Im just been attacked and robbed on my MT Gox account - page 5.

J.

newbie

Activity: 56

Merit: 0

Quote from: fcmatt on August 04, 2011, 04:21:50 PM

MTGOX uses https for auth.. so it is not like a man in the middle attack is trivial.

Also, it seems the user is not a noob running windows XP with sp2 or what not.

If I was MTGOX I would be taking this post oh so seriously as an attacker of the MTGOX
website would surely go about draining accounts in a slow methodical fashion versus going
all out and alerting many people at once.

If they were owned once.. it can happen again. Especially when an attacker knows there is
a currency that can be transferred anonymously.

The OP seems to have his bases covered unless, no offense, you are not telling us exactly
how you use this apple mac computer. Perhaps you like to view odd things online going to
several possibly malicious websites per day?

It is as I've written, I just ran a check on all my systems and programs ... no errors or viruses.

I have also just moved my bitcoin wallet onto another mac which is not online currently, so I did not lose all my bitcoins lying there ...

I do not know how the person came into my account, but when I was in on it, worked my code / password not and I had to receive an email from MT Gox before I could get in, and when I came in. I could see that all accounts were in both 0 $ and BTC

So I looked at the logs and could see there had been eliminated 100 BTC and that had subsequently been sold 19 BTC and then moved around. $ 320

pdki

newbie

Activity: 27

Merit: 0

Whatever happened, before blaming this guy, remember what people were saying when the first reports of cracked mtgox accounts were reported on this forum. Nobody believed them. A couple of days later the mtgox account database was available for download.

fcmatt

legendary

Activity: 2072

Merit: 1001

MTGOX uses https for auth.. so it is not like a man in the middle attack is trivial.

Also, it seems the user is not a noob running windows XP with sp2 or what not.

If I was MTGOX I would be taking this post oh so seriously as an attacker of the MTGOX
website would surely go about draining accounts in a slow methodical fashion versus going
all out and alerting many people at once.

If they were owned once.. it can happen again. Especially when an attacker knows there is
a currency that can be transferred anonymously.

The OP seems to have his bases covered unless, no offense, you are not telling us exactly
how you use this apple mac computer. Perhaps you like to view odd things online going to
several possibly malicious websites per day?

J.

newbie

Activity: 56

Merit: 0

Quote from: nostrum on August 04, 2011, 04:02:39 PM

Quote from: J. on August 04, 2011, 03:37:04 PM

Quote from: nostrum on August 04, 2011, 03:29:57 PM

Where did you store your password?

I do not understand your question

You said you had a unique, long and secure password. I generally do not expect people (like myself) being able to remember them.
Did you use a service like LastPass or did you have the password written down in (encrypted) text somewhere (inside or outside the computer)?

outside the computer
in my head:)

nostrum

member

Activity: 65

Merit: 10

Quote from: J. on August 04, 2011, 03:37:04 PM

Quote from: nostrum on August 04, 2011, 03:29:57 PM

Where did you store your password?

I do not understand your question

You said you had a unique, long and secure password. I generally do not expect people (like myself) being able to remember them.
Did you use a service like LastPass or did you have the password written down in (encrypted) text somewhere (inside or outside the computer)?

J.

newbie

Activity: 56

Merit: 0

Quote from: fcmatt on August 04, 2011, 03:42:02 PM

Quote from: J. on August 04, 2011, 03:34:59 PM

Quote from: fcmatt on August 04, 2011, 03:27:55 PM

i cannot imagine MTGOX allows IPs to attempt to brute force a password over and over again from the
same IP address. Even if the attacker had 10,000 public IPs to use and MTGOX allowed 10 attempts
before locking it out for 24 hours.. it would be almost impossible to brute force a password like the OP
has in any reasonable amount of time.

So that leaves me thinking that the OP has some time of virus/trojan on his PC and the attacker
snarfed the password via that vector.

OP, do you run windows, linux or a mac? I am just curious.

Mac

Well running a mac surely throws out 99% of virus and typical internet attacks.
The other .99% can be defeated via updated software on a regular basis leaving only 0day attacks and blatant
mistakes by a user who runs untrusted software and otherwise clicks YES to anything that
pops up on his desktop.

Do you run all sorts of goofy software found on the internet? Especially odd bitcoin related software?

no all my software is bought and paid for and I update regularly ...

I do not use pogrammer I do not know and have never had an attack of any kind.

KeyserSoze

hero member

Activity: 560

Merit: 500

Quote from: Tasty Champa on August 04, 2011, 03:14:50 PM

how was the vacation?

rotfl

J.

newbie

Activity: 56

Merit: 0

Quote from: Johnny Pizza on August 04, 2011, 03:38:47 PM

A sucker is born every minute. Cool

I'm sure whoever got them from you is enjoying themselves. Tongue

Nice!!!!

fcmatt

legendary

Activity: 2072

Merit: 1001

Quote from: J. on August 04, 2011, 03:34:59 PM

Quote from: fcmatt on August 04, 2011, 03:27:55 PM

i cannot imagine MTGOX allows IPs to attempt to brute force a password over and over again from the
same IP address. Even if the attacker had 10,000 public IPs to use and MTGOX allowed 10 attempts
before locking it out for 24 hours.. it would be almost impossible to brute force a password like the OP
has in any reasonable amount of time.

So that leaves me thinking that the OP has some time of virus/trojan on his PC and the attacker
snarfed the password via that vector.

OP, do you run windows, linux or a mac? I am just curious.

Mac

Well running a mac surely throws out 99% of virus and typical internet attacks.
The other .99% can be defeated via updated software on a regular basis leaving only 0day attacks and blatant
mistakes by a user who runs untrusted software and otherwise clicks YES to anything that
pops up on his desktop.

Do you run all sorts of goofy software found on the internet? Especially odd bitcoin related software?

SgtSpike

legendary

Activity: 1400

Merit: 1005

Quote from: Man From The Future on August 04, 2011, 03:30:22 PM

Quote from: SgtSpike on August 04, 2011, 02:51:16 PM

Did you change your password after the last security breech?

I don't wear breeches!

(You mean breach!)

Dang... my spelling is getting worse as I age.

Johnny Pizza

newbie

Activity: 28

Merit: 0

A sucker is born every minute. Cool

I'm sure whoever got them from you is enjoying themselves. Tongue

J.

newbie

Activity: 56

Merit: 0

Quote from: nostrum on August 04, 2011, 03:29:57 PM

Where did you store your password?

I do not understand your question

J.

newbie

Activity: 56

Merit: 0

Quote from: fcmatt on August 04, 2011, 03:27:55 PM

i cannot imagine MTGOX allows IPs to attempt to brute force a password over and over again from the
same IP address. Even if the attacker had 10,000 public IPs to use and MTGOX allowed 10 attempts
before locking it out for 24 hours.. it would be almost impossible to brute force a password like the OP
has in any reasonable amount of time.

So that leaves me thinking that the OP has some time of virus/trojan on his PC and the attacker
snarfed the password via that vector.

OP, do you run windows, linux or a mac? I am just curious.

Mac

J.

newbie

Activity: 56

Merit: 0

Quote from: TheGer on August 04, 2011, 03:24:19 PM

"I just discovered that there is someone who has taken all my bitcoins + sold the last to move money from one account to another."

This is either fake or the guy is to stupid and deserves to lose his stuff. Personally I lean fake since if they transferred the money to another account I would simply take it up with MtGox before crybabying on some Forum since there is a paper trail if he's telling the truth.

Fake to sow seeds of discontent among the Bitcoin Community? Hmm.

send to this address:
Thu 28 Jul 2011 04:56:57 PM GMT withdraw Bitcoin withdraw to 1LxTV74oksinziDR3fgvvLUf6jdsnwSUiP 100.00000000 ฿TC

Thu 28 Jul 2011 05:15:42 PM GMT withdraw Generate redeem code: MTGOX-USD-4K7SA-UYVH8-UH85P-50E3D $305.49932

Accound balance$0.00000
Accound balance BTC 0.00000

J.

newbie

Activity: 56

Merit: 0

Quote from: Tasty Champa on August 04, 2011, 03:21:58 PM

I went through you post history and I see you have been an asset to the community.
You helped people and projected a confident acknowledgement to and of people here.

there is nothing any of us here can do for you besides speculate and possibly console you.
The only person that might be able to help you is MagicalTux, but they offer no kind of security AFAIK when it comes to someone getting past authentication.

I love bitcoin and the whole idea of being able to Hande more freely, but I'm also getting tired of constantly being put back.

I'm not one second of doubt that if MT Gox was not hagget last time, so bitcoins had been worth $ 40-60 today ... this does not help that there is more security about the exchanges we user. and I have made risk spreading by using several exchanges have little bitcoins in each but it does not help a damn thing ... think I'm done with bitcoins ....

Man From The Future

sr. member

Activity: 371

Merit: 250

Quote from: SgtSpike on August 04, 2011, 02:51:16 PM

Did you change your password after the last security breech?

I don't wear breeches!

(You mean breach!)

nostrum

member

Activity: 65

Merit: 10

Where did you store your password?

fcmatt

legendary

Activity: 2072

Merit: 1001

i cannot imagine MTGOX allows IPs to attempt to brute force a password over and over again from the
same IP address. Even if the attacker had 10,000 public IPs to use and MTGOX allowed 10 attempts
before locking it out for 24 hours.. it would be almost impossible to brute force a password like the OP
has in any reasonable amount of time.

So that leaves me thinking that the OP has some time of virus/trojan on his PC and the attacker
snarfed the password via that vector.

OP, do you run windows, linux or a mac? I am just curious.

SgtSpike

legendary

Activity: 1400

Merit: 1005

We should definitely strive to discover what the cause of this breach was. Was it a trojan or keylogger on the OP's computer? Did someone find a new security hole in MtGox? CSRF attack? Phishing website? Etc, etc.

There had to be SOME cause to it, and pointing fingers at either side isn't going to do any good.

TheGer

hero member

Activity: 602

Merit: 500

"I just discovered that there is someone who has taken all my bitcoins + sold the last to move money from one account to another."

This is either fake or the guy is to stupid and deserves to lose his stuff. Personally I lean fake since if they transferred the money to another account I would simply take it up with MtGox before crybabying on some Forum since there is a paper trail if he's telling the truth.

Fake to sow seeds of discontent among the Bitcoin Community? Hmm.

Topic: Im just been attacked and robbed on my MT Gox account - page 5. (Read 9423 times)