Several reports have flooded the internet about unauthorized login attempts on the accounts of Mt. Gox Creditors in the last 24 hours. These reports have sent shockwaves through the crypto community with speculations rising about another hack. This update comes less than 48 hours after the defunct crypto exchange moved another $9 billion in Bitcoin to the Kraken exchange.
Some users shared several screenshots on the Mt. Gox subreddit while others laid various complaints about their inability to enter their accounts. After waiting ten years for repayment, the creditors are worried about the reason behind the sudden attempt and what it holds for them moving forward.
Creditors Report Unapproved Login Attempts
In a recent development, the ‘r/mtgoxinsolvency’ subreddit, mostly used by the Mt. Gox creditors to share information about the progress of their repayments, has been agog with reports of a series of failed login attempts on their accounts.
Consequently, this has raised fear of a potential ‘brute force attack.’ For context, a brute force attack is a type of hack where the perpetrators use a ‘trial and error’ method to get the login details of an account. In this type of hack, several login attempts are made by trying multiple usernames and passwords until the hacker gets the right pass for the account.
In a screenshot shared on the subreddit, it was seen that the login was attempted in about 8 seconds between 04:09:27 and 04:09:35 on July 17. While concerns were raised about the possible hack, others speculated that it could simply be a glitch since the website went offline into maintenance mode shortly after.
Source: Mt. Gox subreddit
Also, another screenshot was shared which showed an automatic reply from the Mt. Gox system stating some of the possible reasons for the failed attempt which include an incorrect email and/or password, zero Bitcoin balance on account, the Rehabilitation Trustee determining that the user is not entitled to the system and other.
After much trial, a user managed to get into their account and posted it on the subreddit. According to him, everything looks good and there was no compromise, however, he is unsure if to change his password as the clarity of what happened still hung in the balance.
Users Confirm 2FA Protection as Website Goes Offline
Meanwhile, amid the chaos of confusion, some users have confirmed that the failed attempts were probably blocked by the extra layer of security, the two-factor authentication (2fa) set up on their accounts. However, there is a catch. One user complained about an error with the 2fa message timing. According to him, the 2fa prompt was only displayed after he had received an email stating that he had logged in.
He wrote “The problem with their system is they send that “you have logged in” email BEFORE you enter the 2FA code, so a bit misleading.” Furthermore, he expressed concerns about the possibility of a hacker having most of the Mt. Gox users’ emails associated with their accounts adding that it had happened before. Finally, he expressed confidence in the 2FA system stating that “As long as you have a 2FA you should “hopefully” be fine.”
Shortly after the complaints, the Mt. Gox website went into maintenance mode, signifying a quick response by the exchange to prevent a potential breach that could thwart its effort to complete the creditors’ repayments.
So far, Mt. Gox has repaid about 36% of the Bitcoin to its creditors. Notably, following the brute force attack, the price of BTC has declined marginally over the last day, now trading at $64,937, representing a 0.44% reduction in value.
The post Is Mt. Gox Under Attack? Creditors Report Login Attempts appeared first on Coinfomania.