Numerous account holders of the now-defunct cryptocurrency exchange Mt. Gox recently reported unauthorized login attempts, sparking concern among users. These individuals, who claim to be creditors of the exchange, observed multiple failed login efforts by hackers over the past 24 hours. The general belief among users is that brute force techniques were likely employed to access the accounts. Fortunately, many users noted that two-factor authentication (2FA) effectively blocked these hacking attempts.
What Is Brute Force Technique?
The brute force technique involves hackers trying countless password combinations until successfully accessing an account. This method is particularly potent against accounts with weak or predictable passwords. However, the presence of 2FA, requiring an additional verification step beyond the password, poses a significant obstacle for hackers. Some users speculate that the unusual login attempts might be due to system errors rather than a coordinated attack.
A Reddit user named Ovkovk shared experiencing 15 login attempt notifications, initiating discussions among other users facing similar issues. While some could access their accounts after these notifications, others were unable to do so. Currently, Mt. Gox is in the process of distributing BTC to its creditors, which amplifies security concerns.
How Are Users Responding to These Attempts?
Another user, Joohansson, warned that hackers might possess a list of Mt. Gox email addresses and are attempting to brute force their way into accounts. This reinforces the importance of 2FA in safeguarding accounts. One user noted receiving login notifications before enabling 2FA, suggesting their password might have been compromised, but 2FA successfully prevented unauthorized access.
Key Takeaways for Account Security
Here are some critical inferences for users:
- Enable two-factor authentication (2FA) to add an extra layer of security to your account.
- Regularly update your passwords and avoid using weak or common passwords.
- Stay vigilant for unusual account activity and report any suspicious login attempts immediately.
In response to these notifications, it was claimed that the Mt. Gox website was temporarily taken down for maintenance, displaying a message to check back shortly. Many Reddit users believe this temporary shutdown was a direct response to the reported login attempts, as the maintenance coincided with the increase in unauthorized access efforts.
Security issues emerged after Mt. Gox transferred a substantial portion of its $9 billion worth of BTC to Kraken, one of the entities responsible for distributing funds to creditors. While some Japanese exchanges like Bitbank and SBI VC Trade have already distributed the allocated funds, others like BitGo and Bitstamp are still awaiting payment. According to Goxxed.org, which tracks Mt. Gox-related wallet addresses, the exchange still holds approximately 47,228 BTC, valued around $3.05 billion.