Mt. Gox CEO lied about massive Bitcoin theft, according to alleged hackers

Share this article:
The bugs lie in the way Android generates private keys used to authenticate the Bitcoin owners.
Mt. Gox CEO lied when he said that 850,000 Bitcoins were stolen.

Mt. Gox CEO Mark Karpeles lied when he said that the former world's biggest Bitcoin exchange – which filed for bankruptcy protection in the U.S. on Sunday and in Japan on Feb. 28 – had been relieved of 850,000 Bitcoins by hackers, according to the alleged hackers themselves.

“We stole no bitcoins,” the alleged miscreants wrote on Karpeles' hacked and defaced blog on Sunday, which was posted on Pastebin not long after. “There were none to steal.”

The alleged Bitcoin thieves posted a breakdown of Bitcoin balances by country that totaled more than 950,000 Bitcoins, and included a file that was said to contain relevant database dumps, CSV exports, specialized tools and highlighted summaries compiled from the data. User database dumps are said not to have been included.

Bitcoin users took to Reddit on Sunday to discuss how an executable – contained in the downloadable file posted by the hackers – may actually be a Bitcoin wallet stealing malware; however, some users indicated that the other information contained within the downloadable is still correct.

Karpeles announced in Japan earlier this month that hackers had taken advantage of weaknesses in the exchange's computer systems and stole 750,000 customer Bitcoins and 100,000 Mt. Gox owned Bitcoins – which currently amounts to more than half a billion dollars.

Shortly after, roughly 1,700 lines of code allegedly belonging to Mt. Gox was posted on Pastebin. Frode Nilsen, a developer with five years of experience working on banking applications with money transactions, told SCMagazine.com at the time that the code was very amateur and explained that the most glaring offense is a vulnerability to SQL injection.

Mt. Gox claimed the issue that allowed hackers to steal Bitcoins involved a vulnerability in a Bitcoin software algorithm. The exchange filed for Chapter 15 bankruptcy protection in Dallas on Sunday, stating that hackers took advantage of “a flaw in the software algorithm that underlies Bitcoin,” according to documents.

“This Chapter 15 case is being filed in an effort to maximize recoveries to, and provide for an equitable distribution of value among, all creditors,” according to the documents. A Mt. Gox “Crisis Strategy Draft” discovered online, but not confirmed authentic, indicates that there are 1.1 million accounts and 550,000 verified customers.

Although the trials and tribulations involving Mt. Gox continue to turn heads, one thing is certain – the number of attacks in the virtual currency market are increasing.

Bitcoin bank Flexcoin recently announced it was shutting down after attackers stole all 896 Bitcoins, and not long after, cryptocurrency exchange Poloniex announced that a hacker took advantage of a vulnerability in the website's withdrawal protocol and made off with 12.3 percent of Bitcoins.

Still, Bitcoin value continues to stay relatively strong, with a single coin being valued at around $620 as of Monday.

Share this article:

Sign up to our newsletters

More in News

New backdoor 'Baccamun' spreads through ActiveX exploit

Symantec researchers revealed that the backdoor is dropped after attackers exploit a Windows ActiveX vulnerability.

Outdated browsers put U.K. users at risk of malware

A blog post on Check and Secure website said 70 percent of U.K. users haven't fully updated their internet browsers

Survey: 53 percent change privileged logins quarterly

A Lieberman Software survey highlights the issue or poor password management, even among security pros.