ALL mtgox password has been compromised, change asap, everywhere you used it

opticbit

hero member

Activity: 695

Merit: 502

PGP: 6EBEBCE1E0507C38

Quote from: Yeti on June 19, 2011, 05:43:12 PM

We don't know which accounts were really used. For example, do you really think "testuser" has a lot of BTC floating around? I would love to know the account balance to each of these now compromised accounts.

A great lesson in web security!

Quote from: ?? on ??

So, MtGox does not us salt... It's really bad. The only good thing they can do is to reset all passwords and revalidate accounts through emails. But in case of passwords that match email ones situation becomes even worse...

No, that list is a list of cracked passwords that were salted but were so stupidly easy that they got bruteforced in no time!

don't see mine in there.

I'm still wondering if the DB contains my old pw or new one.

skull88

hero member

Activity: 683

Merit: 500

Quote from: ixne on June 19, 2011, 06:58:44 PM

If you can remember your password, it probably isn't strong enough. Get a password manager, I've never been so glad to have a different 18-character random ASCII password for every online account I have.

I'm not that stupid to use something like "password" (really it is a few times in that file) and luckily the password I used on mtgox is a unique pass not to simple but easy enough for me to remember.
I always use unique passes that are harder to crack for things that involve money or other important things and I have a few common passes for not so important things that wouldn't really bother me to much if they got hacked.

I know it is far from waterproof my system and I'm interested in using a password manager, the only problem I have with a password manager, how can I than log in to my accounts on other computers? And if your computer is hacked they have all your passwords even the ones for the important sites, while nobody can crack into my head. Or am I missing something and is there a manager that gives me the ease of passwords I can remember so I can log in on different computers and the security that nobody can get my passwords from the manager.

ixne

full member

Activity: 211

Merit: 100

If you can remember your password, it probably isn't strong enough. Get a password manager, I've never been so glad to have a different 18-character random ASCII password for every online account I have.

chihlidog

newbie

Activity: 28

Merit: 0

Quote from: kjj on June 19, 2011, 06:17:16 PM

Quote from: chihlidog on June 19, 2011, 05:53:31 PM

Quote from: kjj on June 19, 2011, 05:49:00 PM

No, the vast majority of the passwords were done properly with md5_crypt(). They will probably never be cracked in any serious number.

The few that have been cracked were all passwords stored using the old unsalted DES based crypt(). Everyone knew that the old school crypt() was unsafe, which was the whole reason for switching to salted md5_crypt().

Could you explain to a layman how we can tell the difference? Looking at the string next my email I'd like to feel a little more secure if I know it was a more secure encryption.

Crypt

If it starts with $, it is probably pretty safe.

Without a $, the field is calculated by taking 25 rounds of DES on a 56 bit key field derived from the first 8 characters of the password. This is very easy to crack.

If it starts with $1$, the next part is a random salt, ending with the next $. The password and this random salt are hashed with MD5. Then this hash, the password and the salt are all hashed again. Then there are 1000 rounds of hashing using the password and the previous hash. This value is what is finally stored in the file after the last $.

There are other schemes, such as $2$ and $2a$ that are based on blowfish, $3$ which blows, $5$ and $6$ which are based on SHA. But I don't think any of those were used here.

By looking at the password file, I think the problem is that they upgraded the password hashing code to switch from DES to MD5, but didn't force changes of old passwords. Looks like this was months ago. The newest account I can find with the old style password is #3045 (out of ~60,000).

Thank you very much for that explanation. I do feel better now. I dont remember even signing up for Mt. Gox, let alone what password I used, but I use a bunch of different passwords for different sites. I've changed them all, and all of them are very long, strong passwords. Hopefully I am safe. Thank you.

LeFBI

member

Activity: 98

Merit: 10

Quote from: Durr on June 19, 2011, 05:04:00 PM

Except that an account with 500k and other accounts were hacked and it's true. So you're opinion that it's all ok is bs.

that's because he most likely used a very weak password and not because of md5(unix). it has barely to do with the algorithm, more with too lazy people. these are just....weak passes:

Quote from: piuk on June 19, 2011, 05:06:27 PM

https://uloadr.com/u/CF.txt

Apparently cracked in 3 mins with a gpu.

lazy people, even when it comes to protect an account that holds real money.

kjj

legendary

Activity: 1302

Merit: 1025

Quote from: chihlidog on June 19, 2011, 05:53:31 PM

Quote from: kjj on June 19, 2011, 05:49:00 PM

No, the vast majority of the passwords were done properly with md5_crypt(). They will probably never be cracked in any serious number.

The few that have been cracked were all passwords stored using the old unsalted DES based crypt(). Everyone knew that the old school crypt() was unsafe, which was the whole reason for switching to salted md5_crypt().

Could you explain to a layman how we can tell the difference? Looking at the string next my email I'd like to feel a little more secure if I know it was a more secure encryption.

Crypt

If it starts with $, it is probably pretty safe.

Without a $, the field is calculated by taking 25 rounds of DES on a 56 bit key field derived from the first 8 characters of the password. This is very easy to crack.

If it starts with $1$, the next part is a random salt, ending with the next $. The password and this random salt are hashed with MD5. Then this hash, the password and the salt are all hashed again. Then there are 1000 rounds of hashing using the password and the previous hash. This value is what is finally stored in the file after the last $.

There are other schemes, such as $2$ and $2a$ that are based on blowfish, $3$ which blows, $5$ and $6$ which are based on SHA. But I don't think any of those were used here.

By looking at the password file, I think the problem is that they upgraded the password hashing code to switch from DES to MD5, but didn't force changes of old passwords. Looks like this was months ago. The newest account I can find with the old style password is #3045 (out of ~60,000).

Houdini

member

Activity: 84

Merit: 10

Quote from: piuk on June 19, 2011, 05:06:27 PM

https://uloadr.com/u/CF.txt

Apparently cracked in 3 mins with a gpu.

Is this the whole list or not ? I would really like to know if my password is out there or not...

Quote from: bcearl on June 19, 2011, 06:06:31 PM

Don't trust e-mails now. Your address is public, it's the perfect opportunity to fool you.

Oh I never do...

bcearl

full member

Activity: 168

Merit: 103

Don't trust e-mails now. Your address is public, it's the perfect opportunity to fool you.

aop

newbie

Activity: 34

Merit: 0

Wanna bet next leak is going to come from this forum unless it has already been hacked and data taken?

This is would be very profitable target indeed since many people here are likely to use same passwords and usernames as they use in their mails and bitcoin exchanges.

malditonuke

full member

Activity: 145

Merit: 100

Quote from: ?? on ??

I have already received notification of unusual activity on my email account. The list is being worked...

I pity anyone who used the same password. Sad

bcearl

full member

Activity: 168

Merit: 103

Quote from: dmiii on June 19, 2011, 05:37:37 PM

Quote from: piuk on June 19, 2011, 05:06:27 PM

https://uloadr.com/u/CF.txt

Apparently cracked in 3 mins with a gpu.

So, MtGox does not us salt... It's really bad. The only good thing they can do is to reset all passwords and revalidate accounts through emails. But in case of passwords that match email ones situation becomes even worse...

Salt does not help weak passwords.

nemo

sr. member

Activity: 500

Merit: 253

Quote from: malditonuke on June 19, 2011, 05:53:01 PM

possibly unrelated, but the email account i had associated with mtgox just got locked up.

it looks like someone was trying to access it.

What are the odds that it would happen to the both of us (MTGox users) at the same time?

chihlidog

newbie

Activity: 28

Merit: 0

Quote from: kjj on June 19, 2011, 05:49:00 PM

No, the vast majority of the passwords were done properly with md5_crypt(). They will probably never be cracked in any serious number.

The few that have been cracked were all passwords stored using the old unsalted DES based crypt(). Everyone knew that the old school crypt() was unsafe, which was the whole reason for switching to salted md5_crypt().

Could you explain to a layman how we can tell the difference? Looking at the string next my email I'd like to feel a little more secure if I know it was a more secure encryption.

malditonuke

full member

Activity: 145

Merit: 100

possibly unrelated, but the email account i had associated with mtgox just got locked up.

it looks like someone was trying to access it.

bcearl

full member

Activity: 168

Merit: 103

Quote

[email protected]

Ukrainian government - ROTFL

kjj

legendary

Activity: 1302

Merit: 1025

No, the vast majority of the passwords were done properly with md5_crypt(). They will probably never be cracked in any serious number.

The few that have been cracked were all passwords stored using the old unsalted DES based crypt(). Everyone knew that the old school crypt() was unsafe, which was the whole reason for switching to salted md5_crypt().

Surtur

newbie

Activity: 15

Merit: 0

Quote from: DamienBlack on June 19, 2011, 04:59:19 PM

Someone with a network should email everyone on the list and let them know.

I already got an email from mt.gox regarding the hack - so please, do not mail the whole list Wink

nemo

sr. member

Activity: 500

Merit: 253

Fuck. This is legit. 5 minutes after reading the email from MTGox saying they got hacked, They logged into my email and I had to text myself a special code just to get back in and change my password. MTGox needs to fucking burn hard for this. I'm changing everything, they're going to get you too if you don't.

Yeti

member

Activity: 112

Merit: 10

Firstbits: 1yetiax

We don't know which accounts were really used. For example, do you really think "testuser" has a lot of BTC floating around? I would love to know the account balance to each of these now compromised accounts.

A great lesson in web security!

Quote from: ?? on ??

So, MtGox does not us salt... It's really bad. The only good thing they can do is to reset all passwords and revalidate accounts through emails. But in case of passwords that match email ones situation becomes even worse...

No, that list is a list of cracked passwords that were salted but were so stupidly easy that they got bruteforced in no time!

dust

hero member

Activity: 840

Merit: 1000

Can anyone see a flaw in this plan? (besides not working for accounts with no email):

1. All accounts are locked and no one is allowed to log in after mtgox comes back online
2. An email is sent to account owners with a password reset link
3. Users can then log into mtgox with no chance of attackers logging in first.

In the meantime:
1. Change you password ASAP if you used your mtgox password somewhere else.

Also, I saw this on 4chan /g/

Quote

I'm currently cracking.

At the rate I'm going, I should have 3,000 accounts by next week.

I doubt everyone will change there passwords. Aslong as I get there first, I should be able to get a few coins.

I'm glad i used a strong password...

Topic: ALL mtgox password has been compromised, change asap, everywhere you used it (Read 17567 times)