Comments are now closed due to spamming and personal attacks.


Bitcoin Accounts On Mt. Gox Wiped Out By Java Applet Attack By Geremy Giggs

Posted on Thursday, 18th April 2013 @ 10:20 PM by Text Size A | A | A

The price of freedom, as they say, is eternal vigilance. A user called bitbully on the Bitcointalk Forums found himself 34 bitcoins poorer when he visited a site claiming to be a chat service connected with Mt. Gox, a popular bitcoin trading service. The site, wwwdotmtg(this is an o)x-ch(this is an a)tdotinfo (do not visit this site), apparently places a cross-site transfer order on the victim’s computer immediately upon visiting using a Java applet. Because the transactions aren’t reversible and the attackers are anonymous, the victims are out of luck.

This victim lost half of his account instantaneously. Mt.Gox does offer two-factor authentication, which is a good way to prevent illicit logins. This user did not have it activated. A Reddit thread also addresses this particular scam.

The phishing site, for what it’s worth, is currently down.

The phishing message making the rounds is something like “Mtgox are talking about adding ltc or ppc in about 4-5 hours. Guys, come on the mtgox livechat I think we should all invest in LTC. hxxp://” The link goes to the phishing site.

The writer described his sleuthing:

Being a techie, I started researching. I found out that this site is hosted here in the USA. I also found out that the withdrawal was submitted from an IP in Los Angeles even though I have been accessing mtgox from Pennsylvania / New York. I then discovered that the site is a teleport pro rip of branded with a mtgox logo, and was registered on namecheap (with bitcoins as it may be) not even 5 days ago! This is the IP resolve of the domain name.

Bitcoin phishing is not new and as more and more users enter the BTC fray it’s clear that it will be a bigger problem. As Twitter novelty account Bitcoin.txt notes, the market is frothy and full of folks who have little experience investing in anything, let alone an imaginary digital currency that could be part of a future economic engine – or could spell ruin for investors who click links.

Related News On HPUB:

  • Last Call to be the World Leader in Outer Space. by Daniel Bruno

    Last Call to be World Leader First posted: 03/18/2010 at Huffpo “Where is that moon, that leads to your soul?” – Aromabar     Legend has it that Kaguya descended from a race of moon…

  • Electoral Science: The Winner of the 2016 Election Will be a Republican

    Originally published at Washington’s Blog in April, 2016   by Daniel Bruno   Electoral Science: The Winner of the 2016 Election Will be a Republican I was the first person in the world to proclaim…

  • Report from Rio

    Report from Rio Daniel “No Passport” Bruno, reporting from Rio de Janeiro. Daniel is from Manhattan, is an author, inventor, specialist in 9/11 studies, and the interview host at which publishes over 1000 censored…

  • The New Common Sense. by Daniel Bruno

        Americans need to retire the two party system. Congressional approval ratings hover around 8% yet most members are re-elected over and over again. The old definitions of liberal and conservative, left and right,…

... post your own so far 0 comments


No comments yet.

Leave a Comment

You must be logged in to post a comment.

  • Hpub asks

    • Sorry, there are no polls available at the moment.