MT.Gox account hacked - lost 2k USD - MT.GOX will not explain how. - page 3.

mav

full member

Activity: 169

Merit: 107

Quote from: Hunterbunter on July 07, 2012, 11:55:10 PM

Someone is having a whale of a time with MtGox it seems. It's like watching someone smack a pinata.

My sympathies to those who were stolen from.

Mt Gox is one of the worst companies I've ever had the displeasure in dealing with. They're extortionate, obfuscated, and utterly unprofessional.

So who do you use for exchanges if you don't use Gox? I agree, Gox service is terrible, and they aren't very professional.

Sorry to hear about your loss OP. I know it doesn't help you much but your plight has encouraged me to purchase a Yubi Key just last week, so for that, I thank you.

Hunterbunter

hero member

Activity: 994

Merit: 1000

Someone is having a whale of a time with MtGox it seems. It's like watching someone smack a pinata.

My sympathies to those who were stolen from.

Mt Gox is one of the worst companies I've ever had the displeasure in dealing with. They're extortionate, obfuscated, and utterly unprofessional.

Stephen Gornick

legendary

Activity: 2506

Merit: 1010

Quote from: Stephen Gornick on June 22, 2012, 08:59:46 PM

Quote from: Ghostofkobra on June 22, 2012, 07:42:10 PM

I lost roughly 2000 USD from my MT.Gox account at 08:40 JST on the 31th of may 2012.

A lot of that going on.

"MtGox account got cleared out"
- https://bitcointalksearch.org/topic/mtgox-account-got-cleared-out-85533

"All BTC disappeared from my Mt. Gox account"
- https://bitcointalksearch.org/topic/all-btc-disappeared-from-my-mt-gox-account-88368

Another:
- https://bitcointalksearch.org/topic/m.941759

And another:
"My mtgox account got compromised, what can I do?"
- https://bitcointalksearch.org/topic/my-mtgox-account-got-compromised-what-can-i-do-84585

And on other services as well. Here same thing happened to some GLBSE users:
- https://bitcointalksearch.org/topic/i-suspect-gpumax-was-compromised-and-passwords-stolen-84893

In none of these was the person using multi-factor authentication. Mt. Gox has had Yubikey support for a while. Mt. Gox accounts now support Google Authenticator:
- https://mtgox.com/press_release_20120605.html

And another report. Mt. Gox now has Google Authenticator support, for mobile (Android, iPhone/iPad/iPod Touch (any iOS), BlackBerry). Use it, love it!

BTCSYN reports a $12k (1,852 BTC) theft
- https://bitcointalksearch.org/topic/btcsyn-reports-a-12k-1852-btc-theft-92142

caveden

legendary

Activity: 1106

Merit: 1004

Quote from: Ghostofkobra on June 22, 2012, 07:42:10 PM

When i asked for IP-addresses again (to track the thief) and if they understood no login matched the withdraw
i got the answer:

> Unfortunately, more detailed information can only be provided by our management group to the police for further
> investigation. We apologize for any inconvenience caused. Please file a police report if you wish regarding this case.

This is silly. GMail allows me to see every IP I use to log in to their service. Facebook makes me go through extra identity checks when I log with an unusual IP. Why can't MtGox do the same?

Btw, saying "file a police report" to me is like saying "you got screwed and we won't help you anyhow, move over". I've seen police being utterly useless for much more serious cases.

Ghostofkobra

full member

Activity: 164

Merit: 100

Thats one of they problems,

They are NOT working with me on this, and do not answer any question about why there is no login at the time of the transfer.

I get the same reply from MT.Gox every time:

> Unfortunately, more detailed information can only be provided by our management group to the police for further
> investigation. We apologize for any inconvenience caused. Please file a police report if you wish regarding this case.

Its very frustrating and very - unprofessional -

//GoK

Phraust

full member

Activity: 206

Merit: 100

Mostly Harmless...

No worries, I'd be just as pissed if it happened to me. Without complete logs, it's really hard to say. I hope they are working with you on this.

Ghostofkobra

full member

Activity: 164

Merit: 100

Ok Phraust,

I was a bit quick to write that comment, you do have a point.

I am just frustrated that i do not know how the thiefs got in.
And they, for some reason, protect whomever did it by not
even revealing to me which logins i made and which someone
else might have done (IP-addresses).

Anyway there is no login at the time of the withdraw so
all are probably mine?

//GoK

Phraust

full member

Activity: 206

Merit: 100

Mostly Harmless...

Quote from: Ghostofkobra on June 23, 2012, 08:57:40 AM

Making this comment is silly since, according to Mt.Gox, noone was logged on at the time of the withdraw.

//GoK

It would have forced whomever got in, however they got in, to use multiple auth's to transfer anything out. It looks like you still had a live login (since logouts are not shown) and someone hijacked those credentials (or session) and initiated the transfer. If there had been another auth required at withdrawal (like google, or yubikey), it would have been much more difficult to pull off.

Whatever the case, I'd say Gox owes you a bit more information.

Ghostofkobra

full member

Activity: 164

Merit: 100

Quote from: Phraust on June 22, 2012, 09:46:53 PM

This. Not using Multifactor Authentication for withdrawals is silly.

Making this comment is silly since, according to Mt.Gox, noone was logged on at the time of the withdraw.

//GoK

Ghostofkobra

full member

Activity: 164

Merit: 100

Quote from: bitcoinBull on June 22, 2012, 11:42:34 PM

Not seeing a login on the 31st is weird.

What about the other two logins on June 1st and 9th? Was that you?

Both logins are after the withdraw was made, and i do not know if it was me, since they wont give me the IP's
and i do not remember if i logged on at at those dates or not.

And no, no one else can log on to the computer i use, automatic screen lock after 3 minutes inactivity,
(defense contract) industrial strength security, from disk encryption to whatnot.

bitcoinBull

legendary

Activity: 826

Merit: 1001

rippleFanatic

Quote from: Stephen Gornick on June 22, 2012, 08:59:46 PM

A lot of that going on.

I'm willing to bet these are all windows users. What will it take to dispel the belief that running an Anti-Virus program protects them from trojans.. Even in the reddit AMA with the botnet operator, the guy said he uses techniques to keep his bots FUD (fully un-detectable) from AV programs. Going after mtgox passwords (or passwords for other bitcoin services) from trojan keyloggers is the absolute easiest way for them to get money, easier than credit card numbers, bank logins, or anything else. Probably wasn't that common last year, but by now it must be the first thing any botnet operator would search for in their logs.

bitcoinBull

legendary

Activity: 826

Merit: 1001

rippleFanatic

Not seeing a login on the 31st is weird.

What about the other two logins on June 1st and 9th? Was that you?

finway

hero member

Activity: 714

Merit: 500

Quote from: Ghostofkobra on June 22, 2012, 09:46:21 PM

I agree with you IF they could show that someone logged in and transferred the money out.

Yet the log they sent me did not include a login prior to the withdraw (and im not sure if it
shows one after since they wont share the IP's).

And they ignore my question about why this is the case.

//GoK

Maybe you just forgot to logout on some computers.

Phraust

full member

Activity: 206

Merit: 100

Mostly Harmless...

Quote from: Raize on June 22, 2012, 09:14:27 PM

If you trade more than $150 USD it is worth it to invest in a Yubikey, IMHO. I have other issues with MtGox, but getting hacked is the least of my concerns.

This. Not using Multifactor Authentication for withdrawals is silly.

Ghostofkobra

full member

Activity: 164

Merit: 100

I agree with you IF they could show that someone logged in and transferred the money out.

Yet the log they sent me did not include a login prior to the withdraw (and im not sure if it
shows one after since they wont share the IP's).

And they ignore my question about why this is the case.

//GoK

Raize

donator

Activity: 1419

Merit: 1015

If you trade more than $150 USD it is worth it to invest in a Yubikey, IMHO. I have other issues with MtGox, but getting hacked is the least of my concerns.

Ghostofkobra

full member

Activity: 164

Merit: 100

I do not use 2 factor Auth, although i do not think it would matter since there is no login to match the withdraw.

I checked my email account it was sent to a few days back but i was unlucky, 50.0.92.83 belongs to the dynamic
pool of sonic.net.

Sonic.net saves the IP's for 14 days, so they claim they no longer know.

Thats why i wanted to know the IP's of all later logins to see if any of them were less than 14 days old.

But, since no login matches the theft!
Im not sure if knowing the login IP's would do me any good.
But then again MT.Gox wont share them and when/if the police get around to it sonic.net will have removed their logs.

Sad

hazek

legendary

Activity: 1078

Merit: 1002

Hey Stephen, I always wonder, how do you do what you do? Grin

Stephen Gornick

legendary

Activity: 2506

Merit: 1010

Quote from: Ghostofkobra on June 22, 2012, 07:42:10 PM

I lost roughly 2000 USD from my MT.Gox account at 08:40 JST on the 31th of may 2012.

A lot of that going on.

"MtGox account got cleared out"
- https://bitcointalksearch.org/topic/mtgox-account-got-cleared-out-85533

"All BTC disappeared from my Mt. Gox account"
- https://bitcointalksearch.org/topic/all-btc-disappeared-from-my-mt-gox-account-88368

Another:
- https://bitcointalksearch.org/topic/m.941759

And another:
"My mtgox account got compromised, what can I do?"
- https://bitcointalksearch.org/topic/my-mtgox-account-got-compromised-what-can-i-do-84585

And on other services as well. Here same thing happened to some GLBSE users:
- https://bitcointalksearch.org/topic/i-suspect-gpumax-was-compromised-and-passwords-stolen-84893

In none of these was the person using multi-factor authentication. Mt. Gox has had Yubikey support for a while. Mt. Gox accounts now support Google Authenticator:
- https://mtgox.com/press_release_20120605.html

hazek

legendary

Activity: 1078

Merit: 1002

Quote from: Ghostofkobra on June 22, 2012, 07:42:10 PM

DOES ANYONE HAVE ANY RECOMMENDATION ON WHAT I CAN DO???

File a police report.

Topic: MT.Gox account hacked - lost 2k USD - MT.GOX will not explain how. - page 3. (Read 11352 times)