Author

Topic: Stealing Bitcoins (Read 3107 times)

sr. member
Activity: 420
Merit: 250
May 17, 2011, 03:59:45 PM
#8
XSS is a big problem for sites all over the web and there is no easy solution.
legendary
Activity: 980
Merit: 1020
May 17, 2011, 03:55:55 PM
#7
the bitcoin community needs more of this monitoring and info sharing to help avoid future issues
I wrote an article for bitcoin security long ago:

http://bitcoinweekly.com/articles/security-in-bitcoin
full member
Activity: 140
Merit: 100
May 17, 2011, 03:53:16 PM
#6
the bitcoin community needs more of this monitoring and info sharing to help avoid future issues
legendary
Activity: 1386
Merit: 1004
May 17, 2011, 03:48:24 PM
#5
Thanks for the good information.  This is something to watch out for but not anything unique to mtgox.com especially since they enabled SSL.  If it is not an SSL connection to mtgox then there is a PROBLEM! 

Cool song too, I think I will search out that group. 
sr. member
Activity: 280
Merit: 252
May 17, 2011, 03:34:47 PM
#4
So this "hack" relies on the victim opening up a compromised webpage that will steal/copy their keystrokes...? Or a compromised webpage in general?

Yes, that "tactic" can be used to steal anything from anyone, this is not bitcoin centric imho.
legendary
Activity: 980
Merit: 1020
May 17, 2011, 03:20:06 PM
#3
just another point towards non-centralized economy. I hope Mt catches this thread.

Um. Email the owner of mtgox, now.

Also, decentralizing the economy doesn't do much if security vulnerabilities exist on many bitcoin sites rather than just one big site.
sr. member
Activity: 420
Merit: 250
May 17, 2011, 03:17:59 PM
#2
just another point towards non-centralized economy. I hope Mt catches this thread.
hero member
Activity: 551
Merit: 500
May 17, 2011, 03:13:03 PM
#1
http://evilpacket.net/2011/may/17/stealing-bitcoins/  

Quote
As you can see from the video, exploiting an unsuspecting Mt Gox user into giving up their (hard earned?) bitcoins wouldn't be that difficult. This is just the tip of the iceberg and I'm sure we will see many more attacks against bitcoin itself and supporting sites.

Just be aware and be alert.
Jump to: