Mt. Gox CEO lied about massive Bitcoin theft, according to alleged hackers

Share this article:
The bugs lie in the way Android generates private keys used to authenticate the Bitcoin owners.
Mt. Gox CEO lied when he said that 850,000 Bitcoins were stolen.

Mt. Gox CEO Mark Karpeles lied when he said that the former world's biggest Bitcoin exchange – which filed for bankruptcy protection in the U.S. on Sunday and in Japan on Feb. 28 – had been relieved of 850,000 Bitcoins by hackers, according to the alleged hackers themselves.

“We stole no bitcoins,” the alleged miscreants wrote on Karpeles' hacked and defaced blog on Sunday, which was posted on Pastebin not long after. “There were none to steal.”

The alleged Bitcoin thieves posted a breakdown of Bitcoin balances by country that totaled more than 950,000 Bitcoins, and included a file that was said to contain relevant database dumps, CSV exports, specialized tools and highlighted summaries compiled from the data. User database dumps are said not to have been included.

Bitcoin users took to Reddit on Sunday to discuss how an executable – contained in the downloadable file posted by the hackers – may actually be a Bitcoin wallet stealing malware; however, some users indicated that the other information contained within the downloadable is still correct.

Karpeles announced in Japan earlier this month that hackers had taken advantage of weaknesses in the exchange's computer systems and stole 750,000 customer Bitcoins and 100,000 Mt. Gox owned Bitcoins – which currently amounts to more than half a billion dollars.

Shortly after, roughly 1,700 lines of code allegedly belonging to Mt. Gox was posted on Pastebin. Frode Nilsen, a developer with five years of experience working on banking applications with money transactions, told at the time that the code was very amateur and explained that the most glaring offense is a vulnerability to SQL injection.

Mt. Gox claimed the issue that allowed hackers to steal Bitcoins involved a vulnerability in a Bitcoin software algorithm. The exchange filed for Chapter 15 bankruptcy protection in Dallas on Sunday, stating that hackers took advantage of “a flaw in the software algorithm that underlies Bitcoin,” according to documents.

“This Chapter 15 case is being filed in an effort to maximize recoveries to, and provide for an equitable distribution of value among, all creditors,” according to the documents. A Mt. Gox “Crisis Strategy Draft” discovered online, but not confirmed authentic, indicates that there are 1.1 million accounts and 550,000 verified customers.

Although the trials and tribulations involving Mt. Gox continue to turn heads, one thing is certain – the number of attacks in the virtual currency market are increasing.

Bitcoin bank Flexcoin recently announced it was shutting down after attackers stole all 896 Bitcoins, and not long after, cryptocurrency exchange Poloniex announced that a hacker took advantage of a vulnerability in the website's withdrawal protocol and made off with 12.3 percent of Bitcoins.

Still, Bitcoin value continues to stay relatively strong, with a single coin being valued at around $620 as of Monday.

Share this article:
You must be a registered member of SC Magazine to post a comment.

Sign up to our newsletters

More in News

Ground system for weather satellites contains thousands of 'high-risk' bugs

Ground system for weather satellites contains thousands of ...

An audit of the Joint Polar Satellite System ground system revealed thousands of vulnerabilities, most of which will be addressed in two years when the next version of the system ...

Threat report on Swedish firms shows 93 percent were breached

The study by KPMG and FireEye also found that 49 percent of detected malware was unknown.

Former acting HHS cyber director convicted on child porn charges

Former acting HHS cyber director convicted on child ...

Timothy DeFoggi, who was nabbed by the FBI last year in its Operation Torpedo investigation was convicted by federal jury in Nebraska.