Author

Topic: MtGox attack from: accounts compromised (Read 921 times)

full member
Activity: 196
Merit: 100
February 01, 2014, 02:17:39 AM
#6
my account has been compromissed and after 12h nobody from mtgox got in contact with me, it seems that the address kept the BTC for a while so maybe there was something to do but they are to lazy and i am not that important.

i didn´t have the 2FA because i don´t have android mobile but that doesn´t mean that mtgox should clean their hand and do nothing. they should have some responsabilties. other exchanges request you to click a link on the email they send to confirm the transaction. if it was like that i wouldn´t been hack because my email hasn´t beeen compromissed.

i know one that will not use mtgox again and will try to do my best to expando my experience around the forums so people is aware about mtgox
newbie
Activity: 24
Merit: 0
July 15, 2013, 11:40:21 AM
#5
Want to say that this did NOT happen to me. I have 2FA (yubikey), is it possible the attackers knew who had 2FA and who did not? I did have assets in my mtgox acct.

That may be a possibility. I did not have a 2-factor active myself. But now I do. Downloaded Google Authenticator as soon as I managed to get back into my account. It was 24 horrible hours to wait for the PW-reset timer to reset so I could get back in.

Thankfully I did not have much money on my account, but still not fun to experience. At least my few dollars I had there were not touched. All good so far.
newbie
Activity: 12
Merit: 0
July 15, 2013, 10:30:08 AM
#4
Want to say that this did NOT happen to me. I have 2FA (yubikey), is it possible the attackers knew who had 2FA and who did not? I did have assets in my mtgox acct.

newbie
Activity: 24
Merit: 0
July 15, 2013, 10:09:45 AM
#3
I can confirm this, it happened to me too a few days ago. Password-request was made by attacker, he managed to grab the reset-link WITHOUT compromising my email-server.

Thankfully I noticed it within a hour after it happened, since I get my emails to my phone almost instantly. So I saw it the instant I woke up and peaked on my phone-screen. I quickly jumped up from bed and sent a email to MtGox, and MtGox staff was able to lock-down withdrawals fast enough. I did not lose any money.

But still, I definitely got hacked. And the hacker managed to change PW without touching my email server.

Close call this time, no doubt.
newbie
Activity: 56
Merit: 0
July 13, 2013, 01:22:41 PM
#2
The hacker can potentially use the reset code, if he is able to sniff the traffic between MtGox mail server and your receiving mail server.
Actually not very hard to do if you've got some insider contact in the datacenter where MtGox colocate their servers.
Reset emails are sent in clear for convenience.
newbie
Activity: 3
Merit: 0
July 13, 2013, 11:42:58 AM
#1
There is a topic in the service discussion board about ongoing attack on MtGox accounts.

https://bitcointalk.org/index.php?topic=255630.40

I am unable to post to that topic so I am writing a confirmation here.

My account is subject of the same attack. Today I have received a same email that somebody requested a password reset for my account.
I tried to log-in to the account. Password doesn't work. Account is inaccessible.

MtGox support said only that they have blocked withdrawals and investigating, without confirmation that wether the money are stolen or not.

Attacker request was made form USA IP.

Interesting that my email service wasn't compromised. There was no any access from IPs other than mine. So hacker was not able to use the reset code form my mail. Maybe there is a leak in MtGox password reset process.

Please repost this to the main thread.
Jump to: