Fake Mt. Gox Pages Aim To Infect Bitcoin Users 74
An anonymous reader writes "Mt. Gox is the the largest Bitcoin exchange in the world, and as such it and its users are being repeatedly targeted by attackers. Some two months ago, it battled a massive DDoS attack that was likely aimed at destabilizing the virtual currency and allow the criminals to profit from the swings. Now, according to Symantec researchers, the criminals have turned to spoofing Mt. Gox' site and tricking its customers into downloading malware — the Ponik downloader Trojan, which is also able to steal passwords."
It's Thursday, must be Bitcoin time! (Score:4, Insightful)
We've already had Apple vs. Samsung this week, plus the oblig swipe at Windows, so tomorrow, it must be another Rasperry Pi story, eh?
Re:It's Thursday, must be Bitcoin time! (Score:4, Funny)
We've already had Apple vs. Samsung this week, plus the oblig swipe at Windows, so tomorrow, it must be another Rasperry Pi story, eh?
Well, if you don't like news for nerds there are probably more suitable sites for you [perezhilton.com].
Re:It's Thursday, must be Bitcoin time! (Score:5, Funny)
Re: (Score:2)
Bitcoin is the Boxxy of Slashdot.
My first thought was "Boxee is the boxee of slashdot" and then I realized I was out of my element...
Re: (Score:3)
Re: (Score:2)
That was my reaction too. No one bothers with custom-tuned phishing sites unless they'll get a lot of traffic, and the hijacked session can be used to get something of value.
OTOH, it's less significant than it might be, as botnet herding is an online black market, and so presumably bitcoin already has traction there as a currency.
Re: (Score:2)
Actually, given the outrightly criminal nature of that banking system, this is not an unreasonable suggestion. We already know that the likes of HFT companies regulalry engage in DDoS attacks against exchanges, so the skillset for this kind of work is there.
Re: (Score:3)
I know it's tin-foil hat thinking... but my first thought was, "Are we sure it was 'aimed at destabilizing the virtual currency and allow the criminals to profit from the swings' or was it someone else trying to destabilize the currency to make people lose any faith they might have had."
Re: (Score:3)
I'd be reasonably certain that the criminal answer is the right one.
Here's the "allow bad guys to profit from the swings" plan:
1. DDOS Bitcoin trading sites, and watch the Bitcoin prices drop.
2. Buy some Bitcoins.
3. Stop your DDOS.
4. Bitcoin price goes back up.
5. Sell your Bitcoins at the now higher price.
6. PROFIT!!!
Here's the "Destabilize the currency" plan:
1. DDOS Bitcoin trading sites.
2. Convince everyone who might be considering using Bitcoins to use dollars or Euro or yen or krona or yuan or something
Re: (Score:3)
"Because bitcoin is such a threat..."
The "Liberty Dollar" wasn't a "threat" either, but they still shut it down, arrested the creator and likened his activity to "domestic terrorism". I kid you not. The Fed. prosecutor said that he was undermining the currency and equated it to "terrorism".
http://en.wikipedia.org/wiki/Liberty_Dollar [wikipedia.org]
The banker-government's greatest power of all is their money monopoly. They stomp on these things HARD as soon as they become "noticeable" and long before they're even a mild
Re: (Score:1)
Since when did anyone but a small group of nerds ever have faith in bitcoin to begin with?
Re: (Score:2)
Re: (Score:2)
Why would they do something like that over simply making the currency illegal and arresting anyone for violating laws over minting currency? The conspiracy version makes no logical sense.
Re: (Score:2)
An overt government/corporate attack on Bitcoin could spur public outcry and outrage. That would increase the popularity and the number of people who supported the system making it that much harder to shut down. It might push it to the point of being mainstream.
Re: (Score:2)
Right because instead of spending their time manipulating the USD, Yen, Euro, etc. to make 100s of millions if not billions of dollars or more the "banking system" is creating malware and DDoSing an exchange for a currency used by a less than a thousandth of 1% of the world. Yeah, real believable.
Re: (Score:2)
Right because instead of spending their time manipulating the USD, Yen, Euro, etc. to make 100s of millions if not billions of dollars or more [BitCoin users use BitCoins, which are] used by a less than a thousandth of 1% of the world. Yeah, real [smart].
The start up costs and complication of manipulating real-world markets (as opposed to fake stuff) are astronomically high. Some governments couldn't manage it if they tried.
On the other hand, one nerd who can dDOS and a couple small time hoods could pull off a BitCoin manipulation scam.
Your arrogance in thinking BitCoin is equivalent to a world market "USD, Yen, Euro, etc." is proof positive that these types of attacks will continue to happen. BitCoin is for stupid people, or smart people acting stupid
yubikey (Score:1)
Gox gives a free yubi to anyone with more then loose change in there. Last time I looked, malware don't work on 2factor...
Re: (Score:3)
MITM works on 2-factor just as well as it does on 1-factor.
Re: (Score:2)
Conspiracy theorists, unite!
Symantec, in collaboration with the Guild of Calamatious Intent...
well unfortunately (Score:5, Insightful)
Re: (Score:2)
Re: (Score:2)
Re: (Score:2)
Yeah, but that's not news. All Windows users (and some others) have long been targets of virus and other malware attacks against which the many available defenses are not always 100% effective. Nothing new there. You don't have to be a bitcoin user to be the kind of target you're describing.
Re: (Score:2)
Re: (Score:2)
They do have a point, though, that the average bitcoin user is probably less susceptible than the average overall user to phishing attacks because most phishing attacks are relatively easy to detect and avoid if you have any tech smarts, which most bitcoin users need to have in order to be involved or have an interest in bitcoin. Questionably how pronounced that variation from average is, though.
Re: (Score:2)
How many Confederate dollars do you want for a coin? I think five bucks per offline bitcoin?
Re: (Score:2)
Re: (Score:2)
Related links (Score:2)
Re:No government control? (Score:5, Insightful)
This kind of garbage is why money works best when regulated and maintained by a government.
Yes, because under grown-up sensible government controlled money, no phishers ever make fake bank websites.
Re: (Score:3)
Riiiiight, because no one ever counterfeits hard currency, never used it to buy off politicians, never laundered, never dumped, never hoarded, never used it to bribe people, never used it to pay soldiers to murder people, etc.
Just in case you don't get it: A _digital_ NOR a _physical_ currency is NOT immune to the many (government & private) abuses. That is, there are MANY issues with money ... namely its design and mis-implementation.
* http://mises.org/books/whathasgovernmentdone.pdf [mises.org]
* http://www.lewro [lewrockwell.com]
Re: (Score:2)
Re: (Score:2)
Dunno what unregulated currency you're talking bout - Bitcoin is regulated algorithmically by the transaction and block validation rules, so that can't be it. Are you referring to centralized currencies [guardian.co.uk], where "regulation" apparently means you can lose access to your money at any time.
As for Bitcoin being viable, Bitcoin economy is alive and growing, so claims of non-viability are extraordinary and require extraordinary evid
Re: (Score:2)
When are you going to stop being delusional that some magical pseudo-authority figure is the answer to everyone's perceived problems?
I don't have an opinion on the matter, but DogDude specifically said "best", not "only". So you're arguing against a claim he never made.
Re: (Score:2)
I dunno. If you use digits as currency you get built in fingerprints.
The approach (Score:2)
Re: (Score:3)
Details are scarce on how they are advertising.
Slashdot
Why do you attack/spoof Bitcoin exchanges? (Score:2)
Q: Why do you rob banks?
A: Because that's where the money is stored.
Re: (Score:2)
Even though we are supposed to be one of the largest groups of nerds, sure, let's pile stupid FUD.
Someone can be really smart and still hold some really dumb beliefs.
Magic The Gathering (Score:2)
Not 'Mount Gox'. Theres no such place.
Its Magic the Gathering Online exchange not Mt. Gox.
But even they refer to it as Mount Gox. Why? Are they trying to distance themselves from the card game?
Re: (Score:3)
I don't see anything about M:tG on their site, certainly not anything saying it's called that. Do you get annoyed any time anyone talks about AT&T and doesn't make sure their audience knows that the company deals in telegraphs (even though they haven't in many, many decades), too?
Re: (Score:1)
Re: (Score:2)
Right. I'm aware of its original purpose. Hence, my point that companies sometimes change purpose, redefinition of their previous name often occurs [wikipedia.org], and it's rather unfair to say "this company once did x, x is frivolous, therefore the company will be forever tainted with frivolity".
Re: (Score:1)
Probably. After all, the site has been sold at least once since it had anything to do with the card game.
Boo ya.
Re: (Score:2)
Not 'Mount Gox'. Theres no such place.
Its Magic the Gathering Online exchange not Mt. Gox.
Dunno if you are mentally impaired or just blind but they label themself Mt.Gox right on the front page of their website mtgox.com [mtgox.com]
Re: (Score:1)
Not 'Mount Gox'. Theres no such place.
Its Magic the Gathering Online exchange not Mt. Gox.
Dunno if you are mentally impaired or just blind but they label themself Mt.Gox right on the front page of their website mtgox.com [mtgox.com]
No matter where you look it up, it's always Mt.Gox, there is no "mount" in there. I dunno about any magic stuff...
Re: (Score:2)
Well Mt. could be interpreted as short version of "Mount".
About the magic stuff - they originally intended to build Magic The Gathering Online eXchange and registered mtgox domain for it but it never actually happened as they learned about bitcoin later and decided to build bitcoin exchange instead. No magic card was ever traded on MtGox. Some people like "myowntrueself" are trying to twist the facts and use their domain name to paint them as not professional exchange completely ignoring the reality that M
Re: (Score:2)
Even if it was registered with that in mind, there was never a Magic the Gathering exchange on that domain, so your claim is unwarranted. Besides, the guy who registered the domain sold it long time ago. Granted though, it's a weird name for a Bitcoin exchange.