Pages:
Author

Topic: MT.Gox account hacked - lost 2k USD - MT.GOX will not explain how. - page 3. (Read 11387 times)

mav
full member
Activity: 169
Merit: 107
Someone is having a whale of a time with MtGox it seems. It's like watching someone smack a pinata.

My sympathies to those who were stolen from.

Mt Gox is one of the worst companies I've ever had the displeasure in dealing with. They're extortionate, obfuscated, and utterly unprofessional.

So who do you use for exchanges if you don't use Gox? I agree, Gox service is terrible, and they aren't very professional.

Sorry to hear about your loss OP. I know it doesn't help you much but your plight has encouraged me to purchase a Yubi Key just last week, so for that, I thank you.
hero member
Activity: 994
Merit: 1000
Someone is having a whale of a time with MtGox it seems. It's like watching someone smack a pinata.

My sympathies to those who were stolen from.

Mt Gox is one of the worst companies I've ever had the displeasure in dealing with. They're extortionate, obfuscated, and utterly unprofessional.
legendary
Activity: 2506
Merit: 1010
I lost roughly 2000 USD from my MT.Gox account at 08:40 JST on the 31th of may 2012.

A lot of that going on.

"MtGox account got cleared out"
 - https://bitcointalksearch.org/topic/mtgox-account-got-cleared-out-85533

"All BTC disappeared from my Mt. Gox account"
 - https://bitcointalksearch.org/topic/all-btc-disappeared-from-my-mt-gox-account-88368

Another:
 - https://bitcointalksearch.org/topic/m.941759

And another:
"My mtgox account got compromised, what can I do?"
 - https://bitcointalksearch.org/topic/my-mtgox-account-got-compromised-what-can-i-do-84585

And on other services as well.  Here same thing happened to some GLBSE users:
 - https://bitcointalksearch.org/topic/i-suspect-gpumax-was-compromised-and-passwords-stolen-84893

In none of these was the person using multi-factor authentication.  Mt. Gox has had Yubikey support for a while.  Mt. Gox accounts now support Google Authenticator:
 - https://mtgox.com/press_release_20120605.html

And another report.  Mt. Gox now has Google Authenticator support, for mobile (Android, iPhone/iPad/iPod Touch (any iOS), BlackBerry).  Use it, love it!

BTCSYN reports a $12k (1,852 BTC) theft
 - https://bitcointalksearch.org/topic/btcsyn-reports-a-12k-1852-btc-theft-92142
legendary
Activity: 1106
Merit: 1004
When i asked for IP-addresses again (to track the thief) and if they understood no login matched the withdraw
i got the answer:

> Unfortunately, more detailed information can only be provided by our management group to the police for further
> investigation. We apologize for any inconvenience caused. Please file a police report if you wish regarding this case.

This is silly. GMail allows me to see every IP I use to log in to their service. Facebook makes me go through extra identity checks when I log with an unusual IP. Why can't MtGox do the same?

Btw, saying "file a police report" to me is like saying "you got screwed and we won't help you anyhow, move over". I've seen police being utterly useless for much more serious cases.
full member
Activity: 164
Merit: 100
Thats one of they problems,

They are NOT working with me on this, and do not answer any question about why there is no login at the time of the transfer.

I get the same reply from MT.Gox every time:

> Unfortunately, more detailed information can only be provided by our management group to the police for further
> investigation. We apologize for any inconvenience caused. Please file a police report if you wish regarding this case.

Its very frustrating and very - unprofessional -


//GoK
full member
Activity: 206
Merit: 100
Mostly Harmless...
No worries, I'd be just as pissed if it happened to me.  Without complete logs, it's really hard to say.  I hope they are working with you on this.
full member
Activity: 164
Merit: 100
Ok Phraust,

I was a bit quick to write that comment, you do have a point.

I am just frustrated that i do not know how the thiefs got in.
And they, for some reason, protect whomever did it by not
even revealing to me which logins i made and which someone
else might have done (IP-addresses).

Anyway there is no login at the time of the withdraw so
all are probably mine?


//GoK
full member
Activity: 206
Merit: 100
Mostly Harmless...

Making this comment is silly since, according to Mt.Gox, noone was logged on at the time of the withdraw.

//GoK

It would have forced whomever got in, however they got in, to use multiple auth's to transfer anything out.  It looks like you still had a live login (since logouts are not shown) and someone hijacked those credentials (or session) and initiated the transfer.  If there had been another auth required at withdrawal (like google, or yubikey), it would have been much more difficult to pull off.

Whatever the case, I'd say Gox owes you a bit more information.
full member
Activity: 164
Merit: 100

This.  Not using Multifactor Authentication for withdrawals is silly.

Making this comment is silly since, according to Mt.Gox, noone was logged on at the time of the withdraw.

//GoK
full member
Activity: 164
Merit: 100
Not seeing a login on the 31st is weird.

What about the other two logins on June 1st and 9th? Was that you?

Both logins are after the withdraw was made, and i do not know if it was me, since they wont give me the IP's
and i do not remember if i logged on at at those dates or not.


And no, no one else can log on to the computer i use, automatic screen lock after 3 minutes inactivity,
(defense contract) industrial strength security, from disk encryption to whatnot.
legendary
Activity: 826
Merit: 1001
rippleFanatic
A lot of that going on.

I'm willing to bet these are all windows users. What will it take to dispel the belief that running an Anti-Virus program protects them from trojans.. Even in the reddit AMA with the botnet operator, the guy said he uses techniques to keep his bots FUD (fully un-detectable) from AV programs. Going after mtgox passwords (or passwords for other bitcoin services) from trojan keyloggers is the absolute easiest way for them to get money, easier than credit card numbers, bank logins, or anything else. Probably wasn't that common last year, but by now it must be the first thing any botnet operator would search for in their logs.
legendary
Activity: 826
Merit: 1001
rippleFanatic
Not seeing a login on the 31st is weird.

What about the other two logins on June 1st and 9th? Was that you?
hero member
Activity: 714
Merit: 500
I agree with you IF they could show that someone logged in and transferred the money out.

Yet the log they sent me did not include a login prior to the withdraw (and im not sure if it
shows one after since they wont share the IP's).

And they ignore my question about why this is the case.


//GoK

Maybe you just forgot to logout on some computers.
full member
Activity: 206
Merit: 100
Mostly Harmless...
If you trade more than $150 USD it is worth it to invest in a Yubikey, IMHO. I have other issues with MtGox, but getting hacked is the least of my concerns.

This.  Not using Multifactor Authentication for withdrawals is silly.
full member
Activity: 164
Merit: 100
I agree with you IF they could show that someone logged in and transferred the money out.

Yet the log they sent me did not include a login prior to the withdraw (and im not sure if it
shows one after since they wont share the IP's).

And they ignore my question about why this is the case.


//GoK
donator
Activity: 1419
Merit: 1015
If you trade more than $150 USD it is worth it to invest in a Yubikey, IMHO. I have other issues with MtGox, but getting hacked is the least of my concerns.
full member
Activity: 164
Merit: 100
I do not use 2 factor Auth, although i do not think it would matter since there is no login to match the withdraw.

I checked my email account it was sent to a few days back but i was unlucky, 50.0.92.83 belongs to the dynamic
pool of sonic.net.

Sonic.net saves the IP's for 14 days, so they claim they no longer know.

Thats why i wanted to know the IP's of all later logins to see if any of them were less than 14 days old.

But, since no login matches the theft!
Im not sure if knowing the login IP's would do me any good.
But then again MT.Gox wont share them and when/if the police get around to it sonic.net will have removed their logs.

Sad

legendary
Activity: 1078
Merit: 1003
Hey Stephen, I always wonder, how do you do what you do?  Grin
legendary
Activity: 2506
Merit: 1010
I lost roughly 2000 USD from my MT.Gox account at 08:40 JST on the 31th of may 2012.

A lot of that going on.

"MtGox account got cleared out"
 - https://bitcointalksearch.org/topic/mtgox-account-got-cleared-out-85533

"All BTC disappeared from my Mt. Gox account"
 - https://bitcointalksearch.org/topic/all-btc-disappeared-from-my-mt-gox-account-88368

Another:
 - https://bitcointalksearch.org/topic/m.941759

And another:
"My mtgox account got compromised, what can I do?"
 - https://bitcointalksearch.org/topic/my-mtgox-account-got-compromised-what-can-i-do-84585

And on other services as well.  Here same thing happened to some GLBSE users:
 - https://bitcointalksearch.org/topic/i-suspect-gpumax-was-compromised-and-passwords-stolen-84893

In none of these was the person using multi-factor authentication.  Mt. Gox has had Yubikey support for a while.  Mt. Gox accounts now support Google Authenticator:
 - https://mtgox.com/press_release_20120605.html

legendary
Activity: 1078
Merit: 1003
DOES ANYONE HAVE ANY RECOMMENDATION ON WHAT I CAN DO???

File a police report.
Pages:
Jump to: