The Tech Herald

Compromised system blamed for Bitcoin collapse and data breach

by Steve Ragan - Jun 20 2011, 11:30

Last week, newly discovered Malware was blamed for the theft of an estimated $300,000 USD worth of virtual currency. On Sunday, an account breach at Bitcoin exchange, Mt.Gox, led to the devaluation of the Bitcoin currency, causing it to plunge from $17.5 USD to pennies on the dollar. In addition, a file with over 60,000 accounts from the service was leaked to the Web.

Last week, Bitcoin community member “allinvain” reported that his account had been hijacked. He reported that he had lost $25,000 BTC (Bitcoins), which at market value was estimated to be worth nearly $300,000 USD. When the theft was announced, many speculated that Malware was the cause. Later, this speculation was given credence after Symantec reported on a new Malware family targeting Bitcoin users.

On Sunday, a person who performs audits for Mt.Gox with read-only access to the company database had their own computer compromised. This compromise led to the public leak of the Mt.Gox user database, with more than 60,000 accounts. The leak contained email addresses, as well as hashed passwords.

Based on reports, it is likely that one of these accounts was leveraged in a mass selloff, which caused the value of the Bitcoin on the Mt.Gox exchange to fall from $17.5 BTC to less than a cent in under an hour.

As a result, Mt.Gox will rollback the transactions that took place during the massive selling spree, reversing the value of the Bitcoin to where it was before the bottom collapsed.

In a statement, the person behind Mt.Gox said that he understands the rollback won't be popular with those who purchased Bitcoins at a huge discount, “…but none of those trades were legitimate so Mt.Gox has a legal obligation to reverse the trades.”

The plans were to reverse the transactions and restore the Mt. Gox services on Monday, but the latest information says that the re-launch is planned for 02:00 a.m. GMT on Tuesday.

“When Mt.Gox comes back online, we will be putting all users through a new security measure to authenticate the users. This will be a mix of matching the last IP address that accessed the account, verifying their email address, account name and old password. Users will then be prompted to enter in a new strong password,” a company update noted.

In addition, dealing with the leaked database, the company said that they have been working with Google to ensure any GMail accounts associated with Mt.Gox user accounts are locked and re-verified.

More information is here.

Comment on this Story

comments powered by Disqus

From Autosaur.com

Lucky Escape from Out of Control Truck

This man had a lucky escape on a New Jersey Turnpike when he had to stop on the road du...

Concept Car Videos from Detroit Auto Show

As at every big car show manufacturers at the Detroit Auto Show 2015 were keen to give us th...

Concept Car Pictures from Detroit Auto Show

Well we still had a few pics from the in Detroit Auto Show to put up. These are some of...

Nissan #withdad Super Bowl Commercial Teaser

Nissan have revealed the first glimpse of their #withdad Super Bowl commercial set to s...

This Is What A Horror 150-Car Pile-up In Snow Looks Like (VIDEO)

This incredible footage shows the terrifying unfolding of a massive 150-car pile-up tha...