Topic: Is Bitcoin/Mt.gox under an orchestrated attack to destroy confidence? - page 2. (Read 6790 times)
June 14, 2011, 03:35:14 PM
seems like TradeHill is now under attack
June 14, 2011, 03:32:55 PM
The security status of the exchanges is not helpful to build the needed confidence for bitcoin.
This is nothing against MtGox specifically, but to me all exchanges lack the minimum security measures that typical exchanges have.
Unless this is improved significantly, why would someone take the risk to invest significant funds? If at the same time he reads the DDOS attacks, password stalling, fund stealing... Strong efforts need to be made to provide at least standard security: I.e. transaction number verificaton per each trade, etc.
This is nothing against MtGox specifically, but to me all exchanges lack the minimum security measures that typical exchanges have.
Unless this is improved significantly, why would someone take the risk to invest significant funds? If at the same time he reads the DDOS attacks, password stalling, fund stealing... Strong efforts need to be made to provide at least standard security: I.e. transaction number verificaton per each trade, etc.
Sounds like Craigslist would be safer...... "Pay cash in person, bring laptop".
Not very efficient.
Well, on the positive side at least we can expect great volatility in the markets for the next couple of days. But i do hope they put together something more solid, and at least halt trading/transactions until this is fixed, this is embarrassing to say the least.
June 14, 2011, 03:02:32 PM
The security status of the exchanges is not helpful to build the needed confidence for bitcoin.
This is nothing against MtGox specifically, but to me all exchanges lack the minimum security measures that typical exchanges have.
Unless this is improved significantly, why would someone take the risk to invest significant funds? If at the same time he reads the DDOS attacks, password stalling, fund stealing... Strong efforts need to be made to provide at least standard security: I.e. transaction number verificaton per each trade, etc.
This is nothing against MtGox specifically, but to me all exchanges lack the minimum security measures that typical exchanges have.
Unless this is improved significantly, why would someone take the risk to invest significant funds? If at the same time he reads the DDOS attacks, password stalling, fund stealing... Strong efforts need to be made to provide at least standard security: I.e. transaction number verificaton per each trade, etc.
Sounds like Craigslist would be safer...... "Pay cash in person, bring laptop".
June 14, 2011, 02:53:30 PM
Has any of the "hacking incidents" got confirmed or acknowledged by by Mt.Gox? I'm not aware of such a confirmation ... I would push for an official statement to make sure this is not a FUD campaign by some people ... I do not want to accuse anyone of anything but this is the Internet - it generally isn't a good idea to take a word of some anonymous pseudonym on a forum seriously especially in cases where money is involved.
In one instance the "victim" claimed to have $7,000 withdrawn even that only $1,000 is possible a day, something doesn't smell right here.
In one instance the "victim" claimed to have $7,000 withdrawn even that only $1,000 is possible a day, something doesn't smell right here.
Oh, hey, I'm pretty sure that's me.
I can't vouch for the other claims, but I really was. I talked to MagicalTux about it, and he can verify my claims. This is not to say this isn't part of an orchestrated attack, as it would seem that someone is brute forcing passwords, which plays into the greater narrative of something fishy going on. I know I'll never convince everyone that I'm being honest as this is the internet and all, but whatever. All I was ever saying is that people need to make sure to not be naive about their password security, not that Mt. Gox shouldn't be trusted (though they do need some sort of secondary to password account confirmation!!).
June 14, 2011, 02:51:22 PM
The security status of the exchanges is not helpful to build the needed confidence for bitcoin.
This is nothing against MtGox specifically, but to me all exchanges lack the minimum security measures that typical exchanges have.
Unless this is improved significantly, why would someone take the risk to invest significant funds? If at the same time he reads the DDOS attacks, password stalling, fund stealing... Strong efforts need to be made to provide at least standard security: I.e. transaction number verificaton per each trade, etc.
This is nothing against MtGox specifically, but to me all exchanges lack the minimum security measures that typical exchanges have.
Unless this is improved significantly, why would someone take the risk to invest significant funds? If at the same time he reads the DDOS attacks, password stalling, fund stealing... Strong efforts need to be made to provide at least standard security: I.e. transaction number verificaton per each trade, etc.
June 14, 2011, 02:38:27 PM
http://securityforthemasses.blogspot.com/2011/06/bitcoin-exchanges-hacked-by-buttsec.html
Looks like Mt Gox has been compromised, but more to prove lack of security and less to do with destroying bitcoin confidence.
Looks like Mt Gox has been compromised, but more to prove lack of security and less to do with destroying bitcoin confidence.
Well, the statement implies that Mt.Gox is down because it was "compromised", as far as I understand it is actually under DDoS attack ... if it's "compromised" what is the need for a DDoS to take it down? I don't know ... by whatever the case, it seems "Buttsec" doesn't have evil intentions
Quote
"ButtSec
Oh hai. We've gained access to some Bitcoin exchange sites. Obviously this includes Mt Gox, which is currently down. Hm wonder why?
Here at Buttsec we're fans of Bitcoin, but we must get the message out there that security is sorely lacking on many of the exchange sites! We will speak with some of these sites in the coming days. If your users aren't given answers, expect some information to make it to the public! ;-)
Yours truly, Buttsec
Bitcoin donations: 15gvHsFAq5RQaFSzUFQUCTCqAjrVoMjv2P
Twitter: @buttsecurity"
Oh hai. We've gained access to some Bitcoin exchange sites. Obviously this includes Mt Gox, which is currently down. Hm wonder why?
Here at Buttsec we're fans of Bitcoin, but we must get the message out there that security is sorely lacking on many of the exchange sites! We will speak with some of these sites in the coming days. If your users aren't given answers, expect some information to make it to the public! ;-)
Yours truly, Buttsec
Bitcoin donations: 15gvHsFAq5RQaFSzUFQUCTCqAjrVoMjv2P
Twitter: @buttsecurity"
That's interesting. After explaining to my fiance what a DDOS was she asked why anyone would do that. I said one reason (among many) would be supporters who would try and point out obvious security flaws.....
Seems everyone is starting to see the potential for much money to be made here and are putting the cart before the horse at the expense of security. Everyone needs to breathe deeply as this evolves....
June 14, 2011, 02:01:31 PM
http://securityforthemasses.blogspot.com/2011/06/bitcoin-exchanges-hacked-by-buttsec.html
Looks like Mt Gox has been compromised, but more to prove lack of security and less to do with destroying bitcoin confidence.
Looks like Mt Gox has been compromised, but more to prove lack of security and less to do with destroying bitcoin confidence.
Well, the statement implies that Mt.Gox is down because it was "compromised", as far as I understand it is actually under DDoS attack ... if it's "compromised" what is the need for a DDoS to take it down? I don't know ... by whatever the case, it seems "Buttsec" doesn't have evil intentions
Quote
"ButtSec
Oh hai. We've gained access to some Bitcoin exchange sites. Obviously this includes Mt Gox, which is currently down. Hm wonder why?
Here at Buttsec we're fans of Bitcoin, but we must get the message out there that security is sorely lacking on many of the exchange sites! We will speak with some of these sites in the coming days. If your users aren't given answers, expect some information to make it to the public! ;-)
Yours truly, Buttsec
Bitcoin donations: 15gvHsFAq5RQaFSzUFQUCTCqAjrVoMjv2P
Twitter: @buttsecurity"
Oh hai. We've gained access to some Bitcoin exchange sites. Obviously this includes Mt Gox, which is currently down. Hm wonder why?
Here at Buttsec we're fans of Bitcoin, but we must get the message out there that security is sorely lacking on many of the exchange sites! We will speak with some of these sites in the coming days. If your users aren't given answers, expect some information to make it to the public! ;-)
Yours truly, Buttsec
Bitcoin donations: 15gvHsFAq5RQaFSzUFQUCTCqAjrVoMjv2P
Twitter: @buttsecurity"
June 14, 2011, 12:40:41 PM
http://securityforthemasses.blogspot.com/2011/06/bitcoin-exchanges-hacked-by-buttsec.html
Looks like Mt Gox has been compromised, but more to prove lack of security and less to do with destroying bitcoin confidence.
Looks like Mt Gox has been compromised, but more to prove lack of security and less to do with destroying bitcoin confidence.
June 14, 2011, 12:34:28 PM
This got me thinking ... a bunch of interesting events happened recently:
1) first there was a panic sell off which was further fueled on these forums by a group of trolls until measures were taken to get it under control
2) Mt.Gox got crashed what was a middle of the night in Japan where it is located
3) DDoS on Bitcoin website along with Mt.Gox again in the middle of the night and previously other sites
4) mounting suspicious cases of reported "hacked accounts" on Mt.Gox
Any one of these events alone would be non-conclusive and probably coincidence or true incident but taken all together it may appear there is a group that is trying to ruin confidence in Bitcoin. Motives to do so may be numerous ... the simplest one is profit, make people sell and then buy cheap, wait for the price to go up again - profit!
Has any of the "hacking incidents" got confirmed or acknowledged by by Mt.Gox? I'm not aware of such a confirmation ... I would push for an official statement to make sure this is not a FUD campaign by some people ... I do not want to accuse anyone of anything but this is the Internet - it generally isn't a good idea to take a word of some anonymous pseudonym on a forum seriously especially in cases where money is involved.
In one instance the "victim" claimed to have $7,000 withdrawn even that only $1,000 is possible a day, something doesn't smell right here.
So be careful people and do not panic, it's possible that's exactly the goal of such campaign. Every time someone alleges his funds got stolen demand official statement from Mt'Gox whether they can confirm or deny such claims.
1) first there was a panic sell off which was further fueled on these forums by a group of trolls until measures were taken to get it under control
2) Mt.Gox got crashed what was a middle of the night in Japan where it is located
3) DDoS on Bitcoin website along with Mt.Gox again in the middle of the night and previously other sites
4) mounting suspicious cases of reported "hacked accounts" on Mt.Gox
Any one of these events alone would be non-conclusive and probably coincidence or true incident but taken all together it may appear there is a group that is trying to ruin confidence in Bitcoin. Motives to do so may be numerous ... the simplest one is profit, make people sell and then buy cheap, wait for the price to go up again - profit!
Has any of the "hacking incidents" got confirmed or acknowledged by by Mt.Gox? I'm not aware of such a confirmation ... I would push for an official statement to make sure this is not a FUD campaign by some people ... I do not want to accuse anyone of anything but this is the Internet - it generally isn't a good idea to take a word of some anonymous pseudonym on a forum seriously especially in cases where money is involved.
In one instance the "victim" claimed to have $7,000 withdrawn even that only $1,000 is possible a day, something doesn't smell right here.
So be careful people and do not panic, it's possible that's exactly the goal of such campaign. Every time someone alleges his funds got stolen demand official statement from Mt'Gox whether they can confirm or deny such claims.
Jump to: