Bitcoin’s Most Serious Challenge Yet

MtGox, the most popular way to convert US dollars to and from Bitcoins, has just been hacked, resulting in an immediate market crash, and the usernames, email addresses, and information that can be used to determine people’s passwords (but not the passwords themselves).

It appears that a hacker gained access to an MtGox account with a very large number of coins was compromized.  The hacker sold these coins, and took advantage of the resultant market crash to buy bitcoins very cheaply.  It is likely that the hacker was able to withdraw thousands of dollars worth of these bitcoins.

This is likely to be a fatal blow to MtGox, who some estimate were making $2m/year in revenue from transaction fees. An exchange relies on people entrusting them with money and bitcoins, and it is hard to see that trust surviving this incident.

MtGox have said that they will roll-back transactions from when the incident began, but it seems unlikely they’ll be able to put the toothpaste back in the tube completely, which may result in a dramatic and lasting drop in value for Bitcoins.

While the security principles behind Bitcoin itself appear to be sound, there have been repeated security issues with the various tools and services around Bitcoin.  For example, the official Bitcoin client does not yet encrypt the user’s wallet, meaning that anyone that can access this file can effectively steal that user’s entire balance in a relatively untraceable way, given simple precautions.

However, this incident is perhaps the most serious.  MtGox is probably the most popular mechanism to both purchase and sell Bitcoins, and its credibility is now in ruins.

It isn’t necessarily the case that this will destroy Bitcoins themselves.  It will, however, demand dramatically better security for the various tools and services that grew up while Bitcoins remained an obscure pursuit of enthusiasts.

The list of accounts and their email addresses and password hashes can be found on Freenet at CHK@nQPmGQwCzInR1hYef3I4SYYfT3yfkBobBu0hiwOOmLw,72t6NbXIUnKDELYdFP8Y6LuAe-A6-0yiwnlKAdkyEN8,AAIC–8/mtgox-accounts.csv.gz (this link will only work if Freenet is installed and running).

4 thoughts on “Bitcoin’s Most Serious Challenge Yet

  1. Pingback: MtGox Hacked: Is It a Bitcoin Problem? « 0.02 BTC

  2. ihope


    On a previously post you have said that “pedofiles wont stop comunicating by other ways if there was no Freenet. But freenet and similars allow these criminals have a “safe home”, found people who like what they like, who do what they do. How easy would it be to a pedofile, murderer, rapists, etc, find a group of people to talk about their crimes on everyday’s life? They could, but it would be much more difficult. In the way they are able to safe use it, the freenet may work as an apology to these crimes.


Leave a Reply

Your email address will not be published.