitcointalk.org/index.php?topic=91225.msg1004217#msg1004217

https://bitcointalk.org/index.php?topic=91247.msg1004391#msg1004391

https://bitcointalk.org/index.php?topic=36430.10

http://www.geek.com/forums/topic/hacking-and-cracking
Pinwheel
Sr. Member
****
Offline Offline

Activity: 378
Merit: 250


View Profile
July 05, 2012, 04:11:51 PM
 #6

use this pasword pad, very good way to make secure and easy to remember passwords

http://ob-security.info/?p=393

Tom Waits: We should just start as soon as possible cause we might catch a rabbit before we have our pants on. (Juxtapoz)
JohnWayne99
Newbie
*
Offline Offline

Activity: 28
Merit: 0


View Profile
July 06, 2012, 12:15:02 AM
 #7

Use a unique password with at least 1 special character and decent antivirus along with some anti-keylogger software and I don't see how anyone could get you're password again.
DeathAndTaxes
Donator
Legendary
*
Offline Offline

Activity: 1218
Merit: 1079


Gerald Davis


View Profile
July 06, 2012, 12:20:18 AM
 #8

You know what all these stories have in common?

No 2nd factor authentication.  MtGox supports google authenticator.  Don't want to use a yubikey (I don't because it doesn't play nice with remote desktop)?  Then use FREE google authenticator. If you don't you are simply saying "Please steal my moniez".  I have yet to see a single person report having funds stolen when using 2 factor authentication.
JohnWayne99
Newbie
*
Offline Offline

Activity: 28
Merit: 0


View Profile
July 06, 2012, 12:26:30 AM
 #9

I never keep more than 50btc in mine anyhow which I would class as acceptable loss if it did get hacked, also I use a combination of antivirus / trusteer rapport / & anti keylogger software, I can't use google authenticator because i believe it requires a smart phone of some sort to scan a code or something. But I believe this is safe enough, and the fact that nobody has ever hacked anything from me... EVER !

Also not installing crapware on your pc in the first place that might contain trojans .etc
easystevey
Newbie
*
Offline Offline

Activity: 8
Merit: 0


View Profile
July 06, 2012, 08:32:51 AM
 #10

Ordered a yubikey immediately after reading this...
Kazimir
Legendary
*
Offline Offline

Activity: 1176
Merit: 1011



View Profile
July 06, 2012, 09:45:19 AM
 #11

along with some anti-keylogger software
Do you know any good ones?

In theory, there's no difference between theory and practice. In practice, there is.
Insert coin(s): 1KazimirL9MNcnFnoosGrEkmMsbYLxPPob
pekv2
Hero Member
*****
Offline Offline

Activity: 770
Merit: 502



View Profile
July 06, 2012, 10:21:38 AM
 #12

along with some anti-keylogger software
Do you know any good ones?

HiJackThis
http://sourceforge.net/projects/hjt/
lucif
Sr. Member
****
Offline Offline

Activity: 462
Merit: 250


Clown prophet


View Profile
July 06, 2012, 10:26:53 AM
 #13

90% probabilty that this was keylogger software
pekv2
Hero Member
*****
Offline Offline

Activity: 770
Merit: 502



View Profile
July 06, 2012, 11:11:55 AM
 #14


Also, took a bit to remember the forums and well this popped up as well. Which I recall using long time ago.

Full instructions in following link.
http://www.bleepingcomputer.com/download/hijackthis/
JohnWayne99
Newbie
*
Offline Offline

Activity: 28
Merit: 0


View Profile
July 06, 2012, 11:43:10 AM
 #15

along with some anti-keylogger software
Do you know any good ones?

Yes the best one is Zemana anti logger, which protects against webcam loggers, key loggers, ssl loggers, clipboard loggers, screen loggers, etc.

And also I use a program called trusteer rapport which uses obfuscation, so you're keystrokes don't even make sense to any key logger.
Mt.Gox_Support_Natalie
Newbie
*
Offline Offline

Activity: 59
Merit: 0


View Profile
July 11, 2012, 01:38:54 PM
 #16

Hello,

We are sorry to hear of your misfortune.  We would recommend you to use Software Authentication or Yubikey Authentication for your account by going to the Security Center on our site to further secure your account.  If you have any further questions, please contact our Support Desk at https://support.mtgox.com/.
coeball
Newbie
*
Offline Offline

Activity: 8
Merit: 0


View Profile
July 11, 2012, 03:12:24 PM
 #17

Dam that sucks.
davidj411
Newbie
*
Offline Offline

Activity: 17
Merit: 0


View Profile
July 11, 2012, 11:06:41 PM
 #18

Sorry to hear that.
Pages: [1]
  Print  
 
Jump to:  

Powered by MySQL Powered by PHP Powered by SMF 1.1.19 | SMF © 2006-2009, Simple Machines Valid XHTML 1.0! Valid CSS!