Mt. Gox, the one-time leading exchange for Bitcoin in the world, has declared bankruptcy after suffering a technical meltdown and hacker attack that robbed its users of 750,000 Bitcoins. The Wall St. Journal estimated the value of the theft at $473 million.
The first signs of trouble at Mt. Gox appeared on Feb. 7 when the site announced that it was experiencing some delays. On Feb. 10, the site blamed a Bitcoin protocol issue known as transaction malleability for enabling attackers to alter transactions.
On Feb. 24, Mt. Gox changed the front page of its site, listing the following message:
“In light of recent news reports and the potential repercussions on MtGox’s operations and the market, a decision was taken to close all transactions for the time being in order to protect the site and our users.”
Two days later, on Feb. 26, Mt. Gox CEO Mark Karpeles posted a short note on the Mt. Gox Website.
“As there is a lot of speculation regarding Mt. Gox and its future, I would like to use this opportunity to reassure everyone that I am still in Japan, and working very hard with the support of different parties to find a solution to our recent issues,” Karpeles wrote.
Apparently there is no solution, and Mt. Gox is now bankrupt after a spectacular failure that will likely only serve to further erode confidence in Bitcoin, if not kill the nascent currency altogether. It’s a crisis of confidence born out of a lack of security.
At the RSA security conference in San Francisco on Feb. 27, I was in a packed session called “How to Hack Bitcoin.” In front of a live audience, Etay Maor, fraud prevention solutions manager at IBM, and Uri Rivner, head of cyber-strategy at BioCatch, demonstrated how to steal Bitcoins in real time.
It wasn’t very hard.
The two researchers asserted that Bitcoin exchanges, which include Mt. Gox as well as numerous others, do not employ basic security controls. By using malware known as Spyeye on a target machine, the researchers were able execute the theft in seconds (from one researcher to the other).
“Bitcoin exchanges are basically sitting ducks,” Rivner said.
The Future of Bitcoin
While the spectacular collapse of Mt. Gox is an epic failure that will have a long-lasting impact on the Bitcoin marketplace, it doesn’t necessarily spell the end of Bitcoin itself.
Napster helped start the whole era of digital music downloads, though the initial model wasn’t right. Napster was illegal, letting users essentially steal music, but the basic idea of having an easy-to-use digital music download service was valid. When Napster collapsed in 2001, some thought it was the end of the digital music business, but it wasn’t—it was just the beginning.
The same is likely true here with Bitcoin. The rise of Mt. Gox in the first place is a testament to the incredible demand for Bitcoin. The failure was not in Bitcoin itself, but rather a lack of maturity and security.
Other entrepreneurs will pick through the rubble of Mt. Gox and learn lessons. Although today is a dark day for all those who lost money and the Bitcoin market has been bruised badly, it is not dead.
Sean Michael Kerner is a senior editor at eWEEK and InternetNews.com. Follow him on Twitter @TechJournalist.