Slashdot Mirror

← Back to Stories (view on slashdot.org)

Fake Mt. Gox Pages Aim To Infect Bitcoin Users

Posted by timothy on from the gathering-their-magic dept.

An anonymous reader writes "Mt. Gox is the the largest Bitcoin exchange in the world, and as such it and its users are being repeatedly targeted by attackers. Some two months ago, it battled a massive DDoS attack that was likely aimed at destabilizing the virtual currency and allow the criminals to profit from the swings. Now, according to Symantec researchers, the criminals have turned to spoofing Mt. Gox' site and tricking its customers into downloading malware — the Ponik downloader Trojan, which is also able to steal passwords."

47 of 74 comments (clear)

  1. It's Thursday, must be Bitcoin time! by Anonymous Coward · · Score: 4, Insightful

    We've already had Apple vs. Samsung this week, plus the oblig swipe at Windows, so tomorrow, it must be another Rasperry Pi story, eh?

    1. Re:It's Thursday, must be Bitcoin time! by Aaron+B+Lingwood · · Score: 3, Funny

      We've already had Apple vs. Samsung this week, plus the oblig swipe at Windows, so tomorrow, it must be another Rasperry Pi story, eh?

      Well, if you don't like news for nerds there are probably more suitable sites for you.

      --
      [Rent This Space]
    2. Re:It's Thursday, must be Bitcoin time! by invid · · Score: 4, Funny

      Bitcoin is the Boxxy of Slashdot.

      --
      The Moore-Murphy Law: The number of things that will go wrong will double every 2 years.
    3. Re:It's Thursday, must be Bitcoin time! by Big+Hairy+Ian · · Score: 2

      Bitcoin is starting to go mainstream if the Phishers are spoofing it

      --

      Build a Man a Fire, and He'll Be Warm for a Day. Set a Man on Fire, and He'll Be Warm for the Rest of His Life.

    4. Re:It's Thursday, must be Bitcoin time! by jeffmeden · · Score: 1

      Bitcoin is the Boxxy of Slashdot.

      My first thought was "Boxee is the boxee of slashdot" and then I realized I was out of my element...

    5. Re:It's Thursday, must be Bitcoin time! by lgw · · Score: 1

      That was my reaction too. No one bothers with custom-tuned phishing sites unless they'll get a lot of traffic, and the hijacked session can be used to get something of value.

      OTOH, it's less significant than it might be, as botnet herding is an online black market, and so presumably bitcoin already has traction there as a currency.

      --
      Socialism: a lie told by totalitarians and believed by fools.
  2. yubikey by Anonymous Coward · · Score: 1

    Gox gives a free yubi to anyone with more then loose change in there. Last time I looked, malware don't work on 2factor...

    1. Re:yubikey by LordLimecat · · Score: 2

      MITM works on 2-factor just as well as it does on 1-factor.

  3. Re:WHAAAA ?? NOOOO WAY !! by ObsessiveMathsFreak · · Score: 1

    Actually, given the outrightly criminal nature of that banking system, this is not an unreasonable suggestion. We already know that the likes of HFT companies regulalry engage in DDoS attacks against exchanges, so the skillset for this kind of work is there.

    --
    May the Maths Be with you!
  4. Re:WHAAAA ?? NOOOO WAY !! by nschubach · · Score: 2

    I know it's tin-foil hat thinking... but my first thought was, "Are we sure it was 'aimed at destabilizing the virtual currency and allow the criminals to profit from the swings' or was it someone else trying to destabilize the currency to make people lose any faith they might have had."

    --
    Every time I start to have faith in humanity, I ruin it by driving to work between 7 and 8 am.
  5. well unfortunately by slashmydots · · Score: 4, Insightful

    Unfortunately, almost all bitcoin users are a lot smarter than that. If their browser's security features, their antivirus, and their common sense don't all tip them off that it's not the real MTGox, they probably shouldn't be bitcoin users.

    1. Re:well unfortunately by medv4380 · · Score: 1

      Unfortunately, almost all bitcoin users have a persistent internet connection, and are being targeted. There isn't a Security Feature, Anti-Virus, or any other nonsensical "common sense" measure you can take. At some point you're going to slip up, and a virus is going to get in, or a new unpatched vulnerability will get you. Now if only I can find some fool to but these "offline" only bitcoins.

    2. Re:well unfortunately by BlueMonk · · Score: 1

      Yeah, but that's not news. All Windows users (and some others) have long been targets of virus and other malware attacks against which the many available defenses are not always 100% effective. Nothing new there. You don't have to be a bitcoin user to be the kind of target you're describing.

    3. Re:well unfortunately by medv4380 · · Score: 1

      I was only replying to someone with the naive notion that "bitcoin" users were magically immune.

    4. Re:well unfortunately by BlueMonk · · Score: 1

      They do have a point, though, that the average bitcoin user is probably less susceptible than the average overall user to phishing attacks because most phishing attacks are relatively easy to detect and avoid if you have any tech smarts, which most bitcoin users need to have in order to be involved or have an interest in bitcoin. Questionably how pronounced that variation from average is, though.

    5. Re:well unfortunately by Runaway1956 · · Score: 1

      How many Confederate dollars do you want for a coin? I think five bucks per offline bitcoin?

      --
      "Windows is like the faint smell of piss in a subway: it's there, and there's nothing you can do about it." - Charlie Br
    6. Re:well unfortunately by slashmydots · · Score: 1

      No, you would be pretty surprised considering it's open source code

    7. Re:well unfortunately by slashmydots · · Score: 1

      So looking at the domain/URL you're currently at isn't common sense?

    8. Re:well unfortunately by slashmydots · · Score: 1

      Lol confederate money is worth a shit ton of USD right now

  6. Related links by biodata · · Score: 1

    Interesting that the top two 'Related links' for this story are both stories about printable guns, at least in the pageview I'm getting right now, the third is about DNA collection after arrest, the fourth about how all your data are belong US and the fifth about PETA eants to sue people. Perhaps /. doesn't have any other stories about bitcoin, phishing, DDOS, Symantec, trojans or other malware.

    --
    Korma: Good
  7. The approach by Aaron+B+Lingwood · · Score: 1

    The fake Mt Gox sites are found on domains such as mtgox.org, mtgox.net. Existing customers and Bitcoin early adopters will likely not fall for this. This is likely targeting the non-tech-savvy followers who just heard through the media about a currency that can make you rich or a cool way to buy drugs. A search or two will unlikely lead a potential victim to one of these fake sites, so they are depending on the advertising. Details are scarce on how they are advertising.

    --
    [Rent This Space]
    1. Re:The approach by FreeUser · · Score: 2

      Details are scarce on how they are advertising.

      Slashdot

      --
      The Future of Human Evolution: Autonomy
  8. Re:WHAAAA ?? NOOOO WAY !! by dkleinsc · · Score: 2

    I'd be reasonably certain that the criminal answer is the right one.

    Here's the "allow bad guys to profit from the swings" plan:
    1. DDOS Bitcoin trading sites, and watch the Bitcoin prices drop.
    2. Buy some Bitcoins.
    3. Stop your DDOS.
    4. Bitcoin price goes back up.
    5. Sell your Bitcoins at the now higher price.
    6. PROFIT!!!

    Here's the "Destabilize the currency" plan:
    1. DDOS Bitcoin trading sites.
    2. Convince everyone who might be considering using Bitcoins to use dollars or Euro or yen or krona or yuan or something.
    3. ???
    4. PROFIT!!!

    One of these has simple and obvious steps from DDOS to profits. The other does not.

    --
    I am officially gone from /. Long live http://www.soylentnews.com/
  9. Re:WHAAAA ?? NOOOO WAY !! by Lunix+Nutcase · · Score: 1

    Right because instead of spending their time manipulating the USD, Yen, Euro, etc. to make 100s of millions if not billions of dollars or more the "banking system" is creating malware and DDoSing an exchange for a currency used by a less than a thousandth of 1% of the world. Yeah, real believable.

  10. Re:No government control? by serviscope_minor · · Score: 4, Insightful

    This kind of garbage is why money works best when regulated and maintained by a government.

    Yes, because under grown-up sensible government controlled money, no phishers ever make fake bank websites.

    --
    SJW n. One who posts facts.
  11. Why do you attack/spoof Bitcoin exchanges? by Overzeetop · · Score: 1

    Q: Why do you rob banks?
    A: Because that's where the money is stored.

    --
    Is it just my observation, or are there way too many stupid people in the world?
  12. Magic The Gathering by myowntrueself · · Score: 1

    Not 'Mount Gox'. Theres no such place.

    Its Magic the Gathering Online exchange not Mt. Gox.

    But even they refer to it as Mount Gox. Why? Are they trying to distance themselves from the card game?

    --
    In the free world the media isn't government run; the government is media run.
    1. Re:Magic The Gathering by neminem · · Score: 2

      I don't see anything about M:tG on their site, certainly not anything saying it's called that. Do you get annoyed any time anyone talks about AT&T and doesn't make sure their audience knows that the company deals in telegraphs (even though they haven't in many, many decades), too?

    2. Re:Magic The Gathering by magic+maverick+ · · Score: 1

      Probably. After all, the site has been sold at least once since it had anything to do with the card game.

      Boo ya.

      --
      HELP MY ACCOUNT HAS BEEN HACKED BY AN ILLIBERAL ART STUDENT SET TO DESTROY THE INTERWEBZ!
    3. Re:Magic The Gathering by pantaril · · Score: 1

      Not 'Mount Gox'. Theres no such place.

      Its Magic the Gathering Online exchange not Mt. Gox.

      Dunno if you are mentally impaired or just blind but they label themself Mt.Gox right on the front page of their website mtgox.com

    4. Re:Magic The Gathering by synaptik · · Score: 1

      I liked your counterpoint about AT&T... and although the GP didn't really have a point, they were referring to the original purpose of mtgox.com, as evidenced by The Wayback Machine's snapshop of it from 2007: http://web.archive.org/web/20070817170606/http://mtgox.com/gwt/mtgox.php

      --
      HSJ$$*&#^!#+++ATH0
      NO CARRIER
    5. Re:Magic The Gathering by neminem · · Score: 1

      Right. I'm aware of its original purpose. Hence, my point that companies sometimes change purpose, redefinition of their previous name often occurs, and it's rather unfair to say "this company once did x, x is frivolous, therefore the company will be forever tainted with frivolity".

    6. Re:Magic The Gathering by remus.cursaru · · Score: 1

      Not 'Mount Gox'. Theres no such place.

      Its Magic the Gathering Online exchange not Mt. Gox.

      Dunno if you are mentally impaired or just blind but they label themself Mt.Gox right on the front page of their website mtgox.com

      No matter where you look it up, it's always Mt.Gox, there is no "mount" in there. I dunno about any magic stuff...

    7. Re:Magic The Gathering by pantaril · · Score: 1

      Well Mt. could be interpreted as short version of "Mount".

      About the magic stuff - they originally intended to build Magic The Gathering Online eXchange and registered mtgox domain for it but it never actually happened as they learned about bitcoin later and decided to build bitcoin exchange instead. No magic card was ever traded on MtGox. Some people like "myowntrueself" are trying to twist the facts and use their domain name to paint them as not professional exchange completely ignoring the reality that MtGox is the oldest and biggest and so far most reliable exchange out there.

    8. Re:Magic The Gathering by gox · · Score: 1

      Even if it was registered with that in mind, there was never a Magic the Gathering exchange on that domain, so your claim is unwarranted. Besides, the guy who registered the domain sold it long time ago. Granted though, it's a weird name for a Bitcoin exchange.

  13. Re:Obligatory Hateful bitcoin commennt by DrXym · · Score: 1

    Even though we are supposed to be one of the largest groups of nerds, sure, let's pile stupid FUD.

    Someone can be really smart and still hold some really dumb beliefs.

  14. Re:WHAAAA ?? NOOOO WAY !! by jafiwam · · Score: 1

    Right because instead of spending their time manipulating the USD, Yen, Euro, etc. to make 100s of millions if not billions of dollars or more [BitCoin users use BitCoins, which are] used by a less than a thousandth of 1% of the world. Yeah, real [smart].

    The start up costs and complication of manipulating real-world markets (as opposed to fake stuff) are astronomically high. Some governments couldn't manage it if they tried.

    On the other hand, one nerd who can dDOS and a couple small time hoods could pull off a BitCoin manipulation scam.

    Your arrogance in thinking BitCoin is equivalent to a world market "USD, Yen, Euro, etc." is proof positive that these types of attacks will continue to happen. BitCoin is for stupid people, or smart people acting stupidly.

  15. Re:"according to Symantec..." who probably wrote t by LordLimecat · · Score: 1

    Conspiracy theorists, unite!

    Symantec, in collaboration with the Guild of Calamatious Intent...

  16. Re:WHAAAA ?? NOOOO WAY !! by moeinvt · · Score: 2

    "Because bitcoin is such a threat..."

    The "Liberty Dollar" wasn't a "threat" either, but they still shut it down, arrested the creator and likened his activity to "domestic terrorism". I kid you not. The Fed. prosecutor said that he was undermining the currency and equated it to "terrorism".

    http://en.wikipedia.org/wiki/Liberty_Dollar

    The banker-government's greatest power of all is their money monopoly. They stomp on these things HARD as soon as they become "noticeable" and long before they're even a mild threat.

  17. Re:WHAAAA ?? NOOOO WAY !! by shaitand · · Score: 1

    Me too. Destabilizing a completely open peer-to-peer decentralized monetary system that breaks the shackles of government control really doesn't seem like the bag of the hacker community at large. This feels more like a corporate or even government backed venture.

  18. Re:No government control? by UnknownSoldier · · Score: 2

    Riiiiight, because no one ever counterfeits hard currency, never used it to buy off politicians, never laundered, never dumped, never hoarded, never used it to bribe people, never used it to pay soldiers to murder people, etc.

    Just in case you don't get it: A _digital_ NOR a _physical_ currency is NOT immune to the many (government & private) abuses. That is, there are MANY issues with money ... namely its design and mis-implementation.

    * http://mises.org/books/whathasgovernmentdone.pdf
    * http://www.lewrockwell.com/paul/paul124.html
    * http://www.gmlets.u-net.com/explore/problems.html
    * http://www.amazon.com/Problem-Money-Its-Not-About/dp/0984502009

    When are you going to stop being delusional that some magical pseudo-authority figure is the answer to everyone's perceived problems?

    --
    "Necessity is the Mother of Invention, byt Curiosity is the Father." -- Michaelangel007

  19. Re:No government control? by DogDude · · Score: 1

    When are you going to stop being delusional that an unregulated currency is viable?

    --
    I don't respond to AC's.
  20. Re:No government control? by Jeremi · · Score: 1

    When are you going to stop being delusional that some magical pseudo-authority figure is the answer to everyone's perceived problems?

    I don't have an opinion on the matter, but DogDude specifically said "best", not "only". So you're arguing against a claim he never made.

    --


    I don't care if it's 90,000 hectares. That lake was not my doing.
  21. Re:WHAAAA ?? NOOOO WAY !! by Lunix+Nutcase · · Score: 1

    Why would they do something like that over simply making the currency illegal and arresting anyone for violating laws over minting currency? The conspiracy version makes no logical sense.

  22. Re:No government control? by ultranova · · Score: 1

    When are you going to stop being delusional that an unregulated currency is viable?

    Dunno what unregulated currency you're talking bout - Bitcoin is regulated algorithmically by the transaction and block validation rules, so that can't be it. Are you referring to centralized currencies, where "regulation" apparently means you can lose access to your money at any time.

    As for Bitcoin being viable, Bitcoin economy is alive and growing, so claims of non-viability are extraordinary and require extraordinary evidence. Calling people "delusional" doesn't quite cut it.

    --

    Forget magic. Any technology distinguishable from divine power is insufficiently advanced.

  23. Re:WHAAAA ?? NOOOO WAY !! by shaitand · · Score: 1

    Because they have no legal basis for making the currency illegal, no jurisdiction if they did, and no legal technical route that could be used to enforce such a law. That is all assuming government. A corporate player makes just as much sense.

    An overt government/corporate attack on Bitcoin could spur public outcry and outrage. That would increase the popularity and the number of people who supported the system making it that much harder to shut down. It might push it to the point of being mainstream.

  24. Re:No government control? by Stewie241 · · Score: 1

    I dunno. If you use digits as currency you get built in fingerprints.