I can vouch that this is happening as well.
Exactly as the OP says, except more feedback from the support staff in that they are looking into it, the funds are safe, and they acknowledge that this has affected a number of accounts.
Topic: MtGox attack from Poland: accounts compromised (Read 8368 times)
No one is losing money, stop spreading FUD
Spreading FUD you are.
Unless you post some form of proof, it's FUD.
~BCX~
~BCX~
Or not ?
My friend had exact same thing happen to him 2 days ago. Reset email arrived and he got locked out of account. Same opera browser idenitifier. He's still waiting to get access back and check his balance.
Just to follow up, after waiting 24 hours after the original password reset was requested, I did a password reset myself and the email came instantly to my own email and was able to get back in and my balance was still there. So I'm assuming (along with another reddit user) they didn't manage to get into the accounts at all, just for some reason Gox deleted the original password of the accounts that got the bulk reset attempt, preventing us from logging in.
If I was as paranoid as the OP I would thing that it could have been part of some price manipulation strategy, since many users were unable to trade for 24 hours, but I guess that's a bit far fetched.
If I was as paranoid as the OP I would thing that it could have been part of some price manipulation strategy, since many users were unable to trade for 24 hours, but I guess that's a bit far fetched.
OP is paranoid fuckball.
I was a victim of this same attack today. I woke up to read a password reset email that I didn't request. I can't log in and the password reset link didn't work either. Although it did say in the reset email that Gox's main support days are Monday to Friday I replied to the reset email saying I didn't request it. And they got back to me in about an hour and said: "We apologize for the inconvenience caused. We have disabled the withdrawals on the account and we are investigating further on this. We will keep you updated."
Exact same story here. My account should be safe though thanks to Yubikey. I'm pretty confident that neither my mail server nor my client machine was compromised but of course there's no way to be 100% sure.
I think the OP's theory that someone can access Gox's password reset mails has some merit.
+1Here the details from my case:
Quote
Time: Sat 13 Jul 2013 07:08:17 AM GMT
IP: 173.160.58.186
Browser: Opera/9.80 (Windows NT 6.1; WOW64) Presto/2.12.388 Version/12.15
IP: 173.160.58.186
Browser: Opera/9.80 (Windows NT 6.1; WOW64) Presto/2.12.388 Version/12.15
+1
Time: Sat 13 Jul 2013 11:24:38 AM GMT
IP: 95.102.170.242
Browser: Opera/9.80 (Windows NT 6.1; WOW64) Presto/2.12.388 Version/12.15
I was a victim of this same attack today. I woke up to read a password reset email that I didn't request. I can't log in and the password reset link didn't work either. Although it did say in the reset email that Gox's main support days are Monday to Friday I replied to the reset email saying I didn't request it. And they got back to me in about an hour and said: "We apologize for the inconvenience caused. We have disabled the withdrawals on the account and we are investigating further on this. We will keep you updated."
Exact same story here. My account should be safe though thanks to Yubikey. I'm pretty confident that neither my mail server nor my client machine was compromised but of course there's no way to be 100% sure.
I think the OP's theory that someone can access Gox's password reset mails has some merit.
+1Here the details from my case:
Quote
Time: Sat 13 Jul 2013 07:08:17 AM GMT
IP: 173.160.58.186
Browser: Opera/9.80 (Windows NT 6.1; WOW64) Presto/2.12.388 Version/12.15
IP: 173.160.58.186
Browser: Opera/9.80 (Windows NT 6.1; WOW64) Presto/2.12.388 Version/12.15
Jump on irc, #mtgox, and see if you can get in touch with them that way.
there is a german user claiming the same kind of attack:
https://bitcointalksearch.org/topic/jemand-hat-versucht-in-meinen-mtgox-account-einzudringen-255532
https://bitcointalksearch.org/topic/jemand-hat-versucht-in-meinen-mtgox-account-einzudringen-255532
I was a victim of this same attack today. I woke up to read a password reset email that I didn't request. I can't log in and the password reset link didn't work either. Although it did say in the reset email that Gox's main support days are Monday to Friday I replied to the reset email saying I didn't request it. And they got back to me in about an hour and said: "We apologize for the inconvenience caused. We have disabled the withdrawals on the account and we are investigating further on this. We will keep you updated."
I've seen 2 other forum users that got the same attack here:
https://bitcointalksearch.org/topic/m.2721093
And another on reddit.
http://www.reddit.com/r/Bitcoin/comments/1i7ydk/psa_reminder_do_not_store_anything_of_value_at_a/
I think the OP's theory that someone can access Gox's password reset mails has some merit.
My reset was done from Belgium not Poland though:
request was made from:
> IP: 81.246.181.166
> Browser: Opera/9.80 (Windows NT 6.1; WOW64) Presto/2.12.388 Version/12.15
I've seen 2 other forum users that got the same attack here:
https://bitcointalksearch.org/topic/m.2721093
And another on reddit.
http://www.reddit.com/r/Bitcoin/comments/1i7ydk/psa_reminder_do_not_store_anything_of_value_at_a/
I think the OP's theory that someone can access Gox's password reset mails has some merit.
My reset was done from Belgium not Poland though:
request was made from:
> IP: 81.246.181.166
> Browser: Opera/9.80 (Windows NT 6.1; WOW64) Presto/2.12.388 Version/12.15
Do you feel completely stupid now?
You're claiming our posts are complete fake, but you're just a stupid dumb troll.
You're claiming our posts are complete fake, but you're just a stupid dumb troll.
To be completely honest, it's highly unlikely that we have lost a single dollar here.
The fiat currency is all in "confirmed" status withdrawals, and all the BTC have been withdrawn before the event.
But still, it's possible that this account has been compromised. And i think there was an open balance of a few hundreds (nothing that we would care about, but better than nothing for a polish attacker).
I'm reposting a message from another user who apparently had the same issue today: https://bitcointalksearch.org/topic/mtgox-attack-from-accounts-compromised-255644
The fiat currency is all in "confirmed" status withdrawals, and all the BTC have been withdrawn before the event.
But still, it's possible that this account has been compromised. And i think there was an open balance of a few hundreds (nothing that we would care about, but better than nothing for a polish attacker).
I'm reposting a message from another user who apparently had the same issue today: https://bitcointalksearch.org/topic/mtgox-attack-from-accounts-compromised-255644
Wow,
Quite convenient that a newbie account created AFTER your initial post has the exact same unconfirmed, unsubstantiated issue as you. Even more convenient is that you find it within an hour of its creation and use it as validation. Even more extraordinary is that this user with only 1 post has the ability to find your moderator buried post.
Give it up, your MTGOX FUD attempt failed and if you aren't attempting to spread FUD, being as stupid as I have pointed out deserves to be ripped off.
The newbie PMed me since he couldn't post on the original topic.
The moderator didn't bury the initial post, as you claim, at all: https://bitcointalksearch.org/topic/--255661
The newbie will surely be able to confirm by providing identification information, once MtGox confirms all these accounts are frozen for investigation.
You're going to feel very stupid, again. (After ignoring all my posts that asked you for facts)
You must be alone in front of your PC, and because you don't make any money, you try to insult via forums people that do. Get a life for the last time, you're not welcome on this topic.
To be completely honest, it's highly unlikely that we have lost a single dollar here.
The fiat currency is all in "confirmed" status withdrawals, and all the BTC have been withdrawn before the event.
But still, it's possible that this account has been compromised. And i think there was an open balance of a few hundreds (nothing that we would care about, but better than nothing for a polish attacker).
If it has been compromised, it is quite an interesting attack, since it implies getting your hands on MtGox database (at least the user ID or emails list) and being able to sniff their servers traffic in their Florida colocation.
I'm reposting a message from another user who apparently had the same issue today: https://bitcointalksearch.org/topic/mtgox-attack-from-accounts-compromised-255644
The fiat currency is all in "confirmed" status withdrawals, and all the BTC have been withdrawn before the event.
But still, it's possible that this account has been compromised. And i think there was an open balance of a few hundreds (nothing that we would care about, but better than nothing for a polish attacker).
If it has been compromised, it is quite an interesting attack, since it implies getting your hands on MtGox database (at least the user ID or emails list) and being able to sniff their servers traffic in their Florida colocation.
I'm reposting a message from another user who apparently had the same issue today: https://bitcointalksearch.org/topic/mtgox-attack-from-accounts-compromised-255644
But you have 2-Factor Authentication enabled right???
Then they couldnt get into your account with just your email and password/
Right
Granted, that was pretty stupid of us.
We did order a Yubikey, but never arrived.
So now it's looking like the reason for the compromise was
1) Announcing to the world you have large amounts of money on GOX
2) No Yubi Key
3) Multiple people with account access
4) Without 2-Factor Authentication
Anyone still think it was GOX?
~BCX~
Complete troll, shown below:
1) It's not possible to link the identity on this forum ("ivanc") to the MtGox account. Dare to show us how? Please provide our account user ID.
2) Yubikey: that's an additional security measure, in the meanwhile it's true we were doing without yubikey
3) unrelated, all the accesses come from one ip address, from our office in London.
4) same as 2)
Wow, you really are that stupid aren't you.
1) what needs to be explained about a possible inside theft?
2) What needs to be explained about another account holder getting sloppy with the info somewhere else?
The biggest indicator that you are simply spreading FUD is that you want blame MTGOX as loud as you can without even remotely considering it was your stupidity.
BTW, did you notice this thread was moved from the main forum without a redirection?
~BCX~
Sure, we're completely stupid. Very, very dumb (because you said so).
Thanks for not participating in this topic if you have nothing else to say, you need to spare your precious intelligence for other topics.
Much appreciated.
Jezus people, how bout trying to help somebody instead of attacking the messenger or calling them stupid when you hear something you don't like 
.
.Citation needed.
One guy said we could have a trojan. (we don't, but anyway)
This was unrelated to the discussion, since the attacker asked for an email reset, hence the definition of "stupid".
But you have 2-Factor Authentication enabled right???
Then they couldnt get into your account with just your email and password/
Right
Granted, that was pretty stupid of us.
We did order a Yubikey, but never arrived.
So now it's looking like the reason for the compromise was
1) Announcing to the world you have large amounts of money on GOX
2) No Yubi Key
3) Multiple people with account access
4) Without 2-Factor Authentication
Anyone still think it was GOX?
~BCX~
Complete troll, shown below:
1) It's not possible to link the identity on this forum ("ivanc") to the MtGox account. Dare to show us how? Please provide our account user ID.
2) Yubikey: that's an additional security measure, in the meanwhile it's true we were doing without yubikey
3) unrelated, all the accesses come from one ip address, from our office in London.
4) same as 2)
Can you please define who the "we" is that you keep referring to please?
It's a company account, hence "we". How does this help?
Trolling?
Totally unrelated to the topic, again.
It was unclear if you were speaking for several account holders that had all received these password resets. It's more clear now that it is only 1 account that you control. One account comprimised does not equal the Mt. Gox database being comprimised. If what you were saying is true, then people would need to take some sort of action if possible. That's how it helps.
Jezus people, how bout trying to help somebody instead of attacking the messenger or calling them stupid when you hear something you don't like .
.But you have 2-Factor Authentication enabled right???
Then they couldnt get into your account with just your email and password/
Right
Granted, that was pretty stupid of us.
We did order a Yubikey, but never arrived.
Jump to: