The Tech Herald

Compromised system blamed for Bitcoin collapse and data breach

by Steve Ragan - Jun 20 2011, 11:30

Last week, newly discovered Malware was blamed for the theft of an estimated $300,000 USD worth of virtual currency. On Sunday, an account breach at Bitcoin exchange, Mt.Gox, led to the devaluation of the Bitcoin currency, causing it to plunge from $17.5 USD to pennies on the dollar. In addition, a file with over 60,000 accounts from the service was leaked to the Web.

Last week, Bitcoin community member “allinvain” reported that his account had been hijacked. He reported that he had lost $25,000 BTC (Bitcoins), which at market value was estimated to be worth nearly $300,000 USD. When the theft was announced, many speculated that Malware was the cause. Later, this speculation was given credence after Symantec reported on a new Malware family targeting Bitcoin users.

On Sunday, a person who performs audits for Mt.Gox with read-only access to the company database had their own computer compromised. This compromise led to the public leak of the Mt.Gox user database, with more than 60,000 accounts. The leak contained email addresses, as well as hashed passwords.

Based on reports, it is likely that one of these accounts was leveraged in a mass selloff, which caused the value of the Bitcoin on the Mt.Gox exchange to fall from $17.5 BTC to less than a cent in under an hour.

As a result, Mt.Gox will rollback the transactions that took place during the massive selling spree, reversing the value of the Bitcoin to where it was before the bottom collapsed.

In a statement, the person behind Mt.Gox said that he understands the rollback won't be popular with those who purchased Bitcoins at a huge discount, “…but none of those trades were legitimate so Mt.Gox has a legal obligation to reverse the trades.”

The plans were to reverse the transactions and restore the Mt. Gox services on Monday, but the latest information says that the re-launch is planned for 02:00 a.m. GMT on Tuesday.

“When Mt.Gox comes back online, we will be putting all users through a new security measure to authenticate the users. This will be a mix of matching the last IP address that accessed the account, verifying their email address, account name and old password. Users will then be prompted to enter in a new strong password,” a company update noted.

In addition, dealing with the leaked database, the company said that they have been working with Google to ensure any GMail accounts associated with Mt.Gox user accounts are locked and re-verified.

More information is here.

Around the Web

Comment on this Story

comments powered by Disqus


Shelby GT350 Mustang Pictures

We have added a bunch of pictures of the all-new Shelby GT350 Mustang from Ford. The ne...

All-new Shelby GT350 Mustang

Ford have revealed details of the new Shelby GT350 Mustang. First introduced in 1965 the new...

Best Cars To Buy In 2015

Leading vehicle research company Kelley Blue Book has released its list of the best cars to ...

A.C. Milan Take On Audi R8

Five A.C. Milan stars take on an Audi R8 in a game of street soccer in a new ad for Toyo Tir...

Jaguar 2016 F-TYPE R Coupe All-Wheel-Drive

Jaguar has unveiled the 2016 F-TYPE R Coupe, the first to feature all-wheel-drive. The 2016 ...