BitCoin : Account hacked, coins dumped = BTC Crash

[ultimatebob]

So... does anyone know why Bitcoins went down to 7 cents on Mt. Gox a few seconds ago, and then went right back up to $15?

This so-called "currency" is screwed up. They really need to fix their trading systems if they want investors to take them seriously.

 

[96redformula]

So... does anyone know why Bitcoins went down to 7 cents on Mt. Gox a few seconds ago, and then went right back up to $15?

This so-called "currency" is screwed up. They really need to fix their trading systems if they want investors to take them seriously.

They just posted on their website that a major acct was hacked and somebody put up all the bitcoins for sale. The acct had $1000 limit/day on trading so that was the resulted loss and the exchange will be down until tomorrow morning where all the current trades will have been reversed.

 

[Double Trouble]

It certainly is an interesting concept, but I suspect like anything new there will be a lot of growing pains and issues to work out. The system needs to be hardened by years of attack by hackers, scammers and fraudsters before I'll wade in.

 

[NoStateofMind]

The bitcoin will be back to around 17.5$/BTC after we rollback all trades that have happened after the huge Bitcoin sale that happened on June 20th near 3:00am (JST).

Service should be back by June 20th 11:00am (JST, 02:00am GMT) with all the trades reversed and accounts available.

One account with a lot of coins was compromised and whoever stole it (using a HK based IP to login) first sold all the coins in there, to buy those again just after, and then tried to withdraw the coins. The $1000/day withdraw limit was active for this account and the hacker could only get out with $1000 worth of coins.

Apart from this no account was compromised, and nothing was lost. Due to the large impact this had on the Bitcoin market, we will rollback every trade which happened since the big sale, and ensure this account is secure before opening access again.

UPDATE REGARDING LEAKED ACCOUNT INFORMATIONS

We will address this issue too and prevent logins from each users. Leaked information includes username, email and hashed password, which does not allow anyone to get to the actual password, should it be complex enough. If you used a simple password you will not be able to login on Mt.Gox until you change your password to something more secure. If you used the same password on different places, it is recommended to change it as soon as possible.

They need to start implementing better security measures so things like this do not happen.

 

[OVerLoRDI]

This will probably destroy confidence in the market in a very bad way. This does not bode well for many new miners thinking they were going to join the fray.

 

[JSt0rm]

This will probably destroy confidence in the market in a very bad way. This does not bode well for many new miners thinking they were going to join the fray.

doest that just mean more coins for you? You should be happy

 

[OVerLoRDI]

doest that just mean more coins for you? You should be happy

Not if they aren't worth anything :/

 

[CLite]

This confuses me greatly. If a bank is robbed and a few million dollars is stolen it doesn't crash the dollar market, hell Madoff stole billions and it didn't directly affect the dollar. How does a theft of $1,000 worth of bitcoin cause a market crash?

I think this is more due to panic-prone owners of the currency then the actual theft. The fact that rollbacks occurred after a $1,000 theft should signal the death knell for this joke of a currency. If the panic was allowed to take it's natural course then the people who sold low would have been screwed and the investors in the currency would have been rewarded.

 

[NoStateofMind]

This confuses me greatly. If a bank is robbed and a few million dollars is stolen it doesn't crash the dollar market, hell Madoff stole billions and it didn't directly affect the dollar. How does a theft of $1,000 worth of bitcoin cause a market crash?

I think this is more due to panic-prone owners of the currency then the actual theft. The fact that rollbacks occurred after a $1,000 theft should signal the death knell for this joke of a currency. If the panic was allowed to take it's natural course then the people who sold low would have been screwed and the investors in the currency would have been rewarded.

Do you understand what a free market is?

 

[cubby1223]

This confuses me greatly.

Yes. Yes it does confuse you. Doesn't confuse me. Everything behaved as I would have expected it to.

 

[Codewiz]

This confuses me greatly. If a bank is robbed and a few million dollars is stolen it doesn't crash the dollar market, hell Madoff stole billions and it didn't directly affect the dollar. How does a theft of $1,000 worth of bitcoin cause a market crash?

I think this is more due to panic-prone owners of the currency then the actual theft. The fact that rollbacks occurred after a $1,000 theft should signal the death knell for this joke of a currency. If the panic was allowed to take it's natural course then the people who sold low would have been screwed and the investors in the currency would have been rewarded.

Think of it this way. If a MAJOR stock owner of Apple decided to sell all his stock all at once suddenly, what do you think would happen to the Apple stock?

Don't look at $1000. I think from a trading perspective, the hacker tried to dump 275,000 bitcoins at once. That is about 5% of ALL bitcoins that currently exist. 5% of the currency was dumped on the market all at once.

What do you expect to happen in a free market when something like that happens? Hell, every major market has triggers that shut it down if something drastic happens. NYSE, NASDAQ, they all shutdown if something completely unusual happens.

 

[JSt0rm]

Think of it this way. If a MAJOR stock owner of Apple decided to sell all his stock all at once suddenly, what do you think would happen to the Apple stock?

Don't look at $1000. I think from a trading perspective, the hacker tried to dump 275,000 bitcoins at once. That is about 5% of ALL bitcoins that currently exist. 5% of the currency was dumped on the market all at once.

What do you expect to happen in a free market when something like that happens? Hell, every major market has triggers that shut it down if something drastic happens. NYSE, NASDAQ, they all shutdown if something completely unusual happens.

The problem is that we arent talking about a major stock holder of apple. We are talking about this guy

Crazy shit can and will happen

 

[NoStateofMind]

Crazy shit can and will happen

Which is why you should always be extra nice to that guy.

 

[Doppel]

They just posted on their website that a major acct was hacked and somebody put up all the bitcoins for sale. The acct had $1000 limit/day on trading so that was the resulted loss and the exchange will be down until tomorrow morning where all the current trades will have been reversed.

Lol, but some people still think this could actually be trusted as a currency?

What do you expect to happen in a free market when something like that happens?

Drop. But did it really go from $15 down to $.07? That is not a drop it's a critical crash.

 

[ultimatebob]

They need to start implementing better security measures so things like this do not happen.

My hunch is that this won't be the last time a major bitcoin processing site will be hacked. Once the sites that exchange bitcoins for real money get their act together, the hackers will just start on the "mining guild" sites instead.

And if that doesn't work, they'll just make their own bitcoins by installing the mining software on the botnet systems that they control, further diluting the market.

 

[nonlnear]

Lol, but some people still think this could actually be trusted as a currency?

The fact that it's vulnerable to direct theft is an integral part of its appeal: anonymity and untraceability. Bitcoins aren't seeking to replace cash, but to provide a proxy for it in niche markets.

Drop. But did it really go from $15 down to $.07? That is not a drop it's a critical crash.

Not necessarily if it's a thin market. In a thin market that could just be a couple underpriced laundering transactions influencing the reported market price. (Not saying that's the case here, but it's a possibility if all you have is the market price movement and volume is thin.)

 

[Acanthus]

They need to start implementing better security measures so things like this do not happen.

New post by MTGox as of 2 GST:

It appears that someone who performs audits on our system and had read-only access to our database had their computer compromised. This allowed for someone to pull our database. The site was not compromised with a SQL injection as many are reporting, so in effect the site was not hacked.

Two months ago we migrated from MD5 hashing to freeBSD MD5 salted hashing. The unsalted user accounts in the wild are ones that haven't been accessed in over 2 months and are considered idle. Once we are back up we will have implemented SHA-512 multi-iteration salted hashing and all users will be required to update to a new strong password.

We have been working with Google to ensure any gmail accounts associated with Mt.Gox user accounts have been locked and need to be reverified.

Mt.Gox will continue to be offline as we continue our investigation, at this time we are pushing it to 8:00am GMT.

When Mt.Gox comes back online, we will be putting all users through a new security measure to authenticate the users. This will be a mix of matching the last IP address that accessed the account, verifying their email address, account name and old password. Users will then be prompted to enter in a new strong password.

Once Mt.Gox is back online, trades 218869~222470 will be reverted.

 

[Doppel]

New post by MTGox as of 2 GST:

It appears that someone who performs audits on our system and had read-only access to our database had their computer compromised. This allowed for someone to pull our database. The site was not compromised with a SQL injection as many are reporting, so in effect the site was not hacked.

Two months ago we migrated from MD5 hashing to freeBSD MD5 salted hashing. The unsalted user accounts in the wild are ones that haven't been accessed in over 2 months and are considered idle. Once we are back up we will have implemented SHA-512 multi-iteration salted hashing and all users will be required to update to a new strong password.

We have been working with Google to ensure any gmail accounts associated with Mt.Gox user accounts have been locked and need to be reverified.

Mt.Gox will continue to be offline as we continue our investigation, at this time we are pushing it to 8:00am GMT.

When Mt.Gox comes back online, we will be putting all users through a new security measure to authenticate the users. This will be a mix of matching the last IP address that accessed the account, verifying their email address, account name and old password. Users will then be prompted to enter in a new strong password.

Once Mt.Gox is back online, trades 218869~222470 will be reverted.

So some accounts had passwords stored in plain text. lol

 

[IceBergSLiM]

My hunch is that this won't be the last time a major bitcoin processing site will be hacked. Once the sites that exchange bitcoins for real money get their act together, the hackers will just start on the "mining guild" sites instead.

And if that doesn't work, they'll just make their own bitcoins by installing the mining software on the botnet systems that they control, further diluting the market.

Thats not how it works. If 50 billion people/bots start mining today the difficulty will just increase in response. The Max coins will be reached at a specific time.(few/several years from now) Its already been pre-determined.

 

[Genx87]

USD is made out of unbacked paper printed by a private corporation who doesn't have to explain to anybody what they do with 9 TRILLION dollars whenever they give away or mis place such a huge sum of money.

As far as I'm concerned, we're all using monopoly money and bitcoin is as viable as any fiat currency in existence.

The US dollar is backed by the assets of the nation + our military. In ultimate meltdown mode we will be Greece mode. Selling assets, which we have a lot of at this time. More than any other nation. When it comes to melt down time for bitcoin. With what tangible asset will bitcoin be backed?

 

[NoStateofMind]

The US dollar is backed by the assets of the nation + our military. In ultimate meltdown mode we will be Greece mode. Selling assets, which we have a lot of at this time. More than any other nation. When it comes to melt down time for bitcoin. With what tangible asset will bitcoin be backed?

1st point: You're right but its also backed by the taxpayer who under government authority could be taken by gunpoint and imprisoned. BitCoin? Not so much.

2nd point: Absolutely nothing. Only the faith of the prospective buyer. If they don't sell there is no value. Absolute free market.

 

[Acanthus]

Looks like this wont happen again: MTGox.

[Update - 6:30 GMT] Still here. Still working hard to get things online.

* SHA-512 multi-iteration salted hashing is in enabled and ready for when we get users reactivating their accounts
* We are going to push our relaunch time to 2:00am GMT tomorrow so we have time to launch a our new backend and withdraw passwords.

Thanks to everyone sending the supportive emails and our extremely patient users.

 

[silverpig]

So some accounts had passwords stored in plain text. lol

Where does it say that? They had at least MD5 hashing which should be fine if all users have good strong passwords. If you use "password" though, the rainbow table will make it easy to find, but it's still not quite plain text.

 

[nobodyknows]

It's an open question as to whether or not Bitcoin is tenable. That's why there is speculation.

Maybe to you it's an open question, but I like currency they I can spend anywhere and that is backed by a goverment.

 

[YoungGun21]

The whole point of all of this is that it ISN'T backed by a government to screw things up. No regulation at all. No overseeing authority. Just Bitcoins and their users. This whole MtGox being hacked thing really has nothing to do with BTC, but the people that don't understand this well aren't getting that. An exchange was hacked and money was stolen, that has nothing to do with the actual process of BTC mining or the currency in itself.

If the CME got hacked and millions of USD and EUR were stolen, would you fault the currency? I think not.