Possible false alarm: MtGox break in - page 7.

molecular

donator

Activity: 2772

Merit: 1019

Quote from: DiabloD3 on September 12, 2011, 01:05:03 PM

It seems Mt Gox has been broken into again. My account was just liquidated and send to a foreign address, the IP of which seems to be in the Ukraine. I assume I was targeted because I'm a Bitcoin developer.

Since I use Linux and use unique high entropy passwords, I am ruling out any nonsense like local trojans.

Everyone: Clear out your accounts if you have anything in them.

It would really be nice for us if you could answer our questions. Just dumping this on us and leaving is not very helpfull.

hightax

newbie

Activity: 42

Merit: 0

Quote from: gusti on September 12, 2011, 02:38:48 PM

you miss the question then, correct one is : Who said paypal's worse than mtgox ?

Point taken. Let's do the apples-to-apples comparisons:
Who said USD is worse than Bitcoin?
Who said Paypal is worse than MtGox?

BlockHash

full member

Activity: 406

Merit: 100

Quote from: JonHind on September 12, 2011, 02:35:34 PM

I took out my $USD and BTC out of MtGox a week or two ago after they were white-knighting for our beloved convicted fraudster Bruce. It looks as though I made the right decision,

A friend of mine was locked out of his MtGox account last night. I had assumed that his account was one of the 2000 accounts that Marc blocked due to volume trades (my friend was desperately trying to cash out), but it now looks as though his account was hijacked. He just told me that he had a unique secure password too.

CosbyCoin was pretty funny, but it couldn't have happened at a worse time. It gave MtGox and other players cover to blame some really shady stuff going on over there on it.

logansryche

sr. member

Activity: 350

Merit: 250

I think this was a remote attack, my btc are still there and I have just a smidge over one(1.6btc to be exact)

gusti

legendary

Activity: 1099

Merit: 1000

Quote from: hightax on September 12, 2011, 02:31:22 PM

Quote from: bitdragon on September 12, 2011, 02:27:35 PM

la la la la I can't hear you my fingers are in my ears

Is your own self affirmation so strong that you can't smell the shit piling up in front of you?

Quote from: gusti on September 12, 2011, 02:30:22 PM

repeat with me, mtgox is not bitcoin

I didn't say it was. I said MagicalTux is lying to you.

you miss the question then, correct one is : Who said paypal's worse than mtgox ?

JonHind

full member

Activity: 154

Merit: 100

I took out my $USD and BTC out of MtGox a week or two ago after they were white-knighting for our beloved convicted fraudster Bruce. It looks as though I made the right decision,

A friend of mine was locked out of his MtGox account last night. I had assumed that his account was one of the 2000 accounts that Marc blocked due to volume trades (my friend was desperately trying to cash out), but it now looks as though his account was hijacked. He just told me that he had a unique secure password too.

ElectricMucus

legendary

Activity: 1666

Merit: 1057

Marketing manager - GO MP

Damn I have a little money on the way to gox, so I should assume it's gone...

Or is there anything I can do about it? Recalling the wire transfer wouldn't be possible until tomorrow.. Undecided

hightax

newbie

Activity: 42

Merit: 0

Quote from: bitdragon on September 12, 2011, 02:27:35 PM

la la la la I can't hear you my fingers are in my ears

Is your own self affirmation so strong that you can't smell the shit piling up in front of you?

Quote from: gusti on September 12, 2011, 02:30:22 PM

repeat with me, mtgox is not bitcoin

I didn't say it was. I said MagicalTux is lying to you.

gusti

legendary

Activity: 1099

Merit: 1000

Quote from: hightax on September 12, 2011, 01:59:58 PM

Looks like MagicalTux was lying about the wacky trades then. When Mtgox got rooted the first time, everyone was forced to change their passwords to new, more complex ones. Here we've got a prime example of somebody who's got both complex and DIFFERENT passwords on each site, and he still had his mtgox wallet stolen.

Bitcointalk had a comedy javascript added to the bottom of the page via unsanitized input because the forums admins refused to use current-versions (SMF 2.x) of their forums software. So far nobody's posting accounts have been compromised or hijacked apparently.
Mtgox had some clearly chaotic trading activity on Sunday 9/11/2011, which was sourced from a ton of accounts that had different/more complex password requirements than bitcointalk forum accounts.

Yeah, those two attacks aren't related.

Magicaltux is lying to you, and he now controls both Bitcointalk and Mtgox.

So... Who said paypal's worse than Bitcoin?

repeat with me, mtgox is not bitcoin

bitdragon

hero member

Activity: 609

Merit: 501

peace

Quote from: wee baby seamus on September 12, 2011, 02:10:05 PM

thats all i needed to hear. i just withdrew all my USD. i'll leave 1 BTC out of curriosity sake, but i'm not trusting this.

frankly, if you have any of your money left in mtgox you're simply asking for it to be stolen.

get your fucking money out of there now

Why were you even there in the first place? Why are you even in this forum, telling others to get their money out now? Let them be and learn.
You didn't like them from the start so it's a bit odd that this is all you needed to hear.

I guess it is a very well rounded argument; it finally makes sense. Bravo

c_k

donator

Activity: 242

Merit: 100

There are plenty of other exchanges to use: https://en.bitcoin.it/wiki/Category:Exchanges

wee baby seamus

newbie

Activity: 15

Merit: 0

thats all i needed to hear. i just withdrew all my USD. i'll leave 1 BTC out of curriosity sake, but i'm not trusting this.

frankly, if you have any of your money left in mtgox you're simply asking for it to be stolen.

get your fucking money out of there now

BlockHash

full member

Activity: 406

Merit: 100

Quote from: hightax on September 12, 2011, 01:59:58 PM

Looks like MagicalTux was lying about the wacky trades then. When Mtgox got rooted the first time, everyone was forced to change their passwords to new, more complex ones. Here we've got a prime example of somebody who's got both complex and DIFFERENT passwords on each site, and he still had his mtgox wallet stolen.

Bitcointalk had a comedy javascript added to the bottom of the page via unsanitized input because the forums admins refused to use current-versions (SMF 2.x) of their forums software. So far nobody's posting accounts have been compromised or hijacked apparently.
Mtgox had some clearly chaotic trading activity on Sunday 9/11/2011, which was sourced from a ton of accounts that had different/more complex password requirements than bitcointalk forum accounts.

Yeah, those two attacks aren't related.

Magicaltux is lying to you, and he now controls both Bitcointalk and Mtgox.

So... Who said paypal's worse than Bitcoin?

Agreed. I took all of my BTC out of MTGox and moved them elsewhere. I'm not supporting a potential monopoly or their business practices. The fact that they still support Bruce Wagner is enough for me to sour on them.

BitcoinPorn

hero member

Activity: 630

Merit: 500

Posts: 69

Quote from: hightax on September 12, 2011, 01:59:58 PM

Magicaltux is lying to you, and he now controls both Bitcointalk and Mtgox.

So... Who said paypal's worse than Bitcoin?

Amazingly, I am awaiting for MagicalTux to just whip out his penis and insert it in my anus over and over again (yes, in and out, not just full motions, he has to pull it out and stuff it in).

Still, Bitcoin wins over Paypal nearly every time. Sadly this is only because when they stuff my ass, it is more consistent and surprisingly more annoying. I wish they would just do it in one swoop.

Obviously sorry to read about this DiabloD3, I await to see more details and am sorry that no doubt this will cause others to 'give up' on this particular digital currency. It is looking like NameCoin might have it's hey day as long as they keep things so technologically wound up where only a Linux user would touch it, thus making it the safest and most valueless digital currency next to SolidCoin.

fastandfurious

full member

Activity: 224

Merit: 100

Please answer this important question. Do you have a Yubikey??

jed

full member

Activity: 182

Merit: 107

Jed McCaleb

Quote

My account was just liquidated and send to a foreign address, the IP of which seems to be in the Ukraine.

Hmm how can you tell his IP?

hightax

newbie

Activity: 42

Merit: 0

Looks like MagicalTux was lying about the wacky trades then. When Mtgox got rooted the first time, everyone was forced to change their passwords to new, more complex ones. Here we've got a prime example of somebody who's got both complex and DIFFERENT passwords on each site, and he still had his mtgox wallet stolen.

Bitcointalk had a comedy javascript added to the bottom of the page via unsanitized input because the forums admins refused to use current-versions (SMF 2.x) of their forums software. So far nobody's posting accounts have been compromised or hijacked apparently.
Mtgox had some clearly chaotic trading activity on Sunday 9/11/2011, which was sourced from a ton of accounts that had different/more complex password requirements than bitcointalk forum accounts.

Yeah, those two attacks aren't related.

Magicaltux is lying to you, and he now controls both Bitcointalk and Mtgox.

So... Who said paypal's worse than Bitcoin?

AssemblY

full member

Activity: 392

Merit: 100

Is official? Someone else had the same problem? Embarrassed

tvbcof

legendary

Activity: 4760

Merit: 1283

Quote from: DiabloD3 on September 12, 2011, 01:05:03 PM

It seems Mt Gox has been broken into again. My account was just liquidated and send to a foreign address, the IP of which seems to be in the Ukraine. I assume I was targeted because I'm a Bitcoin developer.

Since I use Linux and use unique high entropy passwords, I am ruling out any nonsense like local trojans.

Everyone: Clear out your accounts if you have anything in them.

Actually I would find it rather odd that an attacker would target a developer (unless said happened to have a boatload of BTC available for appropriation.) The ability to do significant development would likely be correlated with both a relatively high ability to understand and investigate the theft, and the ability to solicit a high degree of assistance in doing so.

If I were an attacker with a simple goal of enriching myself, I would certainly not be nailing a Bitcoin developer. Or at least not on purpose.

Best of luck recovering your BTC, and thanks for the heads-up.

JeffK

sr. member

Activity: 350

Merit: 250

I never hashed for this...

Quote from: 1.21gigawatts on September 12, 2011, 01:12:37 PM

let me guess, you used the same password at mtgox and at bitcointalk.org?

Quote

I use Linux and use unique high entropy passwords,

Quote

unique

The two events aren't related

Topic: Possible false alarm: MtGox break in - page 7. (Read 15376 times)