Author

Topic: bitstamp and mtgox accounts hacked at same time (Read 1990 times)

legendary
Activity: 2674
Merit: 2965
Terminated.
September 02, 2013, 05:03:49 AM
#20
Format hard drive, and don't recycle passwords.

Kj1: nobody uses "worms", it is not 1995.
I use worms  Cheesy

Ok, now I know at least 1 person still uses 'worms'.
It's something.
b!z
legendary
Activity: 1582
Merit: 1010
Format hard drive, and don't recycle passwords.

Kj1: nobody uses "worms", it is not 1995.
I use worms  Cheesy

Ok, now I know at least 1 person still uses 'worms'.
legendary
Activity: 2674
Merit: 2965
Terminated.
Format hard drive, and don't recycle passwords.

Kj1: nobody uses "worms", it is not 1995.
I use worms  Cheesy
b!z
legendary
Activity: 1582
Merit: 1010
Format hard drive, and don't recycle passwords.

Kj1: nobody uses "worms", it is not 1995.
Kj1
sr. member
Activity: 434
Merit: 250
you should enable that email verification in security settings
sr. member
Activity: 265
Merit: 250
Football President
"PS doesnt bitstamp require email verification for withdrawls?  If you receive your mails on your mobile, it would take only one minute for such a thing on mobile from people having fysical acces to your mobile device.  All the info would also be found at the linked google account if you use android."

did not receive any email when the hacker withdrew all my btc
Kj1
sr. member
Activity: 434
Merit: 250
wow thats a lot of btc's into/out that adress.
I wonder if its a worm or something.
Kj1
sr. member
Activity: 434
Merit: 250
if u use your mobile for gox & stamp; also check it.  Android and the like are prone to viruses and are imo a bigger risk then a pc which you can easily protect adequately.

PS doesnt bitstamp require email verification for withdrawls?  If you receive your mails on your mobile, it would take only one minute for such a thing on mobile from people having fysical acces to your mobile device.  All the info would also be found at the linked google account if you use android.

In all cases, use two-factor authentication!  Cumbersome but it will decrease the chance for such events.

legendary
Activity: 2674
Merit: 2965
Terminated.
You're also right about that. I said possibly, in case if it were true.

If someone knows what this adress is for, please provide info: 1KRj8opQ5y3h2dw8FjnskxuVZ5qtu5Uuid
cp1
hero member
Activity: 616
Merit: 500
Stop using branwallets
I wouldn't trust that IP geolocation to get the exact house.  I think it's just somewhere in the city.
sr. member
Activity: 265
Merit: 250
Football President
Thanks it is a help

not sure how I am going to recover my bitcoins
will tip (when I have some bitcoins)
Well I could help you out more in private possibly.
This narrows it down to 15 people.
If we assume that the stealer is a male, which is highely likely, it comes down to 6 people and 1 more person whose gender is unknown.


I'm not sure if time warner (http://www.timewarner.com/) would reveal information on a specific IP adress if you had contacted them.


have sent PM
legendary
Activity: 2674
Merit: 2965
Terminated.
Thanks it is a help

not sure how I am going to recover my bitcoins
will tip (when I have some bitcoins)
Well I could help you out more in private possibly.
This narrows it down to 15 people.
If we assume that the stealer is a male, which is highely likely, it comes down to 6 people and 1 more person whose gender is unknown.


I'm not sure if time warner (http://www.timewarner.com/) would reveal information on a specific IP adress if you had contacted them.
sr. member
Activity: 265
Merit: 250
Football President
IP traced:
http://whatismyipaddress.com/ip/98.102.149.174
http://www.ip-adress.com/ip_tracer/98.102.149.174
http://whois.domaintools.com/98.102.149.174

I've done some quick researching, the thief is possibly one of these people: http://www.spokeo.com/Sunrise+Valley+Dr+Herndon+VA+addresses#478729811

The btc withdraw adress: https://blockchain.info/address/1H4hcUpbV4E2noZpKSoQa2wszC2ghBxpXC
It was used only to withdraw those coins and send it somewhere else. To this adress: 1KRj8opQ5y3h2dw8FjnskxuVZ5qtu5Uuid  
Link: https://blockchain.info/address/1KRj8opQ5y3h2dw8FjnskxuVZ5qtu5Uuid
I don't know what this adress is for, most likely some service since there is a lot of btc transfers on it.


If that helped, feel free to tip me.  Smiley

Thanks it is a help

not sure how I am going to recover my bitcoins


will tip (when I have some bitcoins)
legendary
Activity: 2674
Merit: 2965
Terminated.
IP traced:
http://whatismyipaddress.com/ip/98.102.149.174
http://www.ip-adress.com/ip_tracer/98.102.149.174
http://whois.domaintools.com/98.102.149.174

I've done some quick researching, the thief is possibly one of these people: http://www.spokeo.com/Sunrise+Valley+Dr+Herndon+VA+addresses#478729811
That is 15 suspects.

The btc withdraw adress: https://blockchain.info/address/1H4hcUpbV4E2noZpKSoQa2wszC2ghBxpXC
It was used only to withdraw those coins and send it somewhere else. To this adress: 1KRj8opQ5y3h2dw8FjnskxuVZ5qtu5Uuid  
Link: https://blockchain.info/address/1KRj8opQ5y3h2dw8FjnskxuVZ5qtu5Uuid
I don't know what this adress is for, most likely some service since there is a lot of btc transfers on it.


If that helped, feel free to tip me.  Smiley
cp1
hero member
Activity: 616
Merit: 500
Stop using branwallets
You can trace the coins on blockchain.info
sr. member
Activity: 265
Merit: 250
Football President
Possible keylogger.
If you're scans are clean. If you used weak passwords he could have done some sort of reverse social engineering and figure out the likely passphrase that you have used. Also 30BTC is a lot to keep in 1 account if it's not safe.
Buy a cheap laptop, clean install, get good AV protection and use it for bitcoin transfers only. Watch out for infected downloads, always get your files from the official links.


Thanks password were long and different on accounts

also is there anyway of tracing ip or wallet ?

98.102.149.174  is not my ip and 1H4hcUpbV4E2noZpKSoQa2wszC2ghBxpXC is not my wallet
legendary
Activity: 2674
Merit: 2965
Terminated.
Possible keylogger.
If you're scans are clean. If you used weak passwords he could have done some sort of reverse social engineering and figure out the likely passphrase that you have used. Also 30BTC is a lot to keep in 1 account if it's not safe.
Buy a cheap laptop, clean install, get good AV protection and use it for bitcoin transfers only. Watch out for infected downloads, always get your files from the official links.
sr. member
Activity: 265
Merit: 250
Football President
Well I will suggest you to use a different PC and change all your passwords immediately, Also try to recover hacked accounts.

Scan your pc  with Malware byet's anti malware or comodo internet security, also don't forget to download a firewall and check incoming/outgoing connections.


Ps: Read this thread to avoid any viruses in future.
https://bitcointalksearch.org/topic/keep-your-system-updated-and-stay-secure-tips-to-avoid-viruses-trojans-203876.

Sorry for your loss. Sad


Thanks

I have changed all password on other accounts
cannot loging to
bitstamp
or mtgox  I think both account are deleted

have checked with malwarebytes and avg  -- no virues

so think hacked Huh

using another pc to be safe

no response from tickets on bitstamp or mtgox

legendary
Activity: 1274
Merit: 1004
Well I will suggest you to use a different PC and change all your passwords immediately, Also try to recover hacked accounts.

Scan your pc  with Malware byet's anti malware or comodo internet security, also don't forget to download a firewall and check incoming/outgoing connections.


Ps: Read this thread to avoid any viruses in future.
https://bitcointalksearch.org/topic/keep-your-system-updated-and-stay-secure-tips-to-avoid-viruses-trojans-203876.

Sorry for your loss. Sad
sr. member
Activity: 265
Merit: 250
Football President
bitstamp and mtgox accounts hacked at same time


all my bitcoin where tranfered out of my bitstamp account

after I tranfered them from mtgox

Withdrawal  Aug. 27, 2013, 1:49 p.m. -30.00000000 BTC   $0.00 
Deposit  Aug. 27, 2013, 4:49 a.m. 30.00000000 BTC   $0.00 

history

Aug. 27, 2013, 1:47 p.m. 98.102.149.174 Opened bitcoin withdrawal request for 30 BTC to 1H4hcUpbV4E2noZpKSoQa2wszC2ghBxpXC
Aug. 27, 2013, 12:32 p.m. 98.102.149.174 Logged in


98.102.149.174  is not my ip and 1H4hcUpbV4E2noZpKSoQa2wszC2ghBxpXC is not my wallet
also my bitstamp account was deleted


 and
also I cannot login to my mtgox account

Have sent them both ticket
have different passwords on both account
checked pc for virues

can someone  help
Jump to: