Bitcoin’s woes .. Mt Gone
LESS than a year ago Mt Gox was the pinnacle of bitcoin trading, accounting for an estimated 70% of the cryptocurrency’s global transactions. Today Mt Gox is apparently gone-early Wednesday Tokyo time, its website, which had been blank all Tuesday, displayed a short message saying the exchange was closed “for the time being”. The firm’s Tokyo offices appear to be abandoned, and its chief executive and sort-of founder, Mark Karpeles, has dropped out of sight. (The only thing that has been heard from him since Sunday is an e-mail sent to Reuters, saying "We should have an official announcement ready soon-ish. We are currently at a turning point for the business. I can't tell much more for now as this also involves other parties.")
Worse, according to a document entitled “Crisis Strategy Draft” that is circulating on the web and appears to come from Mt Gox, 744,400 Bitcoins are also missing, the result of “malleability-related theft” that may have been going on since the exchange began operating. When Bitcoins are traded, each transaction is recorded in a log known as the “blockchain”. But a software bug-which Bitcoin’s developers have known about since 2011, but done little to fix-creates a brief time period in which the unique ID (or TXID) of each transaction can be changed.
The bug seems to have enabled cyberthieves to steal Bitcoins by making it appear that transactions didn’t occur-a problem exacerbated by Mt Gox’s custom software (many other Bitcoin exchanges use standard, “core” Bitcoin software), which made the bug even easier to exploit because it used an automated system to approve withdrawals. The result is a heist that, even at today’s tumbling Bitcoin values, could be in excess of $390 million, or about 6% of all Bitcoins in circulation. That would make it the largest-ever currency-related cybertheft in history.
Mt Gox has always been an accident waiting to happen. Originally an exchange for trading cards used in the game “Magic: The Gathering” (its name is taken from Magic: The Gathering Online eXchange), the site was converted into a Bitcoin exchange by its founder, Jed McCaleb, who then sold it to Mr Karpeles in 2011. Since then, Mt Gox has been plagued with problems. It has been hacked on a regular basis, has frequently suspended trading and withdrawals, was sued by Bitcoin business-incubator CoinLab, and had some $5 million in assets seized when federal authorities shut down two of its American bank accounts, leaving Mt Gox unable to transfer Bitcoins to America. On February 7th Mt Gox halted all Bitcoin withdrawals, “to obtain a clear technical view of the currency processes”. On Sunday, Mr. Karpeles resigned from the Bitcoin Foundation, the virtual currency’s trade group. Two days later both he and Mt Gox were gone.
Bitcoin enthusiasts, who often seem to operate within a Steve-Jobs-like reality-distortion field, were quick to distance themselves from Mt Gox-forgetting, perhaps, that until recently they had often lauded it as the most “trusted brand” in Bitcoinland. Other exchanges have rushed to assure customers that all is well, conveniently disregarding the fact that many of them, too, have been the target of a massive and clearly well-coordinated distributed denial-of-service (DDoS) cyber-attack in recent weeks-an attack also aimed at the malleability bug.
http://www.economist.com/blogs/schum...bitcoin-s-woes
LESS than a year ago Mt Gox was the pinnacle of bitcoin trading, accounting for an estimated 70% of the cryptocurrency’s global transactions. Today Mt Gox is apparently gone-early Wednesday Tokyo time, its website, which had been blank all Tuesday, displayed a short message saying the exchange was closed “for the time being”. The firm’s Tokyo offices appear to be abandoned, and its chief executive and sort-of founder, Mark Karpeles, has dropped out of sight. (The only thing that has been heard from him since Sunday is an e-mail sent to Reuters, saying "We should have an official announcement ready soon-ish. We are currently at a turning point for the business. I can't tell much more for now as this also involves other parties.")
Worse, according to a document entitled “Crisis Strategy Draft” that is circulating on the web and appears to come from Mt Gox, 744,400 Bitcoins are also missing, the result of “malleability-related theft” that may have been going on since the exchange began operating. When Bitcoins are traded, each transaction is recorded in a log known as the “blockchain”. But a software bug-which Bitcoin’s developers have known about since 2011, but done little to fix-creates a brief time period in which the unique ID (or TXID) of each transaction can be changed.
The bug seems to have enabled cyberthieves to steal Bitcoins by making it appear that transactions didn’t occur-a problem exacerbated by Mt Gox’s custom software (many other Bitcoin exchanges use standard, “core” Bitcoin software), which made the bug even easier to exploit because it used an automated system to approve withdrawals. The result is a heist that, even at today’s tumbling Bitcoin values, could be in excess of $390 million, or about 6% of all Bitcoins in circulation. That would make it the largest-ever currency-related cybertheft in history.
Mt Gox has always been an accident waiting to happen. Originally an exchange for trading cards used in the game “Magic: The Gathering” (its name is taken from Magic: The Gathering Online eXchange), the site was converted into a Bitcoin exchange by its founder, Jed McCaleb, who then sold it to Mr Karpeles in 2011. Since then, Mt Gox has been plagued with problems. It has been hacked on a regular basis, has frequently suspended trading and withdrawals, was sued by Bitcoin business-incubator CoinLab, and had some $5 million in assets seized when federal authorities shut down two of its American bank accounts, leaving Mt Gox unable to transfer Bitcoins to America. On February 7th Mt Gox halted all Bitcoin withdrawals, “to obtain a clear technical view of the currency processes”. On Sunday, Mr. Karpeles resigned from the Bitcoin Foundation, the virtual currency’s trade group. Two days later both he and Mt Gox were gone.
Bitcoin enthusiasts, who often seem to operate within a Steve-Jobs-like reality-distortion field, were quick to distance themselves from Mt Gox-forgetting, perhaps, that until recently they had often lauded it as the most “trusted brand” in Bitcoinland. Other exchanges have rushed to assure customers that all is well, conveniently disregarding the fact that many of them, too, have been the target of a massive and clearly well-coordinated distributed denial-of-service (DDoS) cyber-attack in recent weeks-an attack also aimed at the malleability bug.
http://www.economist.com/blogs/schum...bitcoin-s-woes
