404 Tech Support

A Rough Road For Bitcoin – Largest Exchange, Mt. Gox, Reports Leaked Account Info and Huge Sell-Off Initiated

At the end of March, I first wrote about Bitcoin, a virtual cryptocurrency with no central management by design. When I wrote about it, you could buy a single bitcoin for about 80 cents. Since then, the value of a bitcoin has skyrocketed to $30USD and stabilized around $16USD as more services and merchants are starting to accept the currency and speculation puts the currency in high demand.

Bitcoin is a peer-to-peer digital currency. Peer-to-peer (P2P) means that there is no central authority to issue new money or keep track of transactions. Instead, these tasks are managed collectively by the nodes of the network. Advantages:

  • Bitcoins can be sent easily through the Internet, without having to trust middlemen.
  • Transactions are designed to be computationally prohibitive to reverse.
  • Be safe from instability caused by fractional reserve banking and central banks. The limited inflation of the Bitcoin system’s money supply is distributed evenly (by CPU power) throughout the network, not monopolized by banks.

Bitcoin is an open source project currently in beta development stage.

Development for Bitcoin has seemingly been good with coverage from some major publications like BusinessWeek and the Wall Street Journal. Unfortunately, the seemingly bright future has had some negatives leaking in the shadows.

25,000 BTC (bitcoins) stolen

As allinvain writes on the Bitcoin forum, he awoke to find 25,000 bitcoins transferred from his wallet to another account. That amounts to about $400,000 currently.

Trojan viruses start specifically searching for Bitcoin Wallets

According to this blog post by Symantec, a trojan virus has been written to specifically look for your bitcoin wallet (wallet.dat) and send it to the hacker through e-mail or FTP.

US Senators are looking to shut down Bitcoin, “the currency of the Internet drug trade”

Two U.S. senators read the Gawker article on the Silk Road, a website which uses Bitcoin as its untraceable currency to sell illegal drugs over the Internet. PCWorld reports on the senators campaigns to cut off the drug website’s funding source, Bitcoin.

Today’s story: Mt. Gox reports account info leaked and a huge sell-off initiated by a compromised account

Mt. Gox, the largest exchange for bitcoins, allowing you to swap USD <-> BTC, announced today that a hacked account flooded the market with sales though the $1000 daily limit stopped them from making off with more. The great change in the market dropped the value of a Bitcoin The exchange promises to re-open with the value of a BTC at $17.5. Additionally, the site’s database was compromised and usernames, e-mail addresses, and hashed passwords were lost.  Just yesterday, a Cross-Site Request Forgery with Mt. Gox’s site was announced in the forums.

The bitcoin will be back to around 17.5$/BTC after we rollback all trades that have happened after the huge Bitcoin sale that happened on June 20th near 3:00am (JST).

One account with a lot of coins was compromised and whoever stole it (using a HK based IP to login) first sold all the coins in there, to buy those again just after, and then tried to withdraw the coins. The $1000/day withdraw limit was active for this account and the hacker could only get out with $1000 worth of coins.

Apart from this no account was compromised, and nothing was lost. Due to the large impact this had on the Bitcoin market, we will rollback every trade which happened since the big sale, and ensure this account is secure before opening access again.

UPDATE REGARDING LEAKED ACCOUNT INFORMATIONS

We will address this issue too and prevent logins from each users. Leaked information includes username, email and hashed password, which does not allow anyone to get to the actual password, should it be complex enough. If you used a simple password you will not be able to login on Mt.Gox until you change your password to something more secure. If you used the same password on different places, it is recommended to change it as soon as possible.

SERVICE RETURN

Service will not be back before June 20th 11:00am (JST, 02:00am GMT). This may be delayed depending on what is found during the investigation.

The user database was listed for sale on PasteBin but is already available for direct download as a .csv.

This rocky road of Bitcoins might be some tough lessons learned early on in its lifespan. Will it be able to recover or will this lead to a lack of confidence in the currency and ultimately its death? If it is able to recover, however, it might just become more popular and continue its growth with these problems resolved.