Mt. Gox Halts Trade Over Major Hack

From Quadriga Initiative Cryptocurrency Hacks, Scams, and Frauds Repository
Revision as of 11:39, 4 January 2024 by Azoundria (talk | contribs) (Another 30 minutes complete. About section spread around. Adding timeline. Added information on Karpeles conviction. Adding some sources on transaction malleability.)
Jump to navigation Jump to search

Notice: This page is a new case study and some aspects have not been fully researched. Some sections may be incomplete or reflect inaccuracies present in initial sources. Please check the References at the bottom for further information and perform your own additional assessment. Please feel free to contribute by adding any missing information or sources you come across. If you are new here, please read General Tutorial on Wikis or Anatomy of a Case Study for help getting started.

Notice: This page contains sources which are not attributed to any text. The unattributed sources follow the initial description. Please assist by visiting each source, reviewing the content, and placing that reference next to any text it can be used to support. Feel free to add any information that you come across which isn't present already. Sources which don't contain any relevant information can be removed. Broken links can be replaced with versions from the Internet Archive. See General Tutorial on Wikis, Anatomy of a Case Study, and/or Citing Your Sources Guide for additional information. Thanks for your help!

Mt. Gox

The most famous incident that everyone has heard of. Lack of secure storage for funds, a CEO who had his focus elsewhere, and the hacks apparently went undetected for months. There is still an ongoing bankruptcy. Luckily, at least one of the cold wallets escaped capture and can be used for disbursement. While victims have massive losses in bitcoin terms, due to the time that has passed they will most likely have minimal losses in fiat terms.

This exchange or platform is based in Japan, or the incident targeted people primarily in Japan.[1][2][3][4][5][6][7][8][9][10][11][12][13][14][15][16][17][18]

About Mt. Gox

Mt. Gox launched with a very simple interface[19]. At the time Mt. Gox was established, there were very few other major trading platforms for cryptocurrencies. Mt. Gox was thus able to obtain over 80% of the global trading volume for bitcoin[20].

"Mt.Gox is the world's most established Bitcoin exchange. You can quickly and securely trade bitcoins with other people around the world with your local currency!"

"It allows you to trade US Dollars (USD) for Bitcoins (BTC) or Bitcoins for US Dollars with other Mt Gox users. You set the price you want to buy or sell your BTC for."

"Buy Bitcoins at market rates with your credit card or many other payment methods." "Automate your trading with our Trading API" "Dark pools allow you to trade large quantities without moving the market."

"Fully automated, always available, 24 hours a day, Safe and Easy."

"The only multi-currency Bitcoin trading platform where you can trade with the entire world in your local currency."

Users could trade on Mt. Gox using a wide range of world currencies[20]. Mt. Gox achieved a wide popularity due to the ease with which users could sign up for services there[19].

"Buying and selling Bitcoin doesn't have to be complicated! Get trading in a few simple steps."

"4 Easy Steps:

1. Make an Account.

2. Add some funds.

3. Buy or Sell Bitcoins.

4. Withdraw your converted funds."

Basic features like SSL were provided for account security and 24/7 uptime was advertised as a selling point[20]. The Mt. Gox platform featured a "Norton Secured" seal[20].

"Mt.Gox is protected by Prolexic and certified by VeriSign, which means all communications with our servers are encrypted with SSL technology." "We're always on. Buy and sell Bitcoin 24/7/365 with the world's most sophisticated trading platform."

The Reality

Unfortunately the Mt. Gox platform had a vulnerability which would allow repeated withdrawals of the same bitcoin from the platform.

What Happened

"On February 7th, MtGox halted all BTC withdrawals from the exchange, citing a transaction malleability bug in the core Bitcoin software."

Key Event Timeline - Mt. Gox Halts Trade Over Major Hack
Date Event Description
February 7th, 2014 Exchange Withdrawals Halted Mt. Gox halts all withdrawals from the exchange platform, citing a transaction malleability bug in the bitcoin core software.
February 24th, 2014 Mt. Gox Exchange Shuts Down The Mt. Gox exchange platform completely shuts down and returns a blank page. No trading is possible on the platform after this point. Also at this point, leaks start to surface of 744,408 bitcoin being missing.
February 28th, 2014 Mt. Gox Files For Bankruptcy Mt. Gox files for bankruptcy.
August 2015 Karpeles Arrest Imminent After cooperating with authorities, Karpeles appears poised for an arrest. Karpeles spent 11 months in detention before bail was granted. “I was interrogated for eight hours each day,” Karpeles recalls. “I was asked about the missing bitcoins. I was even asked if I was Satoshi Nakamoto, the creator of Bitcoin. I was asked to sign confessions and statements in Japanese. Sometimes, the prosecutor would have pre-written statements for me in the morning they wanted signed.”
September 2016 US Authorities Get Mt. Gox Database "In September 2016, U.S. authorities received a copy of the Mt. Gox database and used it to track the stolen bitcoins."
July 25th, 2017 Alexander Vinnik Arrested US authorities traced the bulk of the theft to a Russian named Alexander Vinnik, who is subsequently arrested in Greece.
March 15th, 2019 Karpeles Prosecution On March 15th, 2019, Karpeles was found guilty of data manipulation[21]. He is also found innocent of embezzlement and breach of trust charges. The Tokyo District Court sentenced Karpeles to a suspended term of two years and six months, contingent on maintaining a clean record for the next four years.
May 2021 Civil Rehabilitation "In May [2021], the trustee presiding over the Mt. Gox civil rehabilitation case opened the voting on how to partially reimburse victims who lost money to the in hacks dating back nearly a decade."

Technical Details

Transaction Malleability Bug

https://en.wikipedia.org/wiki/Transaction_malleability_problem

https://www.doubloin.com/learn/bitcoin-transaction-malleability

https://www.coindesk.com/markets/2014/02/12/what-the-bitcoin-bug-means-a-guide-to-transaction-malleability/

Total Amount Lost

The total amount lost has been estimated at $300,000,000 USD.

How much was lost and how was it calculated? If there are conflicting reports, which are accurate and where does the discrepancy lie?

Immediate Reactions

"On February 7th, MtGox halted all BTC withdrawals from the exchange, citing a transaction malleability bug in the core Bitcoin software. When withdrawals had still not resumed after 2 weeks, users began to suspect that MtGox may not be able to pay its customers.

On February 24th, Mt. Gox suspended all trading, then went offline completely, returning a blank page. News outlets reported on a leaked “crisis strategy draft” plan, which declared MtGox’s insolvency after losing 744,408 BTC of customer funds (valued at over $2 billion USD at today’s prices) as well as 100,000 of its own bitcoins."



How did the various parties involved (firm, platform, management, and/or affected individual(s)) deal with the events? Were services shut down? Were announcements made? Were groups formed?

Ultimate Outcome

What was the end result? Was any investigation done? Were any individuals prosecuted? Was there a lawsuit? Was any tracing done?

Insolvency Filing

"It didn’t take long for the information to become public, with Mt. Gox eventually filing for bankruptcy on Feb. 28."


"At a news conference, Karpeles claimed the exchange had been hacked. He apologized and promised to recover the missing cryptocurrency. The cybercrimes unit of the Metropolitan Police Department launched an investigation into the matter and Karpeles offered to cooperate with the inquiry."

"Naturally, those following the news have always wondered whether or not Mt. Gox had been hacked in the first place? Given the complexity of the issue, it was always going to be a difficult question to answer."

Investigations Through 2015

"In 2015, agents from the U.S. Treasury Department and Federal Bureau of Investigation, as well as members of Japan’s National Police Agency, met with Karpeles in Tokyo. They asked for Karpeles’ cooperation in an ongoing investigation involving an international hacker suspected of hacking several cryptocurrency exchanges, including Bitcoinica in 2012."

"By August 2015, many assumed the police were going to arrest Karpeles for some reason or another. The special investigation unit that deals mainly with white-collar offenses had taken control of the case, suggesting that the Frenchman would be arrested in order to extract some kind of confession."

"Karpeles, however, didn’t confess. The police subsequently arrested him on two other charges, with none of the indictments having any direct connection to hacking. Karpeles spent 11 months in detention before bail was granted."

“I was interrogated for eight hours each day,” Karpeles recalls. “I was asked about the missing bitcoins. I was even asked if I was Satoshi Nakamoto, the creator of Bitcoin. I was asked to sign confessions and statements in Japanese. Sometimes, the prosecutor would have pre-written statements for me in the morning they wanted signed.”

"Kim Nilsson, a Swedish engineer who had lost 12 bitcoins in the collapse of Mt. Gox, began sharing information with federal authorities in the United States while Karpeles was in detention. They specifically analyzed the block chain, the public ledger of all bitcoin transactions."

Tracing To Alexander Vinnik

"In September 2016, U.S. authorities received a copy of the Mt. Gox database and used it to track the stolen bitcoins."

"Tigran “Blockchain Wizard” Gambaryan, an agent in the Internal Revenue Service who has extensive experience in cryptocurrency crime, led a joint task force that looked into the case."

"The task force concluded that Mt. Gox had been hacked by an outsider who had siphoned off more than 600,000 bitcoins in a period between 2011 and late 2013. It was able to trace the bulk of stolen bitcoins to one individual, a Russian bitcoin exchange operator named Alexander Vinnik."

Alexander Vinnik Arrest

"On July 25, 2017, U.S. authorities had Vinnik detained in Greece. He was indicted on 21 counts of money laundering and several other charges, some relating to Mt. Gox."

"During Karpeles’ trial in the Tokyo District Court, Ogata argued that Karpeles had only been detained because the police had hoped to extract a confession from him. When Ogata tried to enter Vinnik’s indictment into evidence, prosecutors objected, claiming the Russian should be presumed innocent until proven guilty. The fallacy of such an argument was not lost on the panel of judges, who specifically referred to the indictment in their ruling."

"Vinnik is expected to be extradited to France. And so it seems the man behind the Mt. Gox theft may have finally been identified. It’s a shame the domestic investigation into the case failed to add much to the end result."

Karpeles Criminal Prosecution

"On March 15, [2019,] the court found Karpeles guilty of data manipulation and handed out a suspended prison sentence of 2½ years. He was found not guilty on a separate charge of embezzling millions of dollars through customer accounts. It’s perhaps just worth noting that the odds of a partial not guilty verdict in Japan after indictment are less than 1 percent."

"The Nikkei Shimbun noted the indictments had nothing to do with the initial investigation of the hacking. “The Metropolitan Police Department investigation into the missing bitcoins has, in fact, been terminated,” the paper said."

Former Mt. Gox CEO Mark Karpeles has been found guilty of manipulating exchange data in a Tokyo court, but innocent of embezzlement and breach of trust charges. The Tokyo District Court sentenced Karpeles to a suspended term of two years and six months, contingent on maintaining a clean record for the next four years. While prosecutors sought a 10-year sentence for embezzlement, the defense argued that Mt. Gox's collapse was not due to Karpeles' wrongdoing but claimed he worked to prevent it. Karpeles has consistently maintained his innocence and apologized for the impact on those involved[21].

Total Amount Recovered

There do not appear to have been any funds recovered in this case.

What funds were recovered? What funds were reimbursed for those affected users?

Ongoing Developments

What parts of this case are still remaining to be concluded?

Civil Rehabilitation

In 2018, the case was moved to civic rehabilitation, allowing creditors to potentially receive their bitcoin in its original form[21]. "In May [2021], the trustee presiding over the Mt. Gox civil rehabilitation case opened the voting on how to partially reimburse victims who lost money to the in hacks dating back nearly a decade."

"Those who don’t vote are deemed to have voted against the proposal, according to the trustee. A minimum threshold of 50% of votes is required in order for the proposal to pass, so there is a chance the proposal could fail even if the majority of votes actively cast vote in favor of acceptance."

General Prevention Policies

Mt. Gox could have been avoided through smaller hot wallets. Using a multi-sig for cold fund storage and having accountability to ensure all funds are fully backed would also have significantly reduced the damage.

Individual Prevention Policies

No specific policies for individual prevention have yet been identified in this case.

For the full list of how to protect your funds as an individual, check our Prevention Policies for Individuals guide.

Platform Prevention Policies

Policies for platforms to take to prevent this situation have not yet been selected in this case.

For the full list of how to protect your funds as a financial service, check our Prevention Policies for Platforms guide.

Regulatory Prevention Policies

No specific regulatory policies have yet been identified in this case.

For the full list of regulatory policies that can prevent loss, check our Prevention Policies for Regulators guide.

References

  1. Infographic: An Overview of Compromised Bitcoin Exchange Events (Jan 30, 2020)
  2. 100 Crypto Thefts: A Timeline of Hacks, Glitches, Exit Scams, and other Lost Cryptocurrency Incidents (Jan 25, 2020)
  3. List of Major Bitcoin Heists, Thefts, Hacks, Scams, and Losses (Feb 15, 2020)
  4. Lessons Learned from the Biggest Crypto Hacks in History (Feb 26, 2020)
  5. A Look Back on Some of the Most Devastating Crypto Hacks | Fintech Singapore (Feb 27, 2020)
  6. Crypto Exchange Hacks in Review: Proactive Steps and Expert Advice (Mar 2, 2020)
  7. Top 6 Biggest Bitcoin Hacks Ever (Mar 2, 2020)
  8. Bitcoin Scams and Cryptocurrency Hacks List - BitcoinExchangeGuide.com (Mar 5, 2020)
  9. The Rise and Fall of Mt. Gox – Darknet Diaries (Jun 25, 2021)
  10. SlowMist Hacked - SlowMist Zone (Jun 26, 2021)
  11. Mt. Gox Civil Rehabilitation Voting Deadline Ends Friday (Oct 10, 2021)
  12. MtGox.com (Oct 13, 2021)
  13. Mt. Gox Shows Bitcoin's Growing Pains - WSJ (Oct 14, 2021)
  14. Solving the world's largest bitcoin heist | The Japan Times (Oct 14, 2021)
  15. Hackers Allege Mt. Gox Still Controls "Stolen" Bitcoins - Slashdot (Apr 10, 2022)
  16. The One Simple Reason Why Bitcoin Went Down (Again) Over the Weekend (Apr 10, 2022)
  17. Bitcointalk history of MtGox and how a Bitcointalk post caught the MtGox hacker. (Dec 22, 2021)
  18. The Wealth Transfer Just Started | How To Prepare - YouTube (Jul 16, 2022)
  19. 19.0 19.1 Mt Gox - Bitcoin Exchange - February 3rd, 2011 - Internet Archive (Oct 12, 2021)
  20. 20.0 20.1 20.2 20.3 Mt.Gox - Bitcoin Exchange - January 12th, 2012 - Internet Archive (Oct 12, 2021)
  21. 21.0 21.1 21.2 Mt. Gox’s Mark Karpeles Found Guilty Over Data Manipulation in Tokyo Court - CoinDesk (Jan 4, 2024)
Retrieved from "https://quadrigainitiative.com/cryptocurrencyhackscamfraudwiki/index.php?title=Mt._Gox_Halts_Trade_Over_Major_Hack&oldid=5370"