Author

Topic: DEL (Read 3248 times)

newbie
Activity: 3
Merit: 0
DEL
September 03, 2013, 08:19:08 PM
#20
The exact same thing happened to me. Is Mtgox responsible for this? How can an unauthorized BTC xfer take place? Mtgox must have control and access to this.

Is there recourse here? My account got hacked, in fact, on the same day, Aug. 22, 2013. BTC were transferred and my account empty the next day!

What is going on here? Should we be contacting lawyers at this point? How can MtGox authorize a transfer out of a personal account??

Anybody have any help or suggestions??
legendary
Activity: 1792
Merit: 1111
August 25, 2013, 08:42:25 AM
#19
I am using Linux , i am IT  so i am pretty sure that the computer is not compromised

The only thing i see possible i did mistake when i started use bitcoin i used same password as bitcointalk

there is no other possible way the password is 8 char long with Upper and lowercase

i can only blame myself that i was not using 2FA but lesson learned i post this that maybe it can help or will help someone in futur

You are using Linux, you are IT, and you are not using 2FA.  Roll Eyes
newbie
Activity: 45
Merit: 0
August 24, 2013, 05:59:59 PM
#18
I am using Linux , i am IT  so i am pretty sure that the computer is not compromised

The only thing i see possible i did mistake when i started use bitcoin i used same password as bitcointalk

there is no other possible way the password is 8 char long with Upper and lowercase

i can only blame myself that i was not using 2FA but lesson learned i post this that maybe it can help or will help someone in futur

You work in IT and set your password as "bitcointalk" ?
hero member
Activity: 761
Merit: 500
Mine Silent, Mine Deep
August 22, 2013, 08:21:05 PM
#17
I am using Linux , i am IT  so i am pretty sure that the computer is not compromised

The only thing i see possible i did mistake when i started use bitcoin i used same password as bitcointalk

there is no other possible way the password is 8 char long with Upper and lowercase

i can only blame myself that i was not using 2FA but lesson learned i post this that maybe it can help or will help someone in futur

8 char long? So crackable in a few minutes/hours depending on the setup of the cracker. I never use password of less than 16 characters and upper, lower cases and also symbols (!, $, %, etc.) if its possible.

And being in IT and not using 2 factor auth on a site like MtGox should automatically get you fired from your job. Seriously, what were you thinking about?

Plus, working in IT and reusing passwords instead of using unique, random generated ones by default on ALL sites you use is so retarded you should be banned from the IT industry.

Well, beats the Bitcoinica crew.

Those guys were using their public API key as the password and did not bother enabling OTP on Gox even though they were handling tens of thousands of customer bitcoins. Some even labeled themselves "Security Expert". Oh, and they didn't think making a backup of customer data was necessary either.

Of course, I turned out to be the bigger fool for banking with them...
full member
Activity: 129
Merit: 100
August 22, 2013, 05:20:20 PM
#16
Which websites?

As i said already before talking about cracking password start ask ( as i useed just one password 3 website bitcoin related) i am just informing you guys to becarful not to make the same mistake as i did nothing else !!!! i dont understand why some people think they are the Super Nerd who know everything?

First thing you have to ask yourself after my post not how stupid i was putting same password on 3 website but which of thos website is compromised !
NO DB no bruteforce i dont imagine some "Hacker" will bruteforce a webinterface to get a random account who he is not even sure to find money
sr. member
Activity: 353
Merit: 250
Rimbit - No mining, just development
August 22, 2013, 03:00:38 PM
#15
As i said already before talking about cracking password start ask ( as i useed just one password 3 website bitcoin related) i am just informing you guys to becarful not to make the same mistake as i did nothing else !!!! i dont understand why some people think they are the Super Nerd who know everything?

First thing you have to ask yourself after my post not how stupid i was putting same password on 3 website but which of thos website is compromised !
NO DB no bruteforce i dont imagine some "Hacker" will bruteforce a webinterface to get a random account who he is not even sure to find money

I sure hope you find the reason... I still think your system is compromised...

Let us know when you do find the issue  Wink
hero member
Activity: 750
Merit: 601
August 22, 2013, 02:08:28 PM
#14
Sorry for your loss.
I must say Bitcoin has taught me some security lessons, now I use a password manager, my passwords are all different and use an neccesarily large number of characters.
Bitcoins are stored in paper wallets that have never seen the internet. I usd to think people like that were paranoid, but now I know better...
Just make sure it can't happen again.
newbie
Activity: 46
Merit: 0
August 22, 2013, 09:48:31 AM
#13
As i said already before talking about cracking password start ask ( as i useed just one password 3 website bitcoin related) i am just informing you guys to becarful not to make the same mistake as i did nothing else !!!! i dont understand why some people think they are the Super Nerd who know everything?

First thing you have to ask yourself after my post not how stupid i was putting same password on 3 website but which of thos website is compromised !
NO DB no bruteforce i dont imagine some "Hacker" will bruteforce a webinterface to get a random account who he is not even sure to find money
legendary
Activity: 3066
Merit: 1147
The revolution will be monetized!
August 22, 2013, 09:42:34 AM
#12
Bummer man. And I don't blame people for being a victim. Sure you could have additional security, but you are not the bad guy here.
full member
Activity: 164
Merit: 100
August 22, 2013, 09:36:21 AM
#11
I am using Linux , i am IT  so i am pretty sure that the computer is not compromised

The only thing i see possible i did mistake when i started use bitcoin i used same password as bitcointalk

there is no other possible way the password is 8 char long with Upper and lowercase

i can only blame myself that i was not using 2FA but lesson learned i post this that maybe it can help or will help someone in futur

8 char long? So crackable in a few minutes/hours depending on the setup of the cracker. I never use password of less than 16 characters and upper, lower cases and also symbols (!, $, %, etc.) if its possible.

And being in IT and not using 2 factor auth on a site like MtGox should automatically get you fired from your job. Seriously, what were you thinking about?

Plus, working in IT and reusing passwords instead of using unique, random generated ones by default on ALL sites you use is so retarded you should be banned from the IT industry.

It is funny that i wrote this while you called me a troll.  Roll Eyes

You Sir, obviously have no critical thinking and see the world as black and white.


- 16 characters are marginally better than 8 character passwords, both can be cracked in hours or days. Ars Technica article on random passwords
- But it also has to do with pattern, randomness, etc. I can easily make a 8 char password that is better than a 16 char password
- Your point on symbols noted but changing i for ! and S for $ is just as bad.
- Password cracking is only fast if you already have the password database. (which the OP put out a warning for, compromized db's)
- If you try to crack it online by querying the server, 8 random upper lower chars takes months. (and could easily be made impossible by if logins / hour are restricted or with 2 factor auth).

- Your last point is just cruel and hateful and bears no merit on the real world. It belongs in a sand box.

Another factor that is more important than using the same password is to use different login names on all sites.
If the login names cant be matched, the passwords are useless.
legendary
Activity: 1148
Merit: 1018
August 22, 2013, 09:18:18 AM
#10
I get so tired about this,

We see money getting stolen from Mt.Gox accounts every week (the ones that posts here far from all do).

In my case the logs (from Mt.Gox) even showed that no one had been logged in at the time of the transfer.

Someone or Mt.Gox has found a way to access accounts and transfer funds out.

And Mt.Gox just stonewalls everything...



What surprises me is that ppl still use Mt.Gox,


but instead people getting ripped off gets told that they are stupid and get the standard banter:
- compromised computer, 2factor auth, fake website, other website with same username and password.....


 

troll post of the day
full member
Activity: 164
Merit: 100
August 22, 2013, 09:17:29 AM
#9
I get so tired about this,

We see money getting stolen from Mt.Gox accounts every week (the ones that posts here far from all do).

In my case the logs (from Mt.Gox) even showed that no one had been logged in at the time of the transfer.

Someone or Mt.Gox has found a way to access accounts and transfer funds out.

And Mt.Gox just stonewalls everything...



What surprises me is that ppl still use Mt.Gox,


but instead people getting ripped off gets told that they are stupid and get the standard banter:
- compromised computer, 2factor auth, fake website, other website with same username and password.....


 
sr. member
Activity: 306
Merit: 250
Donations: http://tny.im/nx
August 22, 2013, 09:07:30 AM
#8
If you used that password on another site or you logged in to a fake Mtgox site thinking it was the real one, no one had to crack anything to get your password.
Next time choose a good password and enable two-factor auth.
legendary
Activity: 1148
Merit: 1018
August 22, 2013, 06:50:39 AM
#7
I am using Linux , i am IT  so i am pretty sure that the computer is not compromised

The only thing i see possible i did mistake when i started use bitcoin i used same password as bitcointalk

there is no other possible way the password is 8 char long with Upper and lowercase

i can only blame myself that i was not using 2FA but lesson learned i post this that maybe it can help or will help someone in futur

8 char long? So crackable in a few minutes/hours depending on the setup of the cracker. I never use password of less than 16 characters and upper, lower cases and also symbols (!, $, %, etc.) if its possible.

And being in IT and not using 2 factor auth on a site like MtGox should automatically get you fired from your job. Seriously, what were you thinking about?

Plus, working in IT and reusing passwords instead of using unique, random generated ones by default on ALL sites you use is so retarded you should be banned from the IT industry.
hero member
Activity: 504
Merit: 500
August 22, 2013, 06:46:15 AM
#6
You work IT but you didn't use 2fa auth... Saywhut?
legendary
Activity: 1792
Merit: 1059
August 22, 2013, 04:08:05 AM
#5
Nop no API and no 2FA for security guess one of 3 sites is compromised and the dude tried the same password on diffrent Market like mtgox and he get lucky any way i keep investigating and fellowing the money maybe i will find out

I wish you good luck. Very annoying, what happened to you. Even if you were uncareful, this is theft. You should also lodge a complaint of an offence.
legendary
Activity: 1792
Merit: 1059
August 22, 2013, 04:01:19 AM
#4
Update : I just checked that i have the same login in crypto-trade.com / and suddenly their website volume is Volume : 40.57196829 BTC / 4,312.10 USD

It the only way i still repeat my Computer is 100% clean and password is not guessable

You can also attack Linux systems. Most via browser vulnerability. Did you along with Gox open other pages in your browser by using tabs?
legendary
Activity: 1792
Merit: 1059
August 22, 2013, 03:50:26 AM
#3
I am using Linux , i am IT  so i am pretty sure that the computer is not compromised

The only thing i see possible i did mistake when i started use bitcoin i used same password as bitcointalk

there is no other possible way the password is 8 char long with Upper and lowercase

i can only blame myself that i was not using 2FA but lesson learned i post this that maybe it can help or will help someone in futur

Do you have an API key?
sr. member
Activity: 353
Merit: 250
Rimbit - No mining, just development
August 22, 2013, 12:47:11 AM
#2
Lets look at the situation...
Someone accessed your account, so how could that have happened?

You either told someone or your PC is compromised.
newbie
Activity: 46
Merit: 0
August 21, 2013, 11:56:06 PM
#1
DEL
Jump to: