Breach, Data Security, Incident Response, Malware, TDR, Vulnerability Management

Bitcoin currency exchange compromised, database stolen

The largest Bitcoin currency exchange market, Mt.Gox, is currently offline after suffering a cyberattack that caused the market to crash.

Mt.Gox, a currency exchange market where users can trade actual dollars for virtual currency, known as Bitcoin, said it is working to restore service after hackers over the weekend accessed its systems and stole a database containing usernames, email addresses and password hashes.

As of Monday afternoon, visitors to the site were being redirected to a statement about the intrusion from Mt.Gox official Mark Karpeles.

“It appears that someone who performs audits on our system and had read-only access to our database had their computer compromised,” Karpeles wrote in the statement. “This allowed for someone to pull our database.”

The database reportedly contained 61,020 credentials, though Mt.Gox has not confirmed that number.  

Created in 2009, bitcoins are a form of virtual currency that can be transferred anonymously from person to person online, without going through a bank. They are accepted today by some online merchants and can be traded at online currency exchanges, such as Mt.Gox.

Those behind the attack against Mt.Gox used the stolen credentials to log into an account containing a large number of Bitcoins.

The flash-crash happened after they sold all the coins in the account and then bought them back and attempted to withdraw the proceeds. However, they were only able to get away with a $1,000 due to withdrawal limits on the account, Karpeles said. The price of the currency plummeted from $17 per Bitcoin down to pennies within minutes, and Mt.Gox suspended trading.

Due to the large impact on the Bitcoin market, Mt.Gox said it plans to roll back every trade that had been made since the incident.

Mt.Gox is currently working with Google to ensure any Gmail accounts associated with Mt.Gox user accounts have been locked and verified, Karpeles said. In addition, a Mt.Gox account recovery page is expected to go live by Tuesday morning.

The exchange will reopen once enough users have reclaimed their accounts.

Users should avoid downloading anything that looks to have been sent from Mt.Gox, Karpeles said. 

Meanwhile, the security of Bitcoin has gained increasing attention recently. Security researchers last week warned that a new trojan is propagating in the wild and targeting Bitcoin digital wallets installed on computers running Windows.

Get daily email updates

SC Media's daily must-read of the most current and pressing daily news

By clicking the Subscribe button below, you agree to SC Media Terms and Conditions and Privacy Policy.