Mt. Gox User champbronc2 Hacked: Difference between revisions
No edit summary |
(Another 30 minutes complete. Complete about section and all sources integrated. Started blockchain analysis of all transactions involved.) |
||
| (One intermediate revision by the same user not shown) | |||
| Line 1: | Line 1: | ||
{{Imported Case Study|source=https://www.quadrigainitiative.com/casestudy/mtgoxuserchampbronc2hacked.php}} | {{Imported Case Study 2|source=https://www.quadrigainitiative.com/casestudy/mtgoxuserchampbronc2hacked.php}}[[File:Mtgox.jpg|thumb|Mt. Gox and Mark Karpeles]]In July 2013, a Mt. Gox user had their account hacked and lost roughly 20 BTC. Despite having the receiving wallet address and an IP address in China, there does not appear to have been any recovery possible. | ||
[[ | == About Mt. Gox == | ||
Mt. Gox launched with a very simple interface<ref name="mtgoxarchive1-4126">[https://web.archive.org/web/20110203031942/http://mtgox.com/ Mt Gox - Bitcoin Exchange - February 3rd, 2011 - Internet Archive] (Oct 12, 2021)</ref>. At the time Mt. Gox was established, there were very few other major trading platforms for cryptocurrencies. Mt. Gox was thus able to obtain over 80% of the global trading volume for bitcoin<ref name="mtgoxarchive2-4127">[https://web.archive.org/web/20120112024603/https://mtgox.com/ Mt.Gox - Bitcoin Exchange - January 12th, 2012 - Internet Archive] (Oct 12, 2021)</ref>.<blockquote>"Mt.Gox is the world's most established Bitcoin exchange. You can quickly and securely trade bitcoins with other people around the world with your local currency!" | |||
"It allows you to trade US Dollars (USD) for Bitcoins (BTC) or Bitcoins for US Dollars with other Mt Gox users. You set the price you want to buy or sell your BTC for." | |||
"Buy Bitcoins at market rates with your credit card or many other payment methods." "Automate your trading with our Trading API" "Dark pools allow you to trade large quantities without moving the market." | |||
" | |||
" | "Fully automated, always available, 24 hours a day, Safe and Easy." | ||
" | "The only multi-currency Bitcoin trading platform where you can trade with the entire world in your local currency."</blockquote>Users could trade on Mt. Gox using a wide range of world currencies<ref name="mtgoxarchive2-4127" />. Mt. Gox achieved a wide popularity due to the ease with which users could sign up for services there<ref name="mtgoxarchive1-4126" />.<blockquote>"Buying and selling Bitcoin doesn't have to be complicated! Get trading in a few simple steps." | ||
" | "4 Easy Steps: | ||
1. Make an Account. | |||
2. Add some funds. | |||
3. Buy or Sell Bitcoins. | |||
4. Withdraw your converted funds."</blockquote>Basic features like SSL were provided for account security and 24/7 uptime was advertised as a selling point<ref name="mtgoxarchive2-4127" />. The Mt. Gox platform featured a "Norton Secured" seal<ref name="mtgoxarchive2-4127" />.<blockquote>"Mt.Gox is protected by Prolexic and certified by VeriSign, which means all communications with our servers are encrypted with SSL technology." "We're always on. Buy and sell Bitcoin 24/7/365 with the world's most sophisticated trading platform." </blockquote> | |||
== About champbronc2 == | |||
champbronc2 was a BitcoinTalk user<ref name="bitcointalk-7533" />. They contributed a total of 490 posts during their time participating in BitcoinTalk<ref name="bitcointalk-7533" />. reportedly managed a service called bitquick.co for buying or selling bitcoins<ref name="bitcointalk-7533" />. | |||
== The Reality == | == The Reality == | ||
In addition to the potential for a platform to be breached or insolvent, users have to be aware that improperly secured accounts can allow for the permanent theft of bitcoins in their account. Steps must be taken to secure all methods of access to the account including strong and unique passwords, and properly securing any methods which can be used to recover the account. Many users have poor security habits including reusing passwords between sites, getting tricked into revealing their password to a phishing website, and using weak passwords. | |||
== What Happened == | == What Happened == | ||
A BitcoinTalk user named champbronc2 reported that their funds were taken from their Mt. Gox account. | |||
{| class="wikitable" | {| class="wikitable" | ||
|+Key Event Timeline - Mt. Gox User champbronc2 Hacked | |+Key Event Timeline - Mt. Gox User champbronc2 Hacked | ||
| Line 51: | Line 36: | ||
!Description | !Description | ||
|- | |- | ||
| | |September 8th, 2011 1:16:07 AM MDT | ||
| | |Account Registered | ||
| | |The champbronc2 account is registered on BitcoinTalk<ref name="bitcointalk-7533" />. | ||
|- | |- | ||
| | |July 12th, 2013 12:17:34 AM MDT | ||
| | |Withdrawal Transactions | ||
| | |In a series of two theft transactions within the same bitcoin block, a total of 20.88 BTC are withdrawn from Mt. Gox to the reported theft account<ref name="blockchain-7470" /><ref>[https://www.blockchain.com/explorer/transactions/btc/86fe49023afa8470a25ef0646ba0952ee7b5c9ac59046f1c40f38bec5f4bd018 Theft Transaction of 10.88 BTC - Blockchain Explorer] (Jan 3, 2024)</ref><ref>[https://www.blockchain.com/explorer/transactions/btc/9f58ae99c9104a8f4ad35f67ce1347c9c5b7976b008a0412e8283e1009f35a4f Theft Transaction of 10 BTC - Blockchain Explorer] (Jan 3, 2024)</ref>. | ||
|- | |||
|July 12th, 2013 12:24:06 AM MDT | |||
|Smaller Withdrawal | |||
|Another transaction happens which appears to add 0.17508554 BTC to the thief's wallet. It is unknown if this transaction is also a withdrawal<ref name="blockchain-7470" /><ref>[https://www.blockchain.com/explorer/transactions/btc/e4adade11b82e44cf7e7099251591684d233e16fcc7ff9c7e5e21c70f0d9bf7e Potential Theft Transaction of 0.17508554 BTC - Blockchain Explorer] (Jan 3, 2024)</ref>. | |||
|- | |||
|July 12th, 2013 2:56:32 AM MDT | |||
|Thief Moving Funds | |||
|Funds start to move out of the thief's wallet, first 0.17508554 BTC<ref>[https://www.blockchain.com/explorer/transactions/btc/ac082145fb2d92dd6399e2a156e0c0a31f257891699a7b48ab98ce387a00d38a Transfer of 0.17508554 BTC From Thief's Wallet - Blockchain Explorer] (Jan 3, 2024)</ref>. | |||
|- | |||
|July 12th, 2013 5:18:30 AM MDT | |||
|Thief Moving Funds | |||
|More funds move from the thief's wallet, with 10 BTC more<ref>[https://www.blockchain.com/explorer/transactions/btc/9f58ae99c9104a8f4ad35f67ce1347c9c5b7976b008a0412e8283e1009f35a4f Transaction Moving 10BTC from Thief's Wallet - Blockchain Explorer] (Jan 3, 2024)</ref>. | |||
|- | |||
|July 12th, 2013 6:28:32 AM MDT | |||
|BitcoinTalk Post | |||
|champbronc2 posts on BitcoinTalk about the theft they experienced<ref name="bitcointalk-7469" />. | |||
|- | |||
|July 12th, 2013 12:05:27 PM MDT | |||
|Thief Moving Funds | |||
|The final movement of funds to remove the remaining 10.88BTC, which is split between two wallets<ref>[https://www.blockchain.com/explorer/transactions/btc/7a31f304d8ad5d724a9a64c192aae742b6bf11595f01ffcff85da31d8787ea35 Final Movement of Remaining 10.88BTC Funds - Blockchain Explorer] (Jan 3, 2024)</ref>. | |||
|- | |||
|May 30th, 2018 1:18:26 PM MDT | |||
|Last Account Activity | |||
|The last time the champbronc2 account was active on BitcoinTalk<ref name="bitcointalk-7533" />. | |||
|} | |} | ||
== Technical Details == | |||
Blockchain Address: 1Krope32k1ZL483sv9EpwUcuW11CMY9GJt<ref name="blockchain-7470" /> | |||
== Total Amount Lost == | == Total Amount Lost == | ||
A total of 20.88 BTC were reported stolen<ref name="bitcointalk-7469" />, however the theft wallet received a total of 21.05508554 BTC<ref name="blockchain-7470" />. | |||
The total amount lost has been estimated at $2,000 USD. | The total amount lost has been estimated at $2,000 USD. | ||
<ref name="investingdotcom-7203" /> | |||
== Immediate Reactions == | == Immediate Reactions == | ||
The user posted requesting help online. | |||
"Somehow my Mt. Gox account got hacked into." | |||
"They withdrew 10 BTC and then 10.88 BTC via IP 180.124.44.20 (China)" | |||
"Is there anything I can do??" | |||
Users were insistent that there was nothing which could be done to assist the user. | |||
"[Y]ou should know how btc works, right? there's nothing you can do, I'm sorry." | |||
== Ultimate Outcome == | == Ultimate Outcome == | ||
| Line 78: | Line 102: | ||
== Ongoing Developments == | == Ongoing Developments == | ||
What parts of this case are still remaining to be concluded? | What parts of this case are still remaining to be concluded? | ||
== General Prevention Policies == | |||
The most common threat to accounts is password reuse, or entering the password in a phishing website. Be sure to set unique and secure passwords. | |||
== Individual Prevention Policies == | |||
{{Prevention:Individuals:Placeholder}} | |||
== Prevention Policies == | {{Prevention:Individuals:End}} | ||
== Platform Prevention Policies == | |||
{{Prevention:Platforms:Placeholder}} | |||
{{Prevention:Platforms:End}} | |||
== Regulatory Prevention Policies == | |||
{{Prevention:Regulators:Placeholder}} | |||
{{Prevention:Regulators:End}} | |||
<ref name="bitcointalk-7533">[https://bitcointalk.org/index.php?action=profile;u=41396 View the profile of champbronc2] (Apr 29, 2022)</ref></references> | == References == | ||
<references> | |||
<ref name="bitcointalk-7469">[https://bitcointalk.org/index.php?topic=254920.0 Mt. Gox account hacked, 21.88 BTC stolen :( Have IP and BTC address.. - BitcoinTalk] (Mar 19, 2022)</ref> | |||
<ref name="blockchain-7470">[https://blockchain.info/address/1Krope32k1ZL483sv9EpwUcuW11CMY9GJt Reported Theft Wallet Address - Blockchain Explorer] (Mar 26, 2022)</ref> | |||
<ref name="investingdotcom-7203">[https://ca.investing.com/crypto/bitcoin/historical-data Bitcoin Historical Price Data - Investing.com] (Mar 15, 2022)</ref> | |||
<ref name="bitcointalk-7533">[https://bitcointalk.org/index.php?action=profile;u=41396 View the profile of champbronc2 - BitcoinTalk] (Apr 29, 2022)</ref> | |||
</references> | |||
Latest revision as of 14:55, 3 January 2024
Notice: This page is a freshly imported case study from the original repository. The original content was in a different format, and may not have relevant information for all sections. Please help restructure the content by moving information from the 'About' and 'General Prevention' sections to other sections, and add any missing information or sources you can find. If you are new here, please read General Tutorial on Wikis or Anatomy of a Case Study for help getting started.
In July 2013, a Mt. Gox user had their account hacked and lost roughly 20 BTC. Despite having the receiving wallet address and an IP address in China, there does not appear to have been any recovery possible.
About Mt. Gox
Mt. Gox launched with a very simple interface[1]. At the time Mt. Gox was established, there were very few other major trading platforms for cryptocurrencies. Mt. Gox was thus able to obtain over 80% of the global trading volume for bitcoin[2].
"Mt.Gox is the world's most established Bitcoin exchange. You can quickly and securely trade bitcoins with other people around the world with your local currency!"
"It allows you to trade US Dollars (USD) for Bitcoins (BTC) or Bitcoins for US Dollars with other Mt Gox users. You set the price you want to buy or sell your BTC for."
"Buy Bitcoins at market rates with your credit card or many other payment methods." "Automate your trading with our Trading API" "Dark pools allow you to trade large quantities without moving the market."
"Fully automated, always available, 24 hours a day, Safe and Easy."
"The only multi-currency Bitcoin trading platform where you can trade with the entire world in your local currency."
Users could trade on Mt. Gox using a wide range of world currencies[2]. Mt. Gox achieved a wide popularity due to the ease with which users could sign up for services there[1].
"Buying and selling Bitcoin doesn't have to be complicated! Get trading in a few simple steps."
"4 Easy Steps:
1. Make an Account.
2. Add some funds.
3. Buy or Sell Bitcoins.
4. Withdraw your converted funds."
Basic features like SSL were provided for account security and 24/7 uptime was advertised as a selling point[2]. The Mt. Gox platform featured a "Norton Secured" seal[2].
"Mt.Gox is protected by Prolexic and certified by VeriSign, which means all communications with our servers are encrypted with SSL technology." "We're always on. Buy and sell Bitcoin 24/7/365 with the world's most sophisticated trading platform."
About champbronc2
champbronc2 was a BitcoinTalk user[3]. They contributed a total of 490 posts during their time participating in BitcoinTalk[3]. reportedly managed a service called bitquick.co for buying or selling bitcoins[3].
The Reality
In addition to the potential for a platform to be breached or insolvent, users have to be aware that improperly secured accounts can allow for the permanent theft of bitcoins in their account. Steps must be taken to secure all methods of access to the account including strong and unique passwords, and properly securing any methods which can be used to recover the account. Many users have poor security habits including reusing passwords between sites, getting tricked into revealing their password to a phishing website, and using weak passwords.
What Happened
A BitcoinTalk user named champbronc2 reported that their funds were taken from their Mt. Gox account.
| Date | Event | Description |
|---|---|---|
| September 8th, 2011 1:16:07 AM MDT | Account Registered | The champbronc2 account is registered on BitcoinTalk[3]. |
| July 12th, 2013 12:17:34 AM MDT | Withdrawal Transactions | In a series of two theft transactions within the same bitcoin block, a total of 20.88 BTC are withdrawn from Mt. Gox to the reported theft account[4][5][6]. |
| July 12th, 2013 12:24:06 AM MDT | Smaller Withdrawal | Another transaction happens which appears to add 0.17508554 BTC to the thief's wallet. It is unknown if this transaction is also a withdrawal[4][7]. |
| July 12th, 2013 2:56:32 AM MDT | Thief Moving Funds | Funds start to move out of the thief's wallet, first 0.17508554 BTC[8]. |
| July 12th, 2013 5:18:30 AM MDT | Thief Moving Funds | More funds move from the thief's wallet, with 10 BTC more[9]. |
| July 12th, 2013 6:28:32 AM MDT | BitcoinTalk Post | champbronc2 posts on BitcoinTalk about the theft they experienced[10]. |
| July 12th, 2013 12:05:27 PM MDT | Thief Moving Funds | The final movement of funds to remove the remaining 10.88BTC, which is split between two wallets[11]. |
| May 30th, 2018 1:18:26 PM MDT | Last Account Activity | The last time the champbronc2 account was active on BitcoinTalk[3]. |
Technical Details
Blockchain Address: 1Krope32k1ZL483sv9EpwUcuW11CMY9GJt[4]
Total Amount Lost
A total of 20.88 BTC were reported stolen[10], however the theft wallet received a total of 21.05508554 BTC[4].
The total amount lost has been estimated at $2,000 USD.
Immediate Reactions
The user posted requesting help online.
"Somehow my Mt. Gox account got hacked into."
"They withdrew 10 BTC and then 10.88 BTC via IP 180.124.44.20 (China)"
"Is there anything I can do??"
Users were insistent that there was nothing which could be done to assist the user.
"[Y]ou should know how btc works, right? there's nothing you can do, I'm sorry."
Ultimate Outcome
What was the end result? Was any investigation done? Were any individuals prosecuted? Was there a lawsuit? Was any tracing done?
Total Amount Recovered
There do not appear to have been any funds recovered in this case.
What funds were recovered? What funds were reimbursed for those affected users?
Ongoing Developments
What parts of this case are still remaining to be concluded?
General Prevention Policies
The most common threat to accounts is password reuse, or entering the password in a phishing website. Be sure to set unique and secure passwords.
Individual Prevention Policies
No specific policies for individual prevention have yet been identified in this case.
For the full list of how to protect your funds as an individual, check our Prevention Policies for Individuals guide.
Platform Prevention Policies
Policies for platforms to take to prevent this situation have not yet been selected in this case.
For the full list of how to protect your funds as a financial service, check our Prevention Policies for Platforms guide.
Regulatory Prevention Policies
No specific regulatory policies have yet been identified in this case.
For the full list of regulatory policies that can prevent loss, check our Prevention Policies for Regulators guide.
References
- ↑ 1.0 1.1 Mt Gox - Bitcoin Exchange - February 3rd, 2011 - Internet Archive (Oct 12, 2021)
- ↑ 2.0 2.1 2.2 2.3 Mt.Gox - Bitcoin Exchange - January 12th, 2012 - Internet Archive (Oct 12, 2021)
- ↑ 3.0 3.1 3.2 3.3 3.4 View the profile of champbronc2 - BitcoinTalk (Apr 29, 2022)
- ↑ 4.0 4.1 4.2 4.3 Reported Theft Wallet Address - Blockchain Explorer (Mar 26, 2022)
- ↑ Theft Transaction of 10.88 BTC - Blockchain Explorer (Jan 3, 2024)
- ↑ Theft Transaction of 10 BTC - Blockchain Explorer (Jan 3, 2024)
- ↑ Potential Theft Transaction of 0.17508554 BTC - Blockchain Explorer (Jan 3, 2024)
- ↑ Transfer of 0.17508554 BTC From Thief's Wallet - Blockchain Explorer (Jan 3, 2024)
- ↑ Transaction Moving 10BTC from Thief's Wallet - Blockchain Explorer (Jan 3, 2024)
- ↑ 10.0 10.1 Mt. Gox account hacked, 21.88 BTC stolen :( Have IP and BTC address.. - BitcoinTalk (Mar 19, 2022)
- ↑ Final Movement of Remaining 10.88BTC Funds - Blockchain Explorer (Jan 3, 2024)
- ↑ Bitcoin Historical Price Data - Investing.com (Mar 15, 2022)