Fake Mt. Gox Pages Aim To Infect Bitcoin Users

An anonymous reader writes "Mt. Gox is the the largest Bitcoin exchange in the world, and as such it and its users are being repeatedly targeted by attackers. Some two months ago, it battled a massive DDoS attack that was likely aimed at destabilizing the virtual currency and allow the criminals to profit from the swings. Now, according to Symantec researchers, the criminals have turned to spoofing Mt. Gox' site and tricking its customers into downloading malware — the Ponik downloader Trojan, which is also able to steal passwords."

It's Thursday, must be Bitcoin time!

[Anonymous Coward]

We've already had Apple vs. Samsung this week, plus the oblig swipe at Windows, so tomorrow, it must be another Rasperry Pi story, eh?

Re:It's Thursday, must be Bitcoin time!

[Aaron B Lingwood]

We've already had Apple vs. Samsung this week, plus the oblig swipe at Windows, so tomorrow, it must be another Rasperry Pi story, eh?

Well, if you don't like news for nerds there are probably more suitable sites for you [perezhilton.com].

Re:It's Thursday, must be Bitcoin time!

[invid]

Bitcoin is the Boxxy of Slashdot.

Re:

[jeffmeden]

Bitcoin is the Boxxy of Slashdot.

My first thought was "Boxee is the boxee of slashdot" and then I realized I was out of my element...

Re:

[Big Hairy Ian]

Bitcoin is starting to go mainstream if the Phishers are spoofing it

Re:

[lgw]

That was my reaction too. No one bothers with custom-tuned phishing sites unless they'll get a lot of traffic, and the hijacked session can be used to get something of value.

OTOH, it's less significant than it might be, as botnet herding is an online black market, and so presumably bitcoin already has traction there as a currency.

Re:

[ObsessiveMathsFreak]

Actually, given the outrightly criminal nature of that banking system, this is not an unreasonable suggestion. We already know that the likes of HFT companies regulalry engage in DDoS attacks against exchanges, so the skillset for this kind of work is there.

Re:

[nschubach]

I know it's tin-foil hat thinking... but my first thought was, "Are we sure it was 'aimed at destabilizing the virtual currency and allow the criminals to profit from the swings' or was it someone else trying to destabilize the currency to make people lose any faith they might have had."

Re:

[dkleinsc]

I'd be reasonably certain that the criminal answer is the right one.

Here's the "allow bad guys to profit from the swings" plan:
1. DDOS Bitcoin trading sites, and watch the Bitcoin prices drop.
2. Buy some Bitcoins.
3. Stop your DDOS.
4. Bitcoin price goes back up.
5. Sell your Bitcoins at the now higher price.
6. PROFIT!!!

Here's the "Destabilize the currency" plan:
1. DDOS Bitcoin trading sites.
2. Convince everyone who might be considering using Bitcoins to use dollars or Euro or yen or krona or yuan or something

Re:

[moeinvt]

"Because bitcoin is such a threat..."

The "Liberty Dollar" wasn't a "threat" either, but they still shut it down, arrested the creator and likened his activity to "domestic terrorism". I kid you not. The Fed. prosecutor said that he was undermining the currency and equated it to "terrorism".

http://en.wikipedia.org/wiki/Liberty_Dollar [wikipedia.org]

The banker-government's greatest power of all is their money monopoly. They stomp on these things HARD as soon as they become "noticeable" and long before they're even a mild

Re:

[Lunix Nutcase]

Since when did anyone but a small group of nerds ever have faith in bitcoin to begin with?

Re:

[shaitand]

Me too. Destabilizing a completely open peer-to-peer decentralized monetary system that breaks the shackles of government control really doesn't seem like the bag of the hacker community at large. This feels more like a corporate or even government backed venture.

Re:

[Lunix Nutcase]

Why would they do something like that over simply making the currency illegal and arresting anyone for violating laws over minting currency? The conspiracy version makes no logical sense.

Re:

[shaitand]

Because they have no legal basis for making the currency illegal, no jurisdiction if they did, and no legal technical route that could be used to enforce such a law. That is all assuming government. A corporate player makes just as much sense.

An overt government/corporate attack on Bitcoin could spur public outcry and outrage. That would increase the popularity and the number of people who supported the system making it that much harder to shut down. It might push it to the point of being mainstream.

Re:

[Lunix Nutcase]

Right because instead of spending their time manipulating the USD, Yen, Euro, etc. to make 100s of millions if not billions of dollars or more the "banking system" is creating malware and DDoSing an exchange for a currency used by a less than a thousandth of 1% of the world. Yeah, real believable.

Re:

[jafiwam]

Right because instead of spending their time manipulating the USD, Yen, Euro, etc. to make 100s of millions if not billions of dollars or more [BitCoin users use BitCoins, which are] used by a less than a thousandth of 1% of the world. Yeah, real [smart].

The start up costs and complication of manipulating real-world markets (as opposed to fake stuff) are astronomically high. Some governments couldn't manage it if they tried.

On the other hand, one nerd who can dDOS and a couple small time hoods could pull off a BitCoin manipulation scam.

Your arrogance in thinking BitCoin is equivalent to a world market "USD, Yen, Euro, etc." is proof positive that these types of attacks will continue to happen. BitCoin is for stupid people, or smart people acting stupid

yubikey

[Anonymous Coward]

Gox gives a free yubi to anyone with more then loose change in there. Last time I looked, malware don't work on 2factor...

Re:

[LordLimecat]

MITM works on 2-factor just as well as it does on 1-factor.

Re:

[LordLimecat]

Conspiracy theorists, unite!

Symantec, in collaboration with the Guild of Calamatious Intent...

well unfortunately

[slashmydots]

Unfortunately, almost all bitcoin users are a lot smarter than that. If their browser's security features, their antivirus, and their common sense don't all tip them off that it's not the real MTGox, they probably shouldn't be bitcoin users.

Re:

[slashmydots]

No, you would be pretty surprised considering it's open source code

Re:

[medv4380]

Unfortunately, almost all bitcoin users have a persistent internet connection, and are being targeted. There isn't a Security Feature, Anti-Virus, or any other nonsensical "common sense" measure you can take. At some point you're going to slip up, and a virus is going to get in, or a new unpatched vulnerability will get you. Now if only I can find some fool to but these "offline" only bitcoins.

Re:

[BlueMonk]

Yeah, but that's not news. All Windows users (and some others) have long been targets of virus and other malware attacks against which the many available defenses are not always 100% effective. Nothing new there. You don't have to be a bitcoin user to be the kind of target you're describing.

Re:

[medv4380]

I was only replying to someone with the naive notion that "bitcoin" users were magically immune.

Re:

[BlueMonk]

They do have a point, though, that the average bitcoin user is probably less susceptible than the average overall user to phishing attacks because most phishing attacks are relatively easy to detect and avoid if you have any tech smarts, which most bitcoin users need to have in order to be involved or have an interest in bitcoin. Questionably how pronounced that variation from average is, though.

Re:

[Runaway1956]

How many Confederate dollars do you want for a coin? I think five bucks per offline bitcoin?

Re:

[slashmydots]

Lol confederate money is worth a shit ton of USD right now

Re:

[slashmydots]

So looking at the domain/URL you're currently at isn't common sense?

Related links

[biodata]

Interesting that the top two 'Related links' for this story are both stories about printable guns, at least in the pageview I'm getting right now, the third is about DNA collection after arrest, the fourth about how all your data are belong US and the fifth about PETA eants to sue people. Perhaps /. doesn't have any other stories about bitcoin, phishing, DDOS, Symantec, trojans or other malware.

Re:No government control?

[serviscope_minor]

This kind of garbage is why money works best when regulated and maintained by a government.

Yes, because under grown-up sensible government controlled money, no phishers ever make fake bank websites.

Re:

[UnknownSoldier]

Riiiiight, because no one ever counterfeits hard currency, never used it to buy off politicians, never laundered, never dumped, never hoarded, never used it to bribe people, never used it to pay soldiers to murder people, etc.

Just in case you don't get it: A _digital_ NOR a _physical_ currency is NOT immune to the many (government & private) abuses. That is, there are MANY issues with money ... namely its design and mis-implementation.

* http://mises.org/books/whathasgovernmentdone.pdf [mises.org]
* http://www.lewro [lewrockwell.com]

Re:

[DogDude]

When are you going to stop being delusional that an unregulated currency is viable?

Re:

[ultranova]

When are you going to stop being delusional that an unregulated currency is viable?

Dunno what unregulated currency you're talking bout - Bitcoin is regulated algorithmically by the transaction and block validation rules, so that can't be it. Are you referring to centralized currencies [guardian.co.uk], where "regulation" apparently means you can lose access to your money at any time.

As for Bitcoin being viable, Bitcoin economy is alive and growing, so claims of non-viability are extraordinary and require extraordinary evid

Re:

[Jeremi]

When are you going to stop being delusional that some magical pseudo-authority figure is the answer to everyone's perceived problems?

I don't have an opinion on the matter, but DogDude specifically said "best", not "only". So you're arguing against a claim he never made.

Re:

[Stewie241]

I dunno. If you use digits as currency you get built in fingerprints.

The approach

[Aaron B Lingwood]

The fake Mt Gox [mtgox.com] sites are found on domains such as mtgox.org, mtgox.net. Existing customers and Bitcoin early adopters will likely not fall for this. This is likely targeting the non-tech-savvy followers who just heard through the media about a currency that can make you rich or a cool way to buy drugs. A search [duckduckgo.com] or two [google.com] will unlikely lead a potential victim to one of these fake sites, so they are depending on the advertising. Details are scarce on how they are advertising.

Re:

[FreeUser]

Details are scarce on how they are advertising.

Slashdot

Why do you attack/spoof Bitcoin exchanges?

[Overzeetop]

Q: Why do you rob banks?
A: Because that's where the money is stored.

Re:

[DrXym]

Even though we are supposed to be one of the largest groups of nerds, sure, let's pile stupid FUD.

Someone can be really smart and still hold some really dumb beliefs.

Magic The Gathering

[myowntrueself]

Not 'Mount Gox'. Theres no such place.

Its Magic the Gathering Online exchange not Mt. Gox.

But even they refer to it as Mount Gox. Why? Are they trying to distance themselves from the card game?

Re:

[neminem]

I don't see anything about M:tG on their site, certainly not anything saying it's called that. Do you get annoyed any time anyone talks about AT&T and doesn't make sure their audience knows that the company deals in telegraphs (even though they haven't in many, many decades), too?

Re:

[synaptik]

I liked your counterpoint about AT&T... and although the GP didn't really have a point, they were referring to the original purpose of mtgox.com, as evidenced by The Wayback Machine's snapshop of it from 2007: http://web.archive.org/web/20070817170606/http://mtgox.com/gwt/mtgox.php [archive.org]

Re:

[neminem]

Right. I'm aware of its original purpose. Hence, my point that companies sometimes change purpose, redefinition of their previous name often occurs [wikipedia.org], and it's rather unfair to say "this company once did x, x is frivolous, therefore the company will be forever tainted with frivolity".

Re:

[magic maverick]

Probably. After all, the site has been sold at least once since it had anything to do with the card game.

Boo ya.

Re:

[pantaril]

Not 'Mount Gox'. Theres no such place.

Its Magic the Gathering Online exchange not Mt. Gox.

Dunno if you are mentally impaired or just blind but they label themself Mt.Gox right on the front page of their website mtgox.com [mtgox.com]

Re:

[remus.cursaru]

Not 'Mount Gox'. Theres no such place.

Its Magic the Gathering Online exchange not Mt. Gox.

Dunno if you are mentally impaired or just blind but they label themself Mt.Gox right on the front page of their website mtgox.com [mtgox.com]

No matter where you look it up, it's always Mt.Gox, there is no "mount" in there. I dunno about any magic stuff...

Re:

[pantaril]

Well Mt. could be interpreted as short version of "Mount".

About the magic stuff - they originally intended to build Magic The Gathering Online eXchange and registered mtgox domain for it but it never actually happened as they learned about bitcoin later and decided to build bitcoin exchange instead. No magic card was ever traded on MtGox. Some people like "myowntrueself" are trying to twist the facts and use their domain name to paint them as not professional exchange completely ignoring the reality that M

Re:

[gox]

Even if it was registered with that in mind, there was never a Magic the Gathering exchange on that domain, so your claim is unwarranted. Besides, the guy who registered the domain sold it long time ago. Granted though, it's a weird name for a Bitcoin exchange.