Topic: If your Mt. Gox account has been compromised, PLEASE READ. - page 4. (Read 34602 times)
I'd love to see some sort of iphone app authenticator for the log in.
Lost 10.88 BTC and 198 USD on MTGOX 
Sorry for the flood, I thought I should give more informations by responding carefully to all the questions from the OP.
So :
* How much funds did you lose?
-0.500001
* To what address were your stolen funds sent?
1MAazCWMydsQB5ynYXqSGQDjNQMN3HFmEu
The transaction was done on www.mybitcoin.com where I used the same password.
I did not have a single BTC or $ in my Mt Gox account.
* What OS are you using (Windows, Linux, Mac OSX ...)?
Linux
* How long was your old password?
12 characters
* Was your old password random?
no, but it was a non-dictionary word and it was not linked with my login
* Was your username the same on Mt. Gox as on the forum?
Yes, "jeanjean" (and I'm number 31478 in the leaked .csv)
* Did you use your Mt. Gox password somewhere else?
Yes, on www.mybitcoin.com (and only there, I use more secured passwords usually)
* Did your old password contain lowercase letters, uppercase letters, special characters and numbers?
only lowercase letters
* Have you used any Bitcoin-related software, and if yes, what software? Think about things like miners, wallet managers, etc.
none, apart from mybitcoin.com
* Please also include a screenshot if possible so we know it's a real report.
I did so there (blacked out the other irrelevant transactions). For some reason I could not upload my picture on the forum, so here is the link : http://www.imagup.com/data/1123238572.html
So :
* How much funds did you lose?
-0.500001
* To what address were your stolen funds sent?
1MAazCWMydsQB5ynYXqSGQDjNQMN3HFmEu
The transaction was done on www.mybitcoin.com where I used the same password.
I did not have a single BTC or $ in my Mt Gox account.
* What OS are you using (Windows, Linux, Mac OSX ...)?
Linux
* How long was your old password?
12 characters
* Was your old password random?
no, but it was a non-dictionary word and it was not linked with my login
* Was your username the same on Mt. Gox as on the forum?
Yes, "jeanjean" (and I'm number 31478 in the leaked .csv)
* Did you use your Mt. Gox password somewhere else?
Yes, on www.mybitcoin.com (and only there, I use more secured passwords usually)
* Did your old password contain lowercase letters, uppercase letters, special characters and numbers?
only lowercase letters
* Have you used any Bitcoin-related software, and if yes, what software? Think about things like miners, wallet managers, etc.
none, apart from mybitcoin.com
* Please also include a screenshot if possible so we know it's a real report.
I did so there (blacked out the other irrelevant transactions). For some reason I could not upload my picture on the forum, so here is the link : http://www.imagup.com/data/1123238572.html
jeanjean, sorry to hear about it, but I guess you will survive 
It's the first time I hear about mybitcoin being hacked. Maybe you should start a new thread about that where people can report?
It's the first time I hear about mybitcoin being hacked. Maybe you should start a new thread about that where people can report?
Hello,
I am another bitcoin newbie being hacked.
They logged into the site www.mybitcoin.com where I was using the same password and stole everything there (which was ~0.5 BTC).
The bitcoin address which benefited from the stolen BTC is : 1MAazCWMydsQB5ynYXqSGQDjNQMN3HFmEu
The transaction happened at "2011-06-20 10:09:28". Finaly, the exact sum they took was 0.500001
I hope people here will stop the thieves. Anyway, I doubt it as theire hack was really well done hack, programming bots to check the various services (emails, online BTC clients, probably more) with the obtained passwords. But maybe it's possible to stop them from exchanging the bitcoins.
PS : I will consult my PM here if anyone needs more information about my case, but there are just *too many* posts about it for me to follow and reply directly in the forum (and I'm restricted to the newbie section for now).
I am another bitcoin newbie being hacked.
They logged into the site www.mybitcoin.com where I was using the same password and stole everything there (which was ~0.5 BTC).
The bitcoin address which benefited from the stolen BTC is : 1MAazCWMydsQB5ynYXqSGQDjNQMN3HFmEu
The transaction happened at "2011-06-20 10:09:28". Finaly, the exact sum they took was 0.500001
I hope people here will stop the thieves. Anyway, I doubt it as theire hack was really well done hack, programming bots to check the various services (emails, online BTC clients, probably more) with the obtained passwords. But maybe it's possible to stop them from exchanging the bitcoins.
PS : I will consult my PM here if anyone needs more information about my case, but there are just *too many* posts about it for me to follow and reply directly in the forum (and I'm restricted to the newbie section for now).
Tradehill will hopefully learn something from all this, as well as the users...
Extreme caution for all registered users of Mt.Gox, please.
Plenty of spam, phishing and malware coming. Bitcoin now is serious business to hackers, so at least use standard security (encrypted wallet.dat, 1 password per website, strong passwords, separate email addresses,...)
Since Windows users are especially targeted, we've got to teach the security basics, I fear
Plenty of spam, phishing and malware coming. Bitcoin now is serious business to hackers, so at least use standard security (encrypted wallet.dat, 1 password per website, strong passwords, separate email addresses,...)
Since Windows users are especially targeted, we've got to teach the security basics, I fear
... the first registered user of MtGox is actually Jed McCaleb, creator the the P2P program eDonkey2000!
What exactly does he have to do with MtGox
Jed McCaleb (of eDonkey2000 fame) was the creator of MtGox. He operated it for a few months before selling it to the current owner (MagicalTux's corporation). What exactly does he have to do with MtGox
A bad day for Mt. Gox users. I decided to change over to TradeHill.com and hope that their security will be better. Right now they also stopped services to give users time in case they used the same password on both exchanges (just NEVER do that!)
The Reply-To address is "[email protected]". Does this mean that the mtgox.com machine is compromised too and they have set up a special mailbox there?
No. Any email can have any reply-to address.
If you examine the *full* header of the email, you should be able see the actual path of where it originated. An application such as Mozilla Thunderbird allows this under "View-Headers-Full". I don't think most web-based email reader easily allow this.
What I mean is, why would they set the Reply-To header to "info_"? I think they're trying to trick people into replying to that address instead of [email protected] because they have somehow set up a redirect address from there which they can use to continue to fool people.
sigh i like that company already
How much funds did you lose?
50 BTC, a few dollars, and 11 more BTC were coming just before I couldn't log in to my account.
To what address were your stolen funds sent?
There is no way to check, as I couldn't log in.
What OS are you using (Windows, Linux, Mac OSX ...)?
Windows 7
How long was your old password?
25 characters.
Was your old password random?
Yes.
Was your username the same on Mt. Gox as on the forum?
Yes, but I've just registered this forum account for this breakdown issue.
Did you use your Mt. Gox password somewhere else?
No.
Did your old password contain lowercase letters, uppercase letters, special characters and numbers?
All of them.
Have you used any Bitcoin-related software, and if yes, what software? Think about things like miners, wallet managers, etc.
Only GUIMiner.
Please also include a screenshot if possible so we know it's a real report.
No screenshot available, as the MtGox account is inaccessible.
50 BTC, a few dollars, and 11 more BTC were coming just before I couldn't log in to my account.
To what address were your stolen funds sent?
There is no way to check, as I couldn't log in.
What OS are you using (Windows, Linux, Mac OSX ...)?
Windows 7
How long was your old password?
25 characters.
Was your old password random?
Yes.
Was your username the same on Mt. Gox as on the forum?
Yes, but I've just registered this forum account for this breakdown issue.
Did you use your Mt. Gox password somewhere else?
No.
Did your old password contain lowercase letters, uppercase letters, special characters and numbers?
All of them.
Have you used any Bitcoin-related software, and if yes, what software? Think about things like miners, wallet managers, etc.
Only GUIMiner.
Please also include a screenshot if possible so we know it's a real report.
No screenshot available, as the MtGox account is inaccessible.
I'm going with LastPass.com It seems secure and well written
I'm redoing all my passwords with it
I'm redoing all my passwords with it
KeePass has been my choice for password storage for ages now.
http://keepass.info/
The Reply-To address is "[email protected]". Does this mean that the mtgox.com machine is compromised too and they have set up a special mailbox there?
No. Any email can have any reply-to address.
If you examine the *full* header of the email, you should be able see the actual path of where it originated. An application such as Mozilla Thunderbird allows this under "View-Headers-Full". I don't think most web-based email reader easily allow this.
Now that mtgox closed their exchange, how can I tell if I got hacked?
I have read people mention that they checked the "dump" and found their info in it with their email changed (or not changed). Where is this dump?
EDIT: Google Mail just asked me to verify myself due to suspicious activity. I did use the same 9 char. password as my email on mtgox.
I'm scared.
You should be.I have read people mention that they checked the "dump" and found their info in it with their email changed (or not changed). Where is this dump?
EDIT: Google Mail just asked me to verify myself due to suspicious activity. I did use the same 9 char. password as my email on mtgox.
I'm scared.
Your Password has been compromised and the username /email / password is public now.
Hacker around the world will try to hack into whatever accounts you may have (google, paypal, amazon, facebook..) with these data.
So if you use this Password somewhere else, change it! NOW, EVERYWHERE.
Google and some other services have a 2-step verification, you should activate this.
I'm going with LastPass.com It seems secure and well written
I'm redoing all my passwords with it
I'm redoing all my passwords with it
Just a heads up that someone is sending a lovely .exe trojan to all mtgox users under the guise of "[email protected]" from wiscointl.com.cn - the subject of the email is "[Mt.Gox] Account Certificate Download."
You probably do not want to run the exe.
You probably do not want to run the exe.
Thanks alot for the info !
The Reply-To address is "[email protected]". Does this mean that the mtgox.com machine is compromised too and they have set up a special mailbox there?
This should probably be posted on the non-newbies part of this forum.
This should probably be posted on the non-newbies part of this forum.
Just a heads up that someone is sending a lovely .exe trojan to all mtgox users under the guise of "[email protected]" from wiscointl.com.cn - the subject of the email is "[Mt.Gox] Account Certificate Download."
You probably do not want to run the exe.
You probably do not want to run the exe.
Regardless how strong your password is, if it's not stored with a strong hashing method on the server it makes no difference. When MtGox was originally launched, it appears it was using MD5 for hashing. This was a very poor decision, MD5 is not secure (although it has been a de-facto standard for years, and change is hard ) It appears that lately they have decided to move to something better and offer two-factor authentication etc. Hopefully we will see less incidents in the future.
) It appears that lately they have decided to move to something better and offer two-factor authentication etc. Hopefully we will see less incidents in the future. Jump to: