Topic: my mtgox account has been robbed this night. - page 2. (Read 3414 times)

 
FUCK ?!


Whether they have an 0day exploit for btc-e and mtgox which I highly doubt or they made it somehow to infect your systems which is more likely.
Maybe trough stuff posted here like manipulated images causing bufferoverflows and similar shit..


May I ask which operating system and browser you are using ?
It *might* give a first hint into the right direction..

How can we be protected by such scumbags and how do they get access to accounts guys?

16ZbpCEyVVdqu8VycWR8thUL2Rd9JnjzHt
https://blockchain.info/address/16ZbpCEyVVdqu8VycWR8thUL2Rd9JnjzHt


Keep following the money.  This isn't a small scammer. 36398 Bitcoins

You listed 67.221.255.66

BTC-e Gave me these IP addresses: 67.221.255.73  as the one that made the withdrawal.

And the IP address from 95.141.28.124 is the address that hacked my account.

Same person hit my BTC-e Account.

1Q1Wo95FcXvrhDB5ieDMk52qDs2yNfpySN

From this burner wallet.

https://blockchain.info/address/1GwuJuR4u2pCmtF4xc7DK8JJMR5uicM3sU


1.22BTC gone.

Sign in to your account at accounts.google.com.
At the top, click Security.
then Recent activity and there click View all events
then you can see something like this:

Jan 30   Signed in from Chrome (Windows)   Prague, Czech Republic
Jan 30   Changed password   Prague, Czech Republic
Jan 30   Changed password   Lubbock, TX, USA
Jan 30   Removed recovery email: [email protected]   Lubbock, TX, USA
Jan 30   Signed in from Firefox (Windows)   Lubbock, TX, USA
Jan 30   Passed a sign-in challenge   Lubbock, TX, USA
Jan 27   Signed in from Chrome (Windows)

then you select the line you wanna see details - for example first line where the attacker logged in
and on right side you will see some details like: Approximate location based on IP (known to gmail - it could be proxy maybe)

the details at right side look like this:

IP Address
67.221.255.66
Browser
Firefox 26.0
Platform
Windows

i searched for the IP and i got 3 different possible locations - google say one and a few whois services show another two.
i contacted mtgox, will contact gmail and based on logs i get i will probably continue to local authorities in order to claim this issue in correct way.

BTC get stolen like Gold in past so it is basically my fault that i trusted mtgox&gmail

i hope i will get more details on the connection and maybe some real location, then hopefully the local authorities - if i claim everythink right - could help

GMail doesn't reveal IP, unless he used a 3rd party mail client like Thunderbird or Eudora or some shit.

the IP of the bastard from Lubbock, TX, USA is 67.221.255.66 at least that states in my gmail account

found out the way i got robbed: thru gmail account
do not know how they got my pass yet.

11:58 AM   Signed in from Chrome (Windows)   Prague, Czech Republic
11:58 AM   Changed password   Prague, Czech Republic
2:12 AM   Changed password   Lubbock, TX, USA
2:12 AM   Removed recovery email: [email protected]   Lubbock, TX, USA
2:11 AM   Signed in from Firefox (Windows)   Lubbock, TX, USA
1:36 AM   Passed a sign-in challenge   Lubbock, TX, USA
Jan 27   Signed in from Chrome (Windows)

can you help me to find this:

Fees for Bitcoin withdraw to 1Q1Wo95FcXvrhDB5ieDMk52qDs2yNfpySN
2014/01/30 01:51:58   Withdraw      0.00800000 BTC   0.00178942 BTC
Bitcoin withdraw to 1Q1Wo95FcXvrhDB5ieDMk52qDs2yNfpySN

2014/01/30 01:46:33   Fee      0.00100000 BTC   0.00978942 BTC
Fees for Bitcoin withdraw to 1Q1Wo95FcXvrhDB5ieDMk52qDs2yNfpySN

2014/01/30 01:46:33   Withdraw      2.46000000 BTC   0.01078942 BTC
Bitcoin withdraw to 1Q1Wo95FcXvrhDB5ieDMk52qDs2yNfpySN

th owner of this address 1Q1Wo95FcXvrhDB5ieDMk52qDs2yNfpySN is probably just stealing from others.

is there any authority to contact in order to find this SCUMBAG... od IP of the bastard, i would like to have a word with that guy. really.

well that is confusing.

i have been robbed the exact first day i could withdraw but the robbery went before my day started.
it looks more like somebody inside mtgox is stealing this because even i did not know that i can withdraw before i logged in. and it was all gone before my login.

now people experiencing delays in withdraw but this attacker not.

mtgox could force people without additional security to get some and thus again delay withdrawals.
i was waiting for this day 2 months and insted of my money i got nothink.

this really sux guys.

how can i find the transaction? i am not sure if i see it in block chain...
any hints?

It is even more funny that your stolen payment went through.
Do you know how many of us stuck bitcoin withdraw in GOX at current time?

ok so this BTC is probably gone - no authorities to stop transaction.

its funny - i got one month mtgox account approval.
then i got another month for bank account approval.
then i got robbed but i sould make stronger security - this would probably take another month.
then i can (if not robbed) start transfering $ but that takes also some time...

this process from BTC 2 $ is very strange at least at mtgox.

will try the stronger security and see if i gen my $ at some time...

Hi, hope this is the right place to write to.
i am waiting for my mtgox account to be approved so i check everyday if i can finnally transfer first $ to my account.
Today i see i finnally can transfer my... wait... no money...?
So i check the history and what i see:

2014/01/30 01:51:58   Fee      0.00100000 BTC   0.00078942 BTC
Fees for Bitcoin withdraw to 1Q1Wo95FcXvrhDB5ieDMk52qDs2yNfpySN
2014/01/30 01:51:58   Withdraw      0.00800000 BTC   0.00178942 BTC
Bitcoin withdraw to 1Q1Wo95FcXvrhDB5ieDMk52qDs2yNfpySN
2014/01/30 01:46:33   Fee      0.00100000 BTC   0.00978942 BTC
Fees for Bitcoin withdraw to 1Q1Wo95FcXvrhDB5ieDMk52qDs2yNfpySN
2014/01/30 01:46:33   Withdraw      2.46000000 BTC   0.01078942 BTC
Bitcoin withdraw to 1Q1Wo95FcXvrhDB5ieDMk52qDs2yNfpySN
2014/01/30 01:45:14   Fee      0.00891422 BTC   2.47078942 BTC
BTC bought: [tid:1391042714891320] 1.48570364 BTC at $933.49998 (0.6% fee)
2014/01/30 01:45:14   In      1.48570364 BTC   2.47970364 BTC
BTC bought: [tid:1391042714891320] 1.48570364 BTC at $933.49998
2014/01/30 01:45:14   Fee      0.00600000 BTC   0.99400000 BTC
BTC bought: [tid:1391042714725595] 1.00000000 BTC at $933.49997 (0.6% fee)
2014/01/30 01:45:14   In      1.00000000 BTC   1.00000000 BTC
BTC bought: [tid:1391042714725595] 1.00000000 BTC at $933.49997


right after i went to sleep somebody started to use my $ and bought BTC in a 2 rows and then made a transfer to his BTC address.

Please can anybody help to find this guy? 1Q1Wo95FcXvrhDB5ieDMk52qDs2yNfpySN

i contacted mtgox in order to receive the logs and maybe some IP of the attacker.

Did anybody experienced simmilar issue? Any hint except changing all password and went paranoid?

it is strange that exact at the point when i can start transfering $ to my account somebody stole it and change it back to BTC so he can rob me.