Topic: Stealing Bitcoins (Read 3069 times)
XSS is a big problem for sites all over the web and there is no easy solution.
the bitcoin community needs more of this monitoring and info sharing to help avoid future issues
I wrote an article for bitcoin security long ago:http://bitcoinweekly.com/articles/security-in-bitcoin
the bitcoin community needs more of this monitoring and info sharing to help avoid future issues
Thanks for the good information. This is something to watch out for but not anything unique to mtgox.com especially since they enabled SSL. If it is not an SSL connection to mtgox then there is a PROBLEM!
Cool song too, I think I will search out that group.
Cool song too, I think I will search out that group.
So this "hack" relies on the victim opening up a compromised webpage that will steal/copy their keystrokes...? Or a compromised webpage in general?
Yes, that "tactic" can be used to steal anything from anyone, this is not bitcoin centric imho.
Yes, that "tactic" can be used to steal anything from anyone, this is not bitcoin centric imho.
just another point towards non-centralized economy. I hope Mt catches this thread.
Um. Email the owner of mtgox, now.
Also, decentralizing the economy doesn't do much if security vulnerabilities exist on many bitcoin sites rather than just one big site.
just another point towards non-centralized economy. I hope Mt catches this thread.
http://evilpacket.net/2011/may/17/stealing-bitcoins/
Just be aware and be alert.
Quote
As you can see from the video, exploiting an unsuspecting Mt Gox user into giving up their (hard earned?) bitcoins wouldn't be that difficult. This is just the tip of the iceberg and I'm sure we will see many more attacks against bitcoin itself and supporting sites.
Just be aware and be alert.
Jump to: