Bitcoin currency exchange compromised, database stolen

Share this article:
The largest Bitcoin currency exchange market, Mt.Gox, is currently offline after suffering a cyberattack that caused the market to crash.

Mt.Gox, a currency exchange market where users can trade actual dollars for virtual currency, known as Bitcoin, said it is working to restore service after hackers over the weekend accessed its systems and stole a database containing usernames, email addresses and password hashes.

As of Monday afternoon, visitors to the site were being redirected to a statement about the intrusion from Mt.Gox official Mark Karpeles.

“It appears that someone who performs audits on our system and had read-only access to our database had their computer compromised,” Karpeles wrote in the statement. “This allowed for someone to pull our database.”

The database reportedly contained 61,020 credentials, though Mt.Gox has not confirmed that number.  

Created in 2009, bitcoins are a form of virtual currency that can be transferred anonymously from person to person online, without going through a bank. They are accepted today by some online merchants and can be traded at online currency exchanges, such as Mt.Gox.

Those behind the attack against Mt.Gox used the stolen credentials to log into an account containing a large number of Bitcoins.

The flash-crash happened after they sold all the coins in the account and then bought them back and attempted to withdraw the proceeds. However, they were only able to get away with a $1,000 due to withdrawal limits on the account, Karpeles said. The price of the currency plummeted from $17 per Bitcoin down to pennies within minutes, and Mt.Gox suspended trading.

Due to the large impact on the Bitcoin market, Mt.Gox said it plans to roll back every trade that had been made since the incident.

Mt.Gox is currently working with Google to ensure any Gmail accounts associated with Mt.Gox user accounts have been locked and verified, Karpeles said. In addition, a Mt.Gox account recovery page is expected to go live by Tuesday morning.

The exchange will reopen once enough users have reclaimed their accounts.

Users should avoid downloading anything that looks to have been sent from Mt.Gox, Karpeles said. 

Meanwhile, the security of Bitcoin has gained increasing attention recently. Security researchers last week warned that a new trojan is propagating in the wild and targeting Bitcoin digital wallets installed on computers running Windows.

Share this article:
You must be a registered member of SC Magazine to post a comment.

Sign up to our newsletters

More in News

Beazley: employee errors root of most data breaches, but malware incidents cost ...

Insurance firm Beazley analyzed more than 1,500 data breaches it serviced between 2013 and 2014.

Apple issues seven updates, fixes more than 40 vulnerabilities in iOS 8, OS 10.9.5

Apple issues seven updates, fixes more than 40 ...

In one of its infrequent "Update Surprisedays," Apple plugged holes, boosted security and added features.

Canadian telecom co. Telus unveils first transparency report

The company received more than 100,000 government requests for customer data last year.