Author

Topic: Unauthorized Account Activity on my Mt.Gox Account - Account Compromised/Hacked? (Read 1957 times)

sr. member
Activity: 386
Merit: 250
Update:

There has been a transaction from that Bitcoin address (12TtLmwed4QfPgz91GdHV1NxZE5qMvCWJQ):

to 14dry3ihiE6s2gLZWa9Z5HFW6ohMNhXagm & 1FtFaYUfGfie59ETowkyA8aihmCURsAYcM.

If anyone knows anything related to those addresses, please post here.
rjk
sr. member
Activity: 448
Merit: 250
1ngldh
OP if  you are running windows have a look at the tool I posted in https://bitcointalksearch.org/topic/m.1016743 to me it looks like some of the people that earlier more or less exclusively went after LR are now considering BTC a lucrative extra  Angry

I haven't used Liberty Reserve so I do not believe that to be the cause in my case.
What he means is that the hackers that are targeting LR users have now decided that it would be a good idea to target bitcoin users as well. He is saying you ought to check for rootkits on your computer that might have been planted by visiting a bad website, and the post he linked to has a scanner link at the end of it.
sr. member
Activity: 386
Merit: 250
OP if  you are running windows have a look at the tool I posted in https://bitcointalksearch.org/topic/m.1016743 to me it looks like some of the people that earlier more or less exclusively went after LR are now considering BTC a lucrative extra  Angry

I haven't used Liberty Reserve so I do not believe that to be the cause in my case.
hero member
Activity: 1138
Merit: 523
OP if  you are running windows have a look at the tool I posted in https://bitcointalksearch.org/topic/m.1016743 to me it looks like some of the people that earlier more or less exclusively went after LR are now considering BTC a lucrative extra  Angry
legendary
Activity: 2506
Merit: 1010
I didn't execute those trades nor withdraw the BTC.


A lot of that going on.

"MtGox account got cleared out"
 - https://bitcointalksearch.org/topic/mtgox-account-got-cleared-out-85533

"All BTC disappeared from my Mt. Gox account"
 - https://bitcointalksearch.org/topic/all-btc-disappeared-from-my-mt-gox-account-88368

Another:
 - https://bitcointalksearch.org/topic/m.941759

And another:
"My mtgox account got compromised, what can I do?"
 - https://bitcointalksearch.org/topic/my-mtgox-account-got-compromised-what-can-i-do-84585

Yet more:
"MT.Gox account hacked - lost 2k USD - MT.GOX will not explain how."
 - https://bitcointalksearch.org/topic/mtgox-account-hacked-lost-2k-usd-mtgox-will-not-explain-how-89142

And more again:
"Bitcoins stolen from MtGox"
 - http://www.reddit.com/r/Bitcoin/comments/x8lcv/bitcoins_stolen_from_mtgox

And the biggie:
"Bitcoinica MtGox account compromised"
 - https://bitcointalksearch.org/topic/bitcoinica-mtgox-account-compromised-93074

And on other services as well.  Here same thing happened to some GLBSE users:
 - https://bitcointalksearch.org/topic/i-suspect-gpumax-was-compromised-and-passwords-stolen-84893

In none of these was the person using multi-factor authentication.  Mt. Gox has had Yubikey support for a while.  Mt. Gox accounts now support Google Authenticator:
 - https://mtgox.com/press_release_20120605.html
sr. member
Activity: 294
Merit: 250
It means using a Yubikey or Google Authenticator to protect your Mt. Gox account, either by restricting logins, withdrawals, or both.
vip
Activity: 756
Merit: 504
The one thing these sad stories have in common is  ... no 2 factor authentication.
I have never seen a report yet of someone account protected by 2 factor being compromised. 

What that means exactly? You mean 2 or 2nd factor authentication?
donator
Activity: 1218
Merit: 1079
Gerald Davis
The one thing these sad stories have in common is  ... no 2 factor authentication.
I have never seen a report yet of someone account protected by 2 factor being compromised. 
sr. member
Activity: 386
Merit: 250
Email response from Mt.Gox:

Quote
Hello,

Sorry for the inconvenience.Please change your email address password and Mt.Gox password immediately. Please do not use the same username and password on different services. You can use the Yubikey or Software Authentication on our Security Center to further secure your accounts.

Please file a police report in order for the police to investigate the case and make an effort to retrieve their funds and once filing a police report, please send a copy of the police report and their official ID document to Mt.Gox. We will cooperate with the police authority in providing the necessary information for the investigation, but we are unable to reimburse any stolen funds.

Thanks,
MtGox.com Team

Is there really a chance that a police report can help in any way to recover the stolen $87?

Quote
make an effort to retrieve their funds

This part of their reply sounded unusual.
Technically, it should have said your funds.
BCB
vip
Activity: 1078
Merit: 1002
BCJ
You may be out of luck for recovery.  But you are not the first poster here recently to have this happen.

Maybe mods can connect the others to see if there are any similarities.

1.  Weak Password.
2.  Potential Keylogger.
3.  Any similar site (posted on this board) that you may have visited.

As the price continues to rise we're certain to see more of this.

Just a though.
sr. member
Activity: 386
Merit: 250
Received the below two emails today from Mt.Gox:

Quote
There has been new activity on your Mt.Gox account.

A summary of your recent trade(s) is provided below.

Trade Details

Bid(s) (Buy)

        Order Filled at: Thu 19 Jul 2012 04:01:33 PM GMT
        Amount: 3.61950000 BTC
        Price: @$9.17990
        Total: $33.22665

        Order Filled at: Thu 19 Jul 2012 04:01:33 PM GMT
        Amount: 5.83999311 BTC
        Price: @$9.17998
        Total: $53.61102

Happy Trading,
- The Mt.Gox Team

Quote
There has been a withdrawal from your Mt.Gox account:

Transaction reference: XXXXX-XXXX-XXXX-XXXX-XXXXXXXXXXXX
Date: 2012-07-19 16:01:46 GMT
IP: 82.50.1.94

You can access your account history for more details.

Please contact us as soon as possible by replying to this email if you did not request this withdrawal.

Thanks,
The Mt.Gox Team

The total withdrawal was about ~$87 USD in Bitcoins to 12TtLmwed4QfPgz91GdHV1NxZE5qMvCWJQ.

I didn't execute those trades nor withdraw the BTC.

The IP address 82.50.1.94 is in Asti, Italy according to InfoSniper.

Have already sent an email to info@ mtgox.com about this.

Has anyone had any success in recovering their stolen coins from Mt.Gox?
Any advice would be greatly appreciated.
Jump to: