Mt. Gox, once the world’s leading exchange for Bitcoin, has admitted that a hacker attack robbed its users of 750,000 bitcoins – and also took 100,000 bitcoins from the exchange’s owner. The Wall St. Journal estimated the value of the theft at $473 million.
The admission comes after the exchange declared bankruptcy and the site went offline. The first signs of trouble data back to 7 February, when the site announced that it was experiencing some delays. On 10 February, the site blamed a Bitcoin protocol issue known as transaction malleability for enabling attackers to alter transactions.
On 24 February,Mt. Gox changed the front page of its site, listing the following message:
“In light of recent news reports and the potential repercussions on MtGox’s operations and the market, a decision was taken to close all transactions for the time being in order to protect the site and our users.”
Two days later, on 26 February, Mt. Gox CEO Mark Karpeles posted a short note on the Mt. Gox site:
“As there is a lot of speculation regarding Mt. Gox and its future, I would like to use this opportunity to reassure everyone that I am still in Japan, and working very hard with the support of different parties to find a solution to our recent issues.”
Apparently there is no solution, and Mt. Gox is now bankrupt after a spectacular failure that will likely only serve to further erode confidence in Bitcoin, if not kill the nascent currency altogether. It’s a crisis of confidence born out of a lack of security.
At the RSA security conference in San Francisco on 27 February, I was in a packed session called “How to Hack Bitcoin.” In front of a live audience, Etay Maor, fraud prevention solutions manager at IBM, and Uri Rivner, head of cyber-strategy at BioCatch, demonstrated how to steal Bitcoins in real time.
It wasn’t very hard.
The two researchers asserted that Bitcoin exchanges, which include Mt. Gox as well as numerous others, do not employ basic security controls. By using malware known as Spyeye on a target machine, the researchers were able execute the theft in seconds – a pre-arranged theft from one researcher to the other.
“Bitcoin exchanges are basically sitting ducks,” Rivner said.
While the spectacular collapse of Mt. Gox is an epic failure that will have a long-lasting impact on the Bitcoin marketplace, it doesn’t necessarily spell the end of Bitcoin itself.
Napster helped start the whole era of digital music downloads, though the initial model wasn’t right. Napster was illegal, letting users essentially steal music, but the basic idea of having an easy-to-use digital music download service was valid. When Napster collapsed in 2001, some thought it was the end of the digital music business, but it wasn’t—it was just the beginning.
The same is likely true here with Bitcoin. The rise of Mt. Gox in the first place is a testament to the incredible demand for Bitcoin. The failure was not in Bitcoin itself, but rather a lack of maturity and security.
Other entrepreneurs will pick through the rubble of Mt. Gox and learn lessons. Although today is a dark day for all those who lost money and the Bitcoin market has been bruised badly, it is not dead.
Sean Michael Kerner is a senior editor at eWEEK and InternetNews.com. Follow him on Twitter @TechJournalist.
Originally published on eWeek.
Fourth quarter results beat Wall Street expectations, as overall sales rise 6 percent, but EU…
Hate speech non-profit that defeated Elon Musk's lawsuit, warns X's Community Notes is failing to…
Good luck. Russia demands Google pay a fine worth more than the world's total GDP,…
Google Cloud signs up Spotify, Paramount Global as early customers of its first ARM-based cloud…
Facebook parent Meta warns of 'significant acceleration' in expenditures on AI infrastructure as revenue, profits…
Microsoft says Azure cloud revenues up 33 percent for September quarter as capital expenditures surge…