finally a reply. just said the following....
"We’ve checked our system and confirm that the transaction in question was initiated after a normal login procedure using the registered login name and password.
We advise you to contact with your local police authorities. We will cooperate with them should they have questions on this transaction.
We advise you to use OTP for a more secure environment.
Best regards,
MtGox Team
https://www.mtgox.com
[Attention: Please protect your account using OTP to ensure that your funds are safe and secure. Failing to do so makes your information vulnerable to hackers.
Please visit https://mtgox.com/security]"
the hacker forgot to change the email and when i received the email with the withdrawal information you can see another ip than the usual.... in this case he used a TOR system.
Topic: My MTGOX account was hacked! (Read 8152 times)
i am still waiting to mtgox to say someting or give me some info. but nothing at all.
My account may have been hacked as well. I may have lost like .0004 BTC and about $3.00 left over from when I ditched these cock suckers months ago. I cannot see compelling reason to log on again so I'll probably never know.
tonight my account was compromised. lost 0.1 BTC and sent emails, tweets, tickets, everything and they didn´t bother to reply yet.
ok , so count me in for the robbed ones.
I guarantee there are no viruses on my computer. My day job is virus removal. Here is the trade details. Every transaction on the 24th is fraudulent.
It doesn't matter how your account was compromised. The funds have been withdrawn by BTC. They are irreversible you have lost the full amount. I know it is tough medicine but in the future use 2FA to protect financial sites (banks, paypal, exchanges, eWallets, etc).
Given that exchanges and e-Wallets aren't insured, you should also keep your funds on them for the shortest amount of time possible. 2FA might offer some protection for your individual account but it's not going to help you if the service's hot wallet is emptied, their bank accounts get frozen, their database gets trashed, or they just pack up and abscond with your funds.
I guarantee there are no viruses on my computer. My day job is virus removal. Here is the trade details. Every transaction on the 24th is fraudulent.
It doesn't matter how your account was compromised. The funds have been withdrawn by BTC. They are irreversible you have lost the full amount. I know it is tough medicine but in the future use 2FA to protect financial sites (banks, paypal, exchanges, eWallets, etc).
To any noob reading ... if you don't have 2FA activated on your account there is a very good chance this will be you in the future. Look at the like Stephen compiled and those are just recent ones and probably less than a third of the ones reported.
USE 2FA. If you don't and your computer is compromised to a 0-day vulnerability you will be like the OP (who BTW has 0.0000% chance of getting funds back). Long passwords don't protect you from trojans and phishing attempts. When setting up 2FA I set it up to only require it for security center and withdrawals. That makes logins easy and protects against CSRF attacks. http://en.wikipedia.org/wiki/Cross-site_request_forgery
USE 2FA. If you don't and your computer is compromised to a 0-day vulnerability you will be like the OP (who BTW has 0.0000% chance of getting funds back). Long passwords don't protect you from trojans and phishing attempts. When setting up 2FA I set it up to only require it for security center and withdrawals. That makes logins easy and protects against CSRF attacks. http://en.wikipedia.org/wiki/Cross-site_request_forgery
Bitcoin transactions are irrevirsible, in the meantime you can post the address to where the funds were withdrawn AND the IP. All should be there. Likely chance is you have a trojan on the PC from some Java 0day exploit.
I already sold the bitcoins. The USD was stolen. Also they sent me an email saying to reply as soon as possible if I did not authorize the withdrawal. Are transactions not given some kind of grace period? It's been a few ours with still no answer.
What you've posted makes it look like someone accessed your account, bought BTC with your dollars and then transferred BTC out of your account - which isn't the same as a USD theft.
Also, bear in mind that MtGox is located in Japan and that you need to take into account time differences when waiting for responses. It was the middle of the night in Japan when you first started this thread and 5am when you made your post saying that it had "been a few hours" with no response.
It might be worth trying to catch MagicalTux on IRC. It's late Thursday morning in Japan now, MtGox support doesn't usually work weekends and Monday 29 April is a public holiday in Japan.
Thankyou Stephen Gornick for that authenticator link!! That was exactly what I was looking for! And to BitcoinBull for such a well thought out and easy to follow guide!
Today Google Authenticator give me the key 123456 was like WTF!!!!!
I just got an email saying I made a withdrawal. I go log in and all $250 of my USD is gone!
Incidentally, they do have a method that is secure against this ... Yubikey, and Google Authenticator.
Happens a lot:
MtGox account got cleared out
- https://bitcointalksearch.org/topic/mtgox-account-got-cleared-out-85533
All BTC disappeared from my Mt. Gox account
- https://bitcointalksearch.org/topic/all-btc-disappeared-from-my-mt-gox-account-88368
Another:
- https://bitcointalksearch.org/topic/m.941759
And another: My mtgox account got compromised, what can I do?
- https://bitcointalksearch.org/topic/my-mtgox-account-got-compromised-what-can-i-do-84585
Yet more: MT.Gox account hacked - lost 2k USD - MT.GOX will not explain how.
- https://bitcointalksearch.org/topic/mtgox-account-hacked-lost-2k-usd-mtgox-will-not-explain-how-89142
And more again: Bitcoins stolen from MtGox
- http://www.reddit.com/r/Bitcoin/comments/x8lcv/bitcoins_stolen_from_mtgox
And yet more: Stolen from Mt.Gox coins. Help return the coins.
- https://bitcointalksearch.org/topic/stolen-from-mtgox-coins-help-return-the-coins-119816
Or more here: Email from Mt.Gox this morning.
- http://www.reddit.com/r/Bitcoin/comments/z0na5/email_from_mtgox_this_morning
And even more here: I just had $715 stolen out of my Mt. Gox account.
- http://www.reddit.com/r/Bitcoin/comments/12j9gi/i_just_had_715_stolen_out_of_my_mt_gox_account
And the biggie: Bitcoinica MtGox account compromised
- https://bitcointalksearch.org/topic/bitcoinica-mtgox-account-compromised-93074
With more here: Unauthorized Account Activity on my Mt.Gox Account - Account Compromised/Hacked?
- https://bitcointalksearch.org/topic/unauthorized-account-activity-on-my-mtgox-account-account-compromisedhacked-94140
And even more: *MY* Mt Gox Account was Hacked - lost it all today... now what!?
- https://bitcointalksearch.org/topic/my-mt-gox-account-was-hacked-lost-it-all-today-now-what-137795
Ditto: My MtGox account was just exploited - 3 BTC stolen
- https://bitcointalksearch.org/topic/my-mtgox-account-was-just-exploited-3-btc-stolen-old-news-141816
Ditto on the ditto: Just lost 190 bitcoins through Mt. Gox
- https://bitcointalksearch.org/topic/just-lost-190-bitcoins-through-mt-gox-141831
And other ones get added to the list: Unauthorized withdrawal on Mt. Gox
- https://bitcointalksearch.org/topic/unauthorized-withdrawal-on-mt-gox-147070
And then here: How I got robbed of 34 btc on Mt.Gox today
- https://bitcointalksearch.org/topic/how-i-got-robbed-of-34-btc-on-mtgox-today-173227
And now this: My MTGOX account was hacked!
- https://bitcointalksearch.org/topic/my-mtgox-account-was-hacked-186422
And another recent one: My funds and BTC have just disappeared from my Gox account!
- https://bitcointalksearch.org/topic/my-funds-and-btc-have-just-disappeared-from-my-gox-account-174556
And on other services as well. Here same thing happened to some GLBSE users:
- https://bitcointalksearch.org/topic/i-suspect-gpumax-was-compromised-and-passwords-stolen-84893
And elsewhere, BitMarket.eu in this instance:
- https://bitcointalksearch.org/topic/m.1259168
And on bitcoin.de as well: Bitcoins stolen from bitcoin.de.
- https://bitcointalksearch.org/topic/bitcoins-stolen-from-bitcoinde-130264
In none of these was the person using multi-factor authentication. Mt. Gox has had Yubikey support for a while. Mt. Gox accounts now support Google Authenticator:
- https://mtgox.com/press_release_20120605.html
If the exchange you are storing funds with doesn't provide OTP, consider using a different exchange:
- http://bitcoin.stackexchange.com/questions/4113/which-two-factor-authentication-methods-are-available-at-which-exchanges
If you are storing funds in an EWallet, consider using a paper wallet.
Also, here is a fantastic guide: How to use 2-factor auth on mtgox, even without a smartphone (from a second device, of course, not from the same computer you log in on).
- https://bitcointalksearch.org/topic/how-to-use-2-factor-auth-on-mtgox-even-without-a-smartphone-111943
I guarantee there are no viruses on my computer. My day job is virus removal. Here is the trade details. Every transaction on the 24th is fraudulent.
Bitcoin transactions are irrevirsible, in the meantime you can post the address to where the funds were withdrawn AND the IP. All should be there. Likely chance is you have a trojan on the PC from some Java 0day exploit.
I already sold the bitcoins. The USD was stolen. Also they sent me an email saying to reply as soon as possible if I did not authorize the withdrawal. Are transactions not given some kind of grace period? It's been a few ours with still no answer.
Sorry for your loss 
Another day, another MtGox account hacked.
Isn't anybody learning anything? Ever?
Isn't anybody learning anything? Ever?
legendary
Activity: 1862
Merit: 1011
Reverse engineer from time to time
Bitcoin transactions are irrevirsible, in the meantime you can post the address to where the funds were withdrawn AND the IP. All should be there. Likely chance is you have a trojan on the PC from some Java 0day exploit.
I just got an email saying I made a withdrawal. I go log in and all $250 of my USD is gone! and they tried to make 3 bids. Their online support is not connecting me with anyone and I did reply to their email. Now I have to go to work. Please someone tell me this can all be reversed. Im sweating bullets.
I just changed my password and am waiting for an email back from MTgox. WHY DO THEY NOT HAVE A PHONE NUMBER! THEY ARE A HUGE TRANSACTION SERVICE!
I just changed my password and am waiting for an email back from MTgox. WHY DO THEY NOT HAVE A PHONE NUMBER! THEY ARE A HUGE TRANSACTION SERVICE!
Jump to: