The price of freedom, as they say, is eternal vigilance. A user called bitbully on the Bitcointalk Forums found himself 34 bitcoins poorer when he visited a site claiming to be a chat service connected with Mt. Gox, a popular bitcoin trading service. The site, wwwdotmtg(this is an o)x-ch(this is an a)tdotinfo (do not visit this site), apparently places a cross-site transfer order on the victim’s computer immediately upon visiting using a Java applet. Because the transactions aren’t reversible and the attackers are anonymous, the victims are out of luck.
This victim lost half of his account instantaneously. Mt.Gox does offer two-factor authentication, which is a good way to prevent illicit logins. This user did not have it activated. A Reddit thread also addresses this particular scam.
The phishing site, for what it’s worth, is currently down.
The phishing message making the rounds is something like “Mtgox are talking about adding ltc or ppc in about 4-5 hours. Guys, come on the mtgox livechat I think we should all invest in LTC. hxxp://bit.ly/xxx.” The Bit.ly link goes to the phishing site.
The writer described his sleuthing:
Bitcoin phishing is not new and as more and more users enter the BTC fray it’s clear that it will be a bigger problem. As Twitter novelty account Bitcoin.txt notes, the market is frothy and full of folks who have little experience investing in anything, let alone an imaginary digital currency that could be part of a future economic engine – or could spell ruin for investors who click bit.ly links.