Author

Topic: mtgox account compromised minutes after requesting dwolla dep/with ability (Read 4492 times)

sr. member
Activity: 367
Merit: 250
Find me at Bitrated
OP, most importantly were you using 2 factor authorization?
legendary
Activity: 1246
Merit: 1002
You were using 2FA right?

Rhetorical questions as these events which happen on an almost daily basis never involve 2FA.  To any noob reading if you don't use 2FA you are one malware, 0-day java exploit, or phishing attack from losing your entire bitcoin savings in a split second.

Mt. Gox sent me a Yubikey.  They paid the entire cost, and it was about 3 days from the time I submitted my street address until the package was at the front door.

The guy who lost 60 BTC last week had a rooted android.

donator
Activity: 1218
Merit: 1079
Gerald Davis
You were using 2FA right?

Rhetorical questions as these events which happen on an almost daily basis never involve 2FA.  To any noob reading if you don't use 2FA you are one malware, 0-day java exploit, or phishing attack from losing your entire bitcoin savings in a split second.
full member
Activity: 121
Merit: 100
Only used my smartphone when I would log on to GOX
What OS, android or IOS ? Is the phone rooted or not ? How strong was the password used ?
hero member
Activity: 700
Merit: 500
sr. member
Activity: 260
Merit: 250
It has to be a coincidence.   For future reference, the only safe thing to do is use two factor authentication.
newbie
Activity: 34
Merit: 0
Yes I did. I'm trying to understand the timing of the situation. Why would it happen minutes after I request deposit withdraw dwolla capability ?
full member
Activity: 224
Merit: 100
You sure it was Mt Gox account that was compromised?  Maybe Dwolla was compromised.

Did you use different passwords everywhere?
newbie
Activity: 34
Merit: 0
Only used my smartphone when I would log on to GOX
newbie
Activity: 24
Merit: 0
Your computer is probably compromised. Not sure what you can do to get your money back.

Burn yourself a live CD (like ubuntu) and change your password from that. Then you'll probably want to backup your files (non executable only), reformat and reinstall your main OS. REFORMAT, DON'T JUST REINSTALL WINDOWS THAT MIGHT LEAVE FILES THAT COULD REINFECT YOU.
I'd recommend using a sandbox program for running downloaded files and your web browser. Sandboxie is my favorite and, last I checked, the most secure. It has a 30 day trail, but when it expires there's just a 5 sec nag screen and you still get full protection. There's also browser plugins that can help prevent you being hacked as well. Firefox with NoScript is a great start. Request Policy is another great one. Only allow sites you really trust, never allow things you just clicked on off of google. Also it's smart not to just google for porn or "free" downloads, find a few well established sites and stick to them.
newbie
Activity: 34
Merit: 0
Yesturday my mtgox account was finally verified and i had cash in the account. After my account was verified I requested to make deposit withdrawl using Dwolla possible in the future. and the system needed to verify that. Minutes after the system verified Dwolla someone purchased bitcoins with my cash and then transferred the btc to a outside address.
Jump to: