Mt. Gox Chief Stole 100,000 Bitcoins, Hackers Claim

Cryptocurrency aficionados ire stoked by leaked accounts showing 100,000 bitcoins remain missing.

Hackers seized control of the personal blog of Mark Karpeles, CEO of the bankrupt Mt. Gox Bitcoin exchange, on Sunday and posted a message accusing him of stealing 100,000 bitcoins (BTC).
Its time that MTGOX got the bitcoin communities wrath instead of [the] Bitcoin Community getting Goxed, read the message, which hackers posted both to Karpeless magicaltux.net site as well as to his Reddit page. This release would have been sooner, but in [the] spirit of responsible disclosure and making sure all of [our] ducks were in a row, it took a few days longer than [we] would have liked to verify the data.
The data in question referred to a dump -- a.k.a. dox -- in the form of a 716-MB zip file, which hackers distributed via Karpeless site, and which purportedly contained evidence of fraud. Included in this download you will find relevant database dumps, CSV exports, specialized tools, and some highlighted summaries compiled from data. Keeping in line with [expletive] Gox alone, no user database dumps have been included. The zip file also includes an
Excel spreadsheet listing about a million Mt. Gox trades
, a screenshot of hackers access to the systems of Mt. Goxs parent company, Tibanne Limited, a listing of Mark Karpeless home addresses, as well as his CV, Forbes reported.
[Mt. Gox is not the only Bitcoin exchange with problems. See
Bitcoin Heists Cause More Trouble
.]
Also included -- and excerpted in a
post to Pastebin
-- were the exchanges alleged balances, in 18 different currencies, including a bitcoin balance of 951,116 BTC. Whoever hacked Karpeless site cited that number as evidence that the Mt. Gox chief lied about the site going bankrupt, since hed said that attackers appeared to have
stolen 850,000 bitcoins
. In other words, there appeared to be a discrepancy involving 100,000 BTC, which would have been worth about $62.4 million.
Some Bitcoin followers read that discrepancy as evidence that Karpeles still controlled a horde of bitcoins, no matter whether hackers had stolen the rest. Or in the words of one Reddit commenter: Weve been goxed!
But other Bitcoin watchers said that the leaked data, while likely legitimate, didnt prove anything about the actual state of either Mt. Goxs coffers -- to say nothing of its accounting prowess. Its legit data, but its
not proof of anything
, said PuffyHerb on Reddit. This is Mt. Goxs internal accounting. If there are problems with this, then it lines up with what theyve been [saying] all along (i.e. they didnt know BTC was being siphoned off).
While Karpeles appears to have blanked out his personal site after hackers began using it to distribute their dox, supposed copies of the data dump have been mirrored to other download sites and are also circulating via BitTorrent.
One caution for anyone who wants to analyze the leaked information: In a discussion on Bitcoin Forum, multiple people said that the text files in the download are interesting and safe, but warned that
executable files in the zip archive contain malware
, and thus should only be analyzed using a virtual machine (VM). One of the .exe files contains the wallet.dat stealer, said oyvinds in a comment. Only run the .exe files in a throw-away VM if you are curious or on your normal Windows installation if you have too many Bitcoins and want to get rid of them. He noted that a PDF document included in the dump also included evil JavaScript, suggesting that it was designed to steal bitcoins.
As the hackers accusations suggest, many Bitcoin aficionados are fuming over Mt. Goxs meltdown, and dont mind taking revenge at the expense of other Mt. Gox -- or Bitcoin -- users. On a related note, as Forbes first reported, a Bitcoin Forum user called nanashi___ on Friday
posted a message
offering to sell a 20-GB file of user information -- including passport scans -- allegedly stolen from Mt. Gox, for 100 bitcoins (about $62,000) to cover losses he incurred from the exchanges failure. Selling it one or two times to make up personal loses from gox closure, according to the post, which has since been deleted by the forums administrators. Asking 100BTC for entire document. Willing to sell it in pieces, 10BTC for 2gb of data.
Revenge aside, fresh evidence that Mt. Goxs bitcoins were stolen by outside attackers surfaced Sunday, when The Japan News reported -- referencing multiple, unnamed sources -- that the exchange was being
hammered by distributed denial-of-service (DDoS) attacks
, peaking at 150,000 system access attempts per second. The attacks, which reportedly originated from systems in the United States and Europe, began on February 7, and apparently occurred at the same time as hackers were draining the companys bitcoin balance via
transaction malleability attacks
.
On February 10, Mt. Gox suspended all bitcoin withdrawals, before filing for bankruptcy protection on February 28.
While its not clear whether Mt. Goxs bitcoin thieves also launched the DDoS attacks, criminals have regularly
employed DDoS smokescreens
to steal bitcoins. In November, for example, the Denmark-based Bitcoin Internet Payment System (BIPS) was hit by a DDoS attack at the same time that attackers hacked into the companys free online wallets and stole 1,295 bitcoins, worth nearly $1 million. According to Kris Henriksen, CEO of the Bitcoin payment processor, the attacks against his site appeared to emanate from Russia and neighboring countries.
Cybercriminals wielding APTs have plenty of innovative techniques to evade network and endpoint defenses. Its scary stuff, and ignorance is definitely not bliss. How to fight back? Think security thats distributed, stratified, and adaptive. Read our
Advanced Attacks Demand New Defenses
report today. (Free registration required.)

Last News
▸ ArcSight prepares for future at user conference post HP acquisition. ◂ Discovered: 07/01/2025 Category: security	▸ Samsung Epic 4G: First To Use Media Hub ◂ Discovered: 07/01/2025 Category: security	▸ Many third-party software fails security tests ◂ Discovered: 07/01/2025 Category: security

**Cyber Security Categories**
Google Dorks Database	Exploits Vulnerability	Exploit Shellcodes

CVE List

Tools/Apps

News/Aarticles

Phishing Database

Deepfake Detection

Trends/Statistics & Live Infos

Tags:
Mt. Gox Chief Stole 100,000 Bitcoins, Hackers Claim