Mt.Gox Accounts and passwords released, impact to BTC econ

jgraham

full member

Activity: 140

Merit: 100

Quote from: frutza on June 20, 2011, 12:46:56 AM

Not bad, but what about those mining ops who have hundreds of cards? What if THEY turn to cracking? Grin

Hail the emperor above!!!

I actually thought about this. I took the top miners from various pools and compared their GHash rates to my own and figured that it scales linearly (it probably gets a better coefficient than I was giving it but I doubt it changes the order of the function). Which puts the estimate at ~ 4 years. That's assuming they are cracking my hash and only my hash (obvious the time increases by n for n hashes) . To worry about my password being cracked in one month (i.e. P=.02/day) I'd either have to get the attention of 48 of these folk who own >$10K worth of GPUs or postulate that there's some mysterious person who has half-a-million worth of modern GPU equipment. (and all other permutations therein). Probabilistically speaking I'd say I'm in the clear.......unless someone sics 天河 on me.

ColdHardMetal

hero member

Activity: 700

Merit: 500

Quote from: TurboK on June 19, 2011, 04:04:19 PM

I looked at that password list. Only around 1800 passwords were kept in regular md5, those are piss easy to crack (see http://www.md5decrypter.co.uk/ if you don't have a rainbow table setup already). Otherwise you are fairly safe, provided your account is not one of those with regular md5 hashes (the ones not starting with $1$whatever are regular md5s).

lol, that is so I wrong.

I iz leet hax0r thanks to random interweb link!

heavyb

full member

Activity: 217

Merit: 100

somehow my e wallet was hacked and .40 btc were sent to

1MAazCWMydsQB5ynYXqSGQDjNQMN3HFmEu

named Electronic Frontier Foundation.

Googling the name send me here http://www.eff.org/

Im thinking it is a cover, this group seems to be in support of online protection. Eff whoever is doing this hacking.

cronopio

newbie

Activity: 55

Merit: 0

Quote from: deuxmill on June 20, 2011, 08:23:11 AM

When i tried to login to my gmail account today i had to change the password because there was some suspicious activity

. Guess they tried to login using the password from mtgox.

Me too, I hear mtgox work with Google for report those suspicious activity. I change my password and dont problems even.

deuxmill

full member

Activity: 130

Merit: 100

When i tried to login to my gmail account today i had to change the password because there was some suspicious activity

. Guess they tried to login using the password from mtgox.

DukeOfEarl

newbie

Activity: 28

Merit: 0

Quote from: Tolsi on June 19, 2011, 04:18:48 PM

where is user of number 51190 in the file?!

This is the most brilliant insight I've read so far. The hacker likely had a login on mtgox and probably deleted themselves before release.

That said, 51190 is in there:

51190 tgibbsz32 [email protected] $1$9eZ.kSvA$fshZ6R1jkNtlllW10Sxpp/

LokeRundt

member

Activity: 98

Merit: 10

Quote from: Lameass

Dear Sir or Madam,

A few hours ago the Bitcoin trading website Mt Gox has been hacked. Malicious individuals have been able to obtain a database containing usernames, email address and encrypted passwords. This information has been posted publicly on the internet.

As a Bitcoin supporter I'm now sending a message to every email address contained in the hacked database. This is to warn you that your username, email address and password have been leaked. I therefore strongly advice you to change your passwords. If you have used the same passwo ???rd on different websites it's highly recommended to change your password on all of your accounts!

For a more secure alternative to Mt Gox, the community appears to be moving to TradeHill. So this is no reason to lose faith in Bitcoin itself. It must be seen as a warning that not every website can be trusted with your data however! Their link is http://www.tradehill.com/?r=TH-R15683 (Note: You can remove the Referral Code when registering if you want!) This is certainly not the only website where you can exchange Bitcoins, also check out http://www.thebitcoinlist.com/dp_bitcoin/bitcoin-exchange/

Sincerely,

A Bitcoin supporter
1CWSjov2N7ix41bZ8bJfHXkdLLbkUsG9Y7

~~So what I want to know is, how the fuck does this "sincere" bitcoin supporter get my email address? I had an account with Mt.Gox, but didn't even trade with them.~~

Nm, didn't realize I had an active link to my email on this board. *le sigh*

EDIT: But to further thicken the plot, in my account-related settings, the box labeled "Hide email address from public" is checked. . . .hmmmmmmmmmmm *navigates over to the meta subforum*

imperi

full member

Activity: 196

Merit: 101

Quote from: klayus on June 20, 2011, 01:46:09 AM

I've got a problem. my account was on the list but when i try to login to change my password it says the account dosent exist. did that happen to everyone or just me? have I lost my bitcoins???

best regards

You can't login yet. I think you are referring to the help forum which is a separate registration, I think.

klayus

newbie

Activity: 21

Merit: 0

I've got a problem. my account was on the list but when i try to login to change my password it says the account dosent exist. did that happen to everyone or just me? have I lost my bitcoins???

best regards

hugolp

legendary

Activity: 1148

Merit: 1001

Radix-The Decentralized Finance Protocol

Quote from: Grant on June 20, 2011, 01:07:16 AM

Quote from: unixdude on June 20, 2011, 01:04:51 AM

It highlights the fact that the exchanges are not secure and until they are, they should not be used or used with extreme caution.

I'm afraid extreme caution will be the result here, consequently that means: higher spreads, lower liquidity, lower price. Until confidence is restored.

Trading websites have been hacked. They have reverted the trades, and nothing big has happened. I dont see why it would be very different in this case. Hopefully this will make people go towards more serious exchanges.

Grant

full member

Activity: 210

Merit: 100

Quote from: unixdude on June 20, 2011, 01:04:51 AM

It highlights the fact that the exchanges are not secure and until they are, they should not be used or used with extreme caution.

I'm afraid extreme caution will be the result here, consequently that means: higher spreads, lower liquidity, lower price. Until confidence is restored.

unixdude

newbie

Activity: 47

Merit: 0

It will impact them and for the worst. It highlights the fact that the exchanges are not secure and until they are, they should not be used or used with extreme caution.

frutza

newbie

Activity: 14

Merit: 0

Why won't you guys save the time, electricity and cracking/spamming effort, and send me all your bitcoins now? Oops, forgot I don't have an address in my signature...

frutza

newbie

Activity: 14

Merit: 0

Not bad, but what about those mining ops who have hundreds of cards? What if THEY turn to cracking? Grin

Hail the emperor above!!!

jgraham

full member

Activity: 140

Merit: 100

Quote from: frutza on June 19, 2011, 05:57:08 PM

Usernames and emails were released, indeed. Passwords were NOT, only the hashes.
Weak passwords can be obtained from the hashes. Strong ones - not really, it's kind of hard Grin

Just ran oclHashcat on my hash and the 6990 gave an estimate of 100 years (both cores). Not feeling so bad about that.

chadqberry

newbie

Activity: 57

Merit: 0

The emails are already flooding.. MtGox scams to trick you into installing a new bitcoin client (which is infected) as well as some lame @ss trying to get you to register at Tradehill using his referral number.

chungenhung

legendary

Activity: 1134

Merit: 1005

and i bet there will be people switching their BTC mining operation to password cracking operation.

Justsomeforumuser

member

Activity: 84

Merit: 10

There really isn't anything I could say or repeat on this subject that comes as close as what reality is doing to people right now.

TurboK

full member

Activity: 136

Merit: 100

Quote from: frutza on June 19, 2011, 06:01:33 PM

Oh, and expect some spam emails in the future! Maybe nigerian letters involving bitcoins?

greetings i am a Nigerian emperor and it appears that you are entitled to a part of my sacred golden lamb flock!! plese send me your name, address and secuirty of social number and i will have my unics contact you tomorw or at your best convience!
-Jalathalqualruaumqama

frutza

newbie

Activity: 14

Merit: 0

Oh, and expect some spam emails in the future! Maybe nigerian letters involving bitcoins?

Topic: Mt.Gox Accounts and passwords released, impact to BTC econ (Read 10224 times)