Bitcoin Forum>Bitcoin>Bitcoin Discussion
Author

Topic: Captain obvious: "Change your mybitcoin passwords" (Read 1530 times)

foo
sr. member
Activity: 409
Merit: 250
Captain obvious: "Change your mybitcoin passwords"
June 21, 2011, 06:25:31 AM
#2
Quote from: AngstHase on June 21, 2011, 04:33:58 AM
One of my friends got hacked on mybitcoin.com. He used the self username/password combination as on mtgox.

However his password was salt-hashed in the mtgox database, and far as I know its impossible to hack a salted hashvalue without the special salt hash/hex key.
*facepalm* No, the salt is right there in the file, next to the hash. What the salt does is make it impractical to use precomputed tables, you have to brute force the password. If the password is very weak this does not take long.
AngstHase
newbie
Activity: 39
Merit: 0
Re: Captain obvious: "Change your mybitcoin passwords"
June 21, 2011, 04:33:58 AM
#1
One of my friends got hacked on mybitcoin.com. He used the self username/password combination as on mtgox.

However his password was salt-hashed in the mtgox database, and far as I know its impossible to hack a salted hashvalue without the special salt hash/hex key.


Definitely the attacker got some more accounts cashed out.
http://blockexplorer.com/address/1MAazCWMydsQB5ynYXqSGQDjNQMN3HFmEu
Bitcoin Forum>Bitcoin>Bitcoin Discussion
Jump to: